From 8c61637379dce300cb2bf3f1808e841fa95cef6c Mon Sep 17 00:00:00 2001 From: Scott Weaver Date: Thu, 9 Nov 2023 07:43:29 -0500 Subject: [PATCH] kernel-5.14.0-384.el9 * Thu Nov 09 2023 Scott Weaver [5.14.0-384.el9] - perf/core: Fix potential NULL deref (Wander Lairson Costa) [RHEL-14984] {CVE-2023-5717} - perf: Disallow mis-matched inherited group reads (Wander Lairson Costa) [RHEL-14984] {CVE-2023-5717} - page_pool: unlink from napi during destroy (Ivan Vecera) [RHEL-12613] - page_pool: allow caching from safely localized NAPI (Ivan Vecera) [RHEL-12613] - net: skb: plumb napi state thru skb freeing paths (Ivan Vecera) [RHEL-12613] - net: introduce skb_poison_list and use in kfree_skb_list (Ivan Vecera) [RHEL-12613] - net: fix kfree_skb_list use of skb_mark_not_on_list (Ivan Vecera) [RHEL-12613] - net: kfree_skb_list use kmem_cache_free_bulk (Ivan Vecera) [RHEL-12613] - net: skb: move skb_pp_recycle() to skbuff.c (Ivan Vecera) [RHEL-12613] - ibmvnic: Ensure login failure recovery is safe from other resets (Mamatha Inamdar) [RHEL-15149] - ibmvnic: Do partial reset on login failure (Mamatha Inamdar) [RHEL-15149] - ibmvnic: Handle DMA unmapping of login buffs in release functions (Mamatha Inamdar) [RHEL-15149] - ibmvnic: Unmap DMA login rsp buffer on send login fail (Mamatha Inamdar) [RHEL-15149] - ibmvnic: Enforce stronger sanity checks on login response (Mamatha Inamdar) [RHEL-15149] - ibmvnic: remove unused rc variable (Mamatha Inamdar) [RHEL-15149] - ibmvnic: Free rwi on reset success (Mamatha Inamdar) [RHEL-15149] - selftests: tty: add selftest for tty timestamp updates (Aristeu Rozanski) [RHEL-3902] - tty: tty_io: update timestamps on all device nodes (Aristeu Rozanski) [RHEL-3902] - powerpc/rtas_flash: allow user copy to flash block cache objects (Mamatha Inamdar) [2228278] - preempt: Put preempt_enable() within an instrumentation*() section. (Eder Zulian) [RHEL-3988] - sched/rt: Don't try push tasks if there are none. (Eder Zulian) [RHEL-3988] - signal: Add proper comment about the preempt-disable in ptrace_stop(). (Eder Zulian) [RHEL-3988] - scsi: scsi_debug: Remove dead code (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Abort commands from scsi_debug_device_reset() (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Fix missing error code in scsi_debug_init() (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Drop sdebug_queue (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Only allow sdebug_max_queue be modified when no shosts (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Use scsi_host_busy() in delay_store() and ndelay_store() (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Use blk_mq_tagset_busy_iter() in stop_all_queued() (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Use blk_mq_tagset_busy_iter() in sdebug_blk_mq_poll() (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Dynamically allocate sdebug_queued_cmd (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Use scsi_block_requests() to block queues (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Protect block_unblock_all_queues() with mutex (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Change shost list lock to a mutex (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Don't iter all shosts in clear_luns_changed_on_target() (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Fix check for sdev queue full (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Remove redundant driver match function (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Add poll mode deferred completions to statistics (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Get command abort feature working again (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Drop sdebug_dev_info.num_in_q (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Drop check for num_in_q exceeding queue depth (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Drop scsi_debug_host_reset() device NULL pointer check (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Drop scsi_debug_bus_reset() NULL pointer checks (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Drop scsi_debug_target_reset() NULL pointer checks (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Drop scsi_debug_device_reset() NULL pointer checks (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Drop scsi_debug_abort() NULL pointer checks (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Stop setting devip->sdbg_host twice (Ming Lei) [RHEL-15276] - scsi: scsi_debug: Don't hold driver host struct pointer in host->hostdata[] (Ming Lei) [RHEL-15276] - scsi: smartpqi: Change driver version to 2.1.24-046 (Don Brace) [RHEL-2301] - scsi: smartpqi: Enhance error messages (Don Brace) [RHEL-2301] - scsi: smartpqi: Enhance controller offline notification (Don Brace) [RHEL-2301] - scsi: smartpqi: Enhance shutdown notification (Don Brace) [RHEL-2301] - scsi: smartpqi: Simplify lun_number assignment (Don Brace) [RHEL-2301] - scsi: smartpqi: Rename pciinfo to pci_info (Don Brace) [RHEL-2301] - scsi: smartpqi: Rename MACRO to clarify purpose (Don Brace) [RHEL-2301] - scsi: smartpqi: Add abort handler (Don Brace) [RHEL-2301] - netfilter: xt_sctp: validate the flag_info count (Wander Lairson Costa) [2227299] {CVE-2023-39193} - net: xfrm: Fix xfrm_address_filter OOB read (Wander Lairson Costa) [2227305] {CVE-2023-39194} - drm/qxl: fix UAF on handle creation (Wander Lairson Costa) [2218334] {CVE-2023-39198} - netfilter: nfnetlink_osf: avoid OOB read (Wander Lairson Costa) [2227287] {CVE-2023-39189} Resolves: rhbz#2218334, rhbz#2227287, rhbz#2227299, rhbz#2227305, rhbz#2228278, RHEL-12613, RHEL-14984, RHEL-15149, RHEL-15276, RHEL-2301, RHEL-3902, RHEL-3988 Signed-off-by: Scott Weaver --- Makefile.rhelver | 2 +- kernel.spec | 70 +++++++++++++++++++++++++++++++++++++++++++++--- sources | 6 ++--- 3 files changed, 70 insertions(+), 8 deletions(-) diff --git a/Makefile.rhelver b/Makefile.rhelver index 13723a2..68033e0 100644 --- a/Makefile.rhelver +++ b/Makefile.rhelver @@ -12,7 +12,7 @@ RHEL_MINOR = 4 # # Use this spot to avoid future merge conflicts. # Do not trim this comment. -RHEL_RELEASE = 383 +RHEL_RELEASE = 384 # # ZSTREAM diff --git a/kernel.spec b/kernel.spec index 3371ff4..24aafb4 100755 --- a/kernel.spec +++ b/kernel.spec @@ -165,15 +165,15 @@ Summary: The Linux kernel # define buildid .local %define specversion 5.14.0 %define patchversion 5.14 -%define pkgrelease 383 +%define pkgrelease 384 %define kversion 5 -%define tarfile_release 5.14.0-383.el9 +%define tarfile_release 5.14.0-384.el9 # This is needed to do merge window version magic %define patchlevel 14 # This allows pkg_release to have configurable %%{?dist} tag -%define specrelease 383%{?buildid}%{?dist} +%define specrelease 384%{?buildid}%{?dist} # This defines the kabi tarball version -%define kabiversion 5.14.0-383.el9 +%define kabiversion 5.14.0-384.el9 # # End of genspec.sh variables @@ -3745,6 +3745,68 @@ fi # # %changelog +* Thu Nov 09 2023 Scott Weaver [5.14.0-384.el9] +- perf/core: Fix potential NULL deref (Wander Lairson Costa) [RHEL-14984] {CVE-2023-5717} +- perf: Disallow mis-matched inherited group reads (Wander Lairson Costa) [RHEL-14984] {CVE-2023-5717} +- page_pool: unlink from napi during destroy (Ivan Vecera) [RHEL-12613] +- page_pool: allow caching from safely localized NAPI (Ivan Vecera) [RHEL-12613] +- net: skb: plumb napi state thru skb freeing paths (Ivan Vecera) [RHEL-12613] +- net: introduce skb_poison_list and use in kfree_skb_list (Ivan Vecera) [RHEL-12613] +- net: fix kfree_skb_list use of skb_mark_not_on_list (Ivan Vecera) [RHEL-12613] +- net: kfree_skb_list use kmem_cache_free_bulk (Ivan Vecera) [RHEL-12613] +- net: skb: move skb_pp_recycle() to skbuff.c (Ivan Vecera) [RHEL-12613] +- ibmvnic: Ensure login failure recovery is safe from other resets (Mamatha Inamdar) [RHEL-15149] +- ibmvnic: Do partial reset on login failure (Mamatha Inamdar) [RHEL-15149] +- ibmvnic: Handle DMA unmapping of login buffs in release functions (Mamatha Inamdar) [RHEL-15149] +- ibmvnic: Unmap DMA login rsp buffer on send login fail (Mamatha Inamdar) [RHEL-15149] +- ibmvnic: Enforce stronger sanity checks on login response (Mamatha Inamdar) [RHEL-15149] +- ibmvnic: remove unused rc variable (Mamatha Inamdar) [RHEL-15149] +- ibmvnic: Free rwi on reset success (Mamatha Inamdar) [RHEL-15149] +- selftests: tty: add selftest for tty timestamp updates (Aristeu Rozanski) [RHEL-3902] +- tty: tty_io: update timestamps on all device nodes (Aristeu Rozanski) [RHEL-3902] +- powerpc/rtas_flash: allow user copy to flash block cache objects (Mamatha Inamdar) [2228278] +- preempt: Put preempt_enable() within an instrumentation*() section. (Eder Zulian) [RHEL-3988] +- sched/rt: Don't try push tasks if there are none. (Eder Zulian) [RHEL-3988] +- signal: Add proper comment about the preempt-disable in ptrace_stop(). (Eder Zulian) [RHEL-3988] +- scsi: scsi_debug: Remove dead code (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Abort commands from scsi_debug_device_reset() (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Fix missing error code in scsi_debug_init() (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Drop sdebug_queue (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Only allow sdebug_max_queue be modified when no shosts (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Use scsi_host_busy() in delay_store() and ndelay_store() (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Use blk_mq_tagset_busy_iter() in stop_all_queued() (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Use blk_mq_tagset_busy_iter() in sdebug_blk_mq_poll() (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Dynamically allocate sdebug_queued_cmd (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Use scsi_block_requests() to block queues (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Protect block_unblock_all_queues() with mutex (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Change shost list lock to a mutex (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Don't iter all shosts in clear_luns_changed_on_target() (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Fix check for sdev queue full (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Remove redundant driver match function (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Add poll mode deferred completions to statistics (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Get command abort feature working again (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Drop sdebug_dev_info.num_in_q (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Drop check for num_in_q exceeding queue depth (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Drop scsi_debug_host_reset() device NULL pointer check (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Drop scsi_debug_bus_reset() NULL pointer checks (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Drop scsi_debug_target_reset() NULL pointer checks (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Drop scsi_debug_device_reset() NULL pointer checks (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Drop scsi_debug_abort() NULL pointer checks (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Stop setting devip->sdbg_host twice (Ming Lei) [RHEL-15276] +- scsi: scsi_debug: Don't hold driver host struct pointer in host->hostdata[] (Ming Lei) [RHEL-15276] +- scsi: smartpqi: Change driver version to 2.1.24-046 (Don Brace) [RHEL-2301] +- scsi: smartpqi: Enhance error messages (Don Brace) [RHEL-2301] +- scsi: smartpqi: Enhance controller offline notification (Don Brace) [RHEL-2301] +- scsi: smartpqi: Enhance shutdown notification (Don Brace) [RHEL-2301] +- scsi: smartpqi: Simplify lun_number assignment (Don Brace) [RHEL-2301] +- scsi: smartpqi: Rename pciinfo to pci_info (Don Brace) [RHEL-2301] +- scsi: smartpqi: Rename MACRO to clarify purpose (Don Brace) [RHEL-2301] +- scsi: smartpqi: Add abort handler (Don Brace) [RHEL-2301] +- netfilter: xt_sctp: validate the flag_info count (Wander Lairson Costa) [2227299] {CVE-2023-39193} +- net: xfrm: Fix xfrm_address_filter OOB read (Wander Lairson Costa) [2227305] {CVE-2023-39194} +- drm/qxl: fix UAF on handle creation (Wander Lairson Costa) [2218334] {CVE-2023-39198} +- netfilter: nfnetlink_osf: avoid OOB read (Wander Lairson Costa) [2227287] {CVE-2023-39189} + * Mon Nov 06 2023 Scott Weaver [5.14.0-383.el9] - redhat: configs: disable CONFIG_REMOTE_TARGET (Maurizio Lombardi) [RHEL-5751] - scsi: target: core: Fix target_cmd_counter leak (Maurizio Lombardi) [RHEL-5751] diff --git a/sources b/sources index 7b34736..006a8ba 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (linux-5.14.0-383.el9.tar.xz) = b0206406ef6e6c9c2bf4df9256472d90089d62f333c0bfd7bb84214c147f405bcd76561cb9f00652db90259273dde26affe8b9d52a344e3128a922034e2abfde -SHA512 (kernel-abi-stablelists-5.14.0-383.el9.tar.bz2) = 6c5050ff1443979d727d71a10b6b7ee03dbacfda2cd1991af001801e98c2c54ba055faab0e0c1f7573e4a6d65ca59e67293d95166bc8997df4bb1d16a00282aa -SHA512 (kernel-kabi-dw-5.14.0-383.el9.tar.bz2) = 27e6c517cb6a6a0529d14a48803485aea27d838a7fae6dda1fdab02a4e7ec17933e3a1065cc7a0190a7d83be8d57ab32f603d6c0faa2d1a88a47621b07579565 +SHA512 (linux-5.14.0-384.el9.tar.xz) = cc49819f6a6afdb402eb49717cebfd757d9b84b864657b5e123ed0df3015dae1736ffa04d1ac5275885850f76f383e2fdbc06e05b8be4c851cfd1b1da940185d +SHA512 (kernel-abi-stablelists-5.14.0-384.el9.tar.bz2) = 7212da35f24714dd8896d7a4b2325f66b3960951c04514003f42cacf901979646de19e0fdafb8cf93f29d61e4e7187f3f3fee3dd48f28b4fce4bf18a1f4b49ef +SHA512 (kernel-kabi-dw-5.14.0-384.el9.tar.bz2) = b15bbc7c73df4809ffc16239984ea731c8ae1f233ce2a857cbe5bf7ad23a38c373c9db2cdb6552bd41eed27c6a9fbcfb30d1a3d4d1f3e2f7ed03cc56a8b778fc