Update to 5.10.42

Add CVE id references for FragAttacks CVEs

Cleanup debian/changelog file

1 files changed, 211 insertions, 1 deletions

diff --git a/debian/changelog b/debian/changelog
index 42907b850963..68864e0357d9 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,10 +1,220 @@
-linux (5.10.41-1) UNRELEASED; urgency=medium
+linux (5.10.42-1) UNRELEASED; urgency=medium
 
   * New upstream stable update:
     https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.41
     - context_tracking: Move guest exit context tracking to separate helpers
     - context_tracking: Move guest exit vtime accounting to separate helpers
     - [x86] KVM: Defer vtime accounting 'til after IRQ handling
+    https://www.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.42
+    - ALSA: hda/realtek: the bass speaker can't output sound on Yoga 9i
+    - ALSA: hda/realtek: Headphone volume is controlled by Front mixer
+    - ALSA: hda/realtek: Chain in pop reduction fixup for ThinkStation P340
+    - ALSA: hda/realtek: fix mute/micmute LEDs for HP 855 G8
+    - ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP Zbook G8
+    - ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP Zbook Fury 15
+      G8
+    - ALSA: hda/realtek: fix mute/micmute LEDs and speaker for HP Zbook Fury 17
+      G8
+    - ALSA: usb-audio: scarlett2: Fix device hang with ehci-pci
+    - ALSA: usb-audio: scarlett2: Improve driver startup messages
+    - cifs: set server->cipher_type to AES-128-CCM for SMB3.0
+    - NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return()
+    - iommu/vt-d: Fix sysfs leak in alloc_iommu()
+    - proc: Check /proc/$pid/attr/ writes against file opener
+    - net: hso: fix control-request directions
+    - net/sched: fq_pie: re-factor fix for fq_pie endless loop
+    - net/sched: fq_pie: fix OOB access in the traffic path
+    - netfilter: nft_set_pipapo_avx2: Add irq_fpu_usable() check, fallback to
+      non-AVX2 version
+    - mac80211: assure all fragments are encrypted (CVE-2020-26147)
+    - mac80211: prevent mixed key and fragment cache attacks (CVE-2020-24586,
+      CVE-2020-24587)
+    - mac80211: properly handle A-MSDUs that start with an RFC 1042 header
+    - cfg80211: mitigate A-MSDU aggregation attacks (CVE-2020-24588)
+    - mac80211: drop A-MSDUs on old ciphers (CVE-2020-24588)
+    - mac80211: add fragment cache to sta_info
+    - mac80211: check defrag PN against current frame
+    - mac80211: prevent attacks on TKIP/WEP as well
+    - mac80211: do not accept/forward invalid EAPOL frames (CVE-2020-26139)
+    - mac80211: extend protection against mixed key and fragment cache attacks
+      (CVE-2020-24586, CVE-2020-24587)
+    - ath10k: add CCMP PN replay protection for fragmented frames for PCIe
+    - ath10k: drop fragments with multicast DA for PCIe (CVE-2020-26145)
+    - ath10k: drop fragments with multicast DA for SDIO (CVE-2020-26145)
+    - ath10k: drop MPDU which has discard flag set by firmware for SDIO
+      (CVE-2020-24588)
+    - ath10k: Fix TKIP Michael MIC verification for PCIe (CVE-2020-26141)
+    - ath10k: Validate first subframe of A-MSDU before processing the list
+    - ath11k: Clear the fragment cache during key install (CVE-2020-24587)
+    - dm snapshot: properly fix a crash when an origin has no snapshots
+    - drm/amdgpu/vcn1: add cancel_delayed_work_sync before power gate
+    - [amd64] drm/amdkfd: correct sienna_cichlid SDMA RLC register offset error
+    - drm/amdgpu/vcn2.0: add cancel_delayed_work_sync before power gate
+    - drm/amdgpu/vcn2.5: add cancel_delayed_work_sync before power gate
+    - drm/amdgpu/jpeg2.0: add cancel_delayed_work_sync before power gate
+    - Documentation: seccomp: Fix user notification documentation
+    - seccomp: Refactor notification handler to prepare for new semantics
+    - serial: core: fix suspicious security_locked_down() call
+    - misc/uss720: fix memory leak in uss720_probe
+    - [x86] thunderbolt: usb4: Fix NVM read buffer bounds and offset issue
+    - [x86] thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue
+    - [x86] KVM: Fix vCPU preempted state from guest's point of view
+    - [arm64] KVM: Prevent mixed-width VM creation
+    - [x86] mei: request autosuspend after sending rx flow control
+    - iio: gyro: fxas21002c: balance runtime power in error path
+    - iio: dac: ad5770r: Put fwnode in error case during ->probe()
+    - iio: adc: ad7768-1: Fix too small buffer passed to
+      iio_push_to_buffers_with_timestamp()
+    - iio: adc: ad7124: Fix missbalanced regulator enable / disable on error.
+    - iio: adc: ad7124: Fix potential overflow due to non sequential channel
+      numbers
+    - iio: adc: ad7923: Fix undersized rx buffer.
+    - iio: adc: ad7793: Add missing error code in ad7793_setup()
+    - iio: adc: ad7192: Avoid disabling a clock that was never enabled.
+    - iio: adc: ad7192: handle regulator voltage error first
+    - serial: 8250: Add UART_BUG_TXRACE workaround for Aspeed VUART
+    - serial: 8250_dw: Add device HID for new AMD UART controller
+    - serial: 8250_pci: Add support for new HPE serial device
+    - serial: 8250_pci: handle FL_NOIRQ board flag
+    - USB: trancevibrator: fix control-request direction
+    - Revert "irqbypass: do not start cons/prod when failed connect"
+    - USB: usbfs: Don't WARN about excessively large memory allocations
+    - drivers: base: Fix device link removal
+    - [arm64,armhf] serial: tegra: Fix a mask operation that is always true
+    - serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait'
+    - USB: serial: ti_usb_3410_5052: add startech.com device id
+    - USB: serial: option: add Telit LE910-S1 compositions 0x7010, 0x7011
+    - USB: serial: ftdi_sio: add IDs for IDS GmbH Products
+    - USB: serial: pl2303: add device id for ADLINK ND-6530 GC
+    - [x86] thermal/drivers/intel: Initialize RW trip to THERMAL_TEMP_INVALID
+    - [arm64,armhf] usb: dwc3: gadget: Properly track pending and queued SG
+    - [arm64,x86] usb: typec: mux: Fix matching with typec_altmode_desc
+    - net: usb: fix memory leak in smsc75xx_bind
+    - Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails
+    - fs/nfs: Use fatal_signal_pending instead of signal_pending
+    - NFS: fix an incorrect limit in filelayout_decode_layout()
+    - NFS: Fix an Oopsable condition in __nfs_pageio_add_request()
+    - NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce()
+    - NFSv4: Fix v4.0/v4.1 SEEK_DATA return -ENOTSUPP when set NFS_V4_2 config
+    - [arm64] drm/meson: fix shutdown crash when component not probed
+    - net/mlx5e: reset XPS on error flow if netdev isn't registered yet
+    - net/mlx5e: Fix multipath lag activation
+    - net/mlx5e: Fix error path of updating netdev queues
+    - {net,vdpa}/mlx5: Configure interface MAC into mpfs L2 table
+    - net/mlx5e: Fix nullptr in add_vlan_push_action()
+    - net/mlx5: Set reformat action when needed for termination rules
+    - net/mlx5e: Fix null deref accessing lag dev
+    - net/mlx4: Fix EEPROM dump support
+    - net/mlx5: Set term table as an unmanaged flow table
+    - SUNRPC in case of backlog, hand free slots directly to waiting task
+    - Revert "net:tipc: Fix a double free in tipc_sk_mcast_rcv"
+    - tipc: wait and exit until all work queues are done
+    - tipc: skb_linearize the head skb when reassembling msgs
+    - [arm64] spi: spi-fsl-dspi: Fix a resource leak in an error handling path
+    - netfilter: flowtable: Remove redundant hw refresh bit
+    - [arm64,armhf] net: dsa: fix a crash if ->get_sset_count() fails
+    - [armhf] i2c: s3c2410: fix possible NULL pointer deref on read message
+      after write
+    - [x86] i2c: i801: Don't generate an interrupt on bus reset
+    - afs: Fix the nlink handling of dir-over-dir rename
+    - nvmet-tcp: fix inline data size comparison in nvmet_tcp_queue_response
+    - [x86] platform/x86: hp_accel: Avoid invoking _INI to speed up resume
+    - [arm64] Revert "crypto: cavium/nitrox - add an error message to explain
+      the failure of pci_request_mem_regions"
+    - Revert "media: usb: gspca: add a missed check for goto_low_power"
+    - [i386] Revert "ALSA: sb: fix a missing check of snd_ctl_add"
+    - Revert "net: fujitsu: fix a potential NULL pointer dereference"
+    - net: fujitsu: fix potential null-ptr-deref
+    - Revert "net/smc: fix a NULL pointer dereference"
+    - net/smc: properly handle workqueue allocation failure
+    - [x86] Revert "char: hpet: fix a missing check of ioremap"
+    - [x86] char: hpet: add checks after calling ioremap
+    - [i386] Revert "ALSA: gus: add a check of the status of snd_ctl_add"
+    - Revert "isdn: mISDNinfineon: fix potential NULL pointer dereference"
+    - isdn: mISDNinfineon: check/cleanup ioremap failure correctly in setup_io
+    - Revert "ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd()"
+    - ath6kl: return error code in ath6kl_wmi_set_roam_lrssi_cmd()
+    - Revert "isdn: mISDN: Fix potential NULL pointer dereference of kzalloc"
+    - isdn: mISDN: correctly handle ph_info allocation failure in
+      hfcsusb_ph_info
+    - [arm64] Revert "dmaengine: qcom_hidma: Check for driver register failure"
+    - [arm64] dmaengine: qcom_hidma: comment platform_driver_register call
+    - Revert "libertas: add checks for the return value of sysfs_create_group"
+    - libertas: register sysfs groups properly
+    - Revert "media: dvb: Add check on sp8870_readreg"
+    - media: dvb: Add check on sp8870_readreg return
+    - Revert "media: gspca: mt9m111: Check write_bridge for timeout"
+    - media: gspca: mt9m111: Check write_bridge for timeout
+    - Revert "media: gspca: Check the return value of write_bridge for timeout"
+    - media: gspca: properly check for errors in po1030_probe()
+    - Revert "net: liquidio: fix a NULL pointer dereference"
+    - net: liquidio: Add missing null pointer checks
+    - Revert "brcmfmac: add a check for the status of usb_register"
+    - brcmfmac: properly check for bus register errors
+    - btrfs: return whole extents in fiemap
+    - [powerpc,x86] scsi: BusLogic: Fix 64-bit system enumeration error for
+      Buslogic
+    - scsi: pm80xx: Fix drives missing during rmmod/insmod loop
+    - btrfs: release path before starting transaction when cloning inline extent
+    - btrfs: do not BUG_ON in link_to_fixup_dir
+    - [x86] platform/x86: hp-wireless: add AMD's hardware id to the supported
+      list
+    - SMB3: incorrect file id in requests compounded with open
+    - drm/amd/amdgpu: fix refcount leak
+    - drm/amdgpu: Fix a use-after-free
+    - drm/amd/amdgpu: fix a potential deadlock in gpu reset
+    - drm/amdgpu: stop touching sched.ready in the backend
+    - block: fix a race between del_gendisk and BLKRRPART
+    - linux/bits.h: fix compilation error with GENMASK
+    - [arm64,armhf] net: dsa: fix error code getting shifted with 4 in
+      dsa_slave_get_sset_count
+    - net: stmmac: Fix MAC WoL not working if PHY does not support WoL
+    - spi: Assume GPIO CS active high in ACPI case
+    - net: really orphan skbs tied to closing sk
+    - net: packetmmap: fix only tx timestamp on request
+    - [arm64,armhf] net: fec: fix the potential memory leak in fec_enet_init()
+    - [arm64] net: mdio: thunder: Fix a double free issue in the .remove
+      function
+    - [mips64el,mipsel] net: mdio: octeon: Fix some double free issues
+    - cxgb4/ch_ktls: Clear resources when pf4 device is removed
+    - openvswitch: meter: fix race when getting now_ms.
+    - net: sched: fix packet stuck problem for lockless qdisc
+    - net: sched: fix tx action rescheduling issue during deactivation
+    - net: sched: fix tx action reschedule issue with stopped queue
+    - net: hso: check for allocation failure in hso_create_bulk_serial_device()
+    - net: bnx2: Fix error return code in bnx2_init_board()
+    - bnxt_en: Include new P5 HV definition in VF check.
+    - bnxt_en: Fix context memory setup for 64K page size.
+    - mld: fix panic in mld_newpack()
+    - net/smc: remove device from smcd_dev_list after failed device_add()
+    - [amd64] gve: Check TX QPL was actually assigned
+    - [amd64] gve: Update mgmt_msix_idx if num_ntfy changes
+    - [amd64] gve: Add NULL pointer checks when freeing irqs.
+    - [amd64] gve: Upgrade memory barrier in poll routine
+    - [amd64] gve: Correct SKB queue index validation.
+    - [arm64] net: hns3: fix incorrect resp_msg issue
+    - [arm64] net: hns3: put off calling register_netdev() until client
+      initialize complete
+    - [amd64] iommu/vt-d: Use user privilege for RID2PASID translation
+    - cxgb4: avoid accessing registers when clearing filters
+    - bpf, offload: Reorder offload callback 'prepare' in verifier
+    - bpf: Set mac_len in bpf_skb_change_head
+    - ixgbe: fix large MTU request from VF
+    - [arm64] ASoC: qcom: lpass-cpu: Use optional clk APIs
+    - scsi: libsas: Use _safe() loop in sas_resume_port()
+    - ipv6: record frag_max_size in atomic fragments in input path
+    - ALSA: usb-audio: scarlett2: snd_scarlett_gen2_controls_create() can be
+      static
+    - sch_dsmark: fix a NULL deref in qdisc_reset()
+    - net: zero-initialize tc skb extension on allocation
+    - [arm64,armhf] net: mvpp2: add buffer header handling in RX
+    - [x86] i915: fix build warning in intel_dp_get_link_status()
+    - [arm64] net: hns3: check the return of skb_checksum_help()
+    - bpftool: Add sock_release help info for cgroup attach/prog load command
+    - SUNRPC: More fixes for backlog congestion
+    - net: hso: bail out on interrupt URB allocation failure
+    - neighbour: Prevent Race condition in neighbour subsytem
+    - usb: core: reduce power-on-good delay time of root hub
 
   [ Josua Mayer ]
   * [armhf] drivers/bluetooth: Enable BT_HCIUART as a module, with support