9dbacbed09
* Wed Jul 10 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.12.1.el8_10]
- net: bridge: xmit: make sure we have at least eth header len bytes (cki-backport-bot) [RHEL-44291] {CVE-2024-38538}
- drivers/amd/pm: fix a use-after-free in kv_parse_power_table (Michel Dänzer) [RHEL-26893] {CVE-2023-52469}
- SUNRPC: Fix a suspicious RCU usage warning (Scott Mayhew) [RHEL-30503] {CVE-2023-52623}
- ice: Fix some null pointer dereference issues in ice_ptp.c (Petr Oros) [RHEL-26901] {CVE-2023-52471}
- xfs: fix internal error from AGFL exhaustion (Pavel Reichl) [RHEL-45581]
- sched/psi: Fix use-after-free in ep_remove_wait_queue() (Phil Auld) [RHEL-38117] {CVE-2023-52707}
- wait: add wake_up_pollfree() (Phil Auld) [RHEL-38117]
- net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (Hangbin Liu) [RHEL-33269] {CVE-2024-26852}
- net: bridge: switchdev: Skip MDB replays of deferred events on offload (Ivan Vecera) [RHEL-33117] {CVE-2024-26837}
- ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (Pavel Reichl) [RHEL-31700] {CVE-2024-26772}
- ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() (Pavel Reichl) [RHEL-31688] {CVE-2024-26773}
- ext4: fix double-free of blocks due to wrong extents moved_len (Pavel Reichl) [RHEL-31612] {CVE-2024-26704}
- vxlan: Pull inner IP header in vxlan_xmit_one(). (Guillaume Nault) [RHEL-31389]
- geneve: Fix incorrect inner network header offset when innerprotoinherit is set (Guillaume Nault) [RHEL-31389]
- vxlan: Pull inner IP header in vxlan_rcv(). (Guillaume Nault) [RHEL-31389]
- geneve: fix header validation in geneve[6]_xmit_skb (Guillaume Nault) [RHEL-31389]
- geneve: make sure to pull inner header in geneve_rx() (Guillaume Nault) [RHEL-31389]
- net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb (Guillaume Nault) [RHEL-31389]
- net: geneve: check skb is large enough for IPv4/IPv6 header (Guillaume Nault) [RHEL-31389]
- net/smc: fix neighbour and rtable leak in smc_ib_find_route() (Tobias Huschle) [RHEL-39744] {CVE-2024-36945}
- igb: Fix string truncation warnings in igb_set_fw_version (Corinna Vinschen) [RHEL-38452] {CVE-2024-36010}
- bonding: stop the device in bond_setup_by_slave() (Hangbin Liu) [RHEL-38327] {CVE-2023-52784}
- i40e: fix vf may be used uninitialized in this function warning (Kamal Heib) [RHEL-39702] {CVE-2024-36020}
- powerpc/64: Fix the definition of the fixmap area (Mamatha Inamdar) [RHEL-27191] {CVE-2021-47018}
- powerpc/mm/hash64: Add a variable to track the end of IO mapping (Mamatha Inamdar) [RHEL-27191] {CVE-2021-47018}
- nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment(). (Xin Long) [RHEL-39770] {CVE-2024-36933}
- net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (Xin Long) [RHEL-39770]
- net: core: reject skb_copy(_expand) for fraglist GSO skbs (Xin Long) [RHEL-39779] {CVE-2024-36929}
- tcp: properly terminate timers for kernel sockets (Guillaume Nault) [RHEL-37171] {CVE-2024-35910}
- net: relax socket state check at accept time. (Florian Westphal) [RHEL-39831]
- tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (Florian Westphal) [RHEL-39831] {CVE-2024-36905}
- tcp: remove redundant check on tskb (Florian Westphal) [RHEL-39831]
- drm/ast: Fix soft lockup (cki-backport-bot) [RHEL-37438] {CVE-2024-35952}
- null_blk: Fix return value of nullb_device_power_store() (Ming Lei) [RHEL-39341]
- null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (Ming Lei) [RHEL-39341]
- null_blk: fix return value from null_add_dev() (Ming Lei) [RHEL-39341]
Resolves: RHEL-26893, RHEL-26901, RHEL-27191, RHEL-30503, RHEL-31389, RHEL-31612, RHEL-31688, RHEL-31700, RHEL-33117, RHEL-33269, RHEL-37171, RHEL-37438, RHEL-38117, RHEL-38327, RHEL-38452, RHEL-39341, RHEL-39702, RHEL-39744, RHEL-39770, RHEL-39779, RHEL-39831, RHEL-44291, RHEL-45581
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
10 MiB
10 MiB
The file is too large to be shown.
View Raw