c8s
115 Commits
Author | SHA1 | Message | Date | |
---|---|---|---|---|
Denys Vlasenko
|
b8fa01287a |
kernel-4.18.0-553.34.1.el8_10
* Thu Dec 12 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.34.1.el8_10] - mptcp: cope racing subflow creation in mptcp_rcv_space_adjust (Davide Caratti) [RHEL-69667] {CVE-2024-53122} - NFS: nfs_async_write_reschedule_io must not recurse into the writeback code (Benjamin Coddington) [RHEL-68647] - xfs: fix sparse inode limits on runt AG (Pavel Reichl) [RHEL-62924] - KVM: SVM: Get source vCPUs from source VM for SEV-ES intrahost migration (Maxim Levitsky) [RHEL-67974] - x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (Vitaly Kuznetsov) [RHEL-65362] - dlm: fix recovery of middle conversions (Alexander Aring) [RHEL-64860] - i40e: fix race condition by adding filter's intermediate sync state (Michal Schmidt) [RHEL-68271] {CVE-2024-53088} - i40e: fix i40e_count_filters() to count only active/new filters (Michal Schmidt) [RHEL-68271] {CVE-2024-53088} Resolves: RHEL-62924, RHEL-64860, RHEL-65362, RHEL-67974, RHEL-68271, RHEL-68647, RHEL-69667 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
7d691c59f4 |
kernel-4.18.0-553.33.1.el8_10
* Fri Dec 06 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.33.1.el8_10] - Revert "scsi: lpfc: Fix mbuf pool resource detected as busy at driver unload" This patch is dependent on the mbox refactor patch that was not added to rh8. (Dick Kennedy) [RHEL-64073] - drm/i915: Fix HPD polling, reenabling the output poll work as needed (Lyude Paul) [RHEL-62796] - drm: Add an HPD poll helper to reschedule the poll work (Lyude Paul) [RHEL-62796] Resolves: RHEL-62796, RHEL-64073 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
6e91e28ffa |
kernel-4.18.0-553.32.1.el8_10
* Fri Nov 29 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.32.1.el8_10] - irqchip/gic-v4: Correctly deal with set_affinity on lazily-mapped VPEs (Charles Mirabile) [RHEL-66965] {CVE-2024-50192} - irqchip/gic-v4: Don't allow a VMOVP on a dying VPE (Charles Mirabile) [RHEL-66965] {CVE-2024-50192} - blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race (Ming Lei) [RHEL-65158] {CVE-2024-50082} - gfs2: fix double destroy_workqueue error (Andreas Gruenbacher) [RHEL-62869] - Revert "GFS2: Don't add all glocks to the lru" (Andreas Gruenbacher) [RHEL-62869] - gfs2: Use list_move_tail instead of list_del/list_add_tail (Andreas Gruenbacher) [RHEL-62869] - gfs2: Revise glock reference counting model (Andreas Gruenbacher) [RHEL-62869] - gfs2: Switch to a per-filesystem glock workqueue (Andreas Gruenbacher) [RHEL-62869] - gfs2: Report when glocks cannot be freed for a long time (Andreas Gruenbacher) [RHEL-62869] - gfs2: gfs2_glock_get cleanup (Andreas Gruenbacher) [RHEL-62869] - gfs2: Invert the GLF_INITIAL flag (Andreas Gruenbacher) [RHEL-62869] - gfs2: Rename handle_callback to request_demote (Andreas Gruenbacher) [RHEL-62869] - gfs2: Rename GLF_FROZEN to GLF_HAVE_FROZEN_REPLY (Andreas Gruenbacher) [RHEL-62869] - gfs2: Rename GLF_REPLY_PENDING to GLF_HAVE_REPLY (Andreas Gruenbacher) [RHEL-62869] - gfs2: Rename GLF_FREEING to GLF_UNLOCKED (Andreas Gruenbacher) [RHEL-62869] - gfs2: Remove useless return statement in run_queue (Andreas Gruenbacher) [RHEL-62869] - gfs2: Remove unnecessary function prototype (Andreas Gruenbacher) [RHEL-62869] - gfs2: finish_xmote cleanup (Andreas Gruenbacher) [RHEL-62869] - gfs2: Replace gfs2_glock_queue_put with gfs2_glock_put_async (Andreas Gruenbacher) [RHEL-62869] - KVM: selftests: memslot_perf_test: increase guest sync timeout (Maxim Levitsky) [RHEL-19080] - vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (Jon Maloy) [RHEL-68025] {CVE-2024-50264} - md/raid5: Wait sync io to finish before changing group cnt (Nigel Croxon) [RHEL-58585] Resolves: RHEL-19080, RHEL-58585, RHEL-62869, RHEL-65158, RHEL-66965, RHEL-68025 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
14ee20d83a |
kernel-4.18.0-553.31.1.el8_10
* Fri Nov 22 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.31.1.el8_10] - xfrm: fix one more kernel-infoleak in algo dumping (Sabrina Dubroca) [RHEL-65955] {CVE-2024-50110} - netfilter: nf_reject_ipv6: fix potential crash in nf_send_reset6() (Florian Westphal) [RHEL-66862] {CVE-2024-50256} - netfilter: nf_reject: Fix build warning when CONFIG_BRIDGE_NETFILTER=n (Florian Westphal) [RHEL-66862] - netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() (Florian Westphal) [RHEL-66862] - cifs: fix return of uninitialized rc in dfs_cache_update_tgthint() (Paulo Alcantara) [RHEL-7988] - cifs: handle cache lookup errors different than -ENOENT (Paulo Alcantara) [RHEL-7988] - cifs: don't take exclusive lock for updating target hints (Paulo Alcantara) [RHEL-7988] - cifs: avoid re-lookups in dfs_cache_find() (Paulo Alcantara) [RHEL-7988] - cifs: fix potential deadlock in cache_refresh_path() (Paulo Alcantara) [RHEL-7988] - cifs: don't refresh cached referrals from unactive mounts (Paulo Alcantara) [RHEL-7988] - cifs: return ENOENT for DFS lookup_cache_entry() (Paulo Alcantara) [RHEL-7988] - selinux,smack: don't bypass permissions check in inode_setsecctx hook (Ondrej Mosnacek) [RHEL-66104] {CVE-2024-46695} - gfs2: Prevent inode creation race (Andreas Gruenbacher) [RHEL-67823] - gfs2: Only defer deletes when we have an iopen glock (Andreas Gruenbacher) [RHEL-67823] - arm64: probes: Remove broken LDR (literal) uprobe support (Mark Salter) [RHEL-66042] {CVE-2024-50099} - net: avoid potential underflow in qdisc_pkt_len_init() with UFO (Davide Caratti) [RHEL-65399] {CVE-2024-49949} - xfrm: validate new SA's prefixlen using SA family when sel.family is unset (Sabrina Dubroca) [RHEL-66457] {CVE-2024-50142} Resolves: RHEL-65399, RHEL-65955, RHEL-66042, RHEL-66104, RHEL-66457, RHEL-66862, RHEL-67823, RHEL-7988 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
a897b12c37 |
kernel-4.18.0-553.30.1.el8_10
* Fri Nov 15 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.30.1.el8_10] - media: edia: dvbdev: fix a use-after-free (Kate Hsuan) [RHEL-35763] {CVE-2024-27043} - blk-mq: fix missing blk_account_io_done() in error path (Ming Lei) [RHEL-61200] - rbd: don't assume rbd_is_lock_owner() for exclusive mappings (Ilya Dryomov) [RHEL-52684] - rbd: don't assume RBD_LOCK_STATE_LOCKED for exclusive mappings (Ilya Dryomov) [RHEL-52684] - rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (Ilya Dryomov) [RHEL-52684] - smb: client: use actual path when queryfs (Paulo Alcantara) [RHEL-60363] - cifs: Fix uninitialized memory reads for oparms.mode (Paulo Alcantara) [RHEL-60363] - cifs: Fix uninitialized memory read for smb311 posix symlink create (Paulo Alcantara) [RHEL-60363] - cifs: convert the path to utf16 in smb2_query_info_compound (Paulo Alcantara) [RHEL-60363] - autofs: fix thinko in validate_dev_ioctl() (Ian Kent) [RHEL-62168] - autofs: add per dentry expire timeout (Ian Kent) [RHEL-62168] - bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (Viktor Malik) [RHEL-44167] {CVE-2024-38564} Resolves: RHEL-35763, RHEL-44167, RHEL-52684, RHEL-60363, RHEL-61200, RHEL-62168 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
8c16665a51 |
kernel-4.18.0-553.29.1.el8_10
* Thu Nov 07 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.29.1.el8_10] - Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (cki-backport-bot) [RHEL-36372] {CVE-2024-27399} - mptcp: pm: Fix uaf in __timer_delete_sync (Guillaume Nault) [RHEL-60614] {CVE-2024-46858} - cifs: fix dfs link failover in cifs_tree_connect() (Paulo Alcantara) [RHEL-8002] Resolves: RHEL-36372, RHEL-60614, RHEL-8002 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
24ba219b96 |
kernel-4.18.0-553.28.1.el8_10
* Thu Oct 31 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.28.1.el8_10] - s390/mm: Add cond_resched() to cmm_alloc/free_pages() (Mete Durlu) [RHEL-61702] - smb: client: fix deadlock in smb2_find_smb_tcon() (Paulo Alcantara) [RHEL-61400] - smb: client: fix potential deadlock when releasing mids (Paulo Alcantara) [RHEL-61400] - cifs: remove useless DeleteMidQEntry() (Paulo Alcantara) [RHEL-61400] - Bluetooth: af_bluetooth: Fix deadlock (CKI Backport Bot) [RHEL-58991] - gitlab-ci: provide consistent kcidb_tree_name (Michael Hofmann) - x86/mm/ident_map: Use gbpages only where full GB page should be mapped. (Nico Pache) [RHEL-26709] - audit: Send netlink ACK before setting connection in auditd_set (Richard Guy Briggs) [RHEL-14004] - KVM: selftests: x86: Fix test failure on arch lbr capable platforms (Maxim Levitsky) [RHEL-23999] - raid1: fix use-after-free for original bio in raid1_write_request() (Nigel Croxon) [RHEL-55263] Resolves: RHEL-14004, RHEL-23999, RHEL-26709, RHEL-55263, RHEL-58991, RHEL-61400, RHEL-61702 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
8ced754fdf |
kernel-4.18.0-553.27.1.el8_10
* Thu Oct 17 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.27.1.el8_10] - lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (Waiman Long) [RHEL-62139] {CVE-2024-47668} - bonding: fix xfrm real_dev null pointer dereference (Hangbin Liu) [RHEL-57239] {CVE-2024-44989} - bonding: fix null pointer deref in bond_ipsec_offload_ok (Hangbin Liu) [RHEL-57233] {CVE-2024-44990} - bpf: Fix overrunning reservations in ringbuf (Viktor Malik) [RHEL-49414] {CVE-2024-41009} - xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CKI Backport Bot) [RHEL-49309] {CVE-2022-48773} - tty: tty_io: update timestamps on all device nodes (Aristeu Rozanski) [RHEL-55257] - tty: use 64-bit timstamp (Aristeu Rozanski) [RHEL-55257] - ELF: fix kernel.randomize_va_space double read (Rafael Aquini) [RHEL-60669] {CVE-2024-46826} - xfrm: set dst dev to blackhole_netdev instead of loopback_dev in ifdown (Xin Long) [RHEL-58100] - loopback: fix lockdep splat (Xin Long) [RHEL-58100] - blackhole_netdev: use blackhole_netdev to invalidate dst entries (Xin Long) [RHEL-58100] - loopback: create blackhole net device similar to loopack. (Xin Long) [RHEL-58100] Resolves: RHEL-49309, RHEL-49414, RHEL-55257, RHEL-57233, RHEL-57239, RHEL-58100, RHEL-60669, RHEL-62139 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
7d0d16faa1 |
kernel-4.18.0-553.26.1.el8_10
* Wed Oct 09 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.26.1.el8_10] - nouveau: lock the client object tree. (Abdiel Janulgue) [RHEL-35118] {CVE-2024-27062} - cifs: fix deadlock between reconnect and lease break (Paulo Alcantara) [RHEL-58037] - ACPI: PAD: fix crash in exit_round_robin() (Mark Langsdorf) [RHEL-56156] - gfs2: Randomize GLF_VERIFY_DELETE work delay (Andreas Gruenbacher) [RHEL-35757] - gfs2: Use mod_delayed_work in gfs2_queue_try_to_evict (Andreas Gruenbacher) [RHEL-35757] - gfs2: Update to the evict / remote delete documentation (Andreas Gruenbacher) [RHEL-35757] - gfs2: Clean up delete work processing (Andreas Gruenbacher) [RHEL-35757] - gfs2: Return enum evict_behavior from gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-35757] - gfs2: Rename dinode_demise to evict_behavior (Andreas Gruenbacher) [RHEL-35757] - gfs2: Rename GIF_{DEFERRED -> DEFER}_DELETE (Andreas Gruenbacher) [RHEL-35757] - gfs2: Faster gfs2_upgrade_iopen_glock wakeups (Andreas Gruenbacher) [RHEL-35757] - gfs2: Fix unlinked inode cleanup (Andreas Gruenbacher) [RHEL-35757] - gfs2: Initialize gl_no_formal_ino earlier (Andreas Gruenbacher) [RHEL-35757] - gfs2: Rename GLF_VERIFY_EVICT to GLF_VERIFY_DELETE (Andreas Gruenbacher) [RHEL-35757] - gfs2: make timeout values more explicit (Wolfram Sang) [RHEL-35757] - gfs2: Simplify function gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-35757] - gfs2: Rename SDF_DEACTIVATING to SDF_KILL (Andreas Gruenbacher) [RHEL-35757] - gfs2: Cease delete work during unmount (Bob Peterson) [RHEL-35757] - gfs2: Improve gfs2_upgrade_iopen_glock comment (Andreas Gruenbacher) [RHEL-35757] - gfs2: nit: gfs2_drop_inode shouldn't return bool (Bob Peterson) [RHEL-35757] - dmaengine: fix NULL pointer in channel unregistration function (Jerry Snitselaar) [RHEL-28867] {CVE-2023-52492} - dma-direct: Leak pages on dma_set_decrypted() failure (Jerry Snitselaar) [RHEL-37335] {CVE-2024-35939} - nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (Olga Kornievskaia) [RHEL-41075] - NFSv4: Always ask for type with READDIR (Benjamin Coddington) [RHEL-39397] - cifs: get rid of unneeded conditional in cifs_get_num_sgs() (Paulo Alcantara) [RHEL-60251] - cifs: Get rid of unneeded conditional in the smb2_get_aead_req() (Paulo Alcantara) [RHEL-60251] - cifs: Remove duplicated include in cifsglob.h (Paulo Alcantara) [RHEL-60251] - cifs: fix oops during encryption (Paulo Alcantara) [RHEL-60251] Resolves: RHEL-28867, RHEL-35118, RHEL-35757, RHEL-37335, RHEL-39397, RHEL-41075, RHEL-56156, RHEL-58037, RHEL-60251 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
ba7d5425aa |
kernel-4.18.0-553.25.1.el8_10
* Wed Oct 02 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.25.1.el8_10] - cifs: modefromsids must add an ACE for authenticated users (Paulo Alcantara) [RHEL-56052] - cifs: do not use uninitialized data in the owner/group sid (Paulo Alcantara) [RHEL-56052] - cifs: fix set of group SID via NTSD xattrs (Paulo Alcantara) [RHEL-56052] - smb3: correct smb3 ACL security descriptor (Paulo Alcantara) [RHEL-56052] - smb3: fix possible access to uninitialized pointer to DACL (Paulo Alcantara) [RHEL-56052] - cifs: remove two cases where rc is set unnecessarily in sid_to_id (Paulo Alcantara) [RHEL-56052] - cifs: Fix chmod with modefromsid when an older ACE already exists. (Paulo Alcantara) [RHEL-56052] - cifs: update new ACE pointer after populate_new_aces. (Paulo Alcantara) [RHEL-56052] - cifs: If a corrupted DACL is returned by the server, bail out. (Paulo Alcantara) [RHEL-56052] - cifs: cleanup a few le16 vs. le32 uses in cifsacl.c (Paulo Alcantara) [RHEL-56052] - cifs: Change SIDs in ACEs while transferring file ownership. (Paulo Alcantara) [RHEL-56052] - cifs: Retain old ACEs when converting between mode bits and ACL. (Paulo Alcantara) [RHEL-56052] - cifs: Fix cifsacl ACE mask for group and others. (Paulo Alcantara) [RHEL-56052] - Add SMB 2 support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052] - SMB3: Add support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052] - cifs: Enable sticky bit with cifsacl mount option. (Paulo Alcantara) [RHEL-56052] - cifs: Fix unix perm bits to cifsacl conversion for "other" bits. (Paulo Alcantara) [RHEL-56052] - drm/i915/gt: Fix potential UAF by revoke of fence registers (Mika Penttilä) [RHEL-53633] {CVE-2024-41092} - scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (Dick Kennedy) [RHEL-27224] - kobject_uevent: Fix OOB access within zap_modalias_env() (Rafael Aquini) [RHEL-55000] {CVE-2024-42292} - gfs2: Fix NULL pointer dereference in gfs2_log_flush (Andrew Price) [RHEL-51553] {CVE-2024-42079} - of: module: add buffer overflow check in of_modalias() (Charles Mirabile) [RHEL-44267] {CVE-2024-38541} Resolves: RHEL-27224, RHEL-44267, RHEL-51553, RHEL-53633, RHEL-55000, RHEL-56052 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
13be37371f |
kernel-4.18.0-553.24.1.el8_10
* Wed Sep 25 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.24.1.el8_10] - cifs: do not set WorkstationName in NTLMSSP auth blob (Paulo Alcantara) [RHEL-56729] - padata: Fix possible divide-by-0 panic in padata_mt_helper() (Steve Best) [RHEL-56162] {CVE-2024-43889} - i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR (CKI Backport Bot) [RHEL-57000] - sctp: Fix null-ptr-deref in reuseport_add_sock(). (Xin Long) [RHEL-56234] {CVE-2024-44935} - net/mlx5e: Fix netif state handling (Michal Schmidt) [RHEL-43864] {CVE-2024-38608} - net/mlx5e: Add wrapping for auxiliary_driver ops and remove unused args (Michal Schmidt) [RHEL-43864] {CVE-2024-38608} - r8169: Fix possible ring buffer corruption on fragmented Tx packets. (cki-backport-bot) [RHEL-44031] {CVE-2024-38586} - netfilter: flowtable: initialise extack before use (Florian Westphal) [RHEL-58542] {CVE-2024-45018} - memcg: protect concurrent access to mem_cgroup_idr (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} - memcontrol: ensure memcg acquired by id is properly set up (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} - mm: memcontrol: fix cannot alloc the maximum memcg ID (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} - mm/memcg: minor cleanup for MEM_CGROUP_ID_MAX (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} - ice: Add netif_device_attach/detach into PF reset flow (CKI Backport Bot) [RHEL-23676] Resolves: RHEL-23676, RHEL-43864, RHEL-44031, RHEL-56162, RHEL-56234, RHEL-56252, RHEL-56729, RHEL-57000, RHEL-58542 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
67fea34b5b |
kernel-4.18.0-553.23.1.el8_10
* Thu Sep 19 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.23.1.el8_10] - ethtool: check device is present when getting link settings (Jamie Bainbridge) [RHEL-57002] - netfilter: nft_set_pipapo: do not free live element (Phil Sutter) [RHEL-34221] {CVE-2024-26924} - netfilter: nf_tables: missing iterator type in lookup walk (Phil Sutter) [RHEL-35033] {CVE-2024-27017} - netfilter: nft_set_pipapo: walk over current view on netlink dump (Phil Sutter) [RHEL-35033] {CVE-2024-27017} - netfilter: nftables: add helper function to flush set elements (Phil Sutter) [RHEL-35033] {CVE-2024-27017} - netfilter: nf_tables: prefer nft_chain_validate (Phil Sutter) [RHEL-51040] {CVE-2024-41042} - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (Phil Sutter) [RHEL-51516] {CVE-2024-42070} - netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (Phil Sutter) [RHEL-43003] {CVE-2024-35898} - netfilter: ipset: Fix suspicious rcu_dereference_protected() (Phil Sutter) [RHEL-47606] {CVE-2024-39503} - netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (Phil Sutter) [RHEL-47606] {CVE-2024-39503} - netfilter: ipset: Add list flush to cancel_gc (Phil Sutter) [RHEL-47606] {CVE-2024-39503} - netfilter: nf_conntrack_h323: Add protection for bmp length out of range (Phil Sutter) [RHEL-42680] {CVE-2024-26851} - netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} - netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} - netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} - netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} - dev/parport: fix the array out-of-bounds risk (Steve Best) [RHEL-54985] {CVE-2024-42301} - KVM: Always flush async #PF workqueue when vCPU is being destroyed (Sean Christopherson) [RHEL-35100] {CVE-2024-26976} - bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (Kamal Heib) [RHEL-44279] {CVE-2024-38540} - tipc: Return non-zero value from tipc_udp_addr2str() on error (Xin Long) [RHEL-55069] {CVE-2024-42284} - Bluetooth: Fix TOCTOU in HCI debugfs implementation (CKI Backport Bot) [RHEL-26831] {CVE-2024-24857} - drm/i915/dpt: Make DPT object unshrinkable (CKI Backport Bot) [RHEL-47856] {CVE-2024-40924} - tipc: force a dst refcount before doing decryption (Xin Long) [RHEL-48363] {CVE-2024-40983} - block: initialize integrity buffer to zero before writing it to media (Ming Lei) [RHEL-54763] {CVE-2024-43854} - gso: do not skip outer ip header in case of ipip and net_failover (CKI Backport Bot) [RHEL-55790] {CVE-2022-48936} - drm/amdgpu: avoid using null object of framebuffer (CKI Backport Bot) [RHEL-51405] {CVE-2024-41093} - ipv6: prevent possible NULL deref in fib6_nh_init() (Guillaume Nault) [RHEL-48170] {CVE-2024-40961} - mlxsw: spectrum_acl_erp: Fix object nesting warning (CKI Backport Bot) [RHEL-55568] {CVE-2024-43880} - ibmvnic: Add tx check to prevent skb leak (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066} - ibmvnic: rename local variable index to bufidx (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066} - netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} - netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} - netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} - netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} - USB: serial: mos7840: fix crash on resume (CKI Backport Bot) [RHEL-53680] {CVE-2024-42244} - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (CKI Backport Bot) [RHEL-48381] {CVE-2024-40984} Resolves: RHEL-26831, RHEL-34221, RHEL-35033, RHEL-35100, RHEL-37038, RHEL-37039, RHEL-42680, RHEL-43003, RHEL-44279, RHEL-47606, RHEL-47856, RHEL-48170, RHEL-48363, RHEL-48381, RHEL-51040, RHEL-51249, RHEL-51405, RHEL-51516, RHEL-53680, RHEL-54763, RHEL-54985, RHEL-55069, RHEL-55568, RHEL-55790, RHEL-57002 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
1238d03c7f |
kernel-4.18.0-553.22.1.el8_10
* Wed Sep 11 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.22.1.el8_10] - wifi: mac80211: Avoid address calculations via out of bounds array indexing (Michal Schmidt) [RHEL-51278] {CVE-2024-41071} Resolves: RHEL-51278 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
96cfee15d2 |
kernel-4.18.0-553.21.1.el8_10
* Wed Sep 04 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.21.1.el8_10] - s390/dasd: fix error recovery leading to data corruption on ESE devices (Mete Durlu) [RHEL-55874] - protect the fetch of ->fd[fd] in do_dup2() from mispredictions (CKI Backport Bot) [RHEL-55123] {CVE-2024-42265} - net: openvswitch: fix overwriting ct original tuple for ICMPv6 (cki-backport-bot) [RHEL-44207] {CVE-2024-38558} - mlxsw: thermal: Fix out-of-bounds memory accesses (CKI Backport Bot) [RHEL-38375] {CVE-2021-47441} - USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (CKI Backport Bot) [RHEL-47552] {CVE-2024-40904} - ipvs: properly dereference pe in ip_vs_add_service (Phil Sutter) [RHEL-54903] {CVE-2024-42322} - net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket (CKI Backport Bot) [RHEL-53702] {CVE-2024-42246} - drm/amdgpu: change vm->task_info handling (Michel Dänzer) [RHEL-49379] {CVE-2024-41008} - drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() (Michel Dänzer) [RHEL-45036] {CVE-2024-39471} - drm/amdgpu: add error handle to avoid out-of-bounds (Michel Dänzer) [RHEL-45036] {CVE-2024-39471} - drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (Michel Dänzer) [RHEL-52845] {CVE-2024-42228} Resolves: RHEL-38375, RHEL-44207, RHEL-45036, RHEL-47552, RHEL-49379, RHEL-52845, RHEL-53702, RHEL-54903, RHEL-55123, RHEL-55874 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
de4004ba64 |
kernel-4.18.0-553.20.1.el8_10
* Thu Aug 29 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.20.1.el8_10] - KVM: arm64: Disassociate vcpus from redistributor region on teardown (Shaoqin Huang) [RHEL-48417] {CVE-2024-40989} - devres: Fix memory leakage caused by driver API devm_free_percpu() (CKI Backport Bot) [RHEL-55597] {CVE-2024-43871} - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP (Izabela Bakollari) [RHEL-26680] {CVE-2024-26600} - nvmet-fc: avoid deadlock on delete association path (Maurizio Lombardi) [RHEL-31618] {CVE-2024-26769} - nvmet-fc: release reference on target port (Maurizio Lombardi) [RHEL-31618] {CVE-2024-26769} - ACPI: LPIT: Avoid u32 multiplication overflow (Mark Langsdorf) [RHEL-37062] {CVE-2023-52683} - sched/deadline: Fix task_struct reference leak (Phil Auld) [RHEL-50904] {CVE-2024-41023} - nfsd: fix crash on LOCKT on reexported NFSv3 (Benjamin Coddington) [RHEL-31515] - mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path (CKI Backport Bot) [RHEL-26570] {CVE-2024-26595} - mlxsw: spectrum_acl_tcam: Move devlink param to TCAM code (Ivan Vecera) [RHEL-26570] {CVE-2024-26595} - ACPI: extlog: fix NULL pointer dereference check (Mark Langsdorf) [RHEL-29110] {CVE-2023-52605} - ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() (Mark Langsdorf) [RHEL-33198] {CVE-2024-26894} - mm: prevent derefencing NULL ptr in pfn_section_valid() (Audra Mitchell) [RHEL-51132] {CVE-2024-41055} - mm, kmsan: fix infinite recursion due to RCU critical section (Audra Mitchell) [RHEL-51132] {CVE-2024-41055} - cipso: make cipso_v4_skbuff_delattr() fully remove the CIPSO options (Ondrej Mosnacek) [RHEL-30904] - cipso: fix total option length computation (Ondrej Mosnacek) [RHEL-30904] - ext4: do not create EA inode under buffer lock (Carlos Maiolino) [RHEL-48271] {CVE-2024-40972} - ext4: fold quota accounting into ext4_xattr_inode_lookup_create() (Carlos Maiolino) [RHEL-48271] {CVE-2024-40972} - ext4: check the return value of ext4_xattr_inode_dec_ref() (Carlos Maiolino) [RHEL-48271] {CVE-2024-40972} - ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() (Carlos Maiolino) [RHEL-48507] {CVE-2024-40998} - ext4: remove duplicate definition of ext4_xattr_ibody_inline_set() (Carlos Maiolino) [RHEL-48271] {CVE-2024-40972} Resolves: RHEL-26570, RHEL-26680, RHEL-29110, RHEL-30904, RHEL-31515, RHEL-31618, RHEL-33198, RHEL-37062, RHEL-48271, RHEL-48417, RHEL-48507, RHEL-50904, RHEL-51132, RHEL-55597 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
4c931425b4 |
kernel-4.18.0-553.19.1.el8_10
* Thu Aug 22 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.19.1.el8_10] - drm/i915/vma: Fix UAF on destroy against retire race (Mika Penttilä) [RHEL-35222] {CVE-2024-26939} - RHEL-48620 (Kenneth Yin) [RHEL-48620] - net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() (CKI Backport Bot) [RHEL-42721] {CVE-2024-26855} - net: usb: asix: do not force pause frames support (Ken Cox) [RHEL-28108] {CVE-2021-47101} - net: asix: fix "can't send until first packet is send" issue (Ken Cox) [RHEL-28108] {CVE-2021-47101} - net: asix: fix modprobe "sysfs: cannot create duplicate filename" (Ken Cox) [RHEL-28108] {CVE-2021-47101} - net: asix: add proper error handling of usb read errors (Ken Cox) [RHEL-28108] {CVE-2021-47101} - asix: fix wrong return value in asix_check_host_enable() (Ken Cox) [RHEL-28108] {CVE-2021-47101} - asix: fix uninit-value in asix_mdio_read() (Ken Cox) [RHEL-28108] {CVE-2021-47101} - net: usb: asix: ax88772: fix boolconv.cocci warnings (Ken Cox) [RHEL-28108] {CVE-2021-47101} - net: usb: asix: do not call phy_disconnect() for ax88178 (Ken Cox) [RHEL-28108] {CVE-2021-47101} - net: usb: asix: ax88772: move embedded PHY detection as early as possible (Ken Cox) [RHEL-28108] {CVE-2021-47101} - net: asix: fix uninit value bugs (Ken Cox) [RHEL-28108] {CVE-2021-47101} - net: usb: asix: ax88772: add missing stop (Ken Cox) [RHEL-28108] {CVE-2021-47101} - net: usb: asix: ax88772: suspend PHY on driver probe (Ken Cox) [RHEL-28108] {CVE-2021-47101} - net: usb: asix: ax88772: manage PHY PM from MAC (Ken Cox) [RHEL-28108] {CVE-2021-47101} - net: usb: asix: ax88772: Fix less than zero comparison of a u16 (Ken Cox) [RHEL-28108] {CVE-2021-47101} - net: usb: asix: Fix less than zero comparison of a u16 (Ken Cox) [RHEL-28108] {CVE-2021-47101} - net: usb: asix: add error handling for asix_mdio_* functions (Ken Cox) [RHEL-28108] {CVE-2021-47101} - net: usb: asix: ax88772: add phylib support (Ken Cox) [RHEL-28108] {CVE-2021-47101} - net: usb: asix: refactor asix_read_phy_addr() and handle errors on return (Ken Cox) [RHEL-28108] {CVE-2021-47101} - SUNRPC: always free ctxt when freeing deferred request (Jay Shin) [RHEL-40936] - SUNRPC: double free xprt_ctxt while still in use (Jay Shin) [RHEL-40936] - SUNRPC: Remove svc_rqst::rq_xprt_hlen (Jay Shin) [RHEL-40936] - SUNRPC: Remove dead code in svc_tcp_release_rqst() (Jay Shin) [RHEL-40936] - x86/bugs: Extend VMware Retbleed workaround to Nehalem & earlier CPUs (Waiman Long) [RHEL-48646] - wifi: iwlwifi: read txq->read_ptr under lock (Jose Ignacio Tornos Martinez) [RHEL-39797] {CVE-2024-36922} - scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (John Meneghini) [RHEL-39908] {CVE-2024-36919} - nbd: always initialize struct msghdr completely (Ming Lei) [RHEL-29498] {CVE-2024-26638} - block: don't call rq_qos_ops->done_bio if the bio isn't tracked (Ming Lei) [RHEL-42151] {CVE-2021-47412} - nvmet: fix a possible leak when destroy a ctrl during qp establishment (Maurizio Lombardi) [RHEL-52013] {CVE-2024-42152} - ipv6: prevent NULL dereference in ip6_output() (Sabrina Dubroca) [RHEL-39912] {CVE-2024-36901} - ppp: reject claimed-as-LCP but actually malformed packets (Guillaume Nault) [RHEL-51052] {CVE-2024-41044} - leds: trigger: Unregister sysfs attributes before calling deactivate() (CKI Backport Bot) [RHEL-54834] {CVE-2024-43830} - crypto: bcm - Fix pointer arithmetic (cki-backport-bot) [RHEL-44108] {CVE-2024-38579} - scsi: qedf: Ensure the copied buf is NUL terminated (John Meneghini) [RHEL-44195] {CVE-2024-38559} - x86/bhi: Avoid warning in #DB handler due to BHI mitigation (Waiman Long) [RHEL-53657] {CVE-2024-42240} - scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory (CKI Backport Bot) [RHEL-47529] {CVE-2024-40901} - ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() (CKI Backport Bot) [RHEL-39843] {CVE-2024-36902} - net: usb: ax88179_178a: improve link status logs (Jose Ignacio Tornos Martinez) [RHEL-45167] - net: usb: ax88179_178a: improve reset check (Jose Ignacio Tornos Martinez) [RHEL-45167] - net: usb: ax88179_178a: fix link status when link is set to down/up (Jose Ignacio Tornos Martinez) [RHEL-45167] - net: usb: ax88179_178a: avoid writing the mac address before first reading (Jose Ignacio Tornos Martinez) [RHEL-45167] - KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() (Shaoqin Huang) [RHEL-40837] {CVE-2024-36953} - KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id (Shaoqin Huang) [RHEL-40837] {CVE-2024-36953} - media: cec: cec-api: add locking in cec_release() (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: core: avoid confusing "transmit timed out" message (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: core: avoid recursive cec_claim_log_addrs (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: cec-adap: always cancel work in cec_transmit_msg_fh (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: core: remove length check of Timer Status (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: core: count low-drive, error and arb-lost conditions (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: core: add note about *_from_edid() function usage in drm (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: core: add adap_unconfigured() callback (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: core: add adap_nb_transmit_canceled() callback (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: core: don't set last_initiator if tx in progress (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: core: disable adapter in cec_devnode_unregister (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: core: not all messages were passed on when monitoring (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: add support for Absolute Volume Control (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec-adap.c: log when claiming LA fails unexpectedly (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec-adap.c: drop activate_cnt, use state info instead (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec-adap.c: reconfigure if the PA changes during configuration (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec-adap.c: fix is_configuring state (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec-adap.c: stop trying LAs on CEC_TX_STATUS_TIMEOUT (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec-adap.c: don't unconfigure if already unconfigured (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: add optional adap_configured callback (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: add xfer_timeout_ms field (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: use call_op and check for !unregistered (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec-pin: fix interrupt en/disable handling (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec-pin: drop unused 'enabled' field from struct cec_pin (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec-pin: fix off-by-one SFT check (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec-pin: rename timer overrun variables (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: correctly pass on reply results (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: abort if the current transmit was canceled (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: call enable_adap on s_log_addrs (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: media/cec.h: document cec_adapter fields (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: fix a deadlock situation (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: safely unhook lists in cec_data (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: copy sequence field for the reply (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: fix trivial style warnings (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec-adap.c: add 'unregistered' checks (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec-adap.c: don't use flush_scheduled_work() (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: Use fallthrough pseudo-keyword (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: remove unused waitq and phys_addrs fields (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: silence shift wrapping warning in __cec_s_log_addrs() (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - media: cec: move the core to a separate directory (Kate Hsuan) [RHEL-22559] {CVE-2024-23848} - net/iucv: Avoid explicit cpumask var allocation on stack (CKI Backport Bot) [RHEL-51631] {CVE-2024-42094} - scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info (Dick Kennedy) [RHEL-40400] - KVM: selftests: Make hyperv_clock require TSC based system clocksource (Vitaly Kuznetsov) [RHEL-19027] - KVM: selftests: Run clocksource dependent tests with hyperv_clocksource_tsc_page too (Vitaly Kuznetsov) [RHEL-19027] - KVM: selftests: Use generic sys_clocksource_is_tsc() in vmx_nested_tsc_scaling_test (Vitaly Kuznetsov) [RHEL-19027] - KVM: selftests: Generalize check_clocksource() from kvm_clock_test (Vitaly Kuznetsov) [RHEL-19027] - firmware: cs_dsp: Return error if block header overflows file (CKI Backport Bot) [RHEL-53646] {CVE-2024-42238} - firmware: cs_dsp: Validate payload length before processing block (CKI Backport Bot) [RHEL-53638] {CVE-2024-42237} - mm, slub: fix potential memoryleak in kmem_cache_open() (Waiman Long) [RHEL-38404] {CVE-2021-47466} - slub: don't panic for memcg kmem cache creation failure (Waiman Long) [RHEL-38404] {CVE-2021-47466} - wifi: ath11k: fix htt pktlog locking (Jose Ignacio Tornos Martinez) [RHEL-38317] {CVE-2023-52800} - wifi: ath11k: fix dfs radar event locking (Jose Ignacio Tornos Martinez) [RHEL-38165] {CVE-2023-52798} - lib/generic-radix-tree.c: Don't overflow in peek() (Waiman Long) [RHEL-37737] {CVE-2021-47432} - include/linux/generic-radix-tree.h: replace kernel.h with the necessary inclusions (Waiman Long) [RHEL-37737] {CVE-2021-47432} - EDAC/i10nm: Skip the absent memory controllers (Aristeu Rozanski) [RHEL-43236] - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (John Meneghini) [RHEL-38197] {CVE-2023-52809} - gfs2: Fix potential glock use-after-free on unmount (Andreas Gruenbacher) [RHEL-44149] {CVE-2024-38570} - gfs2: simplify gdlm_put_lock with out_free label (Andreas Gruenbacher) [RHEL-44149] {CVE-2024-38570} - gfs2: Remove ill-placed consistency check (Andreas Gruenbacher) [RHEL-44149] {CVE-2024-38570} - nvme-fc: do not wait in vain when unloading module (Ewan D. Milne) [RHEL-33083] {CVE-2024-26846} - HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts (CKI Backport Bot) [RHEL-49698] {CVE-2022-48866} - scsi: qedf: Set qed_slowpath_params to zero before use (John Meneghini) [RHEL-9797] - scsi: qedf: Wait for stag work during unload (John Meneghini) [RHEL-9797] - scsi: qedf: Don't process stag work during unload and recovery (John Meneghini) [RHEL-9797] - Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" (Audra Mitchell) [RHEL-42625] {CVE-2024-26720} - mm: avoid overflows in dirty throttling logic (Audra Mitchell) [RHEL-51840] {CVE-2024-42131} - mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again (Audra Mitchell) [RHEL-42625] {CVE-2024-26720} - ACPI: fix NULL pointer dereference (Mark Langsdorf) [RHEL-37897] {CVE-2021-47289} Resolves: RHEL-19027, RHEL-22559, RHEL-28108, RHEL-29498, RHEL-33083, RHEL-35222, RHEL-37737, RHEL-37897, RHEL-38165, RHEL-38197, RHEL-38317, RHEL-38404, RHEL-39797, RHEL-39843, RHEL-39908, RHEL-39912, RHEL-40400, RHEL-40837, RHEL-40936, RHEL-42151, RHEL-42625, RHEL-42721, RHEL-43236, RHEL-44108, RHEL-44149, RHEL-44195, RHEL-45167, RHEL-47529, RHEL-48620, RHEL-48646, RHEL-49698, RHEL-51052, RHEL-51631, RHEL-51840, RHEL-52013, RHEL-53638, RHEL-53646, RHEL-53657, RHEL-54834, RHEL-9797 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
0488193495 |
kernel-4.18.0-553.18.1.el8_10
* Fri Aug 16 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.18.1.el8_10] - scsi: mpi3mr: Avoid memcpy field-spanning write WARNING (Ewan D. Milne) [RHEL-39805] {CVE-2024-36920} - tun: limit printing rate when illegal packet received by tun dev (Jon Maloy) [RHEL-35046] {CVE-2024-27013} - drm/amdgpu/debugfs: fix error code when smc register accessors are NULL (Michel Dänzer) [RHEL-38210] {CVE-2023-52817} - drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL (Michel Dänzer) [RHEL-38210] {CVE-2023-52817} - drm/amdgpu/mes: fix use-after-free issue (Michel Dänzer) [RHEL-44043] {CVE-2024-38581} - drm/amdgpu: Fix the null pointer when load rlc firmware (Michel Dänzer) [RHEL-30603] {CVE-2024-26649} - drm/amdgpu: Fix potential out-of-bounds access in 'amdgpu_discovery_reg_base_init()' (Michel Dänzer) [RHEL-35160] {CVE-2024-27042} - net/sched: Fix UAF when resolving a clash (Xin Long) [RHEL-51014] {CVE-2024-41040} - tcp_metrics: validate source addr length (Guillaume Nault) [RHEL-52025] {CVE-2024-42154} - NFSv4/pnfs: Fix a use-after-free bug in open (Benjamin Coddington) [RHEL-35508] - NFSv4: Don't hold the layoutget locks across multiple RPC calls (Benjamin Coddington) [RHEL-35508] - scsi: qedf: Make qedf_execute_tmf() non-preemptible (John Meneghini) [RHEL-51799] {CVE-2024-42124} - Input: elantech - fix stack out of bound access in elantech_change_report_id() (CKI Backport Bot) [RHEL-41938] {CVE-2021-47097} - HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect (CKI Backport Bot) [RHEL-28982] {CVE-2023-52478} - drm/radeon: fix UBSAN warning in kv_dpm.c (CKI Backport Bot) [RHEL-48399] {CVE-2024-40988} - usb: core: Don't hold the device lock while sleeping in do_proc_control() (Desnes Nunes) [RHEL-43646] {CVE-2021-47582} - USB: core: Make do_proc_control() and do_proc_bulk() killable (Desnes Nunes) [RHEL-43646] {CVE-2021-47582} - scsi: qedi: Fix crash while reading debugfs attribute (CKI Backport Bot) [RHEL-48327] {CVE-2024-40978} - wifi: mt76: mt7921s: fix potential hung tasks during chip recovery (CKI Backport Bot) [RHEL-48309] {CVE-2024-40977} - net: tcp: accept old ack during closing (Jamie Bainbridge) [RHEL-52433] - wifi: iwlwifi: mvm: don't read past the mfuart notifcation (CKI Backport Bot) [RHEL-48016] {CVE-2024-40941} - net/iucv: fix use after free in iucv_sock_close() (Mete Durlu) [RHEL-53988] - wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (CKI Backport Bot) [RHEL-47908] {CVE-2024-40929} - Input: aiptek - properly check endpoint type (Benjamin Tissoires) [RHEL-48963] {CVE-2022-48836} - Input: aiptek - use descriptors of current altsetting (Benjamin Tissoires) [RHEL-48963] {CVE-2022-48836} - Input: aiptek - fix endpoint sanity check (Benjamin Tissoires) [RHEL-48963] {CVE-2022-48836} - usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB (CKI Backport Bot) [RHEL-52373] {CVE-2024-42226} - wifi: mt76: replace skb_put with skb_put_zero (CKI Backport Bot) [RHEL-52366] {CVE-2024-42225} - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (CKI Backport Bot) [RHEL-47776] {CVE-2024-40912} - wifi: cfg80211: Lock wiphy in cfg80211_get_station (CKI Backport Bot) [RHEL-47758] {CVE-2024-40911} - VMCI: Use struct_size() in kmalloc() (Steve Best) [RHEL-37325] {CVE-2024-35944} - VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler() (Steve Best) [RHEL-37325] {CVE-2024-35944} - VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host() (Steve Best) [RHEL-37325] {CVE-2024-35944} - wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values (Jose Ignacio Tornos Martinez) [RHEL-51761] {CVE-2024-42114} - usb: atm: cxacru: fix endpoint checking in cxacru_bind() (CKI Backport Bot) [RHEL-51442] {CVE-2024-41097} - nfs: handle error of rpc_proc_register() in init_nfs_fs() (Scott Mayhew) [RHEL-39904] {CVE-2024-36939} - drm/radeon: check bo_va->bo is non-NULL before using it (CKI Backport Bot) [RHEL-51184] {CVE-2024-41060} - udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port(). (CKI Backport Bot) [RHEL-51027] {CVE-2024-41041} - USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (CKI Backport Bot) [RHEL-50961] {CVE-2024-41035} - tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). (CKI Backport Bot) [RHEL-44408] {CVE-2024-37356} - tcp: avoid too many retransmit packets (Florian Westphal) [RHEL-48627] {CVE-2024-41007} - tcp: use signed arithmetic in tcp_rtx_probe0_timed_out() (Florian Westphal) [RHEL-48627] - net: tcp: fix unexcepted socket die when snd_wnd is 0 (Florian Westphal) [RHEL-48627] - tcp: refactor tcp_retransmit_timer() (Florian Westphal) [RHEL-48627] - tcp: exit if nothing to retransmit on RTO timeout (Florian Westphal) [RHEL-48627] - netfilter: nf_tables: Reject tables of unsupported family (Florian Westphal) [RHEL-21418] {CVE-2023-6040} Resolves: RHEL-21418, RHEL-28982, RHEL-30603, RHEL-35046, RHEL-35160, RHEL-35508, RHEL-37325, RHEL-38210, RHEL-39805, RHEL-39904, RHEL-41938, RHEL-43646, RHEL-44043, RHEL-44408, RHEL-47758, RHEL-47776, RHEL-47908, RHEL-48016, RHEL-48309, RHEL-48327, RHEL-48399, RHEL-48627, RHEL-48963, RHEL-50961, RHEL-51014, RHEL-51027, RHEL-51184, RHEL-51442, RHEL-51761, RHEL-51799, RHEL-52025, RHEL-52366, RHEL-52373, RHEL-52433, RHEL-53988 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
8f964f1def |
kernel-4.18.0-553.17.1.el8_10
* Wed Aug 07 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.17.1.el8_10] - kyber: fix out of bounds access when preempted (Ming Lei) [RHEL-27258] {CVE-2021-46984} - vfs: don't mod negative dentry count when on shrinker list (Brian Foster) [RHEL-35874] - fs/dcache: Re-use value stored to dentry->d_flags instead of re-reading (Brian Foster) [RHEL-35874] - fbmem: Do not delete the mode that is still in use (CKI Backport Bot) [RHEL-37796] {CVE-2021-47338} - netpoll: Fix race condition in netpoll_owner_active (CKI Backport Bot) [RHEL-49361] {CVE-2024-41005} - firmware: arm_scpi: Fix string overflow in SCPI genpd driver (Mark Salter) [RHEL-43702] {CVE-2021-47609} - ipv6: prevent possible NULL dereference in rt6_probe() (Guillaume Nault) [RHEL-48149] {CVE-2024-40960} - HID: i2c-hid-of: fix NULL-deref on failed power up (CKI Backport Bot) [RHEL-31598] {CVE-2024-26717} - cpufreq: amd-pstate: fix memory leak on CPU EPP exit (CKI Backport Bot) [RHEL-48489] {CVE-2024-40997} - x86/mm/pat: fix VM_PAT handling in COW mappings (Chris von Recklinghausen) [RHEL-37258] {CVE-2024-35877} - PCI/PM: Drain runtime-idle callbacks before driver removal (Myron Stowe) [RHEL-42937] {CVE-2024-35809} - PCI: Drop pci_device_remove() test of pci_dev->driver (Myron Stowe) [RHEL-42937] {CVE-2024-35809} - drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() (Mika Penttilä) [RHEL-26909] {CVE-2023-52470} - USB: core: Fix hang in usb_kill_urb by adding memory barriers (Desnes Nunes) [RHEL-43979] {CVE-2022-48760} - cifs: fix bad fids sent over wire (Paulo Alcantara) [RHEL-52517] - smb3: add additional null check in SMB311_posix_mkdir (Paulo Alcantara) [RHEL-52517] - smb3: add additional null check in SMB2_tcon (Paulo Alcantara) [RHEL-52517] - smb3: add additional null check in SMB2_open (Paulo Alcantara) [RHEL-52517] - smb3: add additional null check in SMB2_ioctl (Paulo Alcantara) [RHEL-52517] - selftests: forwarding: devlink_lib: Wait for udev events after reloading (Mark Langsdorf) [RHEL-47642] {CVE-2024-39501} - drivers: core: synchronize really_probe() and dev_uevent() (Mark Langsdorf) [RHEL-47642] {CVE-2024-39501} - udp: do not accept non-tunnel GSO skbs landing in a tunnel (Xin Long) [RHEL-42997] {CVE-2024-35884} - filelock: Remove locks reliably when fcntl/close race is detected (Bill O'Donnell) [RHEL-50170] {CVE-2024-41012} - Input: add bounds checking to input_set_capability() (Benjamin Tissoires) [RHEL-21413] {CVE-2022-48619} - xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (CKI Backport Bot) [RHEL-48130] {CVE-2024-40959} - blk-cgroup: fix list corruption from reorder of WRITE ->lqueued (Ming Lei) [RHEL-33695] - blk-cgroup: fix list corruption from resetting io stat (Ming Lei) [RHEL-33695] - net: do not leave a dangling sk pointer, when socket creation fails (CKI Backport Bot) [RHEL-48060] {CVE-2024-40954} - perf/x86/lbr: Filter vsyscall addresses (Michael Petlan) [RHEL-28991] {CVE-2023-52476} - vmci: prevent speculation leaks by sanitizing event in event_deliver() (CKI Backport Bot) [RHEL-47678] {CVE-2024-39499} - serial: core: fix transmit-buffer reset and memleak (Steve Best) [RHEL-38731] {CVE-2021-47527} - powerpc/pseries: Whitelist dtl slub object for copying to userspace (Mamatha Inamdar) [RHEL-51236] {CVE-2024-41065} - powerpc/eeh: avoid possible crash when edev->pdev changes (Mamatha Inamdar) [RHEL-51220] {CVE-2024-41064} - x86: stop playing stack games in profile_pc() (Steve Best) [RHEL-51643] {CVE-2024-42096} - mptcp: ensure snd_una is properly initialized on connect (Florian Westphal) [RHEL-47933 RHEL-47934] {CVE-2024-40931} - liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet (CKI Backport Bot) [RHEL-47492] {CVE-2024-39506} - tun: add missing verification for short frame (Patrick Talbert) [RHEL-50194] {CVE-2024-41091} - tap: add missing verification for short frame (Patrick Talbert) [RHEL-50279] {CVE-2024-41090} - usb-storage: alauda: Check whether the media is initialized (Desnes Nunes) [RHEL-43708] {CVE-2024-38619} - usb-storage: alauda: Fix uninit-value in alauda_check_media() (Desnes Nunes) [RHEL-43708] {CVE-2024-38619} - hwmon: (w83793) Fix NULL pointer dereference by removing unnecessary structure field (Steve Best) [RHEL-37723] {CVE-2021-47384} - block: fix that util can be greater than 100%% (Ming Lei) [RHEL-23074] - block: support to account io_ticks precisely (Ming Lei) [RHEL-23074] - watchdog: Fix possible use-after-free by calling del_timer_sync() (Steve Best) [RHEL-38795] {CVE-2021-47321} - hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (Steve Best) [RHEL-37719] {CVE-2021-47385} - mlxsw: spectrum: Protect driver from buggy firmware (CKI Backport Bot) [RHEL-42245] {CVE-2021-47560} - mlxsw: Verify the accessed index doesn't exceed the array length (CKI Backport Bot) [RHEL-42245] {CVE-2021-47560} - dm: call the resume method on internal suspend (Benjamin Marzinski) [RHEL-41835] {CVE-2024-26880} - tty: Fix out-of-bound vmalloc access in imageblit (Steve Best) [RHEL-37727] {CVE-2021-47383} - hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary structure field (Steve Best) [RHEL-37715] {CVE-2021-47386} - hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs (Steve Best) [RHEL-37710] {CVE-2021-47393} - nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells (Steve Best) [RHEL-38436] {CVE-2021-47497} - driver core: auxiliary bus: Fix memory leak when driver_register() fail (Steve Best) [RHEL-37901] {CVE-2021-47287} - phylib: fix potential use-after-free (cki-backport-bot) [RHEL-43764] {CVE-2022-48754} - ptp: Fix possible memory leak in ptp_clock_register() (Hangbin Liu) [RHEL-38424] {CVE-2021-47455} - NFSv4: Fix memory leak in nfs4_set_security_label (CKI Backport Bot) [RHEL-51315] {CVE-2024-41076} - pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (CKI Backport Bot) [RHEL-51618] {CVE-2024-42090} - ftruncate: pass a signed offset (CKI Backport Bot) [RHEL-51598] {CVE-2024-42084} - af_unix: Fix garbage collector racing against connect() (Felix Maurer) [RHEL-34225] {CVE-2024-26923} - virtio-net: Add validation for used length (Laurent Vivier) [RHEL-42080] {CVE-2021-47352} - net: fix possible store tearing in neigh_periodic_work() (Antoine Tenart) [RHEL-42359] {CVE-2023-52522} - tunnels: fix out of bounds access when building IPv6 PMTU error (Antoine Tenart) [RHEL-41823] {CVE-2024-26665} - vt_ioctl: fix array_index_nospec in vt_setactivate (John W. Linville) [RHEL-49141] {CVE-2022-48804} - Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() (CKI Backport Bot) [RHEL-38302] {CVE-2023-52840} - netns: Make get_net_ns() handle zero refcount net (Antoine Tenart) [RHEL-48105] {CVE-2024-40958} - tracing: Ensure visibility when inserting an element into tracing_map (Michael Petlan) [RHEL-30457] {CVE-2024-26645} - KVM: s390: fix LPSWEY handling (CKI Backport Bot) [RHEL-50072] - firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (CKI Backport Bot) [RHEL-51144] {CVE-2024-41056} - SUNRPC: Fix a race to wake a sync task (Benjamin Coddington) [RHEL-11843] - firmware: cs_dsp: Fix overflow checking of wmfw header (CKI Backport Bot) [RHEL-50999] {CVE-2024-41039} - firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers (CKI Backport Bot) [RHEL-50987] {CVE-2024-41038} - net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (Xin Long) [RHEL-48471] {CVE-2024-40995} - net: fix out-of-bounds access in ops_init (Xin Long) [RHEL-43185] {CVE-2024-36883} - x86/mce/therm_throt: Undo thermal polling properly on CPU offline (Steve Best) [RHEL-45310] - x86/mce/therm_throt: Do not access uninitialized therm_work (Steve Best) [RHEL-45310] - x86/mce/therm_throt: Mark throttle_active_work() as __maybe_unused (Steve Best) [RHEL-45310] - x86/mce/therm_throt: Mask out read-only and reserved MSR bits (Steve Best) [RHEL-45310] - x86/mce/therm_throt: Optimize notifications of thermal throttle (Steve Best) [RHEL-45310] - jiffies: add utility function to calculate delta in ms (Steve Best) [RHEL-45310] - x86/mce: Lower throttling MCE messages' priority to warning (Steve Best) [RHEL-45310] - dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (Eder Zulian) [RHEL-37361] {CVE-2024-35989} - xfs: don't walk off the end of a directory data block (CKI Backport Bot) [RHEL-50879] {CVE-2024-41013} - xfs: add bounds checking to xlog_recover_process_data (CKI Backport Bot) [RHEL-50856] {CVE-2024-41014} - dm-crypt: limit the size of encryption requests (Benjamin Marzinski) [RHEL-29330] - netfilter: flowtable: remove nf_ct_l4proto_find() call (Florian Westphal) [RHEL-49589] Resolves: RHEL-11843, RHEL-21413, RHEL-23074, RHEL-26909, RHEL-27258, RHEL-28991, RHEL-29330, RHEL-30457, RHEL-31598, RHEL-33695, RHEL-34225, RHEL-35874, RHEL-37258, RHEL-37361, RHEL-37710, RHEL-37715, RHEL-37719, RHEL-37723, RHEL-37727, RHEL-37796, RHEL-37901, RHEL-38302, RHEL-38424, RHEL-38436, RHEL-38731, RHEL-38795, RHEL-41823, RHEL-41835, RHEL-42080, RHEL-42245, RHEL-42359, RHEL-42937, RHEL-42997, RHEL-43185, RHEL-43702, RHEL-43708, RHEL-43764, RHEL-43979, RHEL-45310, RHEL-47492, RHEL-47642, RHEL-47678, RHEL-47933, RHEL-47934, RHEL-48060, RHEL-48105, RHEL-48130, RHEL-48149, RHEL-48471, RHEL-48489, RHEL-49141, RHEL-49361, RHEL-49589, RHEL-50072, RHEL-50170, RHEL-50194, RHEL-50279, RHEL-50856, RHEL-50879, RHEL-50987, RHEL-50999, RHEL-51144, RHEL-51220, RHEL-51236, RHEL-51315, RHEL-51598, RHEL-51618, RHEL-51643, RHEL-52517 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
898019bf59 |
kernel-4.18.0-553.16.1.el8_10
* Thu Aug 01 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.16.1.el8_10] - x86/bhi: Fix incorrect CLEAR_BRANCH_HISTORY position in entry_INT80_compat (Waiman Long) [RHEL-50648] Resolves: RHEL-50648 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
d93604b637 |
kernel-4.18.0-553.15.1.el8_10
* Fri Jul 26 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.15.1.el8_10] - Revert "scsi: st: Add third party poweron reset handling" (John Meneghini) [RHEL-44613] - ionic: fix use after netif_napi_del() (CKI Backport Bot) [RHEL-47624] {CVE-2024-39502} - ionic: clean interrupt before enabling queue to avoid credit race (CKI Backport Bot) [RHEL-47624] {CVE-2024-39502} - net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change (CKI Backport Bot) [RHEL-49321] {CVE-2021-47624} - xhci: Handle TD clearing for multiple streams case (CKI Backport Bot) [RHEL-47882] {CVE-2024-40927} - net: openvswitch: Fix Use-After-Free in ovs_ct_exit (cki-backport-bot) [RHEL-36362] {CVE-2024-27395} - net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (Ivan Vecera) [RHEL-43721] {CVE-2024-36979} - net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (Ivan Vecera) [RHEL-43721] {CVE-2024-36979} - net: bridge: mst: fix vlan use-after-free (cki-backport-bot) [RHEL-43721] {CVE-2024-36979} - irqchip/gic-v3-its: Prevent double free on error (Charles Mirabile) [RHEL-37022] {CVE-2024-35847} - irqchip/gic-v3-its: Fix potential VPE leak on error (Charles Mirabile) [RHEL-37744] {CVE-2021-47373} - i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction() (Charles Mirabile) [RHEL-34735] {CVE-2022-48632} - iommu/dma: fix zeroing of bounce buffer padding used by untrusted devices (Eder Zulian) [RHEL-36954] {CVE-2024-35814} - swiotlb: remove alloc_size argument to swiotlb_tbl_map_single() (Eder Zulian) [RHEL-36954] {CVE-2024-35814} - swiotlb: fix swiotlb_bounce() to do partial sync's correctly (Eder Zulian) [RHEL-36954] {CVE-2024-35814} - swiotlb: extend buffer pre-padding to alloc_align_mask if necessary (Eder Zulian) [RHEL-36954] {CVE-2024-35814} - swiotlb: Reinstate page-alignment for mappings >= PAGE_SIZE (Eder Zulian) [RHEL-36954] {CVE-2024-35814} - swiotlb: Fix alignment checks when both allocation and DMA masks are present (Eder Zulian) [RHEL-36954] {CVE-2024-35814} - swiotlb: Fix double-allocation of slots due to broken alignment handling (Eder Zulian) [RHEL-36954] {CVE-2024-35814} - genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline (cki-backport-bot) [RHEL-44441] {CVE-2024-31076} Resolves: RHEL-34735, RHEL-36362, RHEL-36954, RHEL-37022, RHEL-37744, RHEL-43721, RHEL-44441, RHEL-44613, RHEL-47624, RHEL-47882, RHEL-49321 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
de236294fb |
kernel-4.18.0-553.14.1.el8_10
* Thu Jul 25 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.14.1.el8_10] - s390/qeth: Fix kernel panic after setting hsuid (Mete Durlu) [RHEL-49754] - perf/core: Protect event sibling list locking against interrupt inversion (Daniel Vacek) [RHEL-31798] - vt: fix unicode buffer corruption when deleting characters (Steve Best) [RHEL-36936] {CVE-2024-35823} - cifs: translate network errors on send to -ECONNABORTED (Paulo Alcantara) [RHEL-36754] - xfs: don't block in busy flushing when freeing extents (Brian Foster) [RHEL-7984] - xfs: allow extent free intents to be retried (Brian Foster) [RHEL-7984] - xfs: pass alloc flags through to xfs_extent_busy_flush() (Brian Foster) [RHEL-7984] - xfs: use deferred frees for btree block freeing (Brian Foster) [RHEL-7984] - xfs: fix bounds check in xfs_defer_agfl_block() (Brian Foster) [RHEL-7984] - xfs: validate block number being freed before adding to xefi (Brian Foster) [RHEL-7984] - xfs: rename xfs_bmap_add_free to xfs_free_extent_later (Brian Foster) [RHEL-7984] - usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group (Desnes Nunes) [RHEL-36803] {CVE-2024-35790} - stm class: Fix a double free in stm_register_device() (Steve Best) [RHEL-44514] {CVE-2024-38627} - s390/qeth: Fix potential loss of L3-IP@ in case of network issues (Mete Durlu) [RHEL-49755] - tls: fix missing memory barrier in tls_init (cki-backport-bot) [RHEL-44471] {CVE-2024-36489} - xfs: fix log recovery buffer allocation for the legacy h_size fixup (Bill O'Donnell) [RHEL-46473] {CVE-2024-39472} - fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats (Brian Foster) [RHEL-31562] {CVE-2024-26686} - fs/proc: do_task_stat: move thread_group_cputime_adjusted() outside of lock_task_sighand() (Brian Foster) [RHEL-31562] {CVE-2024-26686} - fs/proc: do_task_stat: use __for_each_thread() (Brian Foster) [RHEL-31562] {CVE-2024-26686} - exit: Use the correct exit_code in /proc/<pid>/stat (Brian Foster) [RHEL-31562] {CVE-2024-26686} - scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool (Ewan D. Milne) [RHEL-38283] {CVE-2023-52811} - scsi: qla2xxx: Fix double free of fcport (Ewan D. Milne) [RHEL-39549] {CVE-2024-26929} - scsi: qla2xxx: Fix double free of the ha->vp_map pointer (Ewan D. Milne) [RHEL-39549] {CVE-2024-26930} - scsi: qla2xxx: Fix command flush on cable pull (Ewan D. Milne) [RHEL-39549] {CVE-2024-26931} Resolves: RHEL-31562, RHEL-31798, RHEL-36754, RHEL-36803, RHEL-36936, RHEL-38283, RHEL-39549, RHEL-44471, RHEL-44514, RHEL-46473, RHEL-49754, RHEL-49755, RHEL-7984 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
2e13fa6bef |
kernel-4.18.0-553.13.1.el8_10
* Fri Jul 19 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.13.1.el8_10] - redhat: remove handling of deleted rhdocs/ directory from genspec.sh (Denys Vlasenko) - x86/bugs: Fix BHI retpoline check (Waiman Long) [RHEL-28202] {CVE-2024-2201} - x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (Waiman Long) [RHEL-28202] {CVE-2024-2201} - x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (Waiman Long) [RHEL-28202] {CVE-2024-2201} - x86/bugs: Clarify that syscall hardening isn't a BHI mitigation (Waiman Long) [RHEL-28202] {CVE-2024-2201} - x86/bugs: Fix BHI handling of RRSBA (Waiman Long) [RHEL-28202] {CVE-2024-2201} - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (Waiman Long) [RHEL-28202] {CVE-2024-2201} - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (Waiman Long) [RHEL-28202] {CVE-2024-2201} - x86/bugs: Fix BHI documentation (Waiman Long) [RHEL-28202] {CVE-2024-2201} - x86/bugs: Fix return type of spectre_bhi_state() (Waiman Long) [RHEL-28202] {CVE-2024-2201} - x86/bugs: Make CONFIG_SPECTRE_BHI_ON the default (Waiman Long) [RHEL-28202] {CVE-2024-2201} - x86/bhi: Mitigate KVM by default (Waiman Long) [RHEL-28202] {CVE-2024-2201} - x86/bhi: Add BHI mitigation knob (Waiman Long) [RHEL-28202] {CVE-2024-2201} - x86/bhi: Enumerate Branch History Injection (BHI) bug (Waiman Long) [RHEL-28202] {CVE-2024-2201} - x86/bhi: Define SPEC_CTRL_BHI_DIS_S (Waiman Long) [RHEL-28202] {CVE-2024-2201} - x86/bhi: Add support for clearing branch history at syscall entry (Waiman Long) [RHEL-28202] {CVE-2024-2201} - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (Waiman Long) [RHEL-28202] - perf/x86/amd/lbr: Use freeze based on availability (Waiman Long) [RHEL-28202] - Documentation/kernel-parameters: Add spec_rstack_overflow to mitigations=off (Waiman Long) [RHEL-28202] - KVM: x86: Advertise CPUID.(EAX=7,ECX=2):EDX[5:0] to userspace (Waiman Long) [RHEL-28202] - x86/bugs: Reset speculation control settings on init (Waiman Long) [RHEL-28202] - KVM: x86: Update KVM-only leaf handling to allow for 100%% KVM-only leafs (Waiman Long) [RHEL-28202] - KVM: x86: Hide IA32_PLATFORM_DCA_CAP[31:0] from the guest (Waiman Long) [RHEL-28202] - mptcp: ensure snd_nxt is properly initialized on connect (Davide Caratti) [RHEL-39865] {CVE-2024-36889} - powerpc/pseries: Enforce hcall result buffer validity and size (Mamatha Inamdar) [RHEL-48291] {CVE-2024-40974} - wifi: mac80211: fix potential key use-after-free (Jose Ignacio Tornos Martinez) [RHEL-28007] {CVE-2023-52530} - cppc_cpufreq: Fix possible null pointer dereference (Mark Langsdorf) [RHEL-44137] {CVE-2024-38573} - net/sched: act_mirred: use the backlog for mirred ingress (Davide Caratti) [RHEL-31718] {CVE-2024-26740} - vfio/pci: Lock external INTx masking ops (Alex Williamson) [RHEL-31922] {CVE-2024-26810} - net: sched: sch_multiq: fix possible OOB write in multiq_tune() (Davide Caratti) [RHEL-43464] {CVE-2024-36978} - tcp: fix tcp_init_transfer() to not reset icsk_ca_initialized (Guillaume Nault) [RHEL-37850] {CVE-2021-47304} - pstore/ram: Fix crash when setting number of cpus to an odd number (Lenny Szubowicz) [RHEL-29471] {CVE-2023-52619} - drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node (Jocelyn Falempe) [RHEL-37101] {CVE-2023-52662} - drm/vmwgfx: Fix the lifetime of the bo cursor memory (Jocelyn Falempe) [RHEL-36962] {CVE-2024-35810} - drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (Jocelyn Falempe) [RHEL-34987] {CVE-2024-26940} - drm/vmwgfx: Unmap the surface before resetting it on a plane state (Jocelyn Falempe) [RHEL-35217] {CVE-2023-52648} - drm/vmwgfx: Fix invalid reads in fence signaled events (Jocelyn Falempe) [RHEL-40010] {CVE-2024-36960} - block: Fix wrong offset in bio_truncate() (Ming Lei) [RHEL-43782] {CVE-2022-48747} - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (CKI Backport Bot) [RHEL-46913] {CVE-2024-39487} - net: fix __dst_negative_advice() race (Xin Long) [RHEL-41183] {CVE-2024-36971} - igc: avoid returning frame twice in XDP_REDIRECT (Corinna Vinschen) [RHEL-33264] {CVE-2024-26853} - mac802154: fix llsec key resources release in mac802154_llsec_key_del (Steve Best) [RHEL-34967] {CVE-2024-26961} - cpufreq: exit() callback is optional (Mark Langsdorf) [RHEL-43840] {CVE-2024-38615} - cifs: prevent infinite recursion in CIFSGetDFSRefer() (Paulo Alcantara) [RHEL-34672] - cifs: lock chan_lock outside match_session (Paulo Alcantara) [RHEL-34672] - smb3: workaround negprot bug in some Samba servers (Paulo Alcantara) [RHEL-34672] - smb3: use netname when available on secondary channels (Paulo Alcantara) [RHEL-34672] - smb3: fix empty netname context on secondary channels (Paulo Alcantara) [RHEL-34672] - cifs: populate empty hostnames for extra channels (Paulo Alcantara) [RHEL-34672] - cifs: always iterate smb sessions using primary channel (Paulo Alcantara) [RHEL-34672] - cifs: Fix connections leak when tlink setup failed (Paulo Alcantara) [RHEL-34672] - cifs: Fix memory leak when build ntlmssp negotiate blob failed (Paulo Alcantara) [RHEL-34672] - cifs: always initialize struct msghdr smb_msg completely (Paulo Alcantara) [RHEL-34672] - cifs: don't send down the destination address to sendmsg for a SOCK_STREAM (Paulo Alcantara) [RHEL-34672] - cifs: revalidate mapping when doing direct writes (Paulo Alcantara) [RHEL-34672] - cifs: skip extra NULL byte in filenames (Paulo Alcantara) [RHEL-34672] - cifs: list_for_each() -> list_for_each_entry() (Paulo Alcantara) [RHEL-34672] - smb2: small refactor in smb2_check_message() (Paulo Alcantara) [RHEL-34672] - cifs: Fix crash on unload of cifs_arc4.ko (Paulo Alcantara) [RHEL-34672] - cifs: remove check of list iterator against head past the loop body (Paulo Alcantara) [RHEL-34672] - cifs: fix reconnect on smb3 mount types (Paulo Alcantara) [RHEL-34672] - cifs: fix uninitialized pointer in error case in dfs_cache_get_tgt_share (Paulo Alcantara) [RHEL-34672] - cifs: skip trailing separators of prefix paths (Paulo Alcantara) [RHEL-34672] - cifs: fix ntlmssp on old servers (Paulo Alcantara) [RHEL-34672] - cifs: fix NULL ptr dereference in refresh_mounts() (Paulo Alcantara) [RHEL-34672] - cifs: do not skip link targets when an I/O fails (Paulo Alcantara) [RHEL-34672] - cifs: fix confusing unneeded warning message on smb2.1 and earlier (Paulo Alcantara) [RHEL-34672] - smb3: fix snapshot mount option (Paulo Alcantara) [RHEL-34672] - cifs: fix workstation_name for multiuser mounts (Paulo Alcantara) [RHEL-34672] - cifs: alloc_path_with_tree_prefix: do not append sep. if the path is empty (Paulo Alcantara) [RHEL-34672] - cifs: free ntlmsspblob allocated in negotiate (Paulo Alcantara) [RHEL-34672] - cifs: avoid use of dstaddr as key for fscache client cookie (Paulo Alcantara) [RHEL-34672] - cifs: add server conn_id to fscache client cookie (Paulo Alcantara) [RHEL-34672] - cifs: fix missed refcounting of ipc tcon (Paulo Alcantara) [RHEL-34672] - smb2: clarify rc initialization in smb2_reconnect (Paulo Alcantara) [RHEL-34672] - cifs: populate server_hostname for extra channels (Paulo Alcantara) [RHEL-34672] - cifs: nosharesock should be set on new server (Paulo Alcantara) [RHEL-34672] - cifs: introduce cifs_ses_mark_for_reconnect() helper (Paulo Alcantara) [RHEL-34672] - cifs: protect srv_count with cifs_tcp_ses_lock (Paulo Alcantara) [RHEL-34672] - cifs: move debug print out of spinlock (Paulo Alcantara) [RHEL-34672] - cifs: do not duplicate fscache cookie for secondary channels (Paulo Alcantara) [RHEL-34672] - cifs: connect individual channel servers to primary channel server (Paulo Alcantara) [RHEL-34672] - cifs: protect session channel fields with chan_lock (Paulo Alcantara) [RHEL-34672] - cifs: do not negotiate session if session already exists (Paulo Alcantara) [RHEL-34672] - smb3: do not setup the fscache_super_cookie until fsinfo initialized (Paulo Alcantara) [RHEL-34672] - cifs: fix potential use-after-free bugs (Paulo Alcantara) [RHEL-34672] - cifs: release lock earlier in dequeue_mid error case (Paulo Alcantara) [RHEL-34672] - smb3: remove trivial dfs compile warning (Paulo Alcantara) [RHEL-34672] - cifs: support nested dfs links over reconnect (Paulo Alcantara) [RHEL-34672] - cifs: for compound requests, use open handle if possible (Paulo Alcantara) [RHEL-34672] - cifs: split out dfs code from cifs_reconnect() (Paulo Alcantara) [RHEL-34672] - cifs: convert list_for_each to entry variant (Paulo Alcantara) [RHEL-34672] - cifs: introduce new helper for cifs_reconnect() (Paulo Alcantara) [RHEL-34672] - cifs: fix print of hdr_flags in dfscache_proc_show() (Paulo Alcantara) [RHEL-34672] - cifs: send workstation name during ntlmssp session setup (Paulo Alcantara) [RHEL-34672] - cifs: nosharesock should not share socket with future sessions (Paulo Alcantara) [RHEL-34672] - smb3: add dynamic trace points for socket connection (Paulo Alcantara) [RHEL-34672] - cifs: Move SMB2_Create definitions to the shared area (Paulo Alcantara) [RHEL-34672] - cifs: Move more definitions into the shared area (Paulo Alcantara) [RHEL-34672] - cifs: move NEGOTIATE_PROTOCOL definitions out into the common area (Paulo Alcantara) [RHEL-34672] - cifs: Create a new shared file holding smb2 pdu definitions (Paulo Alcantara) [RHEL-34672] - cifs: fix incorrect check for null pointer in header_assemble (Paulo Alcantara) [RHEL-34672] - smb3: correct server pointer dereferencing check to be more consistent (Paulo Alcantara) [RHEL-34672] - cifs: Deal with some warnings from W=1 (Paulo Alcantara) [RHEL-34672] - cifs: fix a sign extension bug (Paulo Alcantara) [RHEL-34672] - cifs: fix incorrect kernel doc comments (Paulo Alcantara) [RHEL-34672] - cifs: remove pathname for file from SPDX header (Paulo Alcantara) [RHEL-34672] - cifs: move SMB FSCTL definitions to common code (Paulo Alcantara) [RHEL-34672] - cifs: rename cifs_common to smbfs_common (Paulo Alcantara) [RHEL-34672] - cifs: update FSCTL definitions (Paulo Alcantara) [RHEL-34672] - cifs: cifs_md4 convert to SPDX identifier (Paulo Alcantara) [RHEL-34672] - cifs: create a MD4 module and switch cifs.ko to use it (Paulo Alcantara) [RHEL-34672] - cifs: fork arc4 and create a separate module for it for cifs and other users (Paulo Alcantara) [RHEL-34672] - smb3: fix posix extensions mount option (Paulo Alcantara) [RHEL-34672] - cifs: fix wrong release in sess_alloc_buffer() failed path (Paulo Alcantara) [RHEL-34672] - CIFS: Fix a potencially linear read overflow (Paulo Alcantara) [RHEL-34672] - cifs: use the correct max-length for dentry_path_raw() (Paulo Alcantara) [RHEL-34672] - cifs: create sd context must be a multiple of 8 (Paulo Alcantara) [RHEL-34672] - cifs: do not share tcp sessions of dfs connections (Paulo Alcantara) [RHEL-34672] - cifs: added WARN_ON for all the count decrements (Paulo Alcantara) [RHEL-34672] - cifs: fix missing null session check in mount (Paulo Alcantara) [RHEL-34672] - cifs: handle reconnect of tcon when there is no cached dfs referral (Paulo Alcantara) [RHEL-34672] - cifs: fix the out of range assignment to bit fields in parse_server_interfaces (Paulo Alcantara) [RHEL-34672] - smb3: fix typo in header file (Paulo Alcantara) [RHEL-34672] - SMB3.1.1: Add support for negotiating signing algorithm (Paulo Alcantara) [RHEL-34672] - cifs: prevent NULL deref in cifs_compose_mount_options() (Paulo Alcantara) [RHEL-34672] - cifs: fix NULL dereference in smb2_check_message() (Paulo Alcantara) [RHEL-34672] - smbdirect: missing rc checks while waiting for rdma events (Paulo Alcantara) [RHEL-34672] - cifs: Avoid field over-reading memcpy() (Paulo Alcantara) [RHEL-34672] - smb311: remove dead code for non compounded posix query info (Paulo Alcantara) [RHEL-34672] - cifs: fix SMB1 error path in cifs_get_file_info_unix (Paulo Alcantara) [RHEL-34672] - smb3: fix uninitialized value for port in witness protocol move (Paulo Alcantara) [RHEL-34672] - cifs: fix unneeded null check (Paulo Alcantara) [RHEL-34672] - cifs: use SPDX-Licence-Identifier (Paulo Alcantara) [RHEL-34672] - cifs: convert list_for_each to entry variant in cifs_debug.c (Paulo Alcantara) [RHEL-34672] - cifs: convert list_for_each to entry variant in smb2misc.c (Paulo Alcantara) [RHEL-34672] - cifs: missed ref-counting smb session in find (Paulo Alcantara) [RHEL-34672] - cifs: do not share tcp servers with dfs mounts (Paulo Alcantara) [RHEL-34672] - cifs: set a minimum of 2 minutes for refreshing dfs cache (Paulo Alcantara) [RHEL-34672] - cifs: Remove unused inline function is_sysvol_or_netlogon() (Paulo Alcantara) [RHEL-34672] - cifs: remove duplicated prototype (Paulo Alcantara) [RHEL-34672] - cifs: fix ipv6 formating in cifs_ses_add_channel (Paulo Alcantara) [RHEL-34672] - cifs: fix string declarations and assignments in tracepoints (Paulo Alcantara) [RHEL-34672] - cifs: fix memory leak in smb2_copychunk_range (Paulo Alcantara) [RHEL-34672] - SMB3: incorrect file id in requests compounded with open (Paulo Alcantara) [RHEL-34672] - smb3: if max_channels set to more than one channel request multichannel (Paulo Alcantara) [RHEL-34672] - smb3: do not attempt multichannel to server which does not support it (Paulo Alcantara) [RHEL-34672] - smb3: when mounting with multichannel include it in requested capabilities (Paulo Alcantara) [RHEL-34672] - cifs: simplify SWN code with dummy funcs instead of ifdefs (Paulo Alcantara) [RHEL-34672] - cifs: log mount errors using cifs_errorf() (Paulo Alcantara) [RHEL-34672] - cifs: switch build_path_from_dentry() to using dentry_path_raw() (Paulo Alcantara) [RHEL-34672] - cifs: fix out-of-bound memory access when calling smb3_notify() at mount point (Paulo Alcantara) [RHEL-34672] - cifs: allocate buffer in the caller of build_path_from_dentry() (Paulo Alcantara) [RHEL-34672] - cifs: make build_path_from_dentry() return const char * (Paulo Alcantara) [RHEL-34672] - cifs: remove old dead code (Paulo Alcantara) [RHEL-34672] - fs: cifs: Remove repeated struct declaration (Paulo Alcantara) [RHEL-34672] - cifs: have cifs_fattr_to_inode() refuse to change type on live inode (Paulo Alcantara) [RHEL-34672] - cifs: have ->mkdir() handle race with another client sanely (Paulo Alcantara) [RHEL-34672] - do_cifs_create(): don't set ->i_mode of something we had not created (Paulo Alcantara) [RHEL-34672] - cifs: Silently ignore unknown oplock break handle (Paulo Alcantara) [RHEL-34672] - cifs: change noisy error message to FYI (Paulo Alcantara) [RHEL-34672] - cifs: print MIDs in decimal notation (Paulo Alcantara) [RHEL-34672] - cifs: minor simplification to smb2_is_network_name_deleted (Paulo Alcantara) [RHEL-34672] - TCON Reconnect during STATUS_NETWORK_NAME_DELETED (Paulo Alcantara) [RHEL-34672] - cifs: clarify hostname vs ip address in /proc/fs/cifs/DebugData (Paulo Alcantara) [RHEL-34672] - cifs: change confusing field serverName (to ip_addr) (Paulo Alcantara) [RHEL-34672] - cifs: Reformat DebugData and index connections by conn_id. (Paulo Alcantara) [RHEL-34672] - cifs: Identify a connection by a conn_id. (Paulo Alcantara) [RHEL-34672] - smb3: negotiate current dialect (SMB3.1.1) when version 3 or greater requested (Paulo Alcantara) [RHEL-34672] - smb3: Fix out-of-bounds bug in SMB2_negotiate() (Paulo Alcantara) [RHEL-34672] - fs/cifs: Simplify bool comparison. (Paulo Alcantara) [RHEL-34672] - fs/cifs: Assign boolean values to a bool variable (Paulo Alcantara) [RHEL-34672] - cifs: Avoid error pointer dereference (Paulo Alcantara) [RHEL-34672] - cifs: Re-indent cifs_swn_reconnect() (Paulo Alcantara) [RHEL-34672] - cifs: Unlock on errors in cifs_swn_reconnect() (Paulo Alcantara) [RHEL-34672] - cifs: Delete a stray unlock in cifs_swn_reconnect() (Paulo Alcantara) [RHEL-34672] - cifs: Tracepoints and logs for tracing credit changes. (Paulo Alcantara) [RHEL-34672] - cifs: Fix some error pointers handling detected by static checker (Paulo Alcantara) [RHEL-34672] - smb3: remind users that witness protocol is experimental (Paulo Alcantara) [RHEL-34672] - SMB3.1.1: do not log warning message if server doesn't populate salt (Paulo Alcantara) [RHEL-34672] - SMB3.1.1: update comments clarifying SPNEGO info in negprot response (Paulo Alcantara) [RHEL-34672] - SMB3.1.1: remove confusing mount warning when no SPNEGO info on negprot rsp (Paulo Alcantara) [RHEL-34672] - SMB3: avoid confusing warning message on mount to Azure (Paulo Alcantara) [RHEL-34672] - md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING (Nigel Croxon) [RHEL-46662] {CVE-2024-39476} - net: fix information leakage in /proc/net/ptype (Hangbin Liu) [RHEL-44000] {CVE-2022-48757} - usb: typec: ucsi: Limit read size on v1.2 (Desnes Nunes) [RHEL-37286] {CVE-2024-35924} - minmax: relax check to allow comparison between unsigned arguments and signed constants (Desnes Nunes) [RHEL-37286] - minmax: allow comparisons of 'int' against 'unsigned char/short' (Desnes Nunes) [RHEL-37286] - minmax: allow min()/max()/clamp() if the arguments have the same signedness. (Desnes Nunes) [RHEL-37286] - minmax: add umin(a, b) and umax(a, b) (Desnes Nunes) [RHEL-37286] - minmax: fix header inclusions (Desnes Nunes) [RHEL-37286] - minmax: clamp more efficiently by avoiding extra comparison (Desnes Nunes) [RHEL-37286] - minmax: sanity check constant bounds when clamping (Desnes Nunes) [RHEL-37286] - tracing: Define the is_signed_type() macro once (Desnes Nunes) [RHEL-37286] - linux/bits.h: fix compilation error with GENMASK (Desnes Nunes) [RHEL-37286] - x86/apic: Mask IOAPIC entries when disabling the local APIC (Lenny Szubowicz) [RHEL-18077] - userfaultfd: fix a race between writeprotect and exit_mmap() (Rafael Aquini) [RHEL-38410] {CVE-2021-47461} - mm: khugepaged: skip huge page collapse for special files (Waiman Long) [RHEL-38446] {CVE-2021-47491} - cachefiles: fix memory leak in cachefiles_add_cache() (Andrey Albershteyn) [RHEL-33109] {CVE-2024-26840} - drm/amd/display: Implement bounds check for stream encoder creation in DCN301 (Michel Dänzer) [RHEL-31429] {CVE-2024-26660} - net/mlx5: Discard command completions in internal error (Kamal Heib) [RHEL-44231] {CVE-2024-38555} - drm: Don't unref the same fb many times by mistake due to deadlock handling (CKI Backport Bot) [RHEL-29011] {CVE-2023-52486} - md: fix resync softlockup when bitmap size is less than array size (Nigel Croxon) [RHEL-43942] {CVE-2024-38598} - rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (Davide Caratti) [RHEL-39712] {CVE-2024-36017} - netfilter: nf_tables: discard table flag update with pending basechain deletion (Phil Sutter) [RHEL-37205] {CVE-2024-35897} - netfilter: nf_tables: reject table flag and netdev basechain updates (Phil Sutter) [RHEL-37205] - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (Ewan D. Milne) [RHEL-40172] {CVE-2024-36924} - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (Ewan D. Milne) [RHEL-40172] {CVE-2024-36952} - netfilter: nf_tables: fix memleak in map from abort path (Phil Sutter) [RHEL-35052] {CVE-2024-27011} - netfilter: nf_tables: reject new basechain after table flag update (Phil Sutter) [RHEL-37193] {CVE-2024-35900} - netfilter: nf_tables: flush pending destroy work before exit_net release (Phil Sutter) [RHEL-37197] {CVE-2024-35899} - netfilter: complete validation of user input (Phil Sutter) [RHEL-37210] - netfilter: validate user input for expected length (Phil Sutter) [RHEL-37210] {CVE-2024-35896} - netfilter: tproxy: bail out if IP has been disabled on the device (Phil Sutter) [RHEL-44363] {CVE-2024-36270} - netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() (Phil Sutter) [RHEL-44532] {CVE-2024-36286} - netfilter: nf_tables: do not compare internal table flags on updates (Phil Sutter) [RHEL-35114] {CVE-2024-27065} - netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (Phil Sutter) [RHEL-35028] {CVE-2024-27019} - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (Phil Sutter) [RHEL-35024] {CVE-2024-27020} - netfilter: nf_tables: __nft_expr_type_get() selects specific family type (Phil Sutter) [RHEL-35024] - netfilter: conntrack: serialize hash resizes and cleanups (Phil Sutter) [RHEL-37703] {CVE-2021-47408} - netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path (Phil Sutter) [RHEL-34217] {CVE-2024-26925} - netfilter: nf_tables: release batch on table validation from abort path (Phil Sutter) [RHEL-34217] - ipvlan: add ipvlan_route_v6_outbound() helper (Davide Caratti) [RHEL-38319] {CVE-2023-52796} Resolves: RHEL-18077, RHEL-28007, RHEL-28202, RHEL-29011, RHEL-29471, RHEL-31429, RHEL-31718, RHEL-31922, RHEL-33109, RHEL-33264, RHEL-34217, RHEL-34672, RHEL-34967, RHEL-34987, RHEL-35024, RHEL-35028, RHEL-35052, RHEL-35114, RHEL-35217, RHEL-36962, RHEL-37101, RHEL-37193, RHEL-37197, RHEL-37205, RHEL-37210, RHEL-37286, RHEL-37703, RHEL-37850, RHEL-38319, RHEL-38410, RHEL-38446, RHEL-39712, RHEL-39865, RHEL-40010, RHEL-40172, RHEL-41183, RHEL-43464, RHEL-43782, RHEL-43840, RHEL-43942, RHEL-44000, RHEL-44137, RHEL-44231, RHEL-44363, RHEL-44532, RHEL-46662, RHEL-46913, RHEL-48291 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
9dbacbed09 |
kernel-4.18.0-553.12.1.el8_10
* Wed Jul 10 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.12.1.el8_10] - net: bridge: xmit: make sure we have at least eth header len bytes (cki-backport-bot) [RHEL-44291] {CVE-2024-38538} - drivers/amd/pm: fix a use-after-free in kv_parse_power_table (Michel Dänzer) [RHEL-26893] {CVE-2023-52469} - SUNRPC: Fix a suspicious RCU usage warning (Scott Mayhew) [RHEL-30503] {CVE-2023-52623} - ice: Fix some null pointer dereference issues in ice_ptp.c (Petr Oros) [RHEL-26901] {CVE-2023-52471} - xfs: fix internal error from AGFL exhaustion (Pavel Reichl) [RHEL-45581] - sched/psi: Fix use-after-free in ep_remove_wait_queue() (Phil Auld) [RHEL-38117] {CVE-2023-52707} - wait: add wake_up_pollfree() (Phil Auld) [RHEL-38117] - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (Hangbin Liu) [RHEL-33269] {CVE-2024-26852} - net: bridge: switchdev: Skip MDB replays of deferred events on offload (Ivan Vecera) [RHEL-33117] {CVE-2024-26837} - ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (Pavel Reichl) [RHEL-31700] {CVE-2024-26772} - ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() (Pavel Reichl) [RHEL-31688] {CVE-2024-26773} - ext4: fix double-free of blocks due to wrong extents moved_len (Pavel Reichl) [RHEL-31612] {CVE-2024-26704} - vxlan: Pull inner IP header in vxlan_xmit_one(). (Guillaume Nault) [RHEL-31389] - geneve: Fix incorrect inner network header offset when innerprotoinherit is set (Guillaume Nault) [RHEL-31389] - vxlan: Pull inner IP header in vxlan_rcv(). (Guillaume Nault) [RHEL-31389] - geneve: fix header validation in geneve[6]_xmit_skb (Guillaume Nault) [RHEL-31389] - geneve: make sure to pull inner header in geneve_rx() (Guillaume Nault) [RHEL-31389] - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb (Guillaume Nault) [RHEL-31389] - net: geneve: check skb is large enough for IPv4/IPv6 header (Guillaume Nault) [RHEL-31389] - net/smc: fix neighbour and rtable leak in smc_ib_find_route() (Tobias Huschle) [RHEL-39744] {CVE-2024-36945} - igb: Fix string truncation warnings in igb_set_fw_version (Corinna Vinschen) [RHEL-38452] {CVE-2024-36010} - bonding: stop the device in bond_setup_by_slave() (Hangbin Liu) [RHEL-38327] {CVE-2023-52784} - i40e: fix vf may be used uninitialized in this function warning (Kamal Heib) [RHEL-39702] {CVE-2024-36020} - powerpc/64: Fix the definition of the fixmap area (Mamatha Inamdar) [RHEL-27191] {CVE-2021-47018} - powerpc/mm/hash64: Add a variable to track the end of IO mapping (Mamatha Inamdar) [RHEL-27191] {CVE-2021-47018} - nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). (Xin Long) [RHEL-39770] {CVE-2024-36933} - net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (Xin Long) [RHEL-39770] - net: core: reject skb_copy(_expand) for fraglist GSO skbs (Xin Long) [RHEL-39779] {CVE-2024-36929} - tcp: properly terminate timers for kernel sockets (Guillaume Nault) [RHEL-37171] {CVE-2024-35910} - net: relax socket state check at accept time. (Florian Westphal) [RHEL-39831] - tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (Florian Westphal) [RHEL-39831] {CVE-2024-36905} - tcp: remove redundant check on tskb (Florian Westphal) [RHEL-39831] - drm/ast: Fix soft lockup (cki-backport-bot) [RHEL-37438] {CVE-2024-35952} - null_blk: Fix return value of nullb_device_power_store() (Ming Lei) [RHEL-39341] - null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (Ming Lei) [RHEL-39341] - null_blk: fix return value from null_add_dev() (Ming Lei) [RHEL-39341] Resolves: RHEL-26893, RHEL-26901, RHEL-27191, RHEL-30503, RHEL-31389, RHEL-31612, RHEL-31688, RHEL-31700, RHEL-33117, RHEL-33269, RHEL-37171, RHEL-37438, RHEL-38117, RHEL-38327, RHEL-38452, RHEL-39341, RHEL-39702, RHEL-39744, RHEL-39770, RHEL-39779, RHEL-39831, RHEL-44291, RHEL-45581 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
d1cd9718e8 |
kernel-4.18.0-553.11.1.el8_10
* Wed Jul 03 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.11.1.el8_10] - x86/bugs: Reverse instruction order of CLEAR_CPU_BUFFERS (Waiman Long) [RHEL-42121] - Revert "x86/bugs: Use fixed addressing for VERW operand" (Waiman Long) [RHEL-42121] - KVM/x86: Export RFDS_NO and RFDS_CLEAR to guests (Waiman Long) [RHEL-42121] - x86/rfds: Mitigate Register File Data Sampling (RFDS) (Waiman Long) [RHEL-42121] - Documentation/hw-vuln: Add documentation for RFDS (Waiman Long) [RHEL-42121] - x86/mmio: Disable KVM mitigation when X86_FEATURE_CLEAR_CPU_BUF is set (Waiman Long) [RHEL-42121] - x86/bugs: Use fixed addressing for VERW operand (Waiman Long) [RHEL-42121] - KVM/VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH (Waiman Long) [RHEL-42121] - x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key (Waiman Long) [RHEL-42121] - x86/entry_32: Add VERW just before userspace transition (Waiman Long) [RHEL-42121] - x86/entry_64: Add VERW just before userspace transition (Waiman Long) [RHEL-42121] - x86/bugs: Add asm helpers for executing VERW (Waiman Long) [RHEL-42121] - x86/cpu: Fix Gracemont uarch (Waiman Long) [RHEL-42121] - Documentation/hw-vuln: Unify filename specification in index (Waiman Long) [RHEL-42121] - KVM: VMX: Access @flags as a 32-bit value in __vmx_vcpu_run() (Waiman Long) [RHEL-42121] - x86/asm: Add _ASM_RIP() macro for x86-64 (%%rip) suffix (Waiman Long) [RHEL-42121] - x86/asm: Have the __ASM_FORM macros handle commas in arguments (Waiman Long) [RHEL-42121] - x86/asm: Allow to pass macros to __ASM_FORM() (Waiman Long) [RHEL-42121] - wifi: iwlwifi: mvm: guard against invalid STA ID on removal (Jose Ignacio Tornos Martinez) [RHEL-39801] {CVE-2024-36921} - ipv6: Fix potential uninit-value access in __ip6_make_skb() (Antoine Tenart) [RHEL-39784] - ipv4: Fix uninit-value access in __ip_make_skb() (Antoine Tenart) [RHEL-39784] {CVE-2024-36927} - perf mmap: Lazily initialize zstd streams to save memory when not using it (Michael Petlan) [RHEL-34876] - perf tools: Fix spelling mistake "commpressor" -> "compressor" (Michael Petlan) [RHEL-34876] - perf record: Introduce data transferred and compressed stats (Michael Petlan) [RHEL-34876] - perf record: Introduce compressor at mmap buffer object (Michael Petlan) [RHEL-34876] - perf record: Introduce bytes written stats (Michael Petlan) [RHEL-34876] - perf record: Introduce data file at mmap buffer object (Michael Petlan) [RHEL-34876] - perf record: Start threads in the beginning of trace streaming (Alexey Bayduraev) [RHEL-34876] - perf record: Stop threads in the end of trace streaming (Michael Petlan) [RHEL-34876] - perf record: Introduce thread local variable (Michael Petlan) [RHEL-34876] - perf record: Introduce function to propagate control commands (Michael Petlan) [RHEL-34876] - perf record: Introduce thread specific data array (Michael Petlan) [RHEL-34876] - tools lib: Introduce fdarray duplicate function (Michael Petlan) [RHEL-34876] - perf record: Introduce thread affinity and mmap masks (Michael Petlan) [RHEL-34876] - gfs2: Be more careful with the quota sync generation (Andreas Gruenbacher) [RHEL-40901] - gfs2: Get rid of some unnecessary quota locking (Andreas Gruenbacher) [RHEL-40901] - gfs2: Add some missing quota locking (Andreas Gruenbacher) [RHEL-40901] - gfs2: Fold qd_fish into gfs2_quota_sync (Andreas Gruenbacher) [RHEL-40901] - gfs2: quota need_sync cleanup (Andreas Gruenbacher) [RHEL-40901] - gfs2: Fix and clean up function do_qc (Andreas Gruenbacher) [RHEL-40901] - gfs2: Revert "Add quota_change type" (Andreas Gruenbacher) [RHEL-40901] - gfs2: Revert "ignore negated quota changes" (Andreas Gruenbacher) [RHEL-40901] - gfs2: qd_check_sync cleanups (Andreas Gruenbacher) [RHEL-40901] - gfs2: Check quota consistency on mount (Andreas Gruenbacher) [RHEL-40901] - gfs2: Minor gfs2_quota_init error path cleanup (Andreas Gruenbacher) [RHEL-40901] - gfs2: fix kernel BUG in gfs2_quota_cleanup (Edward Adam Davis) [RHEL-40901] - gfs2: Clean up quota.c:print_message (Andreas Gruenbacher) [RHEL-40901] - gfs2: Clean up gfs2_alloc_parms initializers (Andreas Gruenbacher) [RHEL-40901] - gfs2: Two quota=account mode fixes (Andreas Gruenbacher) [RHEL-40901] - gfs2: Remove useless assignment (Bob Peterson) [RHEL-40901] - gfs2: simplify slot_get (Bob Peterson) [RHEL-40901] - gfs2: Simplify qd2offset (Bob Peterson) [RHEL-40901] - gfs2: Remove quota allocation info from quota file (Bob Peterson) [RHEL-40901] - gfs2: use constant for array size (Bob Peterson) [RHEL-40901] - gfs2: Set qd_sync_gen in do_sync (Bob Peterson) [RHEL-40901] - gfs2: Remove useless err set (Bob Peterson) [RHEL-40901] - gfs2: Small gfs2_quota_lock cleanup (Bob Peterson) [RHEL-40901] - gfs2: move qdsb_put and reduce redundancy (Bob Peterson) [RHEL-40901] - gfs2: Don't try to sync non-changes (Bob Peterson) [RHEL-40901] - gfs2: Simplify function need_sync (Bob Peterson) [RHEL-40901] - gfs2: remove unneeded pg_oflow variable (Bob Peterson) [RHEL-40901] - gfs2: remove unneeded variable done (Bob Peterson) [RHEL-40901] - gfs2: pass sdp to gfs2_write_buf_to_page (Bob Peterson) [RHEL-40901] - gfs2: pass sdp in to gfs2_write_disk_quota (Bob Peterson) [RHEL-40901] - gfs2: Pass sdp to gfs2_adjust_quota (Bob Peterson) [RHEL-40901] - gfs2: remove dead code for quota writes (Bob Peterson) [RHEL-40901] - gfs2: Use qd_sbd more consequently (Bob Peterson) [RHEL-40901] - gfs2: replace 'found' with dedicated list iterator variable (Jakob Koschel) [RHEL-40901] - gfs2: Some whitespace cleanups (Andreas Gruenbacher) [RHEL-40901] - gfs2: Fix gfs2_qa_get imbalance in gfs2_quota_hold (Bob Peterson) [RHEL-40901] - af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (Guillaume Nault) [RHEL-43961] {CVE-2024-38596} - af_unix: Fix data-races around sk->sk_shutdown. (Guillaume Nault) [RHEL-43961] {CVE-2024-38596} - af_unix: Fix data races around sk->sk_shutdown. (Guillaume Nault) [RHEL-43961] {CVE-2024-38596} - perf/core: Fix event sibling list locking (Daniel Vacek) [RHEL-31798] - media: bttv: fix use after free error due to btv->timeout timer (Kate Hsuan) [RHEL-38256] {CVE-2023-52847} - arp: Prevent overflow in arp_req_get(). (Antoine Tenart) [RHEL-31706] {CVE-2024-26733} - Bluetooth: btusb: Add a new PID/VID 0489/e0c8 for MT7921 (David Marlin) [RHEL-10263] - mm: swap: fix race between free_swap_and_cache() and swapoff() (Waiman Long) [RHEL-34971] {CVE-2024-26960} - swap: comments get_swap_device() with usage rule (Waiman Long) [RHEL-34971] {CVE-2024-26960} - mm/swapfile.c: __swap_entry_free() always free 1 entry (Waiman Long) [RHEL-34971] {CVE-2024-26960} - mm/swapfile.c: call free_swap_slot() in __swap_entry_free() (Waiman Long) [RHEL-34971] {CVE-2024-26960} - mm/swapfile.c: use __try_to_reclaim_swap() in free_swap_and_cache() (Waiman Long) [RHEL-34971] {CVE-2024-26960} - net: amd-xgbe: Fix skb data length underflow (Ken Cox) [RHEL-43788] {CVE-2022-48743} - ovl: fix warning in ovl_create_real() (cki-backport-bot) [RHEL-43652] {CVE-2021-47579} - net/sched: initialize noop_qdisc owner (Davide Caratti) [RHEL-35056] - net/sched: Fix mirred deadlock on device recursion (Davide Caratti) [RHEL-35056] {CVE-2024-27010} - ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() (Pavel Reichl) [RHEL-45029] {CVE-2024-39276} - ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() (Ken Cox) [RHEL-38713] {CVE-2021-47548} - ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound (Hangbin Liu) [RHEL-44396] {CVE-2024-33621} - mlxsw: spectrum_acl_tcam: Fix stack corruption (Ivan Vecera) [RHEL-26462] {CVE-2024-26586} - inet: inet_defrag: prevent sk release while still in use (Antoine Tenart) [RHEL-33398] {CVE-2024-26921} - skb_expand_head() adjust skb->truesize incorrectly (Antoine Tenart) [RHEL-33398] - nvmet: fix ns enable/disable possible hang (Ming Lei) [RHEL-43547] Resolves: RHEL-10263, RHEL-26462, RHEL-31706, RHEL-31798, RHEL-33398, RHEL-34876, RHEL-34971, RHEL-35056, RHEL-38256, RHEL-38713, RHEL-39784, RHEL-39801, RHEL-40901, RHEL-42121, RHEL-43547, RHEL-43652, RHEL-43788, RHEL-43961, RHEL-44396, RHEL-45029 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
6d43a57074 |
kernel-4.18.0-553.10.1.el8_10
* Fri Jun 28 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.10.1.el8_10] - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries (Scott Mayhew) [RHEL-38264] {CVE-2023-52803} - scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (Ewan D. Milne) [RHEL-39717] {CVE-2024-36025} - tcp: add sanity checks to rx zerocopy (Guillaume Nault) [RHEL-29494] {CVE-2024-26640} - SUNRPC: fix some memleaks in gssx_dec_option_array (Scott Mayhew) [RHEL-35209] {CVE-2024-27388} - wifi: nl80211: don't free NULL coalescing rule (Jose Ignacio Tornos Martinez) [RHEL-39752] {CVE-2024-36941} - nfs: fix UAF in direct writes (Scott Mayhew) [RHEL-34975] {CVE-2024-26958} - NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (Scott Mayhew) [RHEL-33228] {CVE-2024-26870} - drm/amd/pm: Fix error of MACO flag setting code (Michel Dänzer) [RHEL-15928] - scsi: aacraid: fix io hangs and improve performance (John Meneghini) [RHEL-23913] - block: prevent division by zero in blk_rq_stat_sum() (Ming Lei) [RHEL-37279] {CVE-2024-35925} - block: fix overflow in blk_ioctl_discard() (Ming Lei) [RHEL-39811] {CVE-2024-36917} - virtio-blk: fix implicit overflow on virtio_max_dma_size (Ming Lei) [RHEL-38131] {CVE-2023-52762} - nbd: null check for nla_nest_start (Ming Lei) [RHEL-35176] {CVE-2024-27025} - isdn: mISDN: netjet: Fix crash in nj_probe: (Ken Cox) [RHEL-38444] {CVE-2021-47284} - isdn: mISDN: Fix sleeping function called from invalid context (Ken Cox) [RHEL-38400] {CVE-2021-47468} - net/smc: avoid data corruption caused by decline (Tobias Huschle) [RHEL-38234] {CVE-2023-52775} - ubi: Check for too small LEB size in VTBL code (David Arcari) [RHEL-25092] {CVE-2024-25739} - i2c: core: Fix atomic xfer check for non-preempt config (Steve Best) [RHEL-38313] {CVE-2023-52791} - i2c: core: Run atomic i2c xfer when !preemptible (Steve Best) [RHEL-38313] {CVE-2023-52791} - firewire: ohci: mask bus reset interrupts between ISR and bottom half (Steve Best) [RHEL-39902] {CVE-2024-36950} - ipv6: init the accept_queue's spinlocks in inet6_create (Guillaume Nault) [RHEL-28899] {CVE-2024-26614} - tcp: make sure init the accept_queue's spinlocks once (Guillaume Nault) [RHEL-28899] {CVE-2024-26614} - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (Steve Best) [RHEL-39352] {CVE-2024-36016} - mlxsw: spectrum_acl_tcam: Fix incorrect list API usage (Ivan Vecera) [RHEL-37484] {CVE-2024-36006} - pwm: Fix double shift bug (Steve Best) [RHEL-38278] {CVE-2023-52756} - mmc: sdio: fix possible resource leaks in some error paths (Steve Best) [RHEL-38149] {CVE-2023-52730} - of: unittest: Fix compile in the non-dynamic case (Steve Best) [RHEL-37070] {CVE-2023-52679} - of: unittest: Fix of_count_phandle_with_args() expected value message (Steve Best) [RHEL-37070] {CVE-2023-52679} - of: Fix double free in of_parse_phandle_with_args_map (Steve Best) [RHEL-37070] {CVE-2023-52679} - pinctrl: core: delete incorrect free in pinctrl_enable() (Steve Best) [RHEL-39756] {CVE-2024-36940} - pinctrl: core: fix possible memory leak in pinctrl_enable() (Steve Best) [RHEL-39756] {CVE-2024-36940} - media: gspca: cpia1: shift-out-of-bounds in set_flicker (Desnes Nunes) [RHEL-38331] {CVE-2023-52764} - tipc: fix a possible memleak in tipc_buf_append (Xin Long) [RHEL-39881] {CVE-2024-36954} - cifs: fix mid leak during reconnection after timeout threshold (Paulo Alcantara) [RHEL-36222] - cifs: Fix use-after-free in rdata->read_into_pages() (Paulo Alcantara) [RHEL-36222] - cifs: Fix pages leak when writedata alloc failed in cifs_write_from_iter() (Paulo Alcantara) [RHEL-36222] - cifs: Fix pages array leak when writedata alloc failed in cifs_writedata_alloc() (Paulo Alcantara) [RHEL-36222] - cifs: destage dirty pages before re-reading them for cache=none (Paulo Alcantara) [RHEL-36222] - cifs: destage any unwritten data to the server before calling copychunk_write (Paulo Alcantara) [RHEL-36222] - Adjust cifssb maximum read size (Paulo Alcantara) [RHEL-36222] - cifs: make locking consistent around the server session status (Paulo Alcantara) [RHEL-36222] - cifs: fix credit accounting for extra channel (Paulo Alcantara) [RHEL-36222] - smb3: prevent races updating CurrentMid (Paulo Alcantara) [RHEL-36222] - cifs: fix missing spinlock around update to ses->status (Paulo Alcantara) [RHEL-36222] - cifs: use echo_interval even when connection not ready. (Paulo Alcantara) [RHEL-36222] - cifs: detect dead connections only when echoes are enabled. (Paulo Alcantara) [RHEL-36222] - cifs: Fix preauth hash corruption (Paulo Alcantara) [RHEL-36222] - cifs: do not send close in compound create+close requests (Paulo Alcantara) [RHEL-36222] - cifs: ask for more credit on async read/write code paths (Paulo Alcantara) [RHEL-36222] - cifs: use discard iterator to discard unneeded network data more efficiently (Paulo Alcantara) [RHEL-36222] - cifs: Fix in error types returned for out-of-credit situations. (Paulo Alcantara) [RHEL-36222] - smb3: fix crediting for compounding when only one request in flight (Paulo Alcantara) [RHEL-36222] - cifs: New optype for session operations. (Paulo Alcantara) [RHEL-36222] - mm/gup: do not return 0 from pin_user_pages_fast() for bad args (Paulo Alcantara) [RHEL-36222] - wifi: brcmfmac: pcie: handle randbuf allocation failure (Jose Ignacio Tornos Martinez) [RHEL-44124] {CVE-2024-38575} - tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). (Guillaume Nault) [RHEL-39835] {CVE-2024-36904} - wifi: mac80211: don't return unset power in ieee80211_get_tx_power() (Jose Ignacio Tornos Martinez) [RHEL-38159] {CVE-2023-52832} - wifi: ath11k: fix gtk offload status event locking (Jose Ignacio Tornos Martinez) [RHEL-38155] {CVE-2023-52777} - net: ieee802154: fix null deref in parse dev addr (Steve Best) [RHEL-38012] {CVE-2021-47257} - mm/hugetlb: fix missing hugetlb_lock for resv uncharge (Rafael Aquini) [RHEL-37465] {CVE-2024-36000} - x86/xen: Add some null pointer checking to smp.c (Vitaly Kuznetsov) [RHEL-33258] {CVE-2024-26908} - x86/xen: Fix memory leak in xen_smp_intr_init{_pv}() (Vitaly Kuznetsov) [RHEL-33258] {CVE-2024-26908} - wifi: cfg80211: check A-MSDU format more carefully (Jose Ignacio Tornos Martinez) [RHEL-37343] {CVE-2024-35937} - wifi: rtw89: fix null pointer access when abort scan (Jose Ignacio Tornos Martinez) [RHEL-37355] {CVE-2024-35946} - atl1c: Work around the DMA RX overflow issue (Ken Cox) [RHEL-38287] {CVE-2023-52834} - wifi: ath11k: decrease MHI channel buffer length to 8KB (Jose Ignacio Tornos Martinez) [RHEL-37339] {CVE-2024-35938} - wifi: iwlwifi: mvm: rfi: fix potential response leaks (Jose Ignacio Tornos Martinez) [RHEL-37163] {CVE-2024-35912} - USB: core: Fix access violation during port device removal (Desnes Nunes) [RHEL-39853] {CVE-2024-36896} - scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (Ewan D. Milne) [RHEL-37123] {CVE-2024-35930} - netfilter: nf_tables: honor table dormant flag from netdev release event path (Phil Sutter) [RHEL-37450] {CVE-2024-36005} - wifi: iwlwifi: mvm: don't set the MFP flag for the GTK (Jose Ignacio Tornos Martinez) [RHEL-36898] {CVE-2024-27434} - wifi: iwlwifi: mvm: Fix key flags for IGTK on AP interface (Jose Ignacio Tornos Martinez) [RHEL-36898] {CVE-2024-27434} - misc: lis3lv02d_i2c: Fix regulators getting en-/dis-abled twice on suspend/resume (Steve Best) [RHEL-36932] {CVE-2024-35824} Resolves: RHEL-15928, RHEL-23913, RHEL-25092, RHEL-28899, RHEL-29494, RHEL-33228, RHEL-33258, RHEL-34975, RHEL-35176, RHEL-35209, RHEL-36222, RHEL-36898, RHEL-36932, RHEL-37070, RHEL-37123, RHEL-37163, RHEL-37279, RHEL-37339, RHEL-37343, RHEL-37355, RHEL-37450, RHEL-37465, RHEL-37484, RHEL-38012, RHEL-38131, RHEL-38149, RHEL-38155, RHEL-38159, RHEL-38234, RHEL-38264, RHEL-38278, RHEL-38287, RHEL-38313, RHEL-38331, RHEL-38400, RHEL-38444, RHEL-39352, RHEL-39717, RHEL-39752, RHEL-39756, RHEL-39811, RHEL-39835, RHEL-39853, RHEL-39881, RHEL-39902, RHEL-44124 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
85bf7844fb |
kernel-4.18.0-553.9.1.el8_10
* Fri Jun 21 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.9.1.el8_10] - x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (Steve Best) [RHEL-37262] {CVE-2024-35876} - net/sched: flower: Fix chain template offload (Xin Long) [RHEL-31313] {CVE-2024-26669} - SUNRPC: fix a memleak in gss_import_v2_context (Scott Mayhew) [RHEL-35195] {CVE-2023-52653} - efivarfs: force RO when remounting if SetVariable is not supported (Pavel Reichl) [RHEL-26564] {CVE-2023-52463} - dmaengine: idxd: add a write() method for applications to submit work (Jerry Snitselaar) [RHEL-35826] {CVE-2024-21823} - dmaengine: idxd: add a new security check to deal with a hardware erratum (Jerry Snitselaar) [RHEL-35826] {CVE-2024-21823} - VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist (Jerry Snitselaar) [RHEL-35826] {CVE-2024-21823} - quota: Fix potential NULL pointer dereference (Pavel Reichl) [RHEL-33219] {CVE-2024-26878} - locking/lockdep: Fix overflow in presentation of average lock-time (Čestmír Kalina) [RHEL-17678] - blk-cgroup: Properly propagate the iostat update up the hierarchy (Ming Lei) [RHEL-40939] - proc: Use new_inode not new_inode_pseudo (Ian Kent) [RHEL-40167] - stmmac: Clear variable when destroying workqueue (Izabela Bakollari) [RHEL-31822] {CVE-2024-26802} - powerpc/pseries/memhp: Fix access beyond end of drmem array (Mamatha Inamdar) [RHEL-26495] {CVE-2023-52451} - platform/x86: wmi: Fix opening of char device (David Arcari) [RHEL-38258] {CVE-2023-52864} - Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" (Kamal Heib) [RHEL-36908] {CVE-2023-52658} - hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed (Cathy Avery) [RHEL-39074] - hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove (Cathy Avery) [RHEL-39074] - hv_netvsc: Calculate correct ring size when PAGE_SIZE is not 4 Kbytes (Cathy Avery) [RHEL-39074] - hv_netvsc: remove duplicated including of slab.h (Cathy Avery) [RHEL-39074] - hv_netvsc: rndis_filter needs to select NLS (Cathy Avery) [RHEL-39074] - hv_netvsc: Mark VF as slave before exposing it to user-mode (Cathy Avery) [RHEL-39074] - hv_netvsc: Fix race of register_netdevice_notifier and VF register (Cathy Avery) [RHEL-39074] - hv_netvsc: fix race of netvsc and VF register_netdevice (Cathy Avery) [RHEL-39074] - hv_netvsc: fix netvsc_send_completion to avoid multiple message length checks (Cathy Avery) [RHEL-39074] - hv_netvsc: Allocate rx indirection table size dynamically (Cathy Avery) [RHEL-39074] - net: hv_netvsc: Fix a warning triggered by memcpy in rndis_filter (Cathy Avery) [RHEL-39074] - gfs2: Fix lru_count accounting (Andreas Gruenbacher) [RHEL-32941] - gfs2: Fix "Make glock lru list scanning safer" (Andreas Gruenbacher) [RHEL-32941] - gfs2: Fix "ignore unlock failures after withdraw" (Andreas Gruenbacher) [RHEL-32941] - gfs2: Don't set GLF_LOCK in gfs2_dispose_glock_lru (Andreas Gruenbacher) [RHEL-32941] - gfs2: Don't forget to complete delayed withdraw (Andreas Gruenbacher) [RHEL-32941] - gfs2: Delay withdraw from atomic context (Andreas Gruenbacher) [RHEL-32941] - gfs2: trivial clean up of gfs2_ail_error (Andreas Gruenbacher) [RHEL-32941] - ext4: fix corruption during on-line resize (Carlos Maiolino) [RHEL-36974] {CVE-2024-35807} - ext4: correct offset of gdb backup in non meta_bg group to update_backups (Carlos Maiolino) [RHEL-36974] - ext4: avoid online resizing failures due to oversized flex bg (Carlos Maiolino) [RHEL-30507] {CVE-2023-52622} - ext4: use time_is_before_jiffies() instead of open coding it (Carlos Maiolino) [RHEL-30507] - ext4: unify the type of flexbg_size to unsigned int (Carlos Maiolino) [RHEL-30507] - ext4: remove unnecessary check from alloc_flex_gd() (Carlos Maiolino) [RHEL-30507] - tracing: Do no increment trace_clock_global() by one (Jerome Marchand) [RHEL-27107] {CVE-2021-46939} - tracing: Restructure trace_clock_global() to never block (Jerome Marchand) [RHEL-27107] {CVE-2021-46939} - net/sched: act_skbmod: prevent kernel-infoleak (Xin Long) [RHEL-37220] {CVE-2024-35893} - tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (Xin Long) [RHEL-38307] {CVE-2023-52845} - redhat: remove the merge subtrees script (Derek Barbosa) - redhat: rhdocs: delete .get_maintainer.conf (Derek Barbosa) - redhat: rhdocs: Remove the rhdocs directory (Derek Barbosa) - dyndbg: fix old BUG_ON in >control parser (Waiman Long) [RHEL-37111] {CVE-2024-35947} - dyndbg: let query-modname override actual module name (Waiman Long) [RHEL-37111] - dyndbg: make dyndbg a known cli param (Waiman Long) [RHEL-37111] - lan78xx: Fix exception on link speed change (Jamie Bainbridge) [RHEL-33437] - net: usb: lan78xx: don't modify phy_device state concurrently (Jamie Bainbridge) [RHEL-33437] - efi: runtime: Fix potential overflow of soft-reserved region size (Lenny Szubowicz) [RHEL-33096] {CVE-2024-26843} - perf/arm-cmn: Fail DTC counter allocation correctly (Michael Petlan) [RHEL-23841] - perf/arm-cmn: Rework DTC counters (again) (Michael Petlan) [RHEL-23841] - perf/arm-cmn: Fix DTC domain detection (Michael Petlan) [RHEL-23841] - perf/arm-cmn: Revamp model detection (Michael Petlan) [RHEL-23841] - perf/arm-cmn: Fix port detection for CMN-700 (Michael Petlan) [RHEL-23841] - perf/arm-cmn: Move overlapping wp_combine field (Michael Petlan) [RHEL-23841] - Partially revert "perf/arm-cmn: Optimise DTC counter accesses" (Michael Petlan) [RHEL-23841] - drivers/perf: Compile with gnu99 standard (Michael Petlan) [RHEL-23841] - x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (Steve Best) [RHEL-36994] {CVE-2024-35801} - watchdog: softdog: Add options 'soft_reboot_cmd' and 'soft_active_on_boot' (Waiman Long) [RHEL-19723] - tipc: fix UAF in error path (Xin Long) [RHEL-34278] {CVE-2024-36886} Resolves: RHEL-17678, RHEL-19723, RHEL-23841, RHEL-26495, RHEL-26564, RHEL-27107, RHEL-30507, RHEL-31313, RHEL-31822, RHEL-32941, RHEL-33096, RHEL-33219, RHEL-33437, RHEL-34278, RHEL-35195, RHEL-35826, RHEL-36908, RHEL-36974, RHEL-36994, RHEL-37111, RHEL-37220, RHEL-37262, RHEL-38258, RHEL-38307, RHEL-39074, RHEL-40167, RHEL-40939 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
f23a3cd900 |
kernel-4.18.0-553.8.1.el8_10
* Fri Jun 14 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.8.1.el8_10] - udf: Fix NULL pointer dereference in udf_symlink function (Pavel Reichl) [RHEL-37769] {CVE-2021-47353} - net: ti: fix UAF in tlan_remove_one (Jose Ignacio Tornos Martinez) [RHEL-38940] {CVE-2021-47310} - ARM: footbridge: fix PCI interrupt mapping (Myron Stowe) [RHEL-26971] {CVE-2021-46909} - i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (Kamal Heib) [RHEL-37454] {CVE-2024-36004} - net/mlx5e: Fix mlx5e_priv_init() cleanup flow (Kamal Heib) [RHEL-37424] {CVE-2024-35959} - net/mlx5: Properly link new fs rules into the tree (Kamal Heib) [RHEL-37420] {CVE-2024-35960} - net/mlx5e: fix a potential double-free in fs_any_create_groups (Kamal Heib) [RHEL-37091] {CVE-2023-52667} - net: ena: Fix incorrect descriptor free behavior (Kamal Heib) [RHEL-37428] {CVE-2024-35958} - mISDN: hfcpci: Fix use-after-free bug in hfcpci_softirq (Jose Ignacio Tornos Martinez) [RHEL-37763] {CVE-2021-47356} - mISDN: fix possible use-after-free in HFC_cleanup() (Jose Ignacio Tornos Martinez) [RHEL-37763] {CVE-2021-47356} - crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (Vladis Dronov) [RHEL-35106] {CVE-2024-26974} - crypto: qat - implement dh fallback for primes > 4K (Vladis Dronov) [RHEL-35106] - crypto: qat - avoid division by zero (Vladis Dronov) [RHEL-35106] - crypto: qat - resolve race condition during AER recovery (Vladis Dronov) [RHEL-35106] {CVE-2024-26974} - crypto: qat - use kcalloc_node() instead of kzalloc_node() (Vladis Dronov) [RHEL-35106] - [rt] Enable CONFIG_DRM_MGAG200_DISABLE_WRITECOMBINE (Jocelyn Falempe) [RHEL-36172] - drm/mgag200: Add an option to disable Write-Combine (Jocelyn Falempe) [RHEL-36172] - drm/mgag200: Fix caching setup for remapped video memory (Jocelyn Falempe) [RHEL-36172] - Revert "drm/mgag200: Add a workaround for low-latency" (Jocelyn Falempe) [RHEL-36172] - mptcp: fix data re-injection from stale subflow (Davide Caratti) [RHEL-33133] {CVE-2024-26826} - ipv6: sr: fix incorrect unregister order (Hangbin Liu) [RHEL-31730] - ipv6: sr: fix possible use-after-free and null-ptr-deref (Hangbin Liu) [RHEL-31730] {CVE-2024-26735} - net/bnx2x: Prevent access to a freed page in page_pool (Michal Schmidt) [RHEL-14195 RHEL-33243] {CVE-2024-26859} - bnx2x: new flag for track HW resource allocation (Michal Schmidt) [RHEL-14195 RHEL-33243] - bnx2x: fix page fault following EEH recovery (Michal Schmidt) [RHEL-14195 RHEL-33243] - x86: KVM: SVM: always update the x2avic msr interception (Maxim Levitsky) [RHEL-15495] {CVE-2023-5090} - EDAC/thunderx: Fix possible out-of-bounds string access (Aristeu Rozanski) [RHEL-26573] {CVE-2023-52464} Resolves: RHEL-14195, RHEL-15495, RHEL-26573, RHEL-26971, RHEL-31730, RHEL-33133, RHEL-33243, RHEL-35106, RHEL-36172, RHEL-37091, RHEL-37420, RHEL-37424, RHEL-37428, RHEL-37454, RHEL-37763, RHEL-37769, RHEL-38940 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
f98a3e0f69 |
kernel-4.18.0-553.7.1.el8_10
* Thu Jun 06 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.7.1.el8_10] - net: qcom/emac: fix UAF in emac_remove (Ken Cox) [RHEL-37834] {CVE-2021-47311} - perf/core: Bail out early if the request AUX area is out of bound (Michael Petlan) [RHEL-38268] {CVE-2023-52835} - crypto: pcrypt - Fix hungtask for PADATA_RESET (Herbert Xu) [RHEL-38171] {CVE-2023-52813} - drm/amdgpu: fix use-after-free bug (Jocelyn Falempe) [RHEL-31240] {CVE-2024-26656} - mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash (Ivan Vecera) [RHEL-37008] {CVE-2024-35854} - mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update (Ivan Vecera) [RHEL-37004] {CVE-2024-35855} - mlxsw: spectrum_acl_tcam: Fix memory leak during rehash (Ivan Vecera) [RHEL-37012] {CVE-2024-35853} - mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work (Ivan Vecera) [RHEL-37016] {CVE-2024-35852} - mlxsw: spectrum_acl_tcam: Fix warning during rehash (Ivan Vecera) [RHEL-37480] {CVE-2024-36007} - can: peak_pci: peak_pci_remove(): fix UAF (Jose Ignacio Tornos Martinez) [RHEL-38419] {CVE-2021-47456} - usbnet: fix error return code in usbnet_probe() (Jose Ignacio Tornos Martinez) [RHEL-38440] {CVE-2021-47495} - usbnet: sanity check for maxpacket (Jose Ignacio Tornos Martinez) [RHEL-38440] {CVE-2021-47495} - net/mlx5e: fix a double-free in arfs_create_groups (Kamal Heib) [RHEL-36920] {CVE-2024-35835} - can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds (Jose Ignacio Tornos Martinez) [RHEL-38220] {CVE-2023-52878} - net: cdc_eem: fix tx fixup skb leak (Jose Ignacio Tornos Martinez) [RHEL-38080] {CVE-2021-47236} - net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path (Jose Ignacio Tornos Martinez) [RHEL-38113] {CVE-2023-52703} - usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() (Desnes Nunes) [RHEL-38248] {CVE-2023-52877} - usb: config: fix iteration issue in 'usb_get_bos_descriptor()' (Desnes Nunes) [RHEL-38240] {CVE-2023-52781} - gro: fix ownership transfer (Xin Long) [RHEL-37226] {CVE-2024-35890} - tipc: fix kernel warning when sending SYN message (Xin Long) [RHEL-38109] {CVE-2023-52700} - erspan: make sure erspan_base_hdr is present in skb->head (Xin Long) [RHEL-37230] {CVE-2024-35888} - scsi: mpi3mr: Use proper format specifier in mpi3mr_sas_port_add() (Bryan Gurney) [RHEL-17366] - scsi: mpi3mr: Sanitise num_phys (Bryan Gurney) [RHEL-17366] - netfilter: nf_tables: use timestamp to check for set element timeout (Phil Sutter) [RHEL-38023] {CVE-2024-27397} - net/ipv6: SKB symmetric hash should incorporate transport ports (Sabrina Dubroca) [RHEL-32061] - crypto: s390/aes - Fix buffer overread in CTR mode (Herbert Xu) [RHEL-37089] {CVE-2023-52669} - net: Save and restore msg_namelen in sock_sendmsg (Jamie Bainbridge) [RHEL-35893] - net: prevent address rewrite in kernel_bind() (Jamie Bainbridge) [RHEL-35893] - net: prevent rewrite of msg_name in sock_sendmsg() (Jamie Bainbridge) [RHEL-35893] - net: replace calls to sock->ops->connect() with kernel_connect() (Jamie Bainbridge) [RHEL-35893] - net: Avoid address overwrite in kernel_connect (Jamie Bainbridge) [RHEL-35893] - wifi: iwlwifi: dbg-tlv: ensure NUL termination (Jose Ignacio Tornos Martinez) [RHEL-37026] {CVE-2024-35845} - wifi: mac80211: fix potential sta-link leak (Jose Ignacio Tornos Martinez) [RHEL-36916] {CVE-2024-35838} - wifi: nl80211: reject iftype change with mesh ID change (Jose Ignacio Tornos Martinez) [RHEL-36884] {CVE-2024-27410} - wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (Jose Ignacio Tornos Martinez) [RHEL-36807] {CVE-2024-35789} - Bluetooth: Avoid potential use-after-free in hci_error_reset (David Marlin) [RHEL-31826] {CVE-2024-26801} - tls: disable async encrypt/decrypt (Sabrina Dubroca) [RHEL-26362 RHEL-26409 RHEL-26420] {CVE-2024-26584 CVE-2024-26583 CVE-2024-26585} - Squashfs: check the inode number is not the invalid value of zero (Phillip Lougher) [RHEL-35096] {CVE-2024-26982} - ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry (Rafael Aquini) [RHEL-27782] {CVE-2021-47069} - ipc/msg.c: update and document memory barriers (Rafael Aquini) [RHEL-27782] {CVE-2021-47069} - ipc/sem.c: document and update memory barriers (Rafael Aquini) [RHEL-27782] {CVE-2021-47069} - ipc/mqueue.c: update/document memory barriers (Rafael Aquini) [RHEL-27782] {CVE-2021-47069} - ipc/mqueue.c: remove duplicated code (Rafael Aquini) [RHEL-27782] {CVE-2021-47069} - net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context (Kamal Heib) [RHEL-30582] {CVE-2023-52626} - Revert "ACPI: bus: Rework system-level device notification handling" (Prarit Bhargava) [RHEL-21486] - hwrng: core - Fix page fault dead lock on mmap-ed hwrng (Prarit Bhargava) [RHEL-29485] {CVE-2023-52615} Resolves: RHEL-17366, RHEL-21486, RHEL-26362, RHEL-26409, RHEL-26420, RHEL-27782, RHEL-29485, RHEL-30582, RHEL-31240, RHEL-31826, RHEL-32061, RHEL-35096, RHEL-35893, RHEL-36807, RHEL-36884, RHEL-36916, RHEL-36920, RHEL-37004, RHEL-37008, RHEL-37012, RHEL-37016, RHEL-37026, RHEL-37089, RHEL-37226, RHEL-37230, RHEL-37480, RHEL-37834, RHEL-38023, RHEL-38080, RHEL-38109, RHEL-38113, RHEL-38171, RHEL-38220, RHEL-38240, RHEL-38248, RHEL-38268, RHEL-38419, RHEL-38440 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
a46af5247a |
kernel-4.18.0-553.6.1.el8_10
* Wed May 29 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.6.1.el8_10] - powerpc/powernv: Add a null pointer check in opal_event_init() (Mamatha Inamdar) [RHEL-37058] {CVE-2023-52686} - crypto: rsa - add a check for allocation failure (Vladis Dronov) [RHEL-35361] - crypto: rsa - allow only odd e and restrict value in FIPS mode (Vladis Dronov) [RHEL-35361] - KEYS: use kfree_sensitive with key (Vladis Dronov) [RHEL-35361] - lib/mpi: Extend the MPI library (only mpi_*_bit() part) (Vladis Dronov) [RHEL-35361] - net: ip_tunnel: prevent perpetual headroom growth (Felix Maurer) [RHEL-31814] {CVE-2024-26804} - s390/cpum_cf: make crypto counters upward compatible across machine types (Tobias Huschle) [RHEL-36048] - RDMA/mlx5: Fix fortify source warning while accessing Eth segment (Kamal Heib) [RHEL-33162] {CVE-2024-26907} - ovl: fix leaked dentry (Miklos Szeredi) [RHEL-27306] {CVE-2021-46972} - x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault() (Rafael Aquini) [RHEL-33166] {CVE-2024-26906} - x86/mm: Move is_vsyscall_vaddr() into asm/vsyscall.h (Rafael Aquini) [RHEL-33166] {CVE-2024-26906} - x86/mm/vsyscall: Consider vsyscall page part of user address space (Rafael Aquini) [RHEL-33166] {CVE-2024-26906} - x86/mm: Add vsyscall address helper (Rafael Aquini) [RHEL-33166] {CVE-2024-26906} - mm/swap: fix race when skipping swapcache (Rafael Aquini) [RHEL-31644] {CVE-2024-26759} - swap: fix do_swap_page() race with swapoff (Rafael Aquini) [RHEL-31644] {CVE-2024-26759} - mm/swapfile: use percpu_ref to serialize against concurrent swapoff (Rafael Aquini) [RHEL-31644] {CVE-2024-26759} - mm/damon/vaddr-test: fix memory leak in damon_do_test_apply_three_regions() (Rafael Aquini) [RHEL-29294] {CVE-2023-52560} - ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr (Jiri Benc) [RHEL-29783] - block: null_blk: Fix handling of fake timeout request (Ming Lei) [RHEL-8130] - null_blk: fix poll request timeout handling (Ming Lei) [RHEL-8130] - block: null_blk: end timed out poll request (Ming Lei) [RHEL-8130] - block: null_blk: only set set->nr_maps as 3 if active poll_queues is > 0 (Ming Lei) [RHEL-8130] - null_blk: allow zero poll queues (Ming Lei) [RHEL-8130] - null_blk: Fix handling of submit_queues and poll_queues attributes (Ming Lei) [RHEL-8130] - null_blk: poll queue support (Ming Lei) [RHEL-8130] - null_blk: fix command timeout completion handling (Ming Lei) [RHEL-8130] - platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (Prarit Bhargava) [RHEL-27790] {CVE-2021-47073} - Bluetooth: avoid memcmp() out of bounds warning (David Marlin) [RHEL-3017] {CVE-2020-26555} - Bluetooth: hci_event: Fix coding style (David Marlin) [RHEL-3017] {CVE-2020-26555} - Bluetooth: hci_event: Fix using memcmp when comparing keys (David Marlin) [RHEL-3017] {CVE-2020-26555} - Bluetooth: Reject connection with the device which has same BD_ADDR (David Marlin) [RHEL-3017] {CVE-2020-26555} - Bluetooth: hci_event: Ignore NULL link key (David Marlin) [RHEL-3017] {CVE-2020-26555} - ppp_async: limit MRU to 64K (Guillaume Nault) [RHEL-31353] {CVE-2024-26675} - powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (Mamatha Inamdar) [RHEL-37078] {CVE-2023-52675} - tcp: do not accept ACK of bytes we never sent (Xin Long) [RHEL-21952] Resolves: RHEL-21952, RHEL-27306, RHEL-27790, RHEL-29294, RHEL-29783, RHEL-3017, RHEL-31353, RHEL-31644, RHEL-31814, RHEL-33162, RHEL-33166, RHEL-35361, RHEL-36048, RHEL-37058, RHEL-37078, RHEL-8130 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
e84ea13bd0 |
kernel-4.18.0-553.5.1.el8_10
* Mon May 20 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.5.1.el8_10] - tools/power/turbostat: Fix uncore frequency file string (David Arcari) [RHEL-29238] - tools/power turbostat: Expand probe_intel_uncore_frequency() (David Arcari) [RHEL-29238] - uio: Fix use-after-free in uio_open (Ricardo Robaina) [RHEL-26232] {CVE-2023-52439} - net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send (Ken Cox) [RHEL-27316] {CVE-2021-47013} - keys: Fix linking a duplicate key to a keyring's assoc_array (David Howells) [RHEL-30772] - keys: Hoist locking out of __key_link_begin() (David Howells) [RHEL-30772] - keys: Break bits out of key_unlink() (David Howells) [RHEL-30772] - keys: Change keyring_serialise_link_sem to a mutex (David Howells) [RHEL-30772] - wifi: brcm80211: handle pmk_op allocation failure (Jose Ignacio Tornos Martinez) [RHEL-35150] {CVE-2024-27048} - wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work (Jose Ignacio Tornos Martinez) [RHEL-35140] {CVE-2024-27052} - wifi: iwlwifi: mvm: ensure offloading TID queue exists (Jose Ignacio Tornos Martinez) [RHEL-35130] {CVE-2024-27056} - wifi: mt76: mt7921e: fix use-after-free in free_irq() (Jose Ignacio Tornos Martinez) [RHEL-34866] {CVE-2024-26892} - wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete (Jose Ignacio Tornos Martinez) [RHEL-34189] {CVE-2024-26897} - wifi: iwlwifi: mvm: fix a crash when we run out of stations (Jose Ignacio Tornos Martinez) [RHEL-31547] {CVE-2024-26693} - wifi: iwlwifi: fix double-free bug (Jose Ignacio Tornos Martinez) [RHEL-31543] {CVE-2024-26694} - wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() (Jose Ignacio Tornos Martinez) [RHEL-29089] {CVE-2023-52594} - wifi: rt2x00: restart beacon queue when hardware reset (Jose Ignacio Tornos Martinez) [RHEL-29093] {CVE-2023-52595} - wifi: iwlwifi: fix a memory corruption (Jose Ignacio Tornos Martinez) [RHEL-28903] {CVE-2024-26610} Resolves: RHEL-26232, RHEL-27316, RHEL-28903, RHEL-29089, RHEL-29093, RHEL-29238, RHEL-30772, RHEL-31543, RHEL-31547, RHEL-34189, RHEL-34866, RHEL-35130, RHEL-35140, RHEL-35150 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
9fc0a7e3c8 |
kernel-4.18.0-553.4.1.el8_10
* Wed May 15 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.4.1.el8_10] - cpuhotplug: Fix kABI breakage caused by CPUHP_AP_HYPERV_ONLINE (Vitaly Kuznetsov) [RHEL-36117] - net/mlx5e: Prevent deadlock while disabling aRFS (Kamal Heib) [RHEL-35041] {CVE-2024-27014} - x86/tsc: Defer marking TSC unstable to a worker (Wander Lairson Costa) [RHEL-32676] - x86/smpboot: Make TSC synchronization function call based (Wander Lairson Costa) [RHEL-32676] - net: usb: fix possible use-after-free in smsc75xx_bind (Jose Ignacio Tornos Martinez) [RHEL-30311] {CVE-2021-47171} - net: usb: fix memory leak in smsc75xx_bind (Jose Ignacio Tornos Martinez) [RHEL-30311] {CVE-2021-47171} Resolves: RHEL-30311, RHEL-32676, RHEL-35041, RHEL-36117 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
42a083e861 |
kernel-4.18.0-552.3.1.el8_10
* Sat May 11 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-552.3.1.el8_10] - netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout (Phil Sutter) [RHEL-30076] {CVE-2024-26643} - netfilter: nf_tables: disallow anonymous set with timeout flag (Phil Sutter) [RHEL-30080] {CVE-2024-26642} - selftests/bpf: Fix pyperf180 compilation failure with clang18 (Artem Savkov) [RHEL-35576] - md/raid5: fix atomicity violation in raid5_cache_count (Nigel Croxon) [RHEL-27930] {CVE-2024-23307} - usb: ulpi: Fix debugfs directory leak (Desnes Nunes) [RHEL-33287] {CVE-2024-26919} - powerpc/pseries: Fix potential memleak in papr_get_attr() (Mamatha Inamdar) [RHEL-35213] {CVE-2022-48669} - USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (Desnes Nunes) [RHEL-35122] {CVE-2024-27059} - NFSv4: fairly test all delegations on a SEQ4_ revocation (Benjamin Coddington) [RHEL-34912] - USB: core: Fix deadlock in usb_deauthorize_interface() (Desnes Nunes) [RHEL-35002] {CVE-2024-26934} - usb: xhci: Add error handling in xhci_map_urb_for_dma (Desnes Nunes) [RHEL-34958] {CVE-2024-26964} - fs: sysfs: Fix reference leak in sysfs_break_active_protection() (Ewan D. Milne) [RHEL-35076] {CVE-2024-26993} - xhci: handle isoc Babble and Buffer Overrun events properly (Desnes Nunes) [RHEL-31297] {CVE-2024-26659} - xhci: process isoc TD properly when there was a transaction error mid TD. (Desnes Nunes) [RHEL-31297] {CVE-2024-26659} - USB: core: Fix deadlock in port "disable" sysfs attribute (Desnes Nunes) [RHEL-35006] {CVE-2024-26933} - USB: core: Add hub_get() and hub_put() routines (Desnes Nunes) [RHEL-35006] {CVE-2024-26933} - netfilter: ipset: Missing gc cancellations fixed (Phil Sutter) [RHEL-30521] - netfilter: ipset: fix performance regression in swap operation (Phil Sutter) [RHEL-30521] - netfilter: ipset: Fix "INFO: rcu detected stall in hash_xxx" reports (Phil Sutter) [RHEL-30521] - netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test (Phil Sutter) [RHEL-30521] - x86/apic/x2apic: Fix a NULL pointer deref when handling a dying cpu (David Arcari) [RHEL-32516] - x86/coco: Disable 32-bit emulation by default on TDX and SEV (Vitaly Kuznetsov) [RHEL-25087] {CVE-2024-25744} - x86: Make IA32_EMULATION boot time configurable (Vitaly Kuznetsov) [RHEL-25087] {CVE-2024-25744} - x86/entry: Make IA32 syscalls' availability depend on ia32_enabled() (Vitaly Kuznetsov) [RHEL-25087] {CVE-2024-25744} - x86/elf: Make loading of 32bit processes depend on ia32_enabled() (Vitaly Kuznetsov) [RHEL-25087] {CVE-2024-25744} - x86/entry: Rename ignore_sysret() (Vitaly Kuznetsov) [RHEL-25087] {CVE-2024-25744} - x86/cpu: Don't write CSTAR MSR on Intel CPUs (Vitaly Kuznetsov) [RHEL-25087] {CVE-2024-25744} - x86: Introduce ia32_enabled() (Vitaly Kuznetsov) [RHEL-25087] {CVE-2024-25744} Resolves: RHEL-25087, RHEL-27930, RHEL-30076, RHEL-30080, RHEL-30521, RHEL-31297, RHEL-32516, RHEL-33287, RHEL-34912, RHEL-34958, RHEL-35002, RHEL-35006, RHEL-35076, RHEL-35122, RHEL-35213, RHEL-35576 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
03e89c3291 |
kernel-4.18.0-552.2.1.el8_10
* Mon May 06 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-552.2.1.el8_10] - s390/ptrace: handle setting of fpc register correctly (Tobias Huschle) [RHEL-29106] {CVE-2023-52598} - net/smc: fix illegal rmb_desc access in SMC-D connection dump (Tobias Huschle) [RHEL-27746] {CVE-2024-26615} - wifi: mac80211: fix race condition on enabling fast-xmit (Jose Ignacio Tornos Martinez) [RHEL-31664] {CVE-2024-26779} - powerpc/fadump: make is_kdump_kernel() return false when fadump is active (Mamatha Inamdar) [RHEL-24401] - vmcore: remove dependency with is_kdump_kernel() for exporting vmcore (Mamatha Inamdar) [RHEL-24401] - mtd: require write permissions for locking and badblock ioctls (Prarit Bhargava) [RHEL-27585] {CVE-2021-47055} - mtd: properly check all write ioctls for permissions (Prarit Bhargava) [RHEL-27585] {CVE-2021-47055} - pid: take a reference when initializing `cad_pid` (Waiman Long) [RHEL-29420] {CVE-2021-47118} - i2c: i801: Don't generate an interrupt on bus reset (Prarit Bhargava) [RHEL-30325] {CVE-2021-47153} - RDMA/srpt: Do not register event handler until srpt device is fully setup (Kamal Heib) [RHEL-33224] {CVE-2024-26872} - ceph: switch to corrected encoding of max_xattr_size in mdsmap (Xiubo Li) [RHEL-26723] - ceph: switch to use cap_delay_lock for the unlink delay list (Xiubo Li) [RHEL-32870] - ceph: pass ino# instead of old_dentry if it's disconnected (Xiubo Li) [RHEL-32870] - fat: fix uninitialized field in nostale filehandles (Andrey Albershteyn) [RHEL-33186 RHEL-35108] {CVE-2024-26973} - do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak (Andrey Albershteyn) [RHEL-33186] {CVE-2024-26901} - idpf: limit the support to GCP only (Michal Schmidt) [RHEL-15652] - redhat/configs: enable CONFIG_IDPF (Michal Schmidt) [RHEL-15652] - idpf: remove the use of ETHTOOL_RING_USE_TCP_DATA_SPLIT (Michal Schmidt) [RHEL-15652] - idpf: workaround for unavailable skb page recycling (Michal Schmidt) [RHEL-15652] - idpf: always allocate a full page (Michal Schmidt) [RHEL-15652] - idpf: remove page pool stats code (Michal Schmidt) [RHEL-15652] - idpf: add minimal macros for __free(kfree) to work (Michal Schmidt) [RHEL-15652] - idpf: fixup include paths for RHEL 8 (Michal Schmidt) [RHEL-15652] - idpf: fix kernel panic on unknown packet types (Michal Schmidt) [RHEL-15652] - idpf: disable local BH when scheduling napi for marker packets (Michal Schmidt) [RHEL-15652] - idpf: remove dealloc vector msg err in idpf_intr_rel (Michal Schmidt) [RHEL-15652] - idpf: fix minor controlq issues (Michal Schmidt) [RHEL-15652] - idpf: prevent deinit uninitialized virtchnl core (Michal Schmidt) [RHEL-15652] - idpf: cleanup virtchnl cruft (Michal Schmidt) [RHEL-15652] - idpf: refactor idpf_recv_mb_msg (Michal Schmidt) [RHEL-15652] - idpf: add async_handler for MAC filter messages (Michal Schmidt) [RHEL-15652] - idpf: refactor remaining virtchnl messages (Michal Schmidt) [RHEL-15652] - idpf: refactor queue related virtchnl messages (Michal Schmidt) [RHEL-15652] - idpf: refactor vport virtchnl messages (Michal Schmidt) [RHEL-15652] - idpf: implement virtchnl transaction manager (Michal Schmidt) [RHEL-15652] - idpf: add idpf_virtchnl.h (Michal Schmidt) [RHEL-15652] - idpf: avoid compiler padding in virtchnl2_ptype struct (Michal Schmidt) [RHEL-15652] - idpf: distinguish vports by the dev_port attribute (Michal Schmidt) [RHEL-15652] - idpf: avoid compiler introduced padding in virtchnl2_rss_key struct (Michal Schmidt) [RHEL-15652] - idpf: fix corrupted frames and skb leaks in singleq mode (Michal Schmidt) [RHEL-15652] - idpf: refactor some missing field get/prep conversions (Michal Schmidt) [RHEL-15652] - idpf: add get/set for Ethtool's header split ringparam (Michal Schmidt) [RHEL-15652] - idpf: fix potential use-after-free in idpf_tso() (Michal Schmidt) [RHEL-15652] - idpf: cancel mailbox work in error path (Michal Schmidt) [RHEL-15652] - idpf: set scheduling mode for completion queue (Michal Schmidt) [RHEL-15652] - idpf: add SRIOV support and other ndo_ops (Michal Schmidt) [RHEL-15652] - idpf: add ethtool callbacks (Michal Schmidt) [RHEL-15652] - idpf: add singleq start_xmit and napi poll (Michal Schmidt) [RHEL-15652] - idpf: add RX splitq napi poll support (Michal Schmidt) [RHEL-15652] - idpf: add TX splitq napi poll support (Michal Schmidt) [RHEL-15652] - idpf: add splitq start_xmit (Michal Schmidt) [RHEL-15652] - idpf: initialize interrupts and enable vport (Michal Schmidt) [RHEL-15652] - idpf: configure resources for RX queues (Michal Schmidt) [RHEL-15652] - idpf: configure resources for TX queues (Michal Schmidt) [RHEL-15652] - idpf: add ptypes and MAC filter support (Michal Schmidt) [RHEL-15652] - idpf: add create vport and netdev configuration (Michal Schmidt) [RHEL-15652] - idpf: add core init and interrupt request (Michal Schmidt) [RHEL-15652] - idpf: add controlq init and reset checks (Michal Schmidt) [RHEL-15652] - idpf: add module register and probe functionality (Michal Schmidt) [RHEL-15652] - virtchnl: add virtchnl version 2 ops (Michal Schmidt) [RHEL-15652] - net: netdev_queue: netdev_txq_completed_mb(): fix wake condition (Michal Schmidt) [RHEL-15652] - net: piggy back on the memory barrier in bql when waking queues (Michal Schmidt) [RHEL-15652] - net: provide macros for commonly copied lockless queue stop/wake code (Michal Schmidt) [RHEL-15652] Resolves: RHEL-15652, RHEL-24401, RHEL-26723, RHEL-27585, RHEL-27746, RHEL-29106, RHEL-29420, RHEL-30325, RHEL-31664, RHEL-32870, RHEL-33186, RHEL-33224, RHEL-35108 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
31bb566f0a |
kernel-4.18.0-552.1.1.el8_10
* Fri Apr 26 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-552.1.1.el8_10] - redhat: set DIST to el8_10 and ZSTREAM to yes for 8.10 (Denys Vlasenko) - tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc (Prarit Bhargava) [RHEL-32590] {CVE-2021-47185} - net: mana: Fix Rx DMA datasize and skb_over_panic (Cathy Avery) [RHEL-32579] - RDMA/srpt: Support specifying the srpt_service_guid parameter (Kamal Heib) [RHEL-31710] {CVE-2024-26744} - RDMA/qedr: Fix qedr_create_user_qp error flow (Kamal Heib) [RHEL-31714] {CVE-2024-26743} - hwmon: (coretemp) Fix out-of-bounds memory access (David Arcari) [RHEL-31305] {CVE-2024-26664} - RDMA/irdma: Fix KASAN issue with tasklet (Kamal Heib) [RHEL-15776] - net: bridge: use DEV_STATS_INC() (Ivan Vecera) [RHEL-27989] {CVE-2023-52578} - net: Fix unwanted sign extension in netdev_stats_to_stats64() (Ivan Vecera) [RHEL-27989] {CVE-2023-52578} - net: add atomic_long_t to net_device_stats fields (Ivan Vecera) [RHEL-27989] {CVE-2023-52578} - net/sched: act_ct: fix skb leak and crash on ooo frags (Xin Long) [RHEL-29467] {CVE-2023-52610} - net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg (Jose Ignacio Tornos Martinez) [RHEL-28015] {CVE-2023-52528} - RDMA/core: Fix uninit-value access in ib_get_eth_speed() (Kamal Heib) [RHEL-30130] - RDMA/core: Get IB width and speed from netdev (Kamal Heib) [RHEL-30130] - cpufreq: intel_pstate: Add Emerald Rapids support in no-HWP mode (Prarit Bhargava) [RHEL-29444] - powerpc/mm: Fix null-pointer dereference in pgtable_cache_add (Mamatha Inamdar) [RHEL-29118] {CVE-2023-52607} - powerpc/lib: Validate size for vector operations (Mamatha Inamdar) [RHEL-29114] {CVE-2023-52606} - usb: hub: Guard against accesses to uninitialized BOS descriptors (Desnes Nunes) [RHEL-28986] {CVE-2023-52477} - media: uvcvideo: Fix OOB read (Desnes Nunes) [RHEL-27940] {CVE-2023-52565} - media: pvrusb2: fix use after free on context disconnection (Desnes Nunes) [RHEL-26498] {CVE-2023-52445} - i2c: i801: Fix block process call transactions (Prarit Bhargava) [RHEL-26478] {CVE-2024-26593} - overlay: disable EVM (Coiby Xu) [RHEL-19863] - evm: add support to disable EVM on unsupported filesystems (Coiby Xu) [RHEL-19863] - evm: don't copy up 'security.evm' xattr (Coiby Xu) [RHEL-19863] - net: ena: Remove ena_select_queue (Kamal Heib) [RHEL-14286] - media: dvbdev: Fix memory leak in dvb_media_device_free() (Prarit Bhargava) [RHEL-27254] {CVE-2020-36777} - gfs2: Fix invalid metadata access in punch_hole (Andrew Price) [RHEL-28784] - i2c: Fix a potential use after free (Prarit Bhargava) [RHEL-26849] {CVE-2019-25162} - i2c: validate user data in compat ioctl (Prarit Bhargava) [RHEL-27022] {CVE-2021-46934} - platform/x86: think-lmi: Fix reference leak (Prarit Bhargava) [RHEL-28030] {CVE-2023-52520} - vhost: use kzalloc() instead of kmalloc() followed by memset() (Jon Maloy) [RHEL-21505] {CVE-2024-0340} - RDMA/siw: Fix connection failure handling (Kamal Heib) [RHEL-28042] {CVE-2023-52513} - vt: fix memory overlapping when deleting chars in the buffer (Waiman Long) [RHEL-27778 RHEL-27779] {CVE-2022-48627} - x86/fpu: Stop relying on userspace for info to fault in xsave buffer (Steve Best) [RHEL-26669] {CVE-2024-26603} - mptcp: fix double-free on socket dismantle (Davide Caratti) [RHEL-22773] {CVE-2024-26782} - crypto: akcipher - Disable signing and decryption (Herbert Xu) [RHEL-17114] {CVE-2023-6240} - crypto: akcipher - default implementations for request callbacks (Herbert Xu) [RHEL-17114] {CVE-2023-6240} - crypto: testmgr - split akcipher tests by a key type (Herbert Xu) [RHEL-17114] {CVE-2023-6240} - workqueue: Warn when a rescuer could not be created (Waiman Long) [RHEL-22136] - RDMA/cma: Avoid GID lookups on iWARP devices (Benjamin Coddington) [RHEL-12456] - RDMA/cma: Deduplicate error flow in cma_validate_port() (Benjamin Coddington) [RHEL-12456] - RDMA/core: Set gid_attr.ndev for iWARP devices (Benjamin Coddington) [RHEL-12456] - RDMA/siw: Fabricate a GID on tun and loopback devices (Benjamin Coddington) [RHEL-12456] Resolves: RHEL-12456, RHEL-14286, RHEL-15776, RHEL-17114, RHEL-19863, RHEL-21505, RHEL-22136, RHEL-22773, RHEL-26478, RHEL-26498, RHEL-26669, RHEL-26849, RHEL-27022, RHEL-27254, RHEL-27778, RHEL-27779, RHEL-27940, RHEL-27989, RHEL-28015, RHEL-28030, RHEL-28042, RHEL-28784, RHEL-28986, RHEL-29114, RHEL-29118, RHEL-29444, RHEL-29467, RHEL-30130, RHEL-31305, RHEL-31710, RHEL-31714, RHEL-32579, RHEL-32590 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
c02f304be5 |
kernel-4.18.0-552.el8
* Sun Apr 07 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-552.el8] - i40e: Enforce software interrupt during busy-poll exit (Ivan Vecera) [RHEL-26248] - i40e: Remove _t suffix from enum type names (Ivan Vecera) [RHEL-26248] Resolves: RHEL-26248 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
2956eacb25 |
kernel-4.18.0-551.el8
* Fri Apr 05 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-551.el8] - x86/sev: Harden #VC instruction emulation somewhat (Vitaly Kuznetsov) [RHEL-30040] {CVE-2024-25743 CVE-2024-25742} - i40e: Fix VF MAC filter removal (Ivan Vecera) [RHEL-22992] - i40e: Do not allow untrusted VF to remove administratively set MAC (Ivan Vecera) [RHEL-22992] Resolves: RHEL-22992, RHEL-30040 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
d70a436410 |
kernel-4.18.0-550.el8
* Sun Mar 31 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-550.el8] - mm/sparsemem: fix race in accessing memory_section->usage (Waiman Long) [RHEL-28875 RHEL-28876] {CVE-2023-52489} - mm: use __pfn_to_section() instead of open coding it (Waiman Long) [RHEL-28875] {CVE-2023-52489} Resolves: RHEL-28875, RHEL-28876 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
cb527335cb |
kernel-4.18.0-549.el8
* Thu Mar 28 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-549.el8] - dm-integrity: align the outgoing bio in integrity_recheck (Benjamin Marzinski) [RHEL-29678] - dm-integrity: fix a memory leak when rechecking the data (Benjamin Marzinski) [RHEL-29678] - RDMA/mana_ib: Add CQ interrupt support for RAW QP (Maxim Levitsky) [RHEL-23934] - RDMA/mana_ib: query device capabilities (Maxim Levitsky) [RHEL-23934] - RDMA/mana_ib: register RDMA device with GDMA (Maxim Levitsky) [RHEL-23934] - net: mana: add msix index sharing between EQs (Maxim Levitsky) [RHEL-23934] - net: mana: Fix spelling mistake "enforecement" -> "enforcement" (Maxim Levitsky) [RHEL-23934] - net :mana :Add remaining GDMA stats for MANA to ethtool (Maxim Levitsky) [RHEL-23934] - net: mana: Fix oversized sge0 for GSO packets (Maxim Levitsky) [RHEL-23934] - net: mana: Fix TX CQE error handling (Maxim Levitsky) [RHEL-23934] - net: mana: Add gdma stats to ethtool output for mana (Maxim Levitsky) [RHEL-23934] - net: mana: Fix MANA VF unload when hardware is unresponsive (Maxim Levitsky) [RHEL-23934] - net: mana: Configure hwc timeout from hardware (Maxim Levitsky) [RHEL-23934] - RDMA/mana_ib: Use v2 version of cfg_rx_steer_req to enable RX coalescing (Maxim Levitsky) [RHEL-23934] Resolves: RHEL-23934, RHEL-29678 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
aa6361212b |
kernel-4.18.0-548.el8
* Sun Mar 24 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-548.el8] - gitlab-ci: enable arm64/s390x/ppc64le debug builds (Michael Hofmann) - arm64: Add missing bits of AmpereOne Spectre-BHB mitigation (Mark Salter) [RHEL-29005] - [rt] enable CONFIG_DRM_MGAG200_IOBURST_WORKAROUND (Jocelyn Falempe) [RHEL-13214] - drm/mgag200: Add a workaround for low-latency (Jocelyn Falempe) [RHEL-13214] Resolves: RHEL-13214, RHEL-27861, RHEL-29005 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
abea27b0ac |
kernel-4.18.0-547.el8
* Tue Mar 19 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-547.el8] - x86/efistub: Avoid placing the kernel below LOAD_PHYSICAL_ADDR (Lenny Szubowicz) [RHEL-2505] - x86/efistub: Give up if memory attribute protocol returns an error (Lenny Szubowicz) [RHEL-2505] - x86/boot: Increase section and file alignment to 4k/512 (Lenny Szubowicz) [RHEL-2505] - x86/boot: Split off PE/COFF .data section (Lenny Szubowicz) [RHEL-2505] - x86/boot: Drop PE/COFF .reloc section (Lenny Szubowicz) [RHEL-2505] - x86/boot: Construct PE/COFF .text section from assembler (Lenny Szubowicz) [RHEL-2505] - x86/boot: Derive file size from _edata symbol (Lenny Szubowicz) [RHEL-2505] - x86/boot/compressed: Remove, discard, or assert for unwanted sections (Lenny Szubowicz) [RHEL-2505] - x86/boot: Check that there are no run-time relocations (Lenny Szubowicz) [RHEL-2505] - x86/boot: Discard .discard.unreachable for arch/x86/boot/compressed/vmlinux (Lenny Szubowicz) [RHEL-2505] - x86/boot: Define setup size in linker script (Lenny Szubowicz) [RHEL-2505] - x86/boot: Set EFI handover offset directly in header asm (Lenny Szubowicz) [RHEL-2505] - x86/boot: Drop references to startup_64 (Lenny Szubowicz) [RHEL-2505] - x86/boot: Drop redundant code setting the root device (Lenny Szubowicz) [RHEL-2505] - x86/build: Declutter the build output (Lenny Szubowicz) [RHEL-2505] - x86/boot: Omit compression buffer from PE/COFF image memory footprint (Lenny Szubowicz) [RHEL-2505] - x86/boot: Mark global variables as static (Lenny Szubowicz) [RHEL-2505] - efi/x86: Remove extra headroom for setup block (Lenny Szubowicz) [RHEL-2505] - x86/boot: Remove the 'bugger off' message (Lenny Szubowicz) [RHEL-2505] - x86/efi: Drop alignment flags from PE section headers (Lenny Szubowicz) [RHEL-2505] - efi: Put Linux specific magic number in the DOS header (Lenny Szubowicz) [RHEL-2505] - efi/x86: Fix the missing KASLR_FLAG bit in boot_params->hdr.loadflags (Lenny Szubowicz) [RHEL-2505] - efi/x86: Avoid physical KASLR on older Dell systems (Lenny Szubowicz) [RHEL-2505] - x86/boot: efistub: Assign global boot_params variable (Lenny Szubowicz) [RHEL-2505] - x86/boot: Rename conflicting 'boot_params' pointer to 'boot_params_ptr' (Lenny Szubowicz) [RHEL-2505] - x86/efistub: Avoid legacy decompressor when doing EFI boot (Lenny Szubowicz) [RHEL-2505] - x86/efistub: Perform SNP feature test while running in the firmware (Lenny Szubowicz) [RHEL-2505] - x86/sev: Do not try to parse for the CC blob on non-AMD hardware (Lenny Szubowicz) [RHEL-2505] - efi/libstub: Add limit argument to efi_random_alloc() (Lenny Szubowicz) [RHEL-2505] - arm64: efi: Limit allocations to 48-bit addressable physical region (Lenny Szubowicz) [RHEL-2505] - efi: libstub: use EFI_LOADER_CODE region when moving the kernel in memory (Lenny Szubowicz) [RHEL-2505] - arm64: efi: kaslr: Fix occasional random alloc (and boot) failure (Lenny Szubowicz) [RHEL-2505] - efi/libstub/random: Increase random alloc granularity (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Factor out kernel decompression and relocation (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Move global symbol references to C code (Lenny Szubowicz) [RHEL-2505] - decompress: Use 8 byte alignment (Lenny Szubowicz) [RHEL-2505] - x86/efistub: Prefer EFI memory attributes protocol over DXE services (Lenny Szubowicz) [RHEL-2505] - x86/efistub: Perform 4/5 level paging switch from the stub (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Merge trampoline cleanup with switching code (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Pass pgtable address to trampoline directly (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Only call the trampoline when changing paging levels (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Call trampoline directly from C code (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Avoid the need for a stack in the 32-bit trampoline (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Use standard calling convention for trampoline (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Call trampoline as a normal function (Lenny Szubowicz) [RHEL-2505] - x86/boot/compressed/64: Remove .bss/.pgtable from bzImage (Lenny Szubowicz) [RHEL-2505] - x86/boot: Remove run-time relocations from .head.text code (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Assign paging related global variables earlier (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Store boot_params pointer in callee save register (Lenny Szubowicz) [RHEL-2505] - x86/efistub: Clear BSS in EFI handover protocol entrypoint (Lenny Szubowicz) [RHEL-2505] - x86/head_64: Store boot_params pointer in callee save register (Lenny Szubowicz) [RHEL-2505] - x86/decompressor: Don't rely on upper 32 bits of GPRs being preserved (Lenny Szubowicz) [RHEL-2505] - x86/head/64: Switch to KERNEL_CS as soon as new GDT is installed (Lenny Szubowicz) [RHEL-2505] - efi/libstub: Add memory attribute protocol definitions (Lenny Szubowicz) [RHEL-2505] - efi/x86: libstub: remove unused variable (Lenny Szubowicz) [RHEL-2505] - x86/boot: Robustify calling startup_{32,64}() from the decompressor code (Lenny Szubowicz) [RHEL-2505] - x86/efistub: Simplify and clean up handover entry code (Lenny Szubowicz) [RHEL-2505] - x86/efistub: Branch straight to kernel entry point from C code (Lenny Szubowicz) [RHEL-2505] - efi/x86: Avoid using code32_start (Lenny Szubowicz) [RHEL-2505] - efi/libstub/x86: Use Exit() boot service to exit the stub on errors (Lenny Szubowicz) [RHEL-2505] - efi: x86: Wipe setup_data on pure EFI boot (Lenny Szubowicz) [RHEL-2505] - efi: x86: Fix config name for setting the NX-compatibility flag in the PE header (Lenny Szubowicz) [RHEL-2505] - efi: x86: Set the NX-compatibility flag in the PE header (Lenny Szubowicz) [RHEL-2505] - efi/x86: Add kernel preferred address to PE header (Lenny Szubowicz) [RHEL-2505] - efi/x86: Use symbolic constants in PE header instead of bare numbers (Lenny Szubowicz) [RHEL-2505] - efi/x86: Drop redundant .bss section (Lenny Szubowicz) [RHEL-2505] - efi/x86: add headroom to decompressor BSS to account for setup block (Lenny Szubowicz) [RHEL-2505] - x86/boot: Remove run-time relocations from head_{32,64}.S (Lenny Szubowicz) [RHEL-2505] - x86/boot/compressed: Fix debug_puthex() parameter type (Lenny Szubowicz) [RHEL-2505] - x86/boot/compressed/64: Use 32-bit (zero-extended) MOV for z_output_len (Lenny Szubowicz) [RHEL-2505] - x86/boot: Use unsigned comparison for addresses (Lenny Szubowicz) [RHEL-2505] - x86/boot: Micro-optimize GDT loading instructions (Lenny Szubowicz) [RHEL-2505] - x86/boot: GDT limit value should be size - 1 (Lenny Szubowicz) [RHEL-2505] - efi/x86: Remove GDT setup from efi_main (Lenny Szubowicz) [RHEL-2505] - x86/boot: Clear direction and interrupt flags in startup_64 (Lenny Szubowicz) [RHEL-2505] - efi/x86: Don't depend on firmware GDT layout (Lenny Szubowicz) [RHEL-2505] - x86/boot: Remove KEEP_SEGMENTS support (Lenny Szubowicz) [RHEL-2505] - x86/boot: Handle malformed SRAT tables during early ACPI parsing (Lenny Szubowicz) [RHEL-2505] - efi/libstub/x86: Use mandatory 16-byte stack alignment in mixed mode (Lenny Szubowicz) [RHEL-2505] - efi/libstub/x86: Avoid globals to store context during mixed mode calls (Lenny Szubowicz) [RHEL-2505] - x86/efistub: Disable paging at mixed mode entry (Lenny Szubowicz) [RHEL-2505] - x86: efi/random: Invoke EFI_RNG_PROTOCOL to seed the UEFI RNG table (Lenny Szubowicz) [RHEL-2505] - x86/asm: Make some functions local (Lenny Szubowicz) [RHEL-2505] - x86/boot: Annotate data appropriately (Lenny Szubowicz) [RHEL-2505] - x86/boot: Annotate local functions (Lenny Szubowicz) [RHEL-2505] - x86/asm: Make more symbols local (Lenny Szubowicz) [RHEL-2505] - x86/boot/compressed/64: Fix missing initialization in find_trampoline_placement() (Lenny Szubowicz) [RHEL-2505] - x86/boot/compressed/64: Fix boot on machines with broken E820 table (Lenny Szubowicz) [RHEL-2505] - x86, boot: Remove multiple copy of static function sanitize_boot_params() (Lenny Szubowicz) [RHEL-2505] - x86/boot/compressed/64: Remove unused variable (Lenny Szubowicz) [RHEL-2505] - x86/boot/compressed/64: Explain paging_prepare()'s return value (Lenny Szubowicz) [RHEL-2505] - x86/boot: Save several bytes in decompressor (Lenny Szubowicz) [RHEL-2505] - fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super (Audra Mitchell) [RHEL-20614] {CVE-2024-0841} - net/gve: update check for little-endianness in gve kconfig (Joshua Washington) [RHEL-29030] Resolves: RHEL-20614, RHEL-2505, RHEL-29030 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
0633b7745b |
kernel-4.18.0-546.el8
* Fri Mar 15 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-546.el8] - sched/membarrier: reduce the ability to hammer on sys_membarrier (Wander Lairson Costa) [RHEL-23430] {CVE-2024-26602} - NFS: Set the stable writes flag when initialising the super block (Benjamin Coddington) [RHEL-25266] - smb: client: fix OOB in receive_encrypted_standard() (Scott Mayhew) [RHEL-21685] {CVE-2024-0565} - scsi: core: Move scsi_host_busy() out of host lock if it is for per-command (Ming Lei) [RHEL-23942] - scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler (Ming Lei) [RHEL-23942] - gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump (Andrew Price) [RHEL-26501] {CVE-2023-52448} - smb: client: fix parsing of SMB3.1.1 POSIX create context (Paulo Alcantara) [RHEL-26241] {CVE-2023-52434} - smb: client: fix potential OOBs in smb2_parse_contexts() (Paulo Alcantara) [RHEL-26241] {CVE-2023-52434} - smb3: Replace smb2pdu 1-element arrays with flex-arrays (Jay Shin) [RHEL-22143] - cifs: Replace remaining 1-element arrays (Jay Shin) [RHEL-22143] - cifs: Convert struct fealist away from 1-element array (Jay Shin) [RHEL-22143] - cifs: remove unneeded 2bytes of padding from smb2 tree connect (Jay Shin) [RHEL-22143] - cifs: Replace zero-length arrays with flexible-array members (Jay Shin) [RHEL-22143] - cifs: Replace a couple of one-element arrays with flexible-array members (Jay Shin) [RHEL-22143] - cifs: fix FILE_BOTH_DIRECTORY_INFO definition (Jay Shin) [RHEL-22143] - nfsd: use locks_inode_context helper (Jeffrey Layton) [RHEL-27441] - nfs: use locks_inode_context helper (Jeffrey Layton) [RHEL-27441] - lockd: use locks_inode_context helper (Jeffrey Layton) [RHEL-27441] - cifs: use locks_inode_context helper (Jeffrey Layton) [RHEL-27441] - ceph: use locks_inode_context helper (Jeffrey Layton) [RHEL-27441] - filelock: add a new locks_inode_context accessor function (Jeffrey Layton) [RHEL-27441] - dm-integrity, dm-verity: reduce stack usage for recheck (Benjamin Marzinski) [RHEL-27849] - dm-crypt: recheck the integrity tag after a failure (Benjamin Marzinski) [RHEL-27849] - dm-crypt: don't modify the data when using authenticated encryption (Benjamin Marzinski) [RHEL-27849] - dm-verity: recheck the hash after a failure (Benjamin Marzinski) [RHEL-27849] - dm-integrity: recheck the integrity tag after a failure (Benjamin Marzinski) [RHEL-27849] Resolves: RHEL-21685, RHEL-22143, RHEL-23430, RHEL-23942, RHEL-25266, RHEL-26241, RHEL-26501, RHEL-27441, RHEL-27849 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
369ba532c9 |
kernel-4.18.0-545.el8
* Wed Mar 13 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-545.el8] - tracing/timerlat: Move hrtimer_init to timerlat_fd open() (John Kacur) [RHEL-26667] - tracing/perf: Fix double put of trace event when init fails (Michael Petlan) [RHEL-19537] - ipvlan: Add handling of NETDEV_UP events (Hangbin Liu) [RHEL-19098] - ceph: add ceph_cap_unlink_work to fire check_caps() immediately (Xiubo Li) [RHEL-21760] - ceph: always queue a writeback when revoking the Fb caps (Xiubo Li) [RHEL-21760] - ceph: always check dir caps asynchronously (Xiubo Li) [RHEL-21760] - nfs: fix redundant readdir request after get eof (Benjamin Coddington) [RHEL-7780] - NFSv4.1: fixup use EXCHGID4_FLAG_USE_PNFS_DS for DS server (Scott Mayhew) [RHEL-7994] - NFSv4.1: fix pnfs MDS=DS session trunking (Scott Mayhew) [RHEL-7994] - NFSv4.1: fix zero value filehandle in post open getattr (Scott Mayhew) [RHEL-7994] - NFSv4.1: use EXCHGID4_FLAG_USE_PNFS_DS for DS server (Scott Mayhew) [RHEL-7994] Resolves: RHEL-19098, RHEL-19537, RHEL-21760, RHEL-26667, RHEL-7780, RHEL-7994 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
260cea758c |
kernel-4.18.0-544.el8
* Thu Feb 22 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-544.el8] - ext4: fix kernel BUG in 'ext4_write_inline_data_end()' (Carlos Maiolino) [RHEL-23386] {CVE-2021-33631} - i2c: designware: Disable TX_EMPTY irq while waiting for block length byte (Charles Mirabile) [RHEL-24019] - scsi: smartpqi: Fix disable_managed_interrupts (Tomas Henzl) [RHEL-25747] - hwmon: (k10temp) Check range scale when CUR_TEMP register is read-write (Steve Best) [RHEL-26167] - gitlab-ci: do not show (results can be ignored) for rt pipelines (Michael Hofmann) Resolves: RHEL-23386, RHEL-24019, RHEL-25747, RHEL-26167 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
f42d553066 |
kernel-4.18.0-543.el8
* Wed Feb 21 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-543.el8] - perf symbols: Symbol lookup with kcore can fail if multiple segments match stext (Charles Mirabile) [RHEL-23760] - perf/arm-cmn: Move overlapping wp_combine field (Charles Mirabile) [RHEL-23757] - drm/amd: Fix detection of _PR3 on the PCIe root port (Michel Dänzer) [RHEL-14572] - xfs: avoid AGI->AGF->inode-buffer deadlocks (Thiago Becker) [RHEL-7914] - dm-crypt, dm-verity: disable tasklets (Benjamin Marzinski) [RHEL-22232] - dm verity: initialize fec io before freeing it (Benjamin Marzinski) [RHEL-22232] - dm-verity: don't use blocking calls from tasklets (Benjamin Marzinski) [RHEL-22232] - char: misc: Increase the maximum number of dynamic misc devices to 1048448 (Charles Mirabile) [RHEL-23758] - char: misc: remove usage of list iterator past the loop body (Charles Mirabile) [RHEL-23758] - char: misc: increase DYNAMIC_MINORS value (Charles Mirabile) [RHEL-23758] - char: misc: Move EXPORT_SYMBOL immediately next to the functions/varibles (Charles Mirabile) [RHEL-23758] - clocksource/drivers/arm_arch_timer: Force inlining of erratum_set_next_event_generic() (Mark Salter) [RHEL-19605] - clocksource/drivers/arm_arch_timer: Fix handling of ARM erratum 858921 (Mark Salter) [RHEL-19605] - clocksource/drivers/arm_arch_timer: Remove arch_timer_rate1 (Mark Salter) [RHEL-19605] - clocksource/drivers/arm_arch_timer: Fix CNTPCT_LO and CNTVCT_LO value (Mark Salter) [RHEL-19605] - clocksource/drivers/arm_arch_timer: Disable timer before programming CVAL (Mark Salter) [RHEL-19605] - clocksource/drivers/arm_arch_timer: Fix XGene-1 TVAL register math error (Mark Salter) [RHEL-19605] - clocksource/drivers/arm_arch_timer: limit XGene-1 workaround (Mark Salter) [RHEL-19605] - clocksource/drivers/arch_arm_timer: Move workaround synchronisation around (Mark Salter) [RHEL-19605] - clocksource/drivers/arm_arch_timer: Fix masking for high freq counters (Mark Salter) [RHEL-19605] - clocksource/drivers/arm_arch_timer: Drop unnecessary ISB on CVAL programming (Mark Salter) [RHEL-19605] - clocksource/drivers/arm_arch_timer: Remove any trace of the TVAL programming interface (Mark Salter) [RHEL-19605] - clocksource/drivers/arm_arch_timer: Work around broken CVAL implementations (Mark Salter) [RHEL-19605] - clocksource/drivers/arm_arch_timer: Advertise 56bit timer to the core code (Mark Salter) [RHEL-19605] - clocksource/drivers/arm_arch_timer: Move MMIO timer programming over to CVAL (Mark Salter) [RHEL-19605] - clocksource/drivers/arm_arch_timer: Fix MMIO base address vs callback ordering issue (Mark Salter) [RHEL-19605] - clocksource/drivers/arm_arch_timer: Add __ro_after_init and __init (Mark Salter) [RHEL-19605] - clocksource/drivers/arm_arch_timer: Move drop _tval from erratum function names (Mark Salter) [RHEL-19605] - clocksource/drivers/arm_arch_timer: Move system register timer programming over to CVAL (Mark Salter) [RHEL-19605] - clocksource/drivers/arm_arch_timer: Extend write side of timer register accessors to u64 (Mark Salter) [RHEL-19605] - clocksource/drivers/arm_arch_timer: Drop CNT*_TVAL read accessors (Mark Salter) [RHEL-19605] - clocksource/arm_arch_timer: Add build-time guards for unhandled register accesses (Mark Salter) [RHEL-19605] Resolves: RHEL-14572, RHEL-19605, RHEL-22232, RHEL-23757, RHEL-23758, RHEL-23760, RHEL-7914 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
80dd1f5742 |
kernel-4.18.0-542.el8
* Mon Feb 19 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-542.el8] - netfilter: nf_tables: reject QUEUE/DROP verdict parameters (Florian Westphal) [RHEL-23506] {CVE-2024-1086} - drm/virtio: Set segment size for virtio_gpu device (Sebastian Ott) [RHEL-15465] - xfs: run blockgc on freeze to avoid inode inactivation deadlock (Brian Foster) [RHEL-11344] - RDMA/irdma: Report the correct link speed (Kamal Heib) [RHEL-23967] - scsi: core: Increase max device queue_depth to 4096 (Ming Lei) [RHEL-11725] - smsc95xx: fix stalled rx after link change (Izabela Bakollari) [RHEL-22312] - ovl: remove privs in ovl_fallocate() (Miklos Szeredi) [RHEL-17933] - ovl: remove privs in ovl_copyfile() (Miklos Szeredi) [RHEL-17933] - Bluetooth: Add more enc key size check (David Marlin) [RHEL-19666] {CVE-2023-24023} - Bluetooth: Normalize HCI_OP_READ_ENC_KEY_SIZE cmdcmplt (David Marlin) [RHEL-19666] {CVE-2023-24023} - IB: Use capital "OR" for multiple licenses in SPDX (Izabela Bakollari) [RHEL-10238] - RDMA/rdmavt: Delete unnecessary NULL check (Izabela Bakollari) [RHEL-10238] - IB/rdmavt: Fix target union member for rvt_post_one_wr() (Izabela Bakollari) [RHEL-10238] - selftests/mm: cow: print ksft header before printing anything else (Nico Pache) [RHEL-5623] - selftests/mm/kugepaged: restore thp settings at exit (Nico Pache) [RHEL-5623] - selftests: line buffer test program's stdout (Nico Pache) [RHEL-5623] - selftests/kselftest/runner.sh: Pass optional command parameters in environment (Nico Pache) [RHEL-5623] - selftests/kselftest/runner/run_one(): allow running non-executable files (Nico Pache) [RHEL-5623] - selftests: allow runners to override the timeout (Nico Pache) [RHEL-5623] - selftests: mm: fix map_hugetlb failure on 64K page size systems (Nico Pache) [RHEL-5623] - redhat: Fix build for kselftests mm (Nico Pache) [RHEL-5623] - selftests: anon_cow: skip broken test (Nico Pache) [RHEL-5623] - mm/gup_test: free memory allocated via kvcalloc() using kvfree() (Nico Pache) [RHEL-5623] - selftests/mm: prevent duplicate runs caused by TEST_GEN_PROGS (Nico Pache) [RHEL-5623] - selftests: mm: add a test for mutually aligned moves > PMD size (Nico Pache) [RHEL-5623] - tools: fix ARRAY_SIZE defines in tools and selftests hdrs (Nico Pache) [RHEL-5623] - selftests: mm: fix failure case when new remap region was not found (Nico Pache) [RHEL-5623] - selftests/mm: fix WARNING comparing pointer to 0 (Nico Pache) [RHEL-5623] - selftests/mm: run all tests from run_vmtests.sh (Nico Pache) [RHEL-5623] - selftests/mm: optionally pass duration to transhuge-stress (Nico Pache) [RHEL-5623] - selftests/mm: make migration test robust to failure (Nico Pache) [RHEL-5623] - selftests/mm: va_high_addr_switch should skip unsupported arm64 configs (Nico Pache) [RHEL-5623] - selftests/mm: fix thuge-gen test bugs (Nico Pache) [RHEL-5623] - selftests/mm: skip soft-dirty tests on arm64 (Nico Pache) [RHEL-5623] - selftests/mm: add gup test matrix in run_vmtests.sh (Nico Pache) [RHEL-5623] - selftests/mm: add -a to run_vmtests.sh (Nico Pache) [RHEL-5623] - selftests/mm: give scripts execute permission (Nico Pache) [RHEL-5623] - selftests: mm: remove duplicate unneeded defines (Nico Pache) [RHEL-5623] - Documentation: kselftest: "make headers" is a prerequisite (Nico Pache) [RHEL-5623] - selftests/mm: fix build failures due to missing MADV_COLLAPSE (Nico Pache) [RHEL-5623] - selftests/mm: fix a "possibly uninitialized" warning in pkey-x86.h (Nico Pache) [RHEL-5623] - selftests/mm: .gitignore: add mkdirty, va_high_addr_switch (Nico Pache) [RHEL-5623] - selftests/mm: fix invocation of tests that are run via shell scripts (Nico Pache) [RHEL-5623] - selftests/mm: fix "warning: expression which evaluates to zero..." in mlock2-tests.c (Nico Pache) [RHEL-5623] - selftests/mm: fix unused variable warnings in hugetlb-madvise.c, migration.c (Nico Pache) [RHEL-5623] - selftests/mm: fix cross compilation with LLVM (Nico Pache) [RHEL-5623] - selftests/mm: run hugetlb testcases of va switch (Nico Pache) [RHEL-5623] - selftests/mm: configure nr_hugepages for arm64 (Nico Pache) [RHEL-5623] - selftests/mm: add platform independent in code comments (Nico Pache) [RHEL-5623] - selftests/mm: rename va_128TBswitch to va_high_addr_switch (Nico Pache) [RHEL-5623] - selftests/mm: add support for arm64 platform on va switch (Nico Pache) [RHEL-5623] - selftests/mm: use PM_* macros in vm_utils.h (Nico Pache) [RHEL-5623] - selftests/mm: merge default_huge_page_size() into one (Nico Pache) [RHEL-5623] - selftests/mm: link vm_util.c always (Nico Pache) [RHEL-5623] - selftests/mm: use TEST_GEN_PROGS where proper (Nico Pache) [RHEL-5623] - selftests/mm: merge util.h into vm_util.h (Nico Pache) [RHEL-5623] - selftests/mm: dump a summary in run_vmtests.sh (Nico Pache) [RHEL-5623] - selftests/mm: set overcommit_policy as OVERCOMMIT_ALWAYS (Nico Pache) [RHEL-5623] - selftests/mm: change NR_CHUNKS_HIGH for aarch64 (Nico Pache) [RHEL-5623] - selftests/mm: change MAP_CHUNK_SIZE (Nico Pache) [RHEL-5623] - selftests: vm: enable cross-compilation (Nico Pache) [RHEL-5623] - selftests/vm: rename selftests/vm to selftests/mm (Nico Pache) [RHEL-5623] - selftests: vm: Fix incorrect kernel headers search path (Nico Pache) [RHEL-5623] - selftests/vm: cow: fix compile warning on 32bit (Nico Pache) [RHEL-5623] - mm/gup_test: fix PIN_LONGTERM_TEST_READ with highmem (Nico Pache) [RHEL-5623] - mm/pagewalk: don't trigger test_walk() in walk_page_vma() (Nico Pache) [RHEL-5623] - selftests/vm: enable running select groups of tests (Nico Pache) [RHEL-5623] - selftests/vm: anon_cow: add R/O longterm tests via gup_test (Nico Pache) [RHEL-5623] - mm/gup_test: start/stop/read functionality for PIN LONGTERM test (Nico Pache) [RHEL-5623] - selftests/vm: anon_cow: add liburing test cases (Nico Pache) [RHEL-5623] - selftests/vm: anon_cow: hugetlb tests (Nico Pache) [RHEL-5623] - selftests/vm: anon_cow: THP tests (Nico Pache) [RHEL-5623] - selftests/vm: factor out pagemap_is_populated() into vm_util (Nico Pache) [RHEL-5623] - selftests/vm: anon_cow: test COW handling of anonymous memory (Nico Pache) [RHEL-5623] - selftests/vm: add local_config.h and local_config.mk to .gitignore (Nico Pache) [RHEL-5623] - selftest: vm: remove deleted local_config.* from .gitignore (Nico Pache) [RHEL-5623] - Kselftests: remove support of libhugetlbfs from kselftests (Nico Pache) [RHEL-5623] - selftests/vm: use top_srcdir instead of recomputing relative paths (Nico Pache) [RHEL-5623] - selftests/vm: skip 128TBswitch on unsupported arch (Nico Pache) [RHEL-5623] - selftests/vm: fix va_128TBswitch.sh permissions (Nico Pache) [RHEL-5623] - selftests/vm: add protection_keys tests to run_vmtests (Nico Pache) [RHEL-5623] - selftests/vm: only run 128TBswitch with 5-level paging (Nico Pache) [RHEL-5623] - userfaultfd: selftests: infinite loop in faulting_process (Nico Pache) [RHEL-5623] - userfaultfd/selftests: Fix typo in comment (Nico Pache) [RHEL-5623] - selftests: vm: Fix resource leak when return error (Nico Pache) [RHEL-5623] - selftests: vm: add the "settings" file with timeout variable (Nico Pache) [RHEL-5623] - selftests: vm: add "test_hmm.sh" to TEST_FILES (Nico Pache) [RHEL-5623] - selftests: vm: check numa_available() before operating "merge_across_nodes" in ksm_tests (Nico Pache) [RHEL-5623] - selftests: vm: add migration to the .gitignore (Nico Pache) [RHEL-5623] - selftests/vm/pkeys: fix typo in comment (Nico Pache) [RHEL-5623] - userfaultfd/selftests: use swap() instead of open coding it (Nico Pache) [RHEL-5623] - selftests: vm: fix shellcheck warnings in run_vmtests.sh (Nico Pache) [RHEL-5623] - selftests: vm: refactor run_vmtests.sh to reduce boilerplate (Nico Pache) [RHEL-5623] - selftests: vm: add test for Soft-Dirty PTE bit (Nico Pache) [RHEL-5623] - selftests: vm: bring common functions to a new file (Nico Pache) [RHEL-5623] - mm: add selftests for migration entries (Nico Pache) [RHEL-5623] - selftest/vm: add skip support to mremap_test (Nico Pache) [RHEL-5623] - selftest/vm: support xfail in mremap_test (Nico Pache) [RHEL-5623] - selftest/vm: verify remap destination address in mremap_test (Nico Pache) [RHEL-5623] - selftest/vm: verify mmap addr in mremap_test (Nico Pache) [RHEL-5623] - selftests: kselftest framework: provide "finished" helper (Nico Pache) [RHEL-5623] - selftest/vm: add helpers to detect PAGE_SIZE and PAGE_SHIFT (Nico Pache) [RHEL-5623] - selftest/vm: add util.h and and move helper functions there (Nico Pache) [RHEL-5623] - selftests: vm: remove dependecy from internal kernel macros (Nico Pache) [RHEL-5623] - selftests: vm: Add the uapi headers include variable (Nico Pache) [RHEL-5623] - selftests/vm/transhuge-stress: Support file-backed PMD folios (Nico Pache) [RHEL-5623] - selftests, x86: fix how check_cc.sh is being invoked (Nico Pache) [RHEL-5623] - selftests: vm: fix clang build error multiple output files (Nico Pache) [RHEL-5623] - kselftest/vm: fix tests build with old libc (Nico Pache) [RHEL-5623] - selftest/vm: fix map_fixed_noreplace test failure (Nico Pache) [RHEL-5623] - kselftest/vm: revert "tools/testing/selftests/vm/userfaultfd.c: use swap() to make code cleaner" (Nico Pache) [RHEL-5623] - selftests/vm: make charge_reserved_hugetlb.sh work with existing cgroup setting (Nico Pache) [RHEL-5623] - tools/testing/selftests/vm/userfaultfd.c: use swap() to make code cleaner (Nico Pache) [RHEL-5623] - selftests/vm: remove ARRAY_SIZE define from individual tests (Nico Pache) [RHEL-5623] - selftests: vm: add KSM huge pages merging time test (Nico Pache) [RHEL-5623] - selftest/vm: fix ksm selftest to run with different NUMA topologies (Nico Pache) [RHEL-5623] - selftests/vm/transhuge-stress: fix ram size thinko (Nico Pache) [RHEL-5623] - selftests: vm: add COW time test for KSM pages (Nico Pache) [RHEL-5623] - selftests: vm: add KSM merging time test (Nico Pache) [RHEL-5623] - mm: KSM: fix data type (Nico Pache) [RHEL-5623] - selftests: vm: add KSM merging across nodes test (Nico Pache) [RHEL-5623] - selftests: vm: add KSM zero page merging test (Nico Pache) [RHEL-5623] - selftests: vm: add KSM unmerge test (Nico Pache) [RHEL-5623] - selftests: vm: add KSM merge test (Nico Pache) [RHEL-5623] - selftests: Fix spelling mistake "cann't" -> "cannot" (Nico Pache) [RHEL-5623] - selftests/vm: use kselftest skip code for skipped tests (Nico Pache) [RHEL-5623] - selftest/mremap_test: avoid crash with static build (Nico Pache) [RHEL-5623] - selftest/mremap_test: update the test to handle pagesize other than 4K (Nico Pache) [RHEL-5623] - selftests/vm/pkeys: exercise x86 XSAVE init state (Nico Pache) [RHEL-5623] - selftests/vm/pkeys: refill shadow register after implicit kernel write (Nico Pache) [RHEL-5623] - selftests/vm/pkeys: handle negative sys_pkey_alloc() return code (Nico Pache) [RHEL-5623] - vm/test_vmalloc.sh: adapt for updated driver interface (Nico Pache) [RHEL-5623] - tool: selftests: fix spelling typo of 'writting' (Nico Pache) [RHEL-5623] - userfaultfd/selftests: hint the test runner on required privilege (Nico Pache) [RHEL-5623] - userfaultfd/selftests: fix retval check for userfaultfd_open() (Nico Pache) [RHEL-5623] - userfaultfd/selftests: always dump something in modes (Nico Pache) [RHEL-5623] - userfaultfd: selftests: make __{s,u}64 format specifiers portable (Nico Pache) [RHEL-5623] - tools: Avoid comma separated statements (Nico Pache) [RHEL-5623] - kselftests: vm: add mremap tests (Nico Pache) [RHEL-5623] - Revert "selftests/vm: enable running select groups of tests" (Nico Pache) [RHEL-5623] Resolves: RHEL-10238, RHEL-11344, RHEL-11725, RHEL-15465, RHEL-17933, RHEL-19666, RHEL-22312, RHEL-23506, RHEL-23967, RHEL-5623 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
1fe7d71c7a |
kernel-4.18.0-541.el8
* Fri Feb 16 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-541.el8] - cgroup/rstat: Optimize cgroup_rstat_updated_list() (Waiman Long) [RHEL-18154] - cgroup/rstat: Reduce cpu_lock hold time in cgroup_rstat_flush_locked() (Waiman Long) [RHEL-18154] - cgroup: use irqsave in cgroup_rstat_flush_locked(). (Waiman Long) [RHEL-18154] - cgroup: fix spelling mistakes (Waiman Long) [RHEL-18154] - s390/ipl: add missing intersection check to ipl_report handling (Tobias Huschle) [RHEL-24612] - drm/amdgpu: Fix potential fence use-after-free v2 (Michel Dänzer) [RHEL-22504] {CVE-2023-51042} - sched/fair: Don't balance task to its current running CPU (Luis Claudio R. Goncalves) [RHEL-8854] - md: partially revert "md/raid6: use valid sector values to determine if an I/O should wait on the reshape" (Benjamin Marzinski) [RHEL-24518] - blk-mq: fix IO hang from sbitmap wakeup race (Ming Lei) [RHEL-21289] - sfc: introduce shutdown entry point in efx pci driver (Izabela Bakollari) [RHEL-11016] - KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache (Sebastian Ott) [RHEL-5178] - efi: libstub: ensure allocated memory to be executable (Lenny Szubowicz) [RHEL-24852] - efi: libstub: declare DXE services table (Lenny Szubowicz) [RHEL-24852] - efi/libstub/x86: Avoid overflowing code32_start on PE entry (Lenny Szubowicz) [RHEL-24852] - RDMA/efa: Fix wrong resources deallocation order (Izabela Bakollari) [RHEL-18229] - RDMA/efa: Add RDMA write HW statistics counters (Izabela Bakollari) [RHEL-18229] - RDMA/efa: Fix unsupported page sizes in device (Izabela Bakollari) [RHEL-18229] - RDMA/efa: Add rdma write capability to device caps (Izabela Bakollari) [RHEL-18229] - RDMA/efa: Add data polling capability feature bit (Izabela Bakollari) [RHEL-18229] - APEI: GHES: correctly return NULL for ghes_get_devices() (Aristeu Rozanski) [RHEL-1603] - EDAC/ghes: Make ghes_edac a proper module (Aristeu Rozanski) [RHEL-1603] - EDAC/ghes: Prepare to make ghes_edac a proper module (Aristeu Rozanski) [RHEL-1603] - EDAC/ghes: Add a notifier for reporting memory errors (Aristeu Rozanski) [RHEL-1603] - efi/cper: Export several helpers for ghes_edac to use (Aristeu Rozanski) [RHEL-1603] - ACPI: APEI: rename ghes_init() with an "acpi_" prefix (Aristeu Rozanski) [RHEL-1603] - ACPI: APEI: explicit init of HEST and GHES in apci_init() (Aristeu Rozanski) [RHEL-1603] - EDAC/ghes: Clear scanned data on unload (Aristeu Rozanski) [RHEL-1603] - EDAC/ghes: Fix NULL pointer dereference in ghes_edac_register() (Aristeu Rozanski) [RHEL-1603] - EDAC/ghes: Scan the system once on driver init (Aristeu Rozanski) [RHEL-1603] - EDAC/ghes: Remove unused members of struct ghes_edac_pvt, rename it to ghes_pvt (Aristeu Rozanski) [RHEL-1603] - EDAC: Introduce an mci_for_each_dimm() iterator (Aristeu Rozanski) [RHEL-1603] - EDAC: Remove EDAC_DIMM_OFF() macro (Aristeu Rozanski) [RHEL-1603] - r8169: add handling DASH when DASH is disabled (Izabela Bakollari) [RHEL-6505] - r8169: remove rtl_wol_shutdown_quirk() (Izabela Bakollari) [RHEL-6505] - r8169: improve driver unload and system shutdown behavior on DASH-enabled systems (Izabela Bakollari) [RHEL-6505] - r8169: fix dmar pte write access is not set error (Izabela Bakollari) [RHEL-6505] - r8169: move rtl_wol_enable_rx() and rtl_prepare_power_down() (Izabela Bakollari) [RHEL-6505] - r8169: prevent potential deadlock in rtl8169_close (Izabela Bakollari) [RHEL-6505] - r8169: fix deadlock on RTL8125 in jumbo mtu mode (Izabela Bakollari) [RHEL-6505] - r8169: fix network lost after resume on DASH systems (Izabela Bakollari) [RHEL-6505] - r8169: respect userspace disabling IFF_MULTICAST (Izabela Bakollari) [RHEL-6505] - r8169: fix the KCSAN reported data race in rtl_rx while reading desc->opts1 (Izabela Bakollari) [RHEL-6505] - r8169: fix the KCSAN reported data-race in rtl_tx while reading TxDescArray[entry].opts1 (Izabela Bakollari) [RHEL-6505] - r8169: fix the KCSAN reported data-race in rtl_tx() while reading tp->cur_tx (Izabela Bakollari) [RHEL-6505] - r8169: fix rare issue with broken rx after link-down on RTL8125 (Izabela Bakollari) [RHEL-6505] - r8169: check for PCI read error in probe (Izabela Bakollari) [RHEL-6505] - r8169: fix RTL8168H and RTL8107E rx crc error (Izabela Bakollari) [RHEL-6505] - r8169: reset bus if NIC isn't accessible after tx timeout (Izabela Bakollari) [RHEL-6505] - r8169: disable ASPM in case of tx timeout (Izabela Bakollari) [RHEL-6505] - r8169: use tp_to_dev instead of open code (Izabela Bakollari) [RHEL-6505] - r8169: add rtl_disable_rxdvgate() (Izabela Bakollari) [RHEL-6505] - r8169: remove not needed net_ratelimit() check (Izabela Bakollari) [RHEL-6505] - r8169: remove useless PCI region size check (Izabela Bakollari) [RHEL-6505] - Bluetooth: hci_sync: Fix not processing all entries on cmd_sync_work (David Marlin) [RHEL-23781] - Bluetooth: hci_core: Fix unbalanced unlock in set_device_flags() (David Marlin) [RHEL-23781] - Bluetooth: Fix not checking MGMT cmd pending queue (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Fix not using conn_timeout (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Fix hci_update_accept_list_sync (David Marlin) [RHEL-23781] - Bluetooth: assign len after null check (David Marlin) [RHEL-23781] - Bluetooth: Fix bt_skb_sendmmsg not allocating partial chunks (David Marlin) [RHEL-23781] - Bluetooth: fix data races in smp_unregister(), smp_del_chan() (David Marlin) [RHEL-23781] - Bluetooth: hci_core: Fix leaking sent_cmd skb (David Marlin) [RHEL-23781] - Bluetooth: hci_sock: fix endian bug in hci_sock_setsockopt() (David Marlin) [RHEL-23781] - Bluetooth: L2CAP: uninitialized variables in l2cap_sock_setsockopt() (David Marlin) [RHEL-23781] - Bluetooth: btqca: sequential validation (David Marlin) [RHEL-23781] - Bluetooth: hci_event: Rework hci_inquiry_result_with_rssi_evt (David Marlin) [RHEL-23781] - Bluetooth: btbcm: disable read tx power for MacBook Air 8,1 and 8,2 (David Marlin) [RHEL-23781] - Bluetooth: hci_qca: Fix NULL vs IS_ERR_OR_NULL check in qca_serdev_probe (David Marlin) [RHEL-23781] - Bluetooth: hci_bcm: Check for error irq (David Marlin) [RHEL-23781] - Bluetooth: MGMT: Fix spelling mistake "simultanous" -> "simultaneous" (David Marlin) [RHEL-23781] - Bluetooth: vhci: Set HCI_QUIRK_VALID_LE_STATES (David Marlin) [RHEL-23781] - Bluetooth: MGMT: Fix LE simultaneous roles UUID if not supported (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Add check simultaneous roles support (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Wait for proper events when connecting LE (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Add support for waiting specific LE subevents (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Add hci_le_create_conn_sync (David Marlin) [RHEL-23781] - Bluetooth: hci_event: Use skb_pull_data when processing inquiry results (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Push sync command cancellation to workqueue (David Marlin) [RHEL-23781] - Bluetooth: hci_qca: Stop IBS timer during BT OFF (David Marlin) [RHEL-23781] - Bluetooth: btintel: Add missing quirks and msft ext for legacy bootloader (David Marlin) [RHEL-23781] - Bluetooth: L2CAP: Fix using wrong mode (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Fix not always pausing advertising when necessary (David Marlin) [RHEL-23781] - Bluetooth: mgmt: Make use of mgmt_send_event_skb in MGMT_EV_DEVICE_CONNECTED (David Marlin) [RHEL-23781] - Bluetooth: mgmt: Make use of mgmt_send_event_skb in MGMT_EV_DEVICE_FOUND (David Marlin) [RHEL-23781] - Bluetooth: mgmt: Introduce mgmt_alloc_skb and mgmt_send_event_skb (David Marlin) [RHEL-23781] - Bluetooth: btusb: Return error code when getting patch status failed (David Marlin) [RHEL-23781] - Bluetooth: btusb: Handle download_firmware failure cases (David Marlin) [RHEL-23781] - Bluetooth: msft: Fix compilation when CONFIG_BT_MSFTEXT is not set (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Set Privacy Mode when updating the resolving list (David Marlin) [RHEL-23781] - Bluetooth: Introduce HCI_CONN_FLAG_DEVICE_PRIVACY device flag (David Marlin) [RHEL-23781] - Bluetooth: btusb: Add support for queuing during polling interval (David Marlin) [RHEL-23781] - Bluetooth: hci_core: Rework hci_conn_params flags (David Marlin) [RHEL-23781] - Bluetooth: MGMT: Use hci_dev_test_and_{set,clear}_flag (David Marlin) [RHEL-23781] - Bluetooth: btbcm: disable read tx power for some Macs with the T2 Security chip (David Marlin) [RHEL-23781] - Bluetooth: add quirk disabling LE Read Transmit Power (David Marlin) [RHEL-23781] - Bluetooth: hci_event: Use of a function table to handle Command Status (David Marlin) [RHEL-23781] - Bluetooth: hci_event: Use of a function table to handle Command Complete (David Marlin) [RHEL-23781] - Bluetooth: hci_event: Use of a function table to handle LE subevents (David Marlin) [RHEL-23781] - Bluetooth: hci_event: Use of a function table to handle HCI events (David Marlin) [RHEL-23781] - Bluetooth: HCI: Use skb_pull_data to parse LE Direct Advertising Report event (David Marlin) [RHEL-23781] - Bluetooth: HCI: Use skb_pull_data to parse LE Ext Advertising Report event (David Marlin) [RHEL-23781] - Bluetooth: HCI: Use skb_pull_data to parse LE Advertising Report event (David Marlin) [RHEL-23781] - Bluetooth: HCI: Use skb_pull_data to parse LE Metaevents (David Marlin) [RHEL-23781] - Bluetooth: HCI: Use skb_pull_data to parse Extended Inquiry Result event (David Marlin) [RHEL-23781] - Bluetooth: HCI: Use skb_pull_data to parse Inquiry Result with RSSI event (David Marlin) [RHEL-23781] - Bluetooth: HCI: Use skb_pull_data to parse Inquiry Result event (David Marlin) [RHEL-23781] - Bluetooth: HCI: Use skb_pull_data to parse Number of Complete Packets event (David Marlin) [RHEL-23781] - Bluetooth: HCI: Use skb_pull_data to parse Command Complete event (David Marlin) [RHEL-23781] - Bluetooth: HCI: Use skb_pull_data to parse BR/EDR events (David Marlin) [RHEL-23781] - Bluetooth: btusb: Cancel sync commands for certain URB errors (David Marlin) [RHEL-23781] - Bluetooth: hci_core: Cancel sync command if sending a frame failed (David Marlin) [RHEL-23781] - Bluetooth: Add hci_cmd_sync_cancel to public API (David Marlin) [RHEL-23781] - Bluetooth: Reset more state when cancelling a sync command (David Marlin) [RHEL-23781] - Bluetooth: Limit duration of Remote Name Resolve (David Marlin) [RHEL-23781] - Bluetooth: Send device found event on name resolve failure (David Marlin) [RHEL-23781] - Bluetooth: HCI: Fix definition of hci_rp_delete_stored_link_key (David Marlin) [RHEL-23781] - Bluetooth: HCI: Fix definition of hci_rp_read_stored_link_key (David Marlin) [RHEL-23781] - Bluetooth: refactor malicious adv data check (David Marlin) [RHEL-23781] - Bluetooth: btusb: Add one more Bluetooth part for the Realtek RTL8852AE (David Marlin) [RHEL-23781] - Bluetooth: btusb: enable Mediatek to support AOSP extension (David Marlin) [RHEL-23781] - Bluetooth: Attempt to clear HCI_LE_ADV on adv set terminated error event (David Marlin) [RHEL-23781] - Bluetooth: Ignore HCI_ERROR_CANCELLED_BY_HOST on adv set terminated event (David Marlin) [RHEL-23781] - Bluetooth: hci_request: Remove bg_scan_update work (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Convert MGMT_OP_SET_CONNECTABLE to use cmd_sync (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Convert MGMT_OP_SET_DISCOVERABLE to use cmd_sync (David Marlin) [RHEL-23781] - Bluetooth: btmrvl_main: repair a non-kernel-doc comment (David Marlin) [RHEL-23781] - Bluetooth: Don't initialize msft/aosp when using user channel (David Marlin) [RHEL-23781] - Bluetooth: fix uninitialized variables notify_evt (David Marlin) [RHEL-23781] - Bluetooth: stop proccessing malicious adv data (David Marlin) [RHEL-23781] - Bluetooth: hci_h4: Fix padding calculation error within h4_recv_buf() (David Marlin) [RHEL-23781] - Bluetooth: aosp: Support AOSP Bluetooth Quality Report (David Marlin) [RHEL-23781] - Bluetooth: Add struct of reading AOSP vendor capabilities (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Fix not setting adv set duration (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Fix missing static warnings (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Rework hci_suspend_notifier (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Rework init stages (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Convert MGMT_OP_SSP (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Convert adv_expire (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Convert MGMT_OP_SET_ADVERTISING (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Convert MGMT_OP_SET_PHY_CONFIGURATION (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Convert MGMT_OP_SET_LOCAL_NAME (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Convert MGMT_OP_READ_LOCAL_OOB_EXT_DATA (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Convert MGMT_OP_READ_LOCAL_OOB_DATA (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Convert MGMT_OP_SET_LE (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Convert MGMT_OP_GET_CLOCK_INFO (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Convert MGMT_OP_SET_SECURE_CONN (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Convert MGMT_OP_GET_CONN_INFO (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Enable synch'd set_bredr (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Convert MGMT_OP_SET_FAST_CONNECTABLE (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Convert MGMT_OP_START_DISCOVERY (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Convert MGMT_SET_POWERED (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Rework background scan (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Enable advertising when LL privacy is enabled (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Make use of hci_cmd_sync_queue set 3 (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Make use of hci_cmd_sync_queue set 2 (David Marlin) [RHEL-23781] - Bluetooth: hci_sync: Make use of hci_cmd_sync_queue set 1 (David Marlin) [RHEL-23781] - Bluetooth: Add helper for serialized HCI command execution (David Marlin) [RHEL-23781] - Bluetooth: Fix removing adv when processing cmd complete (David Marlin) [RHEL-23781] - Bluetooth: hci_bcm: Remove duplicated entry in OF table (David Marlin) [RHEL-23781] - Bluetooth: bfusb: fix division by zero in send path (David Marlin) [RHEL-23781] - Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails (David Marlin) [RHEL-23781] - Bluetooth: vhci: Fix checking of msft_opcode (David Marlin) [RHEL-23781] - Bluetooth: btsdio: Do not bind to non-removable BCM4345 and BCM43455 (David Marlin) [RHEL-23781] - Bluetooth: vhci: Add support for setting msft_opcode and aosp_capable (David Marlin) [RHEL-23781] - Bluetooth: btusb: fix memory leak in btusb_mtk_submit_wmt_recv_urb() (David Marlin) [RHEL-23781] - Bluetooth: Fix memory leak of hci device (David Marlin) [RHEL-23781] - Bluetooth: btintel: Fix bdaddress comparison with garbage value (David Marlin) [RHEL-23781] - Bluetooth: Fix debugfs entry leak in hci_register_dev() (David Marlin) [RHEL-23781] - Bluetooth: L2CAP: Fix not initializing sk_peer_pid (David Marlin) [RHEL-23781] - Bluetooth: hci_sock: purge socket queues in the destruct() callback (David Marlin) [RHEL-23781] - Bluetooth: mgmt: Fix Experimental Feature Changed event (David Marlin) [RHEL-23781] - Bluetooth: hci_vhci: Fix to set the force_wakeup value (David Marlin) [RHEL-23781] - Bluetooth: Read codec capabilities only if supported (David Marlin) [RHEL-23781] - Bluetooth: Fix handling of SUSPEND_DISCONNECTING (David Marlin) [RHEL-23781] - Bluetooth: hci_vhci: Fix calling hci_{suspend,resume}_dev (David Marlin) [RHEL-23781] - skbuff: introduce skb_pull_data (David Marlin) [RHEL-23781] - Bluetooth: defer cleanup of resources in hci_unregister_dev() (David Marlin) [RHEL-23781] - serial: core: return early on unsupported ioctls (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - lib/hexdump: make print_hex_dump_bytes() a nop on !DEBUG builds (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix race condition in status line change on dead connections (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - Revert "tty: n_gsm: fix UAF in gsm_cleanup_mux" (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix UAF in gsm_cleanup_mux (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: add parameter negotiation support (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: add parameters used with parameter negotiation (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: introduce macro for minimal unit size (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: name the debug bits (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: introduce gsm_control_command() function (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: replace use of gsm_read_ea() with gsm_read_ea_val() (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: name gsm tty device minors (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: initialize more members at gsm_alloc_mux() (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: add sanity check for gsm->receive in gsm_receive_buf() (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix flow control handling in tx path (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix resource allocation order in gsm_activate_mux() (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix deadlock and link starvation in outgoing data path (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix race condition in gsmld_write() (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix non flow control frames during mux flow off (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix missing timer to handle stalled links (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix wrong queuing behavior in gsm_dlci_data_output() (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix tty registration before control channel open (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix user open not possible at responder until initiator open (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: Debug output allocation must use GFP_ATOMIC (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: Fix packet data hex dump output (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix buffer over-read in gsm_dlci_data() (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix sometimes uninitialized warning in gsm_dlci_modem_output() (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix software flow control handling (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix invalid use of MSC in advanced option (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix broken virtual tty handling (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix missing update of modem controls after DLCI open (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix reset fifo race condition (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix missing tty wakeup in convergence layer type 2 (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix wrong signal octets encoding in MSC (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix wrong command frame length field encoding (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix wrong command retry handling (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix missing explicit ldisc flush (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix wrong DLCI release order (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix insufficient txframe size (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix frame reception handling (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2 (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix mux cleanup after unregister tty device (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix decoupled mux resource (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix restart handling via CLD command (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix deadlock in gsmtty_open() (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix wrong modem processing in convergence layer type 2 (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix wrong tty control line for flow control (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix NULL pointer access due to DLCI release (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix encoding of command/response bit (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: fix SW flow control encoding/handling (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: remove tty parameter from mxser_receive_chars_new() (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: don't throttle manually (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: make mxser_port::ldisc_stop_rx a bool (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: Don't ignore write return value in gsmld_output() (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: clean up indenting in gsm_queue() (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: Save dlci address open status when config requester (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: Modify gsmtty driver register method when config requester (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: Delete gsmtty open SABM frame when config requester (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: Modify CR,PF bit printk info when config requester (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: Modify CR,PF bit when config requester (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: stop using alloc_tty_driver (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: don't store semi-state into tty drivers (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - hvsi: don't panic on tty_register_driver failure (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - amiserial: switch rs_table to a single state (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - amiserial: expand "custom" (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - amiserial: use memset to zero serial_state (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - amiserial: remove serial_* strings (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: drop mxser_port::custom_divisor (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: drop mxser_port::baud_base (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: remove unused mxser_port::stop_rx (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: don't allocate MXSER_PORTS + 1 (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: remove cnt from mxser_receive_chars (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: remove MOXA_GETMSTATUS ioctl (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: remove MOXA_GETDATACOUNT ioctl (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: remove MOXA_CHKPORTENABLE ioctl (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: remove MOXA_ASPP_LSTATUS ioctl (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: remove MOXA_ASPP_MON and friends (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: remove MOXA_SET_BAUD_METHOD ioctl (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: remove MOXA_GET_MAJOR deprecated ioctl (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: drop unused MOXA_DIAGNOSE macro (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: drop UART_MCR_AFE and UART_LSR_SPECIAL defines (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: remove else from LSR bits checks (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: extract mxser_receive_chars_old (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: extract mxser_receive_chars_new (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: simplify mxser_interrupt and drop mxser_board::vector_mask (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: extract port ISR (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: cleanup LSR handling in mxser_receive_chars (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: remove nonsense from ISR (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: drop constant board::uart_type (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: introduce enum mxser_must_hwid (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: rename mxser_board::chip_flag to must_hwid (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: rename CheckIsMoxaMust to mxser_get_must_hwid (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: cleanup Gpci_uart_info struct (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: integrate mxser.h into .c (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: drop ISA support (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - n_gsm: use goto-failpaths in gsm_init (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: mxser: drop low-latency workaround (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: check error while registering tty devices (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: mxser: fix TIOCSSERIAL jiffies conversions (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm, remove duplicates of parameters (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: do not check tty_unregister_driver's return value (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: nozomi, remove init/exit messages (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty_port: drop last traces of low_latency (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: Demote obvious abuse of kernel-doc and supply other missing docss (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm, eliminate indirection for gsm->{output,error}() (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: Fix bogus i++ in gsm_data_kick (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: Remove unnecessary test in gsm_print_packet() (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: Fix waking up upper tty layer when room available (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: Fix SOF skipping (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: Improve debug output (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - n_gsm: switch constipated to bool (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - n_gsm: switch throttled to bool (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - n_gsm: switch dead to bool (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - n_gsm: introduce enum gsm_dlci_mode (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - n_gsm: introduce enum gsm_dlci_state (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - n_gsm: drop unneeded gsm_dlci->fifo field (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: Replace zero-length array with flexible-array member (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: avoid recursive locking with async port hangup (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: add helpers to convert mux-num to/from tty-base (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - docs: serial: move it to the driver-api (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - docs: serial: convert docs to ReST and rename to *.rst (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: Mark expected switch fall-throughs (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - n_gsm: Constify u8 and unsigned char usage (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty: n_gsm: Add copy_config() and gsm_config() to prepare for serdev (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - mxser: switch to ->[sg]et_serial() (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - amiserial: switch to ->[sg]et_serial() (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} - tty/serial_core: add ISO7816 infrastructure (Wander Lairson Costa) [RHEL-19955] {CVE-2023-6546} Resolves: RHEL-11016, RHEL-1603, RHEL-18154, RHEL-18229, RHEL-19955, RHEL-21289, RHEL-22504, RHEL-23781, RHEL-24518, RHEL-24612, RHEL-24852, RHEL-5178, RHEL-6505, RHEL-8854 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
340adeec0d |
kernel-4.18.0-540.el8
* Fri Feb 09 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-540.el8] - mm/readahead: reintroduce legacy madvise_willneed behavior to force_page_cache_readahead (Rafael Aquini) [RHEL-22476] - PCI: Disable ATS for specific Intel IPU E2000 devices (Myron Stowe) [RHEL-21011] - PCI: Extract ATS disabling to a helper function (Myron Stowe) [RHEL-21011] - HID: intel-ish-hid: ipc: Disable and reenable ACPI GPE bit (Tony Camuso) [RHEL-14732] - HID: intel-ish-hid: ipc: Add Arrow Lake PCI device ID (Tony Camuso) [RHEL-14732] - HID: intel-ish-hid: Fix kernel panic during warm reset (Tony Camuso) [RHEL-14732] - net: usb: ax88179_178a: avoid failed operations when device is disconnected (Jose Ignacio Tornos Martinez) [RHEL-17561] - net: usb: ax88179_178a: avoid two consecutive device resets (Jose Ignacio Tornos Martinez) [RHEL-17561] - net: usb: ax88179_178a: fix failed operations during ax88179_reset (Jose Ignacio Tornos Martinez) [RHEL-17561] - net: usb: ax88179_178a: Bind only to vendor-specific interface (Jose Ignacio Tornos Martinez) [RHEL-17561] - net: usb: ax88179_178a: wol optimizations (Jose Ignacio Tornos Martinez) [RHEL-17561] - net: usb: ax88179_178a: move priv to driver_priv (Jose Ignacio Tornos Martinez) [RHEL-17561] - net: usb: ax88179_178a: restore state on resume (Jose Ignacio Tornos Martinez) [RHEL-17561] - net: usb: ax88179_178a: clean up pm calls (Jose Ignacio Tornos Martinez) [RHEL-17561] - net: usb: ax88179_178a: remove redundant init code (Jose Ignacio Tornos Martinez) [RHEL-17561] - net: make drivers set the TSO limit not the GSO limit (Jose Ignacio Tornos Martinez) [RHEL-17561] - net: usb: ax88179_178a: add Allied Telesis AT-UMCs (Jose Ignacio Tornos Martinez) [RHEL-17561] - net: usb: ax88179_178a: add TSO feature (Jose Ignacio Tornos Martinez) [RHEL-17561] - ethernet: constify references to netdev->dev_addr in drivers (Jose Ignacio Tornos Martinez) [RHEL-17561] - net: usb: ax88179_178a: initialize local variables before use (Jose Ignacio Tornos Martinez) [RHEL-17561] - gve: Remove dependency on 4k page size. (Joshua Washington) [RHEL-22210] - gve: Add page size register to the register_page_list command. (Joshua Washington) [RHEL-22210] - gve: Remove obsolete checks that rely on page size. (Joshua Washington) [RHEL-22210] - gve: Deprecate adminq_pfn for pci revision 0x1. (Joshua Washington) [RHEL-22210] - gve: Perform adminq allocations through a dma_pool. (Joshua Washington) [RHEL-22210] - gve: add gve_features_check() (Joshua Washington) [RHEL-22210] - gve: Fixes for napi_poll when budget is 0 (Joshua Washington) [RHEL-22210] - gve: Do not fully free QPL pages on prefill errors (Joshua Washington) [RHEL-22210] - gve: Use size_add() in call to struct_size() (Joshua Washington) [RHEL-22210] - gve: fix frag_list chaining (Joshua Washington) [RHEL-22210] - gve: RX path for DQO-QPL (Joshua Washington) [RHEL-22210 RHEL-9878] - gve: Tx path for DQO-QPL (Joshua Washington) [RHEL-22210 RHEL-9878] - gve: Control path for DQO-QPL (Joshua Washington) [RHEL-22210 RHEL-9878] - gve: trivial spell fix Recive to Receive (Joshua Washington) [RHEL-22210] - gve: unify driver name usage (Joshua Washington) [RHEL-22210] - gve: Set default duplex configuration to full (Joshua Washington) [RHEL-22210] - gve: Remove the code of clearing PBA bit (Joshua Washington) [RHEL-22210] - gve: Secure enough bytes in the first TX desc for all TCP pkts (Joshua Washington) [RHEL-22210] - gve: Cache link_speed value from device (Joshua Washington) [RHEL-22210] - gve: Add AF_XDP zero-copy support for GQI-QPL format (Joshua Washington) [RHEL-22210] - gve: Add XDP REDIRECT support for GQI-QPL format (Joshua Washington) [RHEL-22210] - gve: Add XDP DROP and TX support for GQI-QPL format (Joshua Washington) [RHEL-22210] - gve: Changes to add new TX queues (Joshua Washington) [RHEL-22210] - gve: XDP support GQI-QPL: helper function changes (Joshua Washington) [RHEL-22210] - gve: Fix gve interrupt names (Joshua Washington) [RHEL-22210] - gve: Handle alternate miss completions (Joshua Washington) [RHEL-22210] - gve: Adding a new AdminQ command to verify driver (Joshua Washington) [RHEL-22210] - gve: Fix error return code in gve_prefill_rx_pages() (Joshua Washington) [RHEL-22210] - gve: Reduce alloc and copy costs in the GQ rx path (Joshua Washington) [RHEL-22210] - google/gve:fix repeated words in comments (Joshua Washington) [RHEL-22210] - gve: Fix spelling mistake "droping" -> "dropping" (Joshua Washington) [RHEL-22210] - gve: enhance no queue page list detection (Joshua Washington) [RHEL-22210] - net: Google gve: Remove dma_wmb() before ringing doorbell (Joshua Washington) [RHEL-22210] Resolves: RHEL-14732, RHEL-17561, RHEL-21011, RHEL-22210, RHEL-22476, RHEL-9878 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
76d4d7fe1c |
kernel-4.18.0-539.el8
* Mon Feb 05 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-539.el8] - tcp: Dump bound-only sockets in inet_diag. (Guillaume Nault) [RHEL-6113] - rh_messages.h: update driver and device lists (Scott Weaver) [RHEL-22126] - vmstat: allow_direct_reclaim should use zone_page_state_snapshot (Marcelo Tosatti) [RHEL-22138] - rbd: don't move requests to the running list on errors (Ilya Dryomov) [RHEL-21941] - drm/vmwgfx: Fix possible null pointer derefence with invalid contexts (Jocelyn Falempe) [RHEL-3179] {CVE-2022-38096} - atm: Fix Use-After-Free in do_vcc_ioctl (Guillaume Nault) [RHEL-21179] {CVE-2023-51780} - perf/x86/intel/uncore: Factor out topology_gidnid_map() (Michael Petlan) [RHEL-22189] - perf/x86/intel/uncore: Fix NULL pointer dereference issue in upi_fill_topology() (Michael Petlan) [RHEL-22189] - KVM: x86: Constrain guest-supported xfeatures only at KVM_GET_XSAVE{2} (Bandan Das) [RHEL-7558] - x86/fpu: Allow caller to constrain xfeatures when copying to uabi buffer (Bandan Das) [RHEL-7558] - Bluetooth: Fix double free in hci_conn_cleanup (David Marlin) [RHEL-2555] {CVE-2023-28464} - Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times (David Marlin) [RHEL-2555] - kobject: Fix slab-out-of-bounds in fill_kobj_path() (Waiman Long) [RHEL-20926] {CVE-2023-45863} - kobject: modify kobject_get_path() to take a const * (Waiman Long) [RHEL-20926] {CVE-2023-45863} - kobject: Remove docstring reference to kset (Waiman Long) [RHEL-20926] {CVE-2023-45863} - EDAC/amd64: Add support for AMD family 1Ah models 00h-1Fh and 40h-4Fh (Aristeu Rozanski) [RHEL-10031] - amd64: allow F0 and F6 registers to be missing (Aristeu Rozanski) [RHEL-10031] - hwmon: (k10temp) Add thermal support for AMD Family 1Ah-based models (Aristeu Rozanski) [RHEL-10031] - x86/amd_nb: Add PCI IDs for AMD Family 1Ah-based models (Aristeu Rozanski) [RHEL-10031] - nvmet-tcp: Fix the H2C expected PDU len calculation (Maurizio Lombardi) [RHEL-19155 RHEL-19161 RHEL-19167] {CVE-2023-6536 CVE-2023-6535 CVE-2023-6356} - nvmet-tcp: remove boilerplate code (Maurizio Lombardi) [RHEL-19155 RHEL-19161 RHEL-19167] {CVE-2023-6536 CVE-2023-6535 CVE-2023-6356} - nvmet-tcp: fix a crash in nvmet_req_complete() (Maurizio Lombardi) [RHEL-19155 RHEL-19161 RHEL-19167] {CVE-2023-6536 CVE-2023-6535 CVE-2023-6356} - nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length (Maurizio Lombardi) [RHEL-19155 RHEL-19161 RHEL-19167] {CVE-2023-6536 CVE-2023-6535 CVE-2023-6356} - ipv6: Remove extra counter pull before gc (Davide Caratti) [RHEL-21457] {CVE-2023-52340} - ipv6: remove max_size check inline with ipv4 (Davide Caratti) [RHEL-21457] {CVE-2023-52340} - net/dst: use a smaller percpu_counter batch for dst entries accounting (Davide Caratti) [RHEL-21457] {CVE-2023-52340} - net: add a route cache full diagnostic message (Davide Caratti) [RHEL-21457] {CVE-2023-52340} - x86/sev: Use the GHCB protocol when available for SNP CPUID requests (Bandan Das) [RHEL-16382] - x86/sev: Do not handle #VC for DR7 read/write (Bandan Das) [RHEL-16382] - Revert "x86/sev: Expose sev_es_ghcb_hv_call() for use by HyperV" (Bandan Das) [RHEL-16382] - x86/alternatives: Add cond_resched() to text_poke_bp_batch() (Waiman Long) [RHEL-15221] - x86/alternative: Fix race in try_get_desc() (Waiman Long) [RHEL-15221] - x86/alternatives: Mark text_poke_loc_init() static (Waiman Long) [RHEL-15221] - x86/int3: Ensure that poke_int3_handler() is not traced (Waiman Long) [RHEL-15221] - tools/mm: filter out timestamps for correct collation (Audra Mitchell) [RHEL-3821] - tools/vm/page_owner_sort.c: support sorting pid and time (Audra Mitchell) [RHEL-3821] - tools/vm/page_owner_sort.c: filter out unneeded line (Audra Mitchell) [RHEL-3821] - tools/vm/page_owner: use page_owner_sort in the use example (Audra Mitchell) [RHEL-3821] - mm/page_owner: remove free_ts from page_owner output (Audra Mitchell) [RHEL-3821] - xfs: up(ic_sema) if flushing data device fails (Andrey Albershteyn) [RHEL-8464] - xfs: reserve less log space when recovering log intent items (Andrey Albershteyn) [RHEL-8464] - xfs: fix an agbno overflow in __xfs_getfsmap_datadev (Andrey Albershteyn) [RHEL-8464] - xfs: fix agf_fllast when repairing an empty AGFL (Andrey Albershteyn) [RHEL-8464] - xfs: fix dqiterate thinko (Andrey Albershteyn) [RHEL-8464] - xfs: fix uninit warning in xfs_growfs_data (Andrey Albershteyn) [RHEL-8464] - xfs: fix xfs_btree_query_range callers to initialize btree rec fully (Andrey Albershteyn) [RHEL-8464] - xfs: validate fsmap offsets specified in the query keys (Andrey Albershteyn) [RHEL-8464] - xfs: fix logdev fsmap query result filtering (Andrey Albershteyn) [RHEL-8464] - xfs: clean up the rtbitmap fsmap backend (Andrey Albershteyn) [RHEL-8464] - xfs: fix integer overflows in the fsmap rtbitmap and logdev backends (Andrey Albershteyn) [RHEL-8464] - xfs: fix interval filtering in multi-step fsmap queries (Andrey Albershteyn) [RHEL-8464] - xfs: don't reverse order of items in bulk AIL insertion (Andrey Albershteyn) [RHEL-8464] - xfs: fix ag count overflow during growfs (Andrey Albershteyn) [RHEL-8464] - xfs: don't deplete the reserve pool when trying to shrink the fs (Andrey Albershteyn) [RHEL-8464] - xfs: fix agf/agfl verification on v4 filesystems (Andrey Albershteyn) [RHEL-8464] - xfs: set bnobt/cntbt numrecs correctly when formatting new AGs (Andrey Albershteyn) [RHEL-8464] - xfs: fix rm_offset flag handling in rmap keys (Andrey Albershteyn) [RHEL-8464] - xfs: make kobj_type structures constant (Andrey Albershteyn) [RHEL-8464] - xfs: allow setting full range of panic tags (Andrey Albershteyn) [RHEL-8464] - xfs: shut up -Wuninitialized in xfsaild_push (Andrey Albershteyn) [RHEL-8464] - xfs: use memcpy, not strncpy, to format the attr prefix during listxattr (Andrey Albershteyn) [RHEL-8464] - xfs: initialize the check_owner object fully (Andrey Albershteyn) [RHEL-8464] - xfs: fix uninitialized list head in struct xfs_refcount_recovery (Andrey Albershteyn) [RHEL-8464] - xfs: increase rename inode reservation (Andrey Albershteyn) [RHEL-8464] - xfs: remove xfs_setattr_time() declaration (Andrey Albershteyn) [RHEL-8464] - xfs: Fix false ENOSPC when performing direct write on a delalloc extent in cow fork (Andrey Albershteyn) [RHEL-8464] - xfs: check return codes when flushing block devices (Andrey Albershteyn) [RHEL-8464] - xfs: reduce the number of atomic when locking a buffer after lookup (Andrey Albershteyn) [RHEL-8464] - xfs: convert btree buffer log flags to unsigned. (Andrey Albershteyn) [RHEL-8464] - xfs: shutdown in intent recovery has non-intent items in the AIL (Andrey Albershteyn) [RHEL-8464] - xfs: aborting inodes on shutdown may need buffer lock (Andrey Albershteyn) [RHEL-8464] - xfs: only bother with sync_filesystem during readonly remount (Andrey Albershteyn) [RHEL-8464] - xfs: kill the XFS_IOC_{ALLOC,FREE}SP* ioctls (Andrey Albershteyn) [RHEL-8464] {CVE-2021-4155} - xfs: prevent a WARN_ONCE() in xfs_ioc_attr_list() (Andrey Albershteyn) [RHEL-8464] - xfs: only run COW extent recovery when there are no live extents (Andrey Albershteyn) [RHEL-8464] - xfs: move recovery needed state updates to xfs_log_mount_finish (Andrey Albershteyn) [RHEL-8464] - xfs: clear log incompat feature bits when the log is idle (Andrey Albershteyn) [RHEL-8464] - xfs: allow setting and clearing of log incompat feature flags (Andrey Albershteyn) [RHEL-8464] - xfs: remove all COW fork extents when remounting readonly (Andrey Albershteyn) [RHEL-8464] - xfs: replace snprintf in show functions with sysfs_emit (Andrey Albershteyn) [RHEL-8464] - xfs: reduce the size of nr_ops for refcount btree cursors (Andrey Albershteyn) [RHEL-8464] - xfs: rework attr2 feature and mount options (Andrey Albershteyn) [RHEL-8464] - xfs: sb verifier doesn't handle uncached sb buffer (Andrey Albershteyn) [RHEL-8464] - xfs: standardize inode number formatting in ftrace output (Andrey Albershteyn) [RHEL-8464] - xfs: make fsmap backend function key parameters const (Andrey Albershteyn) [RHEL-8464] - xfs: remove kmem_alloc_io() (Andrey Albershteyn) [RHEL-8464] - mm: Add kvrealloc() (Andrey Albershteyn) [RHEL-8464] - xfs: remove kmem_realloc() (Andrey Albershteyn) [RHEL-8464] - xfs: fix silly whitespace problems with kernel libxfs (Andrey Albershteyn) [RHEL-8464] - xfs: deprecate BMV_IF_NO_DMAPI_READ flag (Andrey Albershteyn) [RHEL-8464] Resolves: RHEL-10031, RHEL-15221, RHEL-16382, RHEL-19155, RHEL-19161, RHEL-19167, RHEL-20926, RHEL-21179, RHEL-21457, RHEL-21941, RHEL-22126, RHEL-22138, RHEL-22189, RHEL-2555, RHEL-3179, RHEL-3821, RHEL-6113, RHEL-7558, RHEL-8464 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
402e4f1f00 |
kernel-4.18.0-538.el8
* Wed Jan 31 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-538.el8] - ida: Fix crash in ida_free when the bitmap is empty (Wander Lairson Costa) [RHEL-19681] {CVE-2023-6915} - mm: create a new system state and fix core_kernel_text() (Joel Savitz) [RHEL-5227] - redhat: rewrite genlog and support Y- tags (Jan Stancek) - Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d" (Nigel Croxon) [RHEL-22698] - Revert "x86/fpu/xstate: Fix PKRU covert channel" (Steve Best) [RHEL-22192] - net: tls, update curr on splice as well (Sabrina Dubroca) [RHEL-19065] {CVE-2024-0646} - smb: client: fix OOB in smbCalcSize() (Scott Mayhew) [RHEL-18990] {CVE-2023-6606} - smb: client: fix potential OOB in smb2_dump_detail() (Scott Mayhew) [RHEL-19144] {CVE-2023-6610} - smb: client: fix potential OOB in cifs_dump_detail() (Scott Mayhew) [RHEL-19144] {CVE-2023-6610} - ovl: skip stale entries in merge dir cache iteration (Miklos Szeredi) [RHEL-18076] - ovl: invalidate readdir cache on changes to dir with origin (Miklos Szeredi) [RHEL-18076] - ipv6: avoid atomic fragment on GSO packets (Hangbin Liu) [RHEL-22149] - ipv6: fix potential NULL deref in fib6_add() (Hangbin Liu) [RHEL-22149] - lockdep: Fix block chain corruption (Joel Savitz) [RHEL-5227] - futex: Don't include process MM in futex key on no-MMU (Joel Savitz) [RHEL-5227] - locking/rtmutex: Fix task->pi_waiters integrity (Joel Savitz) [RHEL-5227] - locking/rwsem: Add __always_inline annotation to __down_read_common() and inlined callers (Joel Savitz) [RHEL-5227] - locking/rwsem: Disable preemption in all down_write*() and up_write() code paths (Joel Savitz) [RHEL-5227] - mm: make generic arch_is_kernel_initmem_freed() do what it says (Joel Savitz) [RHEL-5227] Resolves: RHEL-18076, RHEL-18990, RHEL-19065, RHEL-19144, RHEL-19681, RHEL-22149, RHEL-22192, RHEL-22698, RHEL-5227 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |
||
Denys Vlasenko
|
c773a27bce |
kernel-4.18.0-537.el8
* Wed Jan 24 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-537.el8] - cgroup/cpuset: Inherit parent's load balance state in v2 (Waiman Long) [RHEL-12873] - cgroup/cpuset: Free DL BW in case can_attach() fails (Waiman Long) [RHEL-12873] - sched/deadline: Create DL BW alloc, free & check overflow interface (Waiman Long) [RHEL-12873] - cgroup/cpuset: Iterate only if DEADLINE tasks are present (Waiman Long) [RHEL-12873] - sched/cpuset: Keep track of SCHED_DEADLINE task in cpusets (Waiman Long) [RHEL-12873] - sched/cpuset: Bring back cpuset_mutex (Waiman Long) [RHEL-12873] - cgroup/cpuset: Rename functions dealing with DEADLINE accounting (Waiman Long) [RHEL-12873] - cgroup/cpuset: Skip task update if hotplug doesn't affect current cpuset (Waiman Long) [RHEL-12873] - cgroup/cpuset: Fix wrong check in update_parent_subparts_cpumask() (Waiman Long) [RHEL-12873] - cgroup/cpuset: Optimize cpuset_attach() on v2 (Waiman Long) [RHEL-12873] - cgroup/cpuset: Skip spread flags update on v2 (Waiman Long) [RHEL-12873] - kselftest/cgroup: Add cpuset v2 partition root state test (Waiman Long) [RHEL-12873] - cgroup/cpuset: Update description of cpuset.cpus.partition in cgroup-v2.rst (Waiman Long) [RHEL-12873] - cgroup/cpuset: Make partition invalid if cpumask change violates exclusivity rule (Waiman Long) [RHEL-12873] - cgroup/cpuset: Relocate a code block in validate_change() (Waiman Long) [RHEL-12873] - cgroup/cpuset: Show invalid partition reason string (Waiman Long) [RHEL-12873] - cgroup/cpuset: Add a new isolated cpus.partition type (Waiman Long) [RHEL-12873] - cgroup/cpuset: Relax constraints to partition & cpus changes (Waiman Long) [RHEL-12873] - cgroup/cpuset: Allow no-task partition to have empty cpuset.cpus.effective (Waiman Long) [RHEL-12873] - cgroup/cpuset: Miscellaneous cleanups & add helper functions (Waiman Long) [RHEL-12873] - cgroup: cleanup comments (Waiman Long) [RHEL-12873] - cgroup/cpuset: Avoid memory migration when nodemasks match (Waiman Long) [RHEL-12873] - cgroup/cpuset: Enable memory migration for cpuset v2 (Waiman Long) [RHEL-12873] - cgroup/cpuset: Enable event notification when partition state changes (Waiman Long) [RHEL-12873] - doc/admin-guide/cgroup-v2: use tables (Waiman Long) [RHEL-12873] - docs/admin-guide: cgroup-v2: fix cgroup.type rendering (Waiman Long) [RHEL-12873] - docs: fix memory.low description in cgroup-v2.rst (Waiman Long) [RHEL-12873] - cgroup/cpuset: Revert "Reduce cpuset_rwsem writer latency" (Waiman Long) [RHEL-12873] - selftests/bpf: Workaround verification failure for fexit_bpf2bpf/func_replace_return_code (Artem Savkov) [RHEL-17256] - mISDN: fix use-after-free bugs in l1oip timer handlers (Ricardo Robaina) [RHEL-2553 RHEL-2690] {CVE-2022-3565} - firmware: dmi-sysfs: make pr_info messages rate limited (Prarit Bhargava) [RHEL-21096] - xfs: short circuit xfs_growfs_data_private() if delta is zero (Andrey Albershteyn) [RHEL-19431] - net-sysfs: add check for netdevice being present to speed_show (Michal Schmidt) [RHEL-16007] - drm/mgag200: Fix gamma lut not initialized for G200ER, G200EV, G200SE (Jocelyn Falempe) [RHEL-21054] - netfilter: nf_tables: bail out on mismatching dynset and set expressions (Florian Westphal) [RHEL-19014] {CVE-2023-6622} - netfilter: nft_set_pipapo: skip inactive elements during set walk (Florian Westphal) [RHEL-19721] {CVE-2023-6817} - ipv4: igmp: fix refcnt uaf issue when receiving igmp query packet (Hangbin Liu) [RHEL-19794] {CVE-2023-6932} - s390/paes: fix PKEY_TYPE_EP11_AES handling for secure keyblobs (Tobias Huschle) [RHEL-22160] - s390/dasd: protect device queue against concurrent access (Tobias Huschle) [RHEL-22161] - s390/cmma: fix handling of swapper_pg_dir and invalid_pg_dir (Tobias Huschle) [RHEL-16317] - s390/cmma: fix detection of DAT pages (Tobias Huschle) [RHEL-16317] - s390/mm: add missing arch_set_page_dat() call to gmap allocations (Tobias Huschle) [RHEL-16317] - s390/mm: add missing arch_set_page_dat() call to vmem_crst_alloc() (Tobias Huschle) [RHEL-16317] - s390/cmma: fix initial kernel address space page table walk (Tobias Huschle) [RHEL-16317] - s390/vfio-ap: do not reset queue removed from host config (Cédric Le Goater) [RHEL-19575] - s390/vfio-ap: reset queues associated with adapter for queue unbound from driver (Cédric Le Goater) [RHEL-19575] - s390/vfio-ap: reset queues filtered from the guest's AP config (Cédric Le Goater) [RHEL-19575] - s390/vfio-ap: let on_scan_complete() callback filter matrix and update guest's APCB (Cédric Le Goater) [RHEL-19575] - s390/vfio-ap: loop over the shadow APCB when filtering guest's AP configuration (Cédric Le Goater) [RHEL-19575] - s390/vfio-ap: always filter entire AP matrix (Cédric Le Goater) [RHEL-19575] - KVM: s390: vsie: Fix STFLE interpretive execution identification (Cédric Le Goater) [RHEL-19575] - KVM: s390: vsie: fix race during shadow creation (Cédric Le Goater) [RHEL-19575] - KVM: s390: fix cc for successful PQAP (Cédric Le Goater) [RHEL-19575] - KVM: s390: fix setting of fpc register (Cédric Le Goater) [RHEL-19575] - s390/vfio-ap: fix sysfs status attribute for AP queue devices (Cédric Le Goater) [RHEL-19575] - s390/vfio-ap: unpin pages on gisc registration failure (Cédric Le Goater) [RHEL-19575] - iommu/iova: Manage the depot list size (Jerry Snitselaar) [RHEL-10100] - iommu/iova: Make the rcache depot scale better (Jerry Snitselaar) [RHEL-10100] - iommu/iova: Optimize iova_magazine_alloc() (Jerry Snitselaar) [RHEL-10100] - iommu/vt-d: Remove two WARN_ON in domain_context_mapping_one() (Jerry Snitselaar) [RHEL-10100] - iommu/vt-d: Handle the failure case of dmar_reenable_qi() (Jerry Snitselaar) [RHEL-10100] - iommu/vt-d: Remove BUG_ON in dmar_insert_dev_scope() (Jerry Snitselaar) [RHEL-10100] - iommu/vt-d: Remove a useless BUG_ON(dev->is_virtfn) (Jerry Snitselaar) [RHEL-10100] - iommu/vt-d: Remove BUG_ON in map/unmap() (Jerry Snitselaar) [RHEL-10100] - iommu/vt-d: Remove BUG_ON when domain->pgd is NULL (Jerry Snitselaar) [RHEL-10100] - iommu/vt-d: Remove BUG_ON in handling iotlb cache invalidation (Jerry Snitselaar) [RHEL-10100] - iommu/vt-d: Remove BUG_ON on checking valid pfn range (Jerry Snitselaar) [RHEL-10100] - iommu/vt-d: Make size of operands same in bitwise operations (Jerry Snitselaar) [RHEL-10100] - iommu/vt-d: Do not use GFP_ATOMIC when not needed (Jerry Snitselaar) [RHEL-10100] - iommu/vt-d: Remove PASID supervisor request support (Jerry Snitselaar) [RHEL-10100] - iommu/vt-d: Use non-privileged mode for all PASIDs (Jerry Snitselaar) [RHEL-10100] - iommu: Optimise PCI SAC address trick (Jerry Snitselaar) [RHEL-10100] - iommu/amd: Use page mode macros in fetch_pte() (Jerry Snitselaar) [RHEL-10100] - iommu/amd: Allocate IOMMU irqs using numa locality info (Jerry Snitselaar) [RHEL-10100] - iommu/amd: Allocate page table using numa locality info (Jerry Snitselaar) [RHEL-10100] - iommu/amd: Add a length limitation for the ivrs_acpihid command-line parameter (Jerry Snitselaar) [RHEL-10100] - iommu/amd: Fix ill-formed ivrs_ioapic, ivrs_hpet and ivrs_acpihid options (Jerry Snitselaar) [RHEL-10100] - iommu/amd: Do not allocate io_pgtable_ops for passthrough domain (Jerry Snitselaar) [RHEL-10100] - iommu/amd: Fix error handling for pdev_pri_ats_enable() (Jerry Snitselaar) [RHEL-10100] - iommu/amd: Fix compile error for unused function (Jerry Snitselaar) [RHEL-10025] - iommu/amd: Improving Interrupt Remapping Table Invalidation (Jerry Snitselaar) [RHEL-10025] - iommu/amd: Do not Invalidate IRT when IRTE caching is disabled (Jerry Snitselaar) [RHEL-10025] - iommu/amd: Introduce Disable IRTE Caching Support (Jerry Snitselaar) [RHEL-10025] - iommu/amd: Change macro for IOMMU control register bit shift to decimal value (Jerry Snitselaar) [RHEL-10025] - iommu/amd: Remove the unused struct amd_ir_data.ref (Jerry Snitselaar) [RHEL-10025] - iommu/amd: Switch amd_iommu_update_ga() to use modify_irte_ga() (Jerry Snitselaar) [RHEL-10025] - iommu/amd: Handle GALog overflows (Jerry Snitselaar) [RHEL-10025] - iommu/amd: Process all IVHDs before enabling IOMMU features (Jerry Snitselaar) [RHEL-10100] - iommu/amd: Introduce global variable for storing common EFR and EFR2 (Jerry Snitselaar) [RHEL-10100] - iommu/amd: Introduce Support for Extended Feature 2 Register (Jerry Snitselaar) [RHEL-10100] - iommu/vt-d: Avoid memory allocation in iommu_suspend() (Jerry Snitselaar) [RHEL-10100] - iommu/vt-d: Fix to flush cache of PASID directory table (Jerry Snitselaar) [RHEL-10100] - of/address: Return an error when no valid dma-ranges are found (Jerry Snitselaar) [RHEL-10100] - iommu/arm-smmu-qcom: Fix mask extraction for bootloader programmed SMRs (Jerry Snitselaar) [RHEL-10100] - iommu/arm-smmu-qcom: Read back stream mappings (Jerry Snitselaar) [RHEL-10100] - of: Fix "dma-ranges" handling for bus controllers (Jerry Snitselaar) [RHEL-10100] - swiotlb: move slot allocation explanation comment where it belongs (Jerry Snitselaar) [RHEL-10100] - swiotlb: fix debugfs reporting of reserved memory pools (Jerry Snitselaar) [RHEL-10100] - iommu: fix MAX_ORDER usage in __iommu_dma_alloc_pages() (Jerry Snitselaar) [RHEL-1261] - swiotlb: use the calculated number of areas (Jerry Snitselaar) [RHEL-1261] - swiotlb: relocate PageHighMem test away from rmem_swiotlb_setup (Jerry Snitselaar) [RHEL-1261] - swiotlb: reduce the number of areas to match actual memory pool size (Jerry Snitselaar) [RHEL-1261] - swiotlb: always set the number of areas before allocating the pool (Jerry Snitselaar) [RHEL-1261] - swiotlb: clean up some coding style and minor issues (Jerry Snitselaar) [RHEL-1261] - iommu/amd: Fix DTE_IRQ_PHYS_ADDR_MASK macro (Jerry Snitselaar) [RHEL-1261] - iommu/amd/iommu_v2: Clear pasid state in free path (Jerry Snitselaar) [RHEL-14152] - iommu/amd/iommu_v2: Fix pasid_state refcount dec hit 0 warning on pasid unbind (Jerry Snitselaar) [RHEL-14152] - iommu/amd: Don't block updates to GATag if guest mode is on (Jerry Snitselaar) [RHEL-1261] - iommu/amd: Fix domain flush size when syncing iotlb (Jerry Snitselaar) [RHEL-1261] - iommu/amd: Fix "Guest Virtual APIC Table Root Pointer" configuration in IRTE (Jerry Snitselaar) [RHEL-1261] - iommu: Fix error unwind in iommu_group_alloc() (Jerry Snitselaar) [RHEL-1261] - net/mlx5e: Fix error code in mlx5e_tc_action_miss_mapping_get() (Amir Tzin) [RHEL-924] - net/mlx5: Fix fw tracer first block check (Amir Tzin) [RHEL-924] - net/mlx5e: fix a potential double-free in fs_udp_create_groups (Amir Tzin) [RHEL-924] - net/mlx5e: Fix slab-out-of-bounds in mlx5_query_nic_vport_mac_list() (Amir Tzin) [RHEL-924] - net/mlx5e: fix double free of encap_header (Amir Tzin) [RHEL-924] - Revert "net/mlx5e: fix double free of encap_header" (Amir Tzin) [RHEL-924] - Revert "net/mlx5e: fix double free of encap_header in update funcs" (Amir Tzin) [RHEL-924] - net/mlx5e: fix double free of encap_header in update funcs (Amir Tzin) [RHEL-924] - net/mlx5e: fix double free of encap_header (Amir Tzin) [RHEL-924] - net/mlx5e: Fix error codes in alloc_branch_attr() (Amir Tzin) [RHEL-924] - net/mlx5e: Track xmit submission to PTP WQ after populating metadata map (Amir Tzin) [RHEL-924] - net/mlx5e: Avoid referencing skb after free-ing in drop path of mlx5e_sq_xmit_wqe (Amir Tzin) [RHEL-924] - net/mlx5e: Correct snprintf truncation handling for fw_version buffer used by representors (Amir Tzin) [RHEL-924] - net/mlx5e: Correct snprintf truncation handling for fw_version buffer (Amir Tzin) [RHEL-924] - net/mlx5: Fix a NULL vs IS_ERR() check (Amir Tzin) [RHEL-924] - net/mlx5e: Check netdev pointer before checking its net ns (Amir Tzin) [RHEL-924] - net/mlx5e: TC, Don't offload post action rule if not supported (Amir Tzin) [RHEL-924] - net/mlx5e: Remove a useless function call (Amir Tzin) [RHEL-924] - net/mlx5e: Fix possible deadlock on mlx5e_tx_timeout_work (Amir Tzin) [RHEL-924] - net/mlx5: Increase size of irq name buffer (Amir Tzin) [RHEL-924] - net/mlx5e: Update doorbell for port timestamping CQ before the software counter (Amir Tzin) [RHEL-924] - net/mlx5e: Add recovery flow for tx devlink health reporter for unhealthy PTP SQ (Amir Tzin) [RHEL-924] - net/mlx5e: Make tx_port_ts logic resilient to out-of-order CQEs (Amir Tzin) [RHEL-924] - net/mlx5e: Check return value of snprintf writing to fw_version buffer for representors (Amir Tzin) [RHEL-924] - net/mlx5e: Check return value of snprintf writing to fw_version buffer (Amir Tzin) [RHEL-924] - net/mlx5e: Reduce the size of icosq_str (Amir Tzin) [RHEL-924] - net/mlx5e: Fix pedit endianness (Amir Tzin) [RHEL-924] - net/mlx5: Decouple PHC .adjtime and .adjphase implementations (Amir Tzin) [RHEL-924] - IB/mlx5: Fix init stage error handling to avoid double free of same QP and UAF (Amir Tzin) [RHEL-924] - IB/mlx5: Fix rdma counter binding for RAW QP (Amir Tzin) [RHEL-924] - net/mlx5e: Fix VF representors reporting zero counters to "ip -s" command (Amir Tzin) [RHEL-13397 RHEL-924] - net/mlx5e: Don't offload internal port if filter device is out device (Amir Tzin) [RHEL-924] - net/mlx5e: XDP, Fix XDP_REDIRECT mpwqe page fragment leaks on shutdown (Amir Tzin) [RHEL-924] - net/mlx5: Handle fw tracer change ownership event based on MTRC (Amir Tzin) [RHEL-924] - net/mlx5: Bridge, fix peer entry ageing in LAG mode (Amir Tzin) [RHEL-924] - net/mlx5: E-switch, register event handler before arming the event (Amir Tzin) [RHEL-924] - net/mlx5e: Again mutually exclude RX-FCS and RX-port-timestamp (Amir Tzin) [RHEL-924] - RDMA/mlx5: Fix NULL string error (Amir Tzin) [RHEL-924] - RDMA/mlx5: Fix mutex unlocking on error flow for steering anchor creation (Amir Tzin) [RHEL-924] - net/mlx5: Free IRQ rmap and notifier on kernel shutdown (Amir Tzin) [RHEL-924] - net/mlx5: Free irqs only on shutdown callback (Amir Tzin) [RHEL-924] - net/mlx5: Improve naming of pci function vectors (Amir Tzin) [RHEL-924] - net/mlx5e: Clear mirred devices array if the rule is split (Amir Tzin) [RHEL-924] - net/mlx5: Dynamic cyclecounter shift calculation for PTP free running clock (Amir Tzin) [RHEL-924] - RDMA/mlx5: Fix trailing */ formatting in block comment (Amir Tzin) [RHEL-924] - net/mlx5: Use RMW accessors for changing LNKCTL (Amir Tzin) [RHEL-924] - net/mlx5: DR, Fix code indentation (Amir Tzin) [RHEL-924] - net/mlx5: Fix error message in mlx5_sf_dev_state_change_handler() (Amir Tzin) [RHEL-924] - net/mlx5e: Add capability check for vnic counters (Amir Tzin) [RHEL-924] - net/mlx5e: Expose catastrophic steering error counters (Amir Tzin) [RHEL-924] - net/mlx5: Skip clock update work when device is in error state (Amir Tzin) [RHEL-924] - net/mlx5: LAG, Check correct bucket when modifying LAG (Amir Tzin) [RHEL-924] - net/mlx5e: Unoffload post act rule when handling FIB events (Amir Tzin) [RHEL-924] - net/mlx5: Allow 0 for total host VFs (Amir Tzin) [RHEL-924] - net/mlx5: DR, Fix wrong allocation of modify hdr pattern (Amir Tzin) [RHEL-924] - net/mlx5e: TC, Fix internal port memory leak (Amir Tzin) [RHEL-924] - net/mlx5: Fix typo reminder -> remainder (Amir Tzin) [RHEL-924] - net/mlx5: fs_core: Skip the FTs in the same FS_TYPE_PRIO_CHAINS fs_prio (Amir Tzin) [RHEL-924] - net/mlx5: fs_core: Make find_closest_ft more generic (Amir Tzin) [RHEL-924] - net/mlx5e: kTLS, Fix protection domain in use syndrome when devlink reload (Amir Tzin) [RHEL-924] - net/mlx5e: Move representor neigh cleanup to profile cleanup_tx (Amir Tzin) [RHEL-924] - net/mlx5e: Fix crash moving to switchdev mode when ntuple offload is set (Amir Tzin) [RHEL-13501 RHEL-924] - net/mlx5e: Don't hold encap tbl lock if there is no encap action (Amir Tzin) [RHEL-924] - net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer() (Amir Tzin) [RHEL-924] - net/mlx5: fix potential memory leak in mlx5e_init_rep_rx (Amir Tzin) [RHEL-924] - net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx (Amir Tzin) [RHEL-924] - net/mlx5e: Check for NOT_READY flag state after locking (Amir Tzin) [RHEL-924] - net/mlx5: Register a unique thermal zone per device (Amir Tzin) [RHEL-924] - net/mlx5e: fix memory leak in mlx5e_ptp_open (Amir Tzin) [RHEL-924] - net/mlx5e: fix memory leak in mlx5e_fs_tt_redirect_any_create (Amir Tzin) [RHEL-924] - net/mlx5e: fix double free in mlx5e_destroy_flow_table (Amir Tzin) [RHEL-924] - net/mlx5: Fix reserved at offset in hca_cap register (Amir Tzin) [RHEL-924] - RDMA/mlx5: Fix Q-counters query in LAG mode (Amir Tzin) [RHEL-924] - RDMA/mlx5: Remove vport Q-counters dependency on normal Q-counters (Amir Tzin) [RHEL-924] - RDMA/mlx5: Fix Q-counters per vport allocation (Amir Tzin) [RHEL-924] - net/mlx5: Drain health before unregistering devlink (Amir Tzin) [RHEL-924] - net/mlx5: E-switch, Devcom, sync devcom events and devcom comp register (Amir Tzin) [RHEL-924] - eth: mlx5: avoid iterator use outside of a loop (Amir Tzin) [RHEL-924] - net/mlx5: Update op_mode to op_mod for port selection (Amir Tzin) [RHEL-924] - net/mlx5: E-Switch, Remove redundant dev arg from mlx5_esw_vport_alloc() (Amir Tzin) [RHEL-924] - Documentation: net/mlx5: Wrap notes in admonition blocks (Amir Tzin) [RHEL-924] - Documentation: net/mlx5: Use bullet and definition lists for vnic counters description (Amir Tzin) [RHEL-924] - Documentation: net/mlx5: Wrap vnic reporter devlink commands in code blocks (Amir Tzin) [RHEL-924] - net/mlx5e: Add vnic devlink health reporter to representors (Amir Tzin) [RHEL-14659 RHEL-924] - net/mlx5: Add vnic devlink health reporter to PFs/VFs (Amir Tzin) [RHEL-14659 RHEL-924] - Revert "net/mlx5: Expose vnic diagnostic counters for eswitch managed vports" (Amir Tzin) [RHEL-14659 RHEL-924] - Revert "net/mlx5: Expose steering dropped packets counter" (Amir Tzin) [RHEL-14659 RHEL-924] - net/mlx5: Create a new profile for SFs (Amir Tzin) [RHEL-924] - net/mlx5: Bridge, add tracepoints for multicast (Amir Tzin) [RHEL-924] - net/mlx5: Bridge, implement mdb offload (Amir Tzin) [RHEL-924] - net/mlx5: Bridge, support multicast VLAN pop (Amir Tzin) [RHEL-924] - net/mlx5: Bridge, add per-port multicast replication tables (Amir Tzin) [RHEL-924] - net/mlx5: Bridge, snoop igmp/mld packets (Amir Tzin) [RHEL-924] - net/mlx5: Bridge, extract code to lookup parent bridge of port (Amir Tzin) [RHEL-924] - net/mlx5: Bridge, move additional data structures to priv header (Amir Tzin) [RHEL-924] - net/mlx5: Bridge, increase bridge tables sizes (Amir Tzin) [RHEL-924] - net/mlx5: Add mlx5_ifc definitions for bridge multicast support (Amir Tzin) [RHEL-924] - net/mlx5e: Fix SQ SW state layout in SQ devlink health diagnostics (Amir Tzin) [RHEL-924] - net/mlx5e: Fix RQ SW state layout in RQ devlink health diagnostics (Amir Tzin) [RHEL-924] - RDMA/mlx5: Remove unused num_alloc_xa_entries variable (Amir Tzin) [RHEL-924] - net/mlx5e: Rename misleading skb_pc/cc references in ptp code (Amir Tzin) [RHEL-924] - net/mlx5: Update cyclecounter shift value to improve ptp free running mode precision (Amir Tzin) [RHEL-924] - RDMA/mlx5: Expand switchdev Q-counters to expose representor statistics (Amir Tzin) [RHEL-924] - net/mlx5: Introduce other vport query for Q-counters (Amir Tzin) [RHEL-924] - net/mlx5e: Fix build break on 32bit (Amir Tzin) [RHEL-924] - net/mlx5: Set out of order (ooo) by default (Amir Tzin) [RHEL-924] - RDMA/mlx5: Disable out-of-order in integrity enabled QPs (Amir Tzin) [RHEL-924] - net/mlx5: Expose bits for enabling out-of-order by default (Amir Tzin) [RHEL-924] - net/mlx5e: TC, Add support for VxLAN GBP encap/decap flows offload (Amir Tzin) [RHEL-897 RHEL-924] - net/mlx5e: Add helper for encap_info_equal for tunnels with options (Amir Tzin) [RHEL-897 RHEL-924] - net/mlx5e: Remove redundant include statement and adjust code to upstream. (Amir Tzin) [RHEL-924] - net/mlx5e: Enable TC offload for egress MACVLAN over bond (Amir Tzin) [RHEL-924] - net/mlx5e: Enable TC offload for ingress MACVLAN over bond (Amir Tzin) [RHEL-924] - net/mlx5e: TC, Extract indr setup block checks to function (Amir Tzin) [RHEL-924] - net/mlx5e: Add XSK RQ state flag for RQ devlink health diagnostics (Amir Tzin) [RHEL-924] - net/mlx5e: Expose SQ SW state as part of SQ health diagnostics (Amir Tzin) [RHEL-924] - net/mlx5e: Stringify RQ SW state in RQ devlink health diagnostics (Amir Tzin) [RHEL-924] - net/mlx5e: Rename RQ/SQ adaptive moderation state flag (Amir Tzin) [RHEL-924] - net/mlx5e: Utilize the entire fifo (Amir Tzin) [RHEL-924] - net/mlx5: Implement thermal zone (Amir Tzin) [RHEL-924] - net/mlx5: Stop waiting for PCI up if teardown was triggered (Amir Tzin) [RHEL-924] - net/mlx5: remove redundant clear_bit (Amir Tzin) [RHEL-924] Resolves: RHEL-10025, RHEL-10100, RHEL-1261, RHEL-12873, RHEL-13397, RHEL-13501, RHEL-14152, RHEL-14659, RHEL-16007, RHEL-16317, RHEL-17256, RHEL-19014, RHEL-19431, RHEL-19575, RHEL-19721, RHEL-19794, RHEL-21054, RHEL-21096, RHEL-22160, RHEL-22161, RHEL-2553, RHEL-2690, RHEL-897, RHEL-924 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com> |