kernel/kernel.spec
Denys Vlasenko 4c931425b4 kernel-4.18.0-553.19.1.el8_10
* Thu Aug 22 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.19.1.el8_10]
- drm/i915/vma: Fix UAF on destroy against retire race (Mika Penttilä) [RHEL-35222] {CVE-2024-26939}
- RHEL-48620 (Kenneth Yin) [RHEL-48620]
- net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() (CKI Backport Bot) [RHEL-42721] {CVE-2024-26855}
- net: usb: asix: do not force pause frames support (Ken Cox) [RHEL-28108] {CVE-2021-47101}
- net: asix: fix "can't send until first packet is send" issue (Ken Cox) [RHEL-28108] {CVE-2021-47101}
- net: asix: fix modprobe "sysfs: cannot create duplicate filename" (Ken Cox) [RHEL-28108] {CVE-2021-47101}
- net: asix: add proper error handling of usb read errors (Ken Cox) [RHEL-28108] {CVE-2021-47101}
- asix: fix wrong return value in asix_check_host_enable() (Ken Cox) [RHEL-28108] {CVE-2021-47101}
- asix: fix uninit-value in asix_mdio_read() (Ken Cox) [RHEL-28108] {CVE-2021-47101}
- net: usb: asix: ax88772: fix boolconv.cocci warnings (Ken Cox) [RHEL-28108] {CVE-2021-47101}
- net: usb: asix: do not call phy_disconnect() for ax88178 (Ken Cox) [RHEL-28108] {CVE-2021-47101}
- net: usb: asix: ax88772: move embedded PHY detection as early as possible (Ken Cox) [RHEL-28108] {CVE-2021-47101}
- net: asix: fix uninit value bugs (Ken Cox) [RHEL-28108] {CVE-2021-47101}
- net: usb: asix: ax88772: add missing stop (Ken Cox) [RHEL-28108] {CVE-2021-47101}
- net: usb: asix: ax88772: suspend PHY on driver probe (Ken Cox) [RHEL-28108] {CVE-2021-47101}
- net: usb: asix: ax88772: manage PHY PM from MAC (Ken Cox) [RHEL-28108] {CVE-2021-47101}
- net: usb: asix: ax88772: Fix less than zero comparison of a u16 (Ken Cox) [RHEL-28108] {CVE-2021-47101}
- net: usb: asix: Fix less than zero comparison of a u16 (Ken Cox) [RHEL-28108] {CVE-2021-47101}
- net: usb: asix: add error handling for asix_mdio_* functions (Ken Cox) [RHEL-28108] {CVE-2021-47101}
- net: usb: asix: ax88772: add phylib support (Ken Cox) [RHEL-28108] {CVE-2021-47101}
- net: usb: asix: refactor asix_read_phy_addr() and handle errors on return (Ken Cox) [RHEL-28108] {CVE-2021-47101}
- SUNRPC: always free ctxt when freeing deferred request (Jay Shin) [RHEL-40936]
- SUNRPC: double free xprt_ctxt while still in use (Jay Shin) [RHEL-40936]
- SUNRPC: Remove svc_rqst::rq_xprt_hlen (Jay Shin) [RHEL-40936]
- SUNRPC: Remove dead code in svc_tcp_release_rqst() (Jay Shin) [RHEL-40936]
- x86/bugs: Extend VMware Retbleed workaround to Nehalem & earlier CPUs (Waiman Long) [RHEL-48646]
- wifi: iwlwifi: read txq->read_ptr under lock (Jose Ignacio Tornos Martinez) [RHEL-39797] {CVE-2024-36922}
- scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (John Meneghini) [RHEL-39908] {CVE-2024-36919}
- nbd: always initialize struct msghdr completely (Ming Lei) [RHEL-29498] {CVE-2024-26638}
- block: don't call rq_qos_ops->done_bio if the bio isn't tracked (Ming Lei) [RHEL-42151] {CVE-2021-47412}
- nvmet: fix a possible leak when destroy a ctrl during qp establishment (Maurizio Lombardi) [RHEL-52013] {CVE-2024-42152}
- ipv6: prevent NULL dereference in ip6_output() (Sabrina Dubroca) [RHEL-39912] {CVE-2024-36901}
- ppp: reject claimed-as-LCP but actually malformed packets (Guillaume Nault) [RHEL-51052] {CVE-2024-41044}
- leds: trigger: Unregister sysfs attributes before calling deactivate() (CKI Backport Bot) [RHEL-54834] {CVE-2024-43830}
- crypto: bcm - Fix pointer arithmetic (cki-backport-bot) [RHEL-44108] {CVE-2024-38579}
- scsi: qedf: Ensure the copied buf is NUL terminated (John Meneghini) [RHEL-44195] {CVE-2024-38559}
- x86/bhi: Avoid warning in #DB handler due to BHI mitigation (Waiman Long) [RHEL-53657] {CVE-2024-42240}
- scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory (CKI Backport Bot) [RHEL-47529] {CVE-2024-40901}
- ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() (CKI Backport Bot) [RHEL-39843] {CVE-2024-36902}
- net: usb: ax88179_178a: improve link status logs (Jose Ignacio Tornos Martinez) [RHEL-45167]
- net: usb: ax88179_178a: improve reset check (Jose Ignacio Tornos Martinez) [RHEL-45167]
- net: usb: ax88179_178a: fix link status when link is set to down/up (Jose Ignacio Tornos Martinez) [RHEL-45167]
- net: usb: ax88179_178a: avoid writing the mac address before first reading (Jose Ignacio Tornos Martinez) [RHEL-45167]
- KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() (Shaoqin Huang) [RHEL-40837] {CVE-2024-36953}
- KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id (Shaoqin Huang) [RHEL-40837] {CVE-2024-36953}
- media: cec: cec-api: add locking in cec_release() (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: core: avoid confusing "transmit timed out" message (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: core: avoid recursive cec_claim_log_addrs (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: cec-adap: always cancel work in cec_transmit_msg_fh (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: core: remove length check of Timer Status (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: core: count low-drive, error and arb-lost conditions (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: core: add note about *_from_edid() function usage in drm (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: core: add adap_unconfigured() callback (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: core: add adap_nb_transmit_canceled() callback (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: core: don't set last_initiator if tx in progress (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: core: disable adapter in cec_devnode_unregister (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: core: not all messages were passed on when monitoring (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: add support for Absolute Volume Control (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec-adap.c: log when claiming LA fails unexpectedly (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec-adap.c: drop activate_cnt, use state info instead (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec-adap.c: reconfigure if the PA changes during configuration (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec-adap.c: fix is_configuring state (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec-adap.c: stop trying LAs on CEC_TX_STATUS_TIMEOUT (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec-adap.c: don't unconfigure if already unconfigured (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: add optional adap_configured callback (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: add xfer_timeout_ms field (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: use call_op and check for !unregistered (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec-pin: fix interrupt en/disable handling (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec-pin: drop unused 'enabled' field from struct cec_pin (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec-pin: fix off-by-one SFT check (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec-pin: rename timer overrun variables (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: correctly pass on reply results (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: abort if the current transmit was canceled (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: call enable_adap on s_log_addrs (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: media/cec.h: document cec_adapter fields (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: fix a deadlock situation (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: safely unhook lists in cec_data (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: copy sequence field for the reply (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: fix trivial style warnings (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec-adap.c: add 'unregistered' checks (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec-adap.c: don't use flush_scheduled_work() (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: Use fallthrough pseudo-keyword (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: remove unused waitq and phys_addrs fields (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: silence shift wrapping warning in __cec_s_log_addrs() (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- media: cec: move the core to a separate directory (Kate Hsuan) [RHEL-22559] {CVE-2024-23848}
- net/iucv: Avoid explicit cpumask var allocation on stack (CKI Backport Bot) [RHEL-51631] {CVE-2024-42094}
- scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info (Dick Kennedy) [RHEL-40400]
- KVM: selftests: Make hyperv_clock require TSC based system clocksource (Vitaly Kuznetsov) [RHEL-19027]
- KVM: selftests: Run clocksource dependent tests with hyperv_clocksource_tsc_page too (Vitaly Kuznetsov) [RHEL-19027]
- KVM: selftests: Use generic sys_clocksource_is_tsc() in vmx_nested_tsc_scaling_test (Vitaly Kuznetsov) [RHEL-19027]
- KVM: selftests: Generalize check_clocksource() from kvm_clock_test (Vitaly Kuznetsov) [RHEL-19027]
- firmware: cs_dsp: Return error if block header overflows file (CKI Backport Bot) [RHEL-53646] {CVE-2024-42238}
- firmware: cs_dsp: Validate payload length before processing block (CKI Backport Bot) [RHEL-53638] {CVE-2024-42237}
- mm, slub: fix potential memoryleak in kmem_cache_open() (Waiman Long) [RHEL-38404] {CVE-2021-47466}
- slub: don't panic for memcg kmem cache creation failure (Waiman Long) [RHEL-38404] {CVE-2021-47466}
- wifi: ath11k: fix htt pktlog locking (Jose Ignacio Tornos Martinez) [RHEL-38317] {CVE-2023-52800}
- wifi: ath11k: fix dfs radar event locking (Jose Ignacio Tornos Martinez) [RHEL-38165] {CVE-2023-52798}
- lib/generic-radix-tree.c: Don't overflow in peek() (Waiman Long) [RHEL-37737] {CVE-2021-47432}
- include/linux/generic-radix-tree.h: replace kernel.h with the necessary inclusions (Waiman Long) [RHEL-37737] {CVE-2021-47432}
- EDAC/i10nm: Skip the absent memory controllers (Aristeu Rozanski) [RHEL-43236]
- scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (John Meneghini) [RHEL-38197] {CVE-2023-52809}
- gfs2: Fix potential glock use-after-free on unmount (Andreas Gruenbacher) [RHEL-44149] {CVE-2024-38570}
- gfs2: simplify gdlm_put_lock with out_free label (Andreas Gruenbacher) [RHEL-44149] {CVE-2024-38570}
- gfs2: Remove ill-placed consistency check (Andreas Gruenbacher) [RHEL-44149] {CVE-2024-38570}
- nvme-fc: do not wait in vain when unloading module (Ewan D. Milne) [RHEL-33083] {CVE-2024-26846}
- HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts (CKI Backport Bot) [RHEL-49698] {CVE-2022-48866}
- scsi: qedf: Set qed_slowpath_params to zero before use (John Meneghini) [RHEL-9797]
- scsi: qedf: Wait for stag work during unload (John Meneghini) [RHEL-9797]
- scsi: qedf: Don't process stag work during unload and recovery (John Meneghini) [RHEL-9797]
- Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" (Audra Mitchell) [RHEL-42625] {CVE-2024-26720}
- mm: avoid overflows in dirty throttling logic (Audra Mitchell) [RHEL-51840] {CVE-2024-42131}
- mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again (Audra Mitchell) [RHEL-42625] {CVE-2024-26720}
- ACPI: fix NULL pointer dereference (Mark Langsdorf) [RHEL-37897] {CVE-2021-47289}
Resolves: RHEL-19027, RHEL-22559, RHEL-28108, RHEL-29498, RHEL-33083, RHEL-35222, RHEL-37737, RHEL-37897, RHEL-38165, RHEL-38197, RHEL-38317, RHEL-38404, RHEL-39797, RHEL-39843, RHEL-39908, RHEL-39912, RHEL-40400, RHEL-40837, RHEL-40936, RHEL-42151, RHEL-42625, RHEL-42721, RHEL-43236, RHEL-44108, RHEL-44149, RHEL-44195, RHEL-45167, RHEL-47529, RHEL-48620, RHEL-48646, RHEL-49698, RHEL-51052, RHEL-51631, RHEL-51840, RHEL-52013, RHEL-53638, RHEL-53646, RHEL-53657, RHEL-54834, RHEL-9797

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
2024-08-22 11:08:48 +02:00

10 MiB

The file is too large to be shown. View Raw