diff --git a/kernel.spec b/kernel.spec index 75bf653b7..3ac077c7a 100644 --- a/kernel.spec +++ b/kernel.spec @@ -12,7 +12,7 @@ # change below to w4T.xzdio): %define _binary_payload w3T.xzdio -%global distro_build 522 +%global distro_build 523 # Sign the x86_64 kernel for secure boot authentication %ifarch x86_64 aarch64 s390x ppc64le @@ -38,10 +38,10 @@ # define buildid .local %define specversion 4.18.0 -%define pkgrelease 522.el8 +%define pkgrelease 523.el8 # allow pkg_release to have configurable %%{?dist} tag -%define specrelease 522%{?dist} +%define specrelease 523%{?dist} %define pkg_release %{specrelease}%{?buildid} @@ -2695,6 +2695,64 @@ fi # # %changelog +* Wed Nov 08 2023 Denys Vlasenko [4.18.0-523.el8] +- cifs: Fix UAF in cifs_demultiplex_thread() (Scott Mayhew) [RHEL-7930 RHEL-9046] {CVE-2023-1192} +- x86/platform/uv: Use alternate source for socket to node data (Frank Ramsay) [RHEL-13360] +- media: technisat-usb2: break out of loop at end of buffer (Desnes Nunes) [RHEL-3013 RHEL-3895] {CVE-2019-15505} +- can: af_can: fix NULL pointer dereference in can_rcv_filter (Ricardo Robaina) [RHEL-6429 RHEL-7053] {CVE-2023-2166} +- PCI/portdrv: Prevent LS7A Bus Master clearing on shutdown (Myron Stowe) [RHEL-5147] +- kernel/fork: beware of __put_task_struct() calling context (Wander Lairson Costa) [RHEL-14767] +- KVM: x86/mmu: Fix an sign-extension bug with mmu_seq that hangs vCPUs (Peter Xu) [RHEL-7210] +- net: tun: fix bugs for oversize packet when napi frags enabled (Ricardo Robaina) [RHEL-7185 RHEL-7267] {CVE-2023-3812} +- Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO (Jose Ignacio Tornos Martinez) [RHEL-6357] {CVE-2023-31083} +- RDMA/qedr: clean up work queue on failure in qedr_alloc_resources() (Kamal Heib) [RHEL-10313 RHEL-11030] +- RDMA/qedr: fix repeated words in comments (Kamal Heib) [RHEL-10313 RHEL-11030] +- x86/sev: Check for user-space IOIO pointing to kernel space (Wander Lairson Costa) [RHEL-14978] {CVE-2023-46813} +- x86/sev: Check IOBM for IOIO exceptions from user-space (Wander Lairson Costa) [RHEL-14978] {CVE-2023-46813} +- x86/sev: Disable MMIO emulation from user mode (Wander Lairson Costa) [RHEL-14978] {CVE-2023-46813} +- x86/sev-es: Fix SEV-ES OUT/IN immediate opcode vc handling (Wander Lairson Costa) [RHEL-14978] {CVE-2023-46813} +- USB: core: Fix oversight in SuperSpeed initialization (Desnes Nunes) [RHEL-2569 RHEL-2675] {CVE-2023-37453} +- USB: core: Fix race by not overwriting udev->descriptor in hub_port_init() (Desnes Nunes) [RHEL-2569 RHEL-2675] {CVE-2023-37453} +- USB: core: Change usb_get_device_descriptor() API (Desnes Nunes) [RHEL-2569 RHEL-2675] {CVE-2023-37453} +- USB: core: Unite old scheme and new scheme descriptor reads (Desnes Nunes) [RHEL-2569 RHEL-2675] {CVE-2023-37453} +- bonding: do not assume skb mac_header is set (Hangbin Liu) [RHEL-13959] +- bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves (Hangbin Liu) [RHEL-13959] +- bonding: support balance-alb with openvswitch (Hangbin Liu) [RHEL-13959] +- bonding: reset bond's flags when down link is P2P device (Hangbin Liu) [RHEL-13959] +- net: fix stack overflow when LRO is disabled for virtual interfaces (Hangbin Liu) [RHEL-13959] +- Documentation: bonding: fix the doc of peer_notif_delay (Hangbin Liu) [RHEL-13959] +- bonding: fix send_peer_notif overflow (Hangbin Liu) [RHEL-13959] +- bonding: Fix memory leak when changing bond type to Ethernet (Hangbin Liu) [RHEL-13959] +- bonding: restore bond's IFF_SLAVE flag if a non-eth dev enslave fails (Hangbin Liu) [RHEL-13959] +- bonding: restore IFF_MASTER/SLAVE flags on bond enslave ether type change (Hangbin Liu) [RHEL-13959] +- drivers/net/bonding/bond_3ad: return when there's no aggregator (Hangbin Liu) [RHEL-13959] +- KVM: s390: pv: Allow AP-instructions for pv-guests (Thomas Huth) [2111392] +- KVM: s390: Add UV feature negotiation (Thomas Huth) [2111392] +- s390/uv: UV feature check utility (Thomas Huth) [2111392] +- s390/vfio-ap: make sure nib is shared (Thomas Huth) [2111392] +- KVM: s390: export kvm_s390_pv*_is_protected functions (Thomas Huth) [2111392] +- s390/uv: export uv_pin_shared for direct usage (Thomas Huth) [2111392] +- s390/vfio-ap: check for TAPQ response codes 0x35 and 0x36 (Thomas Huth) [2111392] +- s390/vfio-ap: handle queue state change in progress on reset (Thomas Huth) [2111392] +- s390/vfio-ap: use work struct to verify queue reset (Thomas Huth) [2111392] +- s390/vfio-ap: store entire AP queue status word with the queue object (Thomas Huth) [2111392] +- s390/vfio-ap: remove upper limit on wait for queue reset to complete (Thomas Huth) [2111392] +- s390/vfio-ap: allow deconfigured queue to be passed through to a guest (Thomas Huth) [2111392] +- s390/vfio-ap: wait for response code 05 to clear on queue reset (Thomas Huth) [2111392] +- s390/vfio-ap: clean up irq resources if possible (Thomas Huth) [2111392] +- s390/vfio-ap: no need to check the 'E' and 'I' bits in APQSW after TAPQ (Thomas Huth) [2111392] +- s390/vfio-ap: fix memory leak in vfio_ap device driver (Thomas Huth) [2111392] +- s390/vfio-ap: remove redundant driver match function (Thomas Huth) [2111392] +- s390/vfio_ap: increase max wait time for reset verification (Thomas Huth) [2111392] +- s390/vfio_ap: fix handling of error response codes (Thomas Huth) [2111392] +- s390/vfio_ap: verify ZAPQ completion after return of response code zero (Thomas Huth) [2111392] +- s390/vfio_ap: use TAPQ to verify reset in progress completes (Thomas Huth) [2111392] +- s390/vfio_ap: check TAPQ response code when waiting for queue reset (Thomas Huth) [2111392] +- s390/vfio-ap: verify reset complete in separate function (Thomas Huth) [2111392] +- s390/vfio-ap: fix an error handling path in vfio_ap_mdev_probe_queue() (Thomas Huth) [2111392] +- s390/vfio-ap: add s390dbf logging to the vfio_ap_irq_enable function (Thomas Huth) [2111392] +- s390-vfio-ap: introduces s390 kernel debug feature for vfio_ap device driver (Thomas Huth) [2111392] + * Sun Nov 05 2023 Denys Vlasenko [4.18.0-522.el8] - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c (Florian Westphal) [RHEL-8444] {CVE-2023-42753} - cxgb4: fix use after free bugs caused by circular dependency problem (Ricardo Robaina) [RHEL-6261 RHEL-7058] {CVE-2023-4133} diff --git a/sources b/sources index 0cd2f7e41..429717300 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (linux-4.18.0-522.el8.tar.xz) = 703aa76ae20ac9072127f7236acbc6be7a38a02ad268e09349f5afb68fcc3ac9ae68462af8a30699c6f297d8ea605a6f1c4f7fa52b464aab7660c00dd1ac4534 -SHA512 (kernel-abi-stablelists-4.18.0-522.tar.bz2) = 86cae5cca443ee9944696fcc3630db78962a25614924ee2133b79e4d62e2fc0e98647270c69d9792667642ffb425e5acd8abee1420c5da0df7d3fa746e39c9f9 -SHA512 (kernel-kabi-dw-4.18.0-522.tar.bz2) = f7bbf94096acc33486535d9eece268c543c6a05d93ee262d64dc22b220f1cb3ff49b4cf091a5c748811c4229fdf674be4c816174575161b0ca5e457726595b32 +SHA512 (linux-4.18.0-523.el8.tar.xz) = c89555a5aa067901764bdf85a7974deaefdc6310ba125accd51a93deb7f21a67dda96e97d5d0f8c2f7b15c0ae16cbca30a1bbc0e799d53926a0801dfaed4589e +SHA512 (kernel-abi-stablelists-4.18.0-523.tar.bz2) = 6c1eb6a0e42986a3906e12909580da95b660f3123ce8dbe85a7d53faef7a516a127187a230ced3cb637b45de447f2a59440ae2e0ee67a77cefa9db2f310d09b9 +SHA512 (kernel-kabi-dw-4.18.0-523.tar.bz2) = f7bbf94096acc33486535d9eece268c543c6a05d93ee262d64dc22b220f1cb3ff49b4cf091a5c748811c4229fdf674be4c816174575161b0ca5e457726595b32