ELSA-2022-9830

ULN >
Oracle Linux Errata repository >
ELSA-2022-9830

ELSA-2022-9830 - Unbreakable Enterprise kernel-container security update

Type:	SECURITY
Severity:	IMPORTANT
Release Date:	2022-09-21

Description

[5.15.0-2.52.3.el8]
- posix-cpu-timers: Cleanup CPU timers before freeing them during exec (Thadeu Lima de Souza Cascardo) [Orabug: 34495548] {CVE-2022-2585}
- fix race between exit_itimers() and /proc/pid/timers (Oleg Nesterov) [Orabug: 34495548]
- rds: ib: Add preemption control when using per-cpu variables (Hakon Bugge) [Orabug: 34505120]
- ocfs2: fix handle refcount leak in two exception handling paths (Chenyuan Mi) [Orabug: 34436530]
- netfilter: nf_tables: do not allow RULE_ID to refer to another chain (Thadeu Lima de Souza Cascardo) [Orabug: 34495566] {CVE-2022-2586}
- netfilter: nf_tables: do not allow CHAIN_ID to refer to another table (Thadeu Lima de Souza Cascardo) [Orabug: 34495566] {CVE-2022-2586}
- netfilter: nf_tables: do not allow SET_ID to refer to another table (Thadeu Lima de Souza Cascardo) [Orabug: 34495566] {CVE-2022-2586}
- rds: copy_from_user only once per rds_sendmsg system call (Hans Westgaard Ry) [Orabug: 34510687] {CVE-2022-21385}
- kernfs: Replace global kernfs_open_file_mutex with hashed mutexes. (Imran Khan) [Orabug: 34476940]
- kernfs: Introduce interface to access global kernfs_open_file_mutex. (Imran Khan) [Orabug: 34476940]
- kernfs: make ->attr.open RCU protected. (Imran Khan) [Orabug: 34476940]
- kernfs: Rename kernfs_put_open_node to kernfs_unlink_open_file. (Imran Khan) [Orabug: 34476940]
- kernfs: Remove reference counting for kernfs_open_node. (Imran Khan) [Orabug: 34476940]
- Revert net/rds: Connect TCP backends deterministically (Gerd Rausch) [Orabug: 34476561]
- rds/ib: handle posted ACK during connection shutdown (Rohit Nair) [Orabug: 34465808]
- rds/ib: reap tx completions during connection shutdown (Rohit Nair) [Orabug: 34465808]
- uek-rpm: Set CONFIG_VSOCKETS=m and CONFIG_VSOCKETS_DIAG=m (Victor Erminpour) [Orabug: 34461322]
- scsi: target: Fix WRITE_SAME No Data Buffer crash (Mike Christie) [Orabug: 34419970] {CVE-2022-21546}
- rds/rdma: destroy CQs during user initiated rds connection resets (Rohit Nair) [Orabug: 34414238]

[5.15.0-2.52.2]
- PCI: pciehp: Add quirk to handle spurious DLLSC on a x4x4 SSD (Thomas Tai) [Orabug: 34358322]
- net/mlx5: E-Switch, change VFs default admin state to auto in switchdev (Maor Dickman) [Orabug: 34477072]
- xen/manage: Use orderly_reboot() to reboot (Ross Lagerwall) [Orabug: 34480751]
- net_sched: cls_route: remove from list when handle is 0 (Thadeu Lima de Souza Cascardo) [Orabug: 34484536] {CVE-2022-2588}

[5.15.0-2.52.1]
- LTS version: v5.15.52 (Jack Vogel)
- io_uring: fix not locked access to fixed buf table (Pavel Begunkov)
- net: mscc: ocelot: allow unregistered IP multicast flooding to CPU (Vladimir Oltean)
- rtw88: rtw8821c: enable rfe 6 devices (Ping-Ke Shih)
- rtw88: 8821c: support RFE type4 wifi NIC (Guo-Feng Fan)
- fs: account for group membership (Christian Brauner)
- fs: fix acl translation (Christian Brauner)
- fs: support mapped mounts of mapped filesystems (Christian Brauner)
- fs: add i_user_ns() helper (Christian Brauner)
- fs: port higher-level mapping helpers (Christian Brauner)
- fs: remove unused low-level mapping helpers (Christian Brauner)
- fs: use low-level mapping helpers (Christian Brauner)
- docs: update mapping documentation (Christian Brauner)
- fs: account for filesystem mappings (Christian Brauner)
- fs: tweak fsuidgid_has_mapping() (Christian Brauner)
- fs: move mapping helpers (Christian Brauner)
- fs: add is_idmapped_mnt() helper (Christian Brauner)
- powerpc/ftrace: Remove ftrace init tramp once kernel init is complete (Naveen N. Rao)
- xfs: Fix the free logic of state in xfs_attr_node_hasname (Yang Xu)
- xfs: use kmem_cache_free() for kmem_cache objects (Rustam Kovhaev)
- bcache: memset on stack variables in bch_btree_check() and bch_sectors_dirty_init() (Coly Li)
- tick/nohz: unexport __init-annotated tick_nohz_full_setup() (Masahiro Yamada)
- LTS version: v5.15.51 (Jack Vogel)
- powerpc/pseries: wire up rng during setup_arch() (Jason A. Donenfeld)
- kbuild: link vmlinux only once for CONFIG_TRIM_UNUSED_KSYMS (2nd attempt) (Masahiro Yamada)
- dma-direct: use the correct size for dma_set_encrypted() (Dexuan Cui)
- perf build-id: Fix caching files with a wrong build ID (Adrian Hunter)
- random: update comment from copy_to_user() -> copy_to_iter() (Jason A. Donenfeld)
- ARM: dts: bcm2711-rpi-400: Fix GPIO line names (Stefan Wahren)
- modpost: fix section mismatch check for exported init/exit sections (Masahiro Yamada)
- ARM: cns3xxx: Fix refcount leak in cns3xxx_init (Miaoqian Lin)
- memory: samsung: exynos5422-dmc: Fix refcount leak in of_get_dram_timings (Miaoqian Lin)
- ARM: Fix refcount leak in axxia_boot_secondary (Miaoqian Lin)
- soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe (Miaoqian Lin)
- ARM: exynos: Fix refcount leak in exynos_map_pmu (Miaoqian Lin)
- arm64: dts: ti: k3-am64-main: Remove support for HS400 speed mode (Aswath Govindraju)
- ARM: dts: imx6qdl: correct PU regulator ramp delay (Lucas Stach)
- ARM: dts: imx7: Move hsic_phy power domain to HSIC PHY node (Alexander Stein)
- drm/msm/dp: Always clear mask bits to disable interrupts at dp_ctrl_reset_irq_ctrl() (Kuogee Hsieh)
- powerpc/powernv: wire up rng during setup_arch (Jason A. Donenfeld)
- powerpc/rtas: Allow ibm,platform-dump RTAS call with null buffer address (Andrew Donnellan)
- powerpc: Enable execve syscall exit tracepoint (Naveen N. Rao)
- powerpc/microwatt: wire up rng during setup_arch() (Jason A. Donenfeld)
- parisc: Enable ARCH_HAS_STRICT_MODULE_RWX (Helge Deller)
- parisc/stifb: Fix fb_is_primary_device() only available with CONFIG_FB_STI (Helge Deller)
- xtensa: Fix refcount leak bug in time.c (Liang He)
- xtensa: xtfpga: Fix refcount leak bug in setup (Liang He)
- iio: adc: ti-ads131e08: add missing fwnode_handle_put() in ads131e08_alloc_channels() (Jialin Zhang)
- iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client (Miaoqian Lin)
- iio: adc: rzg2l_adc: add missing fwnode_handle_put() in rzg2l_adc_parse_properties() (Jialin Zhang)
- iio: adc: axp288: Override TS pin bias current for some models (Hans de Goede)
- iio: adc: stm32: Fix IRQs on STM32F4 by removing custom spurious IRQs message (Yannick Brosseau)
- iio: adc: stm32: Fix ADCs iteration in irq handler (Yannick Brosseau)
- iio: afe: rescale: Fix boolean logic bug (Linus Walleij)
- iio: imu: inv_icm42600: Fix broken icm42600 (chip id 0 value) (Jean-Baptiste Maneyrol)
- iio: adc: stm32: fix maximum clock rate for stm32mp15x (Olivier Moysan)
- iio: trigger: sysfs: fix use-after-free on remove (Vincent Whitchurch)
- iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up() (Zheyu Ma)
- iio: accel: mma8452: ignore the return value of reset operation (Haibo Chen)
- iio:accel:mxc4005: rearrange iio trigger get and register (Dmitry Rokosov)
- iio:accel:bma180: rearrange iio trigger get and register (Dmitry Rokosov)
- iio:accel:kxcjk-1013: rearrange iio trigger get and register (Dmitry Rokosov)
- iio:chemical:ccs811: rearrange iio trigger get and register (Dmitry Rokosov)
- iio:humidity:hts221: rearrange iio trigger get and register (Dmitry Rokosov)
- f2fs: attach inline_data after setting compression (Jaegeuk Kim)
- btrfs: fix deadlock with fsync+fiemap+transaction commit (Josef Bacik)
- btrfs: dont set lock_owner when locking extent buffer for reading (Zygo Blaxell)
- dt-bindings: usb: ehci: Increase the number of PHYs (Geert Uytterhoeven)
- dt-bindings: usb: ohci: Increase the number of PHYs (Geert Uytterhoeven)
- usb: chipidea: udc: check request status before setting device address (Xu Yang)
- USB: gadget: Fix double-free bug in raw_gadget driver (Alan Stern)
- usb: gadget: Fix non-unique driver names in raw-gadget driver (Alan Stern)
- xhci-pci: Allow host runtime PM as default for Intel Meteor Lake xHCI (Utkarsh Patel)
- xhci-pci: Allow host runtime PM as default for Intel Raptor Lake xHCI (Tanveer Alam)
- xhci: turn off port power in shutdown (Mathias Nyman)
- usb: typec: wcove: Drop wrong dependency to INTEL_SOC_PMIC (Andy Shevchenko)
- iio: adc: vf610: fix conversion mode sysfs node name (Baruch Siach)
- iio: magnetometer: yas530: Fix memchr_inv() misuse (Linus Walleij)
- iio: mma8452: fix probe fail when device tree compatible is used. (Haibo Chen)
- s390/cpumf: Handle events cycles and instructions identical (Thomas Richter)
- gpio: winbond: Fix error code in winbond_gpio_get() (Dan Carpenter)
- nvme: move the Samsung X5 quirk entry to the core quirks (Christoph Hellwig)
- nvme-pci: add NO APST quirk for Kioxia device (Enzo Matsumiya)
- sock: redo the psock vs ULP protection check (Jakub Kicinski)
- Revert net/tls: fix tls_sk_proto_close executed repeatedly (Jakub Kicinski)
- virtio_net: fix xdp_rxq_info bug after suspend/resume (Stephan Gerhold)
- igb: Make DMA faster when CPU is active on the PCIe link (Kai-Heng Feng)
- regmap-irq: Fix offset/index mismatch in read_sub_irq_data() (Aidan MacDonald)
- regmap-irq: Fix a bug in regmap_irq_enable() for type_in_mask chips (Aidan MacDonald)
- ice: ethtool: advertise 1000M speeds properly (Anatolii Gerasymenko)
- afs: Fix dynamic root getattr (David Howells)
- MIPS: Remove repetitive increase irq_err_count (huhai)
- x86/xen: Remove undefined behavior in setup_features() (Julien Grall)
- xen-blkfront: Handle NULL gendisk (Jason Andryuk)
- selftests: netfilter: correct PKTGEN_SCRIPT_PATHS in nft_concat_range.sh (Jie2x Zhou)
- udmabuf: add back sanity check (Gerd Hoffmann)
- net/tls: fix tls_sk_proto_close executed repeatedly (Ziyang Xuan)
- erspan: do not assume transport header is always set (Eric Dumazet)
- perf arm-spe: Dont set data source if its not a memory operation (Leo Yan)
- drm/msm/dp: force link training for display resolution change (Kuogee Hsieh)
- drm/msm/dp: do not initialize phy until plugin interrupt received (Kuogee Hsieh)
- drm/msm/dp: dp_link_parse_sink_count() return immediately if aux read failed (Kuogee Hsieh)
- drm/msm/dp: Drop now unused hpd_high member (Bjorn Andersson)
- drm/msm/dp: check core_initialized before disable interrupts at dp_display_unbind() (Kuogee Hsieh)
- drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf (Miaoqian Lin)
- net/sched: sch_netem: Fix arithmetic in netem_dump() for 32-bit platforms (Peilin Ye)
- ethtool: Fix get module eeprom fallback (Ivan Vecera)
- bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers (Jay Vosburgh)
- igb: fix a use-after-free issue in igb_clean_tx_ring (Lorenzo Bianconi)
- tipc: fix use-after-free Read in tipc_named_reinit (Hoang Le)
- net: fix data-race in dev_isalive() (Eric Dumazet)
- net: Write lock dev_base_lock without disabling bottom halves. (Sebastian Andrzej Siewior)
- KVM: arm64: Prevent kmemleak from accessing pKVM memory (Quentin Perret)
- phy: aquantia: Fix AN when higher speeds than 1G are not advertised (Claudiu Manoil)
- scsi: storvsc: Correct reporting of Hyper-V I/O size limits (Saurabh Sengar)
- bpf, x86: Fix tail call count offset calculation on bpf2bpf call (Jakub Sitnicki)
- drm/sun4i: Fix crash during suspend after component bind failure (Samuel Holland)
- bpf: Fix request_sock leak in sk lookup helpers (Jon Maxwell)
- drm/msm: use for_each_sgtable_sg to iterate over scatterlist (Jonathan Marek)
- xsk: Fix generic transmit when completion queue reservation fails (Ciara Loftus)
- scsi: iscsi: Exclude zero from the endpoint ID range (Sergey Gorenko)
- drm/msm: Switch ordering of runpm put vs devfreq_idle (Rob Clark)
- scsi: scsi_debug: Fix zone transition to full condition (Damien Le Moal)
- netfilter: use get_random_u32 instead of prandom (Florian Westphal)
- drm/msm: Fix double pm_runtime_disable() call (Maximilian Luz)
- drm/msm: Ensure mmap offset is initialized (Rob Clark)
- USB: serial: option: add Quectel RM500K module support (Macpaul Lin)
- USB: serial: option: add Quectel EM05-G modem (Yonglin Tan)
- USB: serial: option: add Telit LE910Cx 0x1250 composition (Carlo Lobrano)
- USB: serial: pl2303: add support for more HXN (G) types (Johan Hovold)
- drm/i915: Implement w/a 22010492432 for adl-s (Ville Syrjala)
- tracing/kprobes: Check whether get_kretprobe() returns NULL in kretprobe_dispatcher() (Masami Hiramatsu (Google))
- dm mirror log: clear log bits up to BITS_PER_LONG boundary (Mikulas Patocka)
- dm era: commit metadata in postsuspend after worker stops (Nikos Tsironis)
- ata: libata: add qc->flags in ata_qc_complete_template tracepoint (Edward Wu)
- mtd: rawnand: gpmi: Fix setting busy timeout setting (Sascha Hauer)
- MAINTAINERS: Add new IOMMU development mailing list (Joerg Roedel)
- xen/gntdev: Avoid blocking in unmap_grant_pages() (Demi Marie Obenour)
- mmc: mediatek: wait dma stop bit reset to 0 (Mengqi Zhang)
- mmc: sdhci-pci-o2micro: Fix card detect by dealing with debouncing (Chevron Li)
- scsi: ibmvfc: Allocate/free queue resource only during probe/remove (Tyrel Datwyler)
- scsi: ibmvfc: Store vhost pointer during subcrq allocation (Tyrel Datwyler)
- btrfs: add error messages to all unrecognized mount options (David Sterba)
- btrfs: prevent remounting to v1 space cache for subpage mount (Qu Wenruo)
- btrfs: fix hang during unmount when block group reclaim task is running (Filipe Manana)
- 9p: fix fid refcount leak in v9fs_vfs_get_link (Dominique Martinet)
- 9p: fix fid refcount leak in v9fs_vfs_atomic_open_dotl (Dominique Martinet)
- 9p: Fix refcounting during full path walks for fid lookups (Tyler Hicks)
- net: openvswitch: fix parsing of nw_proto for IPv6 fragments (Rosemarie ORiorden)
- ALSA: hda/realtek: Add quirk for Clevo NS50PU (Tim Crawford)
- ALSA: hda/realtek: Add quirk for Clevo PD70PNT (Tim Crawford)
- ALSA: hda/realtek: Apply fixup for Lenovo Yoga Duet 7 properly (Takashi Iwai)
- ALSA: hda/realtek - ALC897 headset MIC no sound (Kailang Yang)
- ALSA: hda/realtek: Add mute LED quirk for HP Omen laptop (Soham Sen)
- ALSA: hda/conexant: Fix missing beep setup (Takashi Iwai)
- ALSA: hda/via: Fix missing beep setup (Takashi Iwai)
- random: quiet urandom warning ratelimit suppression message (Jason A. Donenfeld)
- random: schedule mix_interrupt_randomness() less often (Jason A. Donenfeld)
- LTS version: v5.15.50 (Jack Vogel)
- arm64: mm: Dont invalidate FROM_DEVICE buffers at start of DMA transfer (Will Deacon)
- serial: core: Initialize rs485 RTS polarity already on probe (Lukas Wunner)
- selftests/bpf: Add selftest for calling global functions from freplace (Toke Hoiland-Jorgensen)
- bpf: Fix calling global functions from BPF_PROG_TYPE_EXT programs (Toke Hoiland-Jorgensen)
- usb: gadget: u_ether: fix regression in setting fixed MAC address (Marian Postevca)
- zonefs: fix zonefs_iomap_begin() for reads (Damien Le Moal)
- drm/amd/display: Dont reinitialize DMCUB on s0ix resume (Nicholas Kazlauskas)
- s390/mm: use non-quiescing sske for KVM switch to keyed guest (Christian Borntraeger)
- LTS version: v5.15.49 (Jack Vogel)
- clk: imx8mp: fix usb_root_clk parent (Peng Fan)
(Masahiro Yamada)
- virtio-pci: Remove wrong address verification in vp_del_vqs() (Murilo Opsfelder Araujo)
- ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine (Andy Chi)
- KVM: arm64: Dont read a HW interrupt pending state in user context (Marc Zyngier)
- ext4: add reserved GDT blocks check (Zhang Yi)
- ext4: make variable count signed (Ding Xiang)
- ext4: fix bug_on ext4_mb_use_inode_pa (Baokun Li)
- ext4: fix super block checksum incorrect after mount (Ye Bin)
- cfi: Fix __cfi_slowpath_diag RCU usage with cpuidle (Sami Tolvanen)
- drm/amd/display: Cap OLED brightness per max frame-average luminance (Roman Li)
- dm mirror log: round up region bitmap size to BITS_PER_LONG (Mikulas Patocka)
- bus: fsl-mc-bus: fix KASAN use-after-free in fsl_mc_bus_remove() (Shinichiro Kawasaki)
- serial: 8250: Store to lsr_save_flags after lsr read (Ilpo Jarvinen)
- tty: n_gsm: Debug output allocation must use GFP_ATOMIC (Tony Lindgren)
- usb: gadget: f_fs: change ep->ep safe in ffs_epfile_io() (Linyu Yuan)
- usb: gadget: f_fs: change ep->status safe in ffs_epfile_io() (Linyu Yuan)
- usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe (Miaoqian Lin)
- usb: cdnsp: Fixed setting last_trb incorrectly (Jing Leng)
- usb: dwc2: Fix memory leak in dwc2_hcd_init (Miaoqian Lin)
- USB: serial: io_ti: add Agilent E5805A support (Robert Eckelmann)
- USB: serial: option: add support for Cinterion MV31 with new baseline (Slark Xiao)
- crypto: memneq - move into lib/ (Jason A. Donenfeld)
- comedi: vmk80xx: fix expression for tx buffer size (Ian Abbott)
- mei: me: add raptor lake point S DID (Alexander Usyskin)
- mei: hbm: drop capability response on early shutdown (Alexander Usyskin)
- i2c: designware: Use standard optional ref clock implementation (Serge Semin)
- sched: Fix balance_push() vs __sched_setscheduler() (Peter Zijlstra)
- irqchip/realtek-rtl: Fix refcount leak in map_interrupts (Miaoqian Lin)
- irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions (Miaoqian Lin)
- irqchip/gic-v3: Fix error handling in gic_populate_ppi_partitions (Miaoqian Lin)
- irqchip/gic/realview: Fix refcount leak in realview_gic_of_init (Miaoqian Lin)
- i2c: npcm7xx: Add check for platform_driver_register (Jiasheng Jiang)
- faddr2line: Fix overlapping text section failures, the sequel (Josh Poimboeuf)
- block: Fix handling of offline queues in blk_mq_alloc_request_hctx() (Bart Van Assche)
- init: Initialize noop_backing_dev_info early (Jan Kara)
- certs/blacklist_hashes.c: fix const confusion in certs blacklist (Masahiro Yamada)
- arm64: ftrace: consistently handle PLTs. (Mark Rutland)
- arm64: ftrace: fix branch range checks (Mark Rutland)
- net: ax25: Fix deadlock caused by skb_recv_datagram in ax25_recvmsg (Duoming Zhou)
- net: bgmac: Fix an erroneous kfree() in bgmac_remove() (Christophe JAILLET)
- mlxsw: spectrum_cnt: Reorder counter pools (Petr Machata)
- nvme: add device name to warning in uuid_show() (Thomas WeiBschuh)
- rtc: ftrtc010: Use platform_get_irq() to get the interrupt (Lad Prabhakar)
- rtc: ftrtc010: Use platform_get_irq() to get the interrupt (Lad Prabhakar)
- rtc: mt6397: check return value after calling platform_get_resource() (Yang Yingliang)
- ARM: dts: aspeed: ast2600-evb: Enable RX delay for MAC0/MAC1 (Howard Chiu)
- clocksource/drivers/riscv: Events are stopped during CPU suspend (Samuel Holland)
- soc: rockchip: Fix refcount leak in rockchip_grf_init (Miaoqian Lin)
- extcon: ptn5150: Add queue work sync before driver release (Li Jun)
- ksmbd: fix reference count leak in smb_check_perm_dacl() (Xin Xiong)
- coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier (Guilherme G. Piccoli)
- soundwire: intel: prevent pm_runtime resume prior to system suspend (Pierre-Louis Bossart)
- export: fix string handling of namespace in EXPORT_SYMBOL_NS (Greg Kroah-Hartman)
- serial: sifive: Report actual baud base rather than fixed 115200 (Maciej W. Rozycki)
- power: supply: axp288_fuel_gauge: Drop BIOS version check from T3 MRD DMI quirk (Hans de Goede)
- phy: qcom-qmp: fix pipe-clock imbalance on power-on failure (Johan Hovold)
- misc/pvpanic: Convert regular spinlock into trylock on panic path (Guilherme G. Piccoli)
- pvpanic: Fix typos in the comments (Andy Shevchenko)
- rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() fails (Krzysztof Kozlowski)
- iio: adc: sc27xx: Fine tune the scale calibration values (Cixi Geng)
- iio: adc: sc27xx: fix read big scale voltage not right (Cixi Geng)
- iio: proximity: vl53l0x: Fix return value check of wait_for_completion_timeout (Miaoqian Lin)
- iio: adc: stmpe-adc: Fix wait_for_completion_timeout return value check (Miaoqian Lin)
- rpmsg: virtio: Fix the unregistration of the device rpmsg_ctrl (Arnaud Pouliquen)
- rpmsg: virtio: Fix possible double free in rpmsg_virtio_add_ctrl_dev() (Hangyu Hua)
- rpmsg: virtio: Fix possible double free in rpmsg_probe() (Hangyu Hua)
- usb: typec: mux: Check dev_set_name() return value (Bjorn Andersson)
- firmware: stratix10-svc: fix a missing check on list iterator (Xiaomeng Tong)
- misc: fastrpc: fix an incorrect NULL check on list iterator (Xiaomeng Tong)
- usb: dwc3: pci: Fix pm_runtime_get_sync() error checking (Zheng Yongjun)
- usb: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback (Wesley Cheng)
- rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski)
- pwm: raspberrypi-poe: Fix endianness in firmware struct (Uwe Kleine-Konig)
- pwm: lp3943: Fix duty calculation in case period was clamped (Uwe Kleine-Konig)
- staging: fieldbus: Fix the error handling path in anybuss_host_common_probe() (Christophe JAILLET)
- usb: musb: Fix missing of_node_put() in omap2430_probe (Miaoqian Lin)
- USB: storage: karma: fix rio_karma_init return (Lin Ma)
- usb: usbip: add missing device lock on tweak configuration cmd (Niels Dossche)
- usb: usbip: fix a refcount leak in stub_probe() (Hangyu Hua)
- remoteproc: imx_rproc: Ignore create mem entry for resource table (Peng Fan)
- tty: serial: fsl_lpuart: fix potential bug when using both of_alias_get_id and ida_simple_get (Sherry Sun)
- serial: 8250_aspeed_vuart: Fix potential NULL dereference in aspeed_vuart_probe (Miaoqian Lin)
- tty: n_tty: Restore EOF push handling behavior (Daniel Gibson)
- tty: serial: owl: Fix missing clk_disable_unprepare() in owl_uart_probe (Miaoqian Lin)
- tty: goldfish: Use tty_port_destroy() to destroy port (Wang Weiyang)
- lkdtm/bugs: Dont expect thread termination without CONFIG_UBSAN_TRAP (Christophe Leroy)
- lkdtm/bugs: Check for the NULL pointer after calling kmalloc (Jiasheng Jiang)
- iio: adc: ad7124: Remove shift from scan_type (Alexandru Tachici)
- staging: greybus: codecs: fix type confusion of list iterator variable (Jakob Koschel)
- pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards (Randy Dunlap)
- LTS version: v5.15.46 (Jack Vogel)
- block: fix bio_clone_blkg_association() to associate with proper blkcg_gq (Jan Kara)
- pinctrl/rockchip: support setting input-enable param (Caleb Connolly)
- md: bcache: check the return value of kzalloc() in detached_dev_do_request() (Jia-Ju Bai)
- md: fix double free of io_acct_set bioset (Xiao Ni)
- md: Dont set mddev private to NULL in raid0 pers->free (Xiao Ni)
- fs/ntfs3: Fix invalid free in log_replay (Namjae Jeon)
- exportfs: support idmapped mounts (Christian Brauner)
- fs: add two trivial lookup helpers (Christian Brauner)
- interconnect: qcom: icc-rpmh: Add BCMs to commit list in pre_aggregate (Mike Tipton)
- interconnect: qcom: sc7180: Drop IP0 interconnects (Stephen Boyd)
- ext4: only allow test_dummy_encryption when supported (Eric Biggers)
- MIPS: IP30: Remove incorrect cpu_has_fpu override (Maciej W. Rozycki)
- MIPS: IP27: Remove incorrect cpu_has_fpu override (Maciej W. Rozycki)
- RDMA/rxe: Generate a completion for unsupported/invalid opcode (Xiao Yang)
- RDMA/hns: Remove the num_cqc_timer variable (Yixing Liu)
- staging: r8188eu: delete rtw_wx_read/write32() (Dan Carpenter)
- Revert random: use static branch for crng_ready() (Jason A. Donenfeld)
- list: test: Add a test for list_is_head() (David Gow)
- kseltest/cgroup: Make test_stress.sh work if run interactively (Waiman Long)
- net: ipa: fix page free in ipa_endpoint_replenish_one() (Alex Elder)
- net: ipa: fix page free in ipa_endpoint_trans_release() (Alex Elder)
- phy: qcom-qmp: fix reset-controller leak on probe errors (Johan Hovold)
- coresight: core: Fix coresight device probe failure issue (Mao Jinlong)
- blk-iolatency: Fix inflight count imbalances and IO hangs on offline (Tejun Heo)
- vdpasim: allow to enable a vq repeatedly (Eugenio Perez)
- dt-bindings: gpio: altera: correct interrupt-cells (Dinh Nguyen)
- docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0 (Akira Yokosawa)
- SMB3: EBADF/EIO errors in rename/open caused by race condition in smb2_compound_op (Steve French)
- ARM: pxa: maybe fix gpio lookup tables (Arnd Bergmann)
- ARM: dts: s5pv210: Remove spi-cs-high on panel in Aries (Jonathan Bakker)
- phy: qcom-qmp: fix struct clk leak on probe errors (Johan Hovold)
- clk: tegra: Add missing reset deassertion (Diogo Ivo)
- arm64: tegra: Add missing DFLL reset on Tegra210 (Diogo Ivo)
- arm64: dts: qcom: ipq8074: fix the sleep clock frequency (Kathiravan T)
- gma500: fix an incorrect NULL check on list iterator (Xiaomeng Tong)
- tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator (Xiaomeng Tong)
- serial: pch: dont overwrite xmit->buf[0] by x_char (Jiri Slaby)
- bcache: avoid journal no-space deadlock by reserving 1 journal bucket (Coly Li)
- bcache: remove incremental dirty sector counting for bch_sectors_dirty_init() (Coly Li)
- bcache: improve multithreaded bch_sectors_dirty_init() (Coly Li)
- bcache: improve multithreaded bch_btree_check() (Coly Li)
- stm: ltdc: fix two incorrect NULL checks on list iterator (Xiaomeng Tong)
- carl9170: tx: fix an incorrect use of list iterator (Xiaomeng Tong)
- ASoC: rt5514: Fix event generation for DSP Voice Wake Up control (Mark Brown)
- rtl818x: Prevent using not initialized queues (Alexander Wetzel)
- xtensa/simdisk: fix proc_read_simdisk() (Yi Yang)
- mm/memremap: fix missing call to untrack_pfn() in pagemap_range() (Miaohe Lin)
- hugetlb: fix huge_pmd_unshare address update (Mike Kravetz)
- nodemask.h: fix compilation error with GCC12 (Christophe de Dinechin)
- mm/page_alloc: always attempt to allocate at least one page during bulk allocation (Mel Gorman)
- Revert mm/cma.c: remove redundant cma_mutex lock (Dong Aisheng)
- iommu/dma: Fix iova map result check bug (Yunfei Wang)
- iommu/msm: Fix an incorrect NULL check on list iterator (Xiaomeng Tong)
- ksmbd: fix outstanding credits related bugs (Hyunchul Lee)
- ftrace: Clean up hash direct_functions on register failures (Song Liu)
- kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add] (Naveen N. Rao)
- um: Fix out-of-bounds read in LDT setup (Vincent Whitchurch)
- um: chan_user: Fix winch_tramp() return value (Johannes Berg)
- um: Use asm-generic/dma-mapping.h (Johannes Berg)
- mac80211: upgrade passive scan to active scan on DFS channels after beacon rx (Felix Fietkau)
- cfg80211: declare MODULE_FIRMWARE for regulatory.db (Dimitri John Ledkov)
- thermal: devfreq_cooling: use local ops instead of global ops (Kant Fan)
- irqchip: irq-xtensa-mx: fix initial IRQ affinity (Max Filippov)
- irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375, A38x, A39x (Pali Rohar)
- csky: patch_text: Fixup last cpu should be master (Guo Ren)
- mmc: core: Allows to override the timeout value for ioctl() path (Bean Huo)
- RDMA/hfi1: Fix potential integer multiplication overflow errors (Dennis Dalessandro)
- Kconfig: Add option for asm goto w/ tied outputs to workaround clang-13 bug (Sean Christopherson)
- ima: remove the IMA_TEMPLATE Kconfig option (GUO Zihua)
- media: coda: Add more H264 levels for CODA960 (Nicolas Dufresne)
- media: coda: Fix reported H264 profile (Nicolas Dufresne)
- mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N (Tokunori Ikegami)
- mtd: cfi_cmdset_0002: Move and rename chip_check/chip_ready/chip_good_for_write (Tokunori Ikegami)
- md: fix an incorrect NULL check in md_reload_sb (Xiaomeng Tong)
- md: fix an incorrect NULL check in does_sb_need_changing (Xiaomeng Tong)
- drm/i915/dsi: fix VBT send packet port selection for ICL+ (Jani Nikula)
- drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX (Brian Norris)
- drm/nouveau/kms/nv50-: atom: fix an incorrect NULL check on list iterator (Xiaomeng Tong)
- drm/nouveau/clk: Fix an incorrect NULL check on list iterator (Xiaomeng Tong)
- drm/etnaviv: check for reaped mapping in etnaviv_iommu_unmap_gem (Lucas Stach)
- drm/nouveau/subdev/bus: Ratelimit logging for fault errors (Lyude Paul)
- drm/amdgpu/cs: make commands with 0 chunks illegal behaviour. (Dave Airlie)
- landlock: Fix same-layer rule unions (Mickael Salaun)
- landlock: Create find_rule() from unmask_layers() (Mickael Salaun)
- landlock: Reduce the maximum number of layers to 16 (Mickael Salaun)
- landlock: Define access_mask_t to enforce a consistent access mask size (Mickael Salaun)
- selftests/landlock: Test landlock_create_ruleset(2) argument check ordering (Mickael Salaun)
- landlock: Change landlock_restrict_self(2) check ordering (Mickael Salaun)
- landlock: Change landlock_add_rule(2) argument check ordering (Mickael Salaun)
- selftests/landlock: Add tests for O_PATH (Mickael Salaun)
- selftests/landlock: Fully test file rename with remove access (Mickael Salaun)
- selftests/landlock: Extend access right tests to directories (Mickael Salaun)
- selftests/landlock: Add tests for unknown access rights (Mickael Salaun)
- selftests/landlock: Extend tests for minimal valid attribute size (Mickael Salaun)
- selftests/landlock: Make tests build with old libc (Mickael Salaun)
- landlock: Fix landlock_add_rule(2) documentation (Mickael Salaun)
- samples/landlock: Format with clang-format (Mickael Salaun)
- samples/landlock: Add clang-format exceptions (Mickael Salaun)
- selftests/landlock: Format with clang-format (Mickael Salaun)
- selftests/landlock: Normalize array assignment (Mickael Salaun)
- selftests/landlock: Add clang-format exceptions (Mickael Salaun)
- landlock: Format with clang-format (Mickael Salaun)
- landlock: Add clang-format exceptions (Mickael Salaun)
- scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled (Manivannan Sadhasivam)
- scsi: dc395x: Fix a missing check on list iterator (Xiaomeng Tong)
- dlm: fix missing lkb refcount handling (Alexander Aring)
- dlm: uninitialized variable on error in dlm_listen_for_all() (Dan Carpenter)
- dlm: fix plock invalid read (Alexander Aring)
- s390/stp: clock_delta should be signed (Sven Schnelle)
- s390/perf: obtain sie_block from the right address (Nico Boehr)
- mm, compaction: fast_find_migrateblock() should return pfn in the target zone (Rei Yamamoto)
- staging: r8188eu: prevent ->Ssid overflow in rtw_wx_set_scan() (Denis Efremov)
- PCI: qcom: Fix unbalanced PHY init on probe errors (Johan Hovold)
- PCI: qcom: Fix runtime PM imbalance on probe errors (Johan Hovold)
- PCI/PM: Fix bridge_d3_blacklist[] Elo i2 overwrite of Gigabyte X299 (Bjorn Helgaas)
- drm/amdgpu: add beige goby PCI ID (Alex Deucher)
- tracing: Initialize integer variable to prevent garbage return value (Gautam Menghani)
- tracing: Fix potential double free in create_var_ref() (Keita Suzuki)
- tty: goldfish: Introduce gf_ioread32()/gf_iowrite32() (Laurent Vivier)
- ACPI: property: Release subnode properties with data nodes (Sakari Ailus)
- ext4: avoid cycles in directory h-tree (Jan Kara)
- ext4: verify dir block before splitting it (Jan Kara)
- ext4: fix bug_on in __es_tree_search (Baokun Li)
- ext4: filter out EXT4_FC_REPLAY from on-disk superblock field s_state (Theodore Tso)
- ext4: fix bug_on in ext4_writepages (Ye Bin)
- ext4: fix warning in ext4_handle_inode_extension (Ye Bin)
- ext4: fix race condition between ext4_write and ext4_convert_inline_data (Baokun Li)
- ext4: fix use-after-free in ext4_rename_dir_prepare (Ye Bin)
- ext4: mark group as trimmed only if it was fully scanned (Dmitry Monakhov)
- bfq: Make sure bfqg for which we are queueing requests is online (Jan Kara)
- bfq: Get rid of __bio_blkcg() usage (Jan Kara)
- bfq: Track whether bfq_group is still online (Jan Kara)
- bfq: Remove pointless bfq_init_rq() calls (Jan Kara)
- bfq: Drop pointless unlock-lock pair (Jan Kara)
- bfq: Update cgroup information before merging bio (Jan Kara)
- bfq: Split shared queues on move between cgroups (Jan Kara)
- bfq: Avoid merging queues with different parents (Jan Kara)
- bfq: Avoid false marking of bic as stably merged (Jan Kara)
- efi: Do not import certificates from UEFI Secure Boot for T2 Macs (Aditya Garg)
- fs-writeback: writeback_sb_inodes:Recalculate wrote according skipped pages (Zhihao Cheng)
- iwlwifi: mvm: fix assert 1F04 upon reconfig (Emmanuel Grumbach)
- wifi: mac80211: fix use-after-free in chanctx code (Johannes Berg)
- objtool: Fix symbol creation (Peter Zijlstra)
- objtool: Fix objtool regression on x32 systems (Mikulas Patocka)
- f2fs: fix to do sanity check for inline inode (Chao Yu)
- f2fs: fix fallocate to use file_modified to update permissions consistently (Chao Yu)
- f2fs: dont use casefolded comparison for . and .. (Eric Biggers)
- f2fs: fix to do sanity check on total_data_blocks (Chao Yu)
- f2fs: dont need inode lock for system hidden quota (Jaegeuk Kim)
- f2fs: fix deadloop in foreground GC (Chao Yu)
- f2fs: fix to clear dirty inode in f2fs_evict_inode() (Chao Yu)
- f2fs: fix to do sanity check on block address in f2fs_do_zero_range() (Chao Yu)
- f2fs: fix to avoid f2fs_bug_on() in dec_valid_node_count() (Chao Yu)
- NFSv4.1 mark qualified async operations as MOVEABLE tasks (Olga Kornievskaia)
- NFS: Convert GFP_NOFS to GFP_KERNEL (Trond Myklebust)
- NFS: Create a new nfs_alloc_fattr_with_label() function (Anna Schumaker)
- NFS: Always initialise fattr->label in nfs_fattr_alloc() (Trond Myklebust)
- video: fbdev: vesafb: Fix a use-after-free due early fb_info cleanup (Javier Martinez Canillas)
- perf jevents: Fix event syntax error caused by ExtSel (Zhengjun Xing)
- perf c2c: Use stdio interface if slang is not supported (Leo Yan)
- perf build: Fix btf__load_from_kernel_by_id() feature check (Jiri Olsa)
- i2c: rcar: fix PM ref counts in probe error paths (Kuninori Morimoto)
- i2c: npcm: Handle spurious interrupts (Tali Perry)
- i2c: npcm: Correct register access width (Tyrone Ting)
- i2c: npcm: Fix timeout calculation (Tali Perry)
- iommu/amd: Increase timeout waiting for GA log enablement (Joerg Roedel)
- dmaengine: stm32-mdma: fix chan initialization in stm32_mdma_irq_handler() (Amelie Delaunay)
- dmaengine: stm32-mdma: remove GISR1 register (Amelie Delaunay)
- video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup (Miaoqian Lin)
- NFS: Further fixes to the writeback error handling (Trond Myklebust)
- NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS layout (Trond Myklebust)
- NFS: Dont report errors from nfs_pageio_complete() more than once (Trond Myklebust)
- NFS: Do not report flush errors in nfs_write_end() (Trond Myklebust)
- NFS: Dont report ENOSPC write errors twice (Trond Myklebust)
- NFS: fsync() should report filesystem errors over EINTR/ERESTARTSYS (Trond Myklebust)
- NFS: Do not report EINTR/ERESTARTSYS as mapping errors (Trond Myklebust)
- dmaengine: idxd: Fix the error handling path in idxd_cdev_register() (Christophe JAILLET)
- i2c: at91: Initialize dma_buf in at91_twi_xfer() (Nathan Chancellor)
- iommu/mediatek: Fix NULL pointer dereference when printing dev_name (Miles Chen)
- MIPS: Loongson: Use hwmon_device_register_with_groups() to register hwmon (Guenter Roeck)
- iommu/arm-smmu-v3-sva: Fix mm use-after-free (Jean-Philippe Brucker)
- cpufreq: mediatek: Unregister platform device on exit (Rex-BC Chen)
- cpufreq: mediatek: Use module_init and add module_exit (Jia-Wei Chang)
- i2c: at91: use dma safe buffers (Michael Walle)
- iommu/mediatek: Add mutex for m4u_group and m4u_dom in data (Yong Wu)
- iommu/mediatek: Remove clk_disable in mtk_iommu_remove (Yong Wu)
- iommu/mediatek: Add list_del in mtk_iommu_remove (Yong Wu)
- iommu/mediatek: Fix 2 HW sharing pgtable issue (Yong Wu)
- iommu/amd: Enable swiotlb in all cases (Mario Limonciello)
- f2fs: fix dereference of stale list iterator after loop body (Jakob Koschel)
- f2fs: fix to do sanity check on inline_dots inode (Chao Yu)
- f2fs: support fault injection for dquot_initialize() (Chao Yu)
- OPP: call of_node_put() on error path in _bandwidth_supported() (Dan Carpenter)
- Input: stmfts - do not leave device disabled in stmfts_input_open (Dmitry Torokhov)
- KVM: LAPIC: Drop pending LAPIC timer injection when canceling the timer (Wanpeng Li)
- RDMA/hfi1: Prevent use of lock before it is initialized (Douglas Miller)
- mailbox: forward the hrtimer if not queued and under a lock (Bjorn Ardo)
- nfsd: destroy percpu stats counters after reply cache shutdown (Julian Schroeder)
- mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe() (Yang Yingliang)
- powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup (Miaoqian Lin)
- powerpc/xive: Fix refcount leak in xive_spapr_init (Miaoqian Lin)
- powerpc/xive: Add some error handling code to xive_spapr_init() (Christophe JAILLET)
- macintosh: via-pmu and via-cuda need RTC_LIB (Randy Dunlap)
- powerpc/perf: Fix the threshold compare group constraint for power9 (Kajol Jain)
- powerpc/perf: Fix the threshold compare group constraint for power10 (Kajol Jain)
- powerpc/64: Only WARN if __pa()/__va() called with bad addresses (Michael Ellerman)
- hwrng: omap3-rom - fix using wrong clk_disable() in omap_rom_rng_runtime_resume() (Yang Yingliang)
- PCI: microchip: Fix potential race in interrupt handling (Daire McNamara)
- PCI/AER: Clear MULTI_ERR_COR/UNCOR_RCV bits (Kuppuswamy Sathyanarayanan)
- Input: sparcspkr - fix refcount leak in bbc_beep_probe (Miaoqian Lin)
- hugetlbfs: fix hugetlbfs_statfs() locking (Mina Almasry)
- ARM: dts: at91: sama7g5: remove interrupt-parent from gic node (Eugen Hristev)
- crypto: cryptd - Protect per-CPU resource by disabling BH. (Sebastian Andrzej Siewior)

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 8 (x86_64)	kernel-uek-container-5.15.0-2.52.3.el8.src.rpm	45f5b43d82637a3b2dd6a751ff29ab8a	-
	kernel-uek-container-5.15.0-2.52.3.el8.x86_64.rpm	1bfb5832b9d97ef6a49c9f83e5998110	-
	kernel-uek-container-debug-5.15.0-2.52.3.el8.x86_64.rpm	245aae9dc9dd583f47dc36dfa7043f2d	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691