kernel-5.14.0-496.el9

* Mon Aug 12 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-496.el9]
- mptcp: fix possible NULL dereferences (Antoine Tenart) [RHEL-48648]
- af_packet: use sk_skb_reason_drop to free rx packets (Antoine Tenart) [RHEL-48648]
- udp: use sk_skb_reason_drop to free rx packets (Antoine Tenart) [RHEL-48648]
- tcp: use sk_skb_reason_drop to free rx packets (Antoine Tenart) [RHEL-48648]
- net: raw: use sk_skb_reason_drop to free rx packets (Antoine Tenart) [RHEL-48648]
- ping: use sk_skb_reason_drop to free rx packets (Antoine Tenart) [RHEL-48648]
- net: introduce sk_skb_reason_drop function (Antoine Tenart) [RHEL-48648]
- net: add rx_sk to trace_kfree_skb (Antoine Tenart) [RHEL-48648]
- tcp: rstreason: fully support in tcp_check_req() (Antoine Tenart) [RHEL-48648]
- tcp: rstreason: handle timewait cases in the receive path (Antoine Tenart) [RHEL-48648]
- tcp: rstreason: fully support in tcp_rcv_state_process() (Antoine Tenart) [RHEL-48648]
- tcp: rstreason: fully support in tcp_ack() (Antoine Tenart) [RHEL-48648]
- tcp: rstreason: fully support in tcp_rcv_synsent_state_process() (Antoine Tenart) [RHEL-48648]
- rstreason: make it work in trace world (Antoine Tenart) [RHEL-48648]
- mptcp: introducing a helper into active reset logic (Antoine Tenart) [RHEL-48648]
- mptcp: support rstreason for passive reset (Antoine Tenart) [RHEL-48648]
- tcp: support rstreason for passive reset (Antoine Tenart) [RHEL-48648]
- rstreason: prepare for active reset (Antoine Tenart) [RHEL-48648]
- rstreason: prepare for passive reset (Antoine Tenart) [RHEL-48648]
- net: introduce rstreason to detect why the RST is sent (Antoine Tenart) [RHEL-48648]
- trace: tcp: fully support trace_tcp_send_reset (Antoine Tenart) [RHEL-48648]
- trace: adjust TP_STORE_ADDR_PORTS_SKB() parameters (Antoine Tenart) [RHEL-48648]
- net: udp: add IP/port data to the tracepoint udp/udp_fail_queue_rcv_skb (Antoine Tenart) [RHEL-48648]
- net: port TP_STORE_ADDR_PORTS_SKB macro to be tcp/udp independent (Antoine Tenart) [RHEL-48648]
- trace: use TP_STORE_ADDRS() macro in inet_sock_set_state() (Antoine Tenart) [RHEL-48648]
- trace: use TP_STORE_ADDRS() macro in inet_sk_error_report() (Antoine Tenart) [RHEL-48648]
- trace: move to TP_STORE_ADDRS related macro to net_probe_common.h (Antoine Tenart) [RHEL-48648]
- inet: preserve const qualifier in inet_sk() (Antoine Tenart) [RHEL-48648]
- tcp: make dropreason in tcp_child_process() work (Antoine Tenart) [RHEL-48648]
- tcp: make the dropreason really work when calling tcp_rcv_state_process() (Antoine Tenart) [RHEL-48648]
- tcp: add dropreasons in tcp_rcv_state_process() (Antoine Tenart) [RHEL-48648]
- tcp: add more specific possible drop reasons in tcp_rcv_synsent_state_process() (Antoine Tenart) [RHEL-48648]
- tcp: introduce dropreasons in receive path (Antoine Tenart) [RHEL-48648]
- tcp: use drop reasons in cookie check for ipv6 (Antoine Tenart) [RHEL-48648]
- tcp: directly drop skb in cookie check for ipv6 (Antoine Tenart) [RHEL-48648]
- tcp: use drop reasons in cookie check for ipv4 (Antoine Tenart) [RHEL-48648]
- tcp: directly drop skb in cookie check for ipv4 (Antoine Tenart) [RHEL-48648]
- tcp: add a dropreason definitions and prepare for cookie check (Antoine Tenart) [RHEL-48648]
- tcp: Clean up goto labels in cookie_v[46]_check(). (Antoine Tenart) [RHEL-48648]
- net: use %%pS for kfree_skb tracing event location (Antoine Tenart) [RHEL-48648]
- PCI: endpoint: remove bogus return in pci_epf_device_remove() (Brian Masney) [RHEL-47218]
- mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update (Ivan Vecera) [RHEL-37006] {CVE-2024-35855}
- mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash (Ivan Vecera) [RHEL-37010] {CVE-2024-35854}
- mlxsw: spectrum_acl_tcam: Fix memory leak during rehash (Ivan Vecera) [RHEL-37014] {CVE-2024-35853}
- mlxsw: spectrum_acl_tcam: Fix incorrect list API usage (Ivan Vecera) [RHEL-37486] {CVE-2024-36006}
Resolves: RHEL-37006, RHEL-37010, RHEL-37014, RHEL-37486, RHEL-47218, RHEL-48648

Signed-off-by: Lucas Zampieri <lzampier@redhat.com>
This commit is contained in:
Lucas Zampieri 2024-08-12 16:29:21 +00:00
parent dd3e2505c8
commit c7dc249bc9
No known key found for this signature in database
GPG Key ID: 6DA90B962E68B074
4 changed files with 103 additions and 8 deletions

View File

@ -12,7 +12,7 @@ RHEL_MINOR = 5
# #
# Use this spot to avoid future merge conflicts. # Use this spot to avoid future merge conflicts.
# Do not trim this comment. # Do not trim this comment.
RHEL_RELEASE = 495 RHEL_RELEASE = 496
# #
# ZSTREAM # ZSTREAM

View File

@ -1,3 +1,51 @@
* Mon Aug 12 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-496.el9]
- mptcp: fix possible NULL dereferences (Antoine Tenart) [RHEL-48648]
- af_packet: use sk_skb_reason_drop to free rx packets (Antoine Tenart) [RHEL-48648]
- udp: use sk_skb_reason_drop to free rx packets (Antoine Tenart) [RHEL-48648]
- tcp: use sk_skb_reason_drop to free rx packets (Antoine Tenart) [RHEL-48648]
- net: raw: use sk_skb_reason_drop to free rx packets (Antoine Tenart) [RHEL-48648]
- ping: use sk_skb_reason_drop to free rx packets (Antoine Tenart) [RHEL-48648]
- net: introduce sk_skb_reason_drop function (Antoine Tenart) [RHEL-48648]
- net: add rx_sk to trace_kfree_skb (Antoine Tenart) [RHEL-48648]
- tcp: rstreason: fully support in tcp_check_req() (Antoine Tenart) [RHEL-48648]
- tcp: rstreason: handle timewait cases in the receive path (Antoine Tenart) [RHEL-48648]
- tcp: rstreason: fully support in tcp_rcv_state_process() (Antoine Tenart) [RHEL-48648]
- tcp: rstreason: fully support in tcp_ack() (Antoine Tenart) [RHEL-48648]
- tcp: rstreason: fully support in tcp_rcv_synsent_state_process() (Antoine Tenart) [RHEL-48648]
- rstreason: make it work in trace world (Antoine Tenart) [RHEL-48648]
- mptcp: introducing a helper into active reset logic (Antoine Tenart) [RHEL-48648]
- mptcp: support rstreason for passive reset (Antoine Tenart) [RHEL-48648]
- tcp: support rstreason for passive reset (Antoine Tenart) [RHEL-48648]
- rstreason: prepare for active reset (Antoine Tenart) [RHEL-48648]
- rstreason: prepare for passive reset (Antoine Tenart) [RHEL-48648]
- net: introduce rstreason to detect why the RST is sent (Antoine Tenart) [RHEL-48648]
- trace: tcp: fully support trace_tcp_send_reset (Antoine Tenart) [RHEL-48648]
- trace: adjust TP_STORE_ADDR_PORTS_SKB() parameters (Antoine Tenart) [RHEL-48648]
- net: udp: add IP/port data to the tracepoint udp/udp_fail_queue_rcv_skb (Antoine Tenart) [RHEL-48648]
- net: port TP_STORE_ADDR_PORTS_SKB macro to be tcp/udp independent (Antoine Tenart) [RHEL-48648]
- trace: use TP_STORE_ADDRS() macro in inet_sock_set_state() (Antoine Tenart) [RHEL-48648]
- trace: use TP_STORE_ADDRS() macro in inet_sk_error_report() (Antoine Tenart) [RHEL-48648]
- trace: move to TP_STORE_ADDRS related macro to net_probe_common.h (Antoine Tenart) [RHEL-48648]
- inet: preserve const qualifier in inet_sk() (Antoine Tenart) [RHEL-48648]
- tcp: make dropreason in tcp_child_process() work (Antoine Tenart) [RHEL-48648]
- tcp: make the dropreason really work when calling tcp_rcv_state_process() (Antoine Tenart) [RHEL-48648]
- tcp: add dropreasons in tcp_rcv_state_process() (Antoine Tenart) [RHEL-48648]
- tcp: add more specific possible drop reasons in tcp_rcv_synsent_state_process() (Antoine Tenart) [RHEL-48648]
- tcp: introduce dropreasons in receive path (Antoine Tenart) [RHEL-48648]
- tcp: use drop reasons in cookie check for ipv6 (Antoine Tenart) [RHEL-48648]
- tcp: directly drop skb in cookie check for ipv6 (Antoine Tenart) [RHEL-48648]
- tcp: use drop reasons in cookie check for ipv4 (Antoine Tenart) [RHEL-48648]
- tcp: directly drop skb in cookie check for ipv4 (Antoine Tenart) [RHEL-48648]
- tcp: add a dropreason definitions and prepare for cookie check (Antoine Tenart) [RHEL-48648]
- tcp: Clean up goto labels in cookie_v[46]_check(). (Antoine Tenart) [RHEL-48648]
- net: use %%pS for kfree_skb tracing event location (Antoine Tenart) [RHEL-48648]
- PCI: endpoint: remove bogus return in pci_epf_device_remove() (Brian Masney) [RHEL-47218]
- mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update (Ivan Vecera) [RHEL-37006] {CVE-2024-35855}
- mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash (Ivan Vecera) [RHEL-37010] {CVE-2024-35854}
- mlxsw: spectrum_acl_tcam: Fix memory leak during rehash (Ivan Vecera) [RHEL-37014] {CVE-2024-35853}
- mlxsw: spectrum_acl_tcam: Fix incorrect list API usage (Ivan Vecera) [RHEL-37486] {CVE-2024-36006}
Resolves: RHEL-37006, RHEL-37010, RHEL-37014, RHEL-37486, RHEL-47218, RHEL-48648
* Fri Aug 09 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-495.el9] * Fri Aug 09 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-495.el9]
- tcp_metrics: validate source addr length (Guillaume Nault) [RHEL-52031] {CVE-2024-42154} - tcp_metrics: validate source addr length (Guillaume Nault) [RHEL-52031] {CVE-2024-42154}
- SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (Benjamin Coddington) [RHEL-53004] - SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (Benjamin Coddington) [RHEL-53004]

View File

@ -165,15 +165,15 @@ Summary: The Linux kernel
# define buildid .local # define buildid .local
%define specversion 5.14.0 %define specversion 5.14.0
%define patchversion 5.14 %define patchversion 5.14
%define pkgrelease 495 %define pkgrelease 496
%define kversion 5 %define kversion 5
%define tarfile_release 5.14.0-495.el9 %define tarfile_release 5.14.0-496.el9
# This is needed to do merge window version magic # This is needed to do merge window version magic
%define patchlevel 14 %define patchlevel 14
# This allows pkg_release to have configurable %%{?dist} tag # This allows pkg_release to have configurable %%{?dist} tag
%define specrelease 495%{?buildid}%{?dist} %define specrelease 496%{?buildid}%{?dist}
# This defines the kabi tarball version # This defines the kabi tarball version
%define kabiversion 5.14.0-495.el9 %define kabiversion 5.14.0-496.el9
# #
# End of genspec.sh variables # End of genspec.sh variables
@ -3782,6 +3782,53 @@ fi
# #
# #
%changelog %changelog
* Mon Aug 12 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-496.el9]
- mptcp: fix possible NULL dereferences (Antoine Tenart) [RHEL-48648]
- af_packet: use sk_skb_reason_drop to free rx packets (Antoine Tenart) [RHEL-48648]
- udp: use sk_skb_reason_drop to free rx packets (Antoine Tenart) [RHEL-48648]
- tcp: use sk_skb_reason_drop to free rx packets (Antoine Tenart) [RHEL-48648]
- net: raw: use sk_skb_reason_drop to free rx packets (Antoine Tenart) [RHEL-48648]
- ping: use sk_skb_reason_drop to free rx packets (Antoine Tenart) [RHEL-48648]
- net: introduce sk_skb_reason_drop function (Antoine Tenart) [RHEL-48648]
- net: add rx_sk to trace_kfree_skb (Antoine Tenart) [RHEL-48648]
- tcp: rstreason: fully support in tcp_check_req() (Antoine Tenart) [RHEL-48648]
- tcp: rstreason: handle timewait cases in the receive path (Antoine Tenart) [RHEL-48648]
- tcp: rstreason: fully support in tcp_rcv_state_process() (Antoine Tenart) [RHEL-48648]
- tcp: rstreason: fully support in tcp_ack() (Antoine Tenart) [RHEL-48648]
- tcp: rstreason: fully support in tcp_rcv_synsent_state_process() (Antoine Tenart) [RHEL-48648]
- rstreason: make it work in trace world (Antoine Tenart) [RHEL-48648]
- mptcp: introducing a helper into active reset logic (Antoine Tenart) [RHEL-48648]
- mptcp: support rstreason for passive reset (Antoine Tenart) [RHEL-48648]
- tcp: support rstreason for passive reset (Antoine Tenart) [RHEL-48648]
- rstreason: prepare for active reset (Antoine Tenart) [RHEL-48648]
- rstreason: prepare for passive reset (Antoine Tenart) [RHEL-48648]
- net: introduce rstreason to detect why the RST is sent (Antoine Tenart) [RHEL-48648]
- trace: tcp: fully support trace_tcp_send_reset (Antoine Tenart) [RHEL-48648]
- trace: adjust TP_STORE_ADDR_PORTS_SKB() parameters (Antoine Tenart) [RHEL-48648]
- net: udp: add IP/port data to the tracepoint udp/udp_fail_queue_rcv_skb (Antoine Tenart) [RHEL-48648]
- net: port TP_STORE_ADDR_PORTS_SKB macro to be tcp/udp independent (Antoine Tenart) [RHEL-48648]
- trace: use TP_STORE_ADDRS() macro in inet_sock_set_state() (Antoine Tenart) [RHEL-48648]
- trace: use TP_STORE_ADDRS() macro in inet_sk_error_report() (Antoine Tenart) [RHEL-48648]
- trace: move to TP_STORE_ADDRS related macro to net_probe_common.h (Antoine Tenart) [RHEL-48648]
- inet: preserve const qualifier in inet_sk() (Antoine Tenart) [RHEL-48648]
- tcp: make dropreason in tcp_child_process() work (Antoine Tenart) [RHEL-48648]
- tcp: make the dropreason really work when calling tcp_rcv_state_process() (Antoine Tenart) [RHEL-48648]
- tcp: add dropreasons in tcp_rcv_state_process() (Antoine Tenart) [RHEL-48648]
- tcp: add more specific possible drop reasons in tcp_rcv_synsent_state_process() (Antoine Tenart) [RHEL-48648]
- tcp: introduce dropreasons in receive path (Antoine Tenart) [RHEL-48648]
- tcp: use drop reasons in cookie check for ipv6 (Antoine Tenart) [RHEL-48648]
- tcp: directly drop skb in cookie check for ipv6 (Antoine Tenart) [RHEL-48648]
- tcp: use drop reasons in cookie check for ipv4 (Antoine Tenart) [RHEL-48648]
- tcp: directly drop skb in cookie check for ipv4 (Antoine Tenart) [RHEL-48648]
- tcp: add a dropreason definitions and prepare for cookie check (Antoine Tenart) [RHEL-48648]
- tcp: Clean up goto labels in cookie_v[46]_check(). (Antoine Tenart) [RHEL-48648]
- net: use %%pS for kfree_skb tracing event location (Antoine Tenart) [RHEL-48648]
- PCI: endpoint: remove bogus return in pci_epf_device_remove() (Brian Masney) [RHEL-47218]
- mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update (Ivan Vecera) [RHEL-37006] {CVE-2024-35855}
- mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash (Ivan Vecera) [RHEL-37010] {CVE-2024-35854}
- mlxsw: spectrum_acl_tcam: Fix memory leak during rehash (Ivan Vecera) [RHEL-37014] {CVE-2024-35853}
- mlxsw: spectrum_acl_tcam: Fix incorrect list API usage (Ivan Vecera) [RHEL-37486] {CVE-2024-36006}
* Fri Aug 09 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-495.el9] * Fri Aug 09 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-495.el9]
- tcp_metrics: validate source addr length (Guillaume Nault) [RHEL-52031] {CVE-2024-42154} - tcp_metrics: validate source addr length (Guillaume Nault) [RHEL-52031] {CVE-2024-42154}
- SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (Benjamin Coddington) [RHEL-53004] - SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (Benjamin Coddington) [RHEL-53004]

View File

@ -1,3 +1,3 @@
SHA512 (linux-5.14.0-495.el9.tar.xz) = e4f7233575d75a7f6ddf2cfedae30fd5685f9f5fb9b57516be9fbcacbc4d89959eef9887c57ad7e3b8e243a96779385f4a6f28eb022f891b0b61a11c86bedacc SHA512 (linux-5.14.0-496.el9.tar.xz) = 73831b355d935537945b28cd884b8514c7b3ecfc6e0ce089924523305ff3f79a72a4e276a35a61a48f4bc032a0567b8da2fc1eb46120137c5c4cdf51a9efa6a6
SHA512 (kernel-abi-stablelists-5.14.0-495.el9.tar.bz2) = fc3a49cb9a55dcd1ba5aa10405162966d3aafa652d3c597f9213f7bca737160398ddb2341c519b44524566f4145619a9fc1dd77f48d995087fb358f47397acd9 SHA512 (kernel-abi-stablelists-5.14.0-496.el9.tar.bz2) = 24ba98743224ad53dc3be91ac6836f029edb57142b0458d53b641b08d55fefd26bc46a1bab6f8dd1c24913f0c296dd2f68fef5b7c9154a449d1bef535c511c64
SHA512 (kernel-kabi-dw-5.14.0-495.el9.tar.bz2) = 3f0b8360a9dbf1660f576a6b130928640383aaca5344d226a807e4f8cf4ae749d3dd2b35b5a0ff65fc284ed42d0bbbbf8ebcd5c056e1c8d1ef5c0998c27213ad SHA512 (kernel-kabi-dw-5.14.0-496.el9.tar.bz2) = 3b8d80b1f7644ed93773092dbb6f02ec46b888d9408e3449d5cfe8c90350e800aeed7a1a01265e37a093100d50eb374902527ccb1efb1807ead1f59c2a28f37b