ELSA-2024-12380 - Unbreakable Enterprise kernel-container security update
Type: | SECURITY |
Severity: | MODERATE |
Release Date: | 2024-05-13 |
Description
[5.4.17-2136.331.7.el7]
- Revert 'tracing/trigger: Fix to return error if failed to alloc snapshot' (Siddh Raman Pant)
- Revert 'selftests: mm: fix map_hugetlb failure on 64K page size systems' (Harshit Mogalapalli) [Orabug: 36584568]
- Revert 'net/mlx5: Enable SW-defined RoCEv2 UDP source port' (Arumugam Kolappan) [Orabug: 36530159]
- PCI: boot time optimization (Harman Kalra) [Orabug: 36553666]
[5.4.17-2136.331.6.el7]
- mm/memory-failure: fix an incorrect use of tail pages (Liu Shixin)
- fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion (Bart Van Assche)
- ahci: asm1064: asm1166: don't limit reported ports (Conrad Kostecki)
- ahci: asm1064: correct count of reported ports (Andrey Jr. Melnikov)
- mmc: core: Fix switch on gp3 partition (Dominique Martinet)
- Revert 'Revert 'md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d'' (Song Liu)
- serial: max310x: fix NULL pointer dereference in I2C instantiation (Hugo Villeneuve)
- bonding: rate-limit bonding driver inspect messages (Praveen Kumar Kannoju) [Orabug: 36250568]
- rds/rdma: Fix congestion value for userspace consumption (Juan Garcia) [Orabug: 36264652]
- rds: Include transport protocol name in rds-info -k output (Juan Garcia) [Orabug: 36264652]
[5.4.17-2136.331.5.el7]
- hwmon: (opbmc) E6/AST2600 platform enabled (Jan Zdarek) [Orabug: 36485646]
- rds/ib: Disable WARN_ON() when system is going down (Hans Westgaard Ry) [Orabug: 36394488]
- rds/rdma: print connection up/down time while dropping/connecting (Juan Garcia) [Orabug: 36264675]
- rds: ib: Use fastreg QP if conn is down and handle FRWR CQE timeout (Hakon Bugge) [Orabug: 36236541]
- rds: ib: Tear down QP when FRWR WRs fails (Hakon Bugge) [Orabug: 36236541]
- rds: ib: Poll fastreg CQ before destroying (Hakon Bugge) [Orabug: 36236541]
[5.4.17-2136.331.4.el7]
- net/mlx5: Brute force GFP_NOIO (Hakon Bugge) [Orabug: 35436312]
- RDMA/mlx5: Brute force GFP_NOIO (Hakon Bugge) [Orabug: 35436312]
- RDMA/cm: Brute force GFP_NOIO (Hakon Bugge) [Orabug: 35436312]
- RDMA/cma: Brute force GFP_NOIO (Hakon Bugge) [Orabug: 35436312]
- rds: Brute force GFP_NOIO (Hakon Bugge) [Orabug: 35436312]
- workqueue: Inherit NOIO and NOFS alloc flags (Hakon Bugge) [Orabug: 35436312]
- KVM: x86: Add BHI_NO (Daniel Sneddon) [Orabug: 36496846] {CVE-2024-2201}
- x86/bhi: Mitigate KVM by default (Pawan Gupta) [Orabug: 36496846] {CVE-2024-2201}
- x86/bhi: Add BHI mitigation knob (Pawan Gupta) [Orabug: 36496846] {CVE-2024-2201}
- x86/bhi: Enumerate Branch History Injection (BHI) bug (Pawan Gupta) [Orabug: 36496846] {CVE-2024-2201}
- x86/bhi: Define SPEC_CTRL_BHI_DIS_S (Daniel Sneddon) [Orabug: 36496846] {CVE-2024-2201}
- x86/bhi: Add support for clearing branch history at syscall entry (Pawan Gupta) [Orabug: 36496846] {CVE-2024-2201}
- x86/cpufeature: Add missing leaf enumeration (Daniel Sneddon) [Orabug: 36496846] {CVE-2024-2201}
- KVM: x86: Use a switch statement and macros in __feature_translate() (Jim Mattson) [Orabug: 36496846] {CVE-2024-2201}
- KVM: x86: Advertise CPUID.(EAX=7,ECX=2):EDX[5:0] to userspace (Jim Mattson) [Orabug: 36496846] {CVE-2024-2201}
- KVM: x86: Update KVM-only leaf handling to allow for 100% KVM-only leafs (Sean Christopherson) [Orabug: 36496846] {CVE-2024-2201}
- x86/bugs: Use sysfs_emit() (Borislav Petkov) [Orabug: 36496846] {CVE-2024-2201}
- x86/speculation: Reorder SRSO and GDS functions (Alexandre Chartre) [Orabug: 36496846] {CVE-2024-2201}
- KVM: x86: Mask off unsupported and unknown bits of IA32_ARCH_CAPABILITIES (Jim Mattson) [Orabug: 36496846] {CVE-2024-2201}
- KVM: x86: Move reverse CPUID helpers to separate header file (Ricardo Koller) [Orabug: 36496846] {CVE-2024-2201}
- KVM: x86: Fix implicit enum conversion goof in scattered reverse CPUID code (Sean Christopherson) [Orabug: 36496846] {CVE-2024-2201}
- KVM: x86: Add support for reverse CPUID lookup of scattered features (Sean Christopherson) [Orabug: 36496846] {CVE-2024-2201}
- x86/msr: Define new bits in TSX_FORCE_ABORT MSR (Pawan Gupta) [Orabug: 36496846] {CVE-2024-2201}
- objtool: Add asm version of STACK_FRAME_NON_STANDARD (Josh Poimboeuf) [Orabug: 36496846] {CVE-2024-2201}
- objtool: Only include valid definitions depending on source file type (Julien Thierry) [Orabug: 36496846] {CVE-2024-2201}
[5.4.17-2136.331.3.el7]
- LTS tag: v5.4.273 (Sherry Yang)
- regmap: Add missing map->bus check (Marek Vasut)
- spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (Fei Shao)
- bpf: report RCU QS in cpumap kthread (Yan Zhai)
- rcu: add a helper to report consolidated flavor QS (Yan Zhai)
- netfilter: nf_tables: do not compare internal table flags on updates (Pablo Neira Ayuso)
- ARM: dts: sun8i-h2-plus-bananapi-m2-zero: add regulator nodes vcc-dram and vcc1v2 (Michael Klein)
- octeontx2-af: Use separate handlers for interrupts (Subbaraya Sundeep)
- net/bnx2x: Prevent access to a freed page in page_pool (Thinh Tran)
- hsr: Handle failures in module init (Felix Maurer)
- packet: annotate data-races around ignore_outgoing (Eric Dumazet)
- hsr: Fix uninit-value access in hsr_get_node() (Shigeru Yoshida)
- s390/vtime: fix average steal time calculation (Mete Durlu)
- usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (Colin Ian King)
- staging: greybus: fix get_channel_from_mode() failure path (Dan Carpenter)
- serial: 8250_exar: Don't remove GPIO device on suspend (Andy Shevchenko)
- rtc: mt6397: select IRQ_DOMAIN instead of depending on it (Randy Dunlap)
- kconfig: fix infinite loop when expanding a macro at the end of file (Masahiro Yamada)
- tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (Tudor Ambarus)
- serial: max310x: fix syntax error in IRQ error message (Hugo Villeneuve)
- tty: vt: fix 20 vs 0x20 typo in EScsiignore (Jiri Slaby (SUSE))
- afs: Revert 'afs: Hide silly-rename files from userspace' (David Howells)
- NFS: Fix an off by one in root_nfs_cat() (Christophe JAILLET)
- watchdog: stm32_iwdg: initialize default timeout (Ben Wolsieffer)
- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (Christophe JAILLET)
- scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn (Arnd Bergmann)
- RDMA/device: Fix a race between mad_client and cm_client init (Shifeng Li)
- scsi: csiostor: Avoid function pointer casts (Arnd Bergmann)
- ALSA: usb-audio: Stop parsing channels bits when all channels are found. (Johan Carlsson)
- clk: Fix clk_core_get NULL dereference (Bryan O'Donoghue)
- sparc32: Fix section mismatch in leon_pci_grpci (Sam Ravnborg)
- backlight: lp8788: Fully initialize backlight_properties during probe (Daniel Thompson)
- backlight: lm3639: Fully initialize backlight_properties during probe (Daniel Thompson)
- backlight: da9052: Fully initialize backlight_properties during probe (Daniel Thompson)
- backlight: lm3630a: Don't set bl->props.brightness in get_brightness (Luca Weiss)
- backlight: lm3630a: Initialize backlight_properties on init (Luca Weiss)
- powerpc/embedded6xx: Fix no previous prototype for avr_uart_send() etc. (Michael Ellerman)
- drm/msm/dpu: add division of drm_display_mode's hskew parameter (Paloma Arellano)
- powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks (Kajol Jain)
- drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip (Hsin-Yi Wang)
- media: ttpci: fix two memleaks in budget_av_attach (Zhipeng Lu)
- media: media/pci: rename VFL_TYPE_GRABBER to _VIDEO (Hans Verkuil)
- media: go7007: fix a memleak in go7007_load_encoder (Zhipeng Lu)
- media: dvb-frontends: avoid stack overflow warnings with clang (Arnd Bergmann)
- media: pvrusb2: fix uaf in pvr2_context_set_notify (Edward Adam Davis)
- drm/amdgpu: Fix missing break in ATOM_ARG_IMM Case of atom_get_src_int() (Srinivasan Shanmugam)
- ASoC: meson: axg-tdm-interface: fix mclk setup without mclk-fs (Jerome Brunet)
- mtd: rawnand: lpc32xx_mlc: fix irq handler prototype (Arnd Bergmann)
- mtd: maps: physmap-core: fix flash size larger than 32-bit (Baruch Siach)
- crypto: arm/sha - fix function cast warnings (Arnd Bergmann)
- mfd: altera-sysmgr: Call of_node_put() only when of_parse_phandle() takes a ref (Peter Griffin)
- mfd: syscon: Call of_node_put() only when of_parse_phandle() takes a ref (Peter Griffin)
- drm/tegra: put drm_gem_object ref on error in tegra_fb_create (Fedor Pchelkin)
- clk: hisilicon: hi3519: Release the correct number of gates in hi3519_clk_unregister() (Christophe JAILLET)
- PCI: Mark 3ware-9650SE Root Port Extended Tags as broken (Jorg Wedekind)
- drm/mediatek: dsi: Fix DSI RGB666 formats and definitions (AngeloGioacchino Del Regno)
- clk: qcom: dispcc-sdm845: Adjust internal GDSC wait times (Konrad Dybcio)
- media: pvrusb2: fix pvr2_stream_callback casts (Arnd Bergmann)
- media: pvrusb2: remove redundant NULL check (Daniil Dulov)
- media: go7007: add check of return value of go7007_read_addr() (Daniil Dulov)
- media: imx: csc/scaler: fix v4l2_ctrl_handler memory leak (Lucas Stach)
- perf stat: Avoid metric-only segv (Ian Rogers)
- ALSA: seq: fix function cast warnings (Takashi Iwai)
- drm/radeon/ni: Fix wrong firmware size logging in ni_init_microcode() (Nikita Zhandarovich)
- perf thread_map: Free strlist on normal path in thread_map__new_by_tid_str() (Yang Jihong)
- PCI: switchtec: Fix an error handling path in switchtec_pci_probe() (Christophe JAILLET)
- quota: Fix rcu annotations of inode dquot pointers (Jan Kara)
- quota: Fix potential NULL pointer dereference (Wang Jianjian)
- quota: simplify drop_dquot_ref() (Baokun Li)
- clk: qcom: reset: Ensure write completion on reset de/assertion (Konrad Dybcio)
- clk: qcom: reset: Commonize the de/assert functions (Konrad Dybcio)
- clk: qcom: reset: support resetting multiple bits (Robert Marko)
- clk: qcom: reset: Allow specifying custom reset delay (Stephan Gerhold)
- media: edia: dvbdev: fix a use-after-free (Zhipeng Lu)
- media: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity (Zhipeng Lu)
- media: v4l2-tpg: fix some memleaks in tpg_alloc (Zhipeng Lu)
- media: em28xx: annotate unchecked call to media_device_register() (Nikita Zhandarovich)
- perf evsel: Fix duplicate initialization of data->id in evsel__parse_sample() (Yang Jihong)
- drm/amd/display: Fix potential NULL pointer dereferences in 'dcn10_set_output_transfer_func()' (Srinivasan Shanmugam)
- perf record: Fix possible incorrect free in record__switch_output() (Yang Jihong)
- PCI/DPC: Print all TLP Prefixes, not just the first (Ilpo Jarvinen)
- media: tc358743: register v4l2 async device only after successful setup (Alexander Stein)
- dmaengine: tegra210-adma: Update dependency to ARCH_TEGRA (Peter Robinson)
- drm/rockchip: lvds: do not overwrite error code (Quentin Schulz)
- drm: Don't treat 0 as -1 in drm_fixp2int_ceil (Harry Wentland)
- drm/rockchip: inno_hdmi: Fix video timing (Alex Bee)
- drm/tegra: output: Fix missing i2c_put_adapter() in the error handling paths of tegra_output_probe() (Christophe JAILLET)
- drm/tegra: dsi: Fix missing pm_runtime_disable() in the error handling path of tegra_dsi_probe() (Christophe JAILLET)
- drm/tegra: dsi: Fix some error handling paths in tegra_dsi_probe() (Christophe JAILLET)
- drm/tegra: dsi: Make use of the helper function dev_err_probe() (Cai Huoqing)
- gpu: host1x: mipi: Update tegra_mipi_request() to be node based (Sowjanya Komatineni)
- drm/tegra: dsi: Add missing check for of_find_device_by_node (Chen Ni)
- dm: call the resume method on internal suspend (Mikulas Patocka)
- dm raid: fix false positive for requeue needed during reshape (Ming Lei)
- nfp: flower: handle acti_netdevs allocation failure (Duoming Zhou)
- net/x25: fix incorrect parameter validation in the x25_getsockopt() function (Gavrilov Ilia)
- net: kcm: fix incorrect parameter validation in the kcm_getsockopt) function (Gavrilov Ilia)
- udp: fix incorrect parameter validation in the udp_lib_getsockopt() function (Gavrilov Ilia)
- l2tp: fix incorrect parameter validation in the pppol2tp_getsockopt() function (Gavrilov Ilia)
- tcp: fix incorrect parameter validation in the do_tcp_getsockopt() function (Gavrilov Ilia)
- net: hns3: fix port duplex configure error in IMP reset (Jie Wang)
- net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv() (Eric Dumazet)
- ipv6: fib6_rules: flush route cache when rule is changed (Shiming Cheng)
- bpf: Fix stackmap overflow check on 32-bit arches (Toke Hoiland-Jorgensen)
- bpf: Fix hashtab overflow check on 32-bit arches (Toke Hoiland-Jorgensen)
- sr9800: Add check for usbnet_get_endpoints (Chen Ni)
- Bluetooth: hci_core: Fix possible buffer overflow (Luiz Augusto von Dentz)
- Bluetooth: Remove superfluous call to hci_conn_check_pending() (Jonas Dressler)
- igb: Fix missing time sync events (Vinicius Costa Gomes)
- igb: move PEROUT and EXTTS isr logic to separate functions (Ruud Bos)
- mmc: wmt-sdmmc: remove an incorrect release_mem_region() call in the .remove function (Christophe JAILLET)
- SUNRPC: fix some memleaks in gssx_dec_option_array (Zhipeng Lu)
- x86, relocs: Ignore relocations in .notes section (Kees Cook)
- ACPI: scan: Fix device check notification handling (Rafael J. Wysocki)
- ARM: dts: imx6dl-yapp4: Move the internal switch PHYs under the switch node (Michal Vokac)
- ARM: dts: imx6dl-yapp4: Fix typo in the QCA switch register address (Michal Vokac)
- ARM: dts: imx6dl-yapp4: Move phy reset into switch node (Michal Vokac)
- ARM: dts: arm: realview: Fix development chip ROM compatible value (Geert Uytterhoeven)
- net: ena: Remove ena_select_queue (Kamal Heib)
- net: ena: cosmetic: fix line break issues (Arthur Kiyanovski)
- wifi: brcmsmac: avoid function pointer casts (Arnd Bergmann)
- iommu/amd: Mark interrupt as managed (Mario Limonciello)
- bus: tegra-aconnect: Update dependency to ARCH_TEGRA (Peter Robinson)
- ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit() (Armin Wolf)
- arm64: dts: qcom: msm8996: Pad addresses (Bjorn Andersson)
- arm64: dts: qcom: msm8996: Move regulator consumers to db820c (Bjorn Andersson)
- arm64: dts: qcom: msm8996: Use node references in db820c (Bjorn Andersson)
- arm64: dts: qcom: db820c: Move non-soc entries out of /soc (Bjorn Andersson)
- bpf: Mark bpf_spin_{lock,unlock}() helpers with notrace correctly (Yonghong Song)
- bpf: Factor out bpf_spin_lock into helpers. (Alexei Starovoitov)
- arm64: dts: mediatek: mt7622: add missing 'device_type' to memory nodes (Rafal Milecki)
- wifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer() (Zhipeng Lu)
- net: blackhole_dev: fix build warning for ethh set but not used (Breno Leitao)
- af_unix: Annotate data-race of gc_in_progress in wait_for_unix_gc(). (Kuniyuki Iwashima)
- sock_diag: annotate data-races around sock_diag_handlers[family] (Eric Dumazet)
- wifi: mwifiex: debugfs: Drop unnecessary error check for debugfs_create_dir() (Jinjie Ruan)
- wifi: wilc1000: fix RCU usage in connect path (Alexis Lothore)
- wifi: wilc1000: fix declarations ordering (Alexis Lothore)
- wifi: b43: Disable QoS for bcm4331 (Rahul Rameshbabu)
- wifi: b43: Stop correct queue in DMA worker when QoS is disabled (Rahul Rameshbabu)
- b43: main: Fix use true/false for bool type (Saurav Girepunje)
- wifi: b43: Stop/wake correct queue in PIO Tx path when QoS is disabled (Rahul Rameshbabu)
- wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled (Rahul Rameshbabu)
- b43: dma: Fix use true/false for bool type variable (Saurav Girepunje)
- wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (Xingyuan Mo)
- timekeeping: Fix cross-timestamp interpolation for non-x86 (Peter Hilber)
- timekeeping: Fix cross-timestamp interpolation corner case decision (Peter Hilber)
- timekeeping: Fix cross-timestamp interpolation on counter wrap (Peter Hilber)
- aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts (Chun-Yi Lee) {CVE-2023-6270}
- fs/select: rework stack allocation hack for clang (Arnd Bergmann)
- do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak (Nikita Zhandarovich)
- ASoC: wm8962: Fix up incorrect error message in wm8962_set_fll (Stuart Henderson)
- ASoC: wm8962: Enable both SPKOUTR_ENA and SPKOUTL_ENA in mono mode (Stuart Henderson)
- ASoC: wm8962: Enable oscillator if selecting WM8962_FLL_OSC (Stuart Henderson)
- Input: gpio_keys_polled - suppress deferred probe error for gpio (Uwe Kleine-Konig)
- ASoC: Intel: bytcr_rt5640: Add an extra entry for the Chuwi Vi8 tablet (Alban Boye)
- firewire: core: use long bus reset on gap count error (Takashi Sakamoto)
- Bluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security (Yuxuan Hu)
- scsi: mpt3sas: Prevent sending diag_reset when the controller is ready (Ranjan Kumar)
- btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve (Filipe Manana)
- dm-verity, dm-crypt: align 'struct bvec_iter' correctly (Mikulas Patocka)
- block: sed-opal: handle empty atoms when parsing response (Greg Joyce)
- parisc/ftrace: add missing CONFIG_DYNAMIC_FTRACE check (Max Kellermann)
- net/iucv: fix the allocation size of iucv_path_table array (Alexander Gordeev)
- RDMA/mlx5: Relax DEVX access upon modify commands (Yishai Hadas)
- HID: multitouch: Add required quirk for Synaptics 0xcddc device (Manuel Fombuena)
- MIPS: Clear Cause.BD in instruction_pointer_set (Jiaxun Yang)
- x86/xen: Add some null pointer checking to smp.c (Kunwu Chan)
- ASoC: rt5645: Make LattePanda board DMI match more precise (Hans de Goede)
- selftests: tls: use exact comparison in recv_partial (Jakub Kicinski)
- LTS tag: v5.4.272 (Sherry Yang)
- serial: max310x: fix IO data corruption in batched operations (Jan Kundrat)
- serial: max310x: implement I2C support (Cosmin Tanislav)
- serial: max310x: make accessing revision id interface-agnostic (Cosmin Tanislav)
- regmap: Add bulk read/write callbacks into regmap_config (Marek Vasut)
- regmap: allow to define reg_update_bits for no bus configuration (Ansuel Smith)
- serial: max310x: Unprepare and disable clock in error path (Andy Shevchenko)
- getrusage: use sig->stats_lock rather than lock_task_sighand() (Oleg Nesterov)
- getrusage: use __for_each_thread() (Oleg Nesterov)
- getrusage: move thread_group_cputime_adjusted() outside of lock_task_sighand() (Oleg Nesterov)
- getrusage: add the 'signal_struct *sig' local variable (Oleg Nesterov)
- y2038: rusage: use __kernel_old_timeval (Arnd Bergmann)
- Input: i8042 - fix strange behavior of touchpad on Clevo NS70PU (Werner Sembach)
- serial: max310x: prevent infinite while() loop in port startup (Hugo Villeneuve)
- serial: max310x: use a separate regmap for each port (Cosmin Tanislav)
- serial: max310x: use regmap methods for SPI batch operations (Cosmin Tanislav)
- serial: max310x: Make use of device properties (Andy Shevchenko)
- serial: max310x: fail probe if clock crystal is unstable (Hugo Villeneuve)
- serial: max310x: Try to get crystal clock rate from property (Andy Shevchenko)
- serial: max310x: Use devm_clk_get_optional() to get the input clock (Andy Shevchenko)
- um: allow not setting extra rpaths in the linux binary (Johannes Berg)
- selftests: mm: fix map_hugetlb failure on 64K page size systems (Nico Pache)
- netrom: Fix data-races around sysctl_net_busy_read (Jason Xing)
- netrom: Fix a data-race around sysctl_netrom_link_fails_count (Jason Xing)
- netrom: Fix a data-race around sysctl_netrom_routing_control (Jason Xing)
- netrom: Fix a data-race around sysctl_netrom_transport_no_activity_timeout (Jason Xing)
- netrom: Fix a data-race around sysctl_netrom_transport_requested_window_size (Jason Xing)
- netrom: Fix a data-race around sysctl_netrom_transport_busy_delay (Jason Xing)
- netrom: Fix a data-race around sysctl_netrom_transport_acknowledge_delay (Jason Xing)
- netrom: Fix a data-race around sysctl_netrom_transport_maximum_tries (Jason Xing)
- netrom: Fix a data-race around sysctl_netrom_transport_timeout (Jason Xing)
- netrom: Fix data-races around sysctl_netrom_network_ttl_initialiser (Jason Xing)
- netrom: Fix a data-race around sysctl_netrom_obsolescence_count_initialiser (Jason Xing)
- netrom: Fix a data-race around sysctl_netrom_default_path_quality (Jason Xing)
- netfilter: nf_conntrack_h323: Add protection for bmp length out of range (Lena Wang)
- net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (Eric Dumazet)
- net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() (Rand Deeb)
- geneve: make sure to pull inner header in geneve_rx() (Eric Dumazet)
- ixgbe: {dis, en}able irqs in ixgbe_txrx_ring_{dis, en}able (Maciej Fijalkowski)
- net: lan78xx: fix runtime PM count underflow on link stop (Oleksij Rempel)
- lan78xx: Fix race conditions in suspend/resume handling (John Efstathiades)
- lan78xx: Fix partial packet errors on suspend/resume (John Efstathiades)
- lan78xx: Add missing return code checks (John Efstathiades)
- lan78xx: Fix white space and style issues (John Efstathiades)
- LTS tag: v5.4.271 (Sherry Yang)
- gpio: 74x164: Enable output pins after registers are reset (Arturas Moskvinas)
- fs,hugetlb: fix NULL pointer dereference in hugetlbs_fill_super (Oscar Salvador)
- cachefiles: fix memory leak in cachefiles_add_cache() (Baokun Li)
- x86/cpu/intel: Detect TME keyid bits before setting MTRR mask registers (Paolo Bonzini)
- mmc: core: Fix eMMC initialization with 1-bit bus connection (Ivan Semenov)
- dmaengine: fsl-qdma: init irq after reg initialization (Curtis Klein)
- dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read (Peng Ma)
- btrfs: dev-replace: properly validate device names (David Sterba)
- wifi: nl80211: reject iftype change with mesh ID change (Johannes Berg)
- gtp: fix use-after-free and null-ptr-deref in gtp_newlink() (Alexander Ofitserov)
- ALSA: Drop leftover snd-rtctimer stuff from Makefile (Takashi Iwai)
- power: supply: bq27xxx-i2c: Do not free non existing IRQ (Hans de Goede)
- efi/capsule-loader: fix incorrect allocation size (Arnd Bergmann)
- rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back (Lin Ma)
- Bluetooth: Enforce validation on max value of connection interval (Kai-Heng Feng)
- Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST (Luiz Augusto von Dentz)
- Bluetooth: Avoid potential use-after-free in hci_error_reset (Ying Hsu)
- net: usb: dm9601: fix wrong return value in dm9601_mdio_read (Javier Carrasco)
- lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (Oleksij Rempel)
- ipv6: fix potential 'struct net' leak in inet6_rtm_getaddr() (Eric Dumazet)
- tun: Fix xdp_rxq_info's queue_index when detaching (Yunjian Wang)
- net: ip_tunnel: prevent perpetual headroom growth (Florian Westphal)
- netlink: Fix kernel-infoleak-after-free in __skb_datagram_iter (Ryosuke Yasuoka)
- LTS tag: v5.4.270 (Sherry Yang)
- fs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio (Bart Van Assche)
- drm/syncobj: call drm_syncobj_fence_add_wait when WAIT_AVAILABLE flag is set (Erik Kurzinger)
- drm/syncobj: make lockdep complain on WAIT_FOR_SUBMIT v3 (Christian Konig)
- tls: stop recv() if initial process_rx_list gave us non-DATA (Sabrina Dubroca)
- tls: rx: drop pointless else after goto (Jakub Kicinski)
- tls: rx: jump to a more appropriate label (Jakub Kicinski)
- s390: use the correct count for __iowrite64_copy() (Jason Gunthorpe)
- packet: move from strlcpy with unused retval to strscpy (Wolfram Sang)
- ipv6: sr: fix possible use-after-free and null-ptr-deref (Vasiliy Kovalev)
- afs: Increase buffer size in afs_update_volume_status() (Daniil Dulov)
- ipv6: properly combine dev_base_seq and ipv6.dev_addr_genid (Eric Dumazet)
- ipv4: properly combine dev_base_seq and ipv4.dev_addr_genid (Eric Dumazet)
- nouveau: fix function cast warnings (Arnd Bergmann)
- scsi: jazz_esp: Only build if SCSI core is builtin (Randy Dunlap)
- bpf, scripts: Correct GPL license name (Gianmarco Lusvardi)
- scripts/bpf: teach bpf_helpers_doc.py to dump BPF helper definitions (Andrii Nakryiko)
- RDMA/srpt: fix function pointer cast warnings (Arnd Bergmann)
- RDMA/srpt: Make debug output more detailed (Bart Van Assche)
- RDMA/bnxt_re: Return error for SRQ resize (Kalesh AP)
- IB/hfi1: Fix a memleak in init_credit_return (Zhipeng Lu)
- usb: roles: don't get/set_role() when usb_role_switch is unregistered (Xu Yang)
- usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs (Krishna Kurapati)
- usb: cdns3: fix memory double free when handle zero packet (Frank Li)
- usb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable() (Frank Li)
- ARM: ep93xx: Add terminator to gpiod_lookup_table (Nikita Shubin)
- l2tp: pass correct message length to ip6_append_data (Tom Parkin)
- PCI/MSI: Prevent MSI hardware interrupt number truncation (Vidya Sagar)
- gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() (Vasiliy Kovalev)
- dm-crypt: don't modify the data when using authenticated encryption (Mikulas Patocka)
- PCI: tegra: Fix OF node reference leak (Christophe JAILLET)
- PCI: tegra: Fix reporting GPIO error value (Pali Rohar)
- arm64: dts: qcom: msm8916: Fix typo in pronto remoteproc node (Sireesh Kodali)
- drm/amdgpu: Fix type of second parameter in trans_msg() callback (Nathan Chancellor)
- iomap: Set all uptodate bits for an Uptodate page (Matthew Wilcox (Oracle))
- dm-integrity: don't modify bio's immutable bio_vec in integrity_metadata() (Mikulas Patocka)
- x86/alternatives: Disable KASAN in apply_alternatives() (Kirill A. Shutemov)
- drm/amdgpu: Check for valid number of registers to read (Trek)
- Revert 'drm/sun4i: dsi: Change the start delay calculation' (Icenowy Zheng)
- ALSA: hda/realtek - Enable micmute LED on and HP system (Kai-Heng Feng)
- selftests/bpf: Avoid running unprivileged tests with alignment requirements (Bjorn Topel)
- net: bridge: clear bridge's private skb space on xmit (Nikolay Aleksandrov)
- spi: mt7621: Fix an error message in mt7621_spi_probe() (Christophe JAILLET)
- pinctrl: rockchip: Fix refcount leak in rockchip_pinctrl_parse_groups (Miaoqian Lin)
- pinctrl: pinctrl-rockchip: Fix a bunch of kerneldoc misdemeanours (Lee Jones)
- tcp: add annotations around sk->sk_shutdown accesses (Eric Dumazet)
- tcp: return EPOLLOUT from tcp_poll only when notsent_bytes is half the limit (Soheil Hassas Yeganeh)
- tcp: factor out __tcp_close() helper (Paolo Abeni)
- pmdomain: renesas: r8a77980-sysc: CR7 must be always on (Geert Uytterhoeven)
- s390/qeth: Fix potential loss of L3-IP@ in case of network issues (Alexandra Winter)
- virtio-blk: Ensure no requests in virtqueues before deleting vqs. (Yi Sun)
- firewire: core: send bus reset promptly on gap count error (Takashi Sakamoto)
- scsi: lpfc: Use unsigned type for num_sge (Hannes Reinecke)
- hwmon: (coretemp) Enlarge per package core count limit (Zhang Rui)
- nvmet-fc: abort command when there is no binding (Daniel Wagner)
- netfilter: conntrack: check SCTP_CID_SHUTDOWN_ACK for vtag setting in sctp_new (Xin Long)
- ASoC: sunxi: sun4i-spdif: Add support for Allwinner H616 (Chen-Yu Tsai)
- nvmet-tcp: fix nvme tcp ida memory leak (Guixin Liu)
- regulator: pwm-regulator: Add validity checks in continuous .get_voltage (Martin Blumenstingl)
- ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (Baokun Li)
- ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() (Baokun Li)
- ahci: add 43-bit DMA address quirk for ASMedia ASM1061 controllers (Lennert Buytenhek)
- ahci: asm1166: correct count of reported ports (Conrad Kostecki)
- fbdev: sis: Error out if pixclock equals zero (Fullway Wang) {CVE-2022-3061}
- fbdev: savage: Error out if pixclock equals zero (Fullway Wang) {CVE-2022-3061}
- wifi: mac80211: fix race condition on enabling fast-xmit (Felix Fietkau)
- wifi: cfg80211: fix missing interfaces when dumping (Michal Kazior)
- dmaengine: fsl-qdma: increase size of 'irq_name' (Vinod Koul)
- dmaengine: shdma: increase size of 'dev_id' (Vinod Koul)
- scsi: target: core: Add TMF to tmr_list handling (Dmitry Bogdanov)
- sched/rt: Disallow writing invalid values to sched_rt_period_us (Cyril Hrubis)
- sched/rt: Fix sysctl_sched_rr_timeslice intial value (Cyril Hrubis)
- userfaultfd: fix mmap_changing checking in mfill_atomic_hugetlb (Lokesh Gidra)
- nilfs2: replace WARN_ONs for invalid DAT metadata block requests (Ryusuke Konishi)
- sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset (Cyril Hrubis)
- KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler (Oliver Upton)
- KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() (Oliver Upton)
[5.4.17-2136.331.2.el7]
- uek-rpm: ol7, ol8: add vmlinux-nano.ctfa building (Nick Alcock) [Orabug: 35266053]
- ctf: add ctf-nano, ctf containing only some modules' CTF (Nick Alcock) [Orabug: 35266053]
- RDMA/cm: add timeout to cm_destroy_id wait (Manjunath Patil) [Orabug: 36280586]
- rds: Add count for ready receive cache (Hans Westgaard Ry) [Orabug: 36360482]
- mm/hwpoison: fix error page recovered but reported 'not recovered' (Naoya Horiguchi) [Orabug: 36436639]
- mm,hwpoison: check mm when killing accessing process (Shuai Xue) [Orabug: 36436639]
- mm,hwpoison: send SIGBUS with error virutal address (Naoya Horiguchi) [Orabug: 36436639]
- mm,hwpoison: return -EHWPOISON to denote that the page has already been poisoned (Aili Yao) [Orabug: 36436639]
- mm/memory-failure: use a mutex to avoid memory_failure() races (Tony Luck) [Orabug: 36436639]
[5.4.17-2136.331.1.el7]
- Revert 'mmc: core: Use mrq.sbc in close-ended ffu' (Thomas Tai) [Orabug: 36446450]
- ext4: fix corruption during on-line resize (Maximilian Heyne) [Orabug: 36342902]
Related CVEs
Updated Packages
Release/Architecture | Filename | MD5sum | Superseded By Advisory | Channel Label |
|
Oracle Linux 7 (x86_64) | kernel-uek-container-5.4.17-2136.331.7.el7.src.rpm | 23f8a013a78197c96506c2483fb70d16 | - | ol7_x86_64_UEKR6 |
| kernel-uek-container-5.4.17-2136.331.7.el7.x86_64.rpm | eb70dc25e43770e7545e4eb30b6ead6f | - | ol7_x86_64_UEKR6 |
| kernel-uek-container-debug-5.4.17-2136.331.7.el7.x86_64.rpm | 5689475ebc5816476eccba8a1e8dc708 | - | ol7_x86_64_UEKR6 |
|
Oracle Linux 8 (x86_64) | kernel-uek-container-5.4.17-2136.331.7.el8.src.rpm | a8551e180ff9c885f1f738bd65bdd650 | - | ol8_x86_64_UEKR6 |
| kernel-uek-container-5.4.17-2136.331.7.el8.x86_64.rpm | ac1edba834ac157e116e33d4a92374ac | - | ol8_x86_64_UEKR6 |
| kernel-uek-container-debug-5.4.17-2136.331.7.el8.x86_64.rpm | 8d26e711a49fa5e6c2d33a0f3a9e9c0f | - | ol8_x86_64_UEKR6 |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team