rpms/kernel
9
2
Fork 4
Code Issues Pull Requests Releases Activity

kernel-4.18.0-553.18.1.el8_10

Browse Source 
* Fri Aug 16 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.18.1.el8_10]
- scsi: mpi3mr: Avoid memcpy field-spanning write WARNING (Ewan D. Milne) [RHEL-39805] {CVE-2024-36920}
- tun: limit printing rate when illegal packet received by tun dev (Jon Maloy) [RHEL-35046] {CVE-2024-27013}
- drm/amdgpu/debugfs: fix error code when smc register accessors are NULL (Michel Dänzer) [RHEL-38210] {CVE-2023-52817}
- drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL (Michel Dänzer) [RHEL-38210] {CVE-2023-52817}
- drm/amdgpu/mes: fix use-after-free issue (Michel Dänzer) [RHEL-44043] {CVE-2024-38581}
- drm/amdgpu: Fix the null pointer when load rlc firmware (Michel Dänzer) [RHEL-30603] {CVE-2024-26649}
- drm/amdgpu: Fix potential out-of-bounds access in 'amdgpu_discovery_reg_base_init()' (Michel Dänzer) [RHEL-35160] {CVE-2024-27042}
- net/sched: Fix UAF when resolving a clash (Xin Long) [RHEL-51014] {CVE-2024-41040}
- tcp_metrics: validate source addr length (Guillaume Nault) [RHEL-52025] {CVE-2024-42154}
- NFSv4/pnfs: Fix a use-after-free bug in open (Benjamin Coddington) [RHEL-35508]
- NFSv4: Don't hold the layoutget locks across multiple RPC calls (Benjamin Coddington) [RHEL-35508]
- scsi: qedf: Make qedf_execute_tmf() non-preemptible (John Meneghini) [RHEL-51799] {CVE-2024-42124}
- Input: elantech - fix stack out of bound access in elantech_change_report_id() (CKI Backport Bot) [RHEL-41938] {CVE-2021-47097}
- HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect (CKI Backport Bot) [RHEL-28982] {CVE-2023-52478}
- drm/radeon: fix UBSAN warning in kv_dpm.c (CKI Backport Bot) [RHEL-48399] {CVE-2024-40988}
- usb: core: Don't hold the device lock while sleeping in do_proc_control() (Desnes Nunes) [RHEL-43646] {CVE-2021-47582}
- USB: core: Make do_proc_control() and do_proc_bulk() killable (Desnes Nunes) [RHEL-43646] {CVE-2021-47582}
- scsi: qedi: Fix crash while reading debugfs attribute (CKI Backport Bot) [RHEL-48327] {CVE-2024-40978}
- wifi: mt76: mt7921s: fix potential hung tasks during chip recovery (CKI Backport Bot) [RHEL-48309] {CVE-2024-40977}
- net: tcp: accept old ack during closing (Jamie Bainbridge) [RHEL-52433]
- wifi: iwlwifi: mvm: don't read past the mfuart notifcation (CKI Backport Bot) [RHEL-48016] {CVE-2024-40941}
- net/iucv: fix use after free in iucv_sock_close() (Mete Durlu) [RHEL-53988]
- wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (CKI Backport Bot) [RHEL-47908] {CVE-2024-40929}
- Input: aiptek - properly check endpoint type (Benjamin Tissoires) [RHEL-48963] {CVE-2022-48836}
- Input: aiptek - use descriptors of current altsetting (Benjamin Tissoires) [RHEL-48963] {CVE-2022-48836}
- Input: aiptek - fix endpoint sanity check (Benjamin Tissoires) [RHEL-48963] {CVE-2022-48836}
- usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB (CKI Backport Bot) [RHEL-52373] {CVE-2024-42226}
- wifi: mt76: replace skb_put with skb_put_zero (CKI Backport Bot) [RHEL-52366] {CVE-2024-42225}
- wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (CKI Backport Bot) [RHEL-47776] {CVE-2024-40912}
- wifi: cfg80211: Lock wiphy in cfg80211_get_station (CKI Backport Bot) [RHEL-47758] {CVE-2024-40911}
- VMCI: Use struct_size() in kmalloc() (Steve Best) [RHEL-37325] {CVE-2024-35944}
- VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler() (Steve Best) [RHEL-37325] {CVE-2024-35944}
- VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() (Steve Best) [RHEL-37325] {CVE-2024-35944}
- wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values (Jose Ignacio Tornos Martinez) [RHEL-51761] {CVE-2024-42114}
- usb: atm: cxacru: fix endpoint checking in cxacru_bind() (CKI Backport Bot) [RHEL-51442] {CVE-2024-41097}
- nfs: handle error of rpc_proc_register() in init_nfs_fs() (Scott Mayhew) [RHEL-39904] {CVE-2024-36939}
- drm/radeon: check bo_va->bo is non-NULL before using it (CKI Backport Bot) [RHEL-51184] {CVE-2024-41060}
- udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port(). (CKI Backport Bot) [RHEL-51027] {CVE-2024-41041}
- USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (CKI Backport Bot) [RHEL-50961] {CVE-2024-41035}
- tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). (CKI Backport Bot) [RHEL-44408] {CVE-2024-37356}
- tcp: avoid too many retransmit packets (Florian Westphal) [RHEL-48627] {CVE-2024-41007}
- tcp: use signed arithmetic in tcp_rtx_probe0_timed_out() (Florian Westphal) [RHEL-48627]
- net: tcp: fix unexcepted socket die when snd_wnd is 0 (Florian Westphal) [RHEL-48627]
- tcp: refactor tcp_retransmit_timer() (Florian Westphal) [RHEL-48627]
- tcp: exit if nothing to retransmit on RTO timeout (Florian Westphal) [RHEL-48627]
- netfilter: nf_tables: Reject tables of unsupported family (Florian Westphal) [RHEL-21418] {CVE-2023-6040}
Resolves: RHEL-21418, RHEL-28982, RHEL-30603, RHEL-35046, RHEL-35160, RHEL-35508, RHEL-37325, RHEL-38210, RHEL-39805, RHEL-39904, RHEL-41938, RHEL-43646, RHEL-44043, RHEL-44408, RHEL-47758, RHEL-47776, RHEL-47908, RHEL-48016, RHEL-48309, RHEL-48327, RHEL-48399, RHEL-48627, RHEL-48963, RHEL-50961, RHEL-51014, RHEL-51027, RHEL-51184, RHEL-51442, RHEL-51761, RHEL-51799, RHEL-52025, RHEL-52366, RHEL-52373, RHEL-52433, RHEL-53988

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
This commit is contained in:
Denys Vlasenko 2024-08-16 15:54:03 +02:00
parent 8f964f1def
commit 0488193495
2 changed files with 52 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
kernel.spec
View File

@ -38,10 +38,10 @@
# define buildid .local
%define specversion 4.18.0
%define pkgrelease 553.17.1.el8_10
%define pkgrelease 553.18.1.el8_10
# allow pkg_release to have configurable %%{?dist} tag
%define specrelease 553.17.1%{?dist}
%define specrelease 553.18.1%{?dist}
%define pkg_release %{specrelease}%{?buildid}
@ -2696,6 +2696,54 @@ fi
#
#
%changelog
* Fri Aug 16 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.18.1.el8_10]
- scsi: mpi3mr: Avoid memcpy field-spanning write WARNING (Ewan D. Milne) [RHEL-39805] {CVE-2024-36920}
- tun: limit printing rate when illegal packet received by tun dev (Jon Maloy) [RHEL-35046] {CVE-2024-27013}
- drm/amdgpu/debugfs: fix error code when smc register accessors are NULL (Michel Dänzer) [RHEL-38210] {CVE-2023-52817}
- drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL (Michel Dänzer) [RHEL-38210] {CVE-2023-52817}
- drm/amdgpu/mes: fix use-after-free issue (Michel Dänzer) [RHEL-44043] {CVE-2024-38581}
- drm/amdgpu: Fix the null pointer when load rlc firmware (Michel Dänzer) [RHEL-30603] {CVE-2024-26649}
- drm/amdgpu: Fix potential out-of-bounds access in 'amdgpu_discovery_reg_base_init()' (Michel Dänzer) [RHEL-35160] {CVE-2024-27042}
- net/sched: Fix UAF when resolving a clash (Xin Long) [RHEL-51014] {CVE-2024-41040}
- tcp_metrics: validate source addr length (Guillaume Nault) [RHEL-52025] {CVE-2024-42154}
- NFSv4/pnfs: Fix a use-after-free bug in open (Benjamin Coddington) [RHEL-35508]
- NFSv4: Don't hold the layoutget locks across multiple RPC calls (Benjamin Coddington) [RHEL-35508]
- scsi: qedf: Make qedf_execute_tmf() non-preemptible (John Meneghini) [RHEL-51799] {CVE-2024-42124}
- Input: elantech - fix stack out of bound access in elantech_change_report_id() (CKI Backport Bot) [RHEL-41938] {CVE-2021-47097}
- HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect (CKI Backport Bot) [RHEL-28982] {CVE-2023-52478}
- drm/radeon: fix UBSAN warning in kv_dpm.c (CKI Backport Bot) [RHEL-48399] {CVE-2024-40988}
- usb: core: Don't hold the device lock while sleeping in do_proc_control() (Desnes Nunes) [RHEL-43646] {CVE-2021-47582}
- USB: core: Make do_proc_control() and do_proc_bulk() killable (Desnes Nunes) [RHEL-43646] {CVE-2021-47582}
- scsi: qedi: Fix crash while reading debugfs attribute (CKI Backport Bot) [RHEL-48327] {CVE-2024-40978}
- wifi: mt76: mt7921s: fix potential hung tasks during chip recovery (CKI Backport Bot) [RHEL-48309] {CVE-2024-40977}
- net: tcp: accept old ack during closing (Jamie Bainbridge) [RHEL-52433]
- wifi: iwlwifi: mvm: don't read past the mfuart notifcation (CKI Backport Bot) [RHEL-48016] {CVE-2024-40941}
- net/iucv: fix use after free in iucv_sock_close() (Mete Durlu) [RHEL-53988]
- wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (CKI Backport Bot) [RHEL-47908] {CVE-2024-40929}
- Input: aiptek - properly check endpoint type (Benjamin Tissoires) [RHEL-48963] {CVE-2022-48836}
- Input: aiptek - use descriptors of current altsetting (Benjamin Tissoires) [RHEL-48963] {CVE-2022-48836}
- Input: aiptek - fix endpoint sanity check (Benjamin Tissoires) [RHEL-48963] {CVE-2022-48836}
- usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB (CKI Backport Bot) [RHEL-52373] {CVE-2024-42226}
- wifi: mt76: replace skb_put with skb_put_zero (CKI Backport Bot) [RHEL-52366] {CVE-2024-42225}
- wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (CKI Backport Bot) [RHEL-47776] {CVE-2024-40912}
- wifi: cfg80211: Lock wiphy in cfg80211_get_station (CKI Backport Bot) [RHEL-47758] {CVE-2024-40911}
- VMCI: Use struct_size() in kmalloc() (Steve Best) [RHEL-37325] {CVE-2024-35944}
- VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler() (Steve Best) [RHEL-37325] {CVE-2024-35944}
- VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() (Steve Best) [RHEL-37325] {CVE-2024-35944}
- wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values (Jose Ignacio Tornos Martinez) [RHEL-51761] {CVE-2024-42114}
- usb: atm: cxacru: fix endpoint checking in cxacru_bind() (CKI Backport Bot) [RHEL-51442] {CVE-2024-41097}
- nfs: handle error of rpc_proc_register() in init_nfs_fs() (Scott Mayhew) [RHEL-39904] {CVE-2024-36939}
- drm/radeon: check bo_va->bo is non-NULL before using it (CKI Backport Bot) [RHEL-51184] {CVE-2024-41060}
- udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port(). (CKI Backport Bot) [RHEL-51027] {CVE-2024-41041}
- USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (CKI Backport Bot) [RHEL-50961] {CVE-2024-41035}
- tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). (CKI Backport Bot) [RHEL-44408] {CVE-2024-37356}
- tcp: avoid too many retransmit packets (Florian Westphal) [RHEL-48627] {CVE-2024-41007}
- tcp: use signed arithmetic in tcp_rtx_probe0_timed_out() (Florian Westphal) [RHEL-48627]
- net: tcp: fix unexcepted socket die when snd_wnd is 0 (Florian Westphal) [RHEL-48627]
- tcp: refactor tcp_retransmit_timer() (Florian Westphal) [RHEL-48627]
- tcp: exit if nothing to retransmit on RTO timeout (Florian Westphal) [RHEL-48627]
- netfilter: nf_tables: Reject tables of unsupported family (Florian Westphal) [RHEL-21418] {CVE-2023-6040}
* Wed Aug 07 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.17.1.el8_10]
- kyber: fix out of bounds access when preempted (Ming Lei) [RHEL-27258] {CVE-2021-46984}
- vfs: don't mod negative dentry count when on shrinker list (Brian Foster) [RHEL-35874]

4
sources
View File

@ -1,3 +1,3 @@
SHA512 (linux-4.18.0-553.17.1.el8_10.tar.xz) = 3b91f68d9c081e0b3d8c57c1fc8890db5fece2b69a64907adaefb70a24f26a10a3b37065a5626ecff06d77efb73e61266d07d61b09366fc4fb0242785cae30ae
SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = 00eb1195ab440028552b55c9535bd50cb50c72e5adf6af4111ae59beb23f35348ef6e472909569ed1cc370ff1486841d8b28b02c20ead8120081091e3ec091ea
SHA512 (linux-4.18.0-553.18.1.el8_10.tar.xz) = c7dd0b42c23f15b67817c87a3dba99139ac5dda5e5352df34a07dd855bb7acee70534c02221f536b47d48a97d188d847841b486326252b5a64443a0293eef1ee
SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = 304e8a8f82d0229aab91daa600d0fede9ae577d02d2d654cee0dca44cb23c260378ca0b9f6fc7b41cadc95299480d12603b24e72e61aa2f9762cbda5e5b1f2c7
SHA512 (kernel-kabi-dw-4.18.0-553.tar.bz2) = 8a671ed3c9b7f4b25fd4e594b62bc4a26474cb705d3ed22ca376618b3c7962fc72ace1ffd02c9c3a192d9d2c449d38228809542d7f16ebad16f8127020eb2faf