From a897b12c3706a047804eba80cf01db7dbb28b7ec Mon Sep 17 00:00:00 2001 From: Denys Vlasenko Date: Fri, 15 Nov 2024 00:45:33 +0100 Subject: [PATCH] kernel-4.18.0-553.30.1.el8_10 * Fri Nov 15 2024 Denys Vlasenko [4.18.0-553.30.1.el8_10] - media: edia: dvbdev: fix a use-after-free (Kate Hsuan) [RHEL-35763] {CVE-2024-27043} - blk-mq: fix missing blk_account_io_done() in error path (Ming Lei) [RHEL-61200] - rbd: don't assume rbd_is_lock_owner() for exclusive mappings (Ilya Dryomov) [RHEL-52684] - rbd: don't assume RBD_LOCK_STATE_LOCKED for exclusive mappings (Ilya Dryomov) [RHEL-52684] - rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (Ilya Dryomov) [RHEL-52684] - smb: client: use actual path when queryfs (Paulo Alcantara) [RHEL-60363] - cifs: Fix uninitialized memory reads for oparms.mode (Paulo Alcantara) [RHEL-60363] - cifs: Fix uninitialized memory read for smb311 posix symlink create (Paulo Alcantara) [RHEL-60363] - cifs: convert the path to utf16 in smb2_query_info_compound (Paulo Alcantara) [RHEL-60363] - autofs: fix thinko in validate_dev_ioctl() (Ian Kent) [RHEL-62168] - autofs: add per dentry expire timeout (Ian Kent) [RHEL-62168] - bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (Viktor Malik) [RHEL-44167] {CVE-2024-38564} Resolves: RHEL-35763, RHEL-44167, RHEL-52684, RHEL-60363, RHEL-61200, RHEL-62168 Signed-off-by: Denys Vlasenko --- kernel.spec | 18 ++++++++++++++++-- sources | 4 ++-- 2 files changed, 18 insertions(+), 4 deletions(-) diff --git a/kernel.spec b/kernel.spec index 73ef5ef6f..9c78f73cc 100644 --- a/kernel.spec +++ b/kernel.spec @@ -38,10 +38,10 @@ # define buildid .local %define specversion 4.18.0 -%define pkgrelease 553.29.1.el8_10 +%define pkgrelease 553.30.1.el8_10 # allow pkg_release to have configurable %%{?dist} tag -%define specrelease 553.29.1%{?dist} +%define specrelease 553.30.1%{?dist} %define pkg_release %{specrelease}%{?buildid} @@ -2696,6 +2696,20 @@ fi # # %changelog +* Fri Nov 15 2024 Denys Vlasenko [4.18.0-553.30.1.el8_10] +- media: edia: dvbdev: fix a use-after-free (Kate Hsuan) [RHEL-35763] {CVE-2024-27043} +- blk-mq: fix missing blk_account_io_done() in error path (Ming Lei) [RHEL-61200] +- rbd: don't assume rbd_is_lock_owner() for exclusive mappings (Ilya Dryomov) [RHEL-52684] +- rbd: don't assume RBD_LOCK_STATE_LOCKED for exclusive mappings (Ilya Dryomov) [RHEL-52684] +- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (Ilya Dryomov) [RHEL-52684] +- smb: client: use actual path when queryfs (Paulo Alcantara) [RHEL-60363] +- cifs: Fix uninitialized memory reads for oparms.mode (Paulo Alcantara) [RHEL-60363] +- cifs: Fix uninitialized memory read for smb311 posix symlink create (Paulo Alcantara) [RHEL-60363] +- cifs: convert the path to utf16 in smb2_query_info_compound (Paulo Alcantara) [RHEL-60363] +- autofs: fix thinko in validate_dev_ioctl() (Ian Kent) [RHEL-62168] +- autofs: add per dentry expire timeout (Ian Kent) [RHEL-62168] +- bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (Viktor Malik) [RHEL-44167] {CVE-2024-38564} + * Thu Nov 07 2024 Denys Vlasenko [4.18.0-553.29.1.el8_10] - Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (cki-backport-bot) [RHEL-36372] {CVE-2024-27399} - mptcp: pm: Fix uaf in __timer_delete_sync (Guillaume Nault) [RHEL-60614] {CVE-2024-46858} diff --git a/sources b/sources index 109886645..8313ab136 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (linux-4.18.0-553.29.1.el8_10.tar.xz) = 8463ba5d32c02ac4520dbca434cc23bc4bec4608035dff7b349050d7559053dbaedad16183a3a13e3a446b3f10b99db714b8056445c3dfba804c39df53098edb -SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = 7727219e40e65346b8da8994d16d47f3c966f7f7546f380a45d0243bc0269fea3f448a953fd848e6e00fc6f1e65d2b91ffca38ddf6e4faf6472ad7ef1f6738af +SHA512 (linux-4.18.0-553.30.1.el8_10.tar.xz) = 13a97fe954386270130c5876c710f625d3dbb30e4b16c33f7641155ca2bc2ada00d672fffa84259911378913bcec9f5e6eb9cb4bb7a9bb3a3f02bc8d0c272203 +SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = da50f79871884b80655e7f3c5e3248daffc742dfd1e3d620e16736211dafb3d7f2b6ace84cfc75eeb1b1174b3571ef3f8ceecd8b296d8946b182b4b11c014785 SHA512 (kernel-kabi-dw-4.18.0-553.tar.bz2) = 8a671ed3c9b7f4b25fd4e594b62bc4a26474cb705d3ed22ca376618b3c7962fc72ace1ffd02c9c3a192d9d2c449d38228809542d7f16ebad16f8127020eb2faf