El-errata: ELSA-2022-9998 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
Oracle Linux Security Advisory ELSA-2022-9998
http://linux.oracle.com/errata/ELSA-2022-9998.html
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:
x86_64:
kernel-uek-5.4.17-2136.313.6.el7uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.313.6.el7uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.313.6.el7uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.313.6.el7uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.313.6.el7uek.noarch.rpm
kernel-uek-tools-5.4.17-2136.313.6.el7uek.x86_64.rpm
aarch64:
kernel-uek-5.4.17-2136.313.6.el7uek.aarch64.rpm
kernel-uek-debug-5.4.17-2136.313.6.el7uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2136.313.6.el7uek.aarch64.rpm
kernel-uek-devel-5.4.17-2136.313.6.el7uek.aarch64.rpm
kernel-uek-doc-5.4.17-2136.313.6.el7uek.noarch.rpm
kernel-uek-tools-5.4.17-2136.313.6.el7uek.aarch64.rpm
kernel-uek-tools-libs-5.4.17-2136.313.6.el7uek.aarch64.rpm
perf-5.4.17-2136.313.6.el7uek.aarch64.rpm
python-perf-5.4.17-2136.313.6.el7uek.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/kernel-uek-5.4.17-2136.313.6.el7uek.src.rpm
Related CVEs:
CVE-2022-3028
Description of changes:
[5.4.17-2136.313.6.el7uek]
- Uninitialized variable image_ext in fixup_vdso_exception of extable.c (Alok Tiwari) [Orabug: 33000550]
- NFSD: fix use-after-free on source server when doing inter-server copy (Dai Ngo) [Orabug: 34475857]
- EDAC/mce_amd: Do not load edac_mce_amd module on guests (Smita Koralahalli) [Orabug: 34484268]
- uek: kabi: update kABI files for new symbol (Saeed Mirzamohammadi) [Orabug: 34595589]
- RDS/IB Fix allocation warning (Hans Westgaard Ry) [Orabug: 34684322]
- uek-rpm: Add support for building a kdump kernel on MIPS64 (Dave Kleikamp) [Orabug: 34696261]
- hwmon: (opbmc) AST2600 SP reset driver adjustment (Jan Zdarek) [Orabug: 34710682]
- hwmon: (opbmc) Driver message prefixes (Jan Zdarek) [Orabug: 34710682]
- Revert "fs: check FMODE_LSEEK to control internal pipe splicing" (Saeed Mirzamohammadi) [Orabug: 34724694]
- Revert "sched/deadline: Fix priority inheritance with multiple scheduling classes" (Sherry Yang) [Orabug: 34700434]
[5.4.17-2136.313.5.el7uek]
- IB/mlx5: Move to fully dynamic UAR mode once user space supports it (Yishai Hadas) [Orabug: 34430072]
- IB/mlx5: Extend QP creation to get uar page index from user space (Yishai Hadas) [Orabug: 34430072]
- IB/mlx5: Extend CQ creation to get uar page index from user space (Yishai Hadas) [Orabug: 34430072]
- IB/mlx5: Expose UAR object and its alloc/destroy commands (Yishai Hadas) [Orabug: 34430072]
- IB/mlx5: Generally use the WC auto detection test result (Yishai Hadas) [Orabug: 34430072]
- RDMA/mlx5: Use offsetofend() instead of duplicated variant (Leon Romanovsky) [Orabug: 34430072]
- RDMA/mlx5: Remove duplicate definitions of SW_ICM macros (Erez Shitrit) [Orabug: 34430072]
- IB/mlx5: Introduce UAPIs to manage packet pacing (Yishai Hadas) [Orabug: 34430072]
- RDMA/mlx5: Prevent overflow in mmap offset calculations (Leon Romanovsky) [Orabug: 34430072]
- RDMA/core: Make the entire API tree static (Jason Gunthorpe) [Orabug: 34430072]
- RDMA/core: Ensure that rdma_user_mmap_entry_remove() is a fence (Jason Gunthorpe) [Orabug: 34430072]
- RDMA/mlx5: Set relaxed ordering when requested (Michael Guralnik) [Orabug: 34430072]
- RDMA/core: Add the core support field to METHOD_GET_CONTEXT (Michael Guralnik) [Orabug: 34430072]
- RDMA/uverbs: Add new relaxed ordering memory region access flag (Michael Guralnik) [Orabug: 34430072]
- RDMA/core: Add optional access flags range (Michael Guralnik) [Orabug: 34430072]
- RDMA/uverbs: Add ioctl command to get a device context (Jason Gunthorpe) [Orabug: 34430072]
- RDMA/core: Remove ucontext_lock from the uverbs_destry_ufile_hw() path (Jason Gunthorpe) [Orabug: 34430072]
- RDMA/core: Add UVERBS_METHOD_ASYNC_EVENT_ALLOC (Jason Gunthorpe) [Orabug: 34430072]
- RDMA/core: Use READ_ONCE for ib_ufile.async_file (Jason Gunthorpe) [Orabug: 34430072]
- RDMA/core: Make ib_uverbs_async_event_file into a uobject (Jason Gunthorpe) [Orabug: 34430072]
- RDMA/core: Remove the ufile arg from rdma_alloc_begin_uobject (Jason Gunthorpe) [Orabug: 34430072]
- RDMA/core: Simplify type usage for ib_uverbs_async_handler() (Jason Gunthorpe) [Orabug: 34430072]
- RDMA/core: Do not erase the type of ib_wq.uobject (Jason Gunthorpe) [Orabug: 34430072]
- RDMA/core: Do not erase the type of ib_qp.uobject (Jason Gunthorpe) [Orabug: 34430072]
- RDMA/core: Do not erase the type of ib_cq.uobject (Jason Gunthorpe) [Orabug: 34430072]
- RDMA/core: Make ib_ucq_object use ib_uevent_object (Jason Gunthorpe) [Orabug: 34430072]
- RDMA/core: Do not allow alloc_commit to fail (Jason Gunthorpe) [Orabug: 34430072]
- RDMA/mlx5: Simplify devx async commands (Jason Gunthorpe) [Orabug: 34430072]
- RDMA/core: Simplify destruction of FD uobjects (Jason Gunthorpe) [Orabug: 34430072]
- RDMA/mlx5: Use RCU and direct refcounts to keep memory alive (Jason Gunthorpe) [Orabug: 34430072]
- IB/mlx5: Add mmap support for VAR (Yishai Hadas) [Orabug: 34430072]
- IB/mlx5: Introduce VAR object and its alloc/destroy methods (Yishai Hadas) [Orabug: 34430072]
- IB/mlx5: Extend caps stage to handle VAR capabilities (Yishai Hadas) [Orabug: 34430072]
- IB/mlx5: Fix device memory flows (Yishai Hadas) [Orabug: 34430072]
- IB/core: Introduce rdma_user_mmap_entry_insert_range() API (Yishai Hadas) [Orabug: 34430072]
- IB/mlx5: Support flow counters offset for bulk counters (Yevgeny Kliteynik) [Orabug: 34430072]
- IB/mlx5: Rename profile and init methods (Michael Guralnik) [Orabug: 34430072]
- RDMA: Connect between the mmap entry and the umap_priv structure (Michal Kalderon) [Orabug: 34430072]
- RDMA/core: Create mmap database and cookie helper functions (Michal Kalderon) [Orabug: 34430072]
- RDMA/core: Move core content from ib_uverbs to ib_core (Michal Kalderon) [Orabug: 34430072]
- IB/mlx5: Test write combining support (Michael Guralnik) [Orabug: 34430072]
- IB/mlx5: Align usage of QP1 create flags with rest of mlx5 defines (Michael Guralnik) [Orabug: 34430072]
- IB/mlx5: Introduce and use mkey context setting helper routine (Parav Pandit) [Orabug: 34430072]
- net/rds: Send congestion map updates only via path zero (Anand Khoje) [Orabug: 34578051]
- Revert "RDS/IB: Fix RDS IB SRQ implementation and tune it" (Hans Westgaard Ry) [Orabug: 34662431]
- net: vlan: Avoid using BUG() in vlan_proto_idx() (Florian Fainelli) [Orabug: 34672449]
- KVM: x86: drop superfluous mmu_check_root() from fast_pgd_switch() (Vitaly Kuznetsov) [Orabug: 34679770]
- KVM: SVM: Update cr3_lm_rsvd_bits for AMD SEV guests (Babu Moger) [Orabug: 34679770]
- KVM: x86: Invoke vendor's vcpu_after_set_cpuid() after all common updates (Sean Christopherson) [Orabug: 34679770]
- KVM: x86: Move kvm_x86_ops.vcpu_after_set_cpuid() into kvm_vcpu_after_set_cpuid() (Xiaoyao Li) [Orabug: 34679770]
- KVM: x86: Rename cpuid_update() callback to vcpu_after_set_cpuid() (Xiaoyao Li) [Orabug: 34679770]
- RDMA/cma: Use output interface for net_dev check (Håkon Bugge) [Orabug: 34694980]
[5.4.17-2136.313.4.el7uek]
- arm64: pensando: Suppress tree-loop-distribute-patterns optimization (Henry Willard) [Orabug: 34634974]
- uek-rpm: Disable floppy related configs (Saeed Mirzamohammadi) [Orabug: 34644240]
- ACPI: processor idle: Practically limit "Dummy wait" workaround to old Intel systems (Dave Hansen) [Orabug: 34671342]
[5.4.17-2136.313.3.el7uek]
- Revert "net: mvpp2: debugfs: fix memory leak when using debugfs_lookup()" (Sasha Levin)
- USB: core: Fix RST error in hub.c (Alan Stern)
- cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() (Tetsuo Handa)
- parisc: ccio-dma: Add missing iounmap in error path in ccio_probe() (Yang Yingliang)
- LTS tag: v5.4.213 (Sherry Yang)
- MIPS: loongson32: ls1c: Fix hang during startup (Yang Ling)
- x86/nospec: Fix i386 RSB stuffing (Peter Zijlstra)
- sch_sfb: Also store skb len before calling child enqueue (Toke Høiland-Jørgensen)
- tcp: fix early ETIMEDOUT after spurious non-SACK RTO (Neal Cardwell)
- nvme-tcp: fix UAF when detecting digest errors (Sagi Grimberg)
- RDMA/mlx5: Set local port to one when accessing counters (Chris Mi)
- ipv6: sr: fix out-of-bounds read when setting HMAC data. (David Lebrun)
- RDMA/siw: Pass a pointer to virt_to_page() (Linus Walleij)
- i40e: Fix kernel crash during module removal (Ivan Vecera)
- tipc: fix shift wrapping bug in map_get() (Dan Carpenter)
- sch_sfb: Don't assume the skb is still around after enqueueing to child (Toke Høiland-Jørgensen)
- afs: Use the operation issue time instead of the reply time for callbacks (David Howells)
- rxrpc: Fix an insufficiently large sglist in rxkad_verify_packet_2() (David Howells)
- netfilter: nf_conntrack_irc: Fix forged IP logic (David Leadbeater)
- netfilter: br_netfilter: Drop dst references before setting. (Harsh Modi)
- RDMA/hns: Fix supported page size (Chengchang Tang)
- soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs (Liang He)
- RDMA/cma: Fix arguments order in net device validation (Michael Guralnik)
- regulator: core: Clean up on enable failure (Andrew Halaney)
- ARM: dts: imx6qdl-kontron-samx6i: remove duplicated node (Marco Felsch)
- smb3: missing inode locks in punch hole (David Howells)
- scsi: lpfc: Add missing destroy_workqueue() in error path (Yang Yingliang)
- scsi: mpt3sas: Fix use-after-free warning (Sreekanth Reddy)
- nvmet: fix a use-after-free (Bart Van Assche)
- debugfs: add debugfs_lookup_and_remove() (Greg Kroah-Hartman)
- kprobes: Prohibit probes in gate area (Christian A. Ehrhardt)
- ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() (Dongxiang Ke)
- ALSA: aloop: Fix random zeros in capture data when using jiffies timer (Pattara Teerapong)
- ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() (Tasos Sahanidis)
- drm/amdgpu: mmVM_L2_CNTL3 register not initialized correctly (Qu Huang)
- fbdev: chipsfb: Add missing pci_disable_device() in chipsfb_pci_init() (Yang Yingliang)
- arm64: cacheinfo: Fix incorrect assignment of signed error value to unsigned fw_level (Sudeep Holla)
- parisc: Add runtime check to prevent PA2.0 kernels on PA1.x machines (Helge Deller)
- parisc: ccio-dma: Handle kmalloc failure in ccio_init_resources() (Li Qiong)
- drm/radeon: add a force flush to delay work when radeon (Zhenneng Li)
- drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup. (Candice Li)
- drm/gem: Fix GEM handle release errors (Jeffy Chen)
- scsi: megaraid_sas: Fix double kfree() (Guixin Liu)
- USB: serial: ch341: fix disabled rx timer on older devices (Johan Hovold)
- USB: serial: ch341: fix lost character on LCR updates (Johan Hovold)
- usb: dwc3: disable USB core PHY management (Johan Hovold)
- usb: dwc3: fix PHY disable sequence (Johan Hovold)
- btrfs: harden identification of a stale device (Anand Jain)
- drm/i915/glk: ECS Liva Q2 needs GLK HDMI port timing quirk (Diego Santa Cruz)
- ALSA: seq: Fix data-race at module auto-loading (Takashi Iwai)
- ALSA: seq: oss: Fix data-race for max_midi_devs access (Takashi Iwai)
- net: mac802154: Fix a condition in the receive path (Miquel Raynal)
- ip: fix triggering of 'icmp redirect' (Nicolas Dichtel)
- wifi: mac80211: Don't finalize CSA in IBSS mode if state is disconnected (Siddh Raman Pant)
- driver core: Don't probe devices after bus_type.match() probe deferral (Isaac J. Manjarres)
- usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS (Krishna Kurapati)
- USB: core: Prevent nested device-reset calls (Alan Stern)
- s390: fix nospec table alignments (Josh Poimboeuf)
- s390/hugetlb: fix prepare_hugepage_range() check for 2 GB hugepages (Gerald Schaefer)
- usb-storage: Add ignore-residue quirk for NXP PN7462AU (Witold Lipieta)
- USB: cdc-acm: Add Icom PMR F3400 support (0c26:0020) (Thierry GUIBERT)
- usb: dwc2: fix wrong order of phy_power_on and phy_init (Heiner Kallweit)
- usb: typec: altmodes/displayport: correct pin assignment for UFP receptacles (Pablo Sun)
- USB: serial: option: add support for Cinterion MV32-WA/WB RmNet mode (Slark Xiao)
- USB: serial: option: add Quectel EM060K modem (Yonglin Tan)
- USB: serial: option: add support for OPPO R11 diag port (Yan Xinyu)
- USB: serial: cp210x: add Decagon UCA device id (Johan Hovold)
- xhci: Add grace period after xHC start to prevent premature runtime suspend. (Mathias Nyman)
- thunderbolt: Use the actual buffer in tb_async_error() (Mika Westerberg)
- gpio: pca953x: Add mutex_lock for regcache sync in PM (Haibo Chen)
- hwmon: (gpio-fan) Fix array out of bounds access (Armin Wolf)
- clk: bcm: rpi: Fix error handling of raspberrypi_fw_get_rate (Stefan Wahren)
- Input: rk805-pwrkey - fix module autoloading (Peter Robinson)
- clk: core: Fix runtime PM sequence in clk_core_unprepare() (Chen-Yu Tsai)
- Revert "clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops" (Stephen Boyd)
- clk: core: Honor CLK_OPS_PARENT_ENABLE for clk gate ops (Chen-Yu Tsai)
- drm/i915/reg: Fix spelling mistake "Unsupport" -> "Unsupported" (Colin Ian King)
- usb: dwc3: qcom: fix use-after-free on runtime-PM wakeup (Johan Hovold)
- binder: fix UAF of ref->proc caused by race condition (Carlos Llamas)
- USB: serial: ftdi_sio: add Omron CS1W-CIF31 device id (Niek Nooijens)
- misc: fastrpc: fix memory corruption on open (Johan Hovold)
- misc: fastrpc: fix memory corruption on probe (Johan Hovold)
- iio: adc: mcp3911: use correct formula for AD conversion (Marcus Folkesson)
- Input: iforce - wake up after clearing IFORCE_XMIT_RUNNING flag (Tetsuo Handa)
- tty: serial: lpuart: disable flow control while waiting for the transmit engine to complete (Sherry Sun)
- vt: Clear selection before changing the font (Helge Deller)
- powerpc: align syscall table for ppc32 (Masahiro Yamada)
- staging: rtl8712: fix use after free bugs (Dan Carpenter)
- serial: fsl_lpuart: RS485 RTS polariy is inverse (Shenwei Wang)
- net/smc: Remove redundant refcount increase (Yacan Liu)
- Revert "sch_cake: Return __NET_XMIT_STOLEN when consuming enqueued skb" (Jakub Kicinski)
- tcp: annotate data-race around challenge_timestamp (Eric Dumazet)
- sch_cake: Return __NET_XMIT_STOLEN when consuming enqueued skb (Toke Høiland-Jørgensen)
- kcm: fix strp_init() order and cleanup (Cong Wang)
- ethernet: rocker: fix sleep in atomic context bug in neigh_timer_handler (Duoming Zhou)
- net: sched: tbf: don't call qdisc_put() while holding tree lock (Zhengchao Shao)
- Revert "xhci: turn off port power in shutdown" (Mathias Nyman)
- wifi: cfg80211: debugfs: fix return type in ht40allow_map_read() (Dan Carpenter)
- ieee802154/adf7242: defer destroy_workqueue call (Lin Ma)
- iio: adc: mcp3911: make use of the sign bit (Marcus Folkesson)
- platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask (Andy Shevchenko)
- drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg (Douglas Anderson)
- drm/msm/dsi: fix the inconsistent indenting (sunliming)
- net: dp83822: disable false carrier interrupt (Enguerrand de Ribaucourt)
- Revert "mm: kmemleak: take a full lowmem check in kmemleak_*_phys()" (Yee Lee)
- fs: only do a memory barrier for the first set_buffer_uptodate() (Linus Torvalds)
- net: mvpp2: debugfs: fix memory leak when using debugfs_lookup() (Greg Kroah-Hartman)
- wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in il4965_rs_fill_link_cmd() (Stanislaw Gruszka)
- efi: capsule-loader: Fix use-after-free in efi_capsule_write (Hyunwoo Kim)
- LTS tag: v5.4.212 (Sherry Yang)
- net: neigh: don't call kfree_skb() under spin_lock_irqsave() (Yang Yingliang)
- net/af_packet: check len when min_header_len equals to 0 (Zhengchao Shao)
- kprobes: don't call disarm_kprobe() for disabled kprobes (Kuniyuki Iwashima)
- lib/vdso: Mark do_hres() and do_coarse() as __always_inline (Andrei Vagin)
- lib/vdso: Let do_coarse() return 0 to simplify the callsite (Christophe Leroy)
- btrfs: tree-checker: check for overlapping extent items (Josef Bacik)
- netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y (Geert Uytterhoeven)
- drm/amd/display: Fix pixel clock programming (Ilya Bakoulin)
- s390/hypfs: avoid error message under KVM (Juergen Gross)
- neigh: fix possible DoS due to net iface start/stop loop (Denis V. Lunev)
- drm/amd/display: clear optc underflow before turn off odm clock (Fudong Wang)
- drm/amd/display: Avoid MPC infinite loop (Josip Pavic)
- btrfs: unify lookup return value when dir entry is missing (Filipe Manana)
- btrfs: do not pin logs too early during renames (Filipe Manana)
- btrfs: introduce btrfs_lookup_match_dir (Marcos Paulo de Souza)
- mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse (Jann Horn)
- bpf: Don't redirect packets with invalid pkt_len (Zhengchao Shao)
- ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead (Yang Jihong)
- fbdev: fb_pm2fb: Avoid potential divide by zero error (Letu Ren)
- HID: hidraw: fix memory leak in hidraw_release() (Karthik Alapati)
- media: pvrusb2: fix memory leak in pvr_probe (Dongliang Mu)
- udmabuf: Set the DMA mask for the udmabuf device (v2) (Vivek Kasireddy)
- HID: steam: Prevent NULL pointer dereference in steam_{recv,send}_report (Lee Jones)
- Bluetooth: L2CAP: Fix build errors in some archs (Luiz Augusto von Dentz)
- kbuild: Fix include path in scripts/Makefile.modpost (Jing Leng)
- x86/bugs: Add "unknown" reporting for MMIO Stale Data (Pawan Gupta)
- s390/mm: do not trigger write fault when vma does not allow VM_WRITE (Gerald Schaefer)
- mm: Force TLB flush for PFNMAP mappings before unlink_file_vma() (Jann Horn)
- scsi: storvsc: Remove WQ_MEM_RECLAIM from storvsc_error_wq (Saurabh Sengar)
- perf/x86/intel/uncore: Fix broken read_counter() for SNB IMC PMU (Stephane Eranian)
- md: call __md_stop_writes in md_stop (Guoqing Jiang)
- mm/hugetlb: fix hugetlb not supporting softdirty tracking (David Hildenbrand)
- ACPI: processor: Remove freq Qos request for all CPUs (Riwen Lu)
- s390: fix double free of GS and RI CBs on fork() failure (Brian Foster)
- asm-generic: sections: refactor memory_intersects (Quanyang Wang)
- loop: Check for overflow while configuring loop (Siddh Raman Pant)
- x86/unwind/orc: Unwind ftrace trampolines with correct ORC entry (Chen Zhongjin)
- btrfs: check if root is readonly while setting security xattr (Goldwyn Rodrigues)
- btrfs: add info when mount fails due to stale replace target (Anand Jain)
- btrfs: replace: drop assert for suspended replace (Anand Jain)
- btrfs: fix silent failure when deleting root reference (Filipe Manana)
- ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter (Jacob Keller)
- net: Fix a data-race around sysctl_somaxconn. (Kuniyuki Iwashima)
- net: Fix a data-race around netdev_budget_usecs. (Kuniyuki Iwashima)
- net: Fix a data-race around netdev_budget. (Kuniyuki Iwashima)
- net: Fix a data-race around sysctl_net_busy_read. (Kuniyuki Iwashima)
- net: Fix a data-race around sysctl_net_busy_poll. (Kuniyuki Iwashima)
- net: Fix a data-race around sysctl_tstamp_allow_data. (Kuniyuki Iwashima)
- ratelimit: Fix data-races in ___ratelimit(). (Kuniyuki Iwashima)
- net: Fix data-races around netdev_tstamp_prequeue. (Kuniyuki Iwashima)
- net: Fix data-races around weight_p and dev_weight_[rt]x_bias. (Kuniyuki Iwashima)
- netfilter: nft_tunnel: restrict it to netdev family (Pablo Neira Ayuso)
- netfilter: nft_osf: restrict osf to ipv4, ipv6 and inet families (Pablo Neira Ayuso)
- netfilter: nft_payload: do not truncate csum_offset and csum_type (Pablo Neira Ayuso)
- netfilter: nft_payload: report ERANGE for too long offset and length (Pablo Neira Ayuso)
- bnxt_en: fix NQ resource accounting during vf creation on 57500 chips (Vikas Gupta)
- net: ipvtap - add __init/__exit annotations to module init/exit funcs (Maciej Żenczykowski)
- bonding: 802.3ad: fix no transmission of LACPDUs (Jonathan Toppins)
- net: moxa: get rid of asymmetry in DMA mapping/unmapping (Sergei Antonov)
- net/mlx5e: Properly disable vlan strip on non-UL reps (Vlad Buslov)
- rose: check NULL rose_loopback_neigh->loopback (Bernard Pidoux)
- SUNRPC: RPC level errors should set task->tk_rpc_status (Trond Myklebust)
- xfrm: fix refcount leak in __xfrm_policy_check() (Xin Xiong)
- kernel/sched: Remove dl_boosted flag comment (Hui Su)
- sched/deadline: Fix priority inheritance with multiple scheduling classes (Juri Lelli)
- sched/deadline: Fix stale throttling on de-/boosted tasks (Lucas Stach)
- sched/deadline: Unthrottle PI boosted threads while enqueuing (Daniel Bristot de Oliveira)
- pinctrl: amd: Don't save/restore interrupt status and wake status bits (Basavaraj Natikar)
- Revert "selftests/bpf: Fix test_align verifier log patterns" (Jean-Philippe Brucker)
- Revert "selftests/bpf: Fix "dubious pointer arithmetic" test" (Jean-Philippe Brucker)
- usb: cdns3: Fix issue for clear halt endpoint (Pawel Laszczak)
- kernel/sys_ni: add compat entry for fadvise64_64 (Randy Dunlap)
- parisc: Fix exception handler for fldw and fstw instructions (Helge Deller)
- audit: fix potential double free on error path from fsnotify_add_inode_mark (Gaosheng Cui)
[5.4.17-2136.313.2.el7uek]
- ice: enable ethtool hooks for E810 firmware update (John Donnelly) [Orabug: 34077831]
- ice: add ice_handle_nvm_access() (John Donnelly) [Orabug: 34077831]
- rds: cong: Make rds_cong_wait an array to reduce lock contention (Håkon Bugge) [Orabug: 34574093]
- rds: cong: Make rs_cong_notify and rs_cong_mask atomic64_t (Håkon Bugge) [Orabug: 34574093]
- mm: memcg/slab: disable cache merging for KMALLOC_NORMAL caches (Waiman Long) [Orabug: 34601144]
caches (Waiman Long) [Orabug: 34601144]
- mm: memcg/slab: properly set up gfp flags for objcg pointer array (Waiman Long) [Orabug: 34601144]
- mm, memcg: introduce mem_cgroup_kmem_disabled() (Roman Gushchin) [Orabug: 34601144]
- mm, slab: make kmalloc_info[] contain all types of names (Pengfei Li) [Orabug: 34601144]
cpus_read_lock() deadlock (Tejun Heo) [Orabug: 34639998]
- cgroup: Elide write-locking threadgroup_rwsem when updating csses on an empty subtree (Tejun Heo) [Orabug: 34639998]
- cgroup: Optimize single thread migration (Michal Koutný) [Orabug: 34639998]
- Revert "cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all()" (Imran Khan) [Orabug: 34639998]
cpus_read_lock() deadlock" (Imran Khan) [Orabug: 34639998]
- x86/MCE/AMD, EDAC/mce_amd: Support non-uniform MCA bank type enumeration (Yazen Ghannam) [Orabug: 34639981]
- x86/MCE/AMD, EDAC/mce_amd: Add new SMCA bank types (Yazen Ghannam) [Orabug: 34639981]
- x86/MCE/AMD, EDAC/mce_amd: Add new SMCA bank types (Muralidhara M K) [Orabug: 34639981]
- x86/mce: Increase maximum number of banks to 64 (Akshay Gupta) [Orabug: 34639981]
- x86/MCE/AMD, EDAC/amd64: Move address translation to AMD64 EDAC (Yazen Ghannam) [Orabug: 34639981]
- x86/MCE/AMD: Export smca_get_bank_type symbol (Mukul Joshi) [Orabug: 34639981]
- EDAC/amd64: Add support for AMD Family 19h Models 10h-1Fh and A0h-AFh (Yazen Ghannam) [Orabug: 34639981]
- EDAC/amd64: Set proper family type for Family 19h Models 20h-2Fh (Yazen Ghannam) [Orabug: 34639981]
- EDAC: Add RDDR5 and LRDDR5 memory types (Yazen Ghannam) [Orabug: 34639981]
- hwmon: (k10temp) Support up to 12 CCDs on AMD Family of processors (Babu Moger) [Orabug: 34639981]
- hwmon: (k10temp) Add support for AMD Family 19h Models 10h-1Fh and A0h-AFh (Babu Moger) [Orabug: 34639981]
- x86/amd_nb: Add AMD Family 19h Models (10h-1Fh) and (A0h-AFh) PCI IDs (Yazen Ghannam) [Orabug: 34639981]
- hwmon: (k10temp) Remove unused definitions (Babu Moger) [Orabug: 34639981]
- hwmon: (k10temp) Remove residues of current and voltage (suma hegde) [Orabug: 34639981]
- hwmon: (k10temp) Add support for yellow carp (Mario Limonciello) [Orabug: 34639981]
- hwmon: (k10temp) Rework the temperature offset calculation (Mario Limonciello) [Orabug: 34639981]
- hwmon: (k10temp) Don't show Tdie for all Zen/Zen2/Zen3 CPU/APU (Mario Limonciello) [Orabug: 34639981]
- hwmon: (k10temp) Add additional missing Zen2 and Zen3 APUs (Mario Limonciello) [Orabug: 34639981]
- hwmon: (k10temp) support Zen3 APUs (David Bartley) [Orabug: 34639981]
- x86/amd_nb: Add AMD family 19h model 50h PCI ids (David Bartley) [Orabug: 34639981]
- hwmon: (k10temp) Zen3 Ryzen Desktop CPUs support (Gabriel Craciunescu) [Orabug: 34639981]
- hwmon: (k10temp) Remove support for displaying voltage and current on Zen CPUs (Guenter Roeck) [Orabug: 34639981]
- hwmon: (k10temp) Add support for Zen3 CPUs (Wei Huang) [Orabug: 34639981]
- hwmon: (k10temp) Take out debugfs code (Guenter Roeck) [Orabug: 34639981]
- hwmon: (k10temp) Define SVI telemetry and current factors for Zen2 CPUs (Wei Huang) [Orabug: 34639981]
- hwmon: (k10temp) Create common functions and macros for Zen CPU families (Wei Huang) [Orabug: 34639981]
- hwmon: (k10temp) make some symbols static (Jason Yan) [Orabug: 34639981]
- hwmon: (k10temp) Reorganize and simplify temperature support detection (Guenter Roeck) [Orabug: 34639981]
- Revert "hwmon: (k10temp) Add support for Zen3 CPUs" (Dave Kleikamp) [Orabug: 34639981]
- uek-rpm: add missing nft_chain_nat.ko module (Venkat Venkatsubra) [Orabug: 34639977]
- random: Fix incorrect type for 'rc' variable (Harshit Mogalapalli) [Orabug: 34639972]
- hwmon: (opbmc) Add support for AST2600 based Pilot (Jan Zdarek) [Orabug: 34639967]
- KVM: SVM: Clear the CR4 register on reset (Babu Moger) [Orabug: 34639963]
- x86,swiotlb: Adjust SWIOTLB bounce buffer size for SEV guests (Ashish Kalra) [Orabug: 34639951]
- netfilter: ebtables: reject blobs that don't provide all entry points (Florian Westphal) [Orabug: 34610051]
- uek-rpm: Disable CONFIG_CRYPTO_STREEBOG (Victor Erminpour) [Orabug: 34610044]
- uek-rpm: Disable CONFIG_CRYPTO_SM3 (Victor Erminpour) [Orabug: 34610044]
- uek-rpm: Disable CONFIG_CRYPTO_SM4 (Victor Erminpour) [Orabug: 34610044]
- uek-rpm: Add nftables support T93 and Ortano (Henry Willard) [Orabug: 34610035]
- af_key: Do not call xfrm_probe_algs in parallel (Herbert Xu) [Orabug: 34610032] {CVE-2022-3028}
- cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() (Tetsuo Handa) [Orabug: 34610025]
cpus_read_lock() deadlock (Tejun Heo) [Orabug: 34610025]
- audit: use extern storage class for audit_filter_syscall() (Ankur Arora) [Orabug: 34586449]
- audit: annotate branch direction for audit_in_mask() (Ankur Arora) [Orabug: 34586449]
- audit: cache ctx->major in audit_filter_syscall() (Ankur Arora) [Orabug: 34586449]
[5.4.17-2136.313.1.el7uek]
- video: vga16fb: Only probe for EGA and VGA 16 color graphic cards (Javier Martinez Canillas) [Orabug: 32301403]
- KVM: arm: vgic: Only use the virtual state when userspace accesses enable bits (Marc Zyngier) [Orabug: 34542967]
- uek-rpm: mips: enable CRYTPTO_USER config options (Dave Kleikamp) [Orabug: 34557309]
_______________________________________________
An unbreakable Enterprise kernel security update has been released for Oracle Linux 7.