Type: | SECURITY |
Severity: | IMPORTANT |
Release Date: | 2020-10-06 |
[3.10.0-1160.OL7]
- Oracle Linux certificates (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-2.0.3
[3.10.0-1160]
- [kernel] modsign: Add nomokvarconfig kernel parameter (Lenny Szubowicz) [1867857]
- [firmware] modsign: Add support for loading certs from the EFI MOK config table (Lenny Szubowicz) [1867857]
- [kernel] modsign: Move import of MokListRT certs to separate routine (Lenny Szubowicz) [1867857]
- [kernel] modsign: Avoid spurious error message after last MokListRTn (Lenny Szubowicz) [1867857]
[3.10.0-1159]
- [kernel] modsign: Import certificates from optional MokListRT (Lenny Szubowicz) [1862840]
- [crypto] crypto/pefile: Support multiple signatures in verify_pefile_signature (Lenny Szubowicz) [1862840]
- [crypto] crypto/pefile: Tolerate other pefile signatures after first (Lenny Szubowicz) [1862840]
[3.10.0-1158]
- [redhat] switch secureboot kernel image signing to release keys (Jan Stancek) []
[3.10.0-1157]
- [fs] signal: Dont send signals to tasks that dont exist (Vladis Dronov) [1856166]
[3.10.0-1156]
- [fs] gfs2: Fix regression due to unwanted gfs2_qa_put (Robert S Peterson) [1798713]
- [include] signal: Unfairly acquire tasklist_lock in send_sigio() if irq disabled (Waiman Long) [1838799]
- [fs] signal: Dont take tasklist_lock if PID type is PIDTYPE_PID (Waiman Long) [1838799]
- [vfio] vfio/pci: Fix SR-IOV VF handling with MMIO blocking (Alex Williamson) [1820632] {CVE-2020-12888}
[3.10.0-1155]
- [x86] Revert 'x86: respect memory size limiting via mem= parameter' (Joel Savitz) [1851576]
- [mm] Revert 'mm/memory_hotplug.c: only respect mem= parameter during boot stage' (Joel Savitz) [1851576]
- [fs] nfsd: only WARN once on unmapped errors ('J. Bruce Fields') [1850430]
- [powerpc] pci/of: Fix OF flags parsing for 64bit BARs (Greg Kurz) [1840114]
- [fs] cifs: fix NULL dereference in match_prepath (Leif Sahlberg) [1759852]
[3.10.0-1154]
- [fs] gfs2: move privileged user check to gfs2_quota_lock_check (Robert S Peterson) [1798713]
- [fs] gfs2: Fix problems regarding gfs2_qa_get and _put (Robert S Peterson) [1798713]
- [fs] gfs2: dont call quota_unhold if quotas are not locked (Robert S Peterson) [1798713]
- [fs] gfs2: Remove unnecessary gfs2_qa_{get, put} pairs (Robert S Peterson) [1798713]
- [fs] gfs2: Split gfs2_rsqa_delete into gfs2_rs_delete and gfs2_qa_put (Robert S Peterson) [1798713]
- [fs] gfs2: Change inode qa_data to allow multiple users (Robert S Peterson) [1798713]
- [fs] gfs2: eliminate gfs2_rsqa_alloc in favor of gfs2_qa_alloc (Robert S Peterson) [1798713]
- [fs] gfs2: Switch to list_{first,last}_entry (Robert S Peterson) [1798713]
- [fs] gfs2: Clean up inode initialization and teardown (Robert S Peterson) [1798713]
- [fs] gfs2: Minor gfs2_alloc_inode cleanup (Robert S Peterson) [1798713]
- [fs] gfs2: Fix busy-on-umount in gfs2_atomic_open() (Andrew Price) [1812558]
[3.10.0-1153]
- [x86] mm: Fix mremap not considering huge pmd devmap (Rafael Aquini) [1843437] {CVE-2020-10757}
- [mm] mm, dax: check for pmd_none() after split_huge_pmd() (Rafael Aquini) [1843437] {CVE-2020-10757}
- [mm] mm: mremap: streamline move_page_tables()s move_huge_pmd() corner case (Rafael Aquini) [1843437] {CVE-2020-10757}
- [mm] mm: mremap: validate input before taking lock (Rafael Aquini) [1843437] {CVE-2020-10757}
- [wireless] mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() (Jarod Wilson) [1844070] {CVE-2020-12654}
- [wireless] mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() (Jarod Wilson) [1844026] {CVE-2020-12653}
- [net] netfilter: nf_conntrack_h323: lost .data_len definition for Q.931/ipv6 (Florian Westphal) [1845428]
[3.10.0-1152]
- [nvmem] nvmem: properly handle returned value nvmem_reg_read (Vladis Dronov) [1844409]
- [mailbox] PCC: fix dereference of ERR_PTR (Vladis Dronov) [1844409]
- [kernel] futex: Unlock hb->lock in futex_wait_requeue_pi() error path (Vladis Dronov) [1844409]
- [fs] aio: fix inconsistent ring state (Jeff Moyer) [1845326]
- [vfio] vfio/mdev: make create attribute static (Vladis Dronov) [1837549]
- [vfio] treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 500 (Vladis Dronov) [1837549]
- [vfio] vfio/mdev: Synchronize device create/remove with parent removal (Vladis Dronov) [1837549]
- [vfio] vfio/mdev: Avoid creating sysfs remove file on stale device removal (Vladis Dronov) [1837549]
- [vfio] vfio/mdev: Improve the create/remove sequence (Vladis Dronov) [1837549]
- [vfio] treewide: Add SPDX license identifier - Makefile/Kconfig (Vladis Dronov) [1837549]
- [vfio] vfio/mdev: Avoid inline get and put parent helpers (Vladis Dronov) [1837549]
- [vfio] vfio/mdev: Fix aborting mdev child device removal if one fails (Vladis Dronov) [1837549]
- [vfio] vfio/mdev: Follow correct remove sequence (Vladis Dronov) [1837549]
- [vfio] vfio/mdev: Avoid masking error code to EBUSY (Vladis Dronov) [1837549]
- [include] vfio/mdev: Drop redundant extern for exported symbols (Vladis Dronov) [1837549]
- [vfio] vfio/mdev: Removed unused kref (Vladis Dronov) [1837549]
- [vfio] vfio/mdev: Avoid release parent reference during error path (Vladis Dronov) [1837549]
- [vfio] vfio/mdev: Add iommu related member in mdev_device (Vladis Dronov) [1837549]
- [vfio] vfio/mdev: add static modifier to add_mdev_supported_type (Vladis Dronov) [1837549]
- [vfio] vfio: mdev: make a couple of functions and structure vfio_mdev_driver static (Vladis Dronov) [1837549]
- [char] tpm/tpm_tis: Free IRQ if probing fails (David Arcari) [1774698]
- [kernel] audit: fix a memleak caused by auditing load module (Richard Guy Briggs) [1843370]
- [kernel] audit: fix potential null dereference 'context->module.name' (Richard Guy Briggs) [1843370]
- [nvme] nvme: limit number of IO queues on Dell/Samsung config (David Milburn) [1837617]
[3.10.0-1151]
- [netdrv] qede: Fix multicast mac configuration (Michal Schmidt) [1740064]
- [scsi] sd_dif: avoid incorrect ref_tag errors on 4K devices larger than 2TB (Ewan Milne) [1833528]
- [hid] HID: hiddev: do cleanup in failure of opening a device (Torez Smith) [1814257] {CVE-2019-19527}
- [hid] HID: hiddev: avoid opening a disconnected device (Torez Smith) [1814257] {CVE-2019-19527}
- [x86] x86: make mul_u64_u64_div_u64() 'static inline' (Oleg Nesterov) [1845864]
- [mm] mm: page_isolation: fix potential warning from user (Rafael Aquini) [1845620]
- [s390] s390/mm: correct return value of pmd_pfn (Claudio Imbrenda) [1841106]
- [fs] fs/proc/vmcore.c:mmap_vmcore: skip non-ram pages reported by hypervisors (Lianbo Jiang) [1790799]
- [kernel] kernel/sysctl.c: ignore out-of-range taint bits introduced via kernel.tainted (Rafael Aquini) [1845356]
- [documentation] kernel: add panic_on_taint (Rafael Aquini) [1845356]
- [fs] ext4: Remove unwanted ext4_bread() from ext4_quota_write() (Lukas Czerner) [1845379]
- [scsi] scsi: sg: add sg_remove_request in sg_write ('Ewan D. Milne') [1840699] {CVE-2020-12770}
- [fs] fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() (Donghai Qiao) [1832062] {CVE-2020-10732}
[3.10.0-1150]
- [netdrv] net/mlx5e: Fix handling of compressed CQEs in case of low NAPI budget (Alaa Hleihel) [1845020]
- [mm] memcg: fix NULL pointer dereference in __mem_cgroup_usage_unregister_event (Waiman Long) [1842715]
- [mm] memcg: only free spare array when readers are done (Waiman Long) [1842715]
- [powerpc] powerpc/crashkernel: Take 'mem=' option into account (Pingfan Liu) [1751555]
- [infiniband] IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode (Kamal Heib) [1597952]
- [security] selinux: properly handle multiple messages in selinux_netlink_send() (Ondrej Mosnacek) [1839650] {CVE-2020-10751}
- [netdrv] net: ena: Add PCI shutdown handler to allow safe kexec (Bhupesh Sharma) [1841578]
- [x86] x86/speculation: Support old struct x86_cpu_id & x86_match_cpu() kABI (Waiman Long) [1827188] {CVE-2020-0543}
- [documentation] x86/speculation: Add Ivy Bridge to affected list (Waiman Long) [1827188] {CVE-2020-0543}
- [documentation] x86/speculation: Add SRBDS vulnerability and mitigation documentation (Waiman Long) [1827188] {CVE-2020-0543}
- [x86] x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Waiman Long) [1827188] {CVE-2020-0543}
- [x86] x86/cpu: Add 'table' argument to cpu_matches() (Waiman Long) [1827188] {CVE-2020-0543}
- [x86] x86/cpu: Add a steppings field to struct x86_cpu_id (Waiman Long) [1827188] {CVE-2020-0543}
- [x86] x86/cpu/bugs: Convert to new matching macros (Waiman Long) [1827188] {CVE-2020-0543}
- [x86] x86/cpu: Add consistent CPU match macros (Waiman Long) [1827188] {CVE-2020-0543}
- [cpufreq] x86/devicetable: Move x86 specific macro out of generic code (Waiman Long) [1827188] {CVE-2020-0543}
header (Waiman Long) [1827188] {CVE-2020-0543}
[3.10.0-1149]
- [mm] mm/memory_hotplug.c: only respect mem= parameter during boot stage (Joel Savitz) [1838795]
- [netdrv] qed: Reduce the severity of ptp debug message (Manish Chopra) [1703770]
- [kernel] pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes (Jay Shin) [1836620]
- [fs] gfs2: remove BUG_ON() from gfs2_log_alloc_bio() (Abhijith Das) [1828454]
- [fs] gfs2: Even more gfs2_find_jhead fixes (Abhijith Das) [1828454]
- [fs] quota: fix return value in dqget() (Eric Sandeen) [1842761]
- [fs] proc_sysctl.c: fix potential page fault while unregistering sysctl table (Carlos Maiolino) [1843368]
- [fs] ext4: fix error handling in ext4_ext_shift_extents (Lukas Czerner) [1843366]
- [vhost] vhost: Check docket sk_family instead of call getname (Vladis Dronov) [1823302] {CVE-2020-10942}
- [input] hyperv-keyboard - add module description (Mohammed Gamal) [1842689]
- [hv] hv: Add a module description line to the hv_vmbus driver (Mohammed Gamal) [1842689]
- [hid] hyperv: Add a module description line (Mohammed Gamal) [1842689]
- [x86] sched/cputime: Improve cputime_adjust() (Oleg Nesterov) [1511040]
- [acpi] ACPI: APEI: call into AER handling regardless of severity (Al Stone) [1737246]
- [acpi] ACPI: APEI: handle PCIe AER errors in separate function (Al Stone) [1737246]
- [acpi] ras: acpi/apei: cper: add support for generic data v3 structure (Al Stone) [1737246]
- [acpi] ACPICA: ACPI 6.1: Updates for the HEST ACPI table (Al Stone) [1737246]
- [acpi] ACPI / APEI: Switch to use new generic UUID API (Al Stone) [1737246]
- [x86] x86/efi-bgrt: Quirk for BGRT when memory encryption active (Lenny Szubowicz) [1723477]
- [scsi] scsi: megaraid_sas: Update driver version to 07.714.04.00-rc1 (Tomas Henzl) [1840550]
- [scsi] scsi: megaraid_sas: TM command refire leads to controller firmware crash (Tomas Henzl) [1840550]
- [scsi] scsi: megaraid_sas: Replace undefined MFI_BIG_ENDIAN macro with __BIG_ENDIAN_BITFIELD macro (Tomas Henzl) [1840550]
- [scsi] scsi: megaraid_sas: Limit device queue depth to controller queue depth (Tomas Henzl) [1840550]
- [vfio] vfio-pci: Invalidate mmaps and block MMIO access on disabled memory (Alex Williamson) [1820632] {CVE-2020-12888}
- [vfio] vfio-pci: Fault mmaps to enable vma tracking (Alex Williamson) [1820632] {CVE-2020-12888}
- [vfio] vfio/type1: Support faulting PFNMAP vmas (Alex Williamson) [1820632] {CVE-2020-12888}
- [vfio] vfio/type1: Fix VA->PA translation for PFNMAP VMAs in vaddr_get_pfn() (Alex Williamson) [1820632] {CVE-2020-12888}
- [vfio] vfio/pci: call irq_bypass_unregister_producer() before freeing irq (Alex Williamson) [1820632] {CVE-2020-12888}
- [vfio] vfio_pci: Enable memory accesses before calling pci_map_rom (Alex Williamson) [1820632] {CVE-2020-12888}
- [fs] signal: Extend exec_id to 64bits (Chris von Recklinghausen) [1834650] {CVE-2020-12826}
[3.10.0-1148]
- [x86] hyper-v: Report crash data in die() when panic_on_oops is set (Mohammed Gamal) [1828450]
- [hv] x86/hyper-v: Report crash register data when sysctl_record_panic_msg is not set (Mohammed Gamal) [1828450]
- [x86] hyper-v: Report crash register data or kmsg before running crash kernel (Mohammed Gamal) [1828450]
- [hv] x86/hyper-v: Trigger crash enlightenment only once during system crash (Mohammed Gamal) [1828450]
- [hv] x86/hyper-v: Free hv_panic_page when fail to register kmsg dump (Mohammed Gamal) [1828450]
- [hv] x86/hyper-v: Unload vmbus channel in hv panic callback (Mohammed Gamal) [1828450]
- [hv] vmbus: Fix the issue with freeing up hv_ctl_table_hdr (Mohammed Gamal) [1828450]
- [hv] vmus: Fix the check for return value from kmsg get dump buffer (Mohammed Gamal) [1828450]
- [hv] Send one page worth of kmsg dump over Hyper-V during panic (Mohammed Gamal) [1828450]
- [x86] kvm: x86: Allow suppressing prints on RDMSR/WRMSR of unhandled MSRs (Vitaly Kuznetsov) [1837412]
- [fs] ext4: Fix race when checking i_size on direct i/o read (Lukas Czerner) [1506437]
- [fs] copy_file_range should return ENOSYS not EOPNOTSUPP ('J. Bruce Fields') [1783554]
- [fs] NFSv4.1 fix incorrect return value in copy_file_range ('J. Bruce Fields') [1783554]
- [x86] Remove the unsupported check for Intel IceLake (Steve Best) [1841237]
- [md] md/raid1: release pending accounting for an I/O only after write-behind is also finished (Nigel Croxon) [1792520]
- [net] gre: fix uninit-value in __iptunnel_pull_header (Guillaume Nault) [1840321]
- [net] inet: protect against too small mtu values. (Guillaume Nault) [1840321]
- [net] Fix one possible memleak in ip_setup_cork (Guillaume Nault) [1840321]
- [net] fix a potential recursive NETDEV_FEAT_CHANGE (Guillaume Nault) [1839130]
- [net] fix null de-reference of device refcount (Guillaume Nault) [1839130]
- [net] sch_choke: avoid potential panic in choke_reset() (Davide Caratti) [1839118]
- [net] net_sched: fix datalen for ematch (Davide Caratti) [1839118]
- [net] netem: fix error path for corrupted GSO frames (Davide Caratti) [1839118]
- [net] avoid potential infinite loop in tc_ctl_action() (Davide Caratti) [1839118]
- [net] net_sched: let qdisc_put() accept NULL pointer (Davide Caratti) [1839118]
- [net] ipv4: really enforce backoff for redirects (Paolo Abeni) [1832332]
- [net] ipv4: avoid mixed n_redirects and rate_tokens usage (Paolo Abeni) [1832332]
- [net] ipv4: use a dedicated counter for icmp_v4 redirect packets (Paolo Abeni) [1832332]
- [net] ipset: Update byte and packet counters regardless of whether they match (Phil Sutter) [1801366]
- [net] xfrm: skip rt6i_idev update in xfrm6_dst_ifdown if loopback_idev is gone (Sabrina Dubroca) [1390049]
[3.10.0-1147]
- [nvme] nvme: fix the parameter order for nvme_get_log in nvme_get_fw_slot_info (Gopal Tiwari) [1839991]
- [fs] pipe: actually allow root to exceed the pipe buffer limits (Jan Stancek) [1839629]
- [scsi] Revert 'scsi: mpt3sas: Dont change the DMA coherent mask after allocations' (Tomas Henzl) [1839128]
- [scsi] Revert 'scsi: mpt3sas: Rename function name is_MSB_are_same' (Tomas Henzl) [1839128]
- [scsi] Revert 'scsi: mpt3sas: Separate out RDPQ allocation to new function' (Tomas Henzl) [1839128]
- [scsi] Revert 'scsi: mpt3sas: Handle RDPQ DMA allocation in same 4G region' (Tomas Henzl) [1839128]
- [netdrv] net/mlx5e: Avoid duplicating rule destinations (Alaa Hleihel) [1727593]
- [netdrv] net/mlx5e: Extend encap entry with reference counter (Alaa Hleihel) [1727593]
- [netdrv] net/mlx5e: Fix free peer_flow when refcount is 0 (Alaa Hleihel) [1727593]
- [netdrv] net/mlx5e: Extend tc flow struct with reference counter (Alaa Hleihel) [1727593]
- [netdrv] net/mlx5e: Dont make internal use of errno to denote missing neigh (Alaa Hleihel) [1727593]
- [netdrv] net/mlx5e: Fix freeing flow with kfree() and not kvfree() (Alaa Hleihel) [1727593]
- [drm] drm/nouveau/gr/gp107, gp108: implement workaround for HW hanging during init (Karol Herbst) [1834360 1834356 1833485]
- [drm] drm/nouveau: workaround runpm fail by disabling PCI power management on certain intel bridges (Karol Herbst) [1834360 1834356 1833485]
[3.10.0-1146]
- [net] revert 'rtnetlink: validate IFLA_MTU attribute in rtnl_create_link()' (Jiri Benc) [1839608]
- [net] ipv6/addrconf: call ipv6_mc_up() for non-Ethernet interface (Davide Caratti) [1838936]
- [net] ipv6: Handle missing host route in __ipv6_ifa_notify (Davide Caratti) [1838936]
- [net] ipv6: drop incoming packets having a v4mapped source address (Davide Caratti) [1838936]
- [net] l2tp: fix infoleak in l2tp_ip6_recvmsg() (Andrea Claudi) [1837546]
- [net] vti6: Fix memory leak of skb if input policy check fails (Patrick Talbert) [1836160]
- [net] tcp: prevent bogus FRTO undos with non-SACK flows (Guillaume Nault) [1694860]
- [scsi] scsi: smartpqi: fix controller lockup observed during force reboot (Don Brace) [1775369]
- [fs] ext4: fix setting of referenced bit in ext4_es_lookup_extent() (Lukas Czerner) [1663720]
- [fs] ext4: introduce aging to extent status tree (Lukas Czerner) [1663720]
- [fs] ext4: cleanup flag definitions for extent status tree (Lukas Czerner) [1663720]
- [fs] ext4: limit number of scanned extents in status tree shrinker (Lukas Czerner) [1663720]
- [fs] ext4: move handling of list of shrinkable inodes into extent status code (Lukas Czerner) [1663720]
- [fs] ext4: change LRU to round-robin in extent status tree shrinker (Lukas Czerner) [1663720]
- [fs] ext4, jbd2: ensure panic when aborting with zero errno (Lukas Czerner) [1834783]
- [fs] jbd2: switch to use jbd2_journal_abort() when failed to submit the commit record (Lukas Czerner) [1834783]
- [fs] jbd2: clear JBD2_ABORT flag before journal_reset to update log tail info when load journal (Lukas Czerner) [1834783]
- [fs] ext4: fix buffer leak in ext4_xattr_move_to_block() on error path (Lukas Czerner) [1834783]
- [fs] ext4: fix missing return values checks in ext4_cross_rename (Lukas Czerner) [1836819]
- [fs] ext4: Fix POSIX ACL leak in ext4_xattr_set_acl (Lukas Czerner) [1543020]
- [vfio] vfio-pci: Mask cap zero (Alex Williamson) [1838717]
- [x86] Mark Intel Cooper Lake (CPX) supported (Steve Best) [1773681]
- [fs] fs/bio-integrity: dont enable integrity for data-less bio (Ming Lei) [1835943]
- [char] ipmi_si: Only schedule continuously in the thread in maintenance mode (Alexey Klimov) [1837127]
- [kernel] wait/ptrace: assume __WALL if the child is traced (Oleg Nesterov) [1497808]
- [mm] mm, hugetlb, soft_offline: save compound page order before page migration (Artem Savkov) [1751589]
- [fs] fs/hugetlbfs/inode.c: fix hwpoison reserve accounting (Artem Savkov) [1751589]
- [fs] mm: hwpoison: dissolve in-use hugepage in unrecoverable memory error (Artem Savkov) [1751589]
- [mm] mm: soft-offline: dissolve free hugepage if soft-offlined (Artem Savkov) [1751589]
- [mm] mm: hugetlb: soft-offline: dissolve source hugepage after successful migration (Artem Savkov) [1751589]
- [mm] mm: hwpoison: change PageHWPoison behavior on hugetlb pages (Artem Savkov) [1751589]
- [mm] mm: hugetlb: prevent reuse of hwpoisoned free hugepages (Artem Savkov) [1751589]
- [netdrv] net/mlx5: Tidy up and fix reverse christmas ordring (Alaa Hleihel) [1831134]
- [netdrv] net/mlx5: Expose port speed when possible (Alaa Hleihel) [1831134]
- [include] net/mlx5: Expose link speed directly (Alaa Hleihel) [1831134]
- [usb] USB: core: Fix races in character device registration and deregistraion (Torez Smith) [1785065] {CVE-2019-19537}
- [usb] usb: cdc-acm: make sure a refcount is taken early enough (Torez Smith) [1802548] {CVE-2019-19530}
- [usb] USB: adutux: fix use-after-free on disconnect (Torez Smith) [1798822] {CVE-2019-19523}
- [media] media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap (Torez Smith) [1795597] {CVE-2019-15217}
[3.10.0-1145]
- [scsi] scsi: qla2xxx: Do not log message when reading port speed via sysfs (Ewan Milne) [1837543]
- [mm] mm: dmapool: add/remove sysfs file outside of the pool lock lock (Waiman Long) [1836837]
- [mm] Fix unbalanced mutex in dma_pool_create() (Waiman Long) [1836837]
- [mm] mm/dmapool.c: remove redundant NULL check for dev in dma_pool_create() (Waiman Long) [1836837]
- [x86] x86/speculation: Prevent deadlock on ssb_state::lock (Waiman Long) [1836322]
- [netdrv] can, slip: Protect tty->disc_data in write_wakeup and close with RCU (John Linville) [1805590]
- [netdrv] slcan: Port write_wakeup deadlock fix from slip (John Linville) [1805590]
- [fs] ext4: fix support for inode sizes > 1024 bytes (Lukas Czerner) [1817634] {CVE-2019-19767}
- [fs] ext4: add more paranoia checking in ext4_expand_extra_isize handling (Lukas Czerner) [1817634] {CVE-2019-19767}
- [fs] ext4: forbid i_extra_isize not divisible by 4 (Lukas Czerner) [1817634] {CVE-2019-19767}
- [fs] ext4: validate the debug_want_extra_isize mount option at parse time (Lukas Czerner) [1817634] {CVE-2019-19767}
- [fs] cachefiles: Fix race between read_waiter and read_copier involving op->to_do (Dave Wysochanski) [1829662]
- [fs] jbd2: Fix possible overflow in jbd2_log_space_left() (Lukas Czerner) [1626092]
- [media] media: v4l: event: Add subscription to list before calling 'add' operation (Jarod Wilson) [1828802] {CVE-2019-9458}
- [media] media: v4l: event: Prevent freeing event subscriptions while accessed (Jarod Wilson) [1828802] {CVE-2019-9458}
- [fs] block: Prevent hung_check firing during long sync IO (Ming Lei) [1724345]
[3.10.0-1144]
- [crypto] crypto: user - fix memory leak in crypto_report (Vladis Dronov) [1825132] {CVE-2019-18808 CVE-2019-19062}
- [crypto] crypto: ccp - Release all allocated memory if sha type is invalid (Vladis Dronov) [1825132] {CVE-2019-18808}
- [net] xfrm: policy: Fix doulbe free in xfrm_policy_timer (Xin Long) [1836813]
- [net] xfrm: add the missing verify_sec_ctx_len check in xfrm_add_acquire (Xin Long) [1836813]
- [net] xfrm: fix uctx len check in verify_sec_ctx_len (Xin Long) [1836813]
- [net] rtnetlink: validate IFLA_MTU attribute in rtnl_create_link() (Jiri Benc) [1835352]
- [net] rtnetlink: ndo_dflt_fdb_dump() only work for ARPHRD_ETHER devices (Jiri Benc) [1835352]
- [net] netlink: fix uninit-value in netlink_sendmsg (Jiri Benc) [1835352]
- [net] netlink: make sure nladdr has correct size in netlink_connect() (Jiri Benc) [1835352]
- [net] rtnetlink: fix info leak in RTM_GETSTATS call (Jiri Benc) [1835352]
- [net] rtnetlink: release net refcnt on error in do_setlink() (Jiri Benc) [1835352]
- [net] bridge: deny dev_set_mac_address() when unregistering (Hangbin Liu) [1834203]
- [net] bridge/mdb: remove wrong use of NLM_F_MULTI (Hangbin Liu) [1834203]
- [net] udp: disable inner UDP checksum offloads in IPsec case (Sabrina Dubroca) [1826244]
- [net] sctp: Fix SHUTDOWN CTSN Ack in the peer restart case (Xin Long) [1833869]
- [net] sctp: Fix bundling of SHUTDOWN with COOKIE-ACK (Xin Long) [1833869]
- [net] sctp: fix possibly using a bad saddr with a given dst (Xin Long) [1833869]
- [net] sctp: fix refcount bug in sctp_wfree (Xin Long) [1833869]
- [net] sctp: move the format error check out of __sctp_sf_do_9_1_abort (Xin Long) [1833869]
- [net] sctp: free cmd->obj.chunk for the unprocessed SCTP_CMD_REPLY (Xin Long) [1833869]
- [net] sctp: fully initialize v4 addr in some functions (Xin Long) [1833869]
- [net] sctp: simplify addr copy (Xin Long) [1833869]
- [net] sctp: cache netns in sctp_ep_common (Xin Long) [1833869]
- [net] sctp: destroy bucket if failed to bind addr (Xin Long) [1833869]
- [net] sctp: Fix the link time qualifier of 'sctp_ctrlsock_exit()' (Xin Long) [1833869]
- [net] netfilter: nat: never update the UDP checksum when its 0 (Guillaume Nault) [1834278]
- [net] esp4: add length check for UDP encapsulation (Sabrina Dubroca) [1825155]
- [net] sit: fix memory leak in sit_init_net() (Andrea Claudi) [1830011] {CVE-2019-16994}
- [net] sched: cbs: fix NULL dereference in case cbs_init() fails (Davide Caratti) [1830245]
- [net] netfilter: nf_tables: use-after-free in dynamic operations (Phil Sutter) [1819087]
- [net] tcp: tcp_v4_err() should be more careful (Marcelo Leitner) [1749964]
- [net] tcp: remove BUG_ON from tcp_v4_err (Marcelo Leitner) [1749964]
- [net] tcp: clear icsk_backoff in tcp_write_queue_purge() (Marcelo Leitner) [1749964]
- [net] psample: fix skb_over_panic (Sabrina Dubroca) [1823251]
- [net] sched: ensure opts_len <= IP_TUNNEL_OPTS_MAX in act_tunnel_key (Patrick Talbert) [1823691]
- [netdrv] fjes: Handle workqueue allocation failure (Masayoshi Mizuma) [1830563] {CVE-2019-16231}
[3.10.0-1143]
- [mm] mm: mempolicy: require at least one nodeid for MPOL_PREFERRED (Rafael Aquini) [1834434] {CVE-2020-11565}
- [fs] fs: avoid softlockups in s_inodes iterators (Jay Shin) [1760145]
- [scsi] scsi: core: Add DID_ALLOC_FAILURE and DID_MEDIUM_ERROR to hostbyte_table (Maurizio Lombardi) [1832019]
- [fs] locks: allow filesystems to request that ->setlease be called without i_lock (Jeff Layton) [1830606]
- [fs] locks: move fasync setup into generic_add_lease (Jeff Layton) [1830606]
- [fs] revert '[fs] xfs: catch bad stripe alignment configurations' (Carlos Maiolino) [1836292]
- [scsi] scsi: scsi_debug: num_tgts must be >= 0 (Ewan Milne) [1834998]
- [scsi] scsi: scsi_debug: Avoid PI being disabled when TPGS is enabled (Ewan Milne) [1834998]
- [scsi] scsi: scsi_debug: Fix memory leak if LBP enabled and module is unloaded (Ewan Milne) [1834998]
- [scsi] scsi_debug: check for bigger value first (Ewan Milne) [1834998]
- [scsi] scsi_debug: vfree is null safe so drop the check (Ewan Milne) [1834998]
- [scsi] scsi_debug: error message should say scsi_host_alloc not scsi_register (Ewan Milne) [1834998]
- [fs] xfs: Fix tail rounding in xfs_alloc_file_space() (Bill ODonnell) [1833223]
- [fs] ceph: dont drop message if it contains more data than expected (Jeff Layton) [1828340]
- [fs] ceph: dont error out on larger-than-expected session messages (Jeff Layton) [1828340]
- [acpi] ACPI: disable BERT by default, add parameter to enable it (Aristeu Rozanski) [1525298]
- [acpi] ACPI: APEI: Fix possible out-of-bounds access to BERT region (Aristeu Rozanski) [1525298]
- [acpi] ACPI / sysfs: Extend ACPI sysfs to provide access to boot error region (Aristeu Rozanski) [1525298]
- [acpi] ACPI: APEI: Fix BERT resources conflict with ACPI NVS area (Aristeu Rozanski) [1525298]
- [acpi] ACPI / APEI: Add Boot Error Record Table (BERT) support (Aristeu Rozanski) [1525298]
- [acpi] ACPICA: Restore error table definitions to reduce code differences between Linux and ACPICA upstream (Aristeu Rozanski) [1525298]
[3.10.0-1142]
- [fs] gfs2: Another gfs2_walk_metadata fix (Andreas Grunbacher) [1822230]
- [fs] ext4: prevent ext4_quota_write() from failing due to ENOSPC (Lukas Czerner) [1068952]
- [fs] ext4: do not zeroout extents beyond i_disksize (Lukas Czerner) [1834320]
- [fs] pnfs: Ensure we layoutcommit before revalidating attributes (Benjamin Coddington) [1827647]
- [fs] nfs: flush data when locking a file to ensure cache coherence for mmap (Scott Mayhew) [1813811]
- [fs] call fsnotify_sb_delete after evict_inodes (Jay Shin) [1760145]
- [fs] inode: dont softlockup when evicting inodes (Jay Shin) [1760145]
- [fs] drop_caches.c: avoid softlockups in drop_pagecache_sb() (Jay Shin) [1760145]
- [fs] gfs2: More gfs2_find_jhead fixes (Abhijith Das) [1828454]
- [fs] gfs2: Another gfs2_find_jhead fix (Abhijith Das) [1828454]
- [fs] nfs: fix mount/umount race in nlmclnt (Jay Shin) [1771205]
- [fs] nlm_shutdown_hosts_net() cleanup (Jay Shin) [1771205]
- [scsi] scsi: megaraid: Use true, false for bool variables (Tomas Henzl) [1827037]
- [scsi] scsi: megaraid: make two symbols static in megaraid_sas_base.c (Tomas Henzl) [1827037]
- [scsi] scsi: megaraid: make some symbols static in megaraid_sas_fusion.c (Tomas Henzl) [1827037]
- [scsi] scsi: megaraid: make some symbols static in megaraid_sas_fp.c (Tomas Henzl) [1827037]
- [scsi] scsi: megaraid_sas: Use scnprintf() for avoiding potential buffer overflow (Tomas Henzl) [1827037]
- [scsi] scsi: megaraid_sas: silence a warning (Tomas Henzl) [1827037]
- [scsi] scsi: megaraid_sas: fix indentation issue (Tomas Henzl) [1827037]
- [scsi] scsi: megaraid_sas: Limit the number of retries for the IOCTLs causing firmware fault (Tomas Henzl) [1827037]
- [scsi] scsi: megaraid_sas: Do not initiate OCR if controller is not in ready state (Tomas Henzl) [1827037]
- [scsi] scsi: megaraid_sas: Re-Define enum DCMD_RETURN_STATUS (Tomas Henzl) [1827037]
- [scsi] scsi: megaraid_sas: Do not set HBA Operational if FW is not in operational state (Tomas Henzl) [1827037]
- [scsi] scsi: megaraid_sas: Do not kill HBA if JBOD Seqence map or RAID map is disabled (Tomas Henzl) [1827037]
- [scsi] scsi: megaraid_sas: Do not kill host bus adapter, if adapter is already dead (Tomas Henzl) [1827037]
- [scsi] scsi: megaraid_sas: Update optimal queue depth for SAS and NVMe devices (Tomas Henzl) [1827037]
- [scsi] scsi: megaraid_sas: Reset adapter if FW is not in READY state after device resume (Tomas Henzl) [1827037]
- [scsi] scsi: megaraid_sas: Make poll_aen_lock static (Tomas Henzl) [1827037]
- [scsi] scsi: megaraid_sas: Fix a compilation warning (Tomas Henzl) [1827037]
- [scsi] scsi: megaraid_sas: Make a bunch of functions static (Tomas Henzl) [1827037]
- [scsi] scsi: megaraid_sas: Make some functions static (Tomas Henzl) [1827037]
- [scsi] scsi: megaraid_sas: remove unused variables 'debugBlk', 'fusion' (Tomas Henzl) [1827037]
- [scsi] scsi: megaraid_sas: Unique names for MSI-X vectors (Tomas Henzl) [1827037]
- [scsi] scsi: megaraid_sas: fix panic on loading firmware crashdump (Tomas Henzl) [1827037]
- [scsi] scsi: megaraid_sas: fix spelling mistake 'megarid_sas' -> 'megaraid_sas' (Tomas Henzl) [1827037]
- [scsi] scsi: mpt3sas: Disable DIF when prot_mask set to zero (Tomas Henzl) [1832868]
- [scsi] scsi: mpt3sas: Handle RDPQ DMA allocation in same 4G region (Tomas Henzl) [1832868]
- [scsi] scsi: mpt3sas: Separate out RDPQ allocation to new function (Tomas Henzl) [1832868]
- [scsi] scsi: mpt3sas: Rename function name is_MSB_are_same (Tomas Henzl) [1832868]
- [scsi] scsi: mpt3sas: Dont change the DMA coherent mask after allocations (Tomas Henzl) [1832868]
- [scsi] scsi: mpt3sas: Fix kernel panic observed on soft HBA unplug (Tomas Henzl) [1832868]
- [scsi] scsi: mpt3sas: Fix double free in attach error handling (Tomas Henzl) [1832868]
- [scsi] scsi: mpt3sas: Use Component img header to get Package ver (Tomas Henzl) [1832868]
- [scsi] scsi: mpt3sas: Fix module parameter max_msix_vectors (Tomas Henzl) [1832868]
- [scsi] scsi: mpt3sas: Reject NVMe Encap cmnds to unsupported HBA (Tomas Henzl) [1832868]
- [netdrv] hv_netvsc: Fix error handling in netvsc_set_features() (Mohammed Gamal) [1821814]
- [netdrv] hv_netvsc: Sync offloading features to VF NIC (Mohammed Gamal) [1821814]
- [netdrv] hv_netvsc: Fix IP header checksum for coalesced packets (Mohammed Gamal) [1821814]
- [netdrv] hv_netvsc: Fix rndis_per_packet_info internal field initialization (Mohammed Gamal) [1821814]
- [netdrv] hv_netvsc: Add handler for LRO setting change (Mohammed Gamal) [1821814]
- [netdrv] hv_netvsc: Add support for LRO/RSC in the vSwitch (Mohammed Gamal) [1821814]
- [netdrv] hv_netvsc: Add handlers for ethtool get/set msg level (Mohammed Gamal) [1821814]
- [netdrv] hv_netvsc: Fix the variable sizes in ipsecv2 and rsc offload (Mohammed Gamal) [1821814]
- [fs] fix mntput/mntput race (Miklos Szeredi) [1828320]
- [wireless] rtlwifi: prevent memory leak in rtl_usb_probe (Jarod Wilson) [1829847] {CVE-2019-19063}
- [wireless] iwlwifi: dbg_ini: fix memory leak in alloc_sgtable (Jarod Wilson) [1829375] {CVE-2019-19058}
- [net] nl80211: fix memory leak in nl80211_get_ftm_responder_stats (Jarod Wilson) [1829289] {CVE-2019-19055}
- [wireless] iwlwifi: pcie: fix memory leaks in iwl_pcie_ctxt_info_gen3_init (Jarod Wilson) [1829393] {CVE-2019-19059}
[3.10.0-1141]
- [kernel] sched/fair: Scale bandwidth quota and period without losing quota/period ratio precision (Artem Savkov) [1752067]
- [edac] EDAC: skx_common: downgrade message importance on missing PCI device (Aristeu Rozanski) [1832683]
- [s390] s390/qdio: consider ERROR buffers for inbound-full condition (Philipp Rudo) [1831791]
- [s390] s390/ftrace: fix potential crashes when switching tracers (Philipp Rudo) [1813124]
- [netdrv] ibmvnic: Skip fatal error reset after passive init (Steve Best) [1830992]
- [scsi] smartpqi: bump driver version (Don Brace) [1822762]
- [scsi] scsi: smartpqi: add bay identifier (Don Brace) [1822762]
- [scsi] scsi: smartpqi: add module param to hide vsep (Don Brace) [1822762]
- [scsi] scsi: bnx2fc: Update the driver version to 2.12.13 (Nilesh Javali) [1709542]
- [scsi] scsi: bnx2fc: fix boolreturn.cocci warnings (Nilesh Javali) [1709542]
- [scsi] scsi: bnx2fc: Fix SCSI command completion after cleanup is posted (Nilesh Javali) [1709542]
- [scsi] scsi: bnx2fc: Process the RQE with CQE in interrupt context (Nilesh Javali) [1709542]
- [scsi] scsi: qla2xxx: Fix a recently introduced kernel warning (Nilesh Javali) [1828875]
- [scsi] Fix abort timeouts in CQ Full conditions (Dick Kennedy) [1802654]
- [input] Input: add safety guards to input_set_keycode() (Chris von Recklinghausen) [1828222] {CVE-2019-20636}
- [scsi] scsi: libsas: delete sas port if expander discover failed (Tomas Henzl) [1829965] {CVE-2019-15807}
- [net] netlabel: cope with NULL catmap (Paolo Abeni) [1827240] {CVE-2020-10711}
[3.10.0-1140]
- [netdrv] mlx5: Remove unsupported tag for ConnectX-6 Dx device (Alaa Hleihel) [1829777]
- [fs] xfs: clear PF_MEMALLOC before exiting xfsaild thread (Brian Foster) [1827910]
- [fs] gfs2: fix O_EXCL|O_CREAT handling on cold dcache (Andrew Price) [1812558]
- [fs] nfs: Correct an nfs page array calculation error (Jay Shin) [1824270]
- [infiniband] RDMA/bnxt_re: Fix stat push into dma buffer on gen p5 devices (Jonathan Toppins) [1828475 1824438]
- [netdrv] bnxt_en: Fix allocation of zero statistics block size regression (Jonathan Toppins) [1824438]
- [netdrv] bnxt_en: Allocate the larger per-ring statistics block for 57500 chips (Jonathan Toppins) [1824438]
- [netdrv] bnxt_en: Expand bnxt_tpa_info struct to support 57500 chips (Jonathan Toppins) [1824438]
- [netdrv] bnxt_en: Refactor TPA logic (Jonathan Toppins) [1824438]
- [netdrv] bnxt_en: Add TPA structure definitions for BCM57500 chips (Jonathan Toppins) [1824438]
- [netdrv] bnxt_en: Update firmware interface spec. to 1.10.0.89 (Jonathan Toppins) [1824438]
- [netdrv] bnxt_en: Update firmware interface to 1.10.0.69 (Jonathan Toppins) [1824438]
- [netdrv] bnxt_en: Update firmware interface spec. to 1.10.0.47 (Jonathan Toppins) [1824438]
- [netdrv] bnxt_en: Refactor ethtool ring statistics logic (Jonathan Toppins) [1824438]
- [block] blk-mq: Put driver tag in blk_mq_dispatch_rq_list() when no budget (Ming Lei) [1825431]
- [scsi] scsi: fnic: do not queue commands during fwreset (Govindarajulu Varadarajan) [1794150]
- [scsi] scsi: fnic: fix invalid stack access (Govindarajulu Varadarajan) [1794150]
- [scsi] scsi: fnic: fix use after free (Govindarajulu Varadarajan) [1794150]
- [netdrv] enic: prevent waking up stopped tx queues over watchdog reset (Govindarajulu Varadarajan) [1794148]
- [fs] ceph: use ceph_evict_inode to cleanup inodes resource (Jeff Layton) [1784016]
- [fs] ceph: fix use-after-free in __ceph_remove_cap() (Jeff Layton) [1784016]
- [fs] ceph: hold i_ceph_lock when removing caps for freeing inode (Jeff Layton) [1784016]
- [input] Input: ff-memless - kill timer in destroy() (Chris von Recklinghausen) [1815021] {CVE-2019-19524}
- [scsi] scsi: qla2xxx: fix a potential NULL pointer dereference ('Ewan D. Milne') [1829246] {CVE-2019-16233}
[3.10.0-1139]
- [fs] nfsd: Fix races between nfsd4_cb_release() and nfsd4_shutdown_callback() ('J. Bruce Fields') [1448750]
- [fs] nfsd: minor 4.1 callback cleanup ('J. Bruce Fields') [1448750]
- [fs] nfsd: Dont release the callback slot unless it was actually held (Benjamin Coddington) [1448750]
- [lib] kobject: dont use WARN for registration failures (Ewan Milne) [1756495]
- [lib] lib/kobject: Join string literals back (Ewan Milne) [1756495]
- [scsi] scsi: ibmvfc: Dont send implicit logouts prior to NPIV login (Steve Best) [1828726]
- [fs] nfs: Serialize O_DIRECT reads and writes (Benjamin Coddington) [1826571]
- [mm] mm/page_owner: convert page_owner_inited to static key (Rafael Aquini) [1781726]
- [mm] mm/page_owner: set correct gfp_mask on page_owner (Rafael Aquini) [1781726]
- [mm] mm/page_owner: fix possible access violation (Rafael Aquini) [1781726]
- [mm] mm/page_owner: use late_initcall to hook in enabling (Rafael Aquini) [1781726]
- [mm] mm/page_owner: remove unnecessary stack_trace field (Rafael Aquini) [1781726]
- [mm] mm/page_owner: correct owner information for early allocated pages (Rafael Aquini) [1781726]
- [mm] mm/page_owner: keep track of page owners (Rafael Aquini) [1781726]
- [documentation] Documentation: add new page_owner document (Rafael Aquini) [1781726]
- [kernel] stacktrace: introduce snprint_stack_trace for buffer output (Rafael Aquini) [1781726]
[3.10.0-1138]
- [infiniband] RDMA/bnxt_re: Fix chip number validation Broadcoms Gen P5 series (Jonathan Toppins) [1823679]
- [scsi] scsi: qla2xxx: Silence fwdump template message (Ewan Milne) [1783191]
- [scsi] scsi: hpsa: Update driver version (Joseph Szczypek) [1808403]
- [scsi] scsi: hpsa: correct race condition in offload enabled (Joseph Szczypek) [1808403]
- [netdrv] bonding: fix active-backup transition after link failure (Jarod Wilson) [1712235]
- [netdrv] bonding: fix state transition issue in link monitoring (Jarod Wilson) [1712235]
- [netdrv] bonding: fix potential NULL deref in bond_update_slave_arr (Jarod Wilson) [1712235]
- [netdrv] bonding: Force slave speed check after link state recovery for 802.3ad (Jarod Wilson) [1712235]
- [i2c] i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA (Vladis Dronov) [1822641] {CVE-2017-18551}
- [acpi] ACPI / EC: Ensure lock is acquired before accessing ec struct (Al Stone) [1811132]
- [x86] x86/mce: Do not log spurious corrected mce errors (Prarit Bhargava) [1797205]
- [wireless] mwifiex: Fix mem leak in mwifiex_tm_cmd (Jarod Wilson) [1804971] {CVE-2019-20095}
- [kernel] kernel/module.c: wakeup processes in module_wq on module unload (Prarit Bhargava) [1771939]
- [acpi] ACPICA: acpi: acpica: fix acpi operand cache leak in nseval.c (Prarit Bhargava) [1790782]
[3.10.0-1137]
- [tty] tty/hvc: Use IRQF_SHARED for OPAL hvc consoles (Gustavo Duarte) [1600213]
- [mm] mm/swap_slots.c: fix race conditions in swap_slots cache init (Rafael Aquini)
- [block] loop: set PF_MEMALLOC_NOIO for the worker thread (Ming Lei) [1825950]
- [tty] serial: 8250: drop the printk from serial8250_interrupt() (Prarit Bhargava) [1825049]
- [net] net: linkwatch: add check for netdevice being present to linkwatch_do_dev (Alaa Hleihel) [1595302]
[3.10.0-1136]
- [fs] sunrpc: expiry_time should be seconds not timeval (Benjamin Coddington) [1794055]
- [nvdimm] Revert 'driver boilerplate changes to properly manage device_rh' (Christoph von Recklinghausen) [1823750]
- [base] call device_rh_free in device_release before driver/class/type release is called (Christoph von Recklinghausen) [1822888]
- [md] md:md-faulty kernel panic is caused by QUEUE_FLAG_NO_SG_MERGE (Nigel Croxon) [1822462]
- [firmware] efi: cper: print AER info of PCIe fatal error (Vladis Dronov) [1820646]
- [scsi] qla2xxx: Update driver version to 10.01.00.22.07.9-k (Nilesh Javali) [1808129]
- [scsi] scsi: qla2xxx: Fix message indicating vectors used by driver (Nilesh Javali) [1808129]
- [scsi] scsi: qla2xxx: Move free of fcport out of interrupt context (Nilesh Javali) [1808129]
- [scsi] qla2xxx: delete all sessions before unregister local nvme port (Nilesh Javali) [1808129]
- [scsi] qla2xxx: Fix hang when issuing nvme disconnect-all in NPIV (Nilesh Javali) [1808129]
- [scsi] scsi: qla2xxx: Fix a NULL pointer dereference in an error path (Nilesh Javali) [1808129]
- [scsi] scsi: qla2xxx: Fix mtcp dump collection failure (Nilesh Javali) [1808129]
- [scsi] scsi: qla2xxx: Fix RIDA Format-2 (Nilesh Javali) [1808129]
- [scsi] scsi: qla2xxx: Fix stuck login session using prli_pend_timer (Nilesh Javali) [1808129]
- [scsi] scsi: qla2xxx: Add a shadow variable to hold disc_state history of fcport (Nilesh Javali) [1808129]
- [scsi] scsi: qla2xxx: Use common routine to free fcport struct (Nilesh Javali) [1808129]
- [scsi] scsi: qla2xxx: Fix update_fcport for current_topology (Nilesh Javali) [1808129]
- [scsi] scsi: qla2xxx: Fix fabric scan hang (Nilesh Javali) [1808129]
- [scsi] scsi: qla2xxx: Complain if sp->done() is not called from the completion path (Nilesh Javali) [1808129]
- [scsi] scsi: qla2xxx: Ignore PORT UPDATE after N2N PLOGI (Nilesh Javali) [1808129]
- [scsi] scsi: qla2xxx: Change discovery state before PLOGI (Nilesh Javali) [1808129]
- [scsi] scsi: qla2xxx: Initialize free_work before flushing it (Nilesh Javali) [1808129]
- [scsi] scsi: qla2xxx: Retry fabric Scan on IOCB queue full (Nilesh Javali) [1808129]
- [scsi] scsi: qla2xxx: initialize fc4_type_priority (Nilesh Javali) [1808129]
- [scsi] scsi: qla2xxx: Fix a dma_pool_free() call (Nilesh Javali) [1808129]
- [security] selinux: ensure we cleanup the internal AVC counters on error in avc_insert() (Artem Savkov) [1808675]
- [acpi] ACPICA: Mark acpi_ut_create_internal_object_dbg() memory allocations as non-leaks (Artem Savkov) [1808675]
- [x86] x86/microcode/AMD: Free unneeded patch before exit from update_cache() (Artem Savkov) [1808675]
- [mm] memcg: ensure mem_cgroup_idr is updated in a coordinated manner (Aaron Tomlin) [1822405]
- [mm] mm/page_alloc: increase default min_free_kbytes bound (Joel Savitz) [1704326]
- [scsi] scsi: lpfc: Fix unexpected error messages during RSCN handling (Dick Kennedy) [1743667]
- [scsi] scsi: lpfc: Fix discovery failures when target device connectivity bounces (Dick Kennedy) [1743667]
- [scsi] scsi: lpfc: Fix devices that dont return after devloss followed by rediscovery (Dick Kennedy) [1743667]
- [scsi] scsi: lpfc: Fix port relogin failure due to GID_FT interaction (Dick Kennedy) [1743667]
- [video] vgacon: Fix a UAF in vgacon_invert_region (Vladis Dronov) [1818730] {CVE-2020-8647 CVE-2020-8649}
- [x86] uprobes/x86: Fix detection of 32-bit user mode (Oleg Nesterov) [1804959]
- [powerpc] module: Handle R_PPC64_ENTRY relocations (Yauheni Kaliuta) [1657540]
- [scripts] recordmcount.pl: support data in text section on powerpc (Yauheni Kaliuta) [1657540]
- [powerpc] boot: Request no dynamic linker for boot wrapper (Yauheni Kaliuta) [1657540]
[3.10.0-1135]
- [fs] fscache: Fix race in fscache_op_complete() due to split atomic_sub & read (Dave Wysochanski) [1683490]
- [fs] fscache: Pass the correct cancelled indications to fscache_op_complete() (Dave Wysochanski) [1683490]
- [char] tpm: ibmvtpm: Wait for buffer to be set before proceeding (Jerry Snitselaar) [1815536]
- [fs] NFS: Fix a race between mmap() and O_DIRECT (Benjamin Coddington) [1813803]
- [fs] NFS: Remove a redundant call to unmap_mapping_range() (Benjamin Coddington) [1813803]
- [fs] NFS: Remove redundant waits for O_DIRECT in fsync() and write_begin() (Benjamin Coddington) [1813803]
- [fs] NFS: Cleanup nfs_direct_complete() (Benjamin Coddington) [1813803]
- [fs] NFS: Do not serialise O_DIRECT reads and writes (Benjamin Coddington) [1813803]
- [fs] NFS: Move buffered I/O locking into nfs_file_write() (Benjamin Coddington) [1813803]
- [fs] bdi: make inode_to_bdi() inline (Benjamin Coddington) [1813803]
- [fs] NFS: Remove racy size manipulations in O_DIRECT (Benjamin Coddington) [1813803]
- [fs] NFS: Dont hold the inode lock across fsync() (Benjamin Coddington) [1813803]
- [fs] nfs: remove nfs_inode_dio_wait (Benjamin Coddington) [1813803]
- [fs] nfs: remove nfs4_file_fsync (Benjamin Coddington) [1813803]
- [fs] NFS: Kill NFS_INO_NFS_INO_FLUSHING: it is a performance killer (Benjamin Coddington) [1813803]
- [fs] filesystem-dax: Fix dax_layout_busy_page() livelock (Carlos Maiolino) [1817866]
- [block] blk-mq: fix hang caused by freeze/unfreeze sequence (Ming Lei) [1821718]
- [fs] ceph: dont NULL terminate virtual xattrs (Jeff Layton) [1717454]
- [fs] ceph: return -ERANGE if virtual xattr value didnt fit in buffer (Jeff Layton) [1717454]
- [fs] ceph: make getxattr_cb return ssize_t (Jeff Layton) [1717454]
- [fs] ceph: use bit flags to define vxattr attributes (Jeff Layton) [1717454]
- [tty] tty: Prevent ldisc drivers from re-using stale tty fields (Vladis Dronov) [1820031]
- [powerpc] powerpc64/kexec: Hard disable ftrace before switching to the new kernel (Jerome Marchand) [1731578]
- [powerpc] powerpc64/ftrace: Delay enabling ftrace on secondary cpus (Jerome Marchand) [1731578]
- [powerpc] powerpc64/ftrace: Add helpers to hard disable ftrace (Jerome Marchand) [1731578]
- [powerpc] powerpc64/ftrace: Rearrange #ifdef sections in ftrace.h (Jerome Marchand) [1731578]
- [powerpc] powerpc64/ftrace: Add a field in paca to disable ftrace in unsafe code paths (Jerome Marchand) [1731578]
- [powerpc] powerpc/ftrace: Pass the correct stack pointer for DYNAMIC_FTRACE_WITH_REGS (Jerome Marchand) [1731578]
- [isdn] mISDN: enforce CAP_NET_RAW for raw sockets (Andrea Claudi) [1779474] {CVE-2019-17055}
- [virtio] virtio-balloon: fix managed page counts when migrating pages between zones (David Hildenbrand) [1780330]
[3.10.0-1134]
- [net] netfilter: nf_log: fix uninit read in nf_log_proc_dostring (Phil Sutter) [1770232]
- [net] netfilter: nf_log: fix error on write NONE to logger choice sysctl (Phil Sutter) [1770232]
- [net] ethtool: convert large order kmalloc allocations to vzalloc (Davide Caratti) [1786448]
- [net] l2tp: Allow duplicate session creation with UDP (Guillaume Nault) [1808928]
- [net] sched: flower: insert new filter to idr after setting its mask (Davide Caratti) [1785141]
- [net] ipv6: remove printk (Hangbin Liu) [1779533]
- [net] netfilter: ctnetlink: netns exit must wait for callbacks (Florian Westphal) [1766816]
- [net] raw: do not report ICMP redirects to user space (Hangbin Liu) [1758386]
[3.10.0-1133]
- [powerpc] powerpc/pseries/dlpar: Fix a missing check in dlpar_parse_cc_property() (Steve Best) [1806629] {CVE-2019-12614}
- [s390] s390/pci: Recover handle in clp_set_pci_fn() (Philipp Rudo) [1816662]
- [fs] xfs: fix attr leaf header freemap.size underflow (Bill ODonnell) [1808671]
- [block] floppy: check FDC index for errors before assigning it (Ming Lei) [1815403] {CVE-2020-9383}
- [block] virtio-blk: improve virtqueue error to BLK_STS (Philipp Rudo) [1818001]
- [block] virtio-blk: fix hw_queue stopped on arbitrary error (Philipp Rudo) [1818001]
- [s390] dasd: fix endless loop after read unit address configuration (Philipp Rudo) [1816661]
- [fs] CIFS: Fix NULL-pointer dereference in smb2_push_mandatory_locks (Leif Sahlberg) [1504193]
- [fs] cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs (Leif Sahlberg) [1504193]
- [char] ipmi: Fix memory leak in __ipmi_bmc_register (Tony Camuso) [1812836] {CVE-2019-19046}
- [net] ipvs: Remove noisy debug print from ip_vs_del_service (Alexey Klimov) [1769816]
[3.10.0-1132]
- [tools] tools/power turbostat: Support Ice Lake server (Steve Best) [1776508]
- [nvme] nvme-fc: ensure association_id is cleared regardless of a Disconnect LS (Ewan Milne) [1816752]
- [nvme] nvme-fc: clarify error messages (Ewan Milne) [1816752]
- [nvme] nvme-fc: fix module unloads while lports still pending (Ewan Milne) [1816752]
- [scsi] scsi: sd: Clear sdkp->protection_type if disk is reformatted without PI (Ewan Milne) [1816307]
- [scsi] scsi: core: Fix a compiler warning triggered by the SCSI logging code (Ewan Milne) [1816307]
- [scsi] scsi: tracing: Fix handling of TRANSFER LENGTH == 0 for READ(6) and WRITE(6) (Ewan Milne) [1816307]
- [scsi] scsi: core: scsi_trace: Use get_unaligned_be*() (Ewan Milne) [1816307]
- [scsi] scsi: core: try to get module before removing device (Ewan Milne) [1816307]
- [scsi] scsi: scsi_dh_alua: handle RTPG sense code correctly during state transitions (Ewan Milne) [1816307]
- [scsi] scsi: device_handler: remove VLAs (Ewan Milne) [1816307]
- [scsi] scsi: scsi_dh: Document alua_rtpg_queue() arguments (Ewan Milne) [1816307]
- [scsi] scsi: scsi_dh_alua: skip RTPG for devices only supporting active/optimized (Ewan Milne) [1816307]
- [scsi] scsi: scsi_dh_emc: return success in clariion_std_inquiry() (Ewan Milne) [1816307]
- [target] scsi: target: iscsi: rename some variables to avoid confusion (Maurizio Lombardi) [1806966]
- [target] scsi: target: iscsi: tie the challenge length to the hash digest size (Maurizio Lombardi) [1806966]
- [target] scsi: target: iscsi: CHAP: add support for SHA1, SHA256 and SHA3-256 (Maurizio Lombardi) [1806966]
- [target] scsi: target: compare full CHAP_A Algorithm strings (Maurizio Lombardi) [1806966]
- [base] device_release() can call device_rh_free() too (Christoph von Recklinghausen) [1793248]
- [nvdimm] driver boilerplate changes to properly manage device_rh (Christoph von Recklinghausen) [1793248]
- [base] Add an interface for certain drivers who manage their own struct devices to disassociate their device_rhs (Christoph von Recklinghausen) [1793248]
- [base] kfree(dev->device_rh) in device_create_release() (Christoph von Recklinghausen) [1793248]
- [base] kfree and zero device_rh in device_release() (Christoph von Recklinghausen) [1793248]
- [input] Revert 'Fix device_rh memory leak' (Christoph von Recklinghausen) [1793248]
- [scsi] Revert 'Fix device_rh leak in scsi_alloc_target()' (Christoph von Recklinghausen) [1793248]
- [scsi] Revert 'Fix memory leaks in scsi_alloc_sdev()' (Christoph von Recklinghausen) [1793248]
- [nvdimm] libnvdimm/security: Consolidate 'security' operations (Jeff Moyer) [1735364]
- [nvdimm] libnvdimm/security: Tighten scope of nvdimm->busy vs security operations (Jeff Moyer) [1735364]
- [nvdimm] libnvdimm/security: Introduce a 'frozen' attribute (Jeff Moyer) [1735364]
- [acpi] libnvdimm/security, acpi/nfit: unify zero-key for all security commands (Jeff Moyer) [1735364]
- [nvdimm] libnvdimm/security: provide fix for secure-erase to use zero-key (Jeff Moyer) [1735364]
- [block] block: fix checking return value of blk_mq_init_queue (Maxim Levitsky) [1795777]
- [bluetooth] Bluetooth: hci_ldisc: Postpone HCI_UART_PROTO_READY bit set in hci_uart_set_proto() (Aristeu Rozanski) [1808803] {CVE-2019-15917}
[3.10.0-1131]
- [x86] kvm: x86: clear stale x86_emulate_ctxt->intercept value (Jon Maloy) [1806818] {CVE-2020-2732}
- [x86] kvm: vmx: check descriptor table exits on instruction emulation (Jon Maloy) [1806818] {CVE-2020-2732}
- [x86] kvm: nvmx: Check IO instruction VM-exit conditions (Jon Maloy) [1806818] {CVE-2020-2732}
- [x86] kvm: nvmx: Refactor IO bitmap checks into helper function (Jon Maloy) [1806818] {CVE-2020-2732}
- [x86] kvm: nvmx: Dont emulate instructions in guest mode (Jon Maloy) [1806818] {CVE-2020-2732}
- [x86] kvm: x86: Fix kvm_bitmap_or_dest_vcpus() to use irq shorthand (Nitesh Narayan Lal) [1772082]
- [x86] kvm: x86: Initializing all kvm_lapic_irq fields in ioapic_write_indirect (Nitesh Narayan Lal) [1772082]
- [virt] kvm: x86: remove set but not used variable 'called' (Nitesh Narayan Lal) [1772082]
- [x86] kvm: x86: Zero the IOAPIC scan request dest vCPUs bitmap (Nitesh Narayan Lal) [1772082]
- [x86] kvm: x86: deliver KVM IOAPIC scan request to target vCPUs (Nitesh Narayan Lal) [1772082]
- [kernel] kvm: remember position in kvm->vcpus array (Nitesh Narayan Lal) [1772082]
- [x86] kvm: x86: Drop KVM_APIC_SHORT_MASK and KVM_APIC_DEST_MASK (Nitesh Narayan Lal) [1772082]
- [virt] kvm: introduce kvm_make_vcpus_request_mask() API (Nitesh Narayan Lal) [1772082]
- [virt] kvm: avoid unused variable warning for UP builds (Nitesh Narayan Lal) [1772082]
- [kernel] smp, cpumask: Use non-atomic cpumask_{set, clear}_cpu() (Nitesh Narayan Lal) [1772082]
- [fs] nfs: change sign of nfs_fh length ('J. Bruce Fields') [1813326]
- [netdrv] ibmvnic: Do not process device remove during device reset (Steve Best) [1813903]
- [x86] x86/debug: Extend the lower bound of crash kernel low reservations (Pingfan Liu) [1811511]
- [net] tcp: make tcp_space() aware of socket backlog (Guillaume Nault) [1790840]
- [net] ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup (Sabrina Dubroca) [1774447] {CVE-2020-1749}
- [net] ipv6: add net argument to ip6_dst_lookup_flow (Sabrina Dubroca) [1774447] {CVE-2020-1749}
- [net] ipv6: constify ip6_dst_lookup_{flow|tail}() sock arguments (Sabrina Dubroca) [1774447] {CVE-2020-1749}
- [net] macvlan: return correct error value (Matteo Croce) [1654878]
- [net] ieee802154: enforce CAP_NET_RAW for raw sockets (Andrea Claudi) [1779494] {CVE-2019-17053}
- [net] ipv4: fix fnhe usage by non-cached routes (Hangbin Liu) [1788435]
- [net] route: do not cache fib route info on local routes with oif (Hangbin Liu) [1788435]
- [net] ip6_tunnel: fix potential NULL pointer dereference (Hangbin Liu) [1767045]
- [net] net_sched: remove a bogus warning in hfsc (Davide Caratti) [1781323]
- [netdrv] net/mlx5e: allow TSO on VXLAN over VLAN topologies (Davide Caratti) [1780646]
[3.10.0-1130]
- [scsi] scsi: avoid repetitive logging of device offline messages (Nilesh Javali) [1798042]
- [scsi] qla2xxx: Fix I/Os being passed down when FC device is being deleted (Nilesh Javali) [1798042]
- [scsi] scsi: qla2xxx: Fix unbound sleep in fcport delete path (Nilesh Javali) [1798042]
- [scsi] scsi: qla2xxx: Fix hang in fcport delete path (Nilesh Javali) [1798042]
- [scsi] scsi: qla2xxx: Fix stuck session in GNL (Nilesh Javali) [1798042]
- [scsi] scsi: qla2xxx: Correct fcport flags handling (Nilesh Javali) [1798042]
- [scsi] scsi: qla2xxx: Remove defer flag to indicate immeadiate port loss (Nilesh Javali) [1798042]
- [scsi] iscsi: Avoid potential deadlock in iscsi_if_rx func (Oleksandr Natalenko) [1715986]
- [netdrv] hv/netvsc: Fix NULL dereference at single queue mode fallback (Mohammed Gamal) [1806488]
- [netdrv] hv/netvsc: fix handling of fallback to single queue mode (Mohammed Gamal) [1806488]
- [netdrv] hv_netvsc: Fix unwanted rx_table reset (Mohammed Gamal) [1806488]
- [netdrv] hv_netvsc: Fix tx_table init in rndis_set_subchannel() (Mohammed Gamal) [1806488]
- [netdrv] hv_netvsc: fix typos in code comments (Mohammed Gamal) [1806488]
- [netdrv] hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe() (Mohammed Gamal) [1806488]
- [netdrv] hv_netvsc: Fix hash key value reset after other ops (Mohammed Gamal) [1806488]
- [netdrv] hv_netvsc: Refactor assignments of struct netvsc_device_info (Mohammed Gamal) [1806488]
- [netdrv] hv_netvsc: split sub-channel setup into async and sync (Mohammed Gamal) [1806488]
- [netdrv] hv_netvsc: Fix send_table offset in case of a host bug (Mohammed Gamal) [1806488]
- [netdrv] hv_netvsc: Add NetVSP v6 and v6.1 into version negotiation (Mohammed Gamal) [1806488]
- [netdrv] hv_netvsc: Fix offset usage in netvsc_send_table() (Mohammed Gamal) [1806488]
- [netdrv] hv_netvsc: simplify receive side calling arguments (Mohammed Gamal) [1806488]
- [scsi] scsi: ibmvfc: Fix NULL return compiler warning (Steve Best) [1810643]
- [scsi] scsi: ibmvfc: Avoid loss of all paths during SVC node reboot (Steve Best) [1810643]
- [s390] s390/vdso: add vdso support for coarse clocks (Philipp Rudo) [1791822]
- [s390] s390/vdso: remove NULL pointer check from clock_gettime (Philipp Rudo) [1791822]
- [s390] scsi: zfcp: fix rport unblock if deleted SCSI devices on Scsi_Host (Philipp Rudo) [1804807]
[3.10.0-1129]
- [tools] perf header: Use last modification time for timestamp (Michael Petlan) [1789947]
- [tools] perf header: Fix up argument to ctime() (Michael Petlan) [1789947]
- [hid] HID: multitouch: Add pointstick support for ALPS Touchpad (Benjamin Tissoires) [1672425]
- [kernel] blktrace: fix dereference after null check (Ming Lei) [1798318] {CVE-2019-19768}
- [kernel] blktrace: Protect q->blk_trace with RCU (Ming Lei) [1798318] {CVE-2019-19768}
- [kernel] blktrace: fix trace mutex deadlock (Ming Lei) [1798318] {CVE-2019-19768}
- [kernel] blktrace: fix unlocked registration of tracepoints (Ming Lei) [1798318] {CVE-2019-19768}
- [kernel] blktrace: fix unlocked access to init/start-stop/teardown (Ming Lei) [1798318] {CVE-2019-19768}
- [kernel] tracing: Handle NULL formats in hold_module_trace_bprintk_format() (Oleksandr Natalenko) [1811565]
- [kernel] tracing: Fix trace_printk() to print when not using bprintk() (Oleksandr Natalenko) [1811565]
- [sound] ALSA: timer: Fix incorrectly assigned timer instance (Jaroslav Kysela) [1798457] {CVE-2019-19807}
- [x86] kvm: OOB memory write via kvm_dev_ioctl_get_cpuid (CVE-2019-19332) (Philippe Mathieu-Daud) [1783455] {CVE-2019-19332}
- [x86] kvm: x86: do not reset microcode version on INIT or RESET (Paolo Bonzini) [1801852]
- [x86] kvm: x86: list MSR_IA32_UCODE_REV as an emulated MSR (Paolo Bonzini) [1801852]
- [x86] kvm: x86: Allow userspace to define the microcode version (Paolo Bonzini) [1801852]
[3.10.0-1128]
- [fs] ceph: only use d_name directly when parent is locked (Jeff Layton) [1699402]
- [fs] ext4: work around deleting a file with i_nlink == 0 safely (Carlos Maiolino) [1801046]
- [fs] xfs: attach dquots and reserve quota blocks during unwritten conversion (Carlos Maiolino) [1786005]
- [fs] Revert 'xfs: attach dquots and reserve quota blocks during unwritten conversion' (Carlos Maiolino) [1786005]
- [md] dm mpath: call clear_request_fn_mpio() in multipath_release_clone() (Mike Snitzer) [1806400]
- [scsi] scsi: implement .cleanup_rq callback (Mike Snitzer) [1806400]
- [md] blk-mq: add callback of .cleanup_rq (Mike Snitzer) [1806400]
- [target] target: call init_timer_on_stack() to initialize login_timer (Maurizio Lombardi) [1810037]
- [scsi] scsi: megaraid_sas: fixup MSIx interrupt setup during resume (Tomas Henzl) [1807077]
- [tools] selftests/livepatch: Test interaction with ftrace_enabled (Yannick Cote) [1806653]
- [tools] selftests/livepatch: Make dynamic debug setup and restore generic (Yannick Cote) [1806653]
- [kernel] ftrace: Introduce PERMANENT ftrace_ops flag (Yannick Cote) [1806653]
- [tools] selftests/livepatch: push and pop dynamic debug config (Yannick Cote) [1806653]
Release/Architecture | Filename | MD5sum | Superseded By Advisory |
Oracle Linux 7 (x86_64) | kernel-3.10.0-1160.el7.src.rpm | 226a8fb2967347514cd19fdf9bad812f | ELBA-2021-1397-1 |
bpftool-3.10.0-1160.el7.x86_64.rpm | 7c7e04cd86ff03afc08aeed580318026 | ELBA-2021-1397-1 | |
kernel-3.10.0-1160.el7.x86_64.rpm | 587416c97e793841ab04ed446aae951d | ELBA-2021-1397-1 | |
kernel-abi-whitelists-3.10.0-1160.el7.noarch.rpm | 35aa202f356080c54c45ff7072c48db2 | ELBA-2021-1397-1 | |
kernel-debug-3.10.0-1160.el7.x86_64.rpm | 89fc4691c965ba8dc99e0ff17394d159 | ELBA-2021-1397-1 | |
kernel-debug-devel-3.10.0-1160.el7.x86_64.rpm | a4d8df44ec463288289cb70c71447e04 | ELBA-2021-1397-1 | |
kernel-devel-3.10.0-1160.el7.x86_64.rpm | 4f6c71c67f1d4fd655fb96398e8e7229 | ELBA-2021-1397-1 | |
kernel-doc-3.10.0-1160.el7.noarch.rpm | 88c5ee8848deac4af2d625ed38a8902d | ELBA-2021-1397-1 | |
kernel-headers-3.10.0-1160.el7.x86_64.rpm | 018409f5e54ea9fc43e8902bd6a3cb36 | ELBA-2021-1397-1 | |
kernel-tools-3.10.0-1160.el7.x86_64.rpm | 5eb085107fd66d0b5259672916506e91 | ELBA-2021-1397-1 | |
kernel-tools-libs-3.10.0-1160.el7.x86_64.rpm | d9bf5e90a3f7c36588ba272ab7ab7ab1 | ELBA-2021-1397-1 | |
kernel-tools-libs-devel-3.10.0-1160.el7.x86_64.rpm | 9c98745eca606b5d983b72eab3fc6157 | ELBA-2021-1397-1 | |
perf-3.10.0-1160.el7.x86_64.rpm | 840c7d5dd9c5985d4aebed099560940d | ELSA-2021-9220 | |
python-perf-3.10.0-1160.el7.x86_64.rpm | d79cd564d9c758924a1798a6362db62b | ELSA-2021-9220 |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team