Fedora Linux 8811 Published by

A kernel security update has been released for Fedora 36.



SECURITY: Fedora 36 Update: kernel-5.17.2-300.fc36


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-af492757d9
2022-04-11 03:33:14.178560
--------------------------------------------------------------------------------

Name : kernel
Product : Fedora 36
Version : 5.17.2
Release : 300.fc36
URL :   https://www.kernel.org/
Summary : The Linux kernel
Description :
The kernel meta package

--------------------------------------------------------------------------------
Update Information:

The 5.17.2 stable kernel update contains a number of important fixes across the
tree.
--------------------------------------------------------------------------------
ChangeLog:

* Fri Apr 8 2022 Justin M. Forbes [5.17.2-0]
- Move the patch to the redhat directory so it doesn't end up as an applied patch (Justin M. Forbes)
- Config updates for 5.17.2 (Justin M. Forbes)
- Fedora: arm: Updates for QCom devices (Peter Robinson)
- Fedora arm and generic updates for 5.17 (Peter Robinson)
- enable COMMON_CLK_SI5341 for Xilinx ZYNQ-MP (Peter Robinson)
- Update Fix 'mem_section' will never be NULL gcc 12 warning to V4 (Justin M. Forbes)
- NFSv4.1 provide mount option to toggle trunking discovery (Olga Kornievskaia)
- Add the Revert patch so that it can be applied when building dist-git for F34 and F35 (Justin M. Forbes)
- redhat/configs/process_configs.sh: Avoid race with find (Prarit Bhargava)
- redhat/configs/process_configs.sh: Remove CONTINUEONERROR (Prarit Bhargava)
- redhat/configs/process_configs.sh: Fix race with tools generation (Prarit Bhargava)
- Bluetooth: hci_core: Rate limit the logging of invalid SCO handle (Luiz Augusto von Dentz)
- Bluetooth: hci_event: Fix HCI_EV_VENDOR max_len (Luiz Augusto von Dentz)
- Update mm/sparsemem: Fix 'mem_section' will never be NULL gcc 12 (Justin M. Forbes)
- net: bcmgenet: Use stronger register read/writes to assure ordering (Jeremy Linton)
- We actually needed the previous patch from os-build (Justin M. Forbes)
- redhat: Fix release tagging (Prarit Bhargava)
- Fix up changelog generation for stable releases (Justin M. Forbes)
- Remove i686 configs and filters (Justin M. Forbes)
- redhat/self-test: Fix shellcheck test (Prarit Bhargava)
- redhat/configs: Set CONFIG_X86_AMD_PSTATE built-in on Fedora (Prarit Bhargava)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2071047 - CVE-2022-1205 kernel: Null pointer dereference and use after free in net/ax25/ax25_timer.c
  https://bugzilla.redhat.com/show_bug.cgi?id=2071047
[ 2 ] Bug #2073064 - CVE-2022-28390 kernel: a double free in ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c
  https://bugzilla.redhat.com/show_bug.cgi?id=2073064
[ 3 ] Bug #2073086 - CVE-2022-28389 kernel: a double free in mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c
  https://bugzilla.redhat.com/show_bug.cgi?id=2073086
[ 4 ] Bug #2073091 - CVE-2022-28388 kernel: a double free in usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c
  https://bugzilla.redhat.com/show_bug.cgi?id=2073091
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-af492757d9' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________