diff --git a/kernel.spec b/kernel.spec index 0c72699..6c109f8 100644 --- a/kernel.spec +++ b/kernel.spec @@ -38,10 +38,10 @@ # define buildid .local %define specversion 4.18.0 -%define pkgrelease 553.9.1.rt7.350.el8_10 +%define pkgrelease 553.10.1.rt7.351.el8_10 # allow pkg_release to have configurable %%{?dist} tag -%define specrelease 553.9.1.rt7.350%{?dist} +%define specrelease 553.10.1.rt7.351%{?dist} %define pkg_release %{specrelease}%{?buildid} @@ -148,7 +148,7 @@ # The preempt RT patch level %global rttag .rt7 # realtimeN -%global rtbuild .350 +%global rtbuild .351 %define with_doc 0 %define with_headers 0 %define with_cross_headers 0 @@ -2699,6 +2699,82 @@ fi # # %changelog +* Sat Jun 29 2024 Denys Vlasenko [4.18.0-553.10.1.rt7.351.el8_10] +- [rt] build kernel-rt-4.18.0-553.10.1.rt7.351.el8_10 [RHEL-44553] +- SUNRPC: Fix RPC client cleaned up the freed pipefs dentries (Scott Mayhew) [RHEL-38264] {CVE-2023-52803} +- scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (Ewan D. Milne) [RHEL-39717] {CVE-2024-36025} +- tcp: add sanity checks to rx zerocopy (Guillaume Nault) [RHEL-29494] {CVE-2024-26640} +- SUNRPC: fix some memleaks in gssx_dec_option_array (Scott Mayhew) [RHEL-35209] {CVE-2024-27388} +- wifi: nl80211: don't free NULL coalescing rule (Jose Ignacio Tornos Martinez) [RHEL-39752] {CVE-2024-36941} +- nfs: fix UAF in direct writes (Scott Mayhew) [RHEL-34975] {CVE-2024-26958} +- NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (Scott Mayhew) [RHEL-33228] {CVE-2024-26870} +- drm/amd/pm: Fix error of MACO flag setting code (Michel Dänzer) [RHEL-15928] +- scsi: aacraid: fix io hangs and improve performance (John Meneghini) [RHEL-23913] +- block: prevent division by zero in blk_rq_stat_sum() (Ming Lei) [RHEL-37279] {CVE-2024-35925} +- block: fix overflow in blk_ioctl_discard() (Ming Lei) [RHEL-39811] {CVE-2024-36917} +- virtio-blk: fix implicit overflow on virtio_max_dma_size (Ming Lei) [RHEL-38131] {CVE-2023-52762} +- nbd: null check for nla_nest_start (Ming Lei) [RHEL-35176] {CVE-2024-27025} +- isdn: mISDN: netjet: Fix crash in nj_probe: (Ken Cox) [RHEL-38444] {CVE-2021-47284} +- isdn: mISDN: Fix sleeping function called from invalid context (Ken Cox) [RHEL-38400] {CVE-2021-47468} +- net/smc: avoid data corruption caused by decline (Tobias Huschle) [RHEL-38234] {CVE-2023-52775} +- ubi: Check for too small LEB size in VTBL code (David Arcari) [RHEL-25092] {CVE-2024-25739} +- i2c: core: Fix atomic xfer check for non-preempt config (Steve Best) [RHEL-38313] {CVE-2023-52791} +- i2c: core: Run atomic i2c xfer when !preemptible (Steve Best) [RHEL-38313] {CVE-2023-52791} +- firewire: ohci: mask bus reset interrupts between ISR and bottom half (Steve Best) [RHEL-39902] {CVE-2024-36950} +- ipv6: init the accept_queue's spinlocks in inet6_create (Guillaume Nault) [RHEL-28899] {CVE-2024-26614} +- tcp: make sure init the accept_queue's spinlocks once (Guillaume Nault) [RHEL-28899] {CVE-2024-26614} +- tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (Steve Best) [RHEL-39352] {CVE-2024-36016} +- mlxsw: spectrum_acl_tcam: Fix incorrect list API usage (Ivan Vecera) [RHEL-37484] {CVE-2024-36006} +- pwm: Fix double shift bug (Steve Best) [RHEL-38278] {CVE-2023-52756} +- mmc: sdio: fix possible resource leaks in some error paths (Steve Best) [RHEL-38149] {CVE-2023-52730} +- of: unittest: Fix compile in the non-dynamic case (Steve Best) [RHEL-37070] {CVE-2023-52679} +- of: unittest: Fix of_count_phandle_with_args() expected value message (Steve Best) [RHEL-37070] {CVE-2023-52679} +- of: Fix double free in of_parse_phandle_with_args_map (Steve Best) [RHEL-37070] {CVE-2023-52679} +- pinctrl: core: delete incorrect free in pinctrl_enable() (Steve Best) [RHEL-39756] {CVE-2024-36940} +- pinctrl: core: fix possible memory leak in pinctrl_enable() (Steve Best) [RHEL-39756] {CVE-2024-36940} +- media: gspca: cpia1: shift-out-of-bounds in set_flicker (Desnes Nunes) [RHEL-38331] {CVE-2023-52764} +- tipc: fix a possible memleak in tipc_buf_append (Xin Long) [RHEL-39881] {CVE-2024-36954} +- cifs: fix mid leak during reconnection after timeout threshold (Paulo Alcantara) [RHEL-36222] +- cifs: Fix use-after-free in rdata->read_into_pages() (Paulo Alcantara) [RHEL-36222] +- cifs: Fix pages leak when writedata alloc failed in cifs_write_from_iter() (Paulo Alcantara) [RHEL-36222] +- cifs: Fix pages array leak when writedata alloc failed in cifs_writedata_alloc() (Paulo Alcantara) [RHEL-36222] +- cifs: destage dirty pages before re-reading them for cache=none (Paulo Alcantara) [RHEL-36222] +- cifs: destage any unwritten data to the server before calling copychunk_write (Paulo Alcantara) [RHEL-36222] +- Adjust cifssb maximum read size (Paulo Alcantara) [RHEL-36222] +- cifs: make locking consistent around the server session status (Paulo Alcantara) [RHEL-36222] +- cifs: fix credit accounting for extra channel (Paulo Alcantara) [RHEL-36222] +- smb3: prevent races updating CurrentMid (Paulo Alcantara) [RHEL-36222] +- cifs: fix missing spinlock around update to ses->status (Paulo Alcantara) [RHEL-36222] +- cifs: use echo_interval even when connection not ready. (Paulo Alcantara) [RHEL-36222] +- cifs: detect dead connections only when echoes are enabled. (Paulo Alcantara) [RHEL-36222] +- cifs: Fix preauth hash corruption (Paulo Alcantara) [RHEL-36222] +- cifs: do not send close in compound create+close requests (Paulo Alcantara) [RHEL-36222] +- cifs: ask for more credit on async read/write code paths (Paulo Alcantara) [RHEL-36222] +- cifs: use discard iterator to discard unneeded network data more efficiently (Paulo Alcantara) [RHEL-36222] +- cifs: Fix in error types returned for out-of-credit situations. (Paulo Alcantara) [RHEL-36222] +- smb3: fix crediting for compounding when only one request in flight (Paulo Alcantara) [RHEL-36222] +- cifs: New optype for session operations. (Paulo Alcantara) [RHEL-36222] +- mm/gup: do not return 0 from pin_user_pages_fast() for bad args (Paulo Alcantara) [RHEL-36222] +- wifi: brcmfmac: pcie: handle randbuf allocation failure (Jose Ignacio Tornos Martinez) [RHEL-44124] {CVE-2024-38575} +- tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). (Guillaume Nault) [RHEL-39835] {CVE-2024-36904} +- wifi: mac80211: don't return unset power in ieee80211_get_tx_power() (Jose Ignacio Tornos Martinez) [RHEL-38159] {CVE-2023-52832} +- wifi: ath11k: fix gtk offload status event locking (Jose Ignacio Tornos Martinez) [RHEL-38155] {CVE-2023-52777} +- net: ieee802154: fix null deref in parse dev addr (Steve Best) [RHEL-38012] {CVE-2021-47257} +- mm/hugetlb: fix missing hugetlb_lock for resv uncharge (Rafael Aquini) [RHEL-37465] {CVE-2024-36000} +- x86/xen: Add some null pointer checking to smp.c (Vitaly Kuznetsov) [RHEL-33258] {CVE-2024-26908} +- x86/xen: Fix memory leak in xen_smp_intr_init{_pv}() (Vitaly Kuznetsov) [RHEL-33258] {CVE-2024-26908} +- wifi: cfg80211: check A-MSDU format more carefully (Jose Ignacio Tornos Martinez) [RHEL-37343] {CVE-2024-35937} +- wifi: rtw89: fix null pointer access when abort scan (Jose Ignacio Tornos Martinez) [RHEL-37355] {CVE-2024-35946} +- atl1c: Work around the DMA RX overflow issue (Ken Cox) [RHEL-38287] {CVE-2023-52834} +- wifi: ath11k: decrease MHI channel buffer length to 8KB (Jose Ignacio Tornos Martinez) [RHEL-37339] {CVE-2024-35938} +- wifi: iwlwifi: mvm: rfi: fix potential response leaks (Jose Ignacio Tornos Martinez) [RHEL-37163] {CVE-2024-35912} +- USB: core: Fix access violation during port device removal (Desnes Nunes) [RHEL-39853] {CVE-2024-36896} +- scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (Ewan D. Milne) [RHEL-37123] {CVE-2024-35930} +- netfilter: nf_tables: honor table dormant flag from netdev release event path (Phil Sutter) [RHEL-37450] {CVE-2024-36005} +- wifi: iwlwifi: mvm: don't set the MFP flag for the GTK (Jose Ignacio Tornos Martinez) [RHEL-36898] {CVE-2024-27434} +- wifi: iwlwifi: mvm: Fix key flags for IGTK on AP interface (Jose Ignacio Tornos Martinez) [RHEL-36898] {CVE-2024-27434} +- misc: lis3lv02d_i2c: Fix regulators getting en-/dis-abled twice on suspend/resume (Steve Best) [RHEL-36932] {CVE-2024-35824} + * Sat Jun 22 2024 Denys Vlasenko [4.18.0-553.9.1.rt7.350.el8_10] - [rt] build kernel-rt-4.18.0-553.9.1.rt7.350.el8_10 [RHEL-44553] - x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (Steve Best) [RHEL-37262] {CVE-2024-35876} diff --git a/sources b/sources index c315958..6ff2428 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (linux-4.18.0-553.9.1.rt7.350.el8_10.tar.xz) = 01eebcc74f431d869bfac6aeecdc87e908e5ae50a17b72152aaf5aa411e600aeb25ef113c1ff950e0e397fa7d2c8a79f058e78ea425372599271e3d0b9e960ab +SHA512 (linux-4.18.0-553.10.1.rt7.351.el8_10.tar.xz) = b718196ae5554d30da32e39fd005fd1cfdb65d425782c9128e39f1b59feaa72f6a08d594d2b4acec23421bdbf467fb8750fdbca7301c7d8c2ca37e3b0b0ce3ca