The Linux kernel
be580f9f8d
* Wed Nov 08 2023 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-523.el8]
- cifs: Fix UAF in cifs_demultiplex_thread() (Scott Mayhew) [RHEL-7930 RHEL-9046] {CVE-2023-1192}
- x86/platform/uv: Use alternate source for socket to node data (Frank Ramsay) [RHEL-13360]
- media: technisat-usb2: break out of loop at end of buffer (Desnes Nunes) [RHEL-3013 RHEL-3895] {CVE-2019-15505}
- can: af_can: fix NULL pointer dereference in can_rcv_filter (Ricardo Robaina) [RHEL-6429 RHEL-7053] {CVE-2023-2166}
- PCI/portdrv: Prevent LS7A Bus Master clearing on shutdown (Myron Stowe) [RHEL-5147]
- kernel/fork: beware of __put_task_struct() calling context (Wander Lairson Costa) [RHEL-14767]
- KVM: x86/mmu: Fix an sign-extension bug with mmu_seq that hangs vCPUs (Peter Xu) [RHEL-7210]
- net: tun: fix bugs for oversize packet when napi frags enabled (Ricardo Robaina) [RHEL-7185 RHEL-7267] {CVE-2023-3812}
- Bluetooth: hci_ldisc: check HCI_UART_PROTO_READY flag in HCIUARTGETPROTO (Jose Ignacio Tornos Martinez) [RHEL-6357] {CVE-2023-31083}
- RDMA/qedr: clean up work queue on failure in qedr_alloc_resources() (Kamal Heib) [RHEL-10313 RHEL-11030]
- RDMA/qedr: fix repeated words in comments (Kamal Heib) [RHEL-10313 RHEL-11030]
- x86/sev: Check for user-space IOIO pointing to kernel space (Wander Lairson Costa) [RHEL-14978] {CVE-2023-46813}
- x86/sev: Check IOBM for IOIO exceptions from user-space (Wander Lairson Costa) [RHEL-14978] {CVE-2023-46813}
- x86/sev: Disable MMIO emulation from user mode (Wander Lairson Costa) [RHEL-14978] {CVE-2023-46813}
- x86/sev-es: Fix SEV-ES OUT/IN immediate opcode vc handling (Wander Lairson Costa) [RHEL-14978] {CVE-2023-46813}
- USB: core: Fix oversight in SuperSpeed initialization (Desnes Nunes) [RHEL-2569 RHEL-2675] {CVE-2023-37453}
- USB: core: Fix race by not overwriting udev->descriptor in hub_port_init() (Desnes Nunes) [RHEL-2569 RHEL-2675] {CVE-2023-37453}
- USB: core: Change usb_get_device_descriptor() API (Desnes Nunes) [RHEL-2569 RHEL-2675] {CVE-2023-37453}
- USB: core: Unite old scheme and new scheme descriptor reads (Desnes Nunes) [RHEL-2569 RHEL-2675] {CVE-2023-37453}
- bonding: do not assume skb mac_header is set (Hangbin Liu) [RHEL-13959]
- bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves (Hangbin Liu) [RHEL-13959]
- bonding: support balance-alb with openvswitch (Hangbin Liu) [RHEL-13959]
- bonding: reset bond's flags when down link is P2P device (Hangbin Liu) [RHEL-13959]
- net: fix stack overflow when LRO is disabled for virtual interfaces (Hangbin Liu) [RHEL-13959]
- Documentation: bonding: fix the doc of peer_notif_delay (Hangbin Liu) [RHEL-13959]
- bonding: fix send_peer_notif overflow (Hangbin Liu) [RHEL-13959]
- bonding: Fix memory leak when changing bond type to Ethernet (Hangbin Liu) [RHEL-13959]
- bonding: restore bond's IFF_SLAVE flag if a non-eth dev enslave fails (Hangbin Liu) [RHEL-13959]
- bonding: restore IFF_MASTER/SLAVE flags on bond enslave ether type change (Hangbin Liu) [RHEL-13959]
- drivers/net/bonding/bond_3ad: return when there's no aggregator (Hangbin Liu) [RHEL-13959]
- KVM: s390: pv: Allow AP-instructions for pv-guests (Thomas Huth) [2111392]
- KVM: s390: Add UV feature negotiation (Thomas Huth) [2111392]
- s390/uv: UV feature check utility (Thomas Huth) [2111392]
- s390/vfio-ap: make sure nib is shared (Thomas Huth) [2111392]
- KVM: s390: export kvm_s390_pv*_is_protected functions (Thomas Huth) [2111392]
- s390/uv: export uv_pin_shared for direct usage (Thomas Huth) [2111392]
- s390/vfio-ap: check for TAPQ response codes 0x35 and 0x36 (Thomas Huth) [2111392]
- s390/vfio-ap: handle queue state change in progress on reset (Thomas Huth) [2111392]
- s390/vfio-ap: use work struct to verify queue reset (Thomas Huth) [2111392]
- s390/vfio-ap: store entire AP queue status word with the queue object (Thomas Huth) [2111392]
- s390/vfio-ap: remove upper limit on wait for queue reset to complete (Thomas Huth) [2111392]
- s390/vfio-ap: allow deconfigured queue to be passed through to a guest (Thomas Huth) [2111392]
- s390/vfio-ap: wait for response code 05 to clear on queue reset (Thomas Huth) [2111392]
- s390/vfio-ap: clean up irq resources if possible (Thomas Huth) [2111392]
- s390/vfio-ap: no need to check the 'E' and 'I' bits in APQSW after TAPQ (Thomas Huth) [2111392]
- s390/vfio-ap: fix memory leak in vfio_ap device driver (Thomas Huth) [2111392]
- s390/vfio-ap: remove redundant driver match function (Thomas Huth) [2111392]
- s390/vfio_ap: increase max wait time for reset verification (Thomas Huth) [2111392]
- s390/vfio_ap: fix handling of error response codes (Thomas Huth) [2111392]
- s390/vfio_ap: verify ZAPQ completion after return of response code zero (Thomas Huth) [2111392]
- s390/vfio_ap: use TAPQ to verify reset in progress completes (Thomas Huth) [2111392]
- s390/vfio_ap: check TAPQ response code when waiting for queue reset (Thomas Huth) [2111392]
- s390/vfio-ap: verify reset complete in separate function (Thomas Huth) [2111392]
- s390/vfio-ap: fix an error handling path in vfio_ap_mdev_probe_queue() (Thomas Huth) [2111392]
- s390/vfio-ap: add s390dbf logging to the vfio_ap_irq_enable function (Thomas Huth) [2111392]
- s390-vfio-ap: introduces s390 kernel debug feature for vfio_ap device driver (Thomas Huth) [2111392]
Resolves: rhbz#2111392, RHEL-10313, RHEL-11030, RHEL-13360, RHEL-13959, RHEL-14767, RHEL-14978, RHEL-2569, RHEL-2675, RHEL-3013, RHEL-3895, RHEL-5147, RHEL-6357, RHEL-6429, RHEL-7053, RHEL-7185, RHEL-7210, RHEL-7267, RHEL-7930, RHEL-9046
Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
|
||
|---|---|---|
| .gitignore | ||
| centossecureboot201.cer | ||
| centossecurebootca2.cer | ||
| check-kabi | ||
| cpupower.config | ||
| cpupower.service | ||
| filter-aarch64.sh | ||
| filter-modules.sh | ||
| filter-ppc64le.sh | ||
| filter-s390x.sh | ||
| filter-x86_64.sh | ||
| gating.yaml | ||
| generate_all_configs.sh | ||
| generate_bls_conf.sh | ||
| kernel-aarch64-debug.config | ||
| kernel-aarch64.config | ||
| kernel-ppc64le-debug.config | ||
| kernel-ppc64le.config | ||
| kernel-s390x-debug.config | ||
| kernel-s390x-zfcpdump.config | ||
| kernel-s390x.config | ||
| kernel-x86_64-debug.config | ||
| kernel-x86_64.config | ||
| kernel.spec | ||
| kvm_stat.logrotate | ||
| linux-kernel-test.patch | ||
| mod-blacklist.sh | ||
| mod-extra.list | ||
| mod-internal.list | ||
| mod-sign.sh | ||
| Module.kabi_aarch64 | ||
| Module.kabi_dup_aarch64 | ||
| Module.kabi_dup_ppc64le | ||
| Module.kabi_dup_s390x | ||
| Module.kabi_dup_x86_64 | ||
| Module.kabi_ppc64le | ||
| Module.kabi_s390x | ||
| Module.kabi_x86_64 | ||
| parallel_xz.sh | ||
| process_configs.sh | ||
| redhatsecureboot302.cer | ||
| redhatsecureboot303.cer | ||
| redhatsecureboot501.cer | ||
| redhatsecurebootca3.cer | ||
| redhatsecurebootca7.cer | ||
| rheldup3.x509 | ||
| rhelkpatch1.x509 | ||
| rpminspect.yaml | ||
| sources | ||
| x509.genkey | ||