ELSA-2023-12120

ELSA-2023-12120 - Unbreakable Enterprise kernel-container security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2023-02-13

Description


[5.15.0-7.86.6.1]
- net/rds: Delegate fan-out to a background worker (Gerd Rausch) [Orabug: 35051226]

[5.15.0-7.86.6]
- runtime revert of virtio_net: Stripe queue affinities across cores. (Konrad Rzeszutek Wilk) [Orabug: 35001044]
- rds: ib: Make sure messages that errors out also get unmapped (Hakon Bugge) [Orabug: 35015598]
- Ignore hot plug events when force powering off a device (James Puthukattukaran) [Orabug: 35015761]
- mptcp: UEK: disable mptcp protocol (Jack Vogel) [Orabug: 34821286]

[5.15.0-7.86.5]
- uek-rpm: Enable HP watchdog for aarch64 (Saeed Mirzamohammadi) [Orabug: 34902069]
- watchdog/hpwdt: Include nmi.h only if CONFIG_HPWDT_NMI_DECODING (Jerry Hoemann) [Orabug: 34902069]
- watchdog/hpwdt: Enable HP_WATCHDOG for ARM64 systems. (Jerry Hoemann) [Orabug: 34902069]
- Revert 'selftests/bpf: Add test for unstable CT lookup API' (Alan Maguire) [Orabug: 34951842]
- uek-rpm: config-x86-64*: enable CONFIG_MT7921E (Todd Vierling) [Orabug: 34970472]
- netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits (Pablo Neira Ayuso) [Orabug: 34978152] {CVE-2023-0179}
- perf/x86/rapl: Use standard Energy Unit for SPR Dram RAPL domain (Zhang Rui) [Orabug: 34978296]
- powercap: intel_rapl: support new layout of Psys PowerLimit Register on SPR (Zhang Rui) [Orabug: 34978296]
- uek: kabi: enable aarch64 kABI checking (Saeed Mirzamohammadi) [Orabug: 34339132]

[5.15.0-7.86.4]
- net/rds: Fill in rds_exthdr_size gaps (Gerd Rausch) [Orabug: 34979170]
- Revert 'uek: kabi: enable aarch64 kABI checking' (Jack Vogel)
- Revert 'uek-rpm: Disable kABI checking for aarch64 64k builds' (Jack Vogel)

[5.15.0-7.86.3]
- uek-rpm: Disable kABI checking for aarch64 64k builds (Saeed Mirzamohammadi) [Orabug: 34339132]

[5.15.0-7.86.2]
- net/rds: Trigger rds_send_hs_ping() more than once (Gerd Rausch) [Orabug: 34607844]
- Revert 'RDS: TCP: Track peer's connection generation number' (Gerd Rausch) [Orabug: 34700109]
- net/rds: Use the first lane until RDS_EXTHDR_NPATHS arrives (Gerd Rausch) [Orabug: 34314502]
- net/rds: Kick-start TCP receiver after accept (Gerd Rausch) [Orabug: 34600819]
- net/rds: rds_tcp_conn_path_shutdown must not discard messages (Gerd Rausch) [Orabug: 34560700]
- net/rds: Encode cp_index in TCP source port (Gerd Rausch) [Orabug: 34556036]
- uek: kabi: enable aarch64 kABI checking (Saeed Mirzamohammadi) [Orabug: 34339132]
- uek-rpm: Disable Promise SuperTrak EX series storage controllers (Somasundaram Krishnasamy) [Orabug: 34670747]
- uek-rpm: ol9: Disable CONFIG_IR_MCEUSB from UEK7 OL9. (Harshit Mogalapalli) [Orabug: 34820237]
- IB/mlx5: Add a signature check to received EQEs and CQEs (Rohit Nair) [Orabug: 34821073]
- rds: ib: Avoid tear-down of caches unless already initialized (Hakon Bugge) [Orabug: 34826403]
- KVM: SVM: Fix AVIC GATag to support max number of vCPUs (Suravee Suthikulpanit) [Orabug: 34961703]
- Revert 'rds: ib: Enable FC by default' (Hakon Bugge) [Orabug: 34964359]
- uek-rpm: Add nft_reject* modules to core rpm. (Somasundaram Krishnasamy) [Orabug: 34970060]
- cpufreq: intel_pstate: Support Sapphire Rapids OOB mode (Srinivas Pandruvada) [Orabug: 34961609]

[5.15.0-7.86.1]
- LTS version: v5.15.86 (Jack Vogel)
- pwm: tegra: Fix 32 bit build (Steven Price)
- mfd: qcom_rpm: Use devm_of_platform_populate() to simplify code (Christophe JAILLET)
- extcon: usbc-tusb320: Call the Type-C IRQ handler only if a port is registered (Yassine Oudjana)
- media: dvbdev: fix refcnt bug (Lin Ma)
- media: dvbdev: fix build warning due to comments (Lin Ma)
- net: stmmac: fix errno when create_singlethread_workqueue() fails (Gaosheng Cui)
- scsi: qla2xxx: Fix crash when I/O abort times out (Arun Easi)
- btrfs: do not BUG_ON() on ENOMEM when dropping extent items for a range (Filipe Manana)
- ovl: fix use inode directly in rcu-walk mode (Chen Zhongjin)
- fbdev: fbcon: release buffer when fbcon_do_set_font() failed (Tetsuo Handa)
- gcov: add support for checksum field (Rickard x Andersson)
- floppy: Fix memory leak in do_floppy_init() (Yuan Can)
- regulator: core: fix deadlock on regulator enable (Johan Hovold)
- iio: adc128s052: add proper .data members in adc128_of_match table (Rasmus Villemoes)
- iio: adc: ad_sigma_delta: do not use internal iio_dev lock (Nuno Sa)
- iio: fix memory leak in iio_device_register_eventset() (Zeng Heng)
- reiserfs: Add missing calls to reiserfs_security_free() (Roberto Sassu)
- security: Restrict CONFIG_ZERO_CALL_USED_REGS to gcc or clang > 15.0.6 (Nathan Chancellor)
- 9p: set req refcount to zero to avoid uninitialized usage (Schspa Shi)
- loop: Fix the max_loop commandline argument treatment when it is set to 0 (Isaac J. Manjarres)
- HID: mcp2221: don't connect hidraw (Enrik Berkhan)
- HID: wacom: Ensure bootloader PID is usable in hidraw mode (Jason Gerecke)
- xhci: Prevent infinite loop in transaction errors recovery for streams (Mathias Nyman)
- usb: dwc3: core: defer probe on ulpi_read_id timeout (Ferry Toth)
- usb: dwc3: Fix race between dwc3_set_mode and __dwc3_set_mode (Sven Peter)
- arm64: dts: qcom: sm8250: fix USB-DP PHY registers (Johan Hovold)
- usb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq (Chunfeng Yun)
- usb: cdnsp: fix lack of ZLP for ep0 (Pawel Laszczak)
- ALSA: hda/hdmi: Add HP Device 0x8711 to force connect list (Jiao Zhou)
- ALSA: hda/realtek: Add quirk for Lenovo TianYi510Pro-14IOB (Edward Pacman)
- ALSA: usb-audio: add the quirk for KT0206 device (wangdicheng)
- ima: Simplify ima_lsm_copy_rule (GUO Zihua)
- pstore: Make sure CONFIG_PSTORE_PMSG selects CONFIG_RT_MUTEXES (John Stultz)
- afs: Fix lost servers_outstanding count (David Howells)
- perf debug: Set debug_peo_args and redirect_to_stderr variable to correct values in perf_quiet_option() (Yang Jihong)
- pstore: Switch pmsg_lock to an rt_mutex to avoid priority inversion (John Stultz)
- LoadPin: Ignore the 'contents' argument of the LSM hooks (Kees Cook)
- drm/i915/display: Don't disable DDI/Transcoder when setting phy test pattern (Khaled Almahallawy)
- ASoC: rt5670: Remove unbalanced pm_runtime_put() (Hans de Goede)
- ASoC: rockchip: spdif: Add missing clk_disable_unprepare() in rk_spdif_runtime_resume() (Wang Jingjin)
- ASoC: wm8994: Fix potential deadlock (Marek Szyprowski)
- ASoC: mediatek: mt8183: fix refcount leak in mt8183_mt6358_ts3a227_max98357_dev_probe() (Wang Yufen)
- ASoC: rockchip: pdm: Add missing clk_disable_unprepare() in rockchip_pdm_runtime_resume() (Wang Jingjin)
- ASoC: audio-graph-card: fix refcount leak of cpu_ep in __graph_for_each_link() (Wang Yufen)
- ASoC: mediatek: mt8173-rt5650-rt5514: fix refcount leak in mt8173_rt5650_rt5514_dev_probe() (Wang Yufen)
- ASoC: Intel: Skylake: Fix driver hang during shutdown (Cezary Rojewski)
- ALSA: hda: add snd_hdac_stop_streams() helper (Pierre-Louis Bossart)
- ALSA/ASoC: hda: move/rename snd_hdac_ext_stop_streams to hdac_stream.c (Pierre-Louis Bossart)
- hwmon: (jc42) Fix missing unlock on error in jc42_write() (Yang Yingliang)
- KVM: selftests: Fix build regression by using accessor function (Tyler Hicks)
- tools/include: Add _RET_IP_ and math definitions to kernel.h (Karolina Drobnik)
- orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init() (Zhang Xiaoxu)
- orangefs: Fix kmemleak in orangefs_prepare_debugfs_help_string() (Zhang Xiaoxu)
- drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid() (Nathan Chancellor)
- drm/fsl-dcu: Fix return type of fsl_dcu_drm_connector_mode_valid() (Nathan Chancellor)
- hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param() (Hawkins Jiawei)
- scsi: elx: libefc: Fix second parameter type in state callbacks (Nathan Chancellor)
- scsi: ufs: Reduce the START STOP UNIT timeout (Bart Van Assche)
- scsi: lpfc: Fix hard lockup when reading the rx_monitor from debugfs (Justin Tee)
- crypto: hisilicon/hpre - fix resource leak in remove process (Zhiqi Song)
- clk: st: Fix memory leak in st_of_quadfs_setup() (Xiu Jianfeng)
- media: si470x: Fix use-after-free in si470x_int_in_callback() (Shigeru Yoshida)
- mmc: renesas_sdhi: better reset from HS400 mode (Wolfram Sang)
- mmc: f-sdh30: Add quirks for broken timeout clock capability (Kunihiko Hayashi)
- wifi: mt76: do not run mt76u_status_worker if the device is not running (Lorenzo Bianconi)
- regulator: core: fix use_count leakage when handling boot-on (Rui Zhang)
- libbpf: Avoid enum forward-declarations in public API in C++ mode (Andrii Nakryiko)
- drm/amd/display: Use the largest vready_offset in pipe group (Wesley Chalmers)
- blk-mq: fix possible memleak when register 'hctx' failed (Ye Bin)
- media: dvb-usb: fix memory leak in dvb_usb_adapter_init() (Mazin Al Haddad)
- media: dvbdev: adopts refcnt to avoid UAF (Lin Ma)
- media: dvb-frontends: fix leak of memory fw (Yan Lei)
- ethtool: avoiding integer overflow in ethtool_phys_id() (Maxim Korotkov)
- bpf: Prevent decl_tag from being referenced in func_proto arg (Stanislav Fomichev)
- ppp: associate skb with a device at tx (Stanislav Fomichev)
- mrp: introduce active flags to prevent UAF when applicant uninit (Schspa Shi)
- ipv6/sit: use DEV_STATS_INC() to avoid data-races (Eric Dumazet)
- net: add atomic_long_t to net_device_stats fields (Eric Dumazet)
- drm/amd/display: fix array index out of bound error in bios parser (Aurabindo Pillai)
- md/raid1: stop mdx_raid1 thread when raid1 array run failed (Jiang Li)
- drivers/md/md-bitmap: check the return value of md_bitmap_get_counter() (Li Zhong)
- drm/mediatek: Fix return type of mtk_hdmi_bridge_mode_valid() (Nathan Chancellor)
- drm/sti: Use drm_mode_copy() (Ville Syrjala)
- drm/rockchip: Use drm_mode_copy() (Ville Syrjala)
- drm/msm: Use drm_mode_copy() (Ville Syrjala)
- s390/lcs: Fix return type of lcs_start_xmit() (Nathan Chancellor)
- s390/netiucv: Fix return type of netiucv_tx() (Nathan Chancellor)
- s390/ctcm: Fix return type of ctc{mp,}m_tx() (Nathan Chancellor)
- drm/amdgpu: Fix type of second parameter in odn_edit_dpm_table() callback (Nathan Chancellor)
- drm/amdgpu: Fix type of second parameter in trans_msg() callback (Nathan Chancellor)
- igb: Do not free q_vector unless new one was allocated (Kees Cook)
- wifi: brcmfmac: Fix potential shift-out-of-bounds in brcmf_fw_alloc_request() (Minsuk Kang)
- hamradio: baycom_epp: Fix return type of baycom_send_packet() (Nathan Chancellor)
- net: ethernet: ti: Fix return type of netcp_ndo_start_xmit() (Nathan Chancellor)
- bpf: make sure skb->len != 0 when redirecting to a tunneling device (Stanislav Fomichev)
- qed (gcc13): use u16 for fid to be big enough (Jiri Slaby (SUSE))
- Revert 'drm/amd/display: Limit max DSC target bpp for specific monitors' (Hamza Mahfooz)
- drm/amd/display: prevent memory leak (gehao)
- ipmi: fix memleak when unload ipmi driver (Zhang Yuchen)
- ASoC: codecs: rt298: Add quirk for KBL-R RVP platform (Amadeusz Slawinski)
- wifi: ar5523: Fix use-after-free on ar5523_cmd() timed out (Shigeru Yoshida)
- wifi: ath9k: verify the expected usb_endpoints are present (Fedor Pchelkin)
- brcmfmac: return error when getting invalid max_flowrings from dongle (Wright Feng)
- media: imx-jpeg: Disable useless interrupt to avoid kernel panic (Ming Qian)
- drm/etnaviv: add missing quirks for GC300 (Doug Brown)
- hfs: fix OOB Read in __hfs_brec_find (ZhangPeng)
- acct: fix potential integer overflow in encode_comp_t() (Zheng Yejian)
- nilfs2: fix shift-out-of-bounds due to too large exponent of block size (Ryusuke Konishi)
- nilfs2: fix shift-out-of-bounds/overflow in nilfs_sb2_bad_offset() (Ryusuke Konishi)
- ACPICA: Fix error code path in acpi_ds_call_control_method() (Rafael J. Wysocki)
- fs: jfs: fix shift-out-of-bounds in dbDiscardAG (Hoi Pok Wu)
- jfs: Fix fortify moan in symlink (Dr. David Alan Gilbert)
- udf: Avoid double brelse() in udf_rename() (Shigeru Yoshida)
- fs: jfs: fix shift-out-of-bounds in dbAllocAG (Dongliang Mu)
- binfmt_misc: fix shift-out-of-bounds in check_special_flags (Liu Shixin)
- x86/hyperv: Remove unregister syscore call from Hyper-V cleanup (Gaurav Kohli)
- video: hyperv_fb: Avoid taking busy spinlock on panic path (Guilherme G. Piccoli)
- arm64: make is_ttbrX_addr() noinstr-safe (Mark Rutland)
- rcu: Fix __this_cpu_read() lockdep warning in rcu_force_quiescent_state() (Zqiang)
- HID: amd_sfh: Add missing check for dma_alloc_coherent (Jiasheng Jiang)
- net: stream: purge sk_error_queue in sk_stream_kill_queues() (Eric Dumazet)
- myri10ge: Fix an error handling path in myri10ge_probe() (Christophe JAILLET)
- rxrpc: Fix missing unlock in rxrpc_do_sendmsg() (David Howells)
- net_sched: reject TCF_EM_SIMPLE case for complex ematch module (Cong Wang)
- mailbox: zynq-ipi: fix error handling while device_register() fails (Yang Yingliang)
- mailbox: arm_mhuv2: Fix return value check in mhuv2_probe() (Yang Yingliang)
- mailbox: mpfs: read the system controller's status (Conor Dooley)
- skbuff: Account for tail adjustment during pull operations (Subash Abhinov Kasiviswanathan)
- arm64: dts: mt8183: Fix Mali GPU clock (Chen-Yu Tsai)
- soc: mediatek: pm-domains: Fix the power glitch issue (Chun-Jie Chen)
- openvswitch: Fix flow lookup to use unmasked key (Eelco Chaudron)
- selftests: devlink: fix the fd redirect in dummy_reporter_test (Jakub Kicinski)
- rtc: mxc_v2: Add missing clk_disable_unprepare() (GUO Zihua)
- igc: Set Qbv start_time and end_time to end_time if not being configured in GCL (Tan Tee Min)
- igc: Lift TAPRIO schedule restriction (Kurt Kanzenbach)
- igc: recalculate Qbv end_time by considering cycle time (Tan Tee Min)
- igc: allow BaseTime 0 enrollment for Qbv (Tan Tee Min)
- igc: Add checking for basetime less than zero (Muhammad Husaini Zulkifli)
- igc: Use strict cycles for Qbv scheduling (Vinicius Costa Gomes)
- igc: Enhance Qbv scheduling by using first flag bit (Vinicius Costa Gomes)
- r6040: Fix kmemleak in probe and remove (Li Zetao)
- unix: Fix race in SOCK_SEQPACKET's unix_dgram_sendmsg() (Kirill Tkhai)
- nfc: pn533: Clear nfc_target before being used (Minsuk Kang)
- net: enetc: avoid buffer leaks on xdp_do_redirect() failure (Vladimir Oltean)
- selftests/bpf: Add test for unstable CT lookup API (Kumar Kartikeya Dwivedi)
- block, bfq: fix possible uaf for 'bfqq->bic' (Yu Kuai)
- mISDN: hfcmulti: don't call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (Yang Yingliang)
- mISDN: hfcpci: don't call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (Yang Yingliang)
- mISDN: hfcsusb: don't call dev_kfree_skb/kfree_skb() under spin_lock_irqsave() (Yang Yingliang)
- net: macsec: fix net device access prior to holding a lock (Emeel Hakim)
- nfsd: under NFSv4.1, fix double svc_xprt_put on rpc_create failure (Dan Aloni)
- rtc: pcf85063: fix pcf85063_clkout_control (Alexandre Belloni)
- rtc: pic32: Move devm_rtc_allocate_device earlier in pic32_rtc_probe() (Gaosheng Cui)
- rtc: st-lpc: Add missing clk_disable_unprepare in st_rtc_probe() (Gaosheng Cui)
- netfilter: flowtable: really fix NAT IPv6 offload (Qingfang DENG)
- mfd: pm8008: Fix return value check in pm8008_probe() (Yang Yingliang)
- mfd: pm8008: Remove driver data structure pm8008_data (Lee Jones)
- mfd: qcom_rpm: Fix an error handling path in qcom_rpm_probe() (Christophe JAILLET)
- mfd: bd957x: Fix Kconfig dependency on REGMAP_IRQ (Matti Vaittinen)
- powerpc/pseries/eeh: use correct API for error log size (Nathan Lynch)
- powerpc/eeh: Drop redundant spinlock initialization (Haowen Bai)
- remoteproc: qcom: q6v5: Fix missing clk_disable_unprepare() in q6v5_wcss_qcs404_power_on() (Shang XiaoJing)
- remoteproc: qcom_q6v5_pas: Fix missing of_node_put() in adsp_alloc_memory_region() (Yuan Can)
- remoteproc: qcom_q6v5_pas: detach power domains on remove (Luca Weiss)
- remoteproc: qcom_q6v5_pas: disable wakeup on probe fail or remove (Luca Weiss)
- remoteproc: qcom: q6v5: Fix potential null-ptr-deref in q6v5_wcss_init_mmio() (Shang XiaoJing)
- remoteproc: sysmon: fix memory leak in qcom_add_sysmon_subdev() (Gaosheng Cui)
- pwm: mediatek: always use bus clock for PWM on MT7622 (Daniel Golle)
- pwm: mtk-disp: Fix the parameters calculated by the enabled flag of disp_pwm (xinlei lee)
- pwm: sifive: Call pwm_sifive_update_clock() while mutex is held (Uwe Kleine-Konig)
- iommu/sun50i: Remove IOMMU_DOMAIN_IDENTITY (Jason Gunthorpe)
- selftests/powerpc: Fix resource leaks (Miaoqian Lin)
- powerpc/hv-gpci: Fix hv_gpci event list (Kajol Jain)
- powerpc/83xx/mpc832x_rdb: call platform_device_put() in error case in of_fsl_spi_probe() (Yang Yingliang)
- powerpc/perf: callchain validate kernel stack pointer bounds (Nicholas Piggin)
- powerpc/xive: add missing iounmap() in error path in xive_spapr_populate_irq_data() (Yang Yingliang)
- powerpc/xmon: Fix -Wswitch-unreachable warning in bpt_cmds (Gustavo A. R. Silva)
- cxl: Fix refcount leak in cxl_calc_capp_routing (Miaoqian Lin)
- powerpc/52xx: Fix a resource leak in an error handling path (Christophe JAILLET)
- macintosh/macio-adb: check the return value of ioremap() (Xie Shaowen)
- macintosh: fix possible memory leak in macio_add_one_device() (Yang Yingliang)
- iommu/fsl_pamu: Fix resource leak in fsl_pamu_probe() (Yuan Can)
- iommu/amd: Fix pci device refcount leak in ppr_notifier() (Yang Yingliang)
- rtc: pcf85063: Fix reading alarm (Alexander Stein)
- rtc: snvs: Allow a time difference on clock register read (Stefan Eichenberger)
- rtc: cmos: Disable ACPI RTC event on removal (Rafael J. Wysocki)
- rtc: cmos: Rename ACPI-related functions (Rafael J. Wysocki)
- rtc: cmos: Eliminate forward declarations of some functions (Rafael J. Wysocki)
- rtc: cmos: Call rtc_wake_setup() from cmos_do_probe() (Rafael J. Wysocki)
- rtc: cmos: Call cmos_wake_setup() from cmos_do_probe() (Rafael J. Wysocki)
- rtc: cmos: fix build on non-ACPI platforms (Alexandre Belloni)
- rtc: cmos: Fix wake alarm breakage (Rafael J. Wysocki)
- rtc: cmos: Fix event handler registration ordering issue (Rafael J. Wysocki)
- rtc: rtc-cmos: Do not check ACPI_FADT_LOW_POWER_S0 (Rafael J. Wysocki)
- dmaengine: idxd: Fix crc_val field for completion record (Fenghua Yu)
- fs/ntfs3: Fix slab-out-of-bounds read in ntfs_trim_fs (Abdun Nihaal)
- pwm: tegra: Improve required rate calculation (Jon Hunter)
- include/uapi/linux/swab: Fix potentially missing __always_inline (Matt Redfearn)
- phy: usb: s2 WoL wakeup_count not incremented for USB->Eth devices (Al Cooper)
- iommu/rockchip: fix permission bits in page table entries v2 (Michael Riesch)
- iommu/sun50i: Fix flush size (Jernej Skrabec)
- iommu/sun50i: Fix R/W permission check (Jernej Skrabec)
- iommu/sun50i: Consider all fault sources for reset (Jernej Skrabec)
- iommu/sun50i: Fix reset release (Jernej Skrabec)
- fs/ntfs3: Harden against integer overflows (Dan Carpenter)
- overflow: Implement size_t saturating arithmetic helpers (Kees Cook)
- fs/ntfs3: Avoid UBSAN error on true_sectors_per_clst() (Shigeru Yoshida)
- RDMA/siw: Fix pointer cast warning (Arnd Bergmann)
- perf stat: Do not delay the workload with --delay (Namhyung Kim)
- perf stat: Refactor __run_perf_stat() common code (Adrian Herrera Arcila)
- power: supply: fix null pointer dereferencing in power_supply_get_battery_info (ruanjinjie)
- power: supply: ab8500: Fix error handling in ab8500_charger_init() (Yuan Can)
- HSI: omap_ssi_core: Fix error handling in ssi_init() (Yuan Can)
- power: supply: z2_battery: Fix possible memleak in z2_batt_probe() (Zhang Qilong)
- perf symbol: correction while adjusting symbol (Ajay Kaher)
- perf trace: Handle failure when trace point folder is missed (Leo Yan)
- perf trace: Use macro RAW_SYSCALL_ARGS_NUM to replace number (Leo Yan)
- perf trace: Return error if a system call doesn't exist (Leo Yan)
- power: supply: fix residue sysfs file in error handle route of __power_supply_register() (Zeng Heng)
- HSI: omap_ssi_core: fix possible memory leak in ssi_probe() (Yang Yingliang)
- HSI: omap_ssi_core: fix unbalanced pm_runtime_disable() (Yang Yingliang)
- fbdev: uvesafb: Fixes an error handling path in uvesafb_probe() (Christophe JAILLET)
- fbdev: uvesafb: don't build on UML (Randy Dunlap)
- fbdev: geode: don't build on UML (Randy Dunlap)
- fbdev: ep93xx-fb: Add missing clk_disable_unprepare in ep93xxfb_probe() (Gaosheng Cui)
- fbdev: vermilion: decrease reference count in error path (Xiongfeng Wang)
- fbdev: via: Fix error in via_core_init() (Shang XiaoJing)
- fbdev: pm2fb: fix missing pci_disable_device() (Yang Yingliang)
- fbdev: ssd1307fb: Drop optional dependency (Andy Shevchenko)
- thermal/drivers/qcom/lmh: Fix irq handler return value (Bjorn Andersson)
- thermal/drivers/qcom/temp-alarm: Fix inaccurate warning for gen2 (Luca Weiss)
- thermal/drivers/imx8mm_thermal: Validate temperature range (Marcus Folkesson)
- samples: vfio-mdev: Fix missing pci_disable_device() in mdpy_fb_probe() (Shang XiaoJing)
- ksmbd: Fix resource leak in ksmbd_session_rpc_open() (Xiu Jianfeng)
- tracing/hist: Fix issue of losting command info in error_log (Zheng Yejian)
- usb: storage: Add check for kcalloc (Jiasheng Jiang)
- i2c: ismt: Fix an out-of-bounds bug in ismt_access() (Zheyu Ma)
- i2c: mux: reg: check return value after calling platform_get_resource() (Yang Yingliang)
- gpiolib: protect the GPIO device against being dropped while in use by user-space (Bartosz Golaszewski)
- gpiolib: make struct comments into real kernel docs (Bartosz Golaszewski)
- gpiolib: cdev: fix NULL-pointer dereferences (Bartosz Golaszewski)
- gpiolib: Get rid of redundant 'else' (Andy Shevchenko)
- vme: Fix error not catched in fake_init() (Chen Zhongjin)
- staging: rtl8192e: Fix potential use-after-free in rtllib_rx_Monitor() (YueHaibing)
- staging: rtl8192u: Fix use after free in ieee80211_rx() (Dan Carpenter)
- i2c: pxa-pci: fix missing pci_disable_device() on error in ce4100_i2c_probe (Hui Tang)
- chardev: fix error handling in cdev_device_add() (Yang Yingliang)
- mcb: mcb-parse: fix error handing in chameleon_parse_gdd() (Yang Yingliang)
- drivers: mcb: fix resource leak in mcb_probe() (Zhengchao Shao)
- usb: gadget: f_hid: fix refcount leak on error path (John Keeping)
- usb: gadget: f_hid: fix f_hidg lifetime vs cdev (John Keeping)
- usb: roles: fix of node refcount leak in usb_role_switch_is_parent() (Yang Yingliang)
- coresight: trbe: remove cpuhp instance node before remove cpuhp state (Yang Shen)
- counter: stm32-lptimer-cnt: fix the check on arr and cmp registers update (Fabrice Gasnier)
- iio: adis: add '__adis_enable_irq()' implementation (Ramona Bolboaca)
- iio:imu:adis: Move exports into IIO_ADISLIB namespace (Jonathan Cameron)
- iio: adis: stylistic changes (Nuno Sa)
- iio: adis: handle devices that cannot unmask the drdy pin (Nuno Sa)
- iio: temperature: ltc2983: make bulk write buffer DMA-safe (Cosmin Tanislav)
- cxl: fix possible null-ptr-deref in cxl_pci_init_afu|adapter() (Yang Yingliang)
- cxl: fix possible null-ptr-deref in cxl_guest_init_afu|adapter() (Yang Yingliang)
- firmware: raspberrypi: fix possible memory leak in rpi_firmware_probe() (Yang Yingliang)
- misc: sgi-gru: fix use-after-free error in gru_set_context_option, gru_fault and gru_handle_user_call_os (Zheng Wang)
- misc: tifm: fix possible memory leak in tifm_7xx1_switch_media() (ruanjinjie)
- ocxl: fix pci device refcount leak when calling get_function_0() (Yang Yingliang)
- misc: ocxl: fix possible name leak in ocxl_file_register_afu() (Yang Yingliang)
- test_firmware: fix memory leak in test_firmware_init() (Zhengchao Shao)
- serial: sunsab: Fix error handling in sunsab_init() (Yuan Can)
- serial: altera_uart: fix locking in polling mode (Gabriel Somlo)
- tty: serial: altera_uart_{r,t}x_chars() need only uart_port (Jiri Slaby)
- tty: serial: clean up stop-tx part in altera_uart_tx_chars() (Jiri Slaby)
- serial: pch: Fix PCI device refcount leak in pch_request_dma() (Xiongfeng Wang)
- serial: stm32: move dma_request_chan() before clk_prepare_enable() (Valentin Caron)
- serial: pl011: Do not clear RX FIFO & RX interrupt in unthrottle. (delisun)
- serial: amba-pl011: avoid SBSA UART accessing DMACR register (Jiamei Xie)
- extcon: usbc-tusb320: Update state on probe even if no IRQ pending (Marek Vasut)
- extcon: usbc-tusb320: Add USB TYPE-C support (Marek Vasut)
- extcon: usbc-tusb320: Factor out extcon into dedicated functions (Marek Vasut)
- usb: typec: Factor out non-PD fwnode properties (Samuel Holland)
- extcon: usbc-tusb320: Add support for TUSB320L (Yassine Oudjana)
- extcon: usbc-tusb320: Add support for mode setting and reset (Yassine Oudjana)
- usb: typec: tipd: Fix spurious fwnode_handle_put in error path (Sven Peter)
- usb: typec: tipd: Cleanup resources if devm_tps6598_psy_register fails (Sven Peter)
- usb: typec: tcpci: fix of node refcount leak in tcpci_register_port() (Yang Yingliang)
- usb: typec: Check for ops->exit instead of ops->enter in altmode_exit (Sven Peter)
- staging: vme_user: Fix possible UAF in tsi148_dma_list_add (Gaosheng Cui)
- usb: fotg210-udc: Fix ages old endianness issues (Linus Walleij)
- uio: uio_dmem_genirq: Fix deadlock between irq config and handling (Rafael Mendonca)
- uio: uio_dmem_genirq: Fix missing unlock in irq configuration (Rafael Mendonca)
- vfio: platform: Do not pass return buffer to ACPI _RST method (Rafael Mendonca)
- class: fix possible memory leak in __class_register() (Yang Yingliang)
- serial: 8250_bcm7271: Fix error handling in brcmuart_init() (Yuan Can)
- serial: tegra: Read DMA status before terminating (Kartik)
- drivers: dio: fix possible memory leak in dio_init() (Yang Yingliang)
- RISC-V: Align the shadow stack (Palmer Dabbelt)
- IB/IPoIB: Fix queue count inconsistency for PKEY child interfaces (Dragos Tatulea)
- hwrng: geode - Fix PCI device refcount leak (Xiongfeng Wang)
- hwrng: amd - Fix PCI device refcount leak (Xiongfeng Wang)
- crypto: img-hash - Fix variable dereferenced before check 'hdev->req' (Gaosheng Cui)
- RDMA/hns: Fix error code of CMD (Chengchang Tang)
- RDMA/hns: Fix page size cap from firmware (Chengchang Tang)
- RDMA/hns: Fix PBL page MTR find (Chengchang Tang)
- RDMA/hns: Fix AH attr queried by query_qp (Chengchang Tang)
- orangefs: Fix sysfs not cleanup when dev init failed (Zhang Xiaoxu)
- PCI: mt7621: Add sentinel to quirks table (John Thomson)
- PCI: mt7621: Rename mt7621_pci_ to mt7621_pcie_ (Bjorn Helgaas)
- RDMA/srp: Fix error return code in srp_parse_options() (Wang Yufen)
- RDMA/hfi1: Fix error return code in parse_platform_config() (Wang Yufen)
- riscv/mm: add arch hook arch_clear_hugepage_flags (Tong Tiangen)
- crypto: omap-sham - Use pm_runtime_resume_and_get() in omap_sham_probe() (Shang XiaoJing)
- crypto: amlogic - Remove kcalloc without check (Christophe JAILLET)
- RDMA/nldev: Fix failure to send large messages (Mark Zhang)
- f2fs: avoid victim selection from previous victim section (Yonggil Song)
- RDMA/nldev: Add checks for nla_nest_start() in fill_stat_counter_qps() (Yuan Can)
- scsi: snic: Fix possible UAF in snic_tgt_create() (Gaosheng Cui)
- scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails (Chen Zhongjin)
- scsi: ipr: Fix WARNING in ipr_init() (Shang XiaoJing)
- scsi: scsi_debug: Fix possible name leak in sdebug_add_host_helper() (Yang Yingliang)
- scsi: fcoe: Fix possible name leak when device_register() fails (Yang Yingliang)
- scsi: scsi_debug: Fix a warning in resp_report_zones() (Harshit Mogalapalli)
- scsi: scsi_debug: Fix a warning in resp_verify() (Harshit Mogalapalli)
- scsi: efct: Fix possible memleak in efct_device_init() (Chen Zhongjin)
- scsi: hpsa: Fix possible memory leak in hpsa_add_sas_device() (Yang Yingliang)
- scsi: hpsa: Fix error handling in hpsa_add_sas_host() (Yang Yingliang)
- scsi: mpt3sas: Fix possible resource leaks in mpt3sas_transport_port_add() (Yang Yingliang)
- padata: Fix list iterator in padata_do_serial() (Daniel Jordan)
- padata: Always leave BHs disabled when running ->parallel() (Daniel Jordan)
- crypto: tcrypt - Fix multibuffer skcipher speed test mem leak (Zhang Yiqun)
- scsi: hpsa: Fix possible memory leak in hpsa_init_one() (Yuan Can)
- dt-bindings: visconti-pcie: Fix interrupts array max constraints (Serge Semin)
- dt-bindings: imx6q-pcie: Fix clock names for imx6sx and imx8mq (Serge Semin)
- RDMA/rxe: Fix NULL-ptr-deref in rxe_qp_do_cleanup() when socket create failed (Zhang Xiaoxu)
- RDMA/hns: fix memory leak in hns_roce_alloc_mr() (Zhengchao Shao)
- crypto: ccree - Make cc_debugfs_global_fini() available for module init function (Uwe Kleine-Konig)
- RDMA/hfi: Decrease PCI device reference count in error path (Xiongfeng Wang)
- PCI: Check for alloc failure in pci_request_irq() (Zeng Heng)
- RDMA/hns: Fix ext_sge num error when post send (Luoyouming)
- RDMA/hns: Repacing 'dseg_len' by macros in fill_ext_sge_inl_data() (Luoyouming)
- crypto: hisilicon/qm - add missing pci_dev_put() in q_num_set() (Xiongfeng Wang)
- crypto: cryptd - Use request context instead of stack for sub-request (Herbert Xu)
- crypto: ccree - Remove debugfs when platform_driver_register failed (Gaosheng Cui)
- scsi: scsi_debug: Fix a warning in resp_write_scat() (Harshit Mogalapalli)
- RDMA/siw: Set defined status for work completion with undefined status (Bernard Metzler)
- RDMA/nldev: Return '-EAGAIN' if the cm_id isn't from expected port (Mark Zhang)
- RDMA/core: Make sure 'ib_port' is valid when access sysfs node (Mark Zhang)
- RDMA/restrack: Release MR restrack when delete (Mark Zhang)
- PCI: vmd: Disable MSI remapping after suspend (Nirmal Patel)
- IB/mad: Don't call to function that might sleep while in atomic context (Leonid Ravich)
- RDMA/siw: Fix immediate work request flush to completion queue (Bernard Metzler)
- scsi: qla2xxx: Fix set-but-not-used variable warnings (Bart Van Assche)
- RDMA/irdma: Report the correct link speed (Shiraz Saleem)
- f2fs: fix to destroy sbi->post_read_wq in error path of f2fs_fill_super() (Chao Yu)
- f2fs: fix normal discard process (Dongdong Zhang)
- f2fs: fix to invalidate dcc->f2fs_issue_discard in error path (Chao Yu)
- apparmor: Fix memleak in alloc_ns() (Xiu Jianfeng)
- crypto: rockchip - rework by using crypto_engine (Corentin Labbe)
- crypto: rockchip - remove non-aligned handling (Corentin Labbe)
- crypto: rockchip - better handle cipher key (Corentin Labbe)
- crypto: rockchip - add fallback for ahash (Corentin Labbe)
- crypto: rockchip - add fallback for cipher (Corentin Labbe)
- crypto: rockchip - do not store mode globally (Corentin Labbe)
- crypto: rockchip - do not do custom power management (Corentin Labbe)
- f2fs: Fix the race condition of resize flag between resizefs (Zhang Qilong)
- PCI: pci-epf-test: Register notifier if only core_init_notifier is enabled (Kunihiko Hayashi)
- RDMA/core: Fix order of nldev_exit call (Leon Romanovsky)
- PCI: dwc: Fix n_fts[] array overrun (Vidya Sagar)
- apparmor: Use pointer to struct aa_label for lbs_cred (Xiu Jianfeng)
- scsi: core: Fix a race between scsi_done() and scsi_timeout() (Bart Van Assche)
- crypto: nitrox - avoid double free on error path in nitrox_sriov_init() (Natalia Petrova)
- crypto: sun8i-ss - use dma_addr instead u32 (Corentin Labbe)
- crypto: hisilicon/qm - fix missing destroy qp_idr (Weili Qian)
- apparmor: Fix abi check to include v8 abi (John Johansen)
- apparmor: fix lockdep warning when removing a namespace (John Johansen)
- apparmor: fix a memleak in multi_transaction_new() (Gaosheng Cui)
- net: dsa: tag_8021q: avoid leaking ctx on dsa_tag_8021q_register() error path (Vladimir Oltean)
- i40e: Fix the inability to attach XDP program on downed interface (Bartosz Staszewski)
- stmmac: fix potential division by 0 (Piergiorgio Beruto)
- Bluetooth: RFCOMM: don't call kfree_skb() under spin_lock_irqsave() (Yang Yingliang)
- Bluetooth: hci_core: don't call kfree_skb() under spin_lock_irqsave() (Yang Yingliang)
- Bluetooth: hci_bcsp: don't call kfree_skb() under spin_lock_irqsave() (Yang Yingliang)
- Bluetooth: hci_h5: don't call kfree_skb() under spin_lock_irqsave() (Yang Yingliang)
- Bluetooth: hci_ll: don't call kfree_skb() under spin_lock_irqsave() (Yang Yingliang)
- Bluetooth: hci_qca: don't call kfree_skb() under spin_lock_irqsave() (Yang Yingliang)
- Bluetooth: btusb: don't call kfree_skb() under spin_lock_irqsave() (Yang Yingliang)
- Bluetooth: btintel: Fix missing free skb in btintel_setup_combined() (Wang ShaoBo)
- Bluetooth: MGMT: Fix error report for ADD_EXT_ADV_PARAMS (Inga Stotland)
- sctp: sysctl: make extra pointers netns aware (Firo Yang)
- ntb_netdev: Use dev_kfree_skb_any() in interrupt context (Eric Pilmore)
- net: lan9303: Fix read error execution path (Jerry Ray)
- can: tcan4x5x: Fix use of register error status mask (Markus Schneider-Pargmann)
- can: m_can: Call the RAM init directly from m_can_chip_config (Vivek Yadav)
- can: tcan4x5x: Remove invalid write in clear_interrupts (Markus Schneider-Pargmann)
- net: amd-xgbe: Check only the minimum speed for active/passive cables (Tom Lendacky)
- net: amd-xgbe: Fix logic around active and passive cables (Tom Lendacky)
- af_unix: call proto_unregister() in the error path in af_unix_init() (Yang Yingliang)
- net: amd: lance: don't call dev_kfree_skb() under spin_lock_irqsave() (Yang Yingliang)
- hamradio: don't call dev_kfree_skb() under spin_lock_irqsave() (Yang Yingliang)
- net: ethernet: dnet: don't call dev_kfree_skb() under spin_lock_irqsave() (Yang Yingliang)
- net: emaclite: don't call dev_kfree_skb() under spin_lock_irqsave() (Yang Yingliang)
- net: apple: bmac: don't call dev_kfree_skb() under spin_lock_irqsave() (Yang Yingliang)
- net: apple: mace: don't call dev_kfree_skb() under spin_lock_irqsave() (Yang Yingliang)
- net/tunnel: wait until all sk_user_data reader finish before releasing the sock (Hangbin Liu)
- net: farsync: Fix kmemleak when rmmods farsync (Li Zetao)
- ethernet: s2io: don't call dev_kfree_skb() under spin_lock_irqsave() (Yang Yingliang)
- of: overlay: fix null pointer dereferencing in find_dup_cset_node_entry() and find_dup_cset_prop() (ruanjinjie)
- drivers: net: qlcnic: Fix potential memory leak in qlcnic_sriov_init() (Yuan Can)
- net: stmmac: fix possible memory leak in stmmac_dvr_probe() (Gaosheng Cui)
- net: stmmac: selftests: fix potential memleak in stmmac_test_arpoffload() (Zhang Changzhong)
- net: defxx: Fix missing err handling in dfx_init() (Yongqiang Liu)
- net: vmw_vsock: vmci: Check memcpy_from_msg() (Artem Chernyshev)
- clk: socfpga: Fix memory leak in socfpga_gate_init() (Xiu Jianfeng)
- bpf: Do not zero-extend kfunc return values (Bjorn Topel)
- blktrace: Fix output non-blktrace event when blk_classic option enabled (Yang Jihong)
- wifi: brcmfmac: Fix error return code in brcmf_sdio_download_firmware() (Wang Yufen)
- wifi: rtl8xxxu: Fix the channel width reporting (Bitterblue Smith)
- wifi: rtl8xxxu: Add __packed to struct rtl8723bu_c2h (Bitterblue Smith)
- spi: spi-gpio: Don't set MOSI as an input if not 3WIRE mode (Kris Bahnsen)
- clk: samsung: Fix memory leak in _samsung_clk_register_pll() (Xiu Jianfeng)
- media: coda: Add check for kmalloc (Jiasheng Jiang)
- media: coda: Add check for dcoda_iram_alloc (Jiasheng Jiang)
- media: c8sectpfe: Add of_node_put() when breaking out of loop (Liang He)
- regulator: qcom-labibb: Fix missing of_node_put() in qcom_labibb_regulator_probe() (Yuan Can)
- mmc: core: Normalize the error handling branch in sd_read_ext_regs() (Zhen Lei)
- memstick/ms_block: Add check for alloc_ordered_workqueue (Jiasheng Jiang)
- memstick: ms_block: Add error handling support for add_disk() (Luis Chamberlain)
- mmc: renesas_sdhi: alway populate SCC pointer (Wolfram Sang)
- mmc: mmci: fix return value check of mmc_add_host() (Yang Yingliang)
- mmc: wbsd: fix return value check of mmc_add_host() (Yang Yingliang)
- mmc: via-sdmmc: fix return value check of mmc_add_host() (Yang Yingliang)
- mmc: meson-gx: fix return value check of mmc_add_host() (Yang Yingliang)
- mmc: omap_hsmmc: fix return value check of mmc_add_host() (Yang Yingliang)
- mmc: atmel-mci: fix return value check of mmc_add_host() (Yang Yingliang)
- mmc: wmt-sdmmc: fix return value check of mmc_add_host() (Yang Yingliang)
- mmc: vub300: fix return value check of mmc_add_host() (Yang Yingliang)
- mmc: toshsd: fix return value check of mmc_add_host() (Yang Yingliang)
- mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host() (Yang Yingliang)
- mmc: rtsx_pci: fix return value check of mmc_add_host() (Yang Yingliang)
- mmc: pxamci: fix return value check of mmc_add_host() (Yang Yingliang)
- mmc: mxcmmc: fix return value check of mmc_add_host() (Yang Yingliang)
- mmc: moxart: fix return value check of mmc_add_host() (Yang Yingliang)
- mmc: alcor: fix return value check of mmc_add_host() (Yang Yingliang)
- riscv, bpf: Emit fixed-length instructions for BPF_PSEUDO_FUNC (Pu Lehui)
- NFSv4.x: Fail client initialisation if state manager thread can't run (Trond Myklebust)
- SUNRPC: Fix missing release socket in rpc_sockname() (Wang ShaoBo)
- xprtrdma: Fix regbuf data not freed in rpcrdma_req_create() (Zhang Xiaoxu)
- ALSA: mts64: fix possible null-ptr-defer in snd_mts64_interrupt (Gaosheng Cui)
- media: saa7164: fix missing pci_disable_device() (Liu Shixin)
- ALSA: pcm: Set missing stop_operating flag at undoing trigger start (Takashi Iwai)
- bpf, sockmap: fix race in sock_map_free() (Eric Dumazet)
- hwmon: (jc42) Restore the min/max/critical temperatures on resume (Martin Blumenstingl)
- hwmon: (jc42) Convert register access and caching to regmap/regcache (Martin Blumenstingl)
- regulator: core: fix resource leak in regulator_register() (Yang Yingliang)


Related CVEs


CVE-2022-3545
CVE-2023-0179
CVE-2022-45869
CVE-2022-4139

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 8 (aarch64) kernel-uek-5.15.0-7.86.6.1.el8uek.src.rpm8b56a96ed6b7fc63da3fa3aa49e57150-
Oracle Linux 8 (x86_64) kernel-uek-5.15.0-7.86.6.1.el8uek.src.rpm8b56a96ed6b7fc63da3fa3aa49e57150-
kernel-uek-container-5.15.0-7.86.6.1.el8uek.x86_64.rpm0ad28dc94ef1ee703652d23cdd601868-
kernel-uek-container-debug-5.15.0-7.86.6.1.el8uek.x86_64.rpmdcdb7f3c69a2894e2e445e2471e50d64-



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete