From 7550af13453c23eb733d5da3a953e3c5663c2f18 Mon Sep 17 00:00:00 2001 From: Rado Vrbovsky Date: Mon, 2 Dec 2024 14:05:02 +0000 Subject: [PATCH] kernel-5.14.0-537.el9 * Mon Dec 02 2024 Rado Vrbovsky [5.14.0-537.el9] - smb: client: Handle kstrdup failures for passwords (Paulo Alcantara) [RHEL-65939] {CVE-2024-50120} - fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name (CKI Backport Bot) [RHEL-64530] {CVE-2024-49934} - mptcp: init: protect sched with rcu_read_lock (CKI Backport Bot) [RHEL-68179] {CVE-2024-53047} - ARM: 9361/1: amba: store owner from modules with amba_driver_register() (Mark Salter) [RHEL-56484] - amba: bus: balance firmware node reference counting (Mark Salter) [RHEL-56484] - of/platform: increase refcount of fwnode (Mark Salter) [RHEL-56484] - of/platform: Propagate firmware node by calling device_set_node() (Mark Salter) [RHEL-56484] - amba: bus: fix refcount leak (Mark Salter) [RHEL-56484] - amba: move to_amba_device() to use container_of_const (Mark Salter) [RHEL-56484] - ARM: tegra: Remove MODULE_LICENSE in non-modules (Mark Salter) [RHEL-56484] - ARM: 9261/1: amba: Drop redundant assignments of the system PM callbacks (Mark Salter) [RHEL-56484] - ARM: 9229/1: amba: Fix use-after-free in amba_read_periphid() (Mark Salter) [RHEL-56484] - ARM: 9220/1: amba: Remove deferred device addition (Mark Salter) [RHEL-56484] - ARM: 9207/1: amba: fix refcount underflow if amba_device_add() fails (Mark Salter) [RHEL-56484] - ARM: 9192/1: amba: fix memory leak in amba_device_try_add() (Mark Salter) [RHEL-56484] - ARM: 9193/1: amba: Add amba_read_periphid() helper (Mark Salter) [RHEL-56484] - amba: Use driver_set_override() instead of open-coding (Mark Salter) [RHEL-56484] - ARM: 9174/1: amba: Move EXPORT_SYMBOL() closer to definition (Mark Salter) [RHEL-56484] - ARM: 9173/1: amba: kill amba_find_match() (Mark Salter) [RHEL-56484] - ARM: 9172/1: amba: Cleanup amba pclk operation (Mark Salter) [RHEL-56484] - ARM: 9163/1: amba: Move of_amba_device_decode_irq() into amba_probe() (Mark Salter) [RHEL-56484] - ARM: 9162/1: amba: Kill sysfs attribute file of irq (Mark Salter) [RHEL-56484] - ARM: 9121/1: amba: Drop unused functions about APB/AHB devices add (Mark Salter) [RHEL-56484] - KVM: selftests: Allow skipping the KVM_RUN sanity check in rseq_test (Vitaly Kuznetsov) [RHEL-28186] - smb: client: fix OOBs when building SMB2_IOCTL request (Paulo Alcantara) [RHEL-66476] {CVE-2024-50151} - smb: client: fix possible double free in smb2_set_ea() (Paulo Alcantara) [RHEL-66493] {CVE-2024-50152} - libeth: add Tx buffer completion helpers (Petr Oros) [RHEL-59099] - net: intel: Remove MODULE_AUTHORs (Petr Oros) [RHEL-59099] - libeth: support different types of buffers for Rx (Petr Oros) [RHEL-59099] - libeth: add cacheline / struct layout assertion helpers (Petr Oros) [RHEL-59099] - net: intel: Use *-y instead of *-objs in Makefile (Petr Oros) [RHEL-59099] - libeth: add Rx buffer management (Petr Oros) [RHEL-59099] - net: intel: introduce {, Intel} Ethernet common library (Petr Oros) [RHEL-59099] - e1000e: Remove Meteor Lake SMBUS workarounds (Ivan Vecera) [RHEL-49812] - e1000e: change I219 (19) devices to ADP (Ivan Vecera) [RHEL-49812] - e1000e: avoid failing the system during pm_suspend (Ivan Vecera) [RHEL-49812] - net: intel: Remove MODULE_AUTHORs (Ivan Vecera) [RHEL-49812] - e1000e: fix force smbus during suspend flow (Ivan Vecera) [RHEL-49812] - e1000e: Fix S0ix residency on corporate systems (Ivan Vecera) [RHEL-49812] - net: intel: Use *-y instead of *-objs in Makefile (Ivan Vecera) [RHEL-49812] - e1000e: move force SMBUS near the end of enable_ulp function (Ivan Vecera) [RHEL-49812] - net: e1000e & ixgbe: Remove PCI_HEADER_TYPE_MFD duplicates (Ivan Vecera) [RHEL-49812] - e1000e: change usleep_range to udelay in PHY mdic access (Ivan Vecera) [RHEL-49812] - e1000e: Remove redundant runtime resume for ethtool_ops (Ivan Vecera) [RHEL-49812] - net: intel: implement modern PM ops declarations (Ivan Vecera) [RHEL-49812] - e1000e: move force SMBUS from enable ulp function to avoid PHY loss issue (Ivan Vecera) [RHEL-49812] - e1000e: Workaround for sporadic MDI error on Meteor Lake systems (Ivan Vecera) [RHEL-49812] - intel: legacy: Partial revert of field get conversion (Ivan Vecera) [RHEL-49812] - e1000e: Minor flow correction in e1000_shutdown function (Ivan Vecera) [RHEL-49812] - e1000e: correct maximum frequency adjustment values (Ivan Vecera) [RHEL-49812] - intel: legacy: field get conversion (Ivan Vecera) [RHEL-49812] - intel: legacy: field prep conversion (Ivan Vecera) [RHEL-49812] - e1000e: make lost bits explicit (Ivan Vecera) [RHEL-49812] - e1000e: Use pcie_capability_read_word() for reading LNKSTA (Ivan Vecera) [RHEL-49812] - e1000e: Use PCI_EXP_LNKSTA_NLW & FIELD_GET() instead of custom defines/code (Ivan Vecera) [RHEL-49812] - ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (Guillaume Nault) [RHEL-68205] {CVE-2024-50304} - ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (Guillaume Nault) [RHEL-68250] {CVE-2024-53042} - Bluetooth: ISO: Fix UAF on iso_sock_timeout (CKI Backport Bot) [RHEL-66320] {CVE-2024-50124} Resolves: RHEL-28186, RHEL-49812, RHEL-56484, RHEL-59099, RHEL-64530, RHEL-65939, RHEL-66320, RHEL-66476, RHEL-66493, RHEL-68179, RHEL-68205, RHEL-68250 Signed-off-by: Rado Vrbovsky --- Makefile.rhelver | 2 +- kernel.changelog | 61 +++++++++++++++++++++++++++++++++++++++++++ kernel.spec | 68 +++++++++++++++++++++++++++++++++++++++++++++--- sources | 6 ++--- 4 files changed, 129 insertions(+), 8 deletions(-) diff --git a/Makefile.rhelver b/Makefile.rhelver index 4eb2e2a75..0004456f5 100644 --- a/Makefile.rhelver +++ b/Makefile.rhelver @@ -12,7 +12,7 @@ RHEL_MINOR = 6 # # Use this spot to avoid future merge conflicts. # Do not trim this comment. -RHEL_RELEASE = 536 +RHEL_RELEASE = 537 # # ZSTREAM diff --git a/kernel.changelog b/kernel.changelog index 2fabf8656..f45c6df36 100644 --- a/kernel.changelog +++ b/kernel.changelog @@ -1,3 +1,64 @@ +* Mon Dec 02 2024 Rado Vrbovsky [5.14.0-537.el9] +- smb: client: Handle kstrdup failures for passwords (Paulo Alcantara) [RHEL-65939] {CVE-2024-50120} +- fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name (CKI Backport Bot) [RHEL-64530] {CVE-2024-49934} +- mptcp: init: protect sched with rcu_read_lock (CKI Backport Bot) [RHEL-68179] {CVE-2024-53047} +- ARM: 9361/1: amba: store owner from modules with amba_driver_register() (Mark Salter) [RHEL-56484] +- amba: bus: balance firmware node reference counting (Mark Salter) [RHEL-56484] +- of/platform: increase refcount of fwnode (Mark Salter) [RHEL-56484] +- of/platform: Propagate firmware node by calling device_set_node() (Mark Salter) [RHEL-56484] +- amba: bus: fix refcount leak (Mark Salter) [RHEL-56484] +- amba: move to_amba_device() to use container_of_const (Mark Salter) [RHEL-56484] +- ARM: tegra: Remove MODULE_LICENSE in non-modules (Mark Salter) [RHEL-56484] +- ARM: 9261/1: amba: Drop redundant assignments of the system PM callbacks (Mark Salter) [RHEL-56484] +- ARM: 9229/1: amba: Fix use-after-free in amba_read_periphid() (Mark Salter) [RHEL-56484] +- ARM: 9220/1: amba: Remove deferred device addition (Mark Salter) [RHEL-56484] +- ARM: 9207/1: amba: fix refcount underflow if amba_device_add() fails (Mark Salter) [RHEL-56484] +- ARM: 9192/1: amba: fix memory leak in amba_device_try_add() (Mark Salter) [RHEL-56484] +- ARM: 9193/1: amba: Add amba_read_periphid() helper (Mark Salter) [RHEL-56484] +- amba: Use driver_set_override() instead of open-coding (Mark Salter) [RHEL-56484] +- ARM: 9174/1: amba: Move EXPORT_SYMBOL() closer to definition (Mark Salter) [RHEL-56484] +- ARM: 9173/1: amba: kill amba_find_match() (Mark Salter) [RHEL-56484] +- ARM: 9172/1: amba: Cleanup amba pclk operation (Mark Salter) [RHEL-56484] +- ARM: 9163/1: amba: Move of_amba_device_decode_irq() into amba_probe() (Mark Salter) [RHEL-56484] +- ARM: 9162/1: amba: Kill sysfs attribute file of irq (Mark Salter) [RHEL-56484] +- ARM: 9121/1: amba: Drop unused functions about APB/AHB devices add (Mark Salter) [RHEL-56484] +- KVM: selftests: Allow skipping the KVM_RUN sanity check in rseq_test (Vitaly Kuznetsov) [RHEL-28186] +- smb: client: fix OOBs when building SMB2_IOCTL request (Paulo Alcantara) [RHEL-66476] {CVE-2024-50151} +- smb: client: fix possible double free in smb2_set_ea() (Paulo Alcantara) [RHEL-66493] {CVE-2024-50152} +- libeth: add Tx buffer completion helpers (Petr Oros) [RHEL-59099] +- net: intel: Remove MODULE_AUTHORs (Petr Oros) [RHEL-59099] +- libeth: support different types of buffers for Rx (Petr Oros) [RHEL-59099] +- libeth: add cacheline / struct layout assertion helpers (Petr Oros) [RHEL-59099] +- net: intel: Use *-y instead of *-objs in Makefile (Petr Oros) [RHEL-59099] +- libeth: add Rx buffer management (Petr Oros) [RHEL-59099] +- net: intel: introduce {, Intel} Ethernet common library (Petr Oros) [RHEL-59099] +- e1000e: Remove Meteor Lake SMBUS workarounds (Ivan Vecera) [RHEL-49812] +- e1000e: change I219 (19) devices to ADP (Ivan Vecera) [RHEL-49812] +- e1000e: avoid failing the system during pm_suspend (Ivan Vecera) [RHEL-49812] +- net: intel: Remove MODULE_AUTHORs (Ivan Vecera) [RHEL-49812] +- e1000e: fix force smbus during suspend flow (Ivan Vecera) [RHEL-49812] +- e1000e: Fix S0ix residency on corporate systems (Ivan Vecera) [RHEL-49812] +- net: intel: Use *-y instead of *-objs in Makefile (Ivan Vecera) [RHEL-49812] +- e1000e: move force SMBUS near the end of enable_ulp function (Ivan Vecera) [RHEL-49812] +- net: e1000e & ixgbe: Remove PCI_HEADER_TYPE_MFD duplicates (Ivan Vecera) [RHEL-49812] +- e1000e: change usleep_range to udelay in PHY mdic access (Ivan Vecera) [RHEL-49812] +- e1000e: Remove redundant runtime resume for ethtool_ops (Ivan Vecera) [RHEL-49812] +- net: intel: implement modern PM ops declarations (Ivan Vecera) [RHEL-49812] +- e1000e: move force SMBUS from enable ulp function to avoid PHY loss issue (Ivan Vecera) [RHEL-49812] +- e1000e: Workaround for sporadic MDI error on Meteor Lake systems (Ivan Vecera) [RHEL-49812] +- intel: legacy: Partial revert of field get conversion (Ivan Vecera) [RHEL-49812] +- e1000e: Minor flow correction in e1000_shutdown function (Ivan Vecera) [RHEL-49812] +- e1000e: correct maximum frequency adjustment values (Ivan Vecera) [RHEL-49812] +- intel: legacy: field get conversion (Ivan Vecera) [RHEL-49812] +- intel: legacy: field prep conversion (Ivan Vecera) [RHEL-49812] +- e1000e: make lost bits explicit (Ivan Vecera) [RHEL-49812] +- e1000e: Use pcie_capability_read_word() for reading LNKSTA (Ivan Vecera) [RHEL-49812] +- e1000e: Use PCI_EXP_LNKSTA_NLW & FIELD_GET() instead of custom defines/code (Ivan Vecera) [RHEL-49812] +- ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (Guillaume Nault) [RHEL-68205] {CVE-2024-50304} +- ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (Guillaume Nault) [RHEL-68250] {CVE-2024-53042} +- Bluetooth: ISO: Fix UAF on iso_sock_timeout (CKI Backport Bot) [RHEL-66320] {CVE-2024-50124} +Resolves: RHEL-28186, RHEL-49812, RHEL-56484, RHEL-59099, RHEL-64530, RHEL-65939, RHEL-66320, RHEL-66476, RHEL-66493, RHEL-68179, RHEL-68205, RHEL-68250 + * Thu Nov 28 2024 Rado Vrbovsky [5.14.0-536.el9] - gfs2: Get rid of demote_ok checks (Andreas Gruenbacher) [RHEL-67675] - gfs2: Remove freeze_go_demote_ok (Andreas Gruenbacher) [RHEL-67675] diff --git a/kernel.spec b/kernel.spec index 412101df4..35a151ff6 100755 --- a/kernel.spec +++ b/kernel.spec @@ -165,15 +165,15 @@ Summary: The Linux kernel # define buildid .local %define specversion 5.14.0 %define patchversion 5.14 -%define pkgrelease 536 +%define pkgrelease 537 %define kversion 5 -%define tarfile_release 5.14.0-536.el9 +%define tarfile_release 5.14.0-537.el9 # This is needed to do merge window version magic %define patchlevel 14 # This allows pkg_release to have configurable %%{?dist} tag -%define specrelease 536%{?buildid}%{?dist} +%define specrelease 537%{?buildid}%{?dist} # This defines the kabi tarball version -%define kabiversion 5.14.0-536.el9 +%define kabiversion 5.14.0-537.el9 # # End of genspec.sh variables @@ -3813,6 +3813,66 @@ fi # # %changelog +* Mon Dec 02 2024 Rado Vrbovsky [5.14.0-537.el9] +- smb: client: Handle kstrdup failures for passwords (Paulo Alcantara) [RHEL-65939] {CVE-2024-50120} +- fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name (CKI Backport Bot) [RHEL-64530] {CVE-2024-49934} +- mptcp: init: protect sched with rcu_read_lock (CKI Backport Bot) [RHEL-68179] {CVE-2024-53047} +- ARM: 9361/1: amba: store owner from modules with amba_driver_register() (Mark Salter) [RHEL-56484] +- amba: bus: balance firmware node reference counting (Mark Salter) [RHEL-56484] +- of/platform: increase refcount of fwnode (Mark Salter) [RHEL-56484] +- of/platform: Propagate firmware node by calling device_set_node() (Mark Salter) [RHEL-56484] +- amba: bus: fix refcount leak (Mark Salter) [RHEL-56484] +- amba: move to_amba_device() to use container_of_const (Mark Salter) [RHEL-56484] +- ARM: tegra: Remove MODULE_LICENSE in non-modules (Mark Salter) [RHEL-56484] +- ARM: 9261/1: amba: Drop redundant assignments of the system PM callbacks (Mark Salter) [RHEL-56484] +- ARM: 9229/1: amba: Fix use-after-free in amba_read_periphid() (Mark Salter) [RHEL-56484] +- ARM: 9220/1: amba: Remove deferred device addition (Mark Salter) [RHEL-56484] +- ARM: 9207/1: amba: fix refcount underflow if amba_device_add() fails (Mark Salter) [RHEL-56484] +- ARM: 9192/1: amba: fix memory leak in amba_device_try_add() (Mark Salter) [RHEL-56484] +- ARM: 9193/1: amba: Add amba_read_periphid() helper (Mark Salter) [RHEL-56484] +- amba: Use driver_set_override() instead of open-coding (Mark Salter) [RHEL-56484] +- ARM: 9174/1: amba: Move EXPORT_SYMBOL() closer to definition (Mark Salter) [RHEL-56484] +- ARM: 9173/1: amba: kill amba_find_match() (Mark Salter) [RHEL-56484] +- ARM: 9172/1: amba: Cleanup amba pclk operation (Mark Salter) [RHEL-56484] +- ARM: 9163/1: amba: Move of_amba_device_decode_irq() into amba_probe() (Mark Salter) [RHEL-56484] +- ARM: 9162/1: amba: Kill sysfs attribute file of irq (Mark Salter) [RHEL-56484] +- ARM: 9121/1: amba: Drop unused functions about APB/AHB devices add (Mark Salter) [RHEL-56484] +- KVM: selftests: Allow skipping the KVM_RUN sanity check in rseq_test (Vitaly Kuznetsov) [RHEL-28186] +- smb: client: fix OOBs when building SMB2_IOCTL request (Paulo Alcantara) [RHEL-66476] {CVE-2024-50151} +- smb: client: fix possible double free in smb2_set_ea() (Paulo Alcantara) [RHEL-66493] {CVE-2024-50152} +- libeth: add Tx buffer completion helpers (Petr Oros) [RHEL-59099] +- net: intel: Remove MODULE_AUTHORs (Petr Oros) [RHEL-59099] +- libeth: support different types of buffers for Rx (Petr Oros) [RHEL-59099] +- libeth: add cacheline / struct layout assertion helpers (Petr Oros) [RHEL-59099] +- net: intel: Use *-y instead of *-objs in Makefile (Petr Oros) [RHEL-59099] +- libeth: add Rx buffer management (Petr Oros) [RHEL-59099] +- net: intel: introduce {, Intel} Ethernet common library (Petr Oros) [RHEL-59099] +- e1000e: Remove Meteor Lake SMBUS workarounds (Ivan Vecera) [RHEL-49812] +- e1000e: change I219 (19) devices to ADP (Ivan Vecera) [RHEL-49812] +- e1000e: avoid failing the system during pm_suspend (Ivan Vecera) [RHEL-49812] +- net: intel: Remove MODULE_AUTHORs (Ivan Vecera) [RHEL-49812] +- e1000e: fix force smbus during suspend flow (Ivan Vecera) [RHEL-49812] +- e1000e: Fix S0ix residency on corporate systems (Ivan Vecera) [RHEL-49812] +- net: intel: Use *-y instead of *-objs in Makefile (Ivan Vecera) [RHEL-49812] +- e1000e: move force SMBUS near the end of enable_ulp function (Ivan Vecera) [RHEL-49812] +- net: e1000e & ixgbe: Remove PCI_HEADER_TYPE_MFD duplicates (Ivan Vecera) [RHEL-49812] +- e1000e: change usleep_range to udelay in PHY mdic access (Ivan Vecera) [RHEL-49812] +- e1000e: Remove redundant runtime resume for ethtool_ops (Ivan Vecera) [RHEL-49812] +- net: intel: implement modern PM ops declarations (Ivan Vecera) [RHEL-49812] +- e1000e: move force SMBUS from enable ulp function to avoid PHY loss issue (Ivan Vecera) [RHEL-49812] +- e1000e: Workaround for sporadic MDI error on Meteor Lake systems (Ivan Vecera) [RHEL-49812] +- intel: legacy: Partial revert of field get conversion (Ivan Vecera) [RHEL-49812] +- e1000e: Minor flow correction in e1000_shutdown function (Ivan Vecera) [RHEL-49812] +- e1000e: correct maximum frequency adjustment values (Ivan Vecera) [RHEL-49812] +- intel: legacy: field get conversion (Ivan Vecera) [RHEL-49812] +- intel: legacy: field prep conversion (Ivan Vecera) [RHEL-49812] +- e1000e: make lost bits explicit (Ivan Vecera) [RHEL-49812] +- e1000e: Use pcie_capability_read_word() for reading LNKSTA (Ivan Vecera) [RHEL-49812] +- e1000e: Use PCI_EXP_LNKSTA_NLW & FIELD_GET() instead of custom defines/code (Ivan Vecera) [RHEL-49812] +- ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (Guillaume Nault) [RHEL-68205] {CVE-2024-50304} +- ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_init_flow() (Guillaume Nault) [RHEL-68250] {CVE-2024-53042} +- Bluetooth: ISO: Fix UAF on iso_sock_timeout (CKI Backport Bot) [RHEL-66320] {CVE-2024-50124} + * Thu Nov 28 2024 Rado Vrbovsky [5.14.0-536.el9] - gfs2: Get rid of demote_ok checks (Andreas Gruenbacher) [RHEL-67675] - gfs2: Remove freeze_go_demote_ok (Andreas Gruenbacher) [RHEL-67675] diff --git a/sources b/sources index e26ccfab5..c4a2b6653 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (linux-5.14.0-536.el9.tar.xz) = 10ca3d7c55118f7b97c8a0f95d04dd938676b35766784de27dcf18a4fa7a187fe5a50f4ad8031995ff332ca0bb4295ccf1ba61e99286b02215124199a1765a27 -SHA512 (kernel-abi-stablelists-5.14.0-536.el9.tar.bz2) = 46a7822e32de0470717ac6b0794864efe6e5314ded59471b4256e5fd11d8bf12ae8713d51dbb09bf948e7e42a5f2ebc2a50427ae028db0cf79c83408cd1ce758 -SHA512 (kernel-kabi-dw-5.14.0-536.el9.tar.bz2) = 3d08f838767b27b87724fed347ce3be63fce15e5eded0576121c474d14db4a6d07895b350c635e343d5522ac237dfd982d1f39b8480c4129f4eb79f6a64115cb +SHA512 (linux-5.14.0-537.el9.tar.xz) = b23b2c240053438cc0b92e3256abc0b5404c5866b0d8038c639640a57a6e5c474d5cd59ea6b78784f17add0259bb4ac32bee295a51446b3d0fb5edb0eb818cbf +SHA512 (kernel-abi-stablelists-5.14.0-537.el9.tar.bz2) = 76468665750fdce75f2f60374dcbd6a8abab8c5ef3bbf0148c7f9a77556f1ecd7f63a4d7390e10d9b3b25422f8f82055931dfdb06aa37185785bb64df686c71f +SHA512 (kernel-kabi-dw-5.14.0-537.el9.tar.bz2) = 3d08f838767b27b87724fed347ce3be63fce15e5eded0576121c474d14db4a6d07895b350c635e343d5522ac237dfd982d1f39b8480c4129f4eb79f6a64115cb