kernel-4.18.0-553.12.1.el8_10
* Wed Jul 10 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.12.1.el8_10] - net: bridge: xmit: make sure we have at least eth header len bytes (cki-backport-bot) [RHEL-44291] {CVE-2024-38538} - drivers/amd/pm: fix a use-after-free in kv_parse_power_table (Michel Dänzer) [RHEL-26893] {CVE-2023-52469} - SUNRPC: Fix a suspicious RCU usage warning (Scott Mayhew) [RHEL-30503] {CVE-2023-52623} - ice: Fix some null pointer dereference issues in ice_ptp.c (Petr Oros) [RHEL-26901] {CVE-2023-52471} - xfs: fix internal error from AGFL exhaustion (Pavel Reichl) [RHEL-45581] - sched/psi: Fix use-after-free in ep_remove_wait_queue() (Phil Auld) [RHEL-38117] {CVE-2023-52707} - wait: add wake_up_pollfree() (Phil Auld) [RHEL-38117] - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (Hangbin Liu) [RHEL-33269] {CVE-2024-26852} - net: bridge: switchdev: Skip MDB replays of deferred events on offload (Ivan Vecera) [RHEL-33117] {CVE-2024-26837} - ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (Pavel Reichl) [RHEL-31700] {CVE-2024-26772} - ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() (Pavel Reichl) [RHEL-31688] {CVE-2024-26773} - ext4: fix double-free of blocks due to wrong extents moved_len (Pavel Reichl) [RHEL-31612] {CVE-2024-26704} - vxlan: Pull inner IP header in vxlan_xmit_one(). (Guillaume Nault) [RHEL-31389] - geneve: Fix incorrect inner network header offset when innerprotoinherit is set (Guillaume Nault) [RHEL-31389] - vxlan: Pull inner IP header in vxlan_rcv(). (Guillaume Nault) [RHEL-31389] - geneve: fix header validation in geneve[6]_xmit_skb (Guillaume Nault) [RHEL-31389] - geneve: make sure to pull inner header in geneve_rx() (Guillaume Nault) [RHEL-31389] - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb (Guillaume Nault) [RHEL-31389] - net: geneve: check skb is large enough for IPv4/IPv6 header (Guillaume Nault) [RHEL-31389] - net/smc: fix neighbour and rtable leak in smc_ib_find_route() (Tobias Huschle) [RHEL-39744] {CVE-2024-36945} - igb: Fix string truncation warnings in igb_set_fw_version (Corinna Vinschen) [RHEL-38452] {CVE-2024-36010} - bonding: stop the device in bond_setup_by_slave() (Hangbin Liu) [RHEL-38327] {CVE-2023-52784} - i40e: fix vf may be used uninitialized in this function warning (Kamal Heib) [RHEL-39702] {CVE-2024-36020} - powerpc/64: Fix the definition of the fixmap area (Mamatha Inamdar) [RHEL-27191] {CVE-2021-47018} - powerpc/mm/hash64: Add a variable to track the end of IO mapping (Mamatha Inamdar) [RHEL-27191] {CVE-2021-47018} - nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). (Xin Long) [RHEL-39770] {CVE-2024-36933} - net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (Xin Long) [RHEL-39770] - net: core: reject skb_copy(_expand) for fraglist GSO skbs (Xin Long) [RHEL-39779] {CVE-2024-36929} - tcp: properly terminate timers for kernel sockets (Guillaume Nault) [RHEL-37171] {CVE-2024-35910} - net: relax socket state check at accept time. (Florian Westphal) [RHEL-39831] - tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (Florian Westphal) [RHEL-39831] {CVE-2024-36905} - tcp: remove redundant check on tskb (Florian Westphal) [RHEL-39831] - drm/ast: Fix soft lockup (cki-backport-bot) [RHEL-37438] {CVE-2024-35952} - null_blk: Fix return value of nullb_device_power_store() (Ming Lei) [RHEL-39341] - null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (Ming Lei) [RHEL-39341] - null_blk: fix return value from null_add_dev() (Ming Lei) [RHEL-39341] Resolves: RHEL-26893, RHEL-26901, RHEL-27191, RHEL-30503, RHEL-31389, RHEL-31612, RHEL-31688, RHEL-31700, RHEL-33117, RHEL-33269, RHEL-37171, RHEL-37438, RHEL-38117, RHEL-38327, RHEL-38452, RHEL-39341, RHEL-39702, RHEL-39744, RHEL-39770, RHEL-39779, RHEL-39831, RHEL-44291, RHEL-45581 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
This commit is contained in:
parent
d1cd9718e8
commit
9dbacbed09
42
kernel.spec
42
kernel.spec
@ -38,10 +38,10 @@
|
|||||||
# define buildid .local
|
# define buildid .local
|
||||||
|
|
||||||
%define specversion 4.18.0
|
%define specversion 4.18.0
|
||||||
%define pkgrelease 553.11.1.el8_10
|
%define pkgrelease 553.12.1.el8_10
|
||||||
|
|
||||||
# allow pkg_release to have configurable %%{?dist} tag
|
# allow pkg_release to have configurable %%{?dist} tag
|
||||||
%define specrelease 553.11.1%{?dist}
|
%define specrelease 553.12.1%{?dist}
|
||||||
|
|
||||||
%define pkg_release %{specrelease}%{?buildid}
|
%define pkg_release %{specrelease}%{?buildid}
|
||||||
|
|
||||||
@ -2696,6 +2696,44 @@ fi
|
|||||||
#
|
#
|
||||||
#
|
#
|
||||||
%changelog
|
%changelog
|
||||||
|
* Wed Jul 10 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.12.1.el8_10]
|
||||||
|
- net: bridge: xmit: make sure we have at least eth header len bytes (cki-backport-bot) [RHEL-44291] {CVE-2024-38538}
|
||||||
|
- drivers/amd/pm: fix a use-after-free in kv_parse_power_table (Michel Dänzer) [RHEL-26893] {CVE-2023-52469}
|
||||||
|
- SUNRPC: Fix a suspicious RCU usage warning (Scott Mayhew) [RHEL-30503] {CVE-2023-52623}
|
||||||
|
- ice: Fix some null pointer dereference issues in ice_ptp.c (Petr Oros) [RHEL-26901] {CVE-2023-52471}
|
||||||
|
- xfs: fix internal error from AGFL exhaustion (Pavel Reichl) [RHEL-45581]
|
||||||
|
- sched/psi: Fix use-after-free in ep_remove_wait_queue() (Phil Auld) [RHEL-38117] {CVE-2023-52707}
|
||||||
|
- wait: add wake_up_pollfree() (Phil Auld) [RHEL-38117]
|
||||||
|
- net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (Hangbin Liu) [RHEL-33269] {CVE-2024-26852}
|
||||||
|
- net: bridge: switchdev: Skip MDB replays of deferred events on offload (Ivan Vecera) [RHEL-33117] {CVE-2024-26837}
|
||||||
|
- ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (Pavel Reichl) [RHEL-31700] {CVE-2024-26772}
|
||||||
|
- ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() (Pavel Reichl) [RHEL-31688] {CVE-2024-26773}
|
||||||
|
- ext4: fix double-free of blocks due to wrong extents moved_len (Pavel Reichl) [RHEL-31612] {CVE-2024-26704}
|
||||||
|
- vxlan: Pull inner IP header in vxlan_xmit_one(). (Guillaume Nault) [RHEL-31389]
|
||||||
|
- geneve: Fix incorrect inner network header offset when innerprotoinherit is set (Guillaume Nault) [RHEL-31389]
|
||||||
|
- vxlan: Pull inner IP header in vxlan_rcv(). (Guillaume Nault) [RHEL-31389]
|
||||||
|
- geneve: fix header validation in geneve[6]_xmit_skb (Guillaume Nault) [RHEL-31389]
|
||||||
|
- geneve: make sure to pull inner header in geneve_rx() (Guillaume Nault) [RHEL-31389]
|
||||||
|
- net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb (Guillaume Nault) [RHEL-31389]
|
||||||
|
- net: geneve: check skb is large enough for IPv4/IPv6 header (Guillaume Nault) [RHEL-31389]
|
||||||
|
- net/smc: fix neighbour and rtable leak in smc_ib_find_route() (Tobias Huschle) [RHEL-39744] {CVE-2024-36945}
|
||||||
|
- igb: Fix string truncation warnings in igb_set_fw_version (Corinna Vinschen) [RHEL-38452] {CVE-2024-36010}
|
||||||
|
- bonding: stop the device in bond_setup_by_slave() (Hangbin Liu) [RHEL-38327] {CVE-2023-52784}
|
||||||
|
- i40e: fix vf may be used uninitialized in this function warning (Kamal Heib) [RHEL-39702] {CVE-2024-36020}
|
||||||
|
- powerpc/64: Fix the definition of the fixmap area (Mamatha Inamdar) [RHEL-27191] {CVE-2021-47018}
|
||||||
|
- powerpc/mm/hash64: Add a variable to track the end of IO mapping (Mamatha Inamdar) [RHEL-27191] {CVE-2021-47018}
|
||||||
|
- nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). (Xin Long) [RHEL-39770] {CVE-2024-36933}
|
||||||
|
- net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (Xin Long) [RHEL-39770]
|
||||||
|
- net: core: reject skb_copy(_expand) for fraglist GSO skbs (Xin Long) [RHEL-39779] {CVE-2024-36929}
|
||||||
|
- tcp: properly terminate timers for kernel sockets (Guillaume Nault) [RHEL-37171] {CVE-2024-35910}
|
||||||
|
- net: relax socket state check at accept time. (Florian Westphal) [RHEL-39831]
|
||||||
|
- tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (Florian Westphal) [RHEL-39831] {CVE-2024-36905}
|
||||||
|
- tcp: remove redundant check on tskb (Florian Westphal) [RHEL-39831]
|
||||||
|
- drm/ast: Fix soft lockup (cki-backport-bot) [RHEL-37438] {CVE-2024-35952}
|
||||||
|
- null_blk: Fix return value of nullb_device_power_store() (Ming Lei) [RHEL-39341]
|
||||||
|
- null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (Ming Lei) [RHEL-39341]
|
||||||
|
- null_blk: fix return value from null_add_dev() (Ming Lei) [RHEL-39341]
|
||||||
|
|
||||||
* Wed Jul 03 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.11.1.el8_10]
|
* Wed Jul 03 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.11.1.el8_10]
|
||||||
- x86/bugs: Reverse instruction order of CLEAR_CPU_BUFFERS (Waiman Long) [RHEL-42121]
|
- x86/bugs: Reverse instruction order of CLEAR_CPU_BUFFERS (Waiman Long) [RHEL-42121]
|
||||||
- Revert "x86/bugs: Use fixed addressing for VERW operand" (Waiman Long) [RHEL-42121]
|
- Revert "x86/bugs: Use fixed addressing for VERW operand" (Waiman Long) [RHEL-42121]
|
||||||
|
4
sources
4
sources
@ -1,3 +1,3 @@
|
|||||||
SHA512 (linux-4.18.0-553.11.1.el8_10.tar.xz) = 30bb98192c1cd91d5a52b6255893b09c8d44abfe0970fcdf79ac6192aaad0b36db9bbac6be30075fcf04074a17bcd15165ab15c988892cceb563784808634851
|
SHA512 (linux-4.18.0-553.12.1.el8_10.tar.xz) = fa47e2bd7ad7de31de104da323502d38802cb1c511306c39b50294b6f69c00e03869c5563e81dfa87fdc965ad30461a0354d3dc298eedcc1a190cd5d19ff592e
|
||||||
SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = 0044a0cf192c8257a4724fe17a26f5e61c8fae8e4ef63bbfebb2e02b28db91e3c45f2332d4068226e09ba9cb75e47d5b9eb48e2628533f7f248adc7493bce1e4
|
SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = 5f014a83a2073516b73962702012820a4f7ce4686b52040a631064af73b13874bc695577027f39b500daf76545a2cffbd9ff5dad00fcecbcf0733a5c819abe8e
|
||||||
SHA512 (kernel-kabi-dw-4.18.0-553.tar.bz2) = 8a671ed3c9b7f4b25fd4e594b62bc4a26474cb705d3ed22ca376618b3c7962fc72ace1ffd02c9c3a192d9d2c449d38228809542d7f16ebad16f8127020eb2faf
|
SHA512 (kernel-kabi-dw-4.18.0-553.tar.bz2) = 8a671ed3c9b7f4b25fd4e594b62bc4a26474cb705d3ed22ca376618b3c7962fc72ace1ffd02c9c3a192d9d2c449d38228809542d7f16ebad16f8127020eb2faf
|
||||||
|
Loading…
Reference in New Issue
Block a user