ELSA-2019-2029

ELSA-2019-2029 - kernel security, bug fix, and enhancement update

Type:SECURITY
Severity:IMPORTANT
Release Date:2019-08-13

Description


[3.10.0-1062.OL7]
- Oracle Linux certificates (Alexey Petrenko)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]

[3.10.0-1062]
- [fs] revert 'xfs: disable copy_file_range() to avoid broken splice copy' (Eric Sandeen) [1731205]

[3.10.0-1061]
- [linux] efi: Disable local interrupts across efi run-time calls (Lenny Szubowicz) [1716252]
- [net] tcp: refine memory limit test in tcp_fragment() (Florian Westphal) [1723032]
- [net] tcp: provide TCP_FRAG_IN_WRITE/RTX_QUEUE for tcp_fragment use (Florian Westphal) [1723032]

[3.10.0-1060]
- [char] random: move FIPS continuous test to output functions (Herbert Xu) [1723910]
- [netdrv] i40e: fix WoL support check (Stefan Assmann) [1720021]
- [fs] revert 'gfs2: Use d_materialise_unique instead of d_splice_alias' (Robert S Peterson) [1677686]
- [mm] vmpressure: make sure there are no events queued after memcg is offlined (Vratislav Bendel) [1685447]
- [mm] revert 'mm: split page_type out from _mapcount' (David Hildenbrand) [1723689]
- [mm] huge_memory: make pmd huge before dirty (Rafael Aquini) [1720278]
- [mm] revert 'dont split THP page when MADV_FREE syscall is called' (Rafael Aquini) [1720278]
- [mm] revert 'fix incorrect unlock error path in madvise_free_huge_pmd' (Rafael Aquini) [1720278]
- [mm] revert 'pmd dirty emulation in page fault handler' (Rafael Aquini) [1720278]
- [mm] revert 'thp: fix crash due race in MADV_FREE handling' (Rafael Aquini) [1720278]

[3.10.0-1059]
- [scsi] scsi: megaraid_sas: return error when create DMA pool failed (Tomas Henzl) [1712861] {CVE-2019-11810}
- [fs] cifs: cifs_read_allocate_pages: dont iterate through whole page array on ENOMEM (Leif Sahlberg) [1714220]
- [fs] cifs: add more spinlocks to pretect against races (Leif Sahlberg) [1580165]
- [fs] xfs: serialize unaligned dio writes against all other dio writes (Brian Foster) [1699800]
- [fs] xfs: disable copy_file_range() to avoid broken splice copy (Brian Foster) [1688067]
- [fs] ext4: check superblock mapped prior to committing (Lukas Czerner) [1721737]
- [sound] alsa: alsa: hda - do not use ALC255_FIXUP_MIC_MUTE_LED for Huawei laptops (Jaroslav Kysela) [1721867]
- [sound] alsa: revert '[sound] alsa: hda - Support led audio trigger' (Jaroslav Kysela) [1721867]
- [mm] memory_hotplug: fix scan_movable_pages() for gigantic hugepages (Rafael Aquini) [1721503]
- [mm] page_alloc: fix has_unmovable_pages for HugePages (Rafael Aquini) [1721503]
- [mm] memory_hotplug: check zone_movable in has_unmovable_pages (Rafael Aquini) [1721503]
- [mm] memory_hotplug: make has_unmovable_pages more robust (Rafael Aquini) [1721503]
- [kernel] workqueue: Fix NULL pointer dereference (Denys Vlasenko) [1655834]

[3.10.0-1058]
- [net] tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (Florian Westphal) [1719915] {CVE-2019-11479}
- [net] tcp: add tcp_min_snd_mss sysctl (Florian Westphal) [1719915] {CVE-2019-11479}
- [net] tcp: limit payload size of sacked skbs (Florian Westphal) [1719595] {CVE-2019-11477}
- [net] tcp: pass previous skb to tcp_shifted_skb() (Florian Westphal) [1719595] {CVE-2019-11477}
- [net] tcp: tcp_fragment() should apply sane memory limits (Florian Westphal) [1719850] {CVE-2019-11478}
- [fs] Revert 'Fix default behaviour for empty domains and add domainauto option' (Leif Sahlberg) [1710421]
- [fs] libceph: handle an empty authorize reply (Ilya Dryomov) [1718305]
- [scsi] qla2xxx: Mark NVMe/FC initiator mode usage as technology preview (Ewan Milne) [1721655]
- [nvme] Removing DMA_ATTR_NO_WARN for dma_alloc_attrs (Gopal Tiwari) [1715433]
- [netdrv] qlcnic: fix Tx descriptor corruption on 82xx devices (Manish Chopra) [1715481]
- [mm] mincore.c: make mincore() more conservative (Rafael Aquini) [1664199] {CVE-2019-5489}
- [kernel] pm/hibernate: exclude all PageOffline() pages (David Hildenbrand) [1718771]
- [hv] hv_balloon: mark inflated pages PG_offline (David Hildenbrand) [1718771]
- [kernel] kexec: export PG_offline to VMCOREINFO (David Hildenbrand) [1718771]
- [kernel] mm: convert PG_balloon to PG_offline (David Hildenbrand) [1718771]
- [kernel] mm: split page_type out from _mapcount (David Hildenbrand) [1718771]
- [kernel] mm: clean up non-standard page->_mapcount users (David Hildenbrand) [1718771]
(David Hildenbrand) [1718771]
- [kernel] mm: page-flags: clean up the page flag test, set, clear macros (David Hildenbrand) [1718771]
- [kernel] alarmtimer: Prevent overflow for relative nanosleep (Artem Savkov) [1653677] {CVE-2018-13053}
- [kernel] module.c: Only return -EEXIST for modules that have finished loading part II (Prarit Bhargava) [1704844]
- [x86] mm: Create an SME workarea in the kernel for early encryption (Lianbo Jiang) [1718348]
- [x86] mm: Identify the end of the kernel area to be reserved (Lianbo Jiang) [1718348]
- [x86] kdump: Export the SME mask to vmcoreinfo (Lianbo Jiang) [1718348]
- [fs] proc/vmcore: Fix i386 build error of missing copy_oldmem_page_encrypted() (Lianbo Jiang) [1718348]
- [x86] kdump, proc/vmcore: Enable kdumping encrypted memory with SME enabled (Lianbo Jiang) [1718348]
- [iommu] amd: Remap the IOMMU device table with the memory encryption mask for kdump (Lianbo Jiang) [1718348]
- [kernel] kexec: Allocate decrypted control pages for kdump if SME is enabled (Lianbo Jiang) [1718348]
- [x86] ioremap: Add an ioremap_encrypted() helper (Lianbo Jiang) [1718348]
- [x86] pti: Do not create debugfs for the pti_enabled when SME is active (Lianbo Jiang) [1720997]
- [x86] resctrl: Prevent NULL pointer dereference when local MBM is disabled (Prarit Bhargava) [1713547]
- [s390] pkey: Indicate old mkvp only if old and current mkvp are different (Hendrik Brueckner) [1720388]
- [s390] qdio: clear intparm during shutdown (Hendrik Brueckner) [1720390]
- [s390] Remove VLAIS in ptff() and clear_table() (Yauheni Kaliuta) [1691710]
- [s390] remove 31 bit support (Yauheni Kaliuta) [1691710]
- [s390] timex: fix get_tod_clock_ext() inline assembly (Yauheni Kaliuta) [1691710]
- [s390] Use for_each_set_bit_inv instead of for_each_set_bit_left (Yauheni Kaliuta) [1691710]
- [s390] bitops: add for_each_set_bit_inv helper (Yauheni Kaliuta) [1691710]
- [s390] bitops: rename find_first_bit_left() to find_first_bit_inv() (Yauheni Kaliuta) [1691710]
- [s390] bitops: use flogr instruction to implement __ffs, ffs, __fls, fls and fls64 (Yauheni Kaliuta) [1691710]
- [s390] bitops: use generic find bit functions / reimplement _left variant (Yauheni Kaliuta) [1691710]
- [s390] bitops: remove CONFIG_SMP / simplify non-atomic bitops (Yauheni Kaliuta) [1691710]
- [s390] bitops: make use of interlocked-access facility 1 instructions (Yauheni Kaliuta) [1691710]
- [s390] bitops: fix inline assembly constraints (Yauheni Kaliuta) [1691710]

[3.10.0-1057]
- [fs] ext4: zero out the unused memory region in the extent tree block (Lukas Czerner) [1715280] {CVE-2019-11833}
- [fs] revert 'lockd: Show pid of lockd for remote locks' (Benjamin Coddington) [1717377]
- [scsi] qla2xxx: Allow IRQ balance to spread vectors across multiple CPU (Himanshu Madhani) [1713412]
- [netdrv] i40e: Do not check VF state in i40e_ndo_get_vf_config (Stefan Assmann) [1701191]
- [netdrv] qed: Backport missing hw ptp config hunks (Manish Chopra) [1712585]
- [infiniband] rdma/qedr: Fix incorrect device rate (Manish Chopra) [1713577]
- [watchdog] core: Add watchdog_thresh command line parameter (Prarit Bhargava) [1714612]
- [x86] kvm: x86: Sync the pending Posted-Interrupts (Peter Xu) [1719525]
- [x86] kvm: vmx: remove WARN_ON_ONCE in kvm_vcpu_trigger_posted_interrupt (Peter Xu) [1719525]

[3.10.0-1056]
- [infiniband] ib/mlx5: Allow modify AV in DCI QP to RTR (Alaa Hleihel) [1714002]
- [scsi] core: Allow state transitions from OFFLINE to BLOCKED (Ewan Milne) [1631136]
- [edac] amd64: Set maximum channel layer size depending on family (Gary Hook) [1705210]
- [edac] amd64: Adjust printed chip select sizes when interleaved (Gary Hook) [1705210]
- [edac] amd64: Recognize x16 symbol size (Gary Hook) [1705210]
- [edac] amd64: Support more than two Unified Memory Controllers (Gary Hook) [1705210]
- [edac] amd64: Use a macro for iterating over Unified Memory Controllers (Gary Hook) [1705210]
- [edac] amd64: Add Family 17h, models 10h-2fh support (Gary Hook) [1705210]
- [vhost] vsock: add weight support (Jason Wang) [1702943] {CVE-2019-3900}
- [vhost] vhost_net: fix possible infinite loop (Jason Wang) [1702943] {CVE-2019-3900}
- [vhost] introduce vhost_exceeds_weight() (Jason Wang) [1702943] {CVE-2019-3900}
- [vhost] vhost_net: introduce vhost_exceeds_weight() (Jason Wang) [1702943] {CVE-2019-3900}
- [vhost] vhost_net: use packet weight for rx handler, too (Jason Wang) [1702943] {CVE-2019-3900}
- [vhost] vhost-net: set packet weight of tx polling to 2 * vq size (Jason Wang) [1702943] {CVE-2019-3900}
- [vhost] dont read and process iotlb message with bad lenth (Jason Wang)
- [vhost] correctly check the return value of translate_desc() in log_used() (Jason Wang) [1657577]
- [vhost] log dirty page correctly (Jason Wang) [1657577]
- [vhost] fix OOB in get_rx_bufs() (Jason Wang) [1710182]
- [vhost] reject zero size iova range (Jason Wang)
- [vhost] Fix Spectre V1 vulnerability (Jason Wang) [1672554]
- [vhost] vhost_net: flush batched heads before trying to busy polling (Jason Wang) [1710182]
- [vhost] vhost_net: batch used ring update in rx (Jason Wang) [1710182]
- [x86] mark AMD Rome processors supported (David Arcari) [1543509]
- [x86] microcode: Only load the microcode once on AMD systems (Prarit Bhargava) [1710942]

[3.10.0-1055]
- [thermal] intel_powerclamp: fix truncated kthread name (David Arcari) [1716946]

[3.10.0-1054]
- [pci] Rework pcie_retrain_link() wait loop (Myron Stowe) [1677010]
- [pci] Work around Pericom PCIe-to-PCI bridge Retrain Link erratum (Myron Stowe) [1677010]
- [pci] Factor out pcie_retrain_link() function (Myron Stowe) [1677010]
- [cpufreq] intel_pstate: Ignore turbo active ratio in HWP (David Arcari) [1711969]
- [fs] vmcore: Add a kernel parameter novmcoredd (Kairui Song) [1705859]
- [netdrv] bonding/802.3ad: fix slave link initialization transition states (Jarod Wilson) [1702807]
- [netdrv] rtw88: new Realtek 802.11ac driver (Stanislaw Gruszka) [1487002 1487018]
- [kernel] bitfield: fix *_encode_bits() (Stanislaw Gruszka) [1487002 1487018]
- [kernel] Add primitives for manipulating bitfields both in host- and fixed-endian (Stanislaw Gruszka) [1487002 1487018]
- [netdrv] phy: turn carrier off on phy attach (Corinna Vinschen) [1706531]
- [netdrv] phy: realtek: add generic Realtek PHY driver (Corinna Vinschen) [1706531]
- [netdrv] phy: realtek: load driver for all PHYs with a Realtek OUI (Corinna Vinschen) [1706531]
- [netdrv] phy: realtek: fix RTL8201F sysfs name (Corinna Vinschen) [1706531]
- [netdrv] phy: realtek: Support RTL8366RB variant (Corinna Vinschen) [1706531]
- [netdrv] phy: realtek: add missing entry for RTL8211C to mdio_device_id table (Corinna Vinschen) [1706531]
- [netdrv] phy: realtek: add support for RTL8211C (Corinna Vinschen) [1706531]
- [netdrv] phy: realtek: add missing entry for RTL8211 to mdio_device_id table (Corinna Vinschen) [1706531]
- [netdrv] phy: realtek: add support for RTL8211 (Corinna Vinschen) [1706531]
- [netdrv] phy: realtek: add suspend/resume callbacks for RTL8211B (Corinna Vinschen) [1706531]
- [netdrv] phy: realtek: Use the dummy stubs for MMD register access for rtl8211b (Corinna Vinschen) [1706531]
- [netdrv] phy: realtek: use new helpers for paged register access (Corinna Vinschen) [1706531]
- [netdrv] phy: realtek: add utility functions to read/write page addresses (Corinna Vinschen) [1706531]
- [netdrv] phy: realtek: use the same indentation for all #defines (Corinna Vinschen) [1706531]
- [netdrv] phy: realtek: group all register bit #defines for RTL821x_INER (Corinna Vinschen) [1706531]
- [netdrv] phy: realtek: rename RTL821x_INER_INIT to RTL8211B_INER_INIT (Corinna Vinschen) [1706531]
- [netdrv] phy: realtek: use the BIT and GENMASK macros (Corinna Vinschen) [1706531]
- [netdrv] phy: realtek: fix RTL8211F interrupt mode (Corinna Vinschen) [1706531]
- [netdrv] phy: realtek: add RTL8201F phy-id and functions (Corinna Vinschen) [1706531]
- [netdrv] phy: realtek: rename RTL8211F_PAGE_SELECT to RTL821x_PAGE_SELECT (Corinna Vinschen) [1706531]
- [netdrv] phy: realtek: fix enabling of the TX-delay for RTL8211F (Corinna Vinschen) [1706531]
- [netdrv] phy: add RealTek RTL8211DN phy id (Corinna Vinschen) [1706531]
- [netdrv] phy: Add support for Realtek RTL8211F (Corinna Vinschen) [1706531]
- [netdrv] phy: export genphy_config_init() (Corinna Vinschen) [1706531]
- [netdrv] phy: realtek: register/unregister multiple drivers properly (Corinna Vinschen) [1706531]
- [netdrv] phy: Add RTL8201CP phy_driver to realtek (Corinna Vinschen) [1706531]
- [netdrv] phy: rtl8211: fix interrupt on status link change (Corinna Vinschen) [1706531]
- [nvme] fix memory leak for power latency tolerance (David Milburn) [1541904]
- [base] pm / qos: Fix memory leak on resume_latency.notifiers (David Milburn) [1541904]
- [x86] kvm: x86: use correct privilege level for sgdt/sidt/fxsave/fxrstor access (Paolo Bonzini) [1657358] {CVE-2018-10853}
- [x86] kvm: x86: pass kvm_vcpu to kvm_read_guest_virt and kvm_write_guest_virt_system (Paolo Bonzini) [1657358] {CVE-2018-10853}
- [x86] kvm: x86: introduce linear_{read,write}_system (Paolo Bonzini) [1657358] {CVE-2018-10853}
- [x86] Update stepping values for Whiskey Lake U/Y (David Arcari) [1704810]

[3.10.0-1053]
- [hid] wacom: generic: support LEDs (Benjamin Tissoires) [1710890]
- [hid] wacom: leds: use the ledclass instead of custom made sysfs files (Benjamin Tissoires) [1710890]
- [char] ipmi_si: fix use-after-free of resource->name (Tony Camuso) [1714408] {CVE-2019-11811}
- [fs] gfs2: Use d_materialise_unique instead of d_splice_alias (Robert S Peterson) [1677686]
- [fs] sunrpc: make visible processing error in bc_svc_process() ('J. Bruce Fields') [1653675] {CVE-2018-16884}
- [fs] sunrpc: remove unused xpo_prep_reply_hdr callback ('J. Bruce Fields') [1653675] {CVE-2018-16884}
- [fs] sunrpc: remove svc_tcp_bc_class ('J. Bruce Fields') [1653675] {CVE-2018-16884}
- [fs] sunrpc: replace svc_serv->sv_bc_xprt by boolean flag ('J. Bruce Fields') [1653675] {CVE-2018-16884}
- [fs] sunrpc: use-after-free in svc_process_common() ('J. Bruce Fields') [1653675] {CVE-2018-16884}
- [fs] svcauth_gss: Close connection when dropping an incoming message ('J. Bruce Fields') [1653675] {CVE-2018-16884}
- [net] bridge: dont send notification when skb->len == 0 in rtnl_bridge_notify (Hangbin Liu) [1714831]
- [net] tcp: purge write queue in tcp_connect_init() (Marcelo Leitner) [1713051]
- [net] tcp: fix TCP_REPAIR_QUEUE bound checking (Marcelo Leitner) [1713051]
- [net] tcp: dont read out-of-bounds opsize (Marcelo Leitner) [1713051]
- [net] tcp: md5: reject TCP_MD5SIG or TCP_MD5SIG_EXT on established sockets (Marcelo Leitner) [1713051]
- [net] tcp: fix tcp_mtu_probe() vs highest_sack (Marcelo Leitner) [1713051]
- [net] tcp: fastopen: fix on syn-data transmit failure (Marcelo Leitner) [1713051]
- [net] tcp: when rearming RTO, if RTO time is in past then fire RTO ASAP (Marcelo Leitner) [1713051]
- [net] tcp: eliminate negative reordering in tcp_clean_rtx_queue (Marcelo Leitner) [1713051]
- [net] tcp: fix wraparound issue in tcp_lp (Marcelo Leitner) [1713051]
- [net] tcp: account for ts offset only if tsecr not zero (Marcelo Leitner) [1713051]
- [net] tcp: initialize max window for a new fastopen socket (Marcelo Leitner) [1713051]
- [net] tcp: consider recv buf for the initial window scale (Marcelo Leitner) [1713051]
- [net] tcp: refresh skb timestamp at retransmit time (Marcelo Leitner) [1713051]
- [net] tcp: fix tcpi_segs_in after connection establishment (Marcelo Leitner) [1713051]
- [net] tcp: beware of alignments in tcp_get_info() (Marcelo Leitner) [1713051]
- [net] tcp: properly scale window in tcp_v[46]_reqsk_send_ack() (Marcelo Leitner) [1713051]
- [net] tcp: fix NULL deref in tcp_v4_send_ack() (Marcelo Leitner) [1713051]
- [net] tcp: md5: fix lockdep annotation (Marcelo Leitner) [1713051]
- [net] tcp: apply Kerns check on RTTs used for congestion control (Marcelo Leitner) [1713051]
- [net] tcp: add proper TS val into RST packets (Marcelo Leitner) [1713051]
- [net] tcp: fix FRTO undo on cumulative ACK of SACKed range (Marcelo Leitner) [1713051]
- [net] tcp: align tcp_xmit_size_goal() on tcp_tso_autosize() (Marcelo Leitner) [1713051]
- [net] tcp: fastopen: avoid negative sk_forward_alloc (Marcelo Leitner) [1713051]
- [net] tcp: fastopen: fix rcv_wup initialization for TFO server on SYN/data (Marcelo Leitner) [1713051]
- [net] tcp: make sure skb is not shared before using skb_get() (Marcelo Leitner) [1713051]
- [net] tcp: Do not apply TSO segment limit to non-TSO packets (Marcelo Leitner) [1713051]
- [net] openvswitch: load and reference the NAT helper. (Flavio Leitner) [1435252]
- [net] openvswitch: load NAT helper (Flavio Leitner) [1435252]
- [net] netfilter: introduce nf_conntrack_helper_put helper function (Flavio Leitner) [1435252]
- [net] netfilter: xt_CT: fix refcnt leak on error path (Flavio Leitner) [1435252]
- [net] netfilter: nf_nat: register NAT helpers. (Flavio Leitner) [1435252]
- [net] netfilter: add API to manage NAT helpers. (Flavio Leitner) [1435252]
- [net] netfilter: use macros to create module aliases. (Flavio Leitner) [1435252]
- [net] openvswitch: add seqadj extension when NAT is used. (Flavio Leitner) [1435252]
- [net] netfilter: nf_conntrack_sip: fix wrong memory initialisation (Flavio Leitner) [1435252]
- [net] netfilter: Add helper array register/unregister functions (Flavio Leitner) [1435252]
- [net] netfilter: nf_ct_helper: Fix helper unregister count. (Flavio Leitner) [1435252]
- [net] netfilter: nf_ct_helper: define pr_fmt() (Flavio Leitner) [1435252]
- [net] ip6_tunnel: be careful when accessing the inner header (Stefano Brivio) [1713294]
- [net] ip_tunnel: be careful when accessing the inner header (Stefano Brivio) [1713294]
- [net] ip_tunnel: better validate user provided tunnel names (Stefano Brivio) [1713294]
- [net] ip_tunnel: fix potential issue in ip_tunnel_rcv (Stefano Brivio) [1713294]
- [net] gro: Fix GRO flush when receiving a GSO packet. (Paolo Abeni) [1713013]
- [net] devlink: Fix list access without lock while reading region (Paolo Abeni) [1713013]
- [net] skb_scrub_packet(): Scrub offload_fwd_mark (Paolo Abeni) [1713013]
- [net] ethtool: fix a privilege escalation bug (Paolo Abeni) [1713013]
- [net] skb_segment() should not return NULL (Paolo Abeni) [1713013]
- [net] fix possible out-of-bound read in skb_network_protocol() (Paolo Abeni) [1713013]
- [net] flow_dissector: properly cap thoff field (Paolo Abeni) [1713013]
- [net] ethtool: Initialize buffer when querying device channel settings (Paolo Abeni) [1713013]
- [net] neighbour: fix crash at dumping device-agnostic proxy entries (Paolo Abeni) [1713013]
- [net] netlabel: fix out-of-bounds memory accesses (Hangbin Liu) [1712920]
- [net] ipv4: Fix use-after-free when flushing FIB tables (Hangbin Liu) [1712920]
- [net] ping: fix a null pointer dereference (Hangbin Liu) [1712920]
- [net] netfilter: rpfilter: bypass ipv4 lbcast packets with zeronet source (Guillaume Nault) [1704190]
- [net] sched: act_ipt: fix refcount leak when replace fails (Davide Caratti) [1706791]
- [net] sched: act_sample: fix divide by zero in the traffic path (Davide Caratti) [1706791]
- [net] sched: fix ->get helper of the matchall cls (Davide Caratti) [1706791]
- [net] sched: fix a race condition in tcindex_destroy() (Davide Caratti) [1706791]
- [net] cls_flower: Remove filter from mask before freeing it (Davide Caratti) [1706791]
- [net] sched: gred: pass the right attribute to gred_change_table_def() (Davide Caratti) [1706791]
- [net] sched: act_pedit: fix dump of extended layered op (Davide Caratti) [1706791]
- [net] sched: cls_api: deal with egdev path only if needed (Davide Caratti) [1706791]
- [net] sched: fix error path in tcf_proto_create() when modules are not configured (Davide Caratti) [1706791]
- [net] sched: fq: take care of throttled flows before reuse (Davide Caratti) [1706791]
- [net] sched actions: fix dumping which requires several messages to user space (Davide Caratti) [1706791]
- [net] sch_netem: fix skb leak in netem_enqueue() (Davide Caratti) [1706791]
- [net] sched: Fix update of lastuse in act modules implementing stats_update (Davide Caratti) [1699910 1706791]
- [net] sched: dont release reference on action overwrite (Davide Caratti) [1706791]
- [powerpc] mm: move warning from resize_hpt_for_hotplug() (Laurent Vivier) [1693046]
- [powerpc] pseries: Use pr_xxx() in lpar.c (Laurent Vivier) [1693046]
- [powerpc] mm: Fix build break with BOOK3S_64=n and MEMORY_HOTPLUG=y (Laurent Vivier) [1693046]
- [net] vsock/virtio: fix kernel panic from virtio_transport_reset_no_sock (Stefano Garzarella) [1693996]
- [mm] page_counter: let page_counter_try_charge() return bool (Davide Caratti) [1658641]
- [kernel] unshare: Unsharing a thread does not require unsharing a vm (Alex Gladkov) [1597991]
- [x86] kvm: x86: Add AMDs EX_CFG to the list of ignored MSRs (Eduardo Habkost) [1593190]
- [x86] kvm: x86: Expose CLDEMOTE CPU feature to guest VM (Paul Lai) [1494704]

[3.10.0-1052]
- [security] xattr: use RH_KABI_CONST to avoid security_inode_init_security checksum change (Cestmir Kalina) [1710633]
- [crypto] hmac: require that the underlying hash algorithm is unkeyed (Neil Horman) [1708078]
- [tty] Fix low_latency BUG (Aristeu Rozanski) [1710039]
- [tty] n_tty: Fix termios_rwsem lockdep false positive (Artem Savkov) [1712744]
- [netdrv] xen/netfront: fix waiting for xenbus state change (Vitaly Kuznetsov) [1704435]
- [netdrv] xen-netfront: fix warn message as irq device name has '/' (Vitaly Kuznetsov) [1704435]
- [netdrv] xen-netfront: wait xenbus state change when load module manually (Vitaly Kuznetsov) [1704435]
- [netdrv] xen-netfront: fix queue name setting (Vitaly Kuznetsov) [1704435]
- [netdrv] xen-netfront: Update features after registering netdev (Vitaly Kuznetsov) [1704435]
- [netdrv] xen-netfront: Fix mismatched rtnl_unlock (Vitaly Kuznetsov) [1704435]
- [netdrv] xen-netfront: Fix race between device setup and open (Vitaly Kuznetsov) [1704435]
- [netdrv] xen-netfront: Use static attribute groups for sysfs entries (Vitaly Kuznetsov) [1704435]
- [x86] kvm: x86: reduce collisions in mmu_page_hash (Radim Krcmar) [1631875]
- [x86] kvm/mmu: reset MMU context when 32-bit guest switches PAE (Vitaly Kuznetsov) [1703797]

[3.10.0-1051]
- [tools] power turbostat: Increase default buffer size (Prarit Bhargava) [1708539]
- [md] dm thin metadata: do not write metadata if no changes occurred (Mike Snitzer) [1710051]
- [md] dm thin metadata: add wrappers for managing write locking of metadata (Mike Snitzer) [1710051]
- [md] dm thin metadata: check __commit_transaction()s return (Mike Snitzer) [1710051]
- [md] dm space map common: zero entire ll_disk (Mike Snitzer) [1710051]
- [fs] xfs: always rejoin held resources during defer roll (Brian Foster) [1703315]
- [fs] xfs: automatic dfops inode relogging (Brian Foster) [1703315]
- [fs] xfs: automatic dfops buffer relogging (Brian Foster) [1703315]
- [fs] xfs: reset dfops to initial state after finish (Brian Foster) [1703315]
- [fs] xfs: return from _defer_finish with a clean transaction (Brian Foster) [1703315]
- [fs] xfs: release new dquot buffer on defer_finish error (Brian Foster) [1703315]
- [scsi] hpsa: correct static checker issue in reset handler (Joseph Szczypek) [1710594]
- [scsi] hpsa: update driver version (Joseph Szczypek) [1710594]
- [scsi] hpsa: correct device resets (Joseph Szczypek) [1710594]
- [scsi] hpsa: do-no-complete-cmds-for-deleted-devices (Joseph Szczypek) [1710594]
- [scsi] hpsa: wait longer for ptraid commands (Joseph Szczypek) [1710594]
- [scsi] hpsa: check for tag collision (Joseph Szczypek) [1710594]
- [scsi] hpsa: use local workqueue instead of system workqueues (Joseph Szczypek) [1710594]
- [scsi] hpsa: correct simple mode (Joseph Szczypek) [1710594]
- [scsi] hpsa: bump driver version (Joseph Szczypek) [1710594]
- [scsi] hpsa: correct device id issues (Joseph Szczypek) [1710594]
- [scsi] hpsa: check for lv removal (Joseph Szczypek) [1710594]
- [nvme] lock NS list changes while handling command effects (David Milburn) [1672723]
- [net] rtnetlink: always put IFLA_LINK for links with a link-netnsid (Sabrina Dubroca) [1705686]
- [net] rtnetlink: add helpers to dump netnsid information (Sabrina Dubroca) [1705686]
- [net] rtnetlink: add helper to put master and link ifindexes (Sabrina Dubroca) [1705686]
- [net] neighbour: fix base_reachable_time(_ms) not effective immediatly when changed (Guillaume Nault) [1708253]

[3.10.0-1050]
- [tools] perf annotate: Fix getting source line failure (Michael Petlan) [1701178]
- [netdrv] qmi_wwan: apply SET_DTR quirk to Sierra WP7607 (Lubomir Rintel) [1678156]
- [mm] tlb: Remove tlb_remove_table() non-concurrent condition (Vitaly Kuznetsov) [1448188]
- [mm] move tlb_table_flush to tlb_flush_mmu_free (Vitaly Kuznetsov) [1448188]
- [mm] tlb, x86/mm: Support invalidating TLB caches for RCU_TABLE_FREE (Vitaly Kuznetsov) [1448188]
- [lib] locking/rwsem: Prevent decrement of reader count before increment (Waiman Long) [1708667]
- [kernel] sched/topology: Introduce NUMA identity node sched domain (Suravee Suthikulpanit) [1566753]
- [kernel] sched/fair: Do not re-read ->h_load_next during hierarchical load calculation (Phil Auld) [1707397]
- [x86] livepatch: apply alternatives and paravirt patches after relocations (Artem Savkov) [1706733]
- [powerpc] cbpf: disable jit (Yauheni Kaliuta) [1700744]
- [powerpc] numa: document topology_updates_enabled, disable by default (Gustavo Duarte) [1705431]
- [powerpc] numa: improve control of topology updates (Gustavo Duarte) [1705431]

[3.10.0-1049]
- [x86] spectre: Fix an error message (Waiman Long) [1709296 1690335 1690348 1690358] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [documentation] x86/speculation/mds: Fix documentation typo (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [documentation] Correct the possible MDS sysfs values (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [documentation] x86/mds: Add MDSUM variant to the MDS documentation (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] speculation/mds: Add 'mitigations=' support for MDS (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [documentation] s390/speculation: Support 'mitigations=' cmdline option (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [documentation] powerpc/speculation: Support 'mitigations=' cmdline option (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [documentation] x86/speculation: Support 'mitigations=' cmdline option (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [kernel] cpu/speculation: Add 'mitigations=' cmdline option (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] speculation/l1tf: Increase l1tf memory limit for Nehalem+ (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] spectre: Simplify spectre_v2 command line parsing (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] speculation/mds: Properly set/clear mds_idle_clear static key (Waiman Long) [1709296 1690358 1690348 1690335 1707292] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] speculation/mds: Print SMT vulnerable on MSBDS with mitigations off (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] speculation/mds: Fix comment (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] speculation/mds: Add SMT warning message (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] speculation: Move arch_smt_update() call to after mitigation decisions (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] speculation/mds: Add mds=full, nosmt cmdline option (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [kernel] x86/speculation: Remove redundant arch_smt_update() invocation (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1709296 1690358 1690348 1690335 1710501 1710498] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] spec_ctrl: Add debugfs x86/smt_present file (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] spec_ctrl: Disable automatic enabling of STIBP with SMT on (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [documentation] documentation: Add MDS vulnerability documentation (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [documentation] documentation: Move L1TF to separate directory (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [documentation] x86/speculation/mds: Add mitigation mode VMWERV (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] speculation/mds: Add sysfs reporting for MDS (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] speculation/mds: Add mitigation control for MDS (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [documentation] x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] kvm/vmx: Add MDS protection when L1D Flush is not active (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] speculation/mds: Clear CPU buffers on exit to user (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [documentation] x86/speculation/mds: Add mds_clear_cpu_buffers() (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] kvm: Expose X86_FEATURE_MD_CLEAR to guests (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] speculation/mds: Add BUG_MSBDS_ONLY (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] speculation/mds: Add basic bug infrastructure for MDS (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] speculation: Consolidate CPU whitelists (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] msr-index: Cleanup bit defines (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] l1tf: Show actual SMT state (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] speculation: Simplify sysfs report of VMX L1TF vulnerability (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [kernel] x86/speculation: Rework SMT state change (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] speculation: Disable STIBP when enhanced IBRS is in use (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] speculation: Move STIPB/IBPB string conditionals out of cpu_show_common() (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] speculation: Enable cross-hyperthread spectre v2 STIBP mitigation (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] spectre_v2: Make spectre_v2_mitigation mode available (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] spec_ctrl: Add X86_FEATURE_USE_IBPB (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] spec_ctrl: Add casting to fix compilation error (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [tools] x86/cpu: Sanitize FAM6_ATOM naming (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}
- [x86] cpufeatures: Add Intel PCONFIG cpufeature (Waiman Long) [1709296 1690358 1690348 1690335] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091}

[3.10.0-1048]
- [net] netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel (Stefano Brivio) [1707191]
- [net] vxlan: test dev->flags & IFF_UP before calling gro_cells_receive() (Stefano Brivio) [1707190]
- [net] vxlan: test dev->flags & IFF_UP before calling netif_rx() (Stefano Brivio) [1707190]
- [net] netfilter: x_tables: initialise match/target check parameter struct (Stefano Brivio) [1707186]
- [net] netfilter: drop outermost socket lock in getsockopt() (Stefano Brivio) [1707186]
- [net] netfilter: on sockopt() acquire sock lock only in the required scope (Stefano Brivio) [1707186]
- [net] xfrm6_tunnel: Fix potential panic when unloading xfrm6_tunnel module (Stefano Brivio) [1707164]
- [net] ipv6/flowlabel: wait rcu grace period before put_pid() (Stefano Brivio) [1707164]
- [net] ipv6: sit: reset ip header pointer in ipip6_rcv (Stefano Brivio) [1707164]
- [net] ipv6: Fix dangling pointer when ipv6 fragment (Stefano Brivio) [1707164]
- [net] tcp: do not use ipv6 header for ipv4 flow (Stefano Brivio) [1707164]
- [net] ipv6: tunnels: fix two use-after-free (Stefano Brivio) [1707164]
- [net] ipv6: explicitly initialize udp6_addr in udp_sock_create6() (Stefano Brivio) [1707164]
- [net] vti6: remove !skb->ignore_df check from vti6_xmit() (Stefano Brivio) [1707164]
- [net] vti6: fix PMTU caching and reporting on xmit (Stefano Brivio) [1707164]
- [net] ip6_tunnel: use the right value for ipv4 min mtu check in ip6_tnl_xmit (Stefano Brivio) [1707164]
- [net] ipv6: add RTA_TABLE and RTA_PREFSRC to rtm_ipv6_policy (Stefano Brivio) [1707164]
- [net] route: add missing nla_policy entry for RTA_MARK attribute (Stefano Brivio) [1707164]
- [net] vti6: better validate user provided tunnel names (Stefano Brivio) [1707164]
- [net] ip6_tunnel: better validate user provided tunnel names (Stefano Brivio) [1707164]
- [net] ip6_gre: better validate user provided tunnel names (Stefano Brivio) [1707164]
- [net] ipv6: sit: better validate user provided tunnel names (Stefano Brivio) [1707164]
- [net] netfilter: ipv6: fix use-after-free Write in nf_nat_ipv6_manip_pkt (Stefano Brivio) [1707164]
- [net] ip6_gre: remove the incorrect mtu limit for ipgre tap (Stefano Brivio) [1707164]
- [net] vti: fix use after free in vti_tunnel_xmit/vti6_tnl_xmit (Stefano Brivio) [1707164]
- [net] ipv6: fix memory leak with multiple tables during netns destruction (Stefano Brivio) [1707164]
- [net] ipv6: reset fn->rr_ptr when replacing route (Stefano Brivio) [1707164]
- [net] ipv6: RTF_PCPU should not be settable from userspace (Stefano Brivio) [1707164]
- [net] vti6: Dont report path MTU below IPV6_MIN_MTU. (Stefano Brivio) [1707164]
- [net] mld, igmp: Fix reserved tailroom calculation (Stefano Brivio) [1707164]
- [net] tcp: prevent fetching dst twice in early demux code (Stefano Brivio) [1707164]
- [net] ipv6: addrconf: add missing validate_link_af handler (Stefano Brivio) [1707164]
- [net] test tailroom before appending to linear skb (Stefano Brivio) [1707181]
- [net] ipv4: fix memory leaks in udp_sendmsg, ping_v4_sendmsg (Paolo Abeni) [1706748]
- [net] ipv4: fix memory leaks in ip_cmsg_send() callers (Paolo Abeni) [1706748]
- [net] xfrm6: Fix a offset value for network header in _decode_session6 (Sabrina Dubroca) [1705575]
- [net] xfrm: Fix transport mode skb control buffer usage. (Sabrina Dubroca) [1705575]
- [net] xfrm: Use __skb_queue_tail in xfrm_trans_queue (Sabrina Dubroca) [1705575]
- [net] xfrm6: call kfree_skb when skb is toobig (Sabrina Dubroca) [1705575]
- [net] xfrm: make local error reporting more robust (Sabrina Dubroca) [1705575]
- [net] xfrm: Validate address prefix lengths in the xfrm selector. (Sabrina Dubroca) [1705575]
- [net] xfrm: free skb if nlsk pointer is NULL (Sabrina Dubroca) [1705575]
- [net] xfrm: fix missing dst_release() after policy blocking lbcast and multicast (Sabrina Dubroca) [1705575]
- [net] xfrm_user: prevent leaking 2 bytes of kernel memory (Sabrina Dubroca) [1705575]
- [net] xfrm6: avoid potential infinite loop in _decode_session6() (Sabrina Dubroca) [1705575]
- [net] xfrm6: Fix transport header offset in _decode_session6. (Sabrina Dubroca) [1705575]
- [net] xfrm_user: uncoditionally validate esn replay attribute struct (Sabrina Dubroca) [1705575]
- [net] xfrm: make xfrm_replay_state_esn_len() return unsigned int (Sabrina Dubroca) [1705575]
- [net] xfrm: Return error on unknown encap_type in init_state (Sabrina Dubroca) [1705575]
- [net] xfrm: Reinject transport-mode packets through tasklet (Sabrina Dubroca) [1705575]
- [net] xfrm: Clear sk_dst_cache when applying per-socket policy. (Sabrina Dubroca) [1705575]
- [net] xfrm_user: fix info leak in build_aevent() (Sabrina Dubroca) [1705575]
- [net] xfrm: checkpatch errors with space (Sabrina Dubroca) [1705575]
- [net] xfrm_user: fix info leak in xfrm_notify_sa() (Sabrina Dubroca) [1705575]
- [net] xfrm: provide correct dst in xfrm_neigh_lookup (Sabrina Dubroca) [1705575]
- [net] xfrm_user: propagate sec ctx allocation errors (Sabrina Dubroca) [1705575]
- [net] sctp: avoid running the sctp state machine recursively (Xin Long) [1702176]
- [net] sched: fix refcnt leak in the error path of tcf_vlan_init() (Davide Caratti) [1706158]
- [net] sched: act_tunnel_key: fix NULL pointer dereference during init (Davide Caratti) [1706158]
- [net] sched: act_ipt: check for underflow in __tcf_ipt_init() (Davide Caratti) [1706158]
- [net] sched: act_tunnel_key: fix NULL dereference when 'goto chain' is used (Davide Caratti) [1706158]
- [net] sched: act_pedit: fix possible memory leak in tcf_pedit_init() (Davide Caratti) [1706158]
- [net] sched: act_simple: fix parsing of TCA_DEF_DATA (Davide Caratti) [1706158]
- [net] cls_flower: Fix incorrect idr release when failing to modify rule (Davide Caratti) [1706158]
- [net] sched actions: fix refcnt leak in skbmod (Davide Caratti) [1706158]
- [net] sched actions: fix invalid pointer dereferencing if skbedit flags missing (Davide Caratti) [1706158]
- [net] sched: fix idr leak in the error path of tcf_skbmod_init() (Davide Caratti) [1706158]
- [net] sched: fix idr leak in the error path of __tcf_ipt_init() (Davide Caratti) [1706158]
- [net] sched: fix idr leak in the error path of tcp_pedit_init() (Davide Caratti) [1706158]
- [net] sched: fix idr leak in the error path of tcf_act_police_init() (Davide Caratti) [1706158]
- [net] sched: fix idr leak in the error path of tcf_simp_init() (Davide Caratti) [1706158]
- [net] sched: fix NULL dereference on the error path of tcf_skbmod_init() (Davide Caratti) [1706158]
- [net] sched: fix NULL dereference in the error path of tcf_sample_init() (Davide Caratti) [1706158]
- [net] netfilter: xt_IDLETIMER: add sysfs filename checking routine (Andrea Claudi) [1700745]
- [net] netfilter: x_tables: add and use xt_check_proc_name (Andrea Claudi) [1700745]
- [net] netfilter: IDLETIMER: fix lockdep warning (Andrea Claudi) [1700745]
- [net] netfilter: nat: fix double register in masquerade modules (Andrea Claudi) [1700745]
- [net] netfilter: add missing error handling code for register functions (Andrea Claudi) [1700745]
- [net] add LINUX_MIB_PFMEMALLOCDROP counter (Marcelo Leitner) [1696664]
- [net] netfilter: ipv6: Dont preserve original oif for loopback address (Florian Westphal) [1701496]
- [net] netfilter: ipv6: Preserve link scope traffic original oif (Florian Westphal) [1701496]
- [net] netfilter: use skb_to_full_sk in ip6_route_me_harder (Florian Westphal) [1701496]
- [net] netfilter: Fix potential use after free in ip6_route_me_harder() (Florian Westphal) [1701496]
- [net] openvswitch: Fix push/pop ethernet validation (Eelco Chaudron) [1700852]
- [net] bonding: use netpoll_poll_dev() helper (Hangbin Liu) [1694409]
- [netdrv] nfp: disable netpoll on representors (Hangbin Liu) [1694409]
- [net] netpoll: do not test NAPI_STATE_SCHED in poll_one_napi() (Hangbin Liu) [1694409]
- [net] netpoll: make ndo_poll_controller() optional (Hangbin Liu) [1694409]
- [net] netpoll: Rename netpoll_rx_enable/disable to netpoll_poll_disable/enable (Hangbin Liu) [1694409]
- [net] netpoll: Move rx enable/disable into __dev_close_many (Hangbin Liu) [1694409]
- [net] netpoll: remove return value from netpoll_rx_disable() (Hangbin Liu) [1694409]
- [netdrv] iavf: add missing .ndo_size callback to iavf_netdev_ops (Stefan Assmann) [1707230]
- [fs] cifs: Accept validate negotiate if server return NT_STATUS_NOT_SUPPORTED (Leif Sahlberg) [1697514]
- [fs] cifs: fix a crash in flocks_remove_flock when releasing all file locks (Leif Sahlberg) [1527610]
- [fs] pnfs: Avoid read/modify/write when it is not necessary (Benjamin Coddington) [1680648]
- [fs] pnfs: Fix potential corruption of page being written (Benjamin Coddington) [1680648]
- [fs] xfs: zero length symlinks are not valid (Bill ODonnell) [1503032]
- [md] batch flush requests. (Xiao Ni) [1576466]
- [md] revert 'md: fix lock contention for flush bios' (Xiao Ni) [1576466]
- [scsi] Revert '[qla2xxx] Mark NVMe/FC initiator mode usage as technology preview' (Ewan Milne) [1707805]
- [scsi] qla2xxx: Silence Successful ELS IOCB message (Himanshu Madhani) [1647051]
- [scsi] qla2xxx: Fix device staying in blocked state (Himanshu Madhani) [1647051]
- [iommu] amd: Set exclusion range correctly (Jerry Snitselaar) [1702763]
- [mm] memcontrol: release kmemcg_id only when allocated (Aaron Tomlin) [1593417]
- [kernel] cpu/hotplug: Create SMT sysfs interface for all arches (Josh Poimboeuf) [1693310]
- [kernel] cpu/hotplug: Fix 'SMT disabled by BIOS' detection for KVM (Josh Poimboeuf) [1693310]
- [kernel] cpu/hotplug: Fix SMT supported evaluation (Josh Poimboeuf) [1693310]
- [kernel] sched/smt: Expose sched_smt_present static key (Josh Poimboeuf) [1693310]
- [kernel] sched/smt: Make sched_smt_present track topology (Josh Poimboeuf) [1693310]
- [firmware] efi: Dont use spinlocks for efi vars (Waiman Long) [1705743]
- [firmware] efi: Use a file local lock for efivars (Waiman Long) [1705743]
- [firmware] efi: Merge boolean flag arguments (Waiman Long) [1705743]
- [x86] efi: Add nonblocking option to efi_query_variable_store() (Waiman Long) [1705743]
- [firmware] Do not use WARN_ON(!spin_is_locked()) (Waiman Long) [1705743]
- [x86] mm, perf: Allow recursive faults from interrupts (Rafael Aquini) [1703167]

[3.10.0-1047]
- [x86] Update stepping values for coffee lake desktop (David Arcari) [1704812]
- [netdrv] generalize napi_complete_done() (Manish Chopra) [1686861]
- [makefile] makefile: bump drm backport version (Dave Airlie) [1680275]
- [gpu] revert 'drm/qxl: drop prime import/export callbacks' (Dave Airlie) [1680275]
- [gpu] drm/i915: Do not enable FEC without DSC (Dave Airlie) [1680275]
- [gpu] drm/ttm: fix re-init of global structures (Dave Airlie) [1680275]
- [gpu] revert 'drm/virtio: drop prime import/export callbacks' (Dave Airlie) [1680275]
- [gpu] revert 'drm/i915/fbdev: Actually configure untiled displays' (Dave Airlie) [1680275]
- [gpu] drm/amdgpu/gmc9: fix VM_L2_CNTL3 programming (Dave Airlie) [1680275]
- [gpu] drm/ttm: fix out-of-bounds read in ttm_put_pages() v2 (Dave Airlie) [1680275]
- [gpu] drm/amdkfd: use init_mqd function to allocate object for hid_mqd (CI) (Dave Airlie) [1680275]
- [gpu] drm/nouveau/volt/gf117: fix speedo readout register (Dave Airlie) [1680275]
- [gpu] drm/amdgpu: psp_ring_destroy cause psp->km_ring.ring_mem NULL (Dave Airlie) [1680275]
- [gpu] drm/nouveau/debugfs: Fix check of pm_runtime_get_sync failure (Dave Airlie) [1680275]
- [gpu] drm/udl: use drm_gem_object_put_unlocked (Dave Airlie) [1680275]
- [gpu] drm/virtio: do NOT reuse resource ids (Dave Airlie) [1680275]
- [gpu] drm/i915/dp: revert back to max link rate and lane count on eDP (Dave Airlie) [1680275]
- [gpu] drm/udl: add a release method and delay modeset teardown (Dave Airlie) [1680275]
- [gpu] drm/i915/gvt: do not deliver a workload if its creation fails (Dave Airlie) [1680275]
- [gpu] drm/i915/gvt: do not let pin count of shadow mm go negative (Dave Airlie) [1680275]
- [gpu] drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers (Dave Airlie) [1680275]
- [gpu] drm: Reorder set_property_atomic to avoid returning with an active ww_ctx (Dave Airlie) [1680275]
- [gpu] drm/fb-helper: fix leaks in error path of drm_fb_helper_fbdev_setup (Dave Airlie) [1680275]
- [gpu] drm/nouveau: Stop using drm_crtc_force_disable (Dave Airlie) [1680275]
- [gpu] drm: Auto-set allow_fb_modifiers when given modifiers at plane init (Dave Airlie) [1680275]
- [gpu] drm/amd/display: Enable vblank interrupt during CRC capture (Dave Airlie) [1680275]
- [gpu] drm/amd/display: Disconnect mpcc when changing tg (Dave Airlie) [1680275]
- [gpu] drm/amd/display: Dont re-program planes for DPMS changes (Dave Airlie) [1680275]
- [gpu] drm/sched: Fix entities with 0 rqs (Dave Airlie) [1680275]
- [gpu] drm/amd/display: Clear stream->mode_changed after commit (Dave Airlie) [1680275]
- [gpu] drm/amd/display: Fix reference counting for struct dc_sink (Dave Airlie) [1680275]
- [gpu] drm/i915/icl: Fix the TRANS_DDI_FUNC_CTL2 bitfield macro (Dave Airlie) [1680275]
- [gpu] drm/i915/gvt: Fix MI_FLUSH_DW parsing with correct index check (Dave Airlie) [1680275]
- [gpu] drm/i915: Mark AML 0x87CA as ULX (Dave Airlie) [1680275]
- [gpu] drm/vgem: fix use-after-free when drm_gem_handle_create() fails (Dave Airlie) [1680275]
- [gpu] drm/vmwgfx: Return 0 when gmrid::get_node runs out of IDs (Dave Airlie) [1680275]
- [gpu] drm/vmwgfx: Dont double-free the mode stored in par->set_mode (Dave Airlie) [1680275]
- [gpu] drm/amdgpu: fix invalid use of change_bit (Dave Airlie) [1680275]
- [gpu] drm/amd/powerplay: correct power reading on fiji (Dave Airlie) [1680275]
- [gpu] drm/radeon/evergreen_cs: fix missing break in switch statement (Dave Airlie) [1680275]
- [gpu] drm/fb-helper: generic: Fix drm_fbdev_client_restore() (Dave Airlie) [1680275]
- [gpu] drm: Block fb changes for async plane updates (Dave Airlie) [1680275]
- [drm] disable uncached DMA optimization for ARM and arm64 (Dave Airlie) [1680275]

[3.10.0-1046]
- [netdrv] mlx5: Remove unsupported tag for ConnectX-6 device (Kamal Heib) [1693568]
- [netdrv] mlx5: Remove unsupported tag for BlueField device (Kamal Heib) [1640590]
- [md] raid: raid5 preserve the writeback action after the parity check (Nigel Croxon) [1701350]
- [md] Revert '[md] Dont jump to compute_result state from check_result state' (Nigel Croxon) [1701350]
- [linux] mm: disable numa migration faults for dax vmas (Jeff Moyer) [1701444]
- [mm] gup: dont leak pte_devmap references in the gup slow paths (Jeff Moyer) [1698371]
- [tty] Fix lock order in tty_do_resize() (Aristeu Rozanski) [1684982]
- [tty] n_tty: Access termios values safely (Aristeu Rozanski) [1684982]
- [tty] Convert termios_mutex to termios_rwsem (Aristeu Rozanski) [1684982]
- [kernel] sched/fair: Limit sched_cfs_period_timer() loop to avoid hard lockup (Phil Auld) [1686505]
- [x86] intel_rdt: Make resctrl a mountpoint (Prarit Bhargava) [1702559]


Related CVEs


CVE-2018-15594
CVE-2018-16658
CVE-2018-14734
CVE-2018-7755
CVE-2018-13094
CVE-2018-9363
CVE-2018-9516
CVE-2019-5489
CVE-2018-13053
CVE-2019-7222
CVE-2019-11810
CVE-2019-3459
CVE-2019-11833
CVE-2018-8087
CVE-2018-9517
CVE-2018-10853
CVE-2018-13093
CVE-2018-13095
CVE-2018-14625
CVE-2018-16885
CVE-2018-18281
CVE-2019-3460
CVE-2019-3882
CVE-2019-3900
CVE-2019-11599

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) kernel-3.10.0-1062.el7.src.rpm2d1729b5947240fc4b34c560b769c9f5ELBA-2021-1397-1
bpftool-3.10.0-1062.el7.x86_64.rpm7b243035e74f79dbea3af2562cd46bddELBA-2021-1397-1
kernel-3.10.0-1062.el7.x86_64.rpmd8b70825b654ebb50a995a41fbf8c56fELBA-2021-1397-1
kernel-abi-whitelists-3.10.0-1062.el7.noarch.rpmf33c5029f4f9195dc8a8a44905cbcc1eELBA-2021-1397-1
kernel-debug-3.10.0-1062.el7.x86_64.rpm7f776dd595cb32fd92ce6caef9eabf1bELBA-2021-1397-1
kernel-debug-devel-3.10.0-1062.el7.x86_64.rpm083ceb83082546f686e81aec1b06020eELBA-2021-1397-1
kernel-devel-3.10.0-1062.el7.x86_64.rpme29a3cc3ee2f4185fd8661b8639e9a88ELBA-2021-1397-1
kernel-doc-3.10.0-1062.el7.noarch.rpme0dc1df5f9fb7561995634c2debfb8a3ELBA-2021-1397-1
kernel-headers-3.10.0-1062.el7.x86_64.rpm850d62d540056cf8783eccdbceb8f114ELBA-2021-1397-1
kernel-tools-3.10.0-1062.el7.x86_64.rpm8bf73f9ffe1e8e2181272232df05334bELBA-2021-1397-1
kernel-tools-libs-3.10.0-1062.el7.x86_64.rpm5e99723febf508bc9746f7f9dd27d347ELBA-2021-1397-1
kernel-tools-libs-devel-3.10.0-1062.el7.x86_64.rpm23399ec9c2f6d01f4d180c5bcdeb872dELBA-2021-1397-1
perf-3.10.0-1062.el7.x86_64.rpm9943ed4c5d85bd3c49792dda81411166ELSA-2021-9220
python-perf-3.10.0-1062.el7.x86_64.rpma52669e9ffd7e3ea842c71712963097cELSA-2021-9220



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete