The Linux Realtime kernel
a174f6e839
* Thu Aug 08 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.17.1.rt7.358.el8_10] - [rt] build kernel-rt-4.18.0-553.17.1.rt7.358.el8_10 [RHEL-53529] - kyber: fix out of bounds access when preempted (Ming Lei) [RHEL-27258] {CVE-2021-46984} - vfs: don't mod negative dentry count when on shrinker list (Brian Foster) [RHEL-35874] - fs/dcache: Re-use value stored to dentry->d_flags instead of re-reading (Brian Foster) [RHEL-35874] - fbmem: Do not delete the mode that is still in use (CKI Backport Bot) [RHEL-37796] {CVE-2021-47338} - netpoll: Fix race condition in netpoll_owner_active (CKI Backport Bot) [RHEL-49361] {CVE-2024-41005} - firmware: arm_scpi: Fix string overflow in SCPI genpd driver (Mark Salter) [RHEL-43702] {CVE-2021-47609} - ipv6: prevent possible NULL dereference in rt6_probe() (Guillaume Nault) [RHEL-48149] {CVE-2024-40960} - HID: i2c-hid-of: fix NULL-deref on failed power up (CKI Backport Bot) [RHEL-31598] {CVE-2024-26717} - cpufreq: amd-pstate: fix memory leak on CPU EPP exit (CKI Backport Bot) [RHEL-48489] {CVE-2024-40997} - x86/mm/pat: fix VM_PAT handling in COW mappings (Chris von Recklinghausen) [RHEL-37258] {CVE-2024-35877} - PCI/PM: Drain runtime-idle callbacks before driver removal (Myron Stowe) [RHEL-42937] {CVE-2024-35809} - PCI: Drop pci_device_remove() test of pci_dev->driver (Myron Stowe) [RHEL-42937] {CVE-2024-35809} - drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() (Mika Penttilä) [RHEL-26909] {CVE-2023-52470} - USB: core: Fix hang in usb_kill_urb by adding memory barriers (Desnes Nunes) [RHEL-43979] {CVE-2022-48760} - cifs: fix bad fids sent over wire (Paulo Alcantara) [RHEL-52517] - smb3: add additional null check in SMB311_posix_mkdir (Paulo Alcantara) [RHEL-52517] - smb3: add additional null check in SMB2_tcon (Paulo Alcantara) [RHEL-52517] - smb3: add additional null check in SMB2_open (Paulo Alcantara) [RHEL-52517] - smb3: add additional null check in SMB2_ioctl (Paulo Alcantara) [RHEL-52517] - selftests: forwarding: devlink_lib: Wait for udev events after reloading (Mark Langsdorf) [RHEL-47642] {CVE-2024-39501} - drivers: core: synchronize really_probe() and dev_uevent() (Mark Langsdorf) [RHEL-47642] {CVE-2024-39501} - udp: do not accept non-tunnel GSO skbs landing in a tunnel (Xin Long) [RHEL-42997] {CVE-2024-35884} - filelock: Remove locks reliably when fcntl/close race is detected (Bill O'Donnell) [RHEL-50170] {CVE-2024-41012} - Input: add bounds checking to input_set_capability() (Benjamin Tissoires) [RHEL-21413] {CVE-2022-48619} - xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (CKI Backport Bot) [RHEL-48130] {CVE-2024-40959} - blk-cgroup: fix list corruption from reorder of WRITE ->lqueued (Ming Lei) [RHEL-33695] - blk-cgroup: fix list corruption from resetting io stat (Ming Lei) [RHEL-33695] - net: do not leave a dangling sk pointer, when socket creation fails (CKI Backport Bot) [RHEL-48060] {CVE-2024-40954} - perf/x86/lbr: Filter vsyscall addresses (Michael Petlan) [RHEL-28991] {CVE-2023-52476} - vmci: prevent speculation leaks by sanitizing event in event_deliver() (CKI Backport Bot) [RHEL-47678] {CVE-2024-39499} - serial: core: fix transmit-buffer reset and memleak (Steve Best) [RHEL-38731] {CVE-2021-47527} - powerpc/pseries: Whitelist dtl slub object for copying to userspace (Mamatha Inamdar) [RHEL-51236] {CVE-2024-41065} - powerpc/eeh: avoid possible crash when edev->pdev changes (Mamatha Inamdar) [RHEL-51220] {CVE-2024-41064} - x86: stop playing stack games in profile_pc() (Steve Best) [RHEL-51643] {CVE-2024-42096} - mptcp: ensure snd_una is properly initialized on connect (Florian Westphal) [RHEL-47933 RHEL-47934] {CVE-2024-40931} - liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet (CKI Backport Bot) [RHEL-47492] {CVE-2024-39506} - tun: add missing verification for short frame (Patrick Talbert) [RHEL-50194] {CVE-2024-41091} - tap: add missing verification for short frame (Patrick Talbert) [RHEL-50279] {CVE-2024-41090} - usb-storage: alauda: Check whether the media is initialized (Desnes Nunes) [RHEL-43708] {CVE-2024-38619} - usb-storage: alauda: Fix uninit-value in alauda_check_media() (Desnes Nunes) [RHEL-43708] {CVE-2024-38619} - hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field (Steve Best) [RHEL-37723] {CVE-2021-47384} - block: fix that util can be greater than 100%% (Ming Lei) [RHEL-23074] - block: support to account io_ticks precisely (Ming Lei) [RHEL-23074] - watchdog: Fix possible use-after-free by calling del_timer_sync() (Steve Best) [RHEL-38795] {CVE-2021-47321} - hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (Steve Best) [RHEL-37719] {CVE-2021-47385} - mlxsw: spectrum: Protect driver from buggy firmware (CKI Backport Bot) [RHEL-42245] {CVE-2021-47560} - mlxsw: Verify the accessed index doesn't exceed the array length (CKI Backport Bot) [RHEL-42245] {CVE-2021-47560} - dm: call the resume method on internal suspend (Benjamin Marzinski) [RHEL-41835] {CVE-2024-26880} - tty: Fix out-of-bound vmalloc access in imageblit (Steve Best) [RHEL-37727] {CVE-2021-47383} - hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field (Steve Best) [RHEL-37715] {CVE-2021-47386} - hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs (Steve Best) [RHEL-37710] {CVE-2021-47393} - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells (Steve Best) [RHEL-38436] {CVE-2021-47497} - driver core: auxiliary bus: Fix memory leak when driver_register() fail (Steve Best) [RHEL-37901] {CVE-2021-47287} - phylib: fix potential use-after-free (cki-backport-bot) [RHEL-43764] {CVE-2022-48754} - ptp: Fix possible memory leak in ptp_clock_register() (Hangbin Liu) [RHEL-38424] {CVE-2021-47455} - NFSv4: Fix memory leak in nfs4_set_security_label (CKI Backport Bot) [RHEL-51315] {CVE-2024-41076} - pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (CKI Backport Bot) [RHEL-51618] {CVE-2024-42090} - ftruncate: pass a signed offset (CKI Backport Bot) [RHEL-51598] {CVE-2024-42084} - af_unix: Fix garbage collector racing against connect() (Felix Maurer) [RHEL-34225] {CVE-2024-26923} - virtio-net: Add validation for used length (Laurent Vivier) [RHEL-42080] {CVE-2021-47352} - net: fix possible store tearing in neigh_periodic_work() (Antoine Tenart) [RHEL-42359] {CVE-2023-52522} - tunnels: fix out of bounds access when building IPv6 PMTU error (Antoine Tenart) [RHEL-41823] {CVE-2024-26665} - vt_ioctl: fix array_index_nospec in vt_setactivate (John W. Linville) [RHEL-49141] {CVE-2022-48804} - Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() (CKI Backport Bot) [RHEL-38302] {CVE-2023-52840} - netns: Make get_net_ns() handle zero refcount net (Antoine Tenart) [RHEL-48105] {CVE-2024-40958} - tracing: Ensure visibility when inserting an element into tracing_map (Michael Petlan) [RHEL-30457] {CVE-2024-26645} - KVM: s390: fix LPSWEY handling (CKI Backport Bot) [RHEL-50072] - firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (CKI Backport Bot) [RHEL-51144] {CVE-2024-41056} - SUNRPC: Fix a race to wake a sync task (Benjamin Coddington) [RHEL-11843] - firmware: cs_dsp: Fix overflow checking of wmfw header (CKI Backport Bot) [RHEL-50999] {CVE-2024-41039} - firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers (CKI Backport Bot) [RHEL-50987] {CVE-2024-41038} - net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (Xin Long) [RHEL-48471] {CVE-2024-40995} - net: fix out-of-bounds access in ops_init (Xin Long) [RHEL-43185] {CVE-2024-36883} - x86/mce/therm_throt: Undo thermal polling properly on CPU offline (Steve Best) [RHEL-45310] - x86/mce/therm_throt: Do not access uninitialized therm_work (Steve Best) [RHEL-45310] - x86/mce/therm_throt: Mark throttle_active_work() as __maybe_unused (Steve Best) [RHEL-45310] - x86/mce/therm_throt: Mask out read-only and reserved MSR bits (Steve Best) [RHEL-45310] - x86/mce/therm_throt: Optimize notifications of thermal throttle (Steve Best) [RHEL-45310] - jiffies: add utility function to calculate delta in ms (Steve Best) [RHEL-45310] - x86/mce: Lower throttling MCE messages' priority to warning (Steve Best) [RHEL-45310] - dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (Eder Zulian) [RHEL-37361] {CVE-2024-35989} - xfs: don't walk off the end of a directory data block (CKI Backport Bot) [RHEL-50879] {CVE-2024-41013} - xfs: add bounds checking to xlog_recover_process_data (CKI Backport Bot) [RHEL-50856] {CVE-2024-41014} - dm-crypt: limit the size of encryption requests (Benjamin Marzinski) [RHEL-29330] - netfilter: flowtable: remove nf_ct_l4proto_find() call (Florian Westphal) [RHEL-49589] Resolves: RHEL-53529, RHEL-42081, RHEL-51000, RHEL-34226, RHEL-50988, RHEL-37720, RHEL-37902, RHEL-37716, RHEL-43709, RHEL-47643, RHEL-48061, RHEL-37724, RHEL-51619, RHEL-30458, RHEL-48472, RHEL-51316, RHEL-50199, RHEL-43703, RHEL-38425, RHEL-51237, RHEL-47493, RHEL-50857, RHEL-37711, RHEL-43980, RHEL-37728, RHEL-41836, RHEL-38303, RHEL-50880, RHEL-48150, RHEL-38732, RHEL-42360, RHEL-47679, RHEL-42246, RHEL-49362, RHEL-43186, RHEL-37259, RHEL-50270, RHEL-38437, RHEL-49142, RHEL-48490, RHEL-48131, RHEL-28992, RHEL-51644, RHEL-43765, RHEL-41824, RHEL-48106, RHEL-51145, RHEL-26910, RHEL-37797, RHEL-21414, RHEL-37361, RHEL-50171, RHEL-31599, RHEL-51599, RHEL-51221, RHEL-42938, RHEL-42998, RHEL-27259, RHEL-38796, RHEL-47934 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
---|---|---|
.gitignore | ||
centossecureboot201.cer | ||
centossecurebootca2.cer | ||
cpupower.config | ||
cpupower.service | ||
filter-aarch64.sh | ||
filter-modules.sh | ||
filter-ppc64le.sh | ||
filter-s390x.sh | ||
filter-x86_64.sh | ||
gating.yaml | ||
generate_all_configs.sh | ||
generate_bls_conf.sh | ||
kernel-rt-aarch64-debug.config | ||
kernel-rt-aarch64.config | ||
kernel-rt-ppc64le-debug.config | ||
kernel-rt-ppc64le.config | ||
kernel-rt-s390x-debug.config | ||
kernel-rt-s390x-zfcpdump.config | ||
kernel-rt-s390x.config | ||
kernel-rt-x86_64-debug.config | ||
kernel-rt-x86_64.config | ||
kernel.spec | ||
kvm_stat.logrotate | ||
linux-kernel-test.patch | ||
mod-blacklist.sh | ||
mod-extra.list | ||
mod-internal.list | ||
mod-kvm.list | ||
mod-sign.sh | ||
parallel_xz.sh | ||
process_configs.sh | ||
redhatsecureboot302.cer | ||
redhatsecureboot303.cer | ||
redhatsecureboot501.cer | ||
redhatsecurebootca3.cer | ||
redhatsecurebootca7.cer | ||
rheldup3.x509 | ||
rhelkpatch1.x509 | ||
rpminspect.yaml | ||
sources | ||
x509.genkey |