rpms/kernel
9
2
Fork 4
Code Issues Pull Requests Releases Activity

kernel-5.14.0-495.el9

Browse Source 
* Fri Aug 09 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-495.el9]
- tcp_metrics: validate source addr length (Guillaume Nault) [RHEL-52031] {CVE-2024-42154}
- SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (Benjamin Coddington) [RHEL-53004]
- NFSD: Support write delegations in LAYOUTGET (Benjamin Coddington) [RHEL-53004]
- nfs: fix undefined behavior in nfs_block_bits() (Benjamin Coddington) [RHEL-53004]
- knfsd: LOOKUP can return an illegal error value (Benjamin Coddington) [RHEL-53004]
- SUNRPC: Fixup gss_status tracepoint error output (Benjamin Coddington) [RHEL-53004]
- nfs: pass explicit offset/count to trace events (Benjamin Coddington) [RHEL-53004]
- net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket (Benjamin Coddington) [RHEL-53004]
- gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (Benjamin Coddington) [RHEL-53004]
- NFSD: Fix nfsdcld warning (Benjamin Coddington) [RHEL-53004]
- NFSv4.1 another fix for EXCHGID4_FLAG_USE_PNFS_DS for DS server (Benjamin Coddington) [RHEL-53004]
- SUNRPC: avoid soft lockup when transmitting UDP to reachable server. (Benjamin Coddington) [RHEL-53004]
- xprtrdma: Fix rpcrdma_reqs_reset() (Benjamin Coddington) [RHEL-53004]
- Revert "nfsd: fix oops when reading pool_stats before server is started" (Benjamin Coddington) [RHEL-53004]
- nfsd: initialise nfsd_info.mutex early. (Benjamin Coddington) [RHEL-53004]
- nfs: drop the incorrect assertion in nfs_swap_rw() (Benjamin Coddington) [RHEL-53004]
- SUNRPC: Fix backchannel reply, again (Benjamin Coddington) [RHEL-53004]
- NFS: add barriers when testing for NFS_FSDATA_BLOCKED (Benjamin Coddington) [RHEL-53004]
- SUNRPC: return proper error from gss_wrap_req_priv (Benjamin Coddington) [RHEL-53004]
- NFSv4.1 enforce rootpath check in fs_location query (Benjamin Coddington) [RHEL-53004]
- pNFS/filelayout: fixup pNfs allocation modes (Benjamin Coddington) [RHEL-53004]
- rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL (Benjamin Coddington) [RHEL-53004]
- NFS: Fix READ_PLUS when server doesn't support OP_READ_PLUS (Benjamin Coddington) [RHEL-53004]
- sunrpc: fix NFSACL RPC retry on soft mount (Benjamin Coddington) [RHEL-53004]
- nfs: keep server info for remounts (Benjamin Coddington) [RHEL-53004]
- SUNRPC: Fix gss_free_in_token_pages() (Benjamin Coddington) [RHEL-53004]
- sunrpc: removed redundant procp check (Benjamin Coddington) [RHEL-53004]
- wifi: mt76: replace skb_put with skb_put_zero (CKI Backport Bot) [RHEL-52367] {CVE-2024-42225}
- ice: xsk: fix txq interrupt mapping (Petr Oros) [RHEL-15670]
- ice: add missing WRITE_ONCE when clearing ice_rx_ring::xdp_prog (Petr Oros) [RHEL-15670]
- ice: improve updating ice_{t,r}x_ring::xsk_pool (Petr Oros) [RHEL-15670]
- ice: toggle netif_carrier when setting up XSK pool (Petr Oros) [RHEL-15670]
- ice: modify error handling when setting XSK pool in ndo_bpf (Petr Oros) [RHEL-15670]
- ice: replace synchronize_rcu with synchronize_net (Petr Oros) [RHEL-15670]
- ice: don't busy wait for Rx queue disable in ice_qp_dis() (Petr Oros) [RHEL-15670]
- ice: respect netif readiness in AF_XDP ZC related ndo's (Petr Oros) [RHEL-15670]
- wifi: rtw89: fw: scan offload prohibit all 6 GHz channel if no 6 GHz sband (CKI Backport Bot) [RHEL-51809] {CVE-2024-42125}
- wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values (CKI Backport Bot) [RHEL-51767] {CVE-2024-42114}
- udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port(). (CKI Backport Bot) [RHEL-51033] {CVE-2024-41041}
- ACPI: fix double INT_SRC_OVR override (Desnes Nunes) [RHEL-45576]
- vfs: don't mod negative dentry count when on shrinker list (Brian Foster) [RHEL-46609]
- fs/dcache: Re-use value stored to dentry->d_flags instead of re-reading (Brian Foster) [RHEL-46609]
- netpoll: Fix race condition in netpoll_owner_active (CKI Backport Bot) [RHEL-49371] {CVE-2024-41005}
- xfs: fix log recovery buffer allocation for the legacy h_size fixup (Bill O'Donnell) [RHEL-46479] {CVE-2024-39472}
- tun: limit printing rate when illegal packet received by tun dev (Jon Maloy) [RHEL-35048] {CVE-2024-27013}
Resolves: RHEL-15670, RHEL-35048, RHEL-45576, RHEL-46479, RHEL-46609, RHEL-49371, RHEL-51033, RHEL-51767, RHEL-51809, RHEL-52031, RHEL-52367, RHEL-53004

Signed-off-by: Lucas Zampieri <lzampier@redhat.com>
This commit is contained in:
Lucas Zampieri 2024-08-09 18:26:28 +00:00
parent c7558c4d2d
commit dd3e2505c8
No known key found for this signature in database
GPG Key ID: 6DA90B962E68B074
4 changed files with 103 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile.rhelver
View File

@ -12,7 +12,7 @@ RHEL_MINOR = 5
#
# Use this spot to avoid future merge conflicts.
# Do not trim this comment.
RHEL_RELEASE = 494
RHEL_RELEASE = 495
#
# ZSTREAM

48
kernel.changelog
View File

@ -1,3 +1,51 @@
* Fri Aug 09 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-495.el9]
- tcp_metrics: validate source addr length (Guillaume Nault) [RHEL-52031] {CVE-2024-42154}
- SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (Benjamin Coddington) [RHEL-53004]
- NFSD: Support write delegations in LAYOUTGET (Benjamin Coddington) [RHEL-53004]
- nfs: fix undefined behavior in nfs_block_bits() (Benjamin Coddington) [RHEL-53004]
- knfsd: LOOKUP can return an illegal error value (Benjamin Coddington) [RHEL-53004]
- SUNRPC: Fixup gss_status tracepoint error output (Benjamin Coddington) [RHEL-53004]
- nfs: pass explicit offset/count to trace events (Benjamin Coddington) [RHEL-53004]
- net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket (Benjamin Coddington) [RHEL-53004]
- gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (Benjamin Coddington) [RHEL-53004]
- NFSD: Fix nfsdcld warning (Benjamin Coddington) [RHEL-53004]
- NFSv4.1 another fix for EXCHGID4_FLAG_USE_PNFS_DS for DS server (Benjamin Coddington) [RHEL-53004]
- SUNRPC: avoid soft lockup when transmitting UDP to reachable server. (Benjamin Coddington) [RHEL-53004]
- xprtrdma: Fix rpcrdma_reqs_reset() (Benjamin Coddington) [RHEL-53004]
- Revert "nfsd: fix oops when reading pool_stats before server is started" (Benjamin Coddington) [RHEL-53004]
- nfsd: initialise nfsd_info.mutex early. (Benjamin Coddington) [RHEL-53004]
- nfs: drop the incorrect assertion in nfs_swap_rw() (Benjamin Coddington) [RHEL-53004]
- SUNRPC: Fix backchannel reply, again (Benjamin Coddington) [RHEL-53004]
- NFS: add barriers when testing for NFS_FSDATA_BLOCKED (Benjamin Coddington) [RHEL-53004]
- SUNRPC: return proper error from gss_wrap_req_priv (Benjamin Coddington) [RHEL-53004]
- NFSv4.1 enforce rootpath check in fs_location query (Benjamin Coddington) [RHEL-53004]
- pNFS/filelayout: fixup pNfs allocation modes (Benjamin Coddington) [RHEL-53004]
- rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL (Benjamin Coddington) [RHEL-53004]
- NFS: Fix READ_PLUS when server doesn't support OP_READ_PLUS (Benjamin Coddington) [RHEL-53004]
- sunrpc: fix NFSACL RPC retry on soft mount (Benjamin Coddington) [RHEL-53004]
- nfs: keep server info for remounts (Benjamin Coddington) [RHEL-53004]
- SUNRPC: Fix gss_free_in_token_pages() (Benjamin Coddington) [RHEL-53004]
- sunrpc: removed redundant procp check (Benjamin Coddington) [RHEL-53004]
- wifi: mt76: replace skb_put with skb_put_zero (CKI Backport Bot) [RHEL-52367] {CVE-2024-42225}
- ice: xsk: fix txq interrupt mapping (Petr Oros) [RHEL-15670]
- ice: add missing WRITE_ONCE when clearing ice_rx_ring::xdp_prog (Petr Oros) [RHEL-15670]
- ice: improve updating ice_{t,r}x_ring::xsk_pool (Petr Oros) [RHEL-15670]
- ice: toggle netif_carrier when setting up XSK pool (Petr Oros) [RHEL-15670]
- ice: modify error handling when setting XSK pool in ndo_bpf (Petr Oros) [RHEL-15670]
- ice: replace synchronize_rcu with synchronize_net (Petr Oros) [RHEL-15670]
- ice: don't busy wait for Rx queue disable in ice_qp_dis() (Petr Oros) [RHEL-15670]
- ice: respect netif readiness in AF_XDP ZC related ndo's (Petr Oros) [RHEL-15670]
- wifi: rtw89: fw: scan offload prohibit all 6 GHz channel if no 6 GHz sband (CKI Backport Bot) [RHEL-51809] {CVE-2024-42125}
- wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values (CKI Backport Bot) [RHEL-51767] {CVE-2024-42114}
- udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port(). (CKI Backport Bot) [RHEL-51033] {CVE-2024-41041}
- ACPI: fix double INT_SRC_OVR override (Desnes Nunes) [RHEL-45576]
- vfs: don't mod negative dentry count when on shrinker list (Brian Foster) [RHEL-46609]
- fs/dcache: Re-use value stored to dentry->d_flags instead of re-reading (Brian Foster) [RHEL-46609]
- netpoll: Fix race condition in netpoll_owner_active (CKI Backport Bot) [RHEL-49371] {CVE-2024-41005}
- xfs: fix log recovery buffer allocation for the legacy h_size fixup (Bill O'Donnell) [RHEL-46479] {CVE-2024-39472}
- tun: limit printing rate when illegal packet received by tun dev (Jon Maloy) [RHEL-35048] {CVE-2024-27013}
Resolves: RHEL-15670, RHEL-35048, RHEL-45576, RHEL-46479, RHEL-46609, RHEL-49371, RHEL-51033, RHEL-51767, RHEL-51809, RHEL-52031, RHEL-52367, RHEL-53004
* Thu Aug 08 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-494.el9]
- Revert: Duplicated code of __iowrite32_copy() (Lucas Zampieri)
- cxl/mem: Fix no cxl_nvd during pmem region auto-assembling (John W. Linville) [RHEL-51364] {CVE-2024-41085}

55
kernel.spec
View File

@ -165,15 +165,15 @@ Summary: The Linux kernel
# define buildid .local
%define specversion 5.14.0
%define patchversion 5.14
%define pkgrelease 494
%define pkgrelease 495
%define kversion 5
%define tarfile_release 5.14.0-494.el9
%define tarfile_release 5.14.0-495.el9
# This is needed to do merge window version magic
%define patchlevel 14
# This allows pkg_release to have configurable %%{?dist} tag
%define specrelease 494%{?buildid}%{?dist}
%define specrelease 495%{?buildid}%{?dist}
# This defines the kabi tarball version
%define kabiversion 5.14.0-494.el9
%define kabiversion 5.14.0-495.el9
#
# End of genspec.sh variables
@ -3782,6 +3782,53 @@ fi
#
#
%changelog
* Fri Aug 09 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-495.el9]
- tcp_metrics: validate source addr length (Guillaume Nault) [RHEL-52031] {CVE-2024-42154}
- SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (Benjamin Coddington) [RHEL-53004]
- NFSD: Support write delegations in LAYOUTGET (Benjamin Coddington) [RHEL-53004]
- nfs: fix undefined behavior in nfs_block_bits() (Benjamin Coddington) [RHEL-53004]
- knfsd: LOOKUP can return an illegal error value (Benjamin Coddington) [RHEL-53004]
- SUNRPC: Fixup gss_status tracepoint error output (Benjamin Coddington) [RHEL-53004]
- nfs: pass explicit offset/count to trace events (Benjamin Coddington) [RHEL-53004]
- net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket (Benjamin Coddington) [RHEL-53004]
- gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (Benjamin Coddington) [RHEL-53004]
- NFSD: Fix nfsdcld warning (Benjamin Coddington) [RHEL-53004]
- NFSv4.1 another fix for EXCHGID4_FLAG_USE_PNFS_DS for DS server (Benjamin Coddington) [RHEL-53004]
- SUNRPC: avoid soft lockup when transmitting UDP to reachable server. (Benjamin Coddington) [RHEL-53004]
- xprtrdma: Fix rpcrdma_reqs_reset() (Benjamin Coddington) [RHEL-53004]
- Revert "nfsd: fix oops when reading pool_stats before server is started" (Benjamin Coddington) [RHEL-53004]
- nfsd: initialise nfsd_info.mutex early. (Benjamin Coddington) [RHEL-53004]
- nfs: drop the incorrect assertion in nfs_swap_rw() (Benjamin Coddington) [RHEL-53004]
- SUNRPC: Fix backchannel reply, again (Benjamin Coddington) [RHEL-53004]
- NFS: add barriers when testing for NFS_FSDATA_BLOCKED (Benjamin Coddington) [RHEL-53004]
- SUNRPC: return proper error from gss_wrap_req_priv (Benjamin Coddington) [RHEL-53004]
- NFSv4.1 enforce rootpath check in fs_location query (Benjamin Coddington) [RHEL-53004]
- pNFS/filelayout: fixup pNfs allocation modes (Benjamin Coddington) [RHEL-53004]
- rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL (Benjamin Coddington) [RHEL-53004]
- NFS: Fix READ_PLUS when server doesn't support OP_READ_PLUS (Benjamin Coddington) [RHEL-53004]
- sunrpc: fix NFSACL RPC retry on soft mount (Benjamin Coddington) [RHEL-53004]
- nfs: keep server info for remounts (Benjamin Coddington) [RHEL-53004]
- SUNRPC: Fix gss_free_in_token_pages() (Benjamin Coddington) [RHEL-53004]
- sunrpc: removed redundant procp check (Benjamin Coddington) [RHEL-53004]
- wifi: mt76: replace skb_put with skb_put_zero (CKI Backport Bot) [RHEL-52367] {CVE-2024-42225}
- ice: xsk: fix txq interrupt mapping (Petr Oros) [RHEL-15670]
- ice: add missing WRITE_ONCE when clearing ice_rx_ring::xdp_prog (Petr Oros) [RHEL-15670]
- ice: improve updating ice_{t,r}x_ring::xsk_pool (Petr Oros) [RHEL-15670]
- ice: toggle netif_carrier when setting up XSK pool (Petr Oros) [RHEL-15670]
- ice: modify error handling when setting XSK pool in ndo_bpf (Petr Oros) [RHEL-15670]
- ice: replace synchronize_rcu with synchronize_net (Petr Oros) [RHEL-15670]
- ice: don't busy wait for Rx queue disable in ice_qp_dis() (Petr Oros) [RHEL-15670]
- ice: respect netif readiness in AF_XDP ZC related ndo's (Petr Oros) [RHEL-15670]
- wifi: rtw89: fw: scan offload prohibit all 6 GHz channel if no 6 GHz sband (CKI Backport Bot) [RHEL-51809] {CVE-2024-42125}
- wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values (CKI Backport Bot) [RHEL-51767] {CVE-2024-42114}
- udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port(). (CKI Backport Bot) [RHEL-51033] {CVE-2024-41041}
- ACPI: fix double INT_SRC_OVR override (Desnes Nunes) [RHEL-45576]
- vfs: don't mod negative dentry count when on shrinker list (Brian Foster) [RHEL-46609]
- fs/dcache: Re-use value stored to dentry->d_flags instead of re-reading (Brian Foster) [RHEL-46609]
- netpoll: Fix race condition in netpoll_owner_active (CKI Backport Bot) [RHEL-49371] {CVE-2024-41005}
- xfs: fix log recovery buffer allocation for the legacy h_size fixup (Bill O'Donnell) [RHEL-46479] {CVE-2024-39472}
- tun: limit printing rate when illegal packet received by tun dev (Jon Maloy) [RHEL-35048] {CVE-2024-27013}
* Thu Aug 08 2024 Lucas Zampieri <lzampier@redhat.com> [5.14.0-494.el9]
- Revert: Duplicated code of __iowrite32_copy() (Lucas Zampieri)
- cxl/mem: Fix no cxl_nvd during pmem region auto-assembling (John W. Linville) [RHEL-51364] {CVE-2024-41085}

6
sources
View File

@ -1,3 +1,3 @@
SHA512 (linux-5.14.0-494.el9.tar.xz) = f9212d545ace9c4db5998dbbe052d4cff592ba344aba24184741a81e247ab63ccc8c141efefc206d044c4bdb6d3e5d54d0b07fb25ae26c116847465f2d6e027f
SHA512 (kernel-abi-stablelists-5.14.0-494.el9.tar.bz2) = 6247c53101b715d0bf784c939555a41aefc7ec93062fc44172266334e5abb2f784a44f328bd73afa20e5c7adef70e1cb1441cff3c904e748563d1255ca241f9f
SHA512 (kernel-kabi-dw-5.14.0-494.el9.tar.bz2) = 0fce2f52aaacb33d641948409242e998e07e5fbd15074003ac649f31dffdfb0ceae9273545955a83f62ffdd9c1025d087c535fc56a66bf9591267b6e538a071e
SHA512 (linux-5.14.0-495.el9.tar.xz) = e4f7233575d75a7f6ddf2cfedae30fd5685f9f5fb9b57516be9fbcacbc4d89959eef9887c57ad7e3b8e243a96779385f4a6f28eb022f891b0b61a11c86bedacc
SHA512 (kernel-abi-stablelists-5.14.0-495.el9.tar.bz2) = fc3a49cb9a55dcd1ba5aa10405162966d3aafa652d3c597f9213f7bca737160398ddb2341c519b44524566f4145619a9fc1dd77f48d995087fb358f47397acd9
SHA512 (kernel-kabi-dw-5.14.0-495.el9.tar.bz2) = 3f0b8360a9dbf1660f576a6b130928640383aaca5344d226a807e4f8cf4ae749d3dd2b35b5a0ff65fc284ed42d0bbbbf8ebcd5c056e1c8d1ef5c0998c27213ad