ELSA-2017-3659

ELSA-2017-3659 - Unbreakable Enterprise kernel security and bugfix update

Type:SECURITY
Severity:IMPORTANT
Release Date:2017-12-13

Description


[4.1.12-112.14.1]
- ext4: fix off-by-one on max nr_pages in ext4_find_unwritten_pgoff() (Eryu Guan) [Orabug: 27233471]

[4.1.12-112.13.1]
- cgroup: make sure a parent css isnt offlined before its children (Tejun Heo) [Orabug: 27179269]

[4.1.12-112.12.1]
- ctf: allow dwarf2ctf to run as root but produce no output (Nick Alcock) [Orabug: 27133094]
- net: qmi_wwan: fix divide by 0 on bad descriptors (Bjorn Mork) [Orabug: 27215221] {CVE-2017-16650}
- ctf: fix thinko preventing linking of out-of-tree modules when CTF is off (Nick Alcock) [Orabug: 27215293]
- Revert 'firmware: dmi_scan: add SBMIOS entry and DMI tables' (Dan Duval) [Orabug: 27100376]

[4.1.12-112.11.1]
- mm, thp: Do not make page table dirty unconditionally in follow_trans_huge_pmd() (Kirill A. Shutemov) [Orabug: 27200880] {CVE-2017-1000405}
- uek-rpm: Update linux firmware package for OL7 (Dhaval Giani) [Orabug: 27210206]
- uek-rpm: Update firmware for OL6 UEK spec file (Dhaval Giani) [Orabug: 27210204]
- scsi: Add STARGET_CREATED_REMOVE state to scsi_target_state (Ewan D. Milne) [Orabug: 27187218]
- xen/time: do not decrease steal time after live migration on xen (Dongli Zhang) [Orabug: 26770163]
- ALSA: usb-audio: Kill stray URB at exiting (Takashi Iwai) [Orabug: 27148272] {CVE-2017-16527}
- scsi: qla2xxx: Fix NULL pointer access due to redundant fc_host_port_name call (Quinn Tran) [Orabug: 27149785]
- scsi: qla2xxx: Initialize Work element before requesting IRQs (Himanshu Madhani) [Orabug: 27149785]
- scsi: qla2xxx: Fix uninitialized work element (Quinn Tran) [Orabug: 27149785]

[4.1.12-112.10.1]
- Revert 'Improves clear_huge_page() using work queues' (Jack Vogel) [Orabug: 27055693]
- packet: in packet_do_bind, test fanout with bind_lock held (Willem de Bruijn) [Orabug: 27069060] {CVE-2017-15649}
- packet: hold bind lock when rebinding to fanout hook (Willem de Bruijn) [Orabug: 27069060] {CVE-2017-15649}
- net: convert packet_fanout.sk_ref from atomic_t to refcount_t (Reshetova, Elena) [Orabug: 27069060] {CVE-2017-15649}
- packet: fix races in fanout_add() (Eric Dumazet) [Orabug: 27069060] {CVE-2017-15649}
- refcount_t: Introduce a special purpose refcount type (Peter Zijlstra) [Orabug: 27069060] {CVE-2017-15649}
- locking/atomics: Add _{acquire|release|relaxed}() variants of some atomic operations (Will Deacon) [Orabug: 27069060] {CVE-2017-15649}
- scsi: qla2xxx: Fix slow mem alloc behind lock (Quinn Tran) [Orabug: 27100873]

[4.1.12-112.9.1]
- xfs: Fix off-by-in in loop termination in xfs_find_get_desired_pgoff() (Jan Kara) [Orabug: 26862911]
- xfs: Fix missed holes in SEEK_HOLE implementation (Jan Kara) [Orabug: 26862911]
- ext4: fix off-by-in in loop termination in ext4_find_unwritten_pgoff() (Jan Kara) [Orabug: 26862911]
- ext4: fix SEEK_HOLE (Jan Kara) [Orabug: 26862911]
- rtc: cmos: century support (Sylvain Chouleur) [Orabug: 27025943]
- ocfs2: code clean up for direct io (Ryan Ding) [Orabug: 27117733]
- scsi: Dont abort scsi_scan due to unexpected response (John Sobecki) [Orabug: 27119610]
- ocfs2: fstrim: Fix start offset of first cluster group during fstrim (Ashish Samant) [Orabug: 26326914]

[4.1.12-112.8.1]
- uek-rpm: disable CONFIG_NUMA_BALANCING_DEFAULT_ENABLED (Fred Herard) [Orabug: 26798697]
- uek-rpm: Add more missing modules to OL7 ueknano (Somasundaram Krishnasamy) [Orabug: 27028326]
- fix unbalanced page refcounting in bio_map_user_iov (Vitaly Mayatskikh) [Orabug: 27069034] {CVE-2017-12190}
- more bio_map_user_iov() leak fixes (Al Viro) [Orabug: 27069034] {CVE-2017-12190}
- usb: Quiet down false peer failure messages (Don Zickus) [Orabug: 26669801]
- ovl: during copy up, switch to mounters creds early (Vivek Goyal) [Orabug: 27052885]
- ovl: lookup: do getxattr with mounters permission (Miklos Szeredi) [Orabug: 27052885]
- ovl: get rid of the dead code left from broken (and disabled) optimizations (Al Viro) [Orabug: 27052885]
- selinux: Implement dentry_create_files_as() hook (Vivek Goyal) [Orabug: 27052885]
- security, overlayfs: Provide hook to correctly label newly created files (Vivek Goyal) [Orabug: 27052885]
- selinux: Pass security pointer to determine_inode_label() (Vivek Goyal) [Orabug: 27052885]
- selinux: Implementation for inode_copy_up_xattr() hook (Vivek Goyal) [Orabug: 27052885]
- security,overlayfs: Provide security hook for copy up of xattrs for overlay file (Vivek Goyal) [Orabug: 27052885]
- selinux: Implementation for inode_copy_up() hook (Vivek Goyal) [Orabug: 27052885]
- security, overlayfs: provide copy up security hook for unioned files (Vivek Goyal) [Orabug: 27052885]
- selinux: delay inode label lookup as long as possible (Paul Moore) [Orabug: 27052885]
- selinux: Add accessor functions for inode->i_security (Andreas Gruenbacher) [Orabug: 27052885]
- selinux: Create a common helper to determine an inode label [ver #3] (David Howells) [Orabug: 27052885]
- KVM: nVMX: Fix loss of L2s NMI blocking state (Wanpeng Li) [Orabug: 27056291]
- KVM: nVMX: track NMI blocking state separately for each VMCS (Paolo Bonzini) [Orabug: 27056291]
- KVM: VMX: require virtual NMI support (Paolo Bonzini) [Orabug: 27056291]
- KVM: nVMX: Fix the NMI IDT-vectoring handling (Wanpeng Li) [Orabug: 27056291]
- netlink: allow to listen 'all' netns (Nicolas Dichtel) [Orabug: 27077793]
- netlink: rename private flags and states (Nicolas Dichtel) [Orabug: 27077793]
- netns: use a spin_lock to protect nsid management (Nicolas Dichtel) [Orabug: 27077793]
- netns: notify new nsid outside __peernet2id() (Nicolas Dichtel) [Orabug: 27077793]
- netns: rename peernet2id() to peernet2id_alloc() (Nicolas Dichtel) [Orabug: 27077793]
- netns: always provide the id to rtnl_net_fill() (Nicolas Dichtel) [Orabug: 27077793]
- netns: returns always an id in __peernet2id() (Nicolas Dichtel) [Orabug: 27077793]
- uek-rpm: add update-el-x86; fix-up ol6/update-el (Chuck Anderson) [Orabug: 26844981]
- xscore: add dma address check (Zhu Yanjun) [Orabug: 26994454]
- qla2xxx: Update driver version to 9.00.00.00.40.0-k (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Fix delayed response to command for loop mode/direct connect. (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Use IOCB interface to submit non-critical MBX. (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Add async new target notification (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Allow relogin to proceed if remote login did not finish (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Fix sess_lock & hardware_lock lock order problem. (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Fix inadequate lock protection for ABTS. (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Fix request queue corruption. (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Fix memory leak for abts processing (Quinn Tran) [Orabug: 26844197]
- scsi: qla2xxx: Fix ql_dump_buffer (Joe Perches) [Orabug: 26844197]
- scsi: qla2xxx: Fix response queue count for Target mode. (Michael Hernandez) [Orabug: 26844197]
- scsi: qla2xxx: Cleaned up queue configuration code. (Michael Hernandez) [Orabug: 26844197]
- qla2xxx: Fix a warning reported by the 'smatch' static checker (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Simplify usage of SRB structure in driver (Bart Van Assche) [Orabug: 26844197]
- qla2xxx: Simplify usage of SRB structure in driver (Joe Carnuccio) [Orabug: 26844197]
- qla2xxx: Improve RSCN handling in driver (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Add framework for async fabric discovery (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Track I-T nexus as single fc_port struct (Quinn Tran) [Orabug: 26844197]
- qla2xxx: introduce a private sess_kref (Christoph Hellwig) [Orabug: 26844197]
- qla2xxx: Use d_id instead of s_id for more clarity (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Fix wrong argument in sp done callback (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Remove SRR code (Himanshu Madhani) [Orabug: 26844197]
- qla2xxx: Cleanup TMF code translation from qla_target (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Disable out-of-order processing by default in firmware (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Fix erroneous invalid handle message (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Reduce exess wait during chip reset (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Terminate exchange if corrupted (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Fix crash due to null pointer access (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Collect additional information to debug fw dump (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Reset reserved field in firmware options to 0 (Himanshu Madhani) [Orabug: 26844197]
- qla2xxx: Include ATIO queue in firmware dump when in target mode (Himanshu Madhani) [Orabug: 26844197]
- qla2xxx: Fix wrong IOCB type assumption (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Add DebugFS node for target sess list. (Quinn Tran) [Orabug: 26844197]
- tcm_qla2xxx: Convert to target_alloc_session usage (Nicholas Bellinger) [Orabug: 26844197]
- qla2xxx: Use ATIO type to send correct tmr response (Swapnil Nagle) [Orabug: 26844197]
- qla2xxx: Fix TMR ABORT interaction issue between qla2xxx and TCM (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Move atioq to a different lock to reduce lock contention (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Remove dependency on hardware_lock to reduce lock contention. (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Replace QLA_TGT_STATE_ABORTED with a bit. (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Wait for all conflicts before acking PLOGI (Alexei Potashnik) [Orabug: 26844197]
- qla2xxx: Delete session if initiator is gone from FW (Alexei Potashnik) [Orabug: 26844197]
- qla2xxx: Added interface to send explicit LOGO. (Himanshu Madhani) [Orabug: 26844197]
- qla2xxx: Add FW resource count in DebugFS. (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Enable Target counters in DebugFS. (Himanshu Madhani) [Orabug: 26844197]
- qla2xxx: terminate exchange when command is aborted by LIO (Alexei Potashnik) [Orabug: 26844197]
- qla2xxx: drop cmds/tmrs arrived while session is being deleted (Alexei Potashnik) [Orabug: 26844197]
- qla2xxx: disable scsi_transport_fc registration in target mode (Alexei Potashnik) [Orabug: 26844197]
- qla2xxx: added sess generations to detect RSCN update races (Alexei Potashnik) [Orabug: 26844197]
- qla2xxx: Abort stale cmds on qla_tgt_wq when plogi arrives (Alexei Potashnik) [Orabug: 26844197]
- qla2xxx: delay plogi/prli ack until existing sessions are deleted (Alexei Potashnik) [Orabug: 26844197]
- qla2xxx: cleanup cmd in qla workqueue before processing TMR (Swapnil Nagle) [Orabug: 26844197]
- qla2xxx: Add flush after updating ATIOQ consumer index. (Quinn Tran) [Orabug: 26844197]
- qla2xxx: Enable target mode for ISP27XX (Himanshu Madhani) [Orabug: 26844197]

[4.1.12-112.7.1]
- x86/platform/uv: Fix kdump for UV (Kirtikar Kashyap) [Orabug: 27031280]
- firmware: dmi_scan: add SBMIOS entry and DMI tables (Ivan Khoronzhuk) [Orabug: 27045425]
- KEYS: prevent KEYCTL_READ on negative key (Eric Biggers) [Orabug: 27050237] {CVE-2017-12192}
- NFS: Add static NFS I/O tracepoints (Chuck Lever)
- Hang/soft lockup in d_invalidate with simultaneous calls (Al Viro) [Orabug: 27052680]
- scsi: mpt3sas: Bump mpt3sas driver version to v16.100.00.00 (Sreekanth Reddy) [Orabug: 26894579]
- scsi: mpt3sas: Adding support for SAS3616 HBA device (Sreekanth Reddy) [Orabug: 26894579]
- scsi: mpt3sas: Fix possibility of using invalid Enclosure Handle for SAS device after host reset (Sreekanth Reddy) [Orabug: 26894579]
- scsi: mpt3sas: Display chassis slot information of the drive (Sreekanth Reddy) [Orabug: 26894579]
- scsi: mpt3sas: Updated MPI headers to v2.00.48 (Sreekanth Reddy) [Orabug: 26894579]
- scsi: mpt3sas: Fix IO error occurs on pulling out a drive from RAID1 volume created on two SATA drive (Sreekanth Reddy) [Orabug: 26894579]
- scsi: mpt3sas: Fix removal and addition of vSES device during host reset (Sreekanth Reddy) [Orabug: 26894579]
- scsi: mpt3sas: Reduce memory footprint in kdump kernel (Sreekanth Reddy) [Orabug: 26894579]
- scsi: mpt3sas: Fixed memory leaks in driver (Sreekanth Reddy) [Orabug: 26894579]
- scsi: mpt3sas: Processing of Cable Exception events (Sreekanth Reddy) [Orabug: 26894579]
- storvsc: dont assume SG list is contiguous (Aruna Ramakrishna) [Orabug: 27044703]
- sysctl: Drop reference added by grab_header in proc_sys_readdir (Zhou Chengming) [Orabug: 27036905] {CVE-2016-9191} {CVE-2016-9191} {CVE-2016-9191}
- uek-rpm: Update kernel-ueknanos provides list. (Somasundaram Krishnasamy) [Orabug: 27022769]
- uek-rpm: Add more modules to ueknano for OL7 (Somasundaram Krishnasamy) [Orabug: 27015961]
- selinux: fix off-by-one in setprocattr (Stephen Smalley) [Orabug: 27001687] {CVE-2017-2618} {CVE-2017-2618} {CVE-2017-2618}
- dtrace: Add CTF archive to the UEK nano package (Tomas Jedlicka) [Orabug: 27039123]
- Revert 'drivers/char/mem.c: deny access in open operation when securelevel is set' (Dhaval Giani) [Orabug: 27037801]
- thp: run vma_adjust_trans_huge() outside i_mmap_rwsem (Kirill A. Shutemov) [Orabug: 26763484]

[4.1.12-112.6.1]
- ocfs2: fix posix_acl_create deadlock (Junxiao Bi) [Orabug: 26808507]
- rds: Proper init/exit declaration for module init/exit function (Ka-Cheong Poon) [Orabug: 26937730]
- rds: Remove .exit from struct rds_transport (Ka-Cheong Poon) [Orabug: 26937730]
- smartpqi: update driver version (Don Brace) [Orabug: 26882397]
- smartpqi: cleanup raid map warning message (Kevin Barnett) [Orabug: 26882397]
- smartpqi: update controller ids (Kevin Barnett) [Orabug: 26882397]
- scsi: smartpqi: remove the smp_handler stub (Christoph Hellwig) [Orabug: 26882397]
- scsi: smartpqi: change driver version to 1.1.2-125 (Kevin Barnett) [Orabug: 26882397]
- scsi: smartpqi: add in new controller ids (Kevin Barnett) [Orabug: 26882397]
- scsi: smartpqi: update kexec and power down support (Kevin Barnett) [Orabug: 26882397]
- scsi: smartpqi: cleanup doorbell register usage. (Kevin Barnett) [Orabug: 26882397]
- scsi: smartpqi: update pqi passthru ioctl (Kevin Barnett) [Orabug: 26882397]
- scsi: smartpqi: enhance BMIC cache flush (Kevin Barnett) [Orabug: 26882397]
- scsi: smartpqi: add pqi reset quiesce support (Kevin Barnett) [Orabug: 26882397]
- scsi: smartpqi: make pdev pointer names consistent (Kevin Barnett) [Orabug: 26882397]
- udp: consistently apply ufo or fragmentation (Willem de Bruijn) [Orabug: 26921314] {CVE-2017-1000112}
- be2net: fix TSO6/GSO issue causing TX-stall on Lancer/BEx (Suresh Reddy) [Orabug: 26928620]
- ipv6: avoid overflow of offset in ip6_find_1stfragopt (Sabrina Dubroca) [Orabug: 27011248] {CVE-2017-7542}
- xfs: use dedicated log worker wq to avoid deadlock with cil wq (Brian Foster) [Orabug: 27013239]
- nvme: honor RTD3 Entry Latency for shutdowns (Martin K. Petersen) [Orabug: 26929569]

[4.1.12-112.5.1]
- uek-rpm: Build kernel ueknano rpm for OL7 (Somasundaram Krishnasamy) [Orabug: 26803594]
- uek/config: enable NVME SG_IO support by default (Shan Hai) [Orabug: 26981802]
- nvme: report the scsi TUR state correctly (Shan Hai) [Orabug: 26981802]
- scsi: scsi_transport_iscsi: fix the issue that iscsi_if_rx doesnt parse nlmsg properly (Xin Long) [Orabug: 26988631] {CVE-2017-14489}
- CVE-2016-10318 missing authorization check fscrypt_process_policy (Jack Vogel) [Orabug: 26989776]
- ovl: fix get_acl() on tmpfs (Miklos Szeredi) [Orabug: 26975443]

[4.1.12-112.2.1]
- ixgbe: Initialize 64-bit stats seqcounts (Florian Fainelli) [Orabug: 26785078]
- ixgbe: Disable flow control for XFI (Tony Nguyen) [Orabug: 26785078]
- ixgbe: Do not support flow control autonegotiation for X553 (Tony Nguyen) [Orabug: 26785078]
- ixgbe: Update NW_MNG_IF_SEL support for X553 (Tony Nguyen) [Orabug: 26785078]
- ixgbe: Enable LASI interrupts for X552 devices (Tony Nguyen) [Orabug: 26785078]
- ixgbe: Ensure MAC filter was added before setting MACVLAN (Tony Nguyen) [Orabug: 26785078]
- ixgbe: pci_set_drvdata must be called before register_netdev (Jeff Mahoney) [Orabug: 26785078]
- ixgbe: Resolve cppcheck format string warning (Tony Nguyen) [Orabug: 26785078]
- ixgbe: fix writes to PFQDE (Emil Tantilov) [Orabug: 26785078]
- ixgbevf: Bump version number (Tony Nguyen) [Orabug: 26785078]
- ixgbe: Bump version number (Tony Nguyen) [Orabug: 26785078]
- ixgbe: check for Tx timestamp timeouts during watchdog (Jacob Keller) [Orabug: 26785078]
- ixgbe: add statistic indicating number of skipped Tx timestamps (Jacob Keller) [Orabug: 26785078]
- ixgbe: avoid permanent lock of *_PTP_TX_IN_PROGRESS (Jacob Keller) [Orabug: 26785078]
- ixgbe: fix race condition with PTP_TX_IN_PROGRESS bits (Jacob Keller) [Orabug: 26785078]
- net: better skb->sender_cpu and skb->napi_id cohabitation (Eric Dumazet) [Orabug: 26953388] [Orabug: 26591689]
- uek-rpm: Clean up installed directories when uninstalling kernel-ueknano (Somasundaram Krishnasamy) [Orabug: 26929773]
- uek-rpm: Add missing ko modules to nano rpm (Somasundaram Krishnasamy) [Orabug: 26929773]
- i40e: point wb_desc at the nvm_wb_desc during i40e_read_nvm_aq (Jacob Keller) [Orabug: 26785018]
- i40e: avoid NVM acquire deadlock during NVM update (Anjali Singhai Jain) [Orabug: 26785018]
- i40e/i40evf: avoid dynamic ITR updates when polling or low packet rate (Jacob Keller) [Orabug: 26785018]
- i40e/i40evf: remove ULTRA latency mode (Jacob Keller) [Orabug: 26785018]
- i40e: invert logic for checking incorrect cpu vs irq affinity (Jacob Keller) [Orabug: 26785018]
- i40e: initialize our affinity_mask based on cpu_possible_mask (Jacob Keller) [Orabug: 26785018]
- i40e: move enabling icr0 into i40e_update_enable_itr (Jacob Keller) [Orabug: 26785018]
- i40e: remove workaround for resetting XPS (Jacob Keller) [Orabug: 26785018]
- i40e: Fix for unused value issue found by static analysis (Carolyn Wyborny) [Orabug: 26785018]
- i40e: 25G FEC status improvements (Mariusz Stachura) [Orabug: 26785018]
- i40e: force VMDQ device name truncation (Jacob Keller) [Orabug: 26785018]
- i40evf: fix possible snprintf truncation of q_vector->name (Jacob Keller) [Orabug: 26785018]
- i40e: Use correct flag to enable egress traffic for unicast promisc (Akeem G Abodunrin) [Orabug: 26785018]
- i40e: prevent snprintf format specifier truncation (Jacob Keller) [Orabug: 26785018]
- i40e: Store the requested FEC information (Mariusz Stachura) [Orabug: 26785018]
- i40e: Update state variable for adminq subtask (Sudheer Mogilappagari) [Orabug: 26785018]
- i40e: synchronize nvmupdate command and adminq subtask (Sudheer Mogilappagari) [Orabug: 26785018]
- i40e: prevent changing ITR if adaptive-rx/tx enabled (Alan Brady) [Orabug: 26785018]
- i40evf: use netdev variable in reset task (Alan Brady) [Orabug: 26785018]
- i40e: move check for avoiding VID=0 filters into i40e_vsi_add_vlan (Jacob Keller) [Orabug: 26785018]
- i40e/i40evf: use cmpxchg64 when updating private flags in ethtool (Jacob Keller) [Orabug: 26785018]
- i40e: Detect ATR HW Evict NVM issue and disable the feature (Anjali Singhai Jain) [Orabug: 26785018]
- i40e: Fix a bug with VMDq RSS queue allocation (Anjali Singhai Jain) [Orabug: 26785018]
- i40evf: prevent VF close returning before state transitions to DOWN (Sudheer Mogilappagari) [Orabug: 26785018]
- i40e: Initialize 64-bit statistics TX ring seqcount (Florian Fainelli) [Orabug: 26785018]
- i40e: handle setting administratively set MAC address back to zero (Stefan Assmann) [Orabug: 26785018]
- i40evf: remove unnecessary __packed (Tushar Dave) [Orabug: 26785018]
- i40evf: add some missing includes (Jesse Brandeburg) [Orabug: 26785018]
- i40e: display correct UDP tunnel type name (Jacob Keller) [Orabug: 26785018]
- i40e/i40evf: remove mismatched type warnings (Jesse Brandeburg) [Orabug: 26785018]
- i40e/i40evf: make IPv6 ATR code clearer (Jesse Brandeburg) [Orabug: 26785018]
- i40e: fix odd formatting and indent (Jesse Brandeburg) [Orabug: 26785018]
- i40e: fix up 32 bit timespec references (Jesse Brandeburg) [Orabug: 26785018]
- i40e: Handle admin Q timeout when releasing NVM (Paul M Stillwell Jr) [Orabug: 26785018]
- i40e: remove WQ_UNBOUND and the task limit of our workqueue (Jacob Keller) [Orabug: 26785018]
- i40e: Fix for trace found with S4 state (Carolyn Wyborny) [Orabug: 26785018]
- i40e: fix incorrect variable assignment (Gustavo A R Silva) [Orabug: 26785018]
- i40e: dont hold RTNL lock for the entire reset (Jacob Keller) [Orabug: 26785018]
- i40e: clear only cause_ena bit (Shannon Nelson) [Orabug: 26785018]
- i40e: fix disabling overflow promiscuous mode (Alan Brady) [Orabug: 26785018]
- i40e: Add support for OEM firmware version (Filip Sadowski) [Orabug: 26785018]
- i40e: genericize the partition bandwidth control (Shannon Nelson) [Orabug: 26785018]
- i40e: Add message for unsupported MFP mode (Carolyn Wyborny) [Orabug: 26785018]
- i40e: Support firmware CEE DCB UP to TC map re-definition (Greg Bowers) [Orabug: 26785018]
- i40e: Fix potential out of bound array access (Sudheer Mogilappagari) [Orabug: 26785018]
- i40e: comment that udp_port must be in host byte order (Jacob Keller) [Orabug: 26785018]
- i40e: use dev_dbg instead of dev_info when warning about missing routine (Jacob Keller) [Orabug: 26785018]
- i40e/i40evf: update WOL and I40E_AQC_ADDR_VALID_MASK flags (Alice Michael) [Orabug: 26785018]
- i40evf: assign num_active_queues inside i40evf_alloc_queues (Jacob Keller) [Orabug: 26785018]
- i40e: Fix a sleep-in-atomic bug (Jia-Ju Bai) [Orabug: 26785018]
- i40e: fix handling of HW ATR eviction (Jacob Keller) [Orabug: 26785018]
- i40evf: update i40evf.txt with new content (Jesse Brandeburg) [Orabug: 26785018]
- i40evf: Add support for Adaptive Virtual Function (Preethi Banala) [Orabug: 26785018]
- i40evf: drop i40e_type.h include (Jesse Brandeburg) [Orabug: 26785018]
- i40e: Check for memory allocation failure (Christophe Jaillet) [Orabug: 26785018]
- i40e: check for Tx timestamp timeouts during watchdog (Jacob Keller) [Orabug: 26785018]
- i40e: use pf data structure directly in i40e_ptp_rx_hang (Jacob Keller) [Orabug: 26785018]
- i40e: add statistic indicating number of skipped Tx timestamps (Jacob Keller) [Orabug: 26785018]
- i40e: avoid permanent lock of *_PTP_TX_IN_PROGRESS (Jacob Keller) [Orabug: 26785018]
- i40e: fix race condition with PTP_TX_IN_PROGRESS bits (Jacob Keller) [Orabug: 26785018]
- i40evf: disable unused flags (Jesse Brandeburg) [Orabug: 26785018]
- i40evf: fix merge error in older patch (Jesse Brandeburg) [Orabug: 26785018]
- i40evf: fix duplicate lines (Jesse Brandeburg) [Orabug: 26785018]
- i40evf: hide unused variable (Arnd Bergmann) [Orabug: 26785018]
- i40evf: allocate queues before we setup the interrupts and q_vectors (Jacob Keller) [Orabug: 26785018]
- i40evf: remove I40E_FLAG_FDIR_ATR_ENABLED (Jacob Keller) [Orabug: 26785018]
- i40e: remove hw_disabled_flags in favor of using separate flag bits (Jacob Keller) [Orabug: 26785018]
- i40evf: remove needless min_t() on num_online_cpus()*2 (Jacob Keller) [Orabug: 26785018]
- i40e: remove unnecessary msleep() delay in i40e_free_vfs (Jacob Keller) [Orabug: 26785018]
- i40e: amortize wait time when disabling lots of VFs (Jacob Keller) [Orabug: 26785018]
- i40e: Reprogram port offloads after reset (Alexander Duyck) [Orabug: 26785018]
- i40e: rename index to port to avoid confusion (Jacob Keller) [Orabug: 26785018]
- i40e: make use of i40e_reset_all_vfs when initializing new VFs (Jacob Keller) [Orabug: 26785018]
- i40e: properly spell I40E_VF_STATE_* flags (Jacob Keller) [Orabug: 26785018]
- i40e: use i40e_stop_rings_no_wait to implement PORT_SUSPENDED state (Jacob Keller) [Orabug: 26785018]
- i40e: reset all VFs in parallel when rebuilding PF (Jacob Keller) [Orabug: 26785018]
- i40e: split some code in i40e_reset_vf into helpers (Jacob Keller) [Orabug: 26785018]
- i40e: remove I40E_FLAG_IN_NETPOLL entirely (Jacob Keller) [Orabug: 26785018]
- i40e: reduce wait time for adminq command completion (Jacob Keller) [Orabug: 26785018]
- i40e: fix CONFIG_BUSY checks in i40e_set_settings function (Jacob Keller) [Orabug: 26785018]
- i40e: factor out queue control from i40e_vsi_control_(tx|rx) (Jacob Keller) [Orabug: 26785018]
- i40e: dont hold RTNL lock while waiting for VF reset to finish (Jacob Keller) [Orabug: 26785018]
- i40e: new AQ commands (Jingjing Wu) [Orabug: 26785018]
- i40e/i40evf: Add tracepoints (Scott Peterson) [Orabug: 26785018]
- i40evf: add client interface (Mitch Williams) [Orabug: 26785018]
- i40e: dump VF information in debugfs (Mitch Williams) [Orabug: 26785018]
- i40e: Fix support for flow director programming status (Alexander Duyck) [Orabug: 26785018]
- i40e/i40evf: Remove VF Rx csum offload for tunneled packets (alice michael) [Orabug: 26785018]
- i40evf: Use net_device_stats from struct net_device (Tobias Klauser) [Orabug: 26785018]
- i40e: clean up historic deprecated flag definitions (Jacob Keller) [Orabug: 26785018]
- i40e: remove I40E_FLAG_NEED_LINK_UPDATE (Alice Michael) [Orabug: 26785018]
- i40e: remove extraneous loop in i40e_vsi_wait_queues_disabled (Jacob Keller) [Orabug: 26785018]
- i40e: Simplify i40e_detect_recover_hung_queue logic (Alan Brady) [Orabug: 26785018]
- i40e: Decrease the scope of rtnl lock (Maciej Sosin) [Orabug: 26785018]
- i40e: Swap use of pf->flags and pf->hw_disabled_flags for ATR Eviction (Alexander Duyck) [Orabug: 26785018]
- i40e: update error message when trying to add invalid filters (Jacob Keller) [Orabug: 26785018]
- i40e: only register client on iWarp-capable devices (Mitch Williams) [Orabug: 26785018]
- i40e: close client on remove and shutdown (Mitch Williams) [Orabug: 26785018]
- i40e: register existing client on probe (Mitch Williams) [Orabug: 26785018]
- i40e: remove client instance on driver unload (Mitch Williams) [Orabug: 26785018]
- i40e: fix for queue timing delays (Wyborny, Carolyn) [Orabug: 26785018]
- i40e/i40evf: Change the way we limit the maximum frame size for Rx (Alexander Duyck) [Orabug: 26785018]
- i40e/i40evf: Add legacy-rx private flag to allow fallback to old Rx flow (Alexander Duyck) [Orabug: 26785018]
- i40e/i40evf: Pull code for grabbing and syncing rx_buffer from fetch_buffer (Alexander Duyck) [Orabug: 26785018]
- i40e/i40evf: Use length to determine if descriptor is done (Alexander Duyck) [Orabug: 26785018]
- drivers/char/mem.c: deny access in open operation when securelevel is set (Ethan Zhao) [Orabug: 26943864]

[4.1.12-112.1.0]
- x86/mm/64: Enable SWIOTLB if system has SRAT memory regions above MAX_DMA32_PFN (Igor Mammedov) [Orabug: 26754302]
- x86/mm: Introduce max_possible_pfn (Igor Mammedov) [Orabug: 26754302]
- dtrace lockstat provider probes (Alan Maguire) [Orabug: 26149674] [Orabug: 26149956]
- rds: RDS diagnostics when connections are stuck in Receiver Not Ready state. (hui.han)
- timerfd: Protect the might cancel mechanism proper (Thomas Gleixner) [Orabug: 26673877] {CVE-2017-10661}
- brcmfmac: fix possible buffer overflow in brcmf_cfg80211_mgmt_tx() (Tim Tianyang Chen) [Orabug: 26540118] {CVE-2017-7541}
- crypto: ahash - Fix EINPROGRESS notification callback (Herbert Xu) [Orabug: 25882988] {CVE-2017-7618}
- xen/mmu: Call xen_cleanhighmap() with 4MB aligned for page tables mapping (Zhenzhong Duan) [Orabug: 26883325]
- selftests/memfd: add memfd_create hugetlbfs selftest (Mike Kravetz) [Orabug: 26768367]
- mm/shmem: add hugetlbfs support to memfd_create() (Mike Kravetz) [Orabug: 26768367]
- mm: shm: use new hugetlb size encoding definitions (Mike Kravetz) [Orabug: 26768367]
- mm: arch: consolidate mmap hugetlb size encodings (Mike Kravetz) [Orabug: 26768367]
- uapi/Kbuild: add new header file hugetlb_encode.h (Mike Kravetz) [Orabug: 26768367]
- mm: hugetlb: define system call hugetlb size encodings in single file (Mike Kravetz) [Orabug: 26768367]
- RDS: IB: Change the proxy qps path_mtu to IB_MTU_256 (Avinash Repaka) [Orabug: 26864694]
- devpts: clean up interface to pty drivers (Linus Torvalds) [Orabug: 26743034]
- tcp: fix tcp_mark_head_lost to check skb len before fragmenting (Neal Cardwell) [Orabug: 26646104]
- kvm: nVMX: Dont allow L2 to access the hardware CR8 (Jim Mattson) {CVE-2017-12154} {CVE-2017-12154}
- dtrace: ensure SDT stub function returns 0 (Kris Van Hees) [Orabug: 26909775]
- tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0 (Wei Wang) [Orabug: 26796038] {CVE-2017-14106}
- xfrm: fix stack access out of bounds with CONFIG_XFRM_SUB_POLICY (Sabrina Dubroca) [Orabug: 25959303]
- rxrpc: Fix several cases where a padded len isnt checked in ticket decode (David Howells) [Orabug: 26376434] {CVE-2017-7482} {CVE-2017-7482}
- xen: dont print error message in case of missing Xenstore entry (Juergen Gross) [Orabug: 26841566]
- mlx4_core: calculate log_num_mtt based on total system memory (Wei Lin Guay) [Orabug: 26526968]
- xen/x86: Add interface for querying amount of host memory (Boris Ostrovsky) [Orabug: 26526923]
- rds: Fix non-atomic operation on shared flag variable (Hakon Bugge) [Orabug: 26842076]
- rds: Fix incorrect statistics counting (Hakon Bugge) [Orabug: 26847583]
- i40e: use cpumask_copy instead of direct assignment (Jacob Keller) [Orabug: 26822609]
- mm: thp: set THP defrag by default to madvise and add a stall-free defrag option (Mel Gorman) [Orabug: 26587019]
- crypto: testmgr - Set struct aead_testvec iv member size to MAX_IVLEN (Somasundaram Krishnasamy) [Orabug: 25925256]
- SPEC: remove ctf.ko from ueknano modules list (Nick Alcock) [Orabug: 25815362]
- SPEC: generate CTF when DTrace is enabled. (Nick Alcock) [Orabug: 25815362]
- SPEC: bump libdtrace-ctf requirement to 0.7+. (Nick Alcock) [Orabug: 25815362]
- Documentation: add watermark_scale_factor to the list of vm systcl file (Jerome Marchand) [Orabug: 26643957]
- mm: scale kswapd watermarks in proportion to memory (Johannes Weiner) [Orabug: 26643957]
- ctf: delete the deduplication blacklist (Nick Alcock) [Orabug: 26765112]
- ctf: automate away the deduplication blacklist (Nick Alcock) [Orabug: 26765112]
- ctf: drop CONFIG_DT_DISABLE_CTF, ctf.ko, and all that it implies (Nick Alcock) [Orabug: 25815362]
- ctf: do not allow dwarf2ctf to run as root (Nick Alcock) [Orabug: 25815362]
- ctf: decouple CTF building from the kernel build (Nick Alcock) [Orabug: 25815362]
- ctf: handle the bit_offset in members with a DW_FORM_block data_member_location (Nick Alcock) [Orabug: 26387109]
- ctf: handle DW_AT_specification (Nick Alcock) [Orabug: 26386100]


Related CVEs


CVE-2016-10318

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (x86_64) kernel-uek-4.1.12-112.14.1.el6uek.src.rpmcdc26e913a2d42bf72abd43c1cae01aaELSA-2021-9215
kernel-uek-4.1.12-112.14.1.el6uek.x86_64.rpmcd2c44362d5fc1ca64c90b835f82d9feELSA-2021-9215
kernel-uek-debug-4.1.12-112.14.1.el6uek.x86_64.rpm1fa352c7b8120c01fc928b23603a19deELSA-2021-9215
kernel-uek-debug-devel-4.1.12-112.14.1.el6uek.x86_64.rpm355bbf7d75cba73d9a348716df8d8cbcELSA-2021-9215
kernel-uek-devel-4.1.12-112.14.1.el6uek.x86_64.rpm8107e044aa33b306b9a496da9442de65ELSA-2021-9215
kernel-uek-doc-4.1.12-112.14.1.el6uek.noarch.rpm2439c682a614de82f5dcc9ae44be6f47ELSA-2021-9215
kernel-uek-firmware-4.1.12-112.14.1.el6uek.noarch.rpmcd6a53de6abb9b0013f57a8dda2447d8ELSA-2021-9215
Oracle Linux 7 (x86_64) kernel-uek-4.1.12-112.14.1.el7uek.src.rpma61c8dbb073d6b2d1041f29ba9cf015bELSA-2021-9220
kernel-uek-4.1.12-112.14.1.el7uek.x86_64.rpmd79cc357bd5a85a52cea26a616278260ELSA-2021-9220
kernel-uek-debug-4.1.12-112.14.1.el7uek.x86_64.rpm94e2a8887f178998952d0e36ec067504ELSA-2021-9220
kernel-uek-debug-devel-4.1.12-112.14.1.el7uek.x86_64.rpm92793b6ecd7f3e18c7ae2de0bd53ceedELSA-2021-9220
kernel-uek-devel-4.1.12-112.14.1.el7uek.x86_64.rpm67b72a96bdd879bcec46020d89622828ELSA-2021-9220
kernel-uek-doc-4.1.12-112.14.1.el7uek.noarch.rpm7be3c9755f9cc1e8b98b91577e144272ELSA-2021-9220
kernel-uek-firmware-4.1.12-112.14.1.el7uek.noarch.rpmc29d6c2df5f0bffc4b203fe71ecc39f1ELSA-2021-9215



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete