cadence: 2026-05-11 weekly upstream watch

[github-actions]

linux-xr Weekly Cadence Report

• Generated: 2026-05-11T14:06:00Z
• Base ref: HEAD (da85976ef503)

Carry Set

Order	Patch
1	0007-vesa-dsc-bpp.patch
2	bigscreen-beyond-edid.patch

Upstream Summary

• Upstream ref: refs/remotes/upstream/master (5d6919055dec)
• Latest upstream tag: unavailable
• Merge base: 1f318b96cc84
• Upstream-only commits since merge base: 17206
• Fork-only commits since merge base: 141

Recent Upstream Commits

• 5d6919055dec Linux 7.1-rc3
• aa54b1d27fe0 rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present
• 3ac1a467e376 bpf: Fix off-by-one boundary validation in arena direct-value access
• bf6d507f7e3c xskmap: reject TX-only AF_XDP sockets
• 512809bb8a37 bpf: Don't run arg-tracking analysis twice on main subprog
• 9ef40a09c5de MAINTAINERS: Add Aksh Garg as PCIe CADENCE reviewer
• 78e115d806b0 MAINTAINERS: Update Hans Zhang email for PCIe CIX Sky1
• bf5421b3d8d3 MAINTAINERS: Update Marek Vasut email for PCIe R-Car
• f45a49a2380a PCI: Initialize temporary device in new_id_store()
• 909f7bf9b080 PCI: Update saved_config_space upon resource assignment

Recent Fork Commits

• da85976ef503 docs: mark xr11 release published (docs: mark xr11 release published #70)
• 99a8dbac353d docs: mark xr11 signed release queue (docs: mark xr11 signed release queue #68)
• 860e16fb65e5 docs: refresh CVE and xr11 status
• e33d9c0959e1 security: cover Dirty Frag RxRPC RXGK paths
• aa54797c347c security: allow absent usercopy default symbol
• d4b510794cd3 config: keep firmware helper disabled on 6.12
• 86e5417b8c4a carry: enforce zero-fuzz patch checks
• 95b7b1ca1a2f security: track Dirty Frag CVE floors
• c6f7142cb2c3 carry: make dsc patch apply to 6.12
• 2e6ba8a8a125 security: enable dirtyfrag rxrpc route for 6.12

Security Watch

Item	Status
CVE-2026-31431 default base kernel 6.19.5	vulnerable
CVE-2026-31431 repo backport cve-2026-31431-algif-aead.patch	present
CVE-2026-31431 default build route	repo-backport-applied-by-build
CVE-2026-31431 upstream/mainline fix a664bf3d603d in upstream ref	yes
CVE-2026-43284 Dirty Frag ESP default base kernel 6.19.5	vulnerable
CVE-2026-43284 Dirty Frag ESP repo backport dirtyfrag-esp-shared-frag.patch	present
CVE-2026-43284 Dirty Frag ESP default build route	repo-backport-applied-by-build
CVE-2026-43284 Dirty Frag ESP upstream fix f4c50a4034e6 in upstream ref	yes
CVE-2026-43500 Dirty Frag RxRPC default base kernel 6.19.5	vulnerable
CVE-2026-43500 Dirty Frag RxRPC repo backport dirtyfrag-rxrpc-linearize.patch	present
CVE-2026-43500 Dirty Frag RxRPC RXGK repo backport dirtyfrag-rxrpc-rxgk-linearize.patch	present
CVE-2026-43500 Dirty Frag RxRPC default build route	repo-backport-applied-by-build
CVE-2026-31431 fix in candidate ref refs/remotes/stable/linux-7.0.y	yes
CVE-2026-31431 fix in candidate ref refs/remotes/longterm/linux-6.18.y	yes

Known fixed floors for this gate include: 5.10.254+, 5.15.204+, 6.1.170+, 6.6.137+, 6.12.85+, 6.18.22+, 6.19.12+, and 7.0+.
For vulnerable 6.19.x bases, build-rpm.sh applies the repo backport when present.
CVE-2026-43284 Dirty Frag ESP fixed floors include 5.10.255+, 5.15.205+, 6.1.171+, 6.6.138+, 6.12.87+, 6.18.28+, and 7.0.5+; the EOL 6.19.x lab line stays conservative and uses the repo backport.
CVE-2026-43500 Dirty Frag RxRPC is tracked by Debian security but not public in NVD/CVE.org in the last linux-xr check; no kernel.org upstream fixed floor is recorded here yet, so supported bases rely on the repo RXKAD/RXGK backports.

Carry Apply Triage

Target	Ref	Status	Detail
base	HEAD	clean	2/2 patches apply in series order
upstream	refs/remotes/upstream/master	clean	2/2 patches apply in series order
linux-7.0.y	refs/remotes/stable/linux-7.0.y	clean	2/2 patches apply in series order
linux-6.18.y	refs/remotes/longterm/linux-6.18.y	clean	2/2 patches apply in series order

Stable Summary

• Candidate ref: refs/remotes/stable/linux-7.0.y (5d83f95062a8), latest tag v7.0.6
• Candidate ref: refs/remotes/longterm/linux-6.18.y (d31a849ff501), latest tag v6.18.29

Next Actions

1. Resolve any vulnerable, backport-missing, or unknown security build route before release work.
2. Inspect the upstream-only commit list for merge candidates or conflicts.
3. Check whether every patch in xr/patches/series still applies cleanly.
4. Build both generic and RT variants if the carry set is unchanged.
5. Promote only after named-host validation on honey and yoga.

[Jesssullivan]

2026-05-16 checkpoint:

The maintained target refresh from today landed via linux-xr#73 at d362a939112e40d0dd0217ae34b0f63dbc862b11.

The current candidate set is now:

• generic preferred: 7.0.8
• generic fallback: 6.18.31
• fallback watch: 6.12.89 with RxRPC backport route and pending real RPM proof
• RT split: 7.0.1-rt2 and 6.19.3-rt1 pass; 6.18.13-rt4 remains blocked by CVE-2026-31431 floor

CVE-2026-43500 Dirty Frag RxRPC is now public in NVD/CVE.org; the build gate treats 7.0.6+ and 6.18.29+ as fixed and keeps 6.12.x / 6.19.x on the repo-managed backport route unless a fixed floor is proven.

[Jesssullivan]

2026-05-16 weekly watch refresh:

linux-xr#73 merged at d362a939112e40d0dd0217ae34b0f63dbc862b11; post-merge xr/main CI is green.

Fresh maintained-target preflight from merged xr/main keeps the weekly cadence target unchanged:

• preferred generic source-sync target: 7.0.8 stable, carry/security pass;
• fallback longterm candidates: 6.18.31 and 6.12.89, carry/security pass;
• RT is split: 7.0.1-rt2 and 6.19.3-rt1 pass, while 6.18.13-rt4 fails the CVE-2026-31431 security floor.

Host rollout remains out of scope for this cadence issue: v6.19.5-xr11 is published/downloadable but not lab boot-validated.