6d43a57074
* Fri Jun 28 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.10.1.el8_10] - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries (Scott Mayhew) [RHEL-38264] {CVE-2023-52803} - scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (Ewan D. Milne) [RHEL-39717] {CVE-2024-36025} - tcp: add sanity checks to rx zerocopy (Guillaume Nault) [RHEL-29494] {CVE-2024-26640} - SUNRPC: fix some memleaks in gssx_dec_option_array (Scott Mayhew) [RHEL-35209] {CVE-2024-27388} - wifi: nl80211: don't free NULL coalescing rule (Jose Ignacio Tornos Martinez) [RHEL-39752] {CVE-2024-36941} - nfs: fix UAF in direct writes (Scott Mayhew) [RHEL-34975] {CVE-2024-26958} - NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (Scott Mayhew) [RHEL-33228] {CVE-2024-26870} - drm/amd/pm: Fix error of MACO flag setting code (Michel Dänzer) [RHEL-15928] - scsi: aacraid: fix io hangs and improve performance (John Meneghini) [RHEL-23913] - block: prevent division by zero in blk_rq_stat_sum() (Ming Lei) [RHEL-37279] {CVE-2024-35925} - block: fix overflow in blk_ioctl_discard() (Ming Lei) [RHEL-39811] {CVE-2024-36917} - virtio-blk: fix implicit overflow on virtio_max_dma_size (Ming Lei) [RHEL-38131] {CVE-2023-52762} - nbd: null check for nla_nest_start (Ming Lei) [RHEL-35176] {CVE-2024-27025} - isdn: mISDN: netjet: Fix crash in nj_probe: (Ken Cox) [RHEL-38444] {CVE-2021-47284} - isdn: mISDN: Fix sleeping function called from invalid context (Ken Cox) [RHEL-38400] {CVE-2021-47468} - net/smc: avoid data corruption caused by decline (Tobias Huschle) [RHEL-38234] {CVE-2023-52775} - ubi: Check for too small LEB size in VTBL code (David Arcari) [RHEL-25092] {CVE-2024-25739} - i2c: core: Fix atomic xfer check for non-preempt config (Steve Best) [RHEL-38313] {CVE-2023-52791} - i2c: core: Run atomic i2c xfer when !preemptible (Steve Best) [RHEL-38313] {CVE-2023-52791} - firewire: ohci: mask bus reset interrupts between ISR and bottom half (Steve Best) [RHEL-39902] {CVE-2024-36950} - ipv6: init the accept_queue's spinlocks in inet6_create (Guillaume Nault) [RHEL-28899] {CVE-2024-26614} - tcp: make sure init the accept_queue's spinlocks once (Guillaume Nault) [RHEL-28899] {CVE-2024-26614} - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (Steve Best) [RHEL-39352] {CVE-2024-36016} - mlxsw: spectrum_acl_tcam: Fix incorrect list API usage (Ivan Vecera) [RHEL-37484] {CVE-2024-36006} - pwm: Fix double shift bug (Steve Best) [RHEL-38278] {CVE-2023-52756} - mmc: sdio: fix possible resource leaks in some error paths (Steve Best) [RHEL-38149] {CVE-2023-52730} - of: unittest: Fix compile in the non-dynamic case (Steve Best) [RHEL-37070] {CVE-2023-52679} - of: unittest: Fix of_count_phandle_with_args() expected value message (Steve Best) [RHEL-37070] {CVE-2023-52679} - of: Fix double free in of_parse_phandle_with_args_map (Steve Best) [RHEL-37070] {CVE-2023-52679} - pinctrl: core: delete incorrect free in pinctrl_enable() (Steve Best) [RHEL-39756] {CVE-2024-36940} - pinctrl: core: fix possible memory leak in pinctrl_enable() (Steve Best) [RHEL-39756] {CVE-2024-36940} - media: gspca: cpia1: shift-out-of-bounds in set_flicker (Desnes Nunes) [RHEL-38331] {CVE-2023-52764} - tipc: fix a possible memleak in tipc_buf_append (Xin Long) [RHEL-39881] {CVE-2024-36954} - cifs: fix mid leak during reconnection after timeout threshold (Paulo Alcantara) [RHEL-36222] - cifs: Fix use-after-free in rdata->read_into_pages() (Paulo Alcantara) [RHEL-36222] - cifs: Fix pages leak when writedata alloc failed in cifs_write_from_iter() (Paulo Alcantara) [RHEL-36222] - cifs: Fix pages array leak when writedata alloc failed in cifs_writedata_alloc() (Paulo Alcantara) [RHEL-36222] - cifs: destage dirty pages before re-reading them for cache=none (Paulo Alcantara) [RHEL-36222] - cifs: destage any unwritten data to the server before calling copychunk_write (Paulo Alcantara) [RHEL-36222] - Adjust cifssb maximum read size (Paulo Alcantara) [RHEL-36222] - cifs: make locking consistent around the server session status (Paulo Alcantara) [RHEL-36222] - cifs: fix credit accounting for extra channel (Paulo Alcantara) [RHEL-36222] - smb3: prevent races updating CurrentMid (Paulo Alcantara) [RHEL-36222] - cifs: fix missing spinlock around update to ses->status (Paulo Alcantara) [RHEL-36222] - cifs: use echo_interval even when connection not ready. (Paulo Alcantara) [RHEL-36222] - cifs: detect dead connections only when echoes are enabled. (Paulo Alcantara) [RHEL-36222] - cifs: Fix preauth hash corruption (Paulo Alcantara) [RHEL-36222] - cifs: do not send close in compound create+close requests (Paulo Alcantara) [RHEL-36222] - cifs: ask for more credit on async read/write code paths (Paulo Alcantara) [RHEL-36222] - cifs: use discard iterator to discard unneeded network data more efficiently (Paulo Alcantara) [RHEL-36222] - cifs: Fix in error types returned for out-of-credit situations. (Paulo Alcantara) [RHEL-36222] - smb3: fix crediting for compounding when only one request in flight (Paulo Alcantara) [RHEL-36222] - cifs: New optype for session operations. (Paulo Alcantara) [RHEL-36222] - mm/gup: do not return 0 from pin_user_pages_fast() for bad args (Paulo Alcantara) [RHEL-36222] - wifi: brcmfmac: pcie: handle randbuf allocation failure (Jose Ignacio Tornos Martinez) [RHEL-44124] {CVE-2024-38575} - tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). (Guillaume Nault) [RHEL-39835] {CVE-2024-36904} - wifi: mac80211: don't return unset power in ieee80211_get_tx_power() (Jose Ignacio Tornos Martinez) [RHEL-38159] {CVE-2023-52832} - wifi: ath11k: fix gtk offload status event locking (Jose Ignacio Tornos Martinez) [RHEL-38155] {CVE-2023-52777} - net: ieee802154: fix null deref in parse dev addr (Steve Best) [RHEL-38012] {CVE-2021-47257} - mm/hugetlb: fix missing hugetlb_lock for resv uncharge (Rafael Aquini) [RHEL-37465] {CVE-2024-36000} - x86/xen: Add some null pointer checking to smp.c (Vitaly Kuznetsov) [RHEL-33258] {CVE-2024-26908} - x86/xen: Fix memory leak in xen_smp_intr_init{_pv}() (Vitaly Kuznetsov) [RHEL-33258] {CVE-2024-26908} - wifi: cfg80211: check A-MSDU format more carefully (Jose Ignacio Tornos Martinez) [RHEL-37343] {CVE-2024-35937} - wifi: rtw89: fix null pointer access when abort scan (Jose Ignacio Tornos Martinez) [RHEL-37355] {CVE-2024-35946} - atl1c: Work around the DMA RX overflow issue (Ken Cox) [RHEL-38287] {CVE-2023-52834} - wifi: ath11k: decrease MHI channel buffer length to 8KB (Jose Ignacio Tornos Martinez) [RHEL-37339] {CVE-2024-35938} - wifi: iwlwifi: mvm: rfi: fix potential response leaks (Jose Ignacio Tornos Martinez) [RHEL-37163] {CVE-2024-35912} - USB: core: Fix access violation during port device removal (Desnes Nunes) [RHEL-39853] {CVE-2024-36896} - scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (Ewan D. Milne) [RHEL-37123] {CVE-2024-35930} - netfilter: nf_tables: honor table dormant flag from netdev release event path (Phil Sutter) [RHEL-37450] {CVE-2024-36005} - wifi: iwlwifi: mvm: don't set the MFP flag for the GTK (Jose Ignacio Tornos Martinez) [RHEL-36898] {CVE-2024-27434} - wifi: iwlwifi: mvm: Fix key flags for IGTK on AP interface (Jose Ignacio Tornos Martinez) [RHEL-36898] {CVE-2024-27434} - misc: lis3lv02d_i2c: Fix regulators getting en-/dis-abled twice on suspend/resume (Steve Best) [RHEL-36932] {CVE-2024-35824} Resolves: RHEL-15928, RHEL-23913, RHEL-25092, RHEL-28899, RHEL-29494, RHEL-33228, RHEL-33258, RHEL-34975, RHEL-35176, RHEL-35209, RHEL-36222, RHEL-36898, RHEL-36932, RHEL-37070, RHEL-37123, RHEL-37163, RHEL-37279, RHEL-37339, RHEL-37343, RHEL-37355, RHEL-37450, RHEL-37465, RHEL-37484, RHEL-38012, RHEL-38131, RHEL-38149, RHEL-38155, RHEL-38159, RHEL-38234, RHEL-38264, RHEL-38278, RHEL-38287, RHEL-38313, RHEL-38331, RHEL-38400, RHEL-38444, RHEL-39352, RHEL-39717, RHEL-39752, RHEL-39756, RHEL-39811, RHEL-39835, RHEL-39853, RHEL-39881, RHEL-39902, RHEL-44124 Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
10 MiB
10 MiB
The file is too large to be shown.
View Raw