rpms/kernel-rt
6
0
Fork 0
Code Issues Pull Requests Releases Activity
150 Commits 13 Branches 196 Tags 279 MiB
46c2f0aa07
Commit Graph

149 Commits

Author SHA1 Message Date
Denys Vlasenko
46c2f0aa07 kernel-rt-4.18.0-553.70.1.rt7.411.el8_10 
* Tue Aug 12 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.70.1.rt7.411.el8_10]
- i2c/designware: Fix an initialization issue (CKI Backport Bot) [RHEL-106617] {CVE-2025-38380}
- Bluetooth: hci_core: Fix use-after-free in vhci_flush() (David Marlin) [RHEL-103246] {CVE-2025-38250}
- net_sched: ets: Fix double list add in class with netem as child qdisc (Xin Long) [RHEL-104717] {CVE-2025-37914}
- sch_ets: make est_qlen_notify() idempotent (Xin Long) [RHEL-104717]
- drm/vkms: Fix use after free and double free on init error (CKI Backport Bot) [RHEL-99402] {CVE-2025-22097}
- s390/pci: Do not try re-enabling load/store if device is disabled (Mete Durlu) [RHEL-105600]
- s390/pci: Fix stale function handles in error handling (Mete Durlu) [RHEL-105600]
Resolves: RHEL-103246, RHEL-104717, RHEL-105600, RHEL-106617, RHEL-99402

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-08-12 14:32:27 +02:00
Denys Vlasenko
592cf92051 kernel-rt-4.18.0-553.69.1.rt7.410.el8_10 
* Thu Aug 07 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.69.1.rt7.410.el8_10]
- Revert "sch_htb: make htb_qlen_notify() idempotent" (Denys Vlasenko) [RHEL-108140]
- Revert "sch_drr: make drr_qlen_notify() idempotent" (Denys Vlasenko) [RHEL-108140]
- Revert "sch_qfq: make qfq_qlen_notify() idempotent" (Denys Vlasenko) [RHEL-108140]
- Revert "codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()" (Denys Vlasenko) [RHEL-108140]
- Revert "sch_htb: make htb_deactivate() idempotent" (Denys Vlasenko) [RHEL-108140]
- Revert "net/sched: Always pass notifications when child class becomes empty" (Denys Vlasenko) [RHEL-108140]
- Revert "sch_cbq: make cbq_qlen_notify() idempotent" (Denys Vlasenko) [RHEL-108140]
Resolves: RHEL-108140

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-08-07 20:10:50 +02:00
Denys Vlasenko
084a853110 kernel-rt-4.18.0-553.68.1.rt7.409.el8_10 
* Mon Aug 04 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.68.1.rt7.409.el8_10]
- ipv6: mcast: extend RCU protection in igmp6_send() (Hangbin Liu) [RHEL-102392] {CVE-2025-21759}
- md/md-bitmap: move bitmap_{start, end}write to md upper layer (Nigel Croxon) [RHEL-57991]
- md/raid5: implement pers->bitmap_sector() (Nigel Croxon) [RHEL-57991]
- md: add a new callback pers->bitmap_sector() (Nigel Croxon) [RHEL-57991]
- md/md-bitmap: remove the last parameter for bimtap_ops->endwrite() (Nigel Croxon) [RHEL-57991]
- md/md-bitmap: factor behind write counters out from bitmap_{start/end}write() (Nigel Croxon) [RHEL-57991]
- md/raid5: recheck if reshape has finished with device_lock held (Nigel Croxon) [RHEL-57991]
- md/md-linear: enable io accounting (Nigel Croxon) [RHEL-59928]
- md/md-multipath: enable io accounting (Nigel Croxon) [RHEL-59928]
- md/raid10: switch to use md_account_bio() for io accounting (Nigel Croxon) [RHEL-59928]
- md/raid1: switch to use md_account_bio() for io accounting (Nigel Croxon) [RHEL-59928]
- raid5: fix missing io accounting in raid5_align_endio() (Nigel Croxon) [RHEL-59928]
- md: also clone new io if io accounting is disabled (Nigel Croxon) [RHEL-59928]
- sch_cbq: make cbq_qlen_notify() idempotent (Ivan Vecera) [RHEL-93376]
- net/sched: Always pass notifications when child class becomes empty (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_htb: make htb_deactivate() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_qfq: make qfq_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_drr: make drr_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_htb: make htb_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- can: peak_usb: fix use after free bugs (CKI Backport Bot) [RHEL-99447] {CVE-2021-47670}
- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (CKI Backport Bot) [RHEL-103141] {CVE-2025-38159}
- net/ipv6: release expired exception dst cached in socket (Guillaume Nault) [RHEL-105794] {CVE-2024-56644}
Resolves: RHEL-102392, RHEL-103141, RHEL-105794, RHEL-57991, RHEL-59928, RHEL-93376, RHEL-99447

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-08-04 13:34:42 +02:00
Denys Vlasenko
de21871396 kernel-rt-4.18.0-553.67.1.rt7.408.el8_10 
* Thu Jul 31 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.67.1.rt7.408.el8_10]
- redhat: deprecate RTBZ (Alexandra Hájková)
- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (Rafael Aquini) [RHEL-101233] {CVE-2025-38085}
- mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma (Rafael Aquini) [RHEL-101233] {CVE-2025-38085}
- mm/khugepaged: fix GUP-fast interaction by sending IPI (Rafael Aquini) [RHEL-101233] {CVE-2025-38085}
- mm/khugepaged: take the right locks for page table retraction (Rafael Aquini) [RHEL-101233] {CVE-2025-38085}
- mm/khugepaged: unify collapse pmd clear, flush and free (Rafael Aquini) [RHEL-101233] {CVE-2025-38085}
- padata: fix UAF in padata_reorder (Waiman Long) [RHEL-101398] {CVE-2025-21727}
- redhat: update BUILD_TARGET to rhel-8.10.0-z-test-pesign (Jan Stancek)
- ftrace: Clean up hash direct_functions on register failures (Gregory Bell) [RHEL-103912]
Resolves: RHEL-101233, RHEL-101398, RHEL-103912

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-07-31 15:06:35 +02:00
Denys Vlasenko
b8318da598 kernel-rt-4.18.0-553.66.1.rt7.407.el8_10 
* Mon Jul 28 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.66.1.rt7.407.el8_10]
- [rt] build kernel-rt-4.18.0-553.66.1.rt7.407.el8_10
- net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (Xin Long) [RHEL-105415] {CVE-2025-38001}
- sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (Xin Long) [RHEL-105415] {CVE-2025-38000}
- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (CKI Backport Bot) [RHEL-105415] {CVE-2025-37890}
- sch_hfsc: make hfsc_qlen_notify() idempotent (Xin Long) [RHEL-105415]
- crypto: algif_hash - fix double free in hash_accept (CKI Backport Bot) [RHEL-102223] {CVE-2025-38079}
- Revert "smb: client: fix TCP timers deadlock after rmmod" (Paulo Alcantara) [RHEL-100698] {CVE-2025-22077}
- Revert "smb: client: Fix netns refcount imbalance causing leaks and use-after-free" (Paulo Alcantara) [RHEL-100698]
- smb: client: Fix netns refcount imbalance causing leaks and use-after-free (Paulo Alcantara) [RHEL-100698]
- smb: client: fix TCP timers deadlock after rmmod (Paulo Alcantara) [RHEL-100698] {CVE-2024-54680}
- smb: client: Fix use-after-free of network namespace. (Paulo Alcantara) [RHEL-100698] {CVE-2024-53095}
- smb: client: fix warning in generic_ip_connect() (Paulo Alcantara) [RHEL-100698]
- net: tipc: fix refcount warning in tipc_aead_encrypt (Xin Long) [RHEL-103079]
- net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done (CKI Backport Bot) [RHEL-103079] {CVE-2025-38052}
- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (CKI Backport Bot) [RHEL-99013] {CVE-2025-22020}
- HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (CKI Backport Bot) [RHEL-98837] {CVE-2025-21928}
Resolves: RHEL-100698, RHEL-102223, RHEL-103079, RHEL-105415, RHEL-98837, RHEL-99013

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-07-28 23:55:12 +02:00
Denys Vlasenko
273fc7b293 kernel-rt-4.18.0-553.65.1.rt7.406.el8_10 
* Thu Jul 24 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.65.1.rt7.406.el8_10]
- [rt] build kernel-rt-4.18.0-553.65.1.rt7.406.el8_10
- x86/alternatives: avoid mapping FIX_TEXT_POKE1 page when it is not required (Rafael Aquini) [RHEL-95422]
- ext4: avoid resizing to a partial cluster size (CKI Backport Bot) [RHEL-101423] {CVE-2022-50020}
Resolves: RHEL-101423, RHEL-95422

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-07-24 14:48:41 +02:00
Denys Vlasenko
88947a3587 kernel-rt-4.18.0-553.64.1.rt7.405.el8_10 
* Wed Jul 23 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.64.1.rt7.405.el8_10]
- [rt] build kernel-rt-4.18.0-553.64.1.rt7.405.el8_10
- sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (CKI Backport Bot) [RHEL-100387] {CVE-2025-21919}
- NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN (Benjamin Coddington) [RHEL-86256]
- ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead (CKI Backport Bot) [RHEL-102133] {CVE-2022-49977}
- wifi: iwlwifi: limit printed string from FW file (CKI Backport Bot) [RHEL-99367] {CVE-2025-21905}
- workqueue: Disable printk_deferred_{enter,exit} in RT kernel (Waiman Long) [RHEL-80292]
- workqueue: Make show_pwq() use run-length encoding (Waiman Long) [RHEL-80292]
- workqueue: Introduce show_one_worker_pool and show_one_workqueue. (Waiman Long) [RHEL-80292]
- workqueue: fix state-dump console deadlock (Waiman Long) [RHEL-80292]
Resolves: RHEL-100387, RHEL-102133, RHEL-80292, RHEL-86256, RHEL-99367

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-07-23 17:05:23 +02:00
Denys Vlasenko
08f173c2d3 kernel-rt-4.18.0-553.63.1.rt7.404.el8_10 
* Thu Jul 17 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.63.1.rt7.404.el8_10]
- [rt] build kernel-rt-4.18.0-553.63.1.rt7.404.el8_10
- tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). (Guillaume Nault) [RHEL-66324] {CVE-2024-50154}
- net: ch9200: fix uninitialised access during mii_nway_restart (CKI Backport Bot) [RHEL-101200] {CVE-2025-38086}
- mm/swapfile: add cond_resched() in get_swap_pages() (Nico Pache) [RHEL-80401] {CVE-2023-52932}
- dlm: fix possible lkb_resource null dereference (Alexander Aring) [RHEL-64452]
- fs: dlm: handle -EINVAL as log_error() (Alexander Aring) [RHEL-64452]
- redhat/configs: enable CONFIG_RH_KABI_STABLE_ASM_OFFSETS (Čestmír Kalina) [RHEL-90099]
- kabi: freeze stablelist and stackprotector-related constants (Čestmír Kalina) [RHEL-90099]
- kabi: add redhat/kabi/asm-offsets (Čestmír Kalina) [RHEL-90099]
- kabi: add RH_KABI_ASSERT_EQ_CONST{,EXPR} (Čestmír Kalina) [RHEL-90099]
Resolves: RHEL-101200, RHEL-64452, RHEL-66324, RHEL-80401, RHEL-90099

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-07-17 07:57:31 +02:00
Denys Vlasenko
bf59fb25e5 kernel-rt-4.18.0-553.62.1.rt7.403.el8_10 
* Thu Jul 10 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.62.1.rt7.403.el8_10]
- [rt] build kernel-rt-4.18.0-553.62.1.rt7.403.el8_10
- s390/virtio_ccw: Don't allocate/assign airqs for non-existing queues (David Hildenbrand) [RHEL-87557]
- mm/slab: make __free(kfree) accept error pointers (Mark Langsdorf) [RHEL-84410]
- driver core: fix potential NULL pointer dereference in dev_uevent() (Mark Langsdorf) [RHEL-84410]
- driver core: introduce device_set_driver() helper (Mark Langsdorf) [RHEL-84410]
- Revert "drivers: core: synchronize really_probe() and dev_uevent()" (Mark Langsdorf) [RHEL-84410]
- cleanup: Add conditional guard helper (Mark Langsdorf) [RHEL-84410]
- cleanup: Adjust scoped_guard() macros to avoid potential warning (Mark Langsdorf) [RHEL-84410]
- cleanup: Remove address space of returned pointer (Mark Langsdorf) [RHEL-84410]
- cleanup: Add usage and style documentation (Mark Langsdorf) [RHEL-84410]
- file: add take_fd() cleanup helper (Mark Langsdorf) [RHEL-84410]
- cleanup: Standardize the header guard define's name (Mark Langsdorf) [RHEL-84410]
- cleanup: Add conditional guard support (Mark Langsdorf) [RHEL-84410]
- cleanup: Make no_free_ptr() __must_check (Mark Langsdorf) [RHEL-84410]
- locking: Introduce __cleanup() based infrastructure (Mark Langsdorf) [RHEL-84410]
- misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() (CKI Backport Bot) [RHEL-100343] {CVE-2022-49788}
- media: uvcvideo: Announce the user our deprecation intentions (Desnes Nunes) [RHEL-98760]
- media: uvcvideo: Allow changing noparam on the fly (Desnes Nunes) [RHEL-98760]
- media: uvcvideo: Invert default value for nodrop module param (Desnes Nunes) [RHEL-98760]
- media: uvcvideo: Propagate buf->error to userspace (Desnes Nunes) [RHEL-98760]
- media: uvcvideo: Flush the control cache when we get an event (Desnes Nunes) [RHEL-98760]
- media: uvcvideo: Annotate lock requirements for uvc_ctrl_set (Desnes Nunes) [RHEL-98760]
- media: uvcvideo: Remove dangling pointers (Desnes Nunes) [RHEL-98760] {CVE-2024-58002}
- media: uvcvideo: Remove redundant NULL assignment (Desnes Nunes) [RHEL-98760]
- media: uvcvideo: Only save async fh if success (Desnes Nunes) [RHEL-98760]
- media: uvcvideo: Refactor iterators (Desnes Nunes) [RHEL-98760]
- media: uvcvideo: Fix double free in error path (CKI Backport Bot) [RHEL-98788] {CVE-2024-57980}
- cifs: potential buffer overflow in handling symlinks (Paulo Alcantara) [RHEL-97074] {CVE-2022-49058}
- Race between reading mdstat and stopping an md device (Nigel Croxon) [RHEL-95723]
- fs/dcache: Control # of dentries in list_lru_node (Waiman Long) [RHEL-8578]
- fs/dcache: Add sysctl parameter dentry-fs-klimit to control # of dentries in filesystem (Waiman Long) [RHEL-8578]
- mm/list_lru: Make list_lru_add() return # if items in affected list_lru_node (Waiman Long) [RHEL-8578]
Resolves: RHEL-100343, RHEL-84410, RHEL-8578, RHEL-87557, RHEL-95723, RHEL-97074, RHEL-98760, RHEL-98788

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-07-10 15:16:57 +02:00
Denys Vlasenko
02351734d3 kernel-rt-4.18.0-553.61.1.rt7.402.el8_10 
* Thu Jul 03 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.61.1.rt7.402.el8_10]
- [rt] build kernel-rt-4.18.0-553.61.1.rt7.402.el8_10
- s390: Add z17 elf platform (Christoph Schlameuss) [RHEL-100409]
- ext4: ignore xattrs past end (CKI Backport Bot) [RHEL-100375] {CVE-2025-37738}
- ext4: fix off-by-one error in do_split (CKI Backport Bot) [RHEL-100361] {CVE-2025-23150}
- net: atm: fix use after free in lec_send() (CKI Backport Bot) [RHEL-93119] {CVE-2025-22004}
- x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (CKI Backport Bot) [RHEL-98980] {CVE-2025-21991}
Resolves: RHEL-100361, RHEL-100375, RHEL-100409, RHEL-93119, RHEL-98980

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-07-03 15:23:56 +02:00
Denys Vlasenko
14e6b72c6f kernel-rt-4.18.0-553.60.1.rt7.401.el8_10 
* Thu Jun 26 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.60.1.rt7.401.el8_10]
- [rt] build kernel-rt-4.18.0-553.60.1.rt7.401.el8_10
- xfs: don't allocate COW extents when unsharing a hole (Brian Foster) [RHEL-83037]
- xfs: don't allocate into the data fork for an unshare request (Brian Foster) [RHEL-83037]
- s390/ism: add release function for struct device (Mete Durlu) [RHEL-97192]
- udf: Fix a slab-out-of-bounds write bug in udf_find_entry() (CKI Backport Bot) [RHEL-99113] {CVE-2022-49846}
Resolves: RHEL-83037, RHEL-97192, RHEL-99113

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-06-26 20:13:45 +02:00
Denys Vlasenko
a45fde16e6 kernel-rt-4.18.0-553.59.1.rt7.400.el8_10 
* Thu Jun 19 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.59.1.rt7.400.el8_10]
- [rt] build kernel-rt-4.18.0-553.59.1.rt7.400.el8_10
- SUNRPC: Fix Oops in xs_tcp_send_request() when transport is disconnected (Olga Kornievskaia) [RHEL-83291]
- SUNRPC: Set TCP_CORK until the transmit queue is empty (Olga Kornievskaia) [RHEL-83291]
- tcp: add tcp_sock_set_cork (Olga Kornievskaia) [RHEL-83291]
- xfs: xfs_ail_push_all_sync() stalls when racing with updates (Brian Foster) [RHEL-88132]
- Bluetooth: Fix use after free in hci_send_acl (CKI Backport Bot) [RHEL-90428] {CVE-2022-49111}
- Bluetooth: MGMT: Fix failing to MGMT_OP_ADD_UUID/MGMT_OP_REMOVE_UUID (David Marlin) [RHEL-90468] {CVE-2022-49136}
- Bluetooth: hci_sync: add lock to protect HCI_UNREGISTER (David Marlin) [RHEL-90468] {CVE-2022-49136}
- Bluetooth: hci_sync: Only allow hci_cmd_sync_queue if running (David Marlin) [RHEL-90468] {CVE-2022-49136}
- Bluetooth: Cancel sync command before suspend and power off (David Marlin) [RHEL-90468] {CVE-2022-49136}
- Bluetooth: hci_sync: Fix queuing commands when HCI_UNREGISTER is set (CKI Backport Bot) [RHEL-90468] {CVE-2022-49136}
- fix backport of "filelock: Remove locks reliably when fcntl/close race is detected" (Scott Mayhew) [RHEL-89709]
- NFSv4: Allow FREE_STATEID to clean up delegations (Benjamin Coddington) [RHEL-86932]
- NFSv4.1: constify the stateid argument in nfs41_test_stateid() (Trond Myklebust) [RHEL-86932]
Resolves: RHEL-83291, RHEL-86932, RHEL-88132, RHEL-89709, RHEL-90428, RHEL-90468

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-06-19 15:17:46 +02:00
Denys Vlasenko
4795ae103b kernel-rt-4.18.0-553.58.1.rt7.399.el8_10 
* Thu Jun 12 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.58.1.rt7.399.el8_10]
- [rt] build kernel-rt-4.18.0-553.58.1.rt7.399.el8_10
- ndisc: use RCU protection in ndisc_alloc_skb() (Xin Long) [RHEL-89535] {CVE-2025-21764}
- ipv6: use RCU protection in ip6_default_advmss() (Xin Long) [RHEL-89535] {CVE-2025-21765}
- net: add dev_net_rcu() helper (Xin Long) [RHEL-89535] {CVE-2025-21765}
- net: treat possible_net_t net pointer as an RCU one and add read_pnet_rcu() (Xin Long) [RHEL-89535]
- idpf: check error for register_netdev() on init (Michal Schmidt) [RHEL-71182] {CVE-2025-22116}
- idpf: avoid mailbox timeout delays during reset (Michal Schmidt) [RHEL-71182]
- idpf: fix a race in txq wakeup (Michal Schmidt) [RHEL-71182]
- idpf: fix idpf_vport_splitq_napi_poll() (Michal Schmidt) [RHEL-71182]
- idpf: fix null-ptr-deref in idpf_features_check (Michal Schmidt) [RHEL-71182]
- idpf: protect shutdown from reset (Michal Schmidt) [RHEL-71182]
- idpf: fix potential memory leak on kcalloc() failure (Michal Schmidt) [RHEL-71182]
- idpf: fix offloads support for encapsulated packets (Michal Schmidt) [RHEL-71182]
- idpf: fix adapter NULL pointer dereference on reboot (Michal Schmidt) [RHEL-71182] {CVE-2025-22065}
- idpf: fix checksums set in idpf_rx_rsc() (Michal Schmidt) [RHEL-71182] {CVE-2025-21890}
- idpf: fix handling rsc packet with a single segment (Michal Schmidt) [RHEL-71182]
- idpf: add more info during virtchnl transaction timeout/salt mismatch (Michal Schmidt) [RHEL-71182]
- idpf: convert workqueues to unbound (Michal Schmidt) [RHEL-71182] {CVE-2024-58057}
- idpf: Acquire the lock before accessing the xn->salt (Michal Schmidt) [RHEL-71182]
- idpf: fix transaction timeouts on reset (Michal Schmidt) [RHEL-71182]
- idpf: add read memory barrier when checking descriptor done bit (Michal Schmidt) [RHEL-71182]
- idpf: deinit virtchnl transaction manager after vport and vectors (Michal Schmidt) [RHEL-71182]
- idpf: use actual mbx receive payload length (Michal Schmidt) [RHEL-71182]
- idpf: call set_real_num_queues in idpf_open (Michal Schmidt) [RHEL-71182 RHEL-90849]
- idpf: fix idpf_vc_core_init error path (Michal Schmidt) [RHEL-68233 RHEL-71182 RHEL-90846] {CVE-2024-53064}
- idpf: avoid vport access in idpf_get_link_ksettings (Michal Schmidt) [RHEL-71182 RHEL-90846] {CVE-2024-50274}
- idpf: fix netdev Tx queue stop/wake (Michal Schmidt) [RHEL-71182]
- idpf: fix UAFs when destroying the queues (Michal Schmidt) [RHEL-71182] {CVE-2024-44932}
- idpf: fix memleak in vport interrupt configuration (Michal Schmidt) [RHEL-71182]
- idpf: fix memory leaks and crashes while performing a soft reset (Michal Schmidt) [RHEL-71182] {CVE-2024-44964}
- idpf: compile singleq code only under default-n CONFIG_IDPF_SINGLEQ (Michal Schmidt) [RHEL-71182]
- redhat/configs: set CONFIG_IDPF_SINGLEQ as disabled (Michal Schmidt) [RHEL-71182]
- idpf: merge singleq and splitq &net_device_ops (Michal Schmidt) [RHEL-71182]
- idpf: avoid bloating &idpf_q_vector with big %%NR_CPUS (Michal Schmidt) [RHEL-71182]
- idpf: split &idpf_queue into 4 strictly-typed queue structures (Michal Schmidt) [RHEL-71182]
- idpf: remove legacy Page Pool Ethtool stats (Michal Schmidt) [RHEL-71182]
- net: remove gfp_mask from napi_alloc_skb() [idpf] (Michal Schmidt) [RHEL-71182]
- idpf: stop using macros for accessing queue descriptors (Michal Schmidt) [RHEL-71182]
- idpf: don't enable NAPI and interrupts prior to allocating Rx buffers (Michal Schmidt) [RHEL-71182]
- idpf: Interpret .set_channels() input differently (Michal Schmidt) [RHEL-71182]
- idpf: make virtchnl2.h self-contained (Michal Schmidt) [RHEL-71182]
- s390/pci: Serialize device addition and removal (Mete Durlu) [RHEL-95783]
- s390/pci: Allow re-add of a reserved but not yet removed device (Mete Durlu) [RHEL-95783]
- s390/pci: Prevent self deletion in disable_slot() (Mete Durlu) [RHEL-95783]
- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (Mete Durlu) [RHEL-95783]
- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (Mete Durlu) [RHEL-95783]
- s390/pci: Fix missing check for zpci_create_device() error return (Mete Durlu) [RHEL-95783]
- s390/pci: Fix potential double remove of hotplug slot (Mete Durlu) [RHEL-95783]
- s390/pci: remove hotplug slot when releasing the device (Mete Durlu) [RHEL-95783]
- s390/pci: introduce lock to synchronize state of zpci_dev's (Mete Durlu) [RHEL-95783]
- s390/pci: rename lock member in struct zpci_dev (Mete Durlu) [RHEL-95783]
Resolves: RHEL-68233, RHEL-71182, RHEL-89535, RHEL-90846, RHEL-90849, RHEL-95783

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-06-12 17:03:05 +02:00
Denys Vlasenko
d6eb057015 kernel-rt-4.18.0-553.57.1.rt7.398.el8_10 
* Thu Jun 05 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.57.1.rt7.398.el8_10]
- [rt] build kernel-rt-4.18.0-553.57.1.rt7.398.el8_10
- smb: client: fix warning in cifs_smb3_do_mount() (Paulo Alcantara) [RHEL-55825]
- cifs: fix double free race when mount fails in cifs_get_root() (Paulo Alcantara) [RHEL-55825] {CVE-2022-48919}
- security/keys: fix slab-out-of-bounds in key_task_permission (CKI Backport Bot) [RHEL-68090] {CVE-2024-50301}
Resolves: RHEL-55825, RHEL-68090

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-06-05 18:06:15 +02:00
Denys Vlasenko
92bde7d79c kernel-rt-4.18.0-553.56.1.rt7.397.el8_10 
* Sun Jun 01 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.56.1.rt7.397.el8_10]
- [rt] build kernel-rt-4.18.0-553.56.1.rt7.397.el8_10
- tools/power/x86_energy_perf_policy: Read energy_perf_bias from sysfs (David Arcari) [RHEL-86963]
- um: Fix out-of-bounds read in LDT setup (CKI Backport Bot) [RHEL-90261] {CVE-2022-49395}
Resolves:RHEL-86963, RHEL-90261

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-06-01 13:41:35 +02:00
Denys Vlasenko
5232ac1e83 kernel-rt-4.18.0-553.55.1.rt7.396.el8_10 
* Fri May 23 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.55.1.rt7.396.el8_10]
- [rt] build kernel-rt-4.18.0-553.55.1.rt7.396.el8_10
- sched/fair: Fix CPU bandwidth limit bypass during CPU hotplug (Phil Auld) [RHEL-85171]
Resolves: RHEL-85171

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-05-23 12:44:39 +02:00
Denys Vlasenko
2ebefd6478 kernel-rt-4.18.0-553.54.1.rt7.395.el8_10 
* Thu May 15 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.54.1.rt7.395.el8_10]
- [rt] build kernel-rt-4.18.0-553.54.1.rt7.395.el8_10
- ice: fix stats being updated by way too large values (CKI Backport Bot) [RHEL-70834]
- wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() (CKI Backport Bot) [RHEL-54802] {CVE-2024-43842}
- sched/rt: Fix race in push_rt_task (Phil Auld) [RHEL-84963]
Resolves: RHEL-54802, RHEL-70834, RHEL-84963

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-05-15 22:26:32 +02:00
Denys Vlasenko
02ebd753da kernel-rt-4.18.0-553.53.1.rt7.394.el8_10 
* Fri May 09 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.53.1.rt7.394.el8_10]
- [rt] build kernel-rt-4.18.0-553.53.1.rt7.394.el8_10 [RHEL-90380]
- net/mlx5: Always stop health timer during driver removal (Michal Schmidt) [RHEL-47712] {CVE-2024-40906}
- net/mlx5: Split function_setup() to enable and open functions (Michal Schmidt) [RHEL-47712]
- net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (Michal Schmidt) [RHEL-57117] {CVE-2024-44970}
- net/mlx5e: SHAMPO, Fix incorrect page release (Michal Schmidt) [RHEL-57117] {CVE-2024-46717}
- s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (Mete Durlu) [RHEL-88819]
- platform/x86: dell-wmi-sysman: Make init_bios_attributes() ACPI object parsing more robust (Jay Shin) [RHEL-88714]
- platform/x86: dell-wmi-sysman: Cleanup create_attributes_level_sysfs_files() (Jay Shin) [RHEL-88714]
- platform/x86: dell-wmi-sysman: Make sysman_init() return -ENODEV of the interfaces are not found (Jay Shin) [RHEL-88714]
- platform/x86: dell-wmi-sysman: Cleanup sysman_init() error-exit handling (Jay Shin) [RHEL-88714]
- platform/x86: dell-wmi-sysman: Fix release_attributes_data() getting called twice on init_bios_attributes() failure (Jay Shin) [RHEL-88714]
- platform/x86: dell-wmi-sysman: Make it safe to call exit_foo_attributes() multiple times (Jay Shin) [RHEL-88714]
- platform/x86: dell-wmi-sysman: Fix possible NULL pointer deref on exit (Jay Shin) [RHEL-88714]
- platform/x86: dell-wmi-sysman: Fix crash caused by calling kset_unregister twice (Jay Shin) [RHEL-88714]
- x86/kexec: Add EFI config table identity mapping for kexec kernel (Herton R. Krzesinski) [RHEL-71793]
- vsock: Orphan socket after transport release (Jay Shin) [RHEL-89099] {CVE-2025-21756}
- vsock: Keep the binding until socket destruction (Jay Shin) [RHEL-89099] {CVE-2025-21756}
- bpf, vsock: Invoke proto::close on close() (Jay Shin) [RHEL-89099] {CVE-2025-21756}
Resolves: RHEL-90380

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-05-09 12:28:33 +02:00
Denys Vlasenko
418ecc3067 kernel-rt-4.18.0-553.52.1.rt7.393.el8_10 
* Thu May 01 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.52.1.rt7.393.el8_10]
- [rt] build kernel-rt-4.18.0-553.52.1.rt7.393.el8_10 [RHEL-89372]
- netfilter: ipset: add missing range check in bitmap_ip_uadt (Florian Westphal) [RHEL-70268] {CVE-2024-53141}
- NFS: Extend rdirplus mount option with "force|none" (Benjamin Coddington) [RHEL-16285]
- idpf: trigger SW interrupt when exiting wb_on_itr mode (Michal Schmidt) [RHEL-73266]
- idpf: add support for SW triggered interrupts (Michal Schmidt) [RHEL-73266]
- idpf: fix VF dynamic interrupt ctl register initialization (Michal Schmidt) [RHEL-73266]
- idpf: enable WB_ON_ITR (Michal Schmidt) [RHEL-73266]
- redhat: require recent enough linux-firmware for qed (Denys Vlasenko) [RHEL-6342]
- gfs2: deallocate inodes in gfs2_create_inode (Andreas Gruenbacher) [RHEL-7875]
- gfs2: Move GIF_ALLOC_FAILED check out of gfs2_ea_dealloc (Andreas Gruenbacher) [RHEL-7875]
- gfs2: Move gfs2_dinode_dealloc (Andreas Gruenbacher) [RHEL-7875]
- gfs2: Don't reread inodes unnecessarily (Andreas Gruenbacher) [RHEL-7875]
- gfs2: gfs2_create_inode error handling fix (Andreas Gruenbacher) [RHEL-7875]
- gfs2: No longer use 'extern' in function declarations (Andreas Gruenbacher) [RHEL-7875]
- hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() (CKI Backport Bot) [RHEL-63668] {CVE-2022-49011}
Resolves: RHEL-89372

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-05-01 20:35:43 +02:00
Denys Vlasenko
cb325d5a09 kernel-rt-4.18.0-553.51.1.rt7.392.el8_10 
* Thu Apr 24 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.51.1.rt7.392.el8_10]
- [rt] build kernel-rt-4.18.0-553.51.1.rt7.392.el8_10 [RHEL-88408]
- x86/xen: use the whole RCX when picking the right hypercall function (Vitaly Kuznetsov) [RHEL-87072]
- Revert "usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB" (Desnes Nunes) [RHEL-87280]
Resolves: RHEL-88408

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-04-24 10:28:12 +02:00
Denys Vlasenko
c6882475e6 kernel-rt-4.18.0-553.50.1.rt7.391.el8_10 
* Thu Apr 10 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.50.1.rt7.391.el8_10]
- [rt] build kernel-rt-4.18.0-553.50.1.rt7.391.el8_10 [RHEL-85282]
- perf debug: Set debug_peo_args and redirect_to_stderr variable to correct values in perf_quiet_option() (Michael Petlan) [RHEL-82119]
- ALSA: usb-audio: Fix out of bounds reads when finding clock sources (Jarod Wilson) [RHEL-86737] {CVE-2024-53150}
- scsi: storvsc: Set correct data length for sending SCSI command without payload (Cathy Avery) [RHEL-83052]
- ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (Michal Schmidt) [RHEL-85852]
- ice: avoid the PTP hardware semaphore in gettimex64 path (Michal Schmidt) [RHEL-85852]
- ice: add ice_adapter for shared data across PFs on the same NIC (Michal Schmidt) [RHEL-85852]
Resolves: RHEL-85282

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-04-10 20:33:12 +02:00
Denys Vlasenko
38184cd0eb kernel-rt-4.18.0-553.49.1.rt7.390.el8_10 
* Thu Apr 03 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.49.1.rt7.390.el8_10]
- [rt] build kernel-rt-4.18.0-553.49.1.rt7.390.el8_10 [RHEL-85282]
- net/mlx5: Fix error path in multi-packet WQE transmit (CKI Backport Bot) [RHEL-84244]
- redhat: drop Y issues from changelog (Jan Stancek)
- md/md-bitmap: fix writing non bitmap changes local to RHEL (Nigel Croxon) [RHEL-80673]
- md/md-bitmap: fix writing non bitmap pages (Nigel Croxon) [RHEL-80673]
- md-bitmap: use %%pD to print the file name in md_bitmap_file_kick (Nigel Croxon) [RHEL-80673]
- md-bitmap: initialize variables at declaration time in md_bitmap_file_unmap (Nigel Croxon) [RHEL-80673]
- md-bitmap: set BITMAP_WRITE_ERROR in write_sb_page (Nigel Croxon) [RHEL-80673]
- raid1: update discard granularity when adding new disk (Nigel Croxon) [RHEL-71499]
- x86/xen: remove hypercall page (Vitaly Kuznetsov) [RHEL-70666] {CVE-2024-53241}
- x86/xen: use new hypercall functions instead of hypercall page (Vitaly Kuznetsov) [RHEL-70666] {CVE-2024-53241}
Resolves: RHEL-85282

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-04-03 14:58:51 +02:00
Denys Vlasenko
a96584e945 kernel-rt-4.18.0-553.48.1.rt7.389.el8_10 
* Thu Mar 27 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.48.1.rt7.389.el8_10]
- [rt] build kernel-rt-4.18.0-553.48.1.rt7.389.el8_10 [RHEL-85282]
- rhel-8.10: gate kernel on kernel-qe tests results not cki ones (Bruno Goncalves)
- gfs2: skip if we cannot defer delete (Andreas Gruenbacher) [RHEL-76208]
- gfs2: remove redundant warnings (Andreas Gruenbacher) [RHEL-76208]
- gfs2: minor evict fix (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Prevent inode creation race (2) (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Fix additional unlikely request cancelation race (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Fix request cancelation bug (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Check for empty queue in run_queue (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Remove more dead code in add_to_queue (Andreas Gruenbacher) [RHEL-76208]
- gfs2: remove dead code in add_to_queue (Su Hui) [RHEL-76208]
- gfs2: Remove LM_FLAG_PRIORITY flag (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Replace GIF_DEFER_DELETE with GLF_DEFER_DELETE (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Add GLF_PENDING_REPLY flag (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Remove and replace gfs2_glock_queue_work (Andreas Gruenbacher) [RHEL-76208]
- gfs2: do_xmote fixes (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Clear flags when withdraw prevents xmote (Bob Peterson) [RHEL-76208]
- gfs2: fix a deadlock on withdraw-during-mount (Bob Peterson) [RHEL-76208]
- gfs2: gfs2_evict_inode clarification (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Remove misleading comments in gfs2_evict_inode (Andreas Gruenbacher) [RHEL-76208]
Resolves: RHEL-85282

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-03-27 17:55:40 +01:00
Denys Vlasenko
bce50f7ee8 kernel-rt-4.18.0-553.47.1.rt7.388.el8_10 
* Thu Mar 20 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.47.1.rt7.388.el8_10]
- [rt] build kernel-rt-4.18.0-553.47.1.rt7.388.el8_10 [RHEL-84273]
- nfs: don't invalidate dentries on transient errors (Scott Mayhew) [RHEL-78136]
- ethtool: runtime-resume netdev parent before ethtool ioctl ops (John J Coleman) [RHEL-78156]
- bpf: Use raw_spinlock_t in ringbuf (Viktor Malik) [RHEL-79911] {CVE-2024-50138}
Resolves: RHEL-84273

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-03-20 12:39:18 +01:00
Denys Vlasenko
b39dabf4bf kernel-rt-4.18.0-553.46.1.rt7.387.el8_10 
* Thu Mar 13 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.46.1.rt7.387.el8_10]
- [rt] build kernel-rt-4.18.0-553.46.1.rt7.387.el8_10 [RHEL-83409]
- s390/pci: Fix handling of isolated VFs (Mete Durlu) [RHEL-81934]
- s390/pci: Pull search for parent PF out of zpci_iov_setup_virtfn() (Mete Durlu) [RHEL-81934]
- s390/pci: Fix SR-IOV for PFs initially in standby (Mete Durlu) [RHEL-81934]
- x86/mm: Fix VDSO and VVAR placement on 5-level paging machines (Herton R. Krzesinski) [RHEL-62832]
- arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (CKI Backport Bot) [RHEL-82720] {CVE-2025-21785}
- nouveau/fence: handle cross device fences properly (Dave Airlie) [RHEL-80085]
Resolves: RHEL-83409

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-03-13 14:28:52 +01:00
Denys Vlasenko
da45ea4d0c kernel-rt-4.18.0-553.45.1.rt7.386.el8_10 
* Thu Mar 06 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.45.1.rt7.386.el8_10]
- [rt] build kernel-rt-4.18.0-553.45.1.rt7.386.el8_10 [RHEL-81037]
- gve: trigger RX NAPI instead of TX NAPI in gve_xsk_wakeup (Joshua Washington) [RHEL-73269]
- gve: process XSK TX descriptors as part of RX NAPI (Joshua Washington) [RHEL-73269]
- gve: guard XSK operations on the existence of queues (Joshua Washington) [RHEL-73269]
- gve: guard XDP xmit NDO on existence of xdp queues (Joshua Washington) [RHEL-73269]
- gve: Fix an edge case for TSO skb validity check (Joshua Washington) [RHEL-73269]
- gve: Fix XDP TX completion handling when counters overflow (Joshua Washington) [RHEL-73269]
- gve: Clear napi->skb before dev_kfree_skb_any() (Joshua Washington) [RHEL-73269] {CVE-2024-40937}
- gve: ignore nonrelevant GSO type bits when processing TSO headers (Joshua Washington) [RHEL-73269]
- can: bcm: Fix UAF in bcm_proc_show() (CKI Backport Bot) [RHEL-80733] {CVE-2023-52922}
- gfs2: glock holder GL_NOPID fix (Andreas Gruenbacher) [RHEL-80694]
- gfs2: Decode missing glock flags in tracepoints (Andreas Gruenbacher) [RHEL-80694]
- net/smc: support ipv4 mapped ipv6 addr client for smc-r v2 (Mete Durlu) [RHEL-79810]
- net: smc: fix spurious error message from __sock_release() (Mete Durlu) [RHEL-79812]
Resolves: RHEL-81037

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-03-06 13:43:24 +01:00
Denys Vlasenko
8b48afe973 kernel-rt-4.18.0-553.44.1.rt7.385.el8_10 
* Wed Mar 05 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.44.1.rt7.385.el8_10]
- [rt] build kernel-rt-4.18.0-553.44.1.rt7.385.el8_10 [RHEL-81037]
- HID: core: zero-initialize the report buffer (CKI Backport Bot) [RHEL-81825] {CVE-2024-50302}
- ALSA: usb-audio: Fix a DMA to stack memory bug (Jaroslav Kysela) [RHEL-81786]
- ALSA: usb-audio: Fix for sampling rates support for Mbox3 (Jaroslav Kysela) [RHEL-81786]
- ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (Jaroslav Kysela) [RHEL-81786] {CVE-2024-53197}
- ALSA: usb-audio: Add sampling rates support for Mbox3 (Jaroslav Kysela) [RHEL-81786]
Resolves: RHEL-81037

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-03-05 14:50:52 +01:00
Denys Vlasenko
f7fd575368 kernel-rt-4.18.0-553.43.1.rt7.384.el8_10 
* Thu Feb 27 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.43.1.rt7.384.el8_10]
- [rt] build kernel-rt-4.18.0-553.43.1.rt7.384.el8_10 [RHEL-81037]
- s390/module: fix loading modules with a lot of relocations (Mete Durlu) [RHEL-78999]
- s390/module: Use s390_kernel_write() for late relocations (Mete Durlu) [RHEL-78999]
- locking/atomic: Make test_and_*_bit() ordered on failure (Herton R. Krzesinski) [RHEL-69894]
- pps: Fix a use-after-free (Michal Schmidt) [RHEL-77971]
- KVM: s390: Change virtual to physical address access in diag 0x258 handler (Thomas Huth) [RHEL-68323 RHEL-65229]
- KVM: s390: gaccess: Check if guest address is in memslot (Thomas Huth) [RHEL-68323 RHEL-65229]
- KVM: s390: Fix SORTL and DFLTCC instruction format error in __insn32_query (Thomas Huth) [RHEL-68323 RHEL-65229]
- s390/uv: Panic for set and remove shared access UVC errors (Thomas Huth) [RHEL-68323 RHEL-65229]
- KVM: s390: vsie: Use virt_to_phys for crypto control block (Thomas Huth) [RHEL-68323 RHEL-65229]
- KVM: s390: vsie: Use virt_to_phys for facility control block (Thomas Huth) [RHEL-68323 RHEL-65229]
- scsi: megaraid_sas: Fix for a potential deadlock (Tomas Henzl) [RHEL-21984] {CVE-2024-57807}
- net/mlx5: Reload auxiliary devices in pci error handlers (Benjamin Poirier) [RHEL-78756]
- net/mlx5: Suspend auxiliary devices only in case of PCI device suspend (Benjamin Poirier) [RHEL-78756]
Resolves: RHEL-81037

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-02-27 05:56:56 +01:00
Denys Vlasenko
f2605423a6 kernel-rt-4.18.0-553.42.1.rt7.383.el8_10 
* Thu Feb 20 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.42.1.rt7.383.el8_10]
- [rt] build kernel-rt-4.18.0-553.42.1.rt7.383.el8_10 [RHEL-79698]
- net: skb: exclude the single page frag cache for too small alloc (Paolo Abeni) [RHEL-66261]
- NFSD: Reset cb_seq_status after NFS4ERR_DELAY (Olga Kornievskaia) [RHEL-79458]
- mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() (Seiji Nishikawa) [RHEL-64950]
- scsi: st: Don't set pos_unknown just after device recognition (John Meneghini) [RHEL-78415]
- ovl: fix use inode directly in rcu-walk mode (Miklos Szeredi) [RHEL-76161]
- RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP (Kamal Heib) [RHEL-75826]
Resolves: RHEL-79698

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-02-20 10:23:12 +01:00
Denys Vlasenko
8a2a71dfaf kernel-rt-4.18.0-553.41.1.rt7.382.el8_10 
* Fri Feb 14 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.41.1.rt7.382.el8_10]
- [rt] build kernel-rt-4.18.0-553.41.1.rt7.382.el8_10 [RHEL-79698]
- virtio-net: correctly enable callback during start_xmit (Laurent Vivier) [RHEL-72886]
- dm snapshot: fix lockup in dm_exception_table_exit (Benjamin Marzinski) [RHEL-76230 RHEL-34599]
Resolves: RHEL-79698

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-02-14 22:20:46 +01:00
Denys Vlasenko
9c384ab84e kernel-rt-4.18.0-553.40.1.rt7.381.el8_10 
* Thu Feb 06 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.40.1.rt7.381.el8_10]
- [rt] build kernel-rt-4.18.0-553.40.1.rt7.381.el8_10 [RHEL-76054]
- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (Desnes Nunes) [RHEL-69571] {CVE-2024-53104}
Resolves: RHEL-76054

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-02-06 20:11:04 +01:00
Denys Vlasenko
75c9382aeb kernel-rt-4.18.0-553.39.1.rt7.380.el8_10 
* Fri Jan 31 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.39.1.rt7.380.el8_10]
- [rt] build kernel-rt-4.18.0-553.39.1.rt7.380.el8_10 [RHEL-76054]
- gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (Andreas Gruenbacher) [RHEL-73915]
Resolves: RHEL-76054

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-01-31 02:14:35 +01:00
Denys Vlasenko
84991ffbb3 kernel-rt-4.18.0-553.38.1.rt7.379.el8_10 
* Thu Jan 23 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.38.1.rt7.379.el8_10]
- [rt] build kernel-rt-4.18.0-553.38.1.rt7.379.el8_10 [RHEL-76054]
- net: usb: lan78xx: add Allied Telesis AT29M2-AF (Jose Ignacio Tornos Martinez) [RHEL-70891]
- s390/pci: Allow allocation of more than 1 MSI interrupt (Mete Durlu) [RHEL-74385]
- s390/pci: Refactor arch_setup_msi_irqs() (Mete Durlu) [RHEL-74385]
- s390/pci: Fix leak of struct zpci_dev when zpci_add_device() fails (Mete Durlu) [RHEL-71451]
- s390/pci: Ignore RID for isolated VFs (Mete Durlu) [RHEL-71451]
- s390/pci: Use topology ID for multi-function devices (Mete Durlu) [RHEL-71451]
- s390/pci: Sort PCI functions prior to creating virtual busses (Mete Durlu) [RHEL-71451]
- s390/iucv: MSG_PEEK causes memory leak in iucv_sock_destruct() (Mete Durlu) [RHEL-74387]
- s390/pci: Handle PCI error codes other than 0x3a (Mete Durlu) [RHEL-74383]
Resolves: RHEL-76054

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-01-23 16:35:56 +01:00
Denys Vlasenko
615ad1d8df kernel-rt-4.18.0-553.37.1.rt7.378.el8_10 
* Fri Jan 17 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.37.1.rt7.378.el8_10]
- [rt] build kernel-rt-4.18.0-553.37.1.rt7.378.el8_10 [RHEL-74366]
- arm64/sve: Discard stale CPU state when handling SVE traps (Mark Salter) [RHEL-71535] {CVE-2024-50275}
- scsi: core: Handle devices which return an unusually large VPD page count (Ewan D. Milne) [RHEL-34275]
- scsi: core: Fix unremoved procfs host directory regression (Ewan D. Milne) [RHEL-34275]
- scsi: core: Consult supported VPD page list prior to fetching page (Ewan D. Milne) [RHEL-34275]
- NFSv4: Fix dropped lock for racing OPEN and delegation return (Benjamin Coddington) [RHEL-73889]
Resolves: RHEL-74366

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-01-17 12:50:36 +01:00
Denys Vlasenko
276fb31faf kernel-rt-4.18.0-553.36.1.rt7.377.el8_10 
* Thu Jan 09 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.36.1.rt7.377.el8_10]
- [rt] build kernel-rt-4.18.0-553.36.1.rt7.377.el8_10 [RHEL-73392]
- cpufreq: intel_pstate: Support Emerald Rapids OOB mode (David Arcari) [RHEL-59649]
- scsi: st: New session only when Unit Attention for new tape (John Meneghini) [RHEL-28790]
- scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after device reset (John Meneghini) [RHEL-28790]
- scsi: st: Don't modify unknown block number in MTIOCGET (John Meneghini) [RHEL-28790]
- Reapply "scsi: st: Add third party poweron reset handling" (John Meneghini) [RHEL-28790]
Resolves: RHEL-73392

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-01-09 18:22:52 +01:00
Denys Vlasenko
e11211e454 kernel-rt-4.18.0-553.35.1.rt7.376.el8_10 
* Thu Jan 02 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.35.1.rt7.376.el8_10]
- [rt] build kernel-rt-4.18.0-553.35.1.rt7.376.el8_10 [RHEL-72569]
- samples: pktgen: allow to specify destination port (Hangbin Liu) [RHEL-56480]
- samples: pktgen: add some helper functions for port parsing (Hangbin Liu) [RHEL-56480]
- scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (Cathy Avery) [RHEL-71396]
- scsi: storvsc: Handle additional SRB status values (Cathy Avery) [RHEL-71396]
Resolves: RHEL-72569

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2025-01-02 15:07:27 +01:00
Denys Vlasenko
e553e07271 kernel-rt-4.18.0-553.34.1.rt7.375.el8_10 
* Thu Dec 12 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.34.1.rt7.375.el8_10]
- [rt] build kernel-rt-4.18.0-553.34.1.rt7.375.el8_10 [RHEL-71211]
- mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (Davide Caratti) [RHEL-69667] {CVE-2024-53122}
- NFS: nfs_async_write_reschedule_io must not recurse into the writeback code (Benjamin Coddington) [RHEL-68647]
- xfs: fix sparse inode limits on runt AG (Pavel Reichl) [RHEL-62924]
- KVM: SVM: Get source vCPUs from source VM for SEV-ES intrahost migration (Maxim Levitsky) [RHEL-67974]
- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (Vitaly Kuznetsov) [RHEL-65362]
- dlm: fix recovery of middle conversions (Alexander Aring) [RHEL-64860]
- i40e: fix race condition by adding filter's intermediate sync state (Michal Schmidt) [RHEL-68271] {CVE-2024-53088}
- i40e: fix i40e_count_filters() to count only active/new filters (Michal Schmidt) [RHEL-68271] {CVE-2024-53088}
Resolves: RHEL-71211

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2024-12-12 21:13:12 +01:00
Denys Vlasenko
ec63623b27 kernel-rt-4.18.0-553.33.1.rt7.374.el8_10 
* Fri Dec 06 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.33.1.rt7.374.el8_10]
- [rt] build kernel-rt-4.18.0-553.33.1.rt7.374.el8_10 [RHEL-70219]
- Revert "scsi: lpfc: Fix mbuf pool resource detected as busy at driver unload" This patch is dependent on the mbox refactor patch that was not added to rh8. (Dick Kennedy) [RHEL-64073]
- drm/i915: Fix HPD polling, reenabling the output poll work as needed (Lyude Paul) [RHEL-62796]
- drm: Add an HPD poll helper to reschedule the poll work (Lyude Paul) [RHEL-62796]
Resolves: RHEL-70219

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2024-12-06 12:59:34 +01:00
Denys Vlasenko
552b1857c9 kernel-rt-4.18.0-553.32.1.rt7.373.el8_10 
* Fri Nov 29 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.32.1.rt7.373.el8_10]
- [rt] build kernel-rt-4.18.0-553.32.1.rt7.373.el8_10 [RHEL-68615]
- irqchip/gic-v4: Correctly deal with set_affinity on lazily-mapped VPEs (Charles Mirabile) [RHEL-66965] {CVE-2024-50192}
- irqchip/gic-v4: Don't allow a VMOVP on a dying VPE (Charles Mirabile) [RHEL-66965] {CVE-2024-50192}
- blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race (Ming Lei) [RHEL-65158] {CVE-2024-50082}
- gfs2: fix double destroy_workqueue error (Andreas Gruenbacher) [RHEL-62869]
- Revert "GFS2: Don't add all glocks to the lru" (Andreas Gruenbacher) [RHEL-62869]
- gfs2: Use list_move_tail instead of list_del/list_add_tail (Andreas Gruenbacher) [RHEL-62869]
- gfs2: Revise glock reference counting model (Andreas Gruenbacher) [RHEL-62869]
- gfs2: Switch to a per-filesystem glock workqueue (Andreas Gruenbacher) [RHEL-62869]
- gfs2: Report when glocks cannot be freed for a long time (Andreas Gruenbacher) [RHEL-62869]
- gfs2: gfs2_glock_get cleanup (Andreas Gruenbacher) [RHEL-62869]
- gfs2: Invert the GLF_INITIAL flag (Andreas Gruenbacher) [RHEL-62869]
- gfs2: Rename handle_callback to request_demote (Andreas Gruenbacher) [RHEL-62869]
- gfs2: Rename GLF_FROZEN to GLF_HAVE_FROZEN_REPLY (Andreas Gruenbacher) [RHEL-62869]
- gfs2: Rename GLF_REPLY_PENDING to GLF_HAVE_REPLY (Andreas Gruenbacher) [RHEL-62869]
- gfs2: Rename GLF_FREEING to GLF_UNLOCKED (Andreas Gruenbacher) [RHEL-62869]
- gfs2: Remove useless return statement in run_queue (Andreas Gruenbacher) [RHEL-62869]
- gfs2: Remove unnecessary function prototype (Andreas Gruenbacher) [RHEL-62869]
- gfs2: finish_xmote cleanup (Andreas Gruenbacher) [RHEL-62869]
- gfs2: Replace gfs2_glock_queue_put with gfs2_glock_put_async (Andreas Gruenbacher) [RHEL-62869]
- KVM: selftests: memslot_perf_test: increase guest sync timeout (Maxim Levitsky) [RHEL-19080]
- vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (Jon Maloy) [RHEL-68025] {CVE-2024-50264}
- md/raid5: Wait sync io to finish before changing group cnt (Nigel Croxon) [RHEL-58585]
Resolves: RHEL-68615

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2024-11-29 14:46:36 +01:00
Denys Vlasenko
bd4bddfebd kernel-rt-4.18.0-553.31.1.rt7.372.el8_10 
* Fri Nov 22 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.31.1.rt7.372.el8_10]
- [rt] build kernel-rt-4.18.0-553.31.1.rt7.372.el8_10 [RHEL-68615]
- xfrm: fix one more kernel-infoleak in algo dumping (Sabrina Dubroca) [RHEL-65955] {CVE-2024-50110}
- netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (Florian Westphal) [RHEL-66862] {CVE-2024-50256}
- netfilter: nf_reject: Fix build warning when CONFIG_BRIDGE_NETFILTER=n (Florian Westphal) [RHEL-66862]
- netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() (Florian Westphal) [RHEL-66862]
- cifs: fix return of uninitialized rc in dfs_cache_update_tgthint() (Paulo Alcantara) [RHEL-7988]
- cifs: handle cache lookup errors different than -ENOENT (Paulo Alcantara) [RHEL-7988]
- cifs: don't take exclusive lock for updating target hints (Paulo Alcantara) [RHEL-7988]
- cifs: avoid re-lookups in dfs_cache_find() (Paulo Alcantara) [RHEL-7988]
- cifs: fix potential deadlock in cache_refresh_path() (Paulo Alcantara) [RHEL-7988]
- cifs: don't refresh cached referrals from unactive mounts (Paulo Alcantara) [RHEL-7988]
- cifs: return ENOENT for DFS lookup_cache_entry() (Paulo Alcantara) [RHEL-7988]
- selinux,smack: don't bypass permissions check in inode_setsecctx hook (Ondrej Mosnacek) [RHEL-66104] {CVE-2024-46695}
- gfs2: Prevent inode creation race (Andreas Gruenbacher) [RHEL-67823]
- gfs2: Only defer deletes when we have an iopen glock (Andreas Gruenbacher) [RHEL-67823]
- arm64: probes: Remove broken LDR (literal) uprobe support (Mark Salter) [RHEL-66042] {CVE-2024-50099}
- net: avoid potential underflow in qdisc_pkt_len_init() with UFO (Davide Caratti) [RHEL-65399] {CVE-2024-49949}
- xfrm: validate new SA's prefixlen using SA family when sel.family is unset (Sabrina Dubroca) [RHEL-66457] {CVE-2024-50142}
Resolves: RHEL-68615

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2024-11-22 09:59:00 +01:00
Denys Vlasenko
cf38705883 kernel-rt-4.18.0-553.30.1.rt7.371.el8_10 
* Fri Nov 15 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.30.1.rt7.371.el8_10]
- [rt] build kernel-rt-4.18.0-553.30.1.rt7.371.el8_10 [RHEL-66248]
- locking/rtmutex: Use rt_mutex specific scheduler helpers (Daniel Vacek) [RHEL-63166]
- sched: Provide rt_mutex specific scheduler helpers (Daniel Vacek) [RHEL-63166]
- sched: Extract __schedule_loop() (Daniel Vacek) [RHEL-63166]
- media: edia: dvbdev: fix a use-after-free (Kate Hsuan) [RHEL-35763] {CVE-2024-27043}
- blk-mq: fix missing blk_account_io_done() in error path (Ming Lei) [RHEL-61200]
- rbd: don't assume rbd_is_lock_owner() for exclusive mappings (Ilya Dryomov) [RHEL-52684]
- rbd: don't assume RBD_LOCK_STATE_LOCKED for exclusive mappings (Ilya Dryomov) [RHEL-52684]
- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (Ilya Dryomov) [RHEL-52684]
- smb: client: use actual path when queryfs (Paulo Alcantara) [RHEL-60363]
- cifs: Fix uninitialized memory reads for oparms.mode (Paulo Alcantara) [RHEL-60363]
- cifs: Fix uninitialized memory read for smb311 posix symlink create (Paulo Alcantara) [RHEL-60363]
- cifs: convert the path to utf16 in smb2_query_info_compound (Paulo Alcantara) [RHEL-60363]
- autofs: fix thinko in validate_dev_ioctl() (Ian Kent) [RHEL-62168]
- autofs: add per dentry expire timeout (Ian Kent) [RHEL-62168]
- bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (Viktor Malik) [RHEL-44167] {CVE-2024-38564}
Resolves: RHEL-66248, RHEL-44168, RHEL-35764

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2024-11-15 01:14:06 +01:00
Denys Vlasenko
9ac84d5953 kernel-rt-4.18.0-553.29.1.rt7.370.el8_10 
* Thu Nov 07 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.29.1.rt7.370.el8_10]
- [rt] build kernel-rt-4.18.0-553.29.1.rt7.370.el8_10 [RHEL-66248]
- Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (cki-backport-bot) [RHEL-36372] {CVE-2024-27399}
- mptcp: pm: Fix uaf in __timer_delete_sync (Guillaume Nault) [RHEL-60614] {CVE-2024-46858}
- cifs: fix dfs link failover in cifs_tree_connect() (Paulo Alcantara) [RHEL-8002]
- locking/rtmutex: Prevent deadlock with `pa_lock` (Daniel Vacek) [RHEL-60475]
Resolves: RHEL-66248, RHEL-60475

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2024-11-07 10:39:28 +01:00
Denys Vlasenko
8a2a4cc6be kernel-rt-4.18.0-553.28.1.rt7.369.el8_10 
* Thu Oct 31 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.28.1.rt7.369.el8_10]
- [rt] build kernel-rt-4.18.0-553.28.1.rt7.369.el8_10 [RHEL-59541]
- s390/mm: Add cond_resched() to cmm_alloc/free_pages() (Mete Durlu) [RHEL-61702]
- smb: client: fix deadlock in smb2_find_smb_tcon() (Paulo Alcantara) [RHEL-61400]
- smb: client: fix potential deadlock when releasing mids (Paulo Alcantara) [RHEL-61400]
- cifs: remove useless DeleteMidQEntry() (Paulo Alcantara) [RHEL-61400]
- Bluetooth: af_bluetooth: Fix deadlock (CKI Backport Bot) [RHEL-58991]
- gitlab-ci: provide consistent kcidb_tree_name (Michael Hofmann)
- x86/mm/ident_map: Use gbpages only where full GB page should be mapped. (Nico Pache) [RHEL-26709]
- audit: Send netlink ACK before setting connection in auditd_set (Richard Guy Briggs) [RHEL-14004]
- KVM: selftests: x86: Fix test failure on arch lbr capable platforms (Maxim Levitsky) [RHEL-23999]
- raid1: fix use-after-free for original bio in raid1_write_request() (Nigel Croxon) [RHEL-55263]
Resolves: RHEL-59541

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2024-10-31 15:12:08 +01:00
Denys Vlasenko
11819d8bdf kernel-rt-4.18.0-553.27.1.rt7.368.el8_10 
* Thu Oct 17 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.27.1.rt7.368.el8_10]
- [rt] build kernel-rt-4.18.0-553.27.1.rt7.368.el8_10 [RHEL-59541]
- lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (Waiman Long) [RHEL-62139] {CVE-2024-47668}
- bonding: fix xfrm real_dev null pointer dereference (Hangbin Liu) [RHEL-57239] {CVE-2024-44989}
- bonding: fix null pointer deref in bond_ipsec_offload_ok (Hangbin Liu) [RHEL-57233] {CVE-2024-44990}
- bpf: Fix overrunning reservations in ringbuf (Viktor Malik) [RHEL-49414] {CVE-2024-41009}
- xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CKI Backport Bot) [RHEL-49309] {CVE-2022-48773}
- tty: tty_io: update timestamps on all device nodes (Aristeu Rozanski) [RHEL-55257]
- tty: use 64-bit timstamp (Aristeu Rozanski) [RHEL-55257]
- ELF: fix kernel.randomize_va_space double read (Rafael Aquini) [RHEL-60669] {CVE-2024-46826}
- xfrm: set dst dev to blackhole_netdev instead of loopback_dev in ifdown (Xin Long) [RHEL-58100]
- loopback: fix lockdep splat (Xin Long) [RHEL-58100]
- blackhole_netdev: use blackhole_netdev to invalidate dst entries (Xin Long) [RHEL-58100]
- loopback: create blackhole net device similar to loopack. (Xin Long) [RHEL-58100]
Resolves: RHEL-59541, RHEL-49310, RHEL-57240, RHEL-60670, RHEL-49415, RHEL-62139, RHEL-57234

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2024-10-17 19:28:21 +02:00
Denys Vlasenko
f6fef15267 kernel-rt-4.18.0-553.26.1.rt7.367.el8_10 
* Wed Oct 09 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.26.1.rt7.367.el8_10]
- [rt] build kernel-rt-4.18.0-553.26.1.rt7.367.el8_10 [RHEL-59541]
- nouveau: lock the client object tree. (Abdiel Janulgue) [RHEL-35118] {CVE-2024-27062}
- cifs: fix deadlock between reconnect and lease break (Paulo Alcantara) [RHEL-58037]
- ACPI: PAD: fix crash in exit_round_robin() (Mark Langsdorf) [RHEL-56156]
- gfs2: Randomize GLF_VERIFY_DELETE work delay (Andreas Gruenbacher) [RHEL-35757]
- gfs2: Use mod_delayed_work in gfs2_queue_try_to_evict (Andreas Gruenbacher) [RHEL-35757]
- gfs2: Update to the evict / remote delete documentation (Andreas Gruenbacher) [RHEL-35757]
- gfs2: Clean up delete work processing (Andreas Gruenbacher) [RHEL-35757]
- gfs2: Return enum evict_behavior from gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-35757]
- gfs2: Rename dinode_demise to evict_behavior (Andreas Gruenbacher) [RHEL-35757]
- gfs2: Rename GIF_{DEFERRED -> DEFER}_DELETE (Andreas Gruenbacher) [RHEL-35757]
- gfs2: Faster gfs2_upgrade_iopen_glock wakeups (Andreas Gruenbacher) [RHEL-35757]
- gfs2: Fix unlinked inode cleanup (Andreas Gruenbacher) [RHEL-35757]
- gfs2: Initialize gl_no_formal_ino earlier (Andreas Gruenbacher) [RHEL-35757]
- gfs2: Rename GLF_VERIFY_EVICT to GLF_VERIFY_DELETE (Andreas Gruenbacher) [RHEL-35757]
- gfs2: make timeout values more explicit (Wolfram Sang) [RHEL-35757]
- gfs2: Simplify function gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-35757]
- gfs2: Rename SDF_DEACTIVATING to SDF_KILL (Andreas Gruenbacher) [RHEL-35757]
- gfs2: Cease delete work during unmount (Bob Peterson) [RHEL-35757]
- gfs2: Improve gfs2_upgrade_iopen_glock comment (Andreas Gruenbacher) [RHEL-35757]
- gfs2: nit: gfs2_drop_inode shouldn't return bool (Bob Peterson) [RHEL-35757]
- dmaengine: fix NULL pointer in channel unregistration function (Jerry Snitselaar) [RHEL-28867] {CVE-2023-52492}
- dma-direct: Leak pages on dma_set_decrypted() failure (Jerry Snitselaar) [RHEL-37335] {CVE-2024-35939}
- nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (Olga Kornievskaia) [RHEL-41075]
- NFSv4: Always ask for type with READDIR (Benjamin Coddington) [RHEL-39397]
- cifs: get rid of unneeded conditional in cifs_get_num_sgs() (Paulo Alcantara) [RHEL-60251]
- cifs: Get rid of unneeded conditional in the smb2_get_aead_req() (Paulo Alcantara) [RHEL-60251]
- cifs: Remove duplicated include in cifsglob.h (Paulo Alcantara) [RHEL-60251]
- cifs: fix oops during encryption (Paulo Alcantara) [RHEL-60251]
Resolves: RHEL-59541, RHEL-28868, RHEL-35119, RHEL-37336

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2024-10-09 23:40:13 +02:00
Denys Vlasenko
1f96560f72 kernel-rt-4.18.0-553.25.1.rt7.366.el8_10 
* Wed Oct 02 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.25.1.rt7.366.el8_10]
- [rt] build kernel-rt-4.18.0-553.25.1.rt7.366.el8_10 [RHEL-59541]
- cifs: modefromsids must add an ACE for authenticated users (Paulo Alcantara) [RHEL-56052]
- cifs: do not use uninitialized data in the owner/group sid (Paulo Alcantara) [RHEL-56052]
- cifs: fix set of group SID via NTSD xattrs (Paulo Alcantara) [RHEL-56052]
- smb3: correct smb3 ACL security descriptor (Paulo Alcantara) [RHEL-56052]
- smb3: fix possible access to uninitialized pointer to DACL (Paulo Alcantara) [RHEL-56052]
- cifs: remove two cases where rc is set unnecessarily in sid_to_id (Paulo Alcantara) [RHEL-56052]
- cifs: Fix chmod with modefromsid when an older ACE already exists. (Paulo Alcantara) [RHEL-56052]
- cifs: update new ACE pointer after populate_new_aces. (Paulo Alcantara) [RHEL-56052]
- cifs: If a corrupted DACL is returned by the server, bail out. (Paulo Alcantara) [RHEL-56052]
- cifs: cleanup a few le16 vs. le32 uses in cifsacl.c (Paulo Alcantara) [RHEL-56052]
- cifs: Change SIDs in ACEs while transferring file ownership. (Paulo Alcantara) [RHEL-56052]
- cifs: Retain old ACEs when converting between mode bits and ACL. (Paulo Alcantara) [RHEL-56052]
- cifs: Fix cifsacl ACE mask for group and others. (Paulo Alcantara) [RHEL-56052]
- Add SMB 2 support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052]
- SMB3: Add support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052]
- cifs: Enable sticky bit with cifsacl mount option. (Paulo Alcantara) [RHEL-56052]
- cifs: Fix unix perm bits to cifsacl conversion for "other" bits. (Paulo Alcantara) [RHEL-56052]
- drm/i915/gt: Fix potential UAF by revoke of fence registers (Mika Penttilä) [RHEL-53633] {CVE-2024-41092}
- scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (Dick Kennedy) [RHEL-27224]
- kobject_uevent: Fix OOB access within zap_modalias_env() (Rafael Aquini) [RHEL-55000] {CVE-2024-42292}
- gfs2: Fix NULL pointer dereference in gfs2_log_flush (Andrew Price) [RHEL-51553] {CVE-2024-42079}
- of: module: add buffer overflow check in of_modalias() (Charles Mirabile) [RHEL-44267] {CVE-2024-38541}
Resolves: RHEL-59541, RHEL-55003, RHEL-53636, RHEL-51554, RHEL-44268

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2024-10-02 12:03:00 +02:00
Denys Vlasenko
58be097178 kernel-rt-4.18.0-553.24.1.rt7.365.el8_10 
* Wed Sep 25 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.24.1.rt7.365.el8_10]
- [rt] build kernel-rt-4.18.0-553.24.1.rt7.365.el8_10 [RHEL-59541]
- cifs: do not set WorkstationName in NTLMSSP auth blob (Paulo Alcantara) [RHEL-56729]
- padata: Fix possible divide-by-0 panic in padata_mt_helper() (Steve Best) [RHEL-56162] {CVE-2024-43889}
- i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR (CKI Backport Bot) [RHEL-57000]
- sctp: Fix null-ptr-deref in reuseport_add_sock(). (Xin Long) [RHEL-56234] {CVE-2024-44935}
- net/mlx5e: Fix netif state handling (Michal Schmidt) [RHEL-43864] {CVE-2024-38608}
- net/mlx5e: Add wrapping for auxiliary_driver ops and remove unused args (Michal Schmidt) [RHEL-43864] {CVE-2024-38608}
- r8169: Fix possible ring buffer corruption on fragmented Tx packets. (cki-backport-bot) [RHEL-44031] {CVE-2024-38586}
- netfilter: flowtable: initialise extack before use (Florian Westphal) [RHEL-58542] {CVE-2024-45018}
- memcg: protect concurrent access to mem_cgroup_idr (Rafael Aquini) [RHEL-56252] {CVE-2024-43892}
- memcontrol: ensure memcg acquired by id is properly set up (Rafael Aquini) [RHEL-56252] {CVE-2024-43892}
- mm: memcontrol: fix cannot alloc the maximum memcg ID (Rafael Aquini) [RHEL-56252] {CVE-2024-43892}
- mm/memcg: minor cleanup for MEM_CGROUP_ID_MAX (Rafael Aquini) [RHEL-56252] {CVE-2024-43892}
- ice: Add netif_device_attach/detach into PF reset flow (CKI Backport Bot) [RHEL-23676]
Resolves: RHEL-59541, RHEL-43865, RHEL-44032, RHEL-56163, RHEL-56253, RHEL-58543, RHEL-56235

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2024-09-25 17:26:13 +02:00
Denys Vlasenko
8e32d0d0e4 kernel-rt-4.18.0-553.23.1.rt7.364.el8_10 
* Thu Sep 19 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.23.1.rt7.364.el8_10]
- [rt] build kernel-rt-4.18.0-553.23.1.rt7.364.el8_10 [RHEL-59541]
- ethtool: check device is present when getting link settings (Jamie Bainbridge) [RHEL-57002]
- netfilter: nft_set_pipapo: do not free live element (Phil Sutter) [RHEL-34221] {CVE-2024-26924}
- netfilter: nf_tables: missing iterator type in lookup walk (Phil Sutter) [RHEL-35033] {CVE-2024-27017}
- netfilter: nft_set_pipapo: walk over current view on netlink dump (Phil Sutter) [RHEL-35033] {CVE-2024-27017}
- netfilter: nftables: add helper function to flush set elements (Phil Sutter) [RHEL-35033] {CVE-2024-27017}
- netfilter: nf_tables: prefer nft_chain_validate (Phil Sutter) [RHEL-51040] {CVE-2024-41042}
- netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (Phil Sutter) [RHEL-51516] {CVE-2024-42070}
- netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (Phil Sutter) [RHEL-43003] {CVE-2024-35898}
- netfilter: ipset: Fix suspicious rcu_dereference_protected() (Phil Sutter) [RHEL-47606] {CVE-2024-39503}
- netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (Phil Sutter) [RHEL-47606] {CVE-2024-39503}
- netfilter: ipset: Add list flush to cancel_gc (Phil Sutter) [RHEL-47606] {CVE-2024-39503}
- netfilter: nf_conntrack_h323: Add protection for bmp length out of range (Phil Sutter) [RHEL-42680] {CVE-2024-26851}
- netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839}
- netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839}
- netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839}
- netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839}
- dev/parport: fix the array out-of-bounds risk (Steve Best) [RHEL-54985] {CVE-2024-42301}
- KVM: Always flush async #PF workqueue when vCPU is being destroyed (Sean Christopherson) [RHEL-35100] {CVE-2024-26976}
- bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (Kamal Heib) [RHEL-44279] {CVE-2024-38540}
- tipc: Return non-zero value from tipc_udp_addr2str() on error (Xin Long) [RHEL-55069] {CVE-2024-42284}
- Bluetooth: Fix TOCTOU in HCI debugfs implementation (CKI Backport Bot) [RHEL-26831] {CVE-2024-24857}
- drm/i915/dpt: Make DPT object unshrinkable (CKI Backport Bot) [RHEL-47856] {CVE-2024-40924}
- tipc: force a dst refcount before doing decryption (Xin Long) [RHEL-48363] {CVE-2024-40983}
- block: initialize integrity buffer to zero before writing it to media (Ming Lei) [RHEL-54763] {CVE-2024-43854}
- gso: do not skip outer ip header in case of ipip and net_failover (CKI Backport Bot) [RHEL-55790] {CVE-2022-48936}
- drm/amdgpu: avoid using null object of framebuffer (CKI Backport Bot) [RHEL-51405] {CVE-2024-41093}
- ipv6: prevent possible NULL deref in fib6_nh_init() (Guillaume Nault) [RHEL-48170] {CVE-2024-40961}
- mlxsw: spectrum_acl_erp: Fix object nesting warning (CKI Backport Bot) [RHEL-55568] {CVE-2024-43880}
- ibmvnic: Add tx check to prevent skb leak (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066}
- ibmvnic: rename local variable index to bufidx (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066}
- netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839}
- netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839}
- netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839}
- netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839}
- USB: serial: mos7840: fix crash on resume (CKI Backport Bot) [RHEL-53680] {CVE-2024-42244}
- ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (CKI Backport Bot) [RHEL-48381] {CVE-2024-40984}
Resolves: RHEL-59541, RHEL-51250, RHEL-42681, RHEL-47607, RHEL-48382, RHEL-48171, RHEL-26833, RHEL-37039, RHEL-55072, RHEL-55793, RHEL-48364, RHEL-37039, RHEL-54988, RHEL-54766, RHEL-43004, RHEL-51406, RHEL-35101, RHEL-51517, RHEL-47857, RHEL-53683, RHEL-35034, RHEL-55571, RHEL-51041, RHEL-34222, RHEL-44280

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2024-09-19 02:54:51 +02:00
Denys Vlasenko
ce29ff59f7 kernel-rt-4.18.0-553.22.1.rt7.363.el8_10 
* Wed Sep 11 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.22.1.rt7.363.el8_10]
- [rt] build kernel-rt-4.18.0-553.22.1.rt7.363.el8_10 [RHEL-53529]
- wifi: mac80211: Avoid address calculations via out of bounds array indexing (Michal Schmidt) [RHEL-51278] {CVE-2024-41071}
Resolves: RHEL-53529, RHEL-51280

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2024-09-11 19:43:23 +02:00
Denys Vlasenko
6f2357c87b kernel-rt-4.18.0-553.21.1.rt7.362.el8_10 
* Wed Sep 04 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.21.1.rt7.362.el8_10]
- [rt] build kernel-rt-4.18.0-553.21.1.rt7.362.el8_10 [RHEL-53529]
- s390/dasd: fix error recovery leading to data corruption on ESE devices (Mete Durlu) [RHEL-55874]
- protect the fetch of ->fd[fd] in do_dup2() from mispredictions (CKI Backport Bot) [RHEL-55123] {CVE-2024-42265}
- net: openvswitch: fix overwriting ct original tuple for ICMPv6 (cki-backport-bot) [RHEL-44207] {CVE-2024-38558}
- mlxsw: thermal: Fix out-of-bounds memory accesses (CKI Backport Bot) [RHEL-38375] {CVE-2021-47441}
- USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (CKI Backport Bot) [RHEL-47552] {CVE-2024-40904}
- ipvs: properly dereference pe in ip_vs_add_service (Phil Sutter) [RHEL-54903] {CVE-2024-42322}
- net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket (CKI Backport Bot) [RHEL-53702] {CVE-2024-42246}
- drm/amdgpu: change vm->task_info handling (Michel Dänzer) [RHEL-49379] {CVE-2024-41008}
- drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() (Michel Dänzer) [RHEL-45036] {CVE-2024-39471}
- drm/amdgpu: add error handle to avoid out-of-bounds (Michel Dänzer) [RHEL-45036] {CVE-2024-39471}
- drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (Michel Dänzer) [RHEL-52845] {CVE-2024-42228}
Resolves: RHEL-53529, RHEL-38376, RHEL-53705, RHEL-44208, RHEL-52849, RHEL-54906, RHEL-45037, RHEL-49380, RHEL-47553

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
 2024-09-04 17:34:07 +02:00