ELSA-2023-12412 - Unbreakable Enterprise kernel-container security update
Type: | SECURITY |
Severity: | IMPORTANT |
Release Date: | 2023-06-13 |
Description
[5.4.17-2136.320.7.el7]
- selftests: fib_tests: mute cleanup error message (Po-Hsu Lin)
- KVM: arm64: PMU: Align chained counter implementation with architecture pseudocode (Marc Zyngier) [Orabug: 35449815]
- KVM: arm64: Filter out v8.1+ events on v8.0 HW (Marc Zyngier) [Orabug: 35449815]
- KVM: arm64: Add kvm_vcpu_has_pmu() helper (Marc Zyngier) [Orabug: 35449815]
- KVM: arm64: Fix some documentation build warnings (Mauro Carvalho Chehab) [Orabug: 35449815]
- KVM: arm64: Document PMU filtering API (Marc Zyngier) [Orabug: 35449815]
- KVM: arm64: Mask out filtered events in PCMEID{0,1}_EL1 (Marc Zyngier) [Orabug: 35449815]
- KVM: arm64: Add PMU event filtering infrastructure (Marc Zyngier) [Orabug: 35449815]
- KVM: arm64: Use event mask matching architecture revision (Marc Zyngier) [Orabug: 35449815]
- KVM: arm64: Refactor PMU attribute error handling (Marc Zyngier) [Orabug: 35449815]
- KVM: arm64: Move virt/kvm/arm to arch/arm64 (Marc Zyngier) [Orabug: 35449815]
- KVM: arm/arm64: Fix up includes for trace.h (Jeremy Cline) [Orabug: 35449815]
- perf/core: Optimize perf_init_event() for TYPE_SOFTWARE (Liang, Kan) [Orabug: 35449815]
- Revert 'net/mlx5: Fix unpublish devlink parameters' (Si-Wei Liu) [Orabug: 35431929]
- Revert 'net/mlx5: Support enable_eth devlink dev param' (Si-Wei Liu) [Orabug: 35431929]
- Revert 'net/mlx5: Support enable_rdma devlink dev param' (Si-Wei Liu) [Orabug: 35431929]
- Revert 'net/mlx5: Support enable_vnet devlink dev param' (Si-Wei Liu) [Orabug: 35431929]
[5.4.17-2136.320.6.el7]
- ipmi:ssif: Add send_retries increment (Corey Minyard)
- Revert 'ubifs: dirty_cow_znode: Fix memleak in error handling path' (Zhihao Cheng)
- Revert 'Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work' (Liu Jian)
- scsi: target: iscsi: Handle abort for WRITE_PENDING cmds (Dmitry Bogdanov) [Orabug: 34136927]
- scsi: target: iscsit: Fix TAS handling during conn cleanup (Mike Christie) [Orabug: 34136927]
- scsi: target: Fix multiple LUN_RESET handling (Mike Christie) [Orabug: 34136927]
- scsi: target: iscsit: Free cmds before session free (Dmitry Bogdanov) [Orabug: 34136927]
- scsi: target: iscsit: Stop/wait on cmds during conn close (Mike Christie) [Orabug: 34136927]
- scsi: target: iscsit: isert: Alloc per conn cmd counter (Mike Christie) [Orabug: 34136927]
- scsi: target: Pass in cmd counter to use during cmd setup (Mike Christie) [Orabug: 34136927]
- scsi: target: Move cmd counter allocation (Mike Christie) [Orabug: 34136927]
- scsi: target: Move sess cmd counter to new struct (Mike Christie) [Orabug: 34136927]
- kernfs: change kernfs_rename_lock into a read-write lock. (Imran Khan) [Orabug: 35257585]
- kernfs: Use a per-fs rwsem to protect per-fs list of kernfs_super_info. (Imran Khan) [Orabug: 35257585]
- kernfs: Introduce separate rwsem to protect inode attributes. (Imran Khan) [Orabug: 35257585]
- debugfs: allow access blktrace trace files in lockdown mode (Junxiao Bi) [Orabug: 35262590]
- rds: Add time_spent and payload info for send_cqe handler (Rohit Nair) [Orabug: 35302535]
- netfilter: nf_tables: deactivate anonymous set from preparation phase (Pablo Neira Ayuso) [Orabug: 35382084] {CVE-2023-32233}
- SUNRPC: remove the maximum number of retries in call_bind_status (Dai Ngo) [Orabug: 35397526]
- net/rds: Fix copy&paste error (Gerd Rausch) [Orabug: 35416948]
- rds: Fix incorrect error pointer reference (William Kucharski) [Orabug: 35315450]
[5.4.17-2136.320.5.el7]
- vdpa/mlx5: Extend driver support for new features (Eli Cohen) [Orabug: 35210546]
- vdpa/mlx5: Make VIRTIO_NET_F_MRG_RXBUF off by default (Eli Cohen) [Orabug: 35210546]
- vdpa_sim: set last_used_idx as last_avail_idx in vdpasim_queue_ready (Eugenio Perez) [Orabug: 35210546]
- vhost-vdpa: free iommu domain after last use during cleanup (Gautam Dawar) [Orabug: 35210546]
- vdpa/mlx5: should not activate virtq object when suspended (Si-Wei Liu) [Orabug: 35210546]
- vp_vdpa: fix the crash in hot unplug with vp_vdpa (Cindy Lu) [Orabug: 35210546]
- vdpa/mlx5: support device features provisioning (Si-Wei Liu) [Orabug: 35210546]
- vdpa/mlx5: make MTU/STATUS presence conditional on feature bits (Si-Wei Liu) [Orabug: 35210546]
- vdpa: validate device feature provisioning against supported class (Si-Wei Liu) [Orabug: 35210546]
- vdpa: validate provisioned device features against specified attribute (Si-Wei Liu) [Orabug: 35210546]
- vdpa: conditionally read STATUS in config space (Si-Wei Liu) [Orabug: 35210546]
- vdpa: fix improper error message when adding vdpa dev (Si-Wei Liu) [Orabug: 35210546]
- vdpa/mlx5: Initialize CVQ iotlb spinlock (Eli Cohen) [Orabug: 35210546]
- vdpa/mlx5: Don't clear mr struct on destroy MR (Eli Cohen) [Orabug: 35210546]
- vdpa/mlx5: Directly assign memory key (Eli Cohen) [Orabug: 35210546]
- vhost-vdpa: print warning when vhost_vdpa_alloc_domain fails (Alvaro Karsz) [Orabug: 35210546]
- vdpa: Fix a couple of spelling mistakes in some messages (Colin Ian King) [Orabug: 35210546]
- vdpa: mlx5: support per virtqueue dma device (Jason Wang) [Orabug: 35210546]
- vdpa: set dma mask for vDPA device (Jason Wang) [Orabug: 35210546]
- virtio-vdpa: support per vq dma device (Jason Wang) [Orabug: 35210546]
- vdpa: introduce get_vq_dma_device() (Jason Wang) [Orabug: 35210546]
- virtio_ring: per virtqueue dma device (Jason Wang) [Orabug: 35210546]
- vdpa_sim: get rid of DMA ops (Jason Wang) [Orabug: 35210546]
- vdpa_sim_net: vendor satistics (Jason Wang) [Orabug: 35210546]
- vdpa_sim: support vendor statistics (Jason Wang) [Orabug: 35210546]
- vdpasim: customize allocation size (Jason Wang) [Orabug: 35210546]
- vdpa_sim: switch to use __vdpa_alloc_device() (Jason Wang) [Orabug: 35210546]
- vdpa_sim: use weak barriers (Jason Wang) [Orabug: 35210546]
- vdpa_sim: Implement resume vdpa op (Sebastien Boeuf) [Orabug: 35210546]
- vhost-vdpa: uAPI to resume the device (Sebastien Boeuf) [Orabug: 35210546]
- vhost-vdpa: Introduce RESUME backend feature bit (Sebastien Boeuf) [Orabug: 35210546]
- vdpa: Add resume operation (Sebastien Boeuf) [Orabug: 35210546]
- vdpa_sim_net: Offer VIRTIO_NET_F_STATUS (Eugenio Perez) [Orabug: 35210546]
- vdpa/mlx5: Move some definitions to a new header file (Eli Cohen) [Orabug: 35210546]
- vdpa_sim: not reset state in vdpasim_queue_ready (Eugenio Perez) [Orabug: 35210546]
- vdpa_sim_net: should not drop the multicast/broadcast packet (Cindy Lu) [Orabug: 35210546]
- vdpasim: fix memory leak when freeing IOTLBs (Jason Wang) [Orabug: 35210546]
- vdpa: conditionally fill max max queue pair for stats (Jason Wang) [Orabug: 35210546]
- vdpa/vp_vdpa: fix kfree a wrong pointer in vp_vdpa_remove (Rong Wang) [Orabug: 35210546]
- vhost_vdpa: fix the crash in unmap a large memory (Cindy Lu) [Orabug: 35210546]
- vdpa_sim: fix vringh initialization in vdpasim_queue_ready() (Stefano Garzarella) [Orabug: 35210546]
- vhost-vdpa: fix an iotlb memory leak (Stefano Garzarella) [Orabug: 35210546]
- vringh: fix range used in iotlb_translate() (Stefano Garzarella) [Orabug: 35210546]
- vdpa_sim: fix possible memory leak in vdpasim_net_init() and vdpasim_blk_init() (ruanjinjie) [Orabug: 35210546]
- RDMA/mlx5: remove variable i (Colin Ian King) [Orabug: 35210546]
- vdpa/mlx5: Avoid overwriting CVQ iotlb (Eli Cohen) [Orabug: 35210546]
- vdpa/mlx5: Avoid using reslock in event_handler (Eli Cohen) [Orabug: 35210546]
- vdpa/mlx5: Fix wrong mac address deletion (Eli Cohen) [Orabug: 35210546]
- vdpa/mlx5: Return error on vlan ctrl commands if not supported (Eli Cohen) [Orabug: 35210546]
- vdpa/mlx5: Fix rule forwarding VLAN to TIR (Eli Cohen) [Orabug: 35210546]
- vdpa: merge functionally duplicated dev_features attributes (Si-Wei Liu) [Orabug: 35210546]
- vDPA: conditionally read MTU and MAC in dev cfg space (Zhu Lingshan) [Orabug: 35210546]
- vDPA: fix spars cast warning in vdpa_dev_net_mq_config_fill (Zhu Lingshan) [Orabug: 35210546]
- vDPA: check virtio device features to detect MQ (Zhu Lingshan) [Orabug: 35210546]
- vDPA: check VIRTIO_NET_F_RSS for max_virtqueue_paris's presence (Zhu Lingshan) [Orabug: 35210546]
- vDPA: only report driver features if FEATURES_OK is set (Zhu Lingshan) [Orabug: 35210546]
- vDPA: allow userspace to query features of a vDPA device (Zhu Lingshan) [Orabug: 35210546]
- vp_vdpa: support feature provisioning (Jason Wang) [Orabug: 35210546]
- vdpa_sim_net: support feature provisioning (Jason Wang) [Orabug: 35210546]
- vdpa: device feature provisioning (Jason Wang) [Orabug: 35210546]
- virtio: drop vp_legacy_set_queue_size (Michael S. Tsirkin) [Orabug: 35210546]
- vdpa/mlx5: Fix MQ to support non power of two num queues (Eli Cohen) [Orabug: 35210546]
- vdpa/mlx5: Fix possible uninitialized return value (Eli Cohen) [Orabug: 35210546]
- vdpa/mlx5: Support different address spaces for control and data (Eli Cohen) [Orabug: 35210546]
- vdpa/mlx5: Implement susupend virtqueue callback (Eli Cohen) [Orabug: 35210546]
- vdpa/mlx5: Use eth_broadcast_addr() to assign broadcast address (Xu Qiang) [Orabug: 35210546]
- vdpa_sim: Implement suspend vdpa op (Eugenio Perez) [Orabug: 35210546]
- vhost-vdpa: uAPI to suspend the device (Eugenio Perez) [Orabug: 35210546]
- vhost-vdpa: introduce SUSPEND backend feature bit (Eugenio Perez) [Orabug: 35210546]
- vdpa: Add suspend operation (Eugenio Perez) [Orabug: 35210546]
- vhost-vdpa: Call ida_simple_remove() when failed (Bo Liu) [Orabug: 35210546]
- vDPA: fix 'cast to restricted le16' warnings in vdpa.c (Zhu Lingshan) [Orabug: 35210546]
- vDPA: !FEATURES_OK should not block querying device config space (Zhu Lingshan) [Orabug: 35210546]
- vdpa_sim: use max_iotlb_entries as a limit in vhost_iotlb_init (Stefano Garzarella) [Orabug: 35210546]
- vringh: iterate on iotlb_translate to handle large translations (Stefano Garzarella) [Orabug: 35210546]
- vhost-vdpa: call vhost_vdpa_cleanup during the release (Stefano Garzarella) [Orabug: 35210546]
- vdpa/mlx5: Initialize CVQ vringh only once (Eli Cohen) [Orabug: 35210546]
- vdpa/mlx5: Update Control VQ callback information (Eli Cohen) [Orabug: 35210546]
- vdpa/mlx5: Add RX MAC VLAN filter support (Eli Cohen) [Orabug: 35210546]
- vdpa/mlx5: Remove flow counter from steering (Eli Cohen) [Orabug: 35210546]
- vhost-vdpa: return -EFAULT on copy_to_user() failure (Dan Carpenter) [Orabug: 35210546]
- vdpasim: Off by one in vdpasim_set_group_asid() (Dan Carpenter) [Orabug: 35210546]
- vdpasim: allow to enable a vq repeatedly (Eugenio Perez) [Orabug: 35210546]
- vdpa/vp_vdpa : add vdpa tool support in vp_vdpa (Cindy Lu) [Orabug: 35210546]
- virtio: pci: Fix an error handling path in vp_modern_probe() (Christophe JAILLET) [Orabug: 35210546]
- vdpasim: control virtqueue support (Gautam Dawar) [Orabug: 35210546]
- vdpa_sim: filter destination mac address (Gautam Dawar) [Orabug: 35210546]
- vdpa_sim: factor out buffer completion logic (Gautam Dawar) [Orabug: 35210546]
- vdpa_sim: advertise VIRTIO_NET_F_MTU (Gautam Dawar) [Orabug: 35210546]
- vhost-vdpa: support ASID based IOTLB API (Gautam Dawar) [Orabug: 35210546]
- vhost-vdpa: introduce uAPI to set group ASID (Gautam Dawar) [Orabug: 35210546]
- vhost-vdpa: uAPI to get virtqueue group id (Gautam Dawar) [Orabug: 35210546]
- vhost-vdpa: introduce uAPI to get the number of address spaces (Gautam Dawar) [Orabug: 35210546]
- vhost-vdpa: introduce uAPI to get the number of virtqueue groups (Gautam Dawar) [Orabug: 35210546]
- vhost-vdpa: introduce asid based IOTLB (Gautam Dawar) [Orabug: 35210546]
- vhost: support ASID in IOTLB API (Gautam Dawar) [Orabug: 35210546]
- vhost_iotlb: split out IOTLB initialization (Gautam Dawar) [Orabug: 35210546]
- vdpa: introduce config operations for associating ASID to a virtqueue group (Gautam Dawar) [Orabug: 35210546]
- vdpa: multiple address spaces support (Gautam Dawar) [Orabug: 35210546]
- vdpa: introduce virtqueue groups (Gautam Dawar) [Orabug: 35210546]
- vhost-vdpa: switch to use vhost-vdpa specific IOTLB (Gautam Dawar) [Orabug: 35210546]
- vhost-vdpa: passing iotlb to IOMMU mapping helpers (Gautam Dawar) [Orabug: 35210546]
- virtio-vdpa: don't set callback if virtio doesn't need it (Gautam Dawar) [Orabug: 35210546]
- vhost: move the backend feature bits to vhost_types.h (Gautam Dawar) [Orabug: 35210546]
- vdpa/mlx5: Use readers/writers semaphore instead of mutex (Eli Cohen) [Orabug: 35210546]
- vdpa/mlx5: Add support for reading descriptor statistics (Eli Cohen) [Orabug: 35210546]
- net/vdpa: Use readers/writers semaphore instead of cf_mutex (Eli Cohen) [Orabug: 35210546]
- net/vdpa: Use readers/writers semaphore instead of vdpa_dev_mutex (Eli Cohen) [Orabug: 35210546]
- vdpa: Add support for querying vendor statistics (Eli Cohen) [Orabug: 35210546]
- vdpa: Fix error logic in vdpa_nl_cmd_dev_get_doit (Eli Cohen) [Orabug: 35210546]
- net/mlx5: Support enable_vnet devlink dev param (Parav Pandit) [Orabug: 35210546]
- net/mlx5: Support enable_rdma devlink dev param (Parav Pandit) [Orabug: 35210546]
- net/mlx5: Support enable_eth devlink dev param (Parav Pandit) [Orabug: 35210546]
- net/mlx5: Fix unpublish devlink parameters (Parav Pandit) [Orabug: 35210546]
- devlink: Add APIs to publish, unpublish individual parameter (Parav Pandit) [Orabug: 35210546]
- devlink: Add API to register and unregister single parameter (Parav Pandit) [Orabug: 35210546]
- devlink: Create a helper function for one parameter registration (Parav Pandit) [Orabug: 35210546]
- devlink: Add new 'enable_vnet' generic device param (Parav Pandit) [Orabug: 35210546]
- devlink: Add new 'enable_rdma' generic device param (Parav Pandit) [Orabug: 35210546]
- devlink: Add new 'enable_eth' generic device param (Parav Pandit) [Orabug: 35210546]
- virtio-net: Introduce hash report feature (Yuri Benditovich) [Orabug: 35210546]
- virtio-net: Introduce RSS receive steering feature (Yuri Benditovich) [Orabug: 35210546]
- virtio-net: Introduce extended RSC feature (Yuri Benditovich) [Orabug: 35210546]
- kprobes: Free kretprobe_instance with RCU callback (Masami Hiramatsu) [Orabug: 35333569]
- kprobes: Remove NMI context check (Masami Hiramatsu) [Orabug: 35333569]
- sparc: kprobes: Use generic kretprobe trampoline handler (Masami Hiramatsu) [Orabug: 35333569]
- sh: kprobes: Use generic kretprobe trampoline handler (Masami Hiramatsu) [Orabug: 35333569]
- s390: kprobes: Use generic kretprobe trampoline handler (Masami Hiramatsu) [Orabug: 35333569]
- powerpc: kprobes: Use generic kretprobe trampoline handler (Masami Hiramatsu) [Orabug: 35333569]
- parisc: kprobes: Use generic kretprobe trampoline handler (Masami Hiramatsu) [Orabug: 35333569]
- mips: kprobes: Use generic kretprobe trampoline handler (Masami Hiramatsu) [Orabug: 35333569]
- arm64: kprobes: Use generic kretprobe trampoline handler (Masami Hiramatsu) [Orabug: 35333569]
- arm: kprobes: Use generic kretprobe trampoline handler (Masami Hiramatsu) [Orabug: 35333569]
- x86/kprobes: Use generic kretprobe trampoline handler (Masami Hiramatsu) [Orabug: 35333569]
- kprobes: Add generic kretprobe trampoline handler (Masami Hiramatsu) [Orabug: 35333569]
- uek-rpm: Install dtb files under /lib/modules (Dave Kleikamp) [Orabug: 35338877]
- Revert 'rds: ib: Fix non-parenthetical mutex/semaphore use' (Hakon Bugge) [Orabug: 35377400]
- net: rtnetlink: add linkprop commands to add and delete alternative ifnames (Samasth Norway Ananda) [Orabug: 33664332]
- rds: slight code cleanup of RDS checksum code (William Kucharski) [Orabug: 35262486] [Orabug: 35262487]
- uek-rds: Add csum to protect bcopy payload end-to-end (William Kucharski) [Orabug: 33579925] [Orabug: 35206620]
- Revert 'scsi: megaraid_sas: Skip syncing the RAID map on older controllers' (Sherry Yang) [Orabug: 35285969]
- uek-rpm: aarch64: embedded: Disable MARVELL_FWLOG (Henry Willard) [Orabug: 35369953]
- iommu/vt-d: Simplify check in identity_mapping() (Joerg Roedel) [Orabug: 35379426]
- iommu/vt-d: Remove deferred_attach_domain() (Joerg Roedel) [Orabug: 35379426]
- iommu/vt-d: Do deferred attachment in iommu_need_mapping() (Joerg Roedel) [Orabug: 35379426]
- iommu/vt-d: Move deferred device attachment into helper function (Joerg Roedel) [Orabug: 35379426]
- iommu/vt-d: Add attach_deferred() helper (Joerg Roedel) [Orabug: 35379426]
- iommu/vt-d: Refactor find_domain() helper (Lu Baolu) [Orabug: 35379426]
- Revert 'cgroup/cpuset: Enable update_tasks_cpumask() on top_cpuset' (Tom Hromatka) [Orabug: 35365180]
[5.4.17-2136.320.4.el7]
- LTS tag: v5.4.242 (Sherry Yang)
- ASN.1: Fix check for strdup() success (Ekaterina Orlova)
- iio: adc: at91-sama5d2_adc: fix an error code in at91_adc_allocate_trigger() (Dan Carpenter)
- pwm: meson: Explicitly set .polarity in .get_state() (Uwe Kleine-Konig)
- xfs: fix forkoff miscalculation related to XFS_LITINO(mp) (Gao Xiang)
- sctp: Call inet6_destroy_sock() via sk->sk_destruct(). (Kuniyuki Iwashima)
- dccp: Call inet6_destroy_sock() via sk->sk_destruct(). (Kuniyuki Iwashima)
- inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy(). (Kuniyuki Iwashima)
- tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct(). (Kuniyuki Iwashima)
- udp: Call inet6_destroy_sock() in setsockopt(IPV6_ADDRFORM). (Kuniyuki Iwashima)
- ext4: remove duplicate definition of ext4_xattr_ibody_inline_set() (Ritesh Harjani)
- Revert 'ext4: fix use-after-free in ext4_xattr_set_entry' (Tudor Ambarus)
- x86/purgatory: Don't generate debug info for purgatory.ro (Pingfan Liu)
- MIPS: Define RUNTIME_DISCARD_EXIT in LD script (Jiaxun Yang)
- mmc: sdhci_am654: Set HIGH_SPEED_ENA for SDR12 and SDR25 (Bhavya Kapoor)
- memstick: fix memory leak if card device is never registered (Greg Kroah-Hartman)
- nilfs2: initialize unused bytes in segment summary blocks (Ryusuke Konishi)
- iio: light: tsl2772: fix reading proximity-diodes from device tree (Brian Masney)
- xen/netback: use same error messages for same errors (Juergen Gross)
- nvme-tcp: fix a possible UAF when failing to allocate an io queue (Sagi Grimberg)
- s390/ptrace: fix PTRACE_GET_LAST_BREAK error handling (Heiko Carstens)
- net: dsa: b53: mmap: add phy ops (Alvaro Fernandez Rojas)
- scsi: core: Improve scsi_vpd_inquiry() checks (Damien Le Moal)
- scsi: megaraid_sas: Fix fw_crash_buffer_show() (Tomas Henzl)
- selftests: sigaltstack: fix -Wuninitialized (Nick Desaulniers)
- Input: i8042 - add quirk for Fujitsu Lifebook A574/H (Jonathan Denose)
- f2fs: Fix f2fs_truncate_partial_nodes ftrace event (Douglas Raillard)
- e1000e: Disable TSO on i219-LM card to increase speed (Sebastian Basierski)
- bpf: Fix incorrect verifier pruning due to missing register precision taints (Daniel Borkmann)
- mlxfw: fix null-ptr-deref in mlxfw_mfa2_tlv_next() (Nikita Zhandarovich)
- i40e: fix i40e_setup_misc_vector() error handling (Aleksandr Loktionov)
- i40e: fix accessing vsi->active_filters without holding lock (Aleksandr Loktionov)
- netfilter: nf_tables: fix ifdef to also consider nf_tables=m (Florian Westphal)
- virtio_net: bugfix overflow inside xdp_linearize_page() (Xuan Zhuo)
- net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg (Gwangun Jung)
- regulator: fan53555: Explicitly include bits header (Cristian Ciocaltea)
- netfilter: br_netfilter: fix recent physdev match breakage (Florian Westphal)
- arm64: dts: meson-g12-common: specify full DMC range (Marc Gonzalez)
- ARM: dts: rockchip: fix a typo error for rk3288 spdif node (Jianqun Xu)
- LTS tag: v5.4.241 (Sherry Yang)
- xfs: force log and push AIL to clear pinned inodes when aborting mount (Darrick J. Wong)
- xfs: consider shutdown in bmapbt cursor delete assert (Brian Foster)
- xfs: shut down the filesystem if we screw up quota reservation (Darrick J. Wong)
- xfs: report corruption only as a regular error (Darrick J. Wong)
- xfs: set inode size after creating symlink (Jeffrey Mitchell)
- xfs: fix up non-directory creation in SGID directories (Christoph Hellwig)
- xfs: remove the di_version field from struct icdinode (Christoph Hellwig)
- xfs: simplify a check in xfs_ioctl_setattr_check_cowextsize (Christoph Hellwig)
- xfs: simplify di_flags2 inheritance in xfs_ialloc (Christoph Hellwig)
- xfs: only check the superblock version for dinode size calculation (Christoph Hellwig)
- xfs: add a new xfs_sb_version_has_v3inode helper (Christoph Hellwig)
- xfs: remove the kuid/kgid conversion wrappers (Christoph Hellwig)
- xfs: remove the icdinode di_uid/di_gid members (Christoph Hellwig)
- xfs: ensure that the inode uid/gid match values match the icdinode ones (Christoph Hellwig)
- xfs: merge the projid fields in struct xfs_icdinode (Christoph Hellwig)
- coresight-etm4: Fix for() loop drvdata->nr_addr_cmp range bug (Steve Clevenger)
- watchdog: sbsa_wdog: Make sure the timeout programming is within the limits (George Cherian)
- i2c: ocores: generate stop condition after timeout in polling mode (Gregor Herburger)
- ubi: Fix deadlock caused by recursively holding work_sem (ZhaoLong Wang)
- mtd: ubi: wl: Fix a couple of kernel-doc issues (Lee Jones)
- asymmetric_keys: log on fatal failures in PE/pkcs7 (Robbie Harwood)
- verify_pefile: relax wrapper length check (Robbie Harwood)
- drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Book X90F (Hans de Goede)
- efi: sysfb_efi: Add quirk for Lenovo Yoga Book X91F/L (Hans de Goede)
- i2c: imx-lpi2c: clean rx/tx buffers upon new message (Alexander Stein)
- power: supply: cros_usbpd: reclassify 'default case!' as debug (Grant Grundler)
- net: macb: fix a memory corruption in extended buffer descriptor mode (Roman Gushchin)
- udp6: fix potential access to stale information (Eric Dumazet)
- RDMA/core: Fix GID entry ref leak when create_ah fails (Saravanan Vajravel)
- sctp: fix a potential overflow in sctp_ifwdtsn_skip (Xin Long)
- qlcnic: check pci_reset_function result (Denis Plotnikov)
- niu: Fix missing unwind goto in niu_alloc_channels() (Harshit Mogalapalli)
- 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition (Zheng Wang)
- mtd: rawnand: stm32_fmc2: remove unsupported EDO mode (Christophe Kerello)
- mtd: rawnand: meson: fix bitmask for length in command word (Arseniy Krasnov)
- mtdblock: tolerate corrected bit-flips (Bang Li)
- btrfs: fix fast csum implementation detection (Christoph Hellwig)
- btrfs: print checksum type and implementation at mount time (David Sterba)
- Bluetooth: Fix race condition in hidp_session_thread (Min Li)
- Bluetooth: L2CAP: Fix use-after-free in l2cap_disconnect_{req,rsp} (Luiz Augusto von Dentz)
- ALSA: hda/sigmatel: fix S/PDIF out on Intel D*45* motherboards (Oswald Buddenhagen)
- ALSA: firewire-tascam: add missing unwind goto in snd_tscm_stream_start_duplex() (Xu Biang)
- ALSA: i2c/cs8427: fix iec958 mixer control deactivation (Oswald Buddenhagen)
- ALSA: hda/sigmatel: add pin overrides for Intel DP45SG motherboard (Oswald Buddenhagen)
- ALSA: emu10k1: fix capture interrupt handler unlinking (Oswald Buddenhagen)
- Revert 'pinctrl: amd: Disable and mask interrupts on resume' (Kornel Duleba)
- irqdomain: Fix mapping-creation race (Johan Hovold)
- irqdomain: Refactor __irq_domain_alloc_irqs() (Johan Hovold)
- irqdomain: Look for existing mapping only once (Johan Hovold)
- mm/swap: fix swap_info_struct race between swapoff and get_swap_pages() (Rongwei Wang)
- ring-buffer: Fix race while reader and writer are on the same page (Zheng Yejian)
- drm/panfrost: Fix the panfrost_mmu_map_fault_addr() error path (Boris Brezillon)
- tracing: Free error logs of tracing instances (Steven Rostedt (Google))
- can: j1939: j1939_tp_tx_dat_new(): fix out-of-bounds memory access (Oleksij Rempel)
- ftrace: Mark get_lock_parent_ip() __always_inline (John Keeping)
- perf/core: Fix the same task check in perf_event_set_output (Kan Liang)
- ALSA: hda/realtek: Add quirk for Clevo X370SNW (Jeremy Soller)
- nilfs2: fix sysfs interface lifetime (Ryusuke Konishi)
- nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread() (Ryusuke Konishi)
- tty: serial: fsl_lpuart: avoid checking for transfer complete when UARTCTRL_SBK is asserted in lpuart32_tx_empty (Sherry Sun)
- tty: serial: sh-sci: Fix Rx on RZ/G2L SCI (Biju Das)
- tty: serial: sh-sci: Fix transmit end interrupt handler (Biju Das)
- iio: dac: cio-dac: Fix max DAC write value check for 12-bit (William Breathitt Gray)
- iio: adc: ti-ads7950: Set can_sleep flag for GPIO chip (Lars-Peter Clausen)
- USB: serial: option: add Quectel RM500U-CN modem (Bj?rn Mork)
- USB: serial: option: add Telit FE990 compositions (Enrico Sau)
- usb: typec: altmodes/displayport: Fix configure initial pin assignment (RD Babiera)
- USB: serial: cp210x: add Silicon Labs IFS-USB-DATACABLE IDs (Kees Jan Koster)
- xhci: also avoid the XHCI_ZERO_64B_REGS quirk with a passthrough iommu (D Scott Phillips)
- NFSD: callback request does not use correct credential for AUTH_SYS (Dai Ngo)
- sunrpc: only free unix grouplist after RCU settles (Jeff Layton)
- gpio: davinci: Add irq chip flag to skip set wake (Dhruva Gole)
- ipv6: Fix an uninit variable access bug in __ip6_make_skb() (Ziyang Xuan)
- sctp: check send stream number after wait_for_sndbuf (Xin Long)
- net: don't let netpoll invoke NAPI if in xmit context (Jakub Kicinski)
- icmp: guard against too small mtu (Eric Dumazet)
- wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta (Felix Fietkau)
- pwm: sprd: Explicitly set .polarity in .get_state() (Uwe Kleine-Konig)
- pwm: cros-ec: Explicitly set .polarity in .get_state() (Uwe Kleine-Konig)
- pinctrl: amd: disable and mask interrupts on probe (Sachi King)
- pinctrl: amd: Use irqchip template (Linus Walleij)
- smb3: fix problem with null cifs super block with previous patch (Steve French)
- treewide: Replace DECLARE_TASKLET() with DECLARE_TASKLET_OLD() (Kees Cook)
- Revert 'treewide: Replace DECLARE_TASKLET() with DECLARE_TASKLET_OLD()' (Tom Saeger)
- cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach() (Waiman Long)
- x86/PCI: Add quirk for AMD XHCI controller that loses MSI-X state in D3hot (Basavaraj Natikar)
- ubi: Fix failure attaching when vid_hdr offset equals to (sub)page size (Zhihao Cheng)
- net_sched: prevent NULL dereference if default qdisc setup failed (Pratyush Yadav)
- scsi: ses: Handle enclosure with just a primary component gracefully (Jiri Kosina)
- LTS tag: v5.4.240 (Sherry Yang)
- gfs2: Always check inode size of inline inodes (Andreas Gruenbacher)
- firmware: arm_scmi: Fix device node validation for mailbox transport (Cristian Marussi)
- net: sched: fix race condition in qdisc_graft() (Eric Dumazet)
- net_sched: add __rcu annotation to netdev->qdisc (Eric Dumazet)
- ext4: fix kernel BUG in 'ext4_write_inline_data_end()' (Ye Bin)
- btrfs: scan device in non-exclusive mode (Anand Jain)
- s390/uaccess: add missing earlyclobber annotations to __clear_user() (Heiko Carstens)
- drm/etnaviv: fix reference leak when mmaping imported buffer (Lucas Stach)
- ALSA: usb-audio: Fix regression on detection of Roland VS-100 (Takashi Iwai)
- ALSA: hda/conexant: Partial revert of a quirk for Lenovo (Takashi Iwai)
- NFSv4: Fix hangs when recovering open state after a server reboot (Trond Myklebust)
- pinctrl: at91-pio4: fix domain name assignment (Johan Hovold)
- xen/netback: don't do grant copy across page boundary (Juergen Gross)
- Input: goodix - add Lenovo Yoga Book X90F to nine_bytes_report DMI table (Hans de Goede)
- cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL (David Disseldorp)
- cifs: prevent infinite recursion in CIFSGetDFSRefer() (Paulo Alcantara)
- Input: focaltech - use explicitly signed char type (Jason A. Donenfeld)
- Input: alps - fix compatibility with -funsigned-char (msizanoen)
- pinctrl: ocelot: Fix alt mode for ocelot (Horatiu Vultur)
- net: mvneta: make tx buffer array agnostic (Lorenzo Bianconi)
- net: dsa: mv88e6xxx: Enable IGMP snooping on user ports only (Steffen Batz)
- bnxt_en: Fix typo in PCI id to device description string mapping (Kalesh AP)
- i40e: fix registers dump after run ethtool adapter self test (Radoslaw Tyl)
- s390/vfio-ap: fix memory leak in vfio_ap device driver (Tony Krowiak)
- can: bcm: bcm_tx_setup(): fix KMSAN uninit-value in vfs_write (Ivan Orlov)
- net/net_failover: fix txq exceeding warning (Faicker Mo)
- regulator: Handle deferred clk (Christophe JAILLET)
- regulator: fix spelling mistake 'Cant' -> 'Can't' (Colin Ian King)
- ptp_qoriq: fix memory leak in probe() (SongJingyi)
- scsi: megaraid_sas: Fix crash after a double completion (Tomas Henzl)
- mtd: rawnand: meson: invalidate cache on polling ECC bit (Arseniy Krasnov)
- mips: bmips: BCM6358: disable RAC flush for TP1 (Alvaro Fernandez Rojas)
- dma-mapping: drop the dev argument to arch_sync_dma_for_* (Christoph Hellwig)
- ca8210: Fix unsigned mac_len comparison with zero in ca8210_skb_tx() (Harshit Mogalapalli)
- fbdev: au1200fb: Fix potential divide by zero (Wei Chen)
- fbdev: lxfb: Fix potential divide by zero (Wei Chen)
- fbdev: intelfb: Fix potential divide by zero (Wei Chen)
- fbdev: nvidia: Fix potential divide by zero (Wei Chen)
- sched_getaffinity: don't assume 'cpumask_size()' is fully initialized (Linus Torvalds)
- fbdev: tgafb: Fix potential divide by zero (Wei Chen)
- ALSA: hda/ca0132: fixup buffer overrun at tuning_ctl_set() (Kuninori Morimoto)
- ALSA: asihpi: check pao in control_message() (Kuninori Morimoto)
- md: avoid signed overflow in slot_store() (NeilBrown)
- bus: imx-weim: fix branch condition evaluates to a garbage value (Ivan Bornyakov)
- fsverity: don't drop pagecache at end of FS_IOC_ENABLE_VERITY (Eric Biggers)
- ocfs2: fix data corruption after failed write (Jan Kara via Ocfs2-devel)
- tun: avoid double free in tun_free_netdev (George Kennedy)
- sched/fair: Sanitize vruntime of entity being migrated (Vincent Guittot)
- sched/fair: sanitize vruntime of entity being placed (Zhang Qiao)
- dm crypt: add cond_resched() to dmcrypt_write() (Mikulas Patocka)
- dm stats: check for and propagate alloc_percpu failure (Jiasheng Jiang)
- i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() (Wei Chen)
- nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy() (Ryusuke Konishi)
- wifi: mac80211: fix qos on mesh interfaces (Felix Fietkau)
- usb: chipidea: core: fix possible concurrent when switch role (Xu Yang)
- usb: chipdea: core: fix return -EINVAL if request role is the same with current role (Xu Yang)
- usb: cdns3: Fix issue with using incorrect PCI device function (Pawel Laszczak)
- dm thin: fix deadlock when swapping to thin device (Coly Li)
- igb: revert rtnl_lock() that causes deadlock (Lin Ma)
- fsverity: Remove WQ_UNBOUND from fsverity read workqueue (Nathan Huckleberry)
- usb: gadget: u_audio: don't let userspace block driver unbind (Alvin Sipraga)
- scsi: core: Add BLIST_SKIP_VPD_PAGES for SKhynix H28U74301AMR (Joel Selvaraj)
- cifs: empty interface list when server doesn't support query interfaces (Shyam Prasad N)
- sh: sanitize the flags on sigreturn (Al Viro)
- net: usb: qmi_wwan: add Telit 0x1080 composition (Enrico Sau)
- net: usb: cdc_mbim: avoid altsetting toggling for Telit FE990 (Enrico Sau)
- scsi: lpfc: Avoid usage of list iterator variable after loop (Jakob Koschel)
- scsi: ufs: core: Add soft dependency on governor_simpleondemand (Adrien Thierry)
- scsi: target: iscsi: Fix an error message in iscsi_check_key() (Maurizio Lombardi)
- selftests/bpf: check that modifier resolves after pointer (Lorenz Bauer)
- m68k: Only force 030 bus error if PC not in exception table (Michael Schmitz)
- ca8210: fix mac_len negative array access (Alexander Aring)
- riscv: Bump COMMAND_LINE_SIZE value to 1024 (Alexandre Ghiti)
- thunderbolt: Use const qualifier for ring_interrupt_index (Mario Limonciello)
- uas: Add US_FL_NO_REPORT_OPCODES for JMicron JMS583Gen 2 (Yaroslav Furman)
- scsi: qla2xxx: Perform lockless command completion in abort path (Nilesh Javali)
- hwmon (it87): Fix voltage scaling for chips with 10.9mV ADCs (Frank Crawford)
- platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl (Tzung-Bi Shih)
- Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work (Zheng Wang)
- Bluetooth: btqcomsmd: Fix command timeout after setting BD address (Stephan Gerhold)
- net: mdio: thunder: Add missing fwnode_handle_put() (Liang He)
- hvc/xen: prevent concurrent accesses to the shared ring (Roger Pau Monne)
- nvme-tcp: fix nvme_tcp_term_pdu to match spec (Caleb Sander)
- net/sonic: use dma_mapping_error() for error check (Zhang Changzhong)
- erspan: do not use skb_mac_header() in ndo_start_xmit() (Eric Dumazet)
- atm: idt77252: fix kmemleak when rmmod idt77252 (Li Zetao)
- net/mlx5: Read the TC mapping of all priorities on ETS query (Maher Sanalla)
- bpf: Adjust insufficient default bpf_jit_limit (Daniel Borkmann)
- keys: Do not cache key in task struct if key is requested from kernel thread (David Howells)
- net/ps3_gelic_net: Use dma_mapping_error (Geoff Levand)
- net/ps3_gelic_net: Fix RX sk_buff length (Geoff Levand)
- net: qcom/emac: Fix use after free bug in emac_remove due to race condition (Zheng Wang)
- xirc2ps_cs: Fix use after free bug in xirc2ps_detach (Zheng Wang)
- qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info (Daniil Tatianin)
- net: usb: smsc95xx: Limit packet length to skb->len (Szymon Heidrich)
- scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate() (Yu Kuai)
- i2c: imx-lpi2c: check only for enabled interrupt flags (Alexander Stein)
- igbvf: Regard vf reset nack as success (Akihiko Odaki)
- intel/igbvf: free irq on the error path in igbvf_request_msix() (Gaosheng Cui)
- iavf: fix non-tunneled IPv6 UDP packet type and hashing (Alexander Lobakin)
- iavf: fix inverted Rx hash condition leading to disabled hash (Alexander Lobakin)
- power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition (Zheng Wang)
- net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() (Hangyu Hua)
- LTS tag: v5.4.239 (Sherry Yang)
- selftests: Fix the executable permissions for fib_tests.sh (Rishabh Bhatnagar)
- LTS tag: v5.4.238 (Sherry Yang)
- HID: uhid: Over-ride the default maximum data buffer value with our own (Lee Jones)
- HID: core: Provide new max_buffer_size attribute to over-ride the default (Lee Jones)
- PCI: Unify delay handling for reset and resume (Lukas Wunner)
- s390/ipl: add missing intersection check to ipl_report handling (Sven Schnelle)
- serial: 8250_em: Fix UART port type (Biju Das)
- drm/i915: Don't use stolen memory for ring buffers with LLC (John Harrison)
- x86/mm: Fix use of uninitialized buffer in sme_enable() (Nikita Zhandarovich)
- fbdev: stifb: Provide valid pixelclock and add fb_check_var() checks (Helge Deller)
- ftrace: Fix invalid address access in lookup_rec() when index is 0 (Chen Zhongjin)
- tracing: Make tracepoint lockdep check actually test something (Steven Rostedt (Google))
- tracing: Check field value in hist_field_name() (Steven Rostedt (Google))
- interconnect: fix mem leak when freeing nodes (Johan Hovold)
- tty: serial: fsl_lpuart: skip waiting for transmission complete when UARTCTRL_SBK is asserted (Sherry Sun)
- ext4: fix possible double unlock when moving a directory (Theodore Ts'o)
- sh: intc: Avoid spurious sizeof-pointer-div warning (Michael Karcher)
- drm/amdkfd: Fix an illegal memory access (Qu Huang)
- ext4: fix task hung in ext4_xattr_delete_inode (Baokun Li)
- ext4: fail ext4_iget if special inode unallocated (Baokun Li)
- jffs2: correct logic when creating a hole in jffs2_write_begin (Yifei Liu)
- mmc: atmel-mci: fix race between stop command and start of next command (Tobias Schramm)
- media: m5mols: fix off-by-one loop termination error (Linus Torvalds)
- hwmon: (ina3221) return prober error code (Marcus Folkesson)
- hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition (Zheng Wang)
- hwmon: (adt7475) Fix masking of hysteresis registers (Tony O'Brien)
- hwmon: (adt7475) Display smoothing attributes in correct order (Tony O'Brien)
- ethernet: sun: add check for the mdesc_grab() (Liang He)
- net/iucv: Fix size of interrupt data (Alexandra Winter)
- net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull (Szymon Heidrich)
- block: sunvdc: add check for mdesc_grab() returning NULL (Liang He)
- nvmet: avoid potential UAF in nvmet_req_complete() (Damien Le Moal)
- net: usb: smsc75xx: Limit packet length to skb->len (Szymon Heidrich)
- nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition (Zheng Wang)
- net: phy: smsc: bail out in lan87xx_read_status if genphy_read_status fails (Heiner Kallweit)
- net: tunnels: annotate lockless accesses to dev->needed_headroom (Eric Dumazet)
- qed/qed_dev: guard against a possible division by zero (Daniil Tatianin)
- i40e: Fix kernel crash during reboot when adapter is in recovery mode (Ivan Vecera)
- ipvlan: Make skb->skb_iif track skb->dev for l3s mode (Jianguo Wu)
- nfc: pn533: initialize struct pn533_out_arg properly (Fedor Pchelkin)
- tcp: tcp_make_synack() can be called from process context (Breno Leitao)
- scsi: core: Fix a procfs host directory removal regression (Bart Van Assche)
- scsi: core: Fix a comment in function scsi_host_dev_release() (Xiang Chen)
- netfilter: nft_redir: correct value of inet type .maxattrs (Jeremy Sowden)
- ALSA: hda: Match only Intel devices with CONTROLLER_IN_GPU() (Bjorn Helgaas)
- ALSA: hda: Add Intel DG2 PCI ID and HDMI codec vid (Kai Vehmanen)
- ALSA: hda: Add Alderlake-S PCI ID and HDMI codec vid (Kai Vehmanen)
- ALSA: hda - controller is in GPU on the DG1 (Kai Vehmanen)
- ALSA: hda - add Intel DG1 PCI and HDMI ids (Kai Vehmanen)
- scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add() (Wenchao Hao)
- docs: Correct missing 'd_' prefix for dentry_operations member d_weak_revalidate (Glenn Washburn)
- clk: HI655X: select REGMAP instead of depending on it (Randy Dunlap)
- drm/meson: fix 1px pink line on GXM when scaling video overlay (Christian Hewitt)
- cifs: Move the in_send statistic to __smb_send_rqst() (Zhang Xiaoxu)
- drm/panfrost: Don't sync rpm suspension after mmu flushing (Dmitry Osipenko)
- xfrm: Allow transport-mode states with AF_UNSPEC selector (Herbert Xu)
- ext4: fix cgroup writeback accounting with fs-layer encryption (Eric Biggers)
- LTS tag: v5.4.237 (Sherry Yang)
- s390/dasd: add missing discipline function (Stefan Haberland)
- UML: define RUNTIME_DISCARD_EXIT (Masahiro Yamada)
- sh: define RUNTIME_DISCARD_EXIT (Tom Saeger)
- s390: define RUNTIME_DISCARD_EXIT to fix link error with GNU ld < 2.36 (Masahiro Yamada)
- powerpc/vmlinux.lds: Don't discard .rela* for relocatable builds (Michael Ellerman)
- powerpc/vmlinux.lds: Define RUNTIME_DISCARD_EXIT (Michael Ellerman)
- arch: fix broken BuildID for arm64 and riscv (Masahiro Yamada)
- x86, vmlinux.lds: Add RUNTIME_DISCARD_EXIT to generic DISCARDS (H.J. Lu)
- drm/i915: Don't use BAR mappings for ring buffers with LLC (John Harrison)
- ipmi:watchdog: Set panic count to proper value on a panic (Corey Minyard)
- ipmi/watchdog: replace atomic_add() and atomic_sub() (Yejune Deng)
- media: ov5640: Fix analogue gain control (Paul Elder)
- PCI: Add SolidRun vendor ID (Alvaro Karsz)
- macintosh: windfarm: Use unsigned type for 1-bit bitfields (Nathan Chancellor)
- alpha: fix R_ALPHA_LITERAL reloc for large modules (Edward Humes)
- MIPS: Fix a compilation issue (xurui)
- ext4: Fix deadlock during directory rename (Jan Kara)
- riscv: Use READ_ONCE_NOCHECK in imprecise unwinding stack mode (Alexandre Ghiti)
- net/smc: fix fallback failed while sendmsg with fastopen (D. Wythe)
- scsi: megaraid_sas: Update max supported LD IDs to 240 (Chandrakanth Patil)
- btf: fix resolving BTF_KIND_VAR after ARRAY, STRUCT, UNION, PTR (Lorenz Bauer)
- netfilter: tproxy: fix deadlock due to missing BH disable (Florian Westphal)
- bnxt_en: Avoid order-5 memory allocation for TPA data (Michael Chan)
- net: caif: Fix use-after-free in cfusbl_device_notify() (Shigeru Yoshida)
- net: lan78xx: fix accessing the LAN7800's internal phy specific registers from the MAC driver (Yuiko Oshino)
- net: usb: lan78xx: Remove lots of set but unused 'ret' variables (Lee Jones)
- selftests: nft_nat: ensuring the listening side is up before starting the client (Hangbin Liu)
- ila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping() (Eric Dumazet)
- nfc: fdp: add null check of devm_kmalloc_array in fdp_nci_i2c_read_device_properties (Kang Chen)
- drm/msm/a5xx: fix setting of the CP_PREEMPT_ENABLE_LOCAL register (Dmitry Baryshkov)
- ext4: Fix possible corruption when moving a directory (Jan Kara)
- scsi: core: Remove the /proc/scsi/ directory earlier (Bart Van Assche)
- cifs: Fix uninitialized memory read in smb3_qfs_tcon() (Volker Lendecke)
- SMB3: Backup intent flag missing from some more ops (Amir Goldstein)
- iommu/vt-d: Fix PASID directory pointer coherency (Jacob Pan)
- irqdomain: Fix domain registration race (Marc Zyngier)
- irqdomain: Change the type of 'size' in __irq_domain_add() to be consistent (Bixuan Cui)
- ipmi:ssif: Add a timer between request retries (Corey Minyard)
- ipmi:ssif: Increase the message retry time (Corey Minyard)
- ipmi:ssif: Remove rtc_us_timer (Corey Minyard)
- ipmi:ssif: resend_msg() cannot fail (Corey Minyard)
- ipmi:ssif: make ssif_i2c_send() void (Liguang Zhang)
- iommu/amd: Add a length limitation for the ivrs_acpihid command-line parameter (Gavrilov Ilia)
- iommu/amd: Fix ill-formed ivrs_ioapic, ivrs_hpet and ivrs_acpihid options (Kim Phillips)
- iommu/amd: Add PCI segment support for ivrs_[ioapic/hpet/acpihid] commands (Suravee Suthikulpanit)
- nfc: change order inside nfc_se_io error path (Fedor Pchelkin)
- ext4: zero i_disksize when initializing the bootloader inode (Zhihao Cheng)
- ext4: fix WARNING in ext4_update_inline_data (Ye Bin)
- ext4: move where set the MAY_INLINE_DATA flag is set (Ye Bin)
- ext4: fix another off-by-one fsmap error on 1k block filesystems (Darrick J. Wong)
- ext4: fix RENAME_WHITEOUT handling for inline directories (Eric Whitney)
- drm/connector: print max_requested_bpc in state debugfs (Harry Wentland)
- x86/CPU/AMD: Disable XSAVES on AMD family 0x17 (Andrew Cooper)
- fs: prevent out-of-bounds array speculation when closing a file descriptor (Theodore Ts'o)
- LTS tag: v5.4.236 (Sherry Yang)
- staging: rtl8192e: Remove call_usermodehelper starting RadioPower.sh (Philipp Hortmann)
- staging: rtl8192e: Remove function ..dm_check_ac_dc_power calling a script (Philipp Hortmann)
- wifi: cfg80211: Partial revert 'wifi: cfg80211: Fix use after free for wext' (Hector Martin)
- LTS tag: v5.4.235 (Sherry Yang)
- dt-bindings: rtc: sun6i-a31-rtc: Loosen the requirements on the clocks (Maxime Ripard)
- media: uvcvideo: Fix race condition with usb_kill_urb (Ricardo Ribalda)
- media: uvcvideo: Provide sync and async uvc_ctrl_status_event (Ricardo Ribalda)
- tcp: Fix listen() regression in 5.4.229. (Kuniyuki Iwashima)
- Bluetooth: hci_sock: purge socket queues in the destruct() callback (Nguyen Dinh Phi)
- x86/resctl: fix scheduler confusion with 'current' (Linus Torvalds)
- x86/resctrl: Apply READ_ONCE/WRITE_ONCE to task_struct.{rmid,closid} (Valentin Schneider)
- net: tls: avoid hanging tasks on the tx_lock (Jakub Kicinski)
- phy: rockchip-typec: Fix unsigned comparison with less than zero (Jiapeng Chong)
- PCI: Add ACS quirk for Wangxun NICs (Mengyuan Lou)
- kernel/fail_function: fix memory leak with using debugfs_lookup() (Greg Kroah-Hartman)
- usb: uvc: Enumerate valid values for color matching (Daniel Scally)
- USB: ene_usb6250: Allocate enough memory for full object (Kees Cook)
- usb: host: xhci: mvebu: Iterate over array indexes instead of using pointer math (Kees Cook)
- iio: accel: mma9551_core: Prevent uninitialized variable in mma9551_read_config_word() (Harshit Mogalapalli)
- iio: accel: mma9551_core: Prevent uninitialized variable in mma9551_read_status_word() (Harshit Mogalapalli)
- tools/iio/iio_utils:fix memory leak (Yulong Zhang)
- mei: bus-fixup:upon error print return values of send and receive (Alexander Usyskin)
- tty: serial: fsl_lpuart: disable the CTS when send break signal (Sherry Sun)
- tty: fix out-of-bounds access in tty_driver_lookup_tty() (Sven Schnelle)
- staging: emxx_udc: Add checks for dma_alloc_coherent() (Yuan Can)
- media: uvcvideo: Silence memcpy() run-time false positive warnings (Kees Cook)
- media: uvcvideo: Quirk for autosuspend in Logitech B910 and C910 (Ricardo Ribalda)
- media: uvcvideo: Handle errors from calls to usb_string (Guenter Roeck)
- media: uvcvideo: Handle cameras with invalid descriptors (Ricardo Ribalda)
- mfd: arizona: Use pm_runtime_resume_and_get() to prevent refcnt leak (Liang He)
- firmware/efi sysfb_efi: Add quirk for Lenovo IdeaPad Duet 3 (Darrell Kavanagh)
- tracing: Add NULL checks for buffer in ring_buffer_free_read_page() (Jia-Ju Bai)
- thermal: intel: BXT_PMIC: select REGMAP instead of depending on it (Randy Dunlap)
- thermal: intel: quark_dts: fix error pointer dereference (Dan Carpenter)
- scsi: ipr: Work around fortify-string warning (Arnd Bergmann)
- rtc: sun6i: Always export the internal oscillator (Samuel Holland)
- rtc: sun6i: Make external 32k oscillator optional (Jernej Skrabec)
- tcp: tcp_check_req() can be called from process context (Eric Dumazet)
- ARM: dts: spear320-hmi: correct STMPE GPIO compatible (Krzysztof Kozlowski)
- net/sched: act_sample: fix action bind logic (Pedro Tammela)
- nfc: fix memory leak of se_io context in nfc_genl_se_io (Fedor Pchelkin)
- net/mlx5: Geneve, Fix handling of Geneve object id as error code (Maor Dickman)
- 9p/rdma: unmap receive dma buffer in rdma_request()/post_recv() (Zhengchao Shao)
- 9p/xen: fix connection sequence (Juergen Gross)
- 9p/xen: fix version parsing (Juergen Gross)
- net: fix __dev_kfree_skb_any() vs drop monitor (Eric Dumazet)
- sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop (Xin Long)
- ipv6: Add lwtunnel encap size of all siblings in nexthop calculation (Lu Wei)
- netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() (Hangyu Hua)
- watchdog: pcwd_usb: Fix attempting to access uninitialized memory (Li Hua)
- watchdog: Fix kmemleak in watchdog_cdev_register (Chen Jun)
- watchdog: at91sam9_wdt: use devm_request_irq to avoid missing free_irq() in error path (ruanjinjie)
- x86: um: vdso: Add '%rcx' and '%r11' to the syscall clobber list (Ammar Faizi)
- ubi: ubi_wl_put_peb: Fix infinite loop when wear-leveling work failed (Zhihao Cheng)
- ubi: Fix UAF wear-leveling entry in eraseblk_count_seq_show() (Zhihao Cheng)
- ubifs: ubifs_writepage: Mark page dirty after writing inode failed (Zhihao Cheng)
- ubifs: dirty_cow_znode: Fix memleak in error handling path (Zhihao Cheng)
- ubifs: Re-statistic cleaned znode count if commit failed (Zhihao Cheng)
- ubi: Fix possible null-ptr-deref in ubi_free_volume() (Yang Yingliang)
- ubifs: Fix memory leak in alloc_wbufs() (Li Zetao)
- ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume() (Li Zetao)
- ubi: Fix use-after-free when volume resizing failed (Li Zetao)
- ubifs: Reserve one leb for each journal head while doing budget (Zhihao Cheng)
- ubifs: do_rename: Fix wrong space budget when target inode's nlink > 1 (Zhihao Cheng)
- ubifs: Fix wrong dirty space budget for dirty inode (Zhihao Cheng)
- ubifs: Rectify space budget for ubifs_xrename() (Zhihao Cheng)
- ubifs: Rectify space budget for ubifs_symlink() if symlink is encrypted (Zhihao Cheng)
- ubifs: Fix build errors as symbol undefined (Li Hua)
- ubi: ensure that VID header offset + VID header size <= alloc, size (George Kennedy)
- um: vector: Fix memory leak in vector_config (Xiang Yang)
- fs: f2fs: initialize fsdata in pagecache_write() (Alexander Potapenko)
- f2fs: use memcpy_{to,from}_page() where possible (Eric Biggers)
- pwm: stm32-lp: fix the check on arr and cmp registers update (Fabrice Gasnier)
- pwm: sifive: Always let the first pwm_apply_state succeed (Emil Renner Berthing)
- pwm: sifive: Reduce time the controller lock is held (Uwe Kleine-Konig)
- fs/jfs: fix shift exponent db_agl2size negative (Liu Shixin via Jfs-discussion)
- kbuild: Port silent mode detection to future gnu make. (Dmitry Goncharov)
- wifi: ath9k: use proper statements in conditionals (Arnd Bergmann)
- drm/radeon: Fix eDP for single-display iMac11,2 (Mark Hawrylak)
- drm/i915/quirks: Add inverted backlight quirk for HP 14-r206nv (Mavroudis Chatzilaridis)
- PCI: Avoid FLR for AMD FCH AHCI adapters (Damien Le Moal)
- PCI: hotplug: Allow marking devices as disconnected during bind/unbind (Lukas Wunner)
- PCI/PM: Observe reset delay irrespective of bridge_d3 (Lukas Wunner)
- scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() (Tomas Henzl)
- scsi: ses: Fix possible desc_ptr out-of-bounds accesses (Tomas Henzl)
- scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses (Tomas Henzl)
- scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() (Tomas Henzl)
- scsi: ses: Don't attach if enclosure has no components (James Bottomley)
- scsi: qla2xxx: Fix erroneous link down (Quinn Tran)
- scsi: qla2xxx: Fix DMA-API call trace on NVMe LS requests (Arun Easi)
- scsi: qla2xxx: Fix link failure in NPIV environment (Quinn Tran)
- ktest.pl: Add RUN_TIMEOUT option with default unlimited (Steven Rostedt)
- ktest.pl: Fix missing 'end_monitor' when machine check fails (Steven Rostedt)
- ktest.pl: Give back console on Ctrt^C on monitor (Steven Rostedt)
- mm/thp: check and bail out if page in deferred queue already (Yin Fengwei)
- mm: memcontrol: deprecate charge moving (Johannes Weiner)
- media: ipu3-cio2: Fix PM runtime usage_count in driver unbind (Sakari Ailus)
- mips: fix syscall_get_nr (Elvira Khabirova)
- alpha: fix FEN fault handling (Al Viro)
- rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails (Ilya Dryomov)
- ARM: dts: exynos: correct TMU phandle in Odroid XU (Krzysztof Kozlowski)
- ARM: dts: exynos: correct TMU phandle in Exynos4 (Krzysztof Kozlowski)
- dm flakey: don't corrupt the zero page (Mikulas Patocka)
- dm flakey: fix logic when corrupting a bio (Mikulas Patocka)
- thermal: intel: powerclamp: Fix cur_state for multi package system (Srinivas Pandruvada)
- wifi: rtl8xxxu: Use a longer retry limit of 48 (Bitterblue Smith)
- ext4: refuse to create ea block when umounted (Jun Nie)
- ext4: optimize ea_inode block expansion (Jun Nie)
- ALSA: hda/realtek: Add quirk for HP EliteDesk 800 G6 Tower PC (Lukasz Stelmach)
- ALSA: ice1712: Do not left ice->gpio_mutex locked in aureon_add_controls() (Dmitry Fomin)
- irqdomain: Drop bogus fwspec-mapping error handling (Johan Hovold)
- irqdomain: Fix disassociation race (Johan Hovold)
- irqdomain: Fix association race (Johan Hovold)
- ima: Align ima_file_mmap() parameters with mmap_file LSM hook (Roberto Sassu)
- Documentation/hw-vuln: Document the interaction between IBRS and STIBP (KP Singh)
- x86/microcode/AMD: Fix mixed steppings support (Borislav Petkov (AMD))
- x86/microcode/AMD: Add a @cpu parameter to the reloading functions (Borislav Petkov (AMD))
- x86/microcode/amd: Remove load_microcode_amd()'s bsp parameter (Borislav Petkov (AMD))
- x86/kprobes: Fix arch_check_optimized_kprobe check within optimized_kprobe range (Yang Jihong)
- x86/kprobes: Fix __recover_optprobed_insn check optimizing logic (Yang Jihong)
- x86/reboot: Disable SVM, not just VMX, when stopping CPUs (Sean Christopherson)
- x86/reboot: Disable virtualization in an emergency if SVM is supported (Sean Christopherson)
- x86/crash: Disable virt in core NMI crash handler to avoid double shootdown (Sean Christopherson)
- x86/reboot: Force all cpus to exit VMX root if VMX is supported (Sean Christopherson)
- x86/virt: Force GIF=1 prior to disabling SVM (for reboot flows) (Sean Christopherson)
- KVM: s390: disable migration mode when dirty tracking is disabled (Nico Boehr)
- KVM: Destroy target device if coalesced MMIO unregistration fails (Sean Christopherson)
- udf: Detect system inodes linked into directory hierarchy (Jan Kara)
- udf: Preserve link count of system files (Jan Kara)
- udf: Do not update file length for failed writes to inline files (Jan Kara)
- udf: Do not bother merging very long extents (Jan Kara)
- udf: Truncate added extents on failed expansion (Jan Kara)
- ocfs2: fix non-auto defrag path not working issue (Heming Zhao via Ocfs2-devel)
- ocfs2: fix defrag path triggering jbd2 ASSERT (Heming Zhao via Ocfs2-devel)
- f2fs: fix cgroup writeback accounting with fs-layer encryption (Eric Biggers)
- f2fs: fix information leak in f2fs_move_inline_dirents() (Eric Biggers)
- fs: hfsplus: fix UAF issue in hfsplus_put_super (Dongliang Mu)
- hfs: fix missing hfs_bnode_get() in __hfs_bnode_create (Liu Shixin)
- ARM: dts: exynos: correct HDMI phy compatible in Exynos4 (Krzysztof Kozlowski)
- s390/kprobes: fix current_kprobe never cleared after kprobes reenter (Vasily Gorbik)
- s390/kprobes: fix irq mask clobbering on kprobe reenter from post_handler (Vasily Gorbik)
- s390: discard .interp section (Ilya Leoshkevich)
- ipmi_ssif: Rename idle state and check (Corey Minyard)
- rtc: pm8xxx: fix set-alarm race (Johan Hovold)
- firmware: coreboot: framebuffer: Ignore reserved pixel color bits (Alper Nebi Yasak)
- wifi: rtl8xxxu: fixing transmisison failure for rtl8192eu (Jun ASAKA)
- nfsd: zero out pointers after putting nfsd_files on COPY setup error (Jeff Layton)
- dm cache: add cond_resched() to various workqueue loops (Mike Snitzer)
- dm thin: add cond_resched() to various workqueue loops (Mike Snitzer)
- drm: panel-orientation-quirks: Add quirk for Lenovo IdeaPad Duet 3 10IGL5 (Darrell Kavanagh)
- pinctrl: at91: use devm_kasprintf() to avoid potential leaks (Claudiu Beznea)
- hwmon: (coretemp) Simplify platform device handling (Robin Murphy)
- regulator: s5m8767: Bounds check id indexing into arrays (Kees Cook)
- regulator: max77802: Bounds check regulator id against opmode (Kees Cook)
- ASoC: kirkwood: Iterate over array indexes instead of using pointer math (Kees Cook)
- docs/scripts/gdb: add necessary make scripts_gdb step (Jakob Koschel)
- drm/msm/dsi: Add missing check for alloc_ordered_workqueue (Jiasheng Jiang)
- drm/radeon: free iio for atombios when driver shutdown (Liwei Song)
- HID: Add Mapping for System Microphone Mute (Jingyuan Liang)
- drm/omap: dsi: Fix excessive stack usage (Tomi Valkeinen)
- drm/amd/display: Fix potential null-deref in dm_resume (Roman Li)
- uaccess: Add minimum bounds check on kernel buffer size (Kees Cook)
[5.4.17-2136.320.3.el7]
- pensando: kpcimgr: avoid panic when device tree is corrupt (Rob Gardner) [Orabug: 35079751]
- net: mana: Fix accessing freed irq affinity_hint (Haiyang Zhang) [Orabug: 35085105]
- net: mana: Assign interrupts to CPUs based on NUMA nodes (Saurabh Sengar) [Orabug: 35085105]
- net: mana: Add rmb after checking owner bits (Haiyang Zhang) [Orabug: 35085105]
- IB/mad: Don't call to function that might sleep while in atomic context (Leonid Ravich) [Orabug: 35072250]
[5.4.17-2136.320.2.el7]
- netfilter: nf_tables: NULL pointer dereference in nf_tables_updobj() (Alok Tiwari) [Orabug: 34301053]
- Revert 'iommu/amd: Increase kdump command sync timeout to 2secs' (Boris Ostrovsky) [Orabug: 35099730]
- Revert 'iommu: Force iommu shutdown on panic' (Boris Ostrovsky) [Orabug: 35099730]
- mm, hugepages: add hugetlb vma mremap() test (Mina Almasry) [Orabug: 35176741]
- mm: hugetlb: considering PMD sharing when flushing cache/TLBs (Baolin Wang) [Orabug: 35176741]
- mm: mremap: fix sign for EFAULT error return value (Niels Dossche) [Orabug: 35176741]
- mm/hugetlb: fix kernel crash with hugetlb mremap (Aneesh Kumar K.V) [Orabug: 35176741]
- hugetlbfs: flush before unlock on move_hugetlb_page_tables() (Nadav Amit) [Orabug: 35176741]
- mm, hugepages: add mremap() support for hugepage backed vma (Mina Almasry) [Orabug: 35176741]
- Arm64: Pensando: Fix tps53679 driver to include power readings (Austin Sehnert) [Orabug: 35274783]
- net/rds: use appropriate return code while dropping a connection (Praveen Kumar Kannoju) [Orabug: 35279327]
- uek-rpm: aarch64: embedded: Enable CONFIG_QFMT_V2 to support T93 disk quota (Thomas Tai) [Orabug: 35323244]
[5.4.17-2136.320.1.el7]
- MIPS: Don't clear _PAGE_SPECIAL in _PAGE_CHG_MASK (Henry Willard) [Orabug: 35218786]
- net/mlx5: Fix memory leak in error flow of port set buffer (Maher Sanalla) [Orabug: 34988317]
- net/mlx5e: Update shared buffer along with device buffer changes (Maher Sanalla) [Orabug: 34988317]
- net/mlx5e: Add API to query/modify SBPR and SBCM registers (Maher Sanalla) [Orabug: 34988317]
- net/mlx5: Expose shared buffer registers bits and structs (Maher Sanalla) [Orabug: 34988317]
- net/mlx5e: Fix the calling of update_buffer_lossy() API (Mark Zhang) [Orabug: 34988317]
- net/mlx5e: Fix port buffers cell size value (Eran Ben Elisha) [Orabug: 34988317]
- net/rds: Adding TCP stats for TCP keepalive timeout (Nagappan Ramasamy Palaniappan) [Orabug: 35254379]
- x86/acpi/boot: Correct acpi_is_processor_usable() check (Eric DeVolder) [Orabug: 35274588]
- x86/ACPI/boot: Use FADT version to check support for online capable (Mario Limonciello) [Orabug: 35274588]
- x86/acpi/boot: Do not register processors that cannot be onlined for x2APIC (Kishon Vijay Abraham I) [Orabug: 35274588]
- x86/ACPI: Don't add CPUs that are not online capable (Mario Limonciello) [Orabug: 35274588]
- ACPICA: Add support for MADT online enabled bit (Mario Limonciello) [Orabug: 35274588]
- net/rds: use appropriate reason while dropping a connection (Praveen Kumar Kannoju) [Orabug: 35278122]
- KVM: nVMX: add missing consistency checks for CR0 and CR4 (Paolo Bonzini) [Orabug: 35278212] {CVE-2023-30456}
- uek-rpm: pensando: enable config options for fips (Dave Kleikamp) [Orabug: 35305291]
- x86/bugs: Make sure MSR_SPEC_CTRL is updated properly upon resume from S3 (Pawan Gupta) [Orabug: 35310366]
Related CVEs
Updated Packages
Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
Oracle Linux 7 (x86_64) | kernel-uek-container-5.4.17-2136.320.7.el7.src.rpm | 623b9c19999c0a34ba9bf2c5a82a7708 | - |
| kernel-uek-container-5.4.17-2136.320.7.el7.x86_64.rpm | 45a20f4d46fae7490626b056bd8b79a9 | - |
| kernel-uek-container-debug-5.4.17-2136.320.7.el7.x86_64.rpm | 3b64fc3a15d1e0c664195516186940b1 | - |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team