rpms/kernel
9
2
Fork 4
Code Issues Pull Requests Releases Activity

kernel-4.18.0-553.9.1.el8_10

Browse Source 
* Fri Jun 21 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.9.1.el8_10]
- x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (Steve Best) [RHEL-37262] {CVE-2024-35876}
- net/sched: flower: Fix chain template offload (Xin Long) [RHEL-31313] {CVE-2024-26669}
- SUNRPC: fix a memleak in gss_import_v2_context (Scott Mayhew) [RHEL-35195] {CVE-2023-52653}
- efivarfs: force RO when remounting if SetVariable is not supported (Pavel Reichl) [RHEL-26564] {CVE-2023-52463}
- dmaengine: idxd: add a write() method for applications to submit work (Jerry Snitselaar) [RHEL-35826] {CVE-2024-21823}
- dmaengine: idxd: add a new security check to deal with a hardware erratum (Jerry Snitselaar) [RHEL-35826] {CVE-2024-21823}
- VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist (Jerry Snitselaar) [RHEL-35826] {CVE-2024-21823}
- quota: Fix potential NULL pointer dereference (Pavel Reichl) [RHEL-33219] {CVE-2024-26878}
- locking/lockdep: Fix overflow in presentation of average lock-time (Čestmír Kalina) [RHEL-17678]
- blk-cgroup: Properly propagate the iostat update up the hierarchy (Ming Lei) [RHEL-40939]
- proc: Use new_inode not new_inode_pseudo (Ian Kent) [RHEL-40167]
- stmmac: Clear variable when destroying workqueue (Izabela Bakollari) [RHEL-31822] {CVE-2024-26802}
- powerpc/pseries/memhp: Fix access beyond end of drmem array (Mamatha Inamdar) [RHEL-26495] {CVE-2023-52451}
- platform/x86: wmi: Fix opening of char device (David Arcari) [RHEL-38258] {CVE-2023-52864}
- Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" (Kamal Heib) [RHEL-36908] {CVE-2023-52658}
- hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed (Cathy Avery) [RHEL-39074]
- hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove (Cathy Avery) [RHEL-39074]
- hv_netvsc: Calculate correct ring size when PAGE_SIZE is not 4 Kbytes (Cathy Avery) [RHEL-39074]
- hv_netvsc: remove duplicated including of slab.h (Cathy Avery) [RHEL-39074]
- hv_netvsc: rndis_filter needs to select NLS (Cathy Avery) [RHEL-39074]
- hv_netvsc: Mark VF as slave before exposing it to user-mode (Cathy Avery) [RHEL-39074]
- hv_netvsc: Fix race of register_netdevice_notifier and VF register (Cathy Avery) [RHEL-39074]
- hv_netvsc: fix race of netvsc and VF register_netdevice (Cathy Avery) [RHEL-39074]
- hv_netvsc: fix netvsc_send_completion to avoid multiple message length checks (Cathy Avery) [RHEL-39074]
- hv_netvsc: Allocate rx indirection table size dynamically (Cathy Avery) [RHEL-39074]
- net: hv_netvsc: Fix a warning triggered by memcpy in rndis_filter (Cathy Avery) [RHEL-39074]
- gfs2: Fix lru_count accounting (Andreas Gruenbacher) [RHEL-32941]
- gfs2: Fix "Make glock lru list scanning safer" (Andreas Gruenbacher) [RHEL-32941]
- gfs2: Fix "ignore unlock failures after withdraw" (Andreas Gruenbacher) [RHEL-32941]
- gfs2: Don't set GLF_LOCK in gfs2_dispose_glock_lru (Andreas Gruenbacher) [RHEL-32941]
- gfs2: Don't forget to complete delayed withdraw (Andreas Gruenbacher) [RHEL-32941]
- gfs2: Delay withdraw from atomic context (Andreas Gruenbacher) [RHEL-32941]
- gfs2: trivial clean up of gfs2_ail_error (Andreas Gruenbacher) [RHEL-32941]
- ext4: fix corruption during on-line resize (Carlos Maiolino) [RHEL-36974] {CVE-2024-35807}
- ext4: correct offset of gdb backup in non meta_bg group to update_backups (Carlos Maiolino) [RHEL-36974]
- ext4: avoid online resizing failures due to oversized flex bg (Carlos Maiolino) [RHEL-30507] {CVE-2023-52622}
- ext4: use time_is_before_jiffies() instead of open coding it (Carlos Maiolino) [RHEL-30507]
- ext4: unify the type of flexbg_size to unsigned int (Carlos Maiolino) [RHEL-30507]
- ext4: remove unnecessary check from alloc_flex_gd() (Carlos Maiolino) [RHEL-30507]
- tracing: Do no increment trace_clock_global() by one (Jerome Marchand) [RHEL-27107] {CVE-2021-46939}
- tracing: Restructure trace_clock_global() to never block (Jerome Marchand) [RHEL-27107] {CVE-2021-46939}
- net/sched: act_skbmod: prevent kernel-infoleak (Xin Long) [RHEL-37220] {CVE-2024-35893}
- tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (Xin Long) [RHEL-38307] {CVE-2023-52845}
- redhat: remove the merge subtrees script (Derek Barbosa)
- redhat: rhdocs: delete .get_maintainer.conf (Derek Barbosa)
- redhat: rhdocs: Remove the rhdocs directory (Derek Barbosa)
- dyndbg: fix old BUG_ON in >control parser (Waiman Long) [RHEL-37111] {CVE-2024-35947}
- dyndbg: let query-modname override actual module name (Waiman Long) [RHEL-37111]
- dyndbg: make dyndbg a known cli param (Waiman Long) [RHEL-37111]
- lan78xx: Fix exception on link speed change (Jamie Bainbridge) [RHEL-33437]
- net: usb: lan78xx: don't modify phy_device state concurrently (Jamie Bainbridge) [RHEL-33437]
- efi: runtime: Fix potential overflow of soft-reserved region size (Lenny Szubowicz) [RHEL-33096] {CVE-2024-26843}
- perf/arm-cmn: Fail DTC counter allocation correctly (Michael Petlan) [RHEL-23841]
- perf/arm-cmn: Rework DTC counters (again) (Michael Petlan) [RHEL-23841]
- perf/arm-cmn: Fix DTC domain detection (Michael Petlan) [RHEL-23841]
- perf/arm-cmn: Revamp model detection (Michael Petlan) [RHEL-23841]
- perf/arm-cmn: Fix port detection for CMN-700 (Michael Petlan) [RHEL-23841]
- perf/arm-cmn: Move overlapping wp_combine field (Michael Petlan) [RHEL-23841]
- Partially revert "perf/arm-cmn: Optimise DTC counter accesses" (Michael Petlan) [RHEL-23841]
- drivers/perf: Compile with gnu99 standard (Michael Petlan) [RHEL-23841]
- x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (Steve Best) [RHEL-36994] {CVE-2024-35801}
- watchdog: softdog: Add options 'soft_reboot_cmd' and 'soft_active_on_boot' (Waiman Long) [RHEL-19723]
- tipc: fix UAF in error path (Xin Long) [RHEL-34278] {CVE-2024-36886}
Resolves: RHEL-17678, RHEL-19723, RHEL-23841, RHEL-26495, RHEL-26564, RHEL-27107, RHEL-30507, RHEL-31313, RHEL-31822, RHEL-32941, RHEL-33096, RHEL-33219, RHEL-33437, RHEL-34278, RHEL-35195, RHEL-35826, RHEL-36908, RHEL-36974, RHEL-36994, RHEL-37111, RHEL-37220, RHEL-37262, RHEL-38258, RHEL-38307, RHEL-39074, RHEL-40167, RHEL-40939

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
This commit is contained in:
Denys Vlasenko 2024-06-21 14:55:17 +02:00
parent f23a3cd900
commit 85bf7844fb
2 changed files with 69 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
kernel.spec
View File

@ -38,10 +38,10 @@
# define buildid .local
%define specversion 4.18.0
%define pkgrelease 553.8.1.el8_10
%define pkgrelease 553.9.1.el8_10
# allow pkg_release to have configurable %%{?dist} tag
%define specrelease 553.8.1%{?dist}
%define specrelease 553.9.1%{?dist}
%define pkg_release %{specrelease}%{?buildid}
@ -2696,6 +2696,71 @@ fi
#
#
%changelog
* Fri Jun 21 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.9.1.el8_10]
- x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (Steve Best) [RHEL-37262] {CVE-2024-35876}
- net/sched: flower: Fix chain template offload (Xin Long) [RHEL-31313] {CVE-2024-26669}
- SUNRPC: fix a memleak in gss_import_v2_context (Scott Mayhew) [RHEL-35195] {CVE-2023-52653}
- efivarfs: force RO when remounting if SetVariable is not supported (Pavel Reichl) [RHEL-26564] {CVE-2023-52463}
- dmaengine: idxd: add a write() method for applications to submit work (Jerry Snitselaar) [RHEL-35826] {CVE-2024-21823}
- dmaengine: idxd: add a new security check to deal with a hardware erratum (Jerry Snitselaar) [RHEL-35826] {CVE-2024-21823}
- VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist (Jerry Snitselaar) [RHEL-35826] {CVE-2024-21823}
- quota: Fix potential NULL pointer dereference (Pavel Reichl) [RHEL-33219] {CVE-2024-26878}
- locking/lockdep: Fix overflow in presentation of average lock-time (Čestmír Kalina) [RHEL-17678]
- blk-cgroup: Properly propagate the iostat update up the hierarchy (Ming Lei) [RHEL-40939]
- proc: Use new_inode not new_inode_pseudo (Ian Kent) [RHEL-40167]
- stmmac: Clear variable when destroying workqueue (Izabela Bakollari) [RHEL-31822] {CVE-2024-26802}
- powerpc/pseries/memhp: Fix access beyond end of drmem array (Mamatha Inamdar) [RHEL-26495] {CVE-2023-52451}
- platform/x86: wmi: Fix opening of char device (David Arcari) [RHEL-38258] {CVE-2023-52864}
- Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" (Kamal Heib) [RHEL-36908] {CVE-2023-52658}
- hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed (Cathy Avery) [RHEL-39074]
- hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove (Cathy Avery) [RHEL-39074]
- hv_netvsc: Calculate correct ring size when PAGE_SIZE is not 4 Kbytes (Cathy Avery) [RHEL-39074]
- hv_netvsc: remove duplicated including of slab.h (Cathy Avery) [RHEL-39074]
- hv_netvsc: rndis_filter needs to select NLS (Cathy Avery) [RHEL-39074]
- hv_netvsc: Mark VF as slave before exposing it to user-mode (Cathy Avery) [RHEL-39074]
- hv_netvsc: Fix race of register_netdevice_notifier and VF register (Cathy Avery) [RHEL-39074]
- hv_netvsc: fix race of netvsc and VF register_netdevice (Cathy Avery) [RHEL-39074]
- hv_netvsc: fix netvsc_send_completion to avoid multiple message length checks (Cathy Avery) [RHEL-39074]
- hv_netvsc: Allocate rx indirection table size dynamically (Cathy Avery) [RHEL-39074]
- net: hv_netvsc: Fix a warning triggered by memcpy in rndis_filter (Cathy Avery) [RHEL-39074]
- gfs2: Fix lru_count accounting (Andreas Gruenbacher) [RHEL-32941]
- gfs2: Fix "Make glock lru list scanning safer" (Andreas Gruenbacher) [RHEL-32941]
- gfs2: Fix "ignore unlock failures after withdraw" (Andreas Gruenbacher) [RHEL-32941]
- gfs2: Don't set GLF_LOCK in gfs2_dispose_glock_lru (Andreas Gruenbacher) [RHEL-32941]
- gfs2: Don't forget to complete delayed withdraw (Andreas Gruenbacher) [RHEL-32941]
- gfs2: Delay withdraw from atomic context (Andreas Gruenbacher) [RHEL-32941]
- gfs2: trivial clean up of gfs2_ail_error (Andreas Gruenbacher) [RHEL-32941]
- ext4: fix corruption during on-line resize (Carlos Maiolino) [RHEL-36974] {CVE-2024-35807}
- ext4: correct offset of gdb backup in non meta_bg group to update_backups (Carlos Maiolino) [RHEL-36974]
- ext4: avoid online resizing failures due to oversized flex bg (Carlos Maiolino) [RHEL-30507] {CVE-2023-52622}
- ext4: use time_is_before_jiffies() instead of open coding it (Carlos Maiolino) [RHEL-30507]
- ext4: unify the type of flexbg_size to unsigned int (Carlos Maiolino) [RHEL-30507]
- ext4: remove unnecessary check from alloc_flex_gd() (Carlos Maiolino) [RHEL-30507]
- tracing: Do no increment trace_clock_global() by one (Jerome Marchand) [RHEL-27107] {CVE-2021-46939}
- tracing: Restructure trace_clock_global() to never block (Jerome Marchand) [RHEL-27107] {CVE-2021-46939}
- net/sched: act_skbmod: prevent kernel-infoleak (Xin Long) [RHEL-37220] {CVE-2024-35893}
- tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (Xin Long) [RHEL-38307] {CVE-2023-52845}
- redhat: remove the merge subtrees script (Derek Barbosa)
- redhat: rhdocs: delete .get_maintainer.conf (Derek Barbosa)
- redhat: rhdocs: Remove the rhdocs directory (Derek Barbosa)
- dyndbg: fix old BUG_ON in >control parser (Waiman Long) [RHEL-37111] {CVE-2024-35947}
- dyndbg: let query-modname override actual module name (Waiman Long) [RHEL-37111]
- dyndbg: make dyndbg a known cli param (Waiman Long) [RHEL-37111]
- lan78xx: Fix exception on link speed change (Jamie Bainbridge) [RHEL-33437]
- net: usb: lan78xx: don't modify phy_device state concurrently (Jamie Bainbridge) [RHEL-33437]
- efi: runtime: Fix potential overflow of soft-reserved region size (Lenny Szubowicz) [RHEL-33096] {CVE-2024-26843}
- perf/arm-cmn: Fail DTC counter allocation correctly (Michael Petlan) [RHEL-23841]
- perf/arm-cmn: Rework DTC counters (again) (Michael Petlan) [RHEL-23841]
- perf/arm-cmn: Fix DTC domain detection (Michael Petlan) [RHEL-23841]
- perf/arm-cmn: Revamp model detection (Michael Petlan) [RHEL-23841]
- perf/arm-cmn: Fix port detection for CMN-700 (Michael Petlan) [RHEL-23841]
- perf/arm-cmn: Move overlapping wp_combine field (Michael Petlan) [RHEL-23841]
- Partially revert "perf/arm-cmn: Optimise DTC counter accesses" (Michael Petlan) [RHEL-23841]
- drivers/perf: Compile with gnu99 standard (Michael Petlan) [RHEL-23841]
- x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (Steve Best) [RHEL-36994] {CVE-2024-35801}
- watchdog: softdog: Add options 'soft_reboot_cmd' and 'soft_active_on_boot' (Waiman Long) [RHEL-19723]
- tipc: fix UAF in error path (Xin Long) [RHEL-34278] {CVE-2024-36886}
* Fri Jun 14 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.8.1.el8_10]
- udf: Fix NULL pointer dereference in udf_symlink function (Pavel Reichl) [RHEL-37769] {CVE-2021-47353}
- net: ti: fix UAF in tlan_remove_one (Jose Ignacio Tornos Martinez) [RHEL-38940] {CVE-2021-47310}

4
sources
View File

@ -1,3 +1,3 @@
SHA512 (linux-4.18.0-553.8.1.el8_10.tar.xz) = 7855e031bb0cf8ab76a3eb71090022af235acdf4f07c27303cf4a8da15c3cd0b10591930e3de3c7fe3b0cfbd8e616822683d9eb39ec58412a91e39891b5bcff6
SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = 907ae7b96e9f53a02ad8187904800826713900c7a433dc049bba2ec9506ba05ef77803239e6d8442a6b3b71fb632fafe3565221e4ad7a1dafd4b291702377e4b
SHA512 (linux-4.18.0-553.9.1.el8_10.tar.xz) = f896972bd0d328c8a8f01e8de18417c65fbcb85c5cf1b291dc2cdb75bed19da61e2b2b3dcae3538329d644a687ac853543cda6a9035afba71dd4b8b18845d2f9
SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = 14fd0d823e040b8b76834ab7737b4b955015a8e8fef943f799516d5efe3eb3350333590071e8855382a28638397d87b9222fb49f240ecf42974ba39bff460ebe
SHA512 (kernel-kabi-dw-4.18.0-553.tar.bz2) = 8a671ed3c9b7f4b25fd4e594b62bc4a26474cb705d3ed22ca376618b3c7962fc72ace1ffd02c9c3a192d9d2c449d38228809542d7f16ebad16f8127020eb2faf