Oracle Linux 6277 Published by

Oracle Linux has issued several updates, such as the Unbreakable Enterprise kernel-container security update for Oracle Linux 7, the OpenIPMI security update for Oracle Linux 9, the podman security update, the sos bug fix update, the thunderbird security update, and the container-tools:ol8 security update for Oracle Linux 8.

ELSA-2024-12782 Important: Oracle Linux 7 Unbreakable Enterprise kernel-container security update
ELBA-2024-12781 Oracle Linux 9 Unbreakable Enterprise kernel bug fix update
ELSA-2024-8037 Moderate: Oracle Linux 9 OpenIPMI security update
ELBA-2024-12781 Oracle Linux 9 Unbreakable Enterprise kernel bug fix update
ELSA-2024-8039 Important: Oracle Linux 9 podman security update
ELBA-2024-12785 Oracle Linux 9 sos bug fix update
ELSA-2024-8025 Important: Oracle Linux 9 thunderbird security update
ELBA-2024-12781 Oracle Linux 8 Unbreakable Enterprise kernel bug fix update
ELSA-2024-12782 Important: Oracle Linux 8 Unbreakable Enterprise kernel-container security update
ELSA-2024-12780 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
ELSA-2024-8038 Important: Oracle Linux 8 container-tools:ol8 security update
ELSA-2024-12780 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update
ELSA-2024-8024 Important: Oracle Linux 8 thunderbird security update
ELSA-2024-12780 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
ELSA-2024-12779 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update (aarch64)
ELSA-2024-12779 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update
ELSA-2024-5930 Important: Oracle Linux 7 bind security update (aarch64)
ELSA-2024-5930 Important: Oracle Linux 7 bind security update




ELSA-2024-12782 Important: Oracle Linux 7 Unbreakable Enterprise kernel-container security update


Oracle Linux Security Advisory ELSA-2024-12782

http://linux.oracle.com/errata/ELSA-2024-12782.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-container-5.4.17-2136.336.5.1.el7uek.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.336.5.1.el7uek.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//kernel-uek-5.4.17-2136.336.5.1.el7uek.src.rpm

Related CVEs:

CVE-2024-46738
CVE-2024-43882
CVE-2024-42259
CVE-2024-41042
CVE-2024-27397
CVE-2024-44948
CVE-2024-43890
CVE-2024-43893
CVE-2024-44968
CVE-2024-44960
CVE-2024-43883
CVE-2024-44954
CVE-2024-43894
CVE-2024-44969
CVE-2024-43908
CVE-2024-43914
CVE-2024-43861
CVE-2024-44935
CVE-2024-44965
CVE-2024-42265
CVE-2024-42271
CVE-2024-43867
CVE-2024-43860
CVE-2024-42290
CVE-2024-43871
CVE-2024-42301
CVE-2024-42131
CVE-2024-42276
CVE-2024-42280
CVE-2024-42281
CVE-2024-42283
CVE-2024-42284
CVE-2024-43856
CVE-2024-43858
CVE-2024-42295
CVE-2024-42285
CVE-2024-42286
CVE-2024-42287
CVE-2024-42288
CVE-2024-42289
CVE-2024-42292
CVE-2024-42297
CVE-2024-42304
CVE-2024-42305
CVE-2024-42306
CVE-2024-42308
CVE-2024-42309
CVE-2024-42310
CVE-2024-42311
CVE-2024-42313
CVE-2024-44944
CVE-2024-43829
CVE-2024-43830
CVE-2024-43839
CVE-2024-43841
CVE-2024-43879
CVE-2024-43880
CVE-2024-43846
CVE-2024-41090
CVE-2024-41091
CVE-2024-41020
CVE-2024-41012
CVE-2024-41017
CVE-2024-41015
CVE-2024-41059
CVE-2024-41063
CVE-2024-41064
CVE-2024-41065
CVE-2024-41068
CVE-2024-41070
CVE-2024-41072
CVE-2024-41081

Description of changes:

[5.4.17-2136.336.5.1.el7uek]
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (Haoran Zhang) [Orabug: 37138988]

[5.4.17-2136.336.5.el7uek]
- uek-rpm: Add skx_edac_common.ko to nano_modules (Sherry Yang) [Orabug: 37030127]
- EDAC, i10nm: make skx_common.o a separate module (Arnd Bergmann) [Orabug: 37030127]
- uek-rpm: Integrating the container build in UEK6 (Jack Vogel) [Orabug: 37021061]
- i40e: Change user notification of non-SFP module in i40e_get_module_info() (Andrii Staikov) [Orabug: 36988197]
- xsigo: Use NAPI in UD/TX flows for xve (Alok Tiwari) [Orabug: 35180168]
- xsigo: remove incorrect spin_unlock_irqrestore call in vhba_queuecommand (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix slab-out-of-bounds in vhba_create (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix memory free issue in dma mapping (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix use-after-free n xsvbha for srb *sp (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix mtu setting issue in xve netdev (Alok Tiwari) [Orabug: 35180168]
- xsigo: Add struct ib_mad_send_buf to recv_handler (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove tx_outstanding variable from xve xmit (Alok Tiwari) [Orabug: 35180168]
- xsigo: Add extack argument to dev_change_flags() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove compare_data while calling ib_cm_listen() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Ignore the return value of "ib_destroy_cq" (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove sif_verbs header (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace setup_timer with the timer_setup (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use ib_ud_wr for xve_dev_priv instread of ib_send_wr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove return from register event handler (Alok Tiwari) [Orabug: 35180168]
- xsigo: Add client_data for struct ib_client remove() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace dev->trans_start update with helper netif_trans_update (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove usage of net_device last_rx member from xsigo (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace skb_frag page with bv_page in xve (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use sg_next() to get the next sg instead of SG_NEXT (Alok Tiwari) [Orabug: 35180168]
- xsigo: Rename ib_init_ah_from_path to ib_init_ah_attr_from_path (Alok Tiwari) [Orabug: 35180168]
- xsigo: remove pointer dereference for ib_fmr_pool_map_phys (Alok Tiwari) [Orabug: 35180168]
- xsigo: ib_fmr_pool_map_phys does not need rargs (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove ib_sg_dma_address() and ib_sg_dma_len() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix compiling error from xsvbha module (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove sg_copy_buffer from vhba_align (Alok Tiwari) [Orabug: 35180168]
- xsigo: Xve, replace .get_settings with ksettings() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove LRO code from xve module (Alok Tiwari) [Orabug: 35180168]
- xsigo: Xsvnic, replace .get_settings with ksettings() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove LRO code from xsvnic module (Alok Tiwari) [Orabug: 35180168]
- xsigo: Change port number from u8 to u32 (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use frag->bv_offset in place of page_offset (Alok Tiwari) [Orabug: 35180168]
- xsigo: Rename skb_frag_t size to bv_len (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix compiling error due to Constify of ib_cm_event (Alok Tiwari) [Orabug: 35180168]
- xsigo: Add the $(srctree)/ prefix to xsigo Makefile (Alok Tiwari) [Orabug: 35180168]
- xsigo: Assign IB_MGMT_BASE_VERSION for ib_create_send_mad (Alok Tiwari) [Orabug: 35180168]
- xsigo: Assign rdma_ctxs and port_num for struct ib_qp_init_attr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use struct ib_cq_init_attr for ib_create_cq() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace max_sge with max_send_sge for xscore_create_qp (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove ib_get_dma_mr and ib_dereg_mr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace ib_query_device with callback "ops.query_device" (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace ib_query_gid with rdma_query_gid (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace ib_modify_cq with rdma_set_cq_moderation (Alok Tiwari) [Orabug: 35180168]
- xsigo: Assign path record type rec_type for sa_path_rec (Alok Tiwari) [Orabug: 35180168]
- xsigo: Rename ib_sa_path_rec to sa_path_rec (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use struct ib_ud_wr ud_wr instead of ib_send_wr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace struct ib_ah_attr with struct rdma_ah_attr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Rename ib_create_ah and ib_destroy_ah (Alok Tiwari) [Orabug: 35180168]
- xsigo: Assign const argument for ib_post_send/recv() (Alok Tiwari) [Orabug: 35180168]
- uek-rpm: add xsigo module in ol7 and ol8 config file (Alok Tiwari) [Orabug: 35180168]
- Revert "RDMA/core/sa_query: Remove unused function" (Alok Tiwari) [Orabug: 35180168]
- xve: arm ud tx cq to generate completion interrupts (Ajaykumar Hotchandani) [Orabug: 28267050] [Orabug: 35180168]
- xscore: add dma address check (Zhu Yanjun) [Orabug: 27074085] [Orabug: 35180168]
- xsigo: PCA 2.3.1 Compute Node panics in xve_create_arp+430 (Pradeep Gopanapalli) [Orabug: 26474000] [Orabug: 35180168]
- xsigo: UEK4-master:poor performance discovering 256 FC LUNs w/4 paths per LUN (Pradeep Gopanapalli) [Orabug: 26199177] [Orabug: 35180168]
- xsigo: Compute node crash on FC failover (Pradeep Gopanapalli) [Orabug: 25981973] [Orabug: 35180168]
- xsigo: Fix spinlock release in case of error (Pradeep Gopanapalli) [Orabug: 25779803] [Orabug: 35180168]
- xsigo: Optimize xsvnic module parameters for UEK4 (Pradeep Gopanapalli) [Orabug: 25779865] [Orabug: 35180168]
- xsigo: Fix crash in accessing xve proc l2 entries (Pradeep Gopanapalli) [Orabug: 25165085] [Orabug: 35180168]
- xsigo: Fix race in freeing aged Forwarding table entry (Pradeep Gopanapalli) [Orabug: 25129729] [Orabug: 35180168]
- xsigo: Schedule while uninterruptible (Pradeep Gopanapalli) [Orabug: 25097469] [Orabug: 35180168]
- xsigo: supported SGE's for LSO QP (Pradeep Gopanapalli) [Orabug: 25029868] [Orabug: 35180168]
- xsigo: Hardening driver in handling remote QP failures (Pradeep Gopanapalli) [Orabug: 24929076] [Orabug: 35180168]
- xsigo: send nack codes (Pradeep Gopanapalli) [Orabug: 24442792] [Orabug: 35180168]
- xsigo: xve driver has excessive messages (Pradeep Gopanapalli) [Orabug: 24758335] [Orabug: 35180168]
- xsigo: hard LOCKUP in freeing paths (Pradeep Gopanapalli) [Orabug: 24669507] [Orabug: 35180168]
- xsigo: Crash in xscore_port_num (Pradeep Gopanapalli) [Orabug: 24760465] [Orabug: 35180168]
- xsigo: Resize uVNIC/PVI CQ size (Pradeep Gopanapalli) [Orabug: 24765034] [Orabug: 35180168]
- xsigo: Optimizing Transmit completions (Pradeep Gopanapalli) [Orabug: 24928865] [Orabug: 35180168]
- xsigo: Implementing Jumbo MTU support (Pradeep Gopanapalli) [Orabug: 24928804] [Orabug: 35180168]
- xsigo: EoiB QP support (Pradeep Gopanapalli) [Orabug: 24508359] [Orabug: 35180168]
- xsigo: Send Heart Beat Lost Operational state (Pradeep Gopanapalli) [Orabug: 23032392] [Orabug: 35180168]
- xsigo: SKB Frag cleanup (Pradeep Gopanapalli) [Orabug: 23514725] [Orabug: 35180168]
- xsigo: Tx_tail goes outof bound (Pradeep Gopanapalli) [Orabug: 23514725] [Orabug: 35180168]
- xsigo: Fixed Path locking issues (Pradeep Gopanapalli) [Orabug: 23514725] [Orabug: 35180168]
- Fixed vnic issue after saturn reset (Pradeep Gopanapalli) [Orabug: 22862488] [Orabug: 35180168]
- uvnic issues (Pradeep Gopanapalli) [Orabug: 22862488] [Orabug: 35180168]
- Fixed wrongly checked return type Added Debug print (Pradeep Gopanapalli) [Orabug: 22862488] [Orabug: 35180168]
- Integrate Uvnic functionality into uek-4.1 Revision 8008 (Pradeep Gopanapalli) [Orabug: 35180168]
- 1) S_IRWXU causing kernel soft crash changing to 0644 (Pradeep Gopanapalli) [Orabug: 35180168]
- 1) Support vnic for EDR based platform(uVnic) 2) Supported Types now Type 0 (Pradeep Gopanapalli) [Orabug: 35180168]
- Add Oracle virtual Networking Drivers for uek4 kernel (Pradeep Gopanapalli) [Orabug: 35180168]

[5.4.17-2136.336.4.el7uek]
- igb: Fix not clearing TimeSync interrupts for 82580 (Daiwei Li)
- VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (David Fernandez Gonzalez) [Orabug: 37037205] {CVE-2024-46738}
- x86/speculation: Basic IBRS is enabled with AMD Automatic IBRS (Alexandre Chartre) [Orabug: 37044540]

[5.4.17-2136.336.3.el7uek]
- Compiler Attributes: Add __uninitialized macro (Heiko Carstens)
- filelock: Correct the filelock owner in fcntl_setlk/fcntl_setlk64 (Long Li)
- ALSA: timer: Relax start tick time check for slave timer elements (Takashi Iwai)
- ALSA: hda/realtek: Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (Parsa Poorshikhian)
- LTS tag: v5.4.282 (Sherry Yang)
- media: Revert "media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()" (Sean Young)
- ARM: dts: imx6qdl-kontron-samx6i: fix phy-mode (Michael Walle)
- nvme/pci: Add APST quirk for Lenovo N60z laptop (WangYuli)
- exec: Fix ToCToU between perm check and set-uid/gid usage (Kees Cook) [Orabug: 36984017] {CVE-2024-43882}
- media: uvcvideo: Use entity get_cur in uvc_ctrl_set (Yunke Cao)
- arm64: cpufeature: Fix the visibility of compat hwcaps (Amit Daniel Kachhap)
- drm/i915/gem: Fix Virtual Memory mapping boundaries calculation (Andi Shyti) [Orabug: 36953969] {CVE-2024-42259}
- netfilter: nf_tables: prefer nft_chain_validate (Florian Westphal) [Orabug: 36896846] {CVE-2024-41042}
- netfilter: nf_tables: use timestamp to check for set element timeout (Pablo Neira Ayuso) [Orabug: 36630432] {CVE-2024-27397}
- netfilter: nf_tables: set element extended ACK reporting support (Pablo Neira Ayuso)
- kbuild: Fix '-S -c' in x86 stack protector scripts (Nathan Chancellor)
- Fix gcc 4.9 build issue in 5.4.y (Jari Ruusu)
- drm/mgag200: Set DDC timeout in milliseconds (Thomas Zimmermann)
- drm/bridge: analogix_dp: properly handle zero sized AUX transactions (Lucas Stach)
- x86/mtrr: Check if fixed MTRRs exist before saving them (Andi Kleen) [Orabug: 37028936] {CVE-2024-44948}
- tracing: Fix overflow in get_free_elt() (Tze-nan Wu) [Orabug: 36992998] {CVE-2024-43890}
- power: supply: axp288_charger: Round constant_charge_voltage writes down (Hans de Goede)
- power: supply: axp288_charger: Fix constant_charge_voltage writes (Hans de Goede)
- genirq/irqdesc: Honor caller provided affinity in alloc_desc() (Shay Drory)
- serial: core: check uartclk for zero to avoid divide by zero (George Kennedy) [Orabug: 36993009] {CVE-2024-43893}
- scsi: mpt3sas: Avoid IOMMU page faults on REPORT ZONES (Damien Le Moal)
- ntp: Safeguard against time_constant overflow (Justin Stitt)
- ntp: Clamp maxerror and esterror to operating range (Justin Stitt)
- tick/broadcast: Move per CPU pointer access into the atomic section (Thomas Gleixner) [Orabug: 37036032] {CVE-2024-44968}
- scsi: ufs: core: Fix hba->last_dme_cmd_tstamp timestamp updating logic (Vamshi Gajjela)
- usb: gadget: core: Check for unset descriptor (Chris Wulff) [Orabug: 37028988] {CVE-2024-44960}
- USB: serial: debug: do not echo input by default (Marek Marczykowski-Górecki)
- usb: vhci-hcd: Do not drop references before new references are gained (Oliver Neukum) [Orabug: 36992971] {CVE-2024-43883}
- ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (Takashi Iwai)
- ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (Steven 'Steve' Kendall)
- ALSA: line6: Fix racy access to midibuf (Takashi Iwai) [Orabug: 37028957] {CVE-2024-44954}
- drm/client: fix null pointer dereference in drm_client_modeset_probe (Ma Ke) [Orabug: 36993014] {CVE-2024-43894}
- spi: spi-fsl-lpspi: Fix scldiv calculation (Stefan Wahren)
- spi: fsl-lpspi: remove unneeded array (Oleksandr Suvorov)
- bpf: kprobe: remove unused declaring of bpf_kprobe_override (Menglong Dong)
- i2c: smbus: Send alert notifications to all devices if source not found (Guenter Roeck)
- i2c: smbus: Improve handling of stuck alerts (Guenter Roeck)
- i2c: smbus: Don't filter out duplicate alerts (Corey Minyard)
- arm64: errata: Expand speculative SSBS workaround (again) (Mark Rutland)
- arm64: cputype: Add Cortex-A725 definitions (Mark Rutland)
- arm64: cputype: Add Cortex-X1C definitions (Mark Rutland)
- arm64: errata: Expand speculative SSBS workaround (Mark Rutland)
- arm64: errata: Unify speculative SSBS errata logic (Mark Rutland)
- arm64: cputype: Add Cortex-X925 definitions (Mark Rutland)
- arm64: cputype: Add Cortex-A720 definitions (Mark Rutland)
- arm64: cputype: Add Cortex-X3 definitions (Mark Rutland)
- arm64: errata: Add workaround for Arm errata 3194386 and 3312417 (Mark Rutland)
- arm64: cputype: Add Neoverse-V3 definitions (Mark Rutland)
- arm64: cputype: Add Cortex-X4 definitions (Mark Rutland)
- arm64: Add Neoverse-V2 part (Besar Wicaksono)
- arm64: cpufeature: Force HWCAP to be based on the sysreg visible to user-space (James Morse)
- ext4: fix wrong unit use in ext4_mb_find_by_goal (Kemeng Shi)
- SUNRPC: Fix a race to wake a sync task (Benjamin Coddington)
- s390/sclp: Prevent release of buffer in I/O (Peter Oberparleiter) [Orabug: 37029020] {CVE-2024-44969}
- jbd2: avoid memleak in jbd2_journal_write_metadata_buffer (Kemeng Shi)
- media: uvcvideo: Fix the bandwdith quirk on USB 3.x (Michal Pecio)
- media: uvcvideo: Ignore empty TS packets (Ricardo Ribalda)
- drm/amdgpu: Fix the null pointer dereference to ras_manager (Ma Jun) [Orabug: 36993084] {CVE-2024-43908}
- btrfs: fix bitmap leak when loading free space cache on duplicate entry (Filipe Manana)
- wifi: nl80211: don't give key data to userspace (Johannes Berg)
- udf: prevent integer overflow in udf_bitmap_free_blocks() (Roman Smirnov)
- PCI: Add Edimax Vendor ID to pci_ids.h (FUJITA Tomonori)
- selftests/bpf: Fix send_signal test with nested CONFIG_PARAVIRT (Yonghong Song)
- ACPI: SBS: manage alarm sysfs attribute through psy core (Thomas Weißschuh)
- ACPI: battery: create alarm sysfs attribute atomically (Thomas Weißschuh)
- clocksource/drivers/sh_cmt: Address race condition for clock events (Niklas Söderlund)
- md/raid5: avoid BUG_ON() while continue reshape after reassembling (Yu Kuai) [Orabug: 36993127] {CVE-2024-43914}
- net: fec: Stop PPS on driver remove (Csókás, Bence)
- Bluetooth: l2cap: always unlock channel in l2cap_conless_channel() (Dmitry Antipov)
- net: linkwatch: use system_unbound_wq (Eric Dumazet)
- net: usb: qmi_wwan: fix memory leak for not ip packets (Daniele Palmas) [Orabug: 36983959] {CVE-2024-43861}
- sctp: Fix null-ptr-deref in reuseport_add_sock(). (Kuniyuki Iwashima) [Orabug: 36993147] {CVE-2024-44935}
- sctp: move hlist_node and hashent out of sctp_ep_common (Xin Long)
- x86/mm: Fix pti_clone_pgtable() alignment assumption (Peter Zijlstra) [Orabug: 37029012] {CVE-2024-44965}
- irqchip/mbigen: Fix mbigen node address layout (Yipeng Zou)
- genirq: Allow irq_chip registration functions to take a const irq_chip (Marc Zyngier)
- netfilter: ipset: Add list flush to cancel_gc (Alexander Maltsev)
- net: usb: sr9700: fix uninitialized variable use in sr_mdio_read (Ma Ke)
- ALSA: usb-audio: Correct surround channels in UAC1 channel map (Takashi Iwai)
- protect the fetch of ->fd[fd] in do_dup2() from mispredictions (Al Viro) [Orabug: 36963808] {CVE-2024-42265}
- HID: wacom: Modify pen IDs (Tatsunosuke Tobita)
- ipv6: fix ndisc_is_useropt() handling for PIO (Maciej Żenczykowski)
- net/mlx5e: Add a check for the return value from mlx5_port_set_eth_ptys (Shahar Shitrit)
- net/iucv: fix use after free in iucv_sock_close() (Alexandra Winter) [Orabug: 36964006] {CVE-2024-42271}
- drm/vmwgfx: Fix overlay when using Screen Targets (Ian Forbes)
- drm/nouveau: prime: fix refcount underflow (Danilo Krummrich) [Orabug: 36983979] {CVE-2024-43867}
- remoteproc: imx_rproc: Skip over memory region when node value is NULL (Aleksandr Mishin) [Orabug: 36964537] {CVE-2024-43860}
- remoteproc: imx_rproc: Fix ignoring mapping vdev regions (Dong Aisheng)
- remoteproc: imx_rproc: ignore mapping vdev regions (Peng Fan)
- irqchip/imx-irqsteer: Handle runtime power management correctly (Shenwei Wang) [Orabug: 36964085] {CVE-2024-42290}
- irqchip/imx-irqsteer: Add runtime PM support (Lucas Stach)
- irqchip/imx-irqsteer: Constify irq_chip struct (Lucas Stach)
- genirq: Allow the PM device to originate from irq domain (Marc Zyngier)
- devres: Fix memory leakage caused by driver API devm_free_percpu() (Zijun Hu) [Orabug: 36983991] {CVE-2024-43871}
- driver core: Cast to (void *) with __force for __percpu pointer (Andy Shevchenko)
- dev/parport: fix the array out-of-bounds risk (tuhaowen) [Orabug: 36964223] {CVE-2024-42301}
- parport: Standardize use of printmode (Joe Perches)
to pr_( (Joe Perches)
- PCI: rockchip: Use GPIOD_OUT_LOW flag while requesting ep_gpio (Manivannan Sadhasivam)
- PCI: rockchip: Make 'ep-gpios' DT property optional (Chen-Yu Tsai)
- mm: avoid overflows in dirty throttling logic (Jan Kara) [Orabug: 36897803] {CVE-2024-42131}
- nvme-pci: add missing condition check for existence of mapped data (Leon Romanovsky) [Orabug: 36964022] {CVE-2024-42276}
- ASoC: Intel: use soc_intel_is_byt_cr() only when IOSF_MBI is reachable (Pierre-Louis Bossart)
- ASoC: Intel: Move soc_intel_is_foo() helpers to a generic header (Hans de Goede)
- ASoC: Intel: Convert to new X86 CPU match macros (Thomas Gleixner)
- powerpc: fix a file leak in kvm_vcpu_ioctl_enable_cap() (Al Viro)
- apparmor: Fix null pointer deref when receiving skb during sock creation (Xiao Liang)
- mISDN: Fix a use after free in hfcmulti_tx() (Dan Carpenter) [Orabug: 36964032] {CVE-2024-42280}
- bpf: Fix a segment issue when downgrading gso_size (Fred Li) [Orabug: 36964038] {CVE-2024-42281}
- net: nexthop: Initialize all fields in dumped nexthops (Petr Machata) [Orabug: 36964044] {CVE-2024-42283}
- tipc: Return non-zero value from tipc_udp_addr2str() on error (Shigeru Yoshida) [Orabug: 36964047] {CVE-2024-42284}
- net: bonding: correctly annotate RCU in bond_should_notify_peers() (Johannes Berg)
- ipv4: Fix incorrect source address in Record Route option (Ido Schimmel)
- MIPS: SMP-CPS: Fix address for GCR_ACCESS register for CM3 and later (Gregory CLEMENT)
- dma: fix call order in dmam_free_coherent (Lance Richardson) [Orabug: 36964523] {CVE-2024-43856}
- libbpf: Fix no-args func prototype BTF dumping syntax (Andrii Nakryiko)
- um: time-travel: fix time-travel-start option (Johannes Berg)
- jfs: Fix array-index-out-of-bounds in diFree (Jeongjun Park) [Orabug: 36964530] {CVE-2024-43858}
- kdb: address -Wformat-security warnings (Arnd Bergmann)
- nilfs2: handle inconsistent state in nilfs_btnode_create_block() (Ryusuke Konishi) [Orabug: 36964203] {CVE-2024-42295}
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x13d3:0x3591 (WangYuli)
- Bluetooth: btusb: Add RTL8852BE device 0489:e125 to device tables (Hilda Wu)
- rbd: don't assume RBD_LOCK_STATE_LOCKED for exclusive mappings (Ilya Dryomov)
- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (Ilya Dryomov)
- drm/panfrost: Mark simple_ondemand governor as softdep (Dragan Simic)
- rbd: don't assume rbd_is_lock_owner() for exclusive mappings (Ilya Dryomov)
- selftests/sigaltstack: Fix ppc64 GCC build (Michael Ellerman)
- RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (Bart Van Assche) [Orabug: 36964054] {CVE-2024-42285}
- platform: mips: cpu_hwmon: Disable driver on unsupported hardware (Jiaxun Yang)
- watchdog/perf: properly initialize the turbo mode timestamp and rearm counter (Thomas Gleixner)
- rtc: isl1208: Fix return value of nvmem callbacks (Joy Chakraborty)
- perf/x86/intel/pt: Fix a topa_entry base address calculation (Adrian Hunter)
- perf/x86/intel/pt: Fix topa_entry base length (Marco Cavenati)
- scsi: qla2xxx: validate nvme_local_port correctly (Nilesh Javali) [Orabug: 36964059] {CVE-2024-42286}
- scsi: qla2xxx: Complete command early within lock (Shreyas Deodhar) [Orabug: 36964065] {CVE-2024-42287}
- scsi: qla2xxx: Fix for possible memory corruption (Shreyas Deodhar) [Orabug: 36964070] {CVE-2024-42288}
- scsi: qla2xxx: During vport delete send async logout explicitly (Manish Rangankar) [Orabug: 36964080] {CVE-2024-42289}
- rtc: cmos: Fix return value of nvmem callbacks (Joy Chakraborty)
- kobject_uevent: Fix OOB access within zap_modalias_env() (Zijun Hu) [Orabug: 36964092] {CVE-2024-42292}
- decompress_bunzip2: fix rare decompression failure (Ross Lagerwall)
- ubi: eba: properly rollback inside self_check_eba (Fedor Pchelkin)
- clk: davinci: da8xx-cfgchip: Initialize clk_init_data before use (Bastien Curutchet)
- f2fs: fix to don't dirty inode for readonly filesystem (Chao Yu) [Orabug: 36964213] {CVE-2024-42297}
- scsi: qla2xxx: Return ENOBUFS if sg_cnt is more than one for ELS cmds (Saurav Kashyap)
- binder: fix hang of unregistered readers (Carlos Llamas)
- PCI: hv: Return zero, not garbage, when reading PCI_INTERRUPT_PIN (Wei Liu)
- hwrng: amd - Convert PCIBIOS_* return codes to errnos (Ilpo Järvinen)
- tools/memory-model: Fix bug in lock.cat (Alan Stern)
- leds: ss4200: Convert PCIBIOS_* return codes to errnos (Ilpo Järvinen)
- wifi: mwifiex: Fix interface type change (Rafael Beims)
- ext4: make sure the first directory block is not a hole (Baokun Li) [Orabug: 36964232] {CVE-2024-42304}
- ext4: check dot and dotdot of dx_root before making dir indexed (Baokun Li) [Orabug: 36964237] {CVE-2024-42305}
- m68k: amiga: Turn off Warp1260 interrupts during boot (Paolo Pisati)
- udf: Avoid using corrupted block bitmap buffer (Jan Kara) [Orabug: 36964242] {CVE-2024-42306}
- drm/amd/display: Check for NULL pointer (Sung Joon Kim) [Orabug: 36964247] {CVE-2024-42308}
- drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes (Ma Ke) [Orabug: 36964253] {CVE-2024-42309}
- drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes (Ma Ke) [Orabug: 36964260] {CVE-2024-42310}
- hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (Chao Yu) [Orabug: 36964265] {CVE-2024-42311}
- media: venus: fix use after free in vdec_close (Dikshita Agarwal) [Orabug: 36964275] {CVE-2024-42313}
- char: tpm: Fix possible memory leak in tpm_bios_measurements_open() (Joe Hattori)
- ipv6: take care of scope when choosing the src addr (Nicolas Dichtel)
- af_packet: Handle outgoing VLAN packets without hardware offloading (Chengen Du)
- net: netconsole: Disable target before netpoll cleanup (Breno Leitao)
- tick/broadcast: Make takeover of broadcast hrtimer reliable (Yu Liao)
- rtc: interface: Add RTC offset to alarm after fix-up (Csókás, Bence)
- nilfs2: avoid undefined behavior in nilfs_cnt32_ge macro (Ryusuke Konishi)
- fs/nilfs2: remove some unused macros to tame gcc (Alex Shi)
- pinctrl: freescale: mxs: Fix refcount of child (Peng Fan)
- netfilter: ctnetlink: use helper function to calculate expect ID (Pablo Neira Ayuso) [Orabug: 37013755] {CVE-2024-44944}
- bnxt_re: Fix imm_data endianness (Jack Wang)
- macintosh/therm_windtunnel: fix module unload. (Nick Bowler)
- powerpc/xmon: Fix disassembly CPU feature checks (Michael Ellerman)
- Input: elan_i2c - do not leave interrupt disabled on suspend failure (Dmitry Torokhov)
- RDMA/device: Return error earlier if port in not valid (Leon Romanovsky)
- mtd: make mtd_test.c a separate module (Arnd Bergmann)
- ASoC: max98088: Check for clk_prepare_enable() error (Chen Ni)
- RDMA/rxe: Don't set BTH_ACK_MASK for UC or UD QPs (Honggang LI)
- RDMA/mlx4: Fix truncated output warning in alias_GUID.c (Leon Romanovsky)
- RDMA/mlx4: Fix truncated output warning in mad.c (Leon Romanovsky)
- Input: qt1050 - handle CHIP_ID reading error (Andrei Lalaev)
- PCI: Fix resource double counting on remove & rescan (Ilpo Järvinen)
- SUNRPC: Fixup gss_status tracepoint error output (Benjamin Coddington)
- sparc64: Fix incorrect function signature and add prototype for prom_cif_init (Andreas Larsson)
- ext4: avoid writing unitialized memory to disk in EA inodes (Jan Kara)
- SUNRPC: avoid soft lockup when transmitting UDP to reachable server. (NeilBrown)
- mfd: omap-usb-tll: Use struct_size to allocate tll (Javier Carrasco)
- drm/qxl: Add check for drm_cvt_mode (Chen Ni) [Orabug: 36964456] {CVE-2024-43829}
- drm/etnaviv: fix DMA direction handling for cached RW buffers (Lucas Stach)
- perf report: Fix condition in sort__sym_cmp() (Namhyung Kim)
- leds: trigger: Unregister sysfs attributes before calling deactivate() (Hans de Goede) [Orabug: 36964459] {CVE-2024-43830}
- media: renesas: vsp1: Store RPF partition configuration per RPF instance (Laurent Pinchart)
- media: renesas: vsp1: Fix _irqsave and _irq mix (Laurent Pinchart)
- media: uvcvideo: Override default flags (Daniel Schaefer)
- media: uvcvideo: Allow entity-defined get_info and get_cur (Ricardo Ribalda)
- saa7134: Unchecked i2c_transfer function result fixed (Aleksandr Burakov)
- media: imon: Fix race getting ictx->lock (Ricardo Ribalda)
- media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control() (Zheng Yejian)
- USB: move snd_usb_pipe_sanity_check into the USB core (Greg Kroah-Hartman)
- selftests: forwarding: devlink_lib: Wait for udev events after reloading (Amit Cohen)
- bna: adjust 'name' buf size of bna_tcb and bna_ccb structures (Alexey Kodanev) [Orabug: 36964480] {CVE-2024-43839}
- wifi: virt_wifi: don't use strlen() in const context (Johannes Berg)
- gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (Gaosheng Cui)
- wifi: virt_wifi: avoid reporting connection success with wrong SSID (En-Wei Wu) [Orabug: 36964487] {CVE-2024-43841}
- qed: Improve the stack space of filter_config() (Shai Malin)
- perf: Prevent passing zero nr_pages to rb_alloc_aux() (Adrian Hunter)
- perf: Fix perf_aux_size() for greater-than 32-bit size (Adrian Hunter)
- perf/x86/intel/pt: Fix pt_topa_entry_for_page() address calculation (Adrian Hunter)
- netfilter: nf_tables: rise cap on SELinux secmark context (Pablo Neira Ayuso)
- net: fec: Fix FEC_ECR_EN1588 being cleared on link-down (Csókás, Bence)
- net: fec: Refactor: #define magic constants (Csókás Bence)
- wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (Baochen Qiang) [Orabug: 36984010] {CVE-2024-43879}
- wifi: cfg80211: fix typo in cfg80211_calculate_bitrate_he() (Baochen Qiang)
- mlxsw: spectrum_acl_erp: Fix object nesting warning (Ido Schimmel) [Orabug: 36984013] {CVE-2024-43880}
- lib: objagg: Fix general protection fault (Ido Schimmel) [Orabug: 36964495] {CVE-2024-43846}
- selftests/bpf: Check length of recv in test_sockmap (Geliang Tang)
- net/smc: set rmb's SG_MAX_SINGLE_ALLOC limitation only when CONFIG_ARCH_NO_SG_CHAIN is defined (Guangguan Wang)
- net/smc: Allow SMC-D 1MB DMB allocations (Stefan Raspl)
- wifi: brcmsmac: LCN PHY code is used for BCM4313 2G-only device (Samasth Norway Ananda)
- firmware: turris-mox-rwtm: Initialize completion before mailbox (Marek Behún)
- firmware: turris-mox-rwtm: Fix checking return value of wait_for_completion_timeout() (Marek Behún)
- m68k: cmpxchg: Fix return value for default case in __arch_xchg() (Thorsten Blum)
- x86/xen: Convert comma to semicolon (Chen Ni)
- m68k: atari: Fix TT bootup freeze / unexpected (SCU) interrupt messages (Eero Tamminen)
- arm64: dts: amlogic: gx: correct hdmi clocks (Jerome Brunet)
- arm64: dts: mediatek: mt7622: fix "emmc" pinctrl mux (Rafał Miłecki)
- ARM: dts: imx6qdl-kontron-samx6i: fix PCIe reset polarity (Michael Walle)
- ARM: dts: imx6qdl-kontron-samx6i: fix board reset (Michael Walle)
- ARM: dts: imx6qdl-kontron-samx6i: fix PHY reset (Michael Walle)
- ARM: dts: imx6qdl-kontron-samx6i: move phy reset into phy-node (Marco Felsch)
- arm64: dts: rockchip: Increase VOP clk rate on RK3328 (Jonas Karlman)
- arm64: dts: qcom: msm8996: specify UFS core_clk frequencies (Dmitry Baryshkov)
- arm64: dts: qcom: sdm845: add power-domain to UFS PHY (Dmitry Baryshkov)
- hwmon: (max6697) Fix swapped temp{1,8} critical alarms (Guenter Roeck)
- hwmon: (max6697) Fix underflow when writing limit attributes (Guenter Roeck)
- pwm: stm32: Always do lazy disabling (Uwe Kleine-König)
- hwmon: (adt7475) Fix default duty on fan is disabled (Wayne Tung)
- x86/platform/iosf_mbi: Convert PCIBIOS_* return codes to errnos (Ilpo Järvinen)
- x86/pci/xen: Fix PCIBIOS_* return code handling (Ilpo Järvinen)
- x86/pci/intel_mid_pci: Fix PCIBIOS_* return code handling (Ilpo Järvinen)
- x86/of: Return consistent error type from x86_of_pci_irq_enable() (Ilpo Järvinen)
- hfsplus: fix to avoid false alarm of circular locking (Chao Yu)
- platform/chrome: cros_ec_debugfs: fix wrong EC message version (Tzung-Bi Shih)
- LTS tag: v5.4.281 (Sherry Yang)
- tap: add missing verification for short frame (Si-Wei Liu) [Orabug: 36660755] {CVE-2024-41090}
- tun: add missing verification for short frame (Dongli Zhang) [Orabug: 36660755] {CVE-2024-41091}
- filelock: Fix fcntl/close race recovery compat path (Jann Horn) [Orabug: 36896789] {CVE-2024-41020} {CVE-2024-41012}
- ALSA: hda/realtek: Enable headset mic on Positivo SU C1400 (Edson Juliano Drosdeck)
- jfs: don't walk off the end of ealist (lei lu) [Orabug: 36891667] {CVE-2024-41017}
- ocfs2: add bounds checking to ocfs2_check_dir_entry() (lei lu) [Orabug: 36891655] {CVE-2024-41015}
- ACPI: processor_idle: Fix invalid comparison with insertion sort for latency (Kuan-Wei Chiu)
- ARM: 9324/1: fix get_user() broken with veneer (Masahiro Yamada)
- hfsplus: fix uninit-value in copy_name (Edward Adam Davis) [Orabug: 36896969] {CVE-2024-41059}
- selftests/vDSO: fix clang build errors and warnings (John Hubbard)
- spi: imx: Don't expect DMA for i.MX{25,35,50,51,53} cspi devices (Uwe Kleine-König)
- fs: better handle deep ancestor chains in is_subdir() (Christian Brauner)
- Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (Tetsuo Handa) [Orabug: 36896994] {CVE-2024-41063}
- scsi: libsas: Fix exp-attached device scan after probe failure scanned in again after probe failed (Xingui Yang)
- powerpc/eeh: avoid possible crash when edev->pdev changes (Ganesh Goudar) [Orabug: 36897003] {CVE-2024-41064}
- powerpc/pseries: Whitelist dtl slub object for copying to userspace (Anjali K) [Orabug: 36897009] {CVE-2024-41065}
- net: mac802154: Fix racy device stats updates by DEV_STATS_INC() and DEV_STATS_ADD() (Yunshui Jiang)
- net: usb: qmi_wwan: add Telit FN912 compositions (Daniele Palmas)
- ALSA: dmaengine_pcm: terminate dmaengine before synchronize (Shengjiu Wang)
- s390/sclp: Fix sclp_init() cleanup on failure (Heiko Carstens) [Orabug: 36897032] {CVE-2024-41068}
- can: kvaser_usb: fix return value for hif_usb_send_regout (Chen Ni)
- ASoC: ti: omap-hdmi: Fix too long driver name (Primoz Fiser)
- ASoC: ti: davinci-mcasp: Set min period size using FIFO config (Jai Luthra)
- bytcr_rt5640 : inverse jack detect for Archos 101 cesium (Thomas GENTY)
- Input: elantech - fix touchpad state on resume for Lenovo N24 (Jonathan Denose)
- mips: fix compat_sys_lseek syscall (Arnd Bergmann)
- ALSA: hda/realtek: Add more codec ID to no shutup pins list (Kailang Yang)
- KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (Michael Ellerman) [Orabug: 36897048] {CVE-2024-41070}
- wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (Dmitry Antipov) [Orabug: 36897312] {CVE-2024-41072}
- mei: demote client disconnect warning on suspend to debug (Alexander Usyskin)
- fs/file: fix the check in find_next_fd() (Yuntao Wang)
- kconfig: remove wrong expr_trans_bool() (Masahiro Yamada)
- kconfig: gconf: give a proper initial state to the Save button (Masahiro Yamada)
- ila: block BH in ila_output() (Eric Dumazet) [Orabug: 36897360] {CVE-2024-41081}
- Input: silead - Always support 10 fingers (Hans de Goede)
- wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan() (Dmitry Antipov)
- wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata (Nicolas Escande)
- ACPI: EC: Avoid returning AE_OK on errors in address space handler (Armin Wolf)
- ACPI: EC: Abort address space access upon error (Armin Wolf)
- scsi: qedf: Set qed_slowpath_params to zero before use (Saurav Kashyap)
- filelock: Remove locks reliably when fcntl/close race is detected (Jann Horn) [Orabug: 36874758] {CVE-2024-41012} {CVE-2024-41020}
- gcc-plugins: Rename last_stmt() for GCC 14+ (Kees Cook)

[5.4.17-2136.336.2.el7uek]
- mm: Only enable HVO under UEK6 for Exadata system (Jane Chu) [Orabug: 36990830]
- mm: delete redundent old PageCompound() macro (Jane Chu) [Orabug: 36990830]

[5.4.17-2136.336.1.el7uek]
- mm/hwpoison: put page in already hwpoisoned case with MF_COUNT_INCREASED (Naoya Horiguchi) [Orabug: 36947110]
- mm/memory-failure: send SIGBUS in the event of thp split fail (Jane Chu) [Orabug: 36947110]
- mm/memory-failure: move hwpoison_filter() higher up (Jane Chu) [Orabug: 36947110]
- mm/memory-failure: improve memory failure action_result messages (Jane Chu) [Orabug: 36947110]
- mm/madvise: add MF_ACTION_REQUIRED to madvise(MADV_HWPOISON) (Jane Chu) [Orabug: 36947110]
- mm/memory-failure: try to send SIGBUS even if unmap failed (Jane Chu) [Orabug: 36947110]
- mm: memory-failure: cleanup try_to_split_thp_page() (Kefeng Wang) [Orabug: 36947110]
- mm,hwpoison: introduce MF_MSG_UNSPLIT_THP (Naoya Horiguchi) [Orabug: 36947110]
- KVM/x86: Do not clear SIPI while in SMM (Boris Ostrovsky) [Orabug: 36401960]



ELBA-2024-12781 Oracle Linux 9 Unbreakable Enterprise kernel bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12781

http://linux.oracle.com/errata/ELBA-2024-12781.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-5.15.0-300.163.18.1.1.el9uek.x86_64.rpm
kernel-uek-5.15.0-300.163.18.1.1.el9uek.x86_64.rpm
kernel-uek-core-5.15.0-300.163.18.1.1.el9uek.x86_64.rpm
kernel-uek-debug-5.15.0-300.163.18.1.1.el9uek.x86_64.rpm
kernel-uek-debug-core-5.15.0-300.163.18.1.1.el9uek.x86_64.rpm
kernel-uek-debug-devel-5.15.0-300.163.18.1.1.el9uek.x86_64.rpm
kernel-uek-debug-modules-5.15.0-300.163.18.1.1.el9uek.x86_64.rpm
kernel-uek-debug-modules-extra-5.15.0-300.163.18.1.1.el9uek.x86_64.rpm
kernel-uek-devel-5.15.0-300.163.18.1.1.el9uek.x86_64.rpm
kernel-uek-doc-5.15.0-300.163.18.1.1.el9uek.noarch.rpm
kernel-uek-modules-5.15.0-300.163.18.1.1.el9uek.x86_64.rpm
kernel-uek-modules-extra-5.15.0-300.163.18.1.1.el9uek.x86_64.rpm
kernel-uek-container-5.15.0-300.163.18.1.1.el9uek.x86_64.rpm
kernel-uek-container-debug-5.15.0-300.163.18.1.1.el9uek.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kernel-uek-5.15.0-300.163.18.1.1.el9uek.src.rpm

Description of changes:

[5.15.0-300.163.18.1.1.el9uek]
- uek-rpm: Enable CONFIG_BLK_DEV_DRBD (Vijayendra Suman) [Orabug: 37161894]



ELSA-2024-8037 Moderate: Oracle Linux 9 OpenIPMI security update


Oracle Linux Security Advisory ELSA-2024-8037

http://linux.oracle.com/errata/ELSA-2024-8037.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
OpenIPMI-2.0.32-5.0.1.el9_4.i686.rpm
OpenIPMI-2.0.32-5.0.1.el9_4.x86_64.rpm
OpenIPMI-lanserv-2.0.32-5.0.1.el9_4.i686.rpm
OpenIPMI-lanserv-2.0.32-5.0.1.el9_4.x86_64.rpm
OpenIPMI-libs-2.0.32-5.0.1.el9_4.i686.rpm
OpenIPMI-libs-2.0.32-5.0.1.el9_4.x86_64.rpm
OpenIPMI-devel-2.0.32-5.0.1.el9_4.i686.rpm
OpenIPMI-devel-2.0.32-5.0.1.el9_4.x86_64.rpm

aarch64:
OpenIPMI-2.0.32-5.0.1.el9_4.aarch64.rpm
OpenIPMI-lanserv-2.0.32-5.0.1.el9_4.aarch64.rpm
OpenIPMI-libs-2.0.32-5.0.1.el9_4.aarch64.rpm
OpenIPMI-devel-2.0.32-5.0.1.el9_4.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//OpenIPMI-2.0.32-5.0.1.el9_4.src.rpm

Related CVEs:

CVE-2024-42934

Description of changes:

[2.0.32-5.0.1]
- IPMI SMB kernel module name is ipmi_ssif in all modern kernels.
openipmi-helper script fixed. [Orabug: 27093288] (alexey.petrenko@oracle.com)

[2.0.32-5]
- Update the patch for CVE-2024-42934 to add a missing upstream
commit from 2.0.36: 663e3cd3

[2.0.32-4]
- Backport two commits from 2.0.36 to add checks in ipmi_sim
and ipmilan (CVE-2024-42934)



ELBA-2024-12781 Oracle Linux 9 Unbreakable Enterprise kernel bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12781

http://linux.oracle.com/errata/ELBA-2024-12781.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

aarch64:
bpftool-5.15.0-300.163.18.1.1.el9uek.aarch64.rpm
kernel-uek-5.15.0-300.163.18.1.1.el9uek.aarch64.rpm
kernel-uek-container-5.15.0-300.163.18.1.1.el9uek.aarch64.rpm
kernel-uek-container-debug-5.15.0-300.163.18.1.1.el9uek.aarch64.rpm
kernel-uek-core-5.15.0-300.163.18.1.1.el9uek.aarch64.rpm
kernel-uek-debug-5.15.0-300.163.18.1.1.el9uek.aarch64.rpm
kernel-uek-debug-core-5.15.0-300.163.18.1.1.el9uek.aarch64.rpm
kernel-uek-debug-devel-5.15.0-300.163.18.1.1.el9uek.aarch64.rpm
kernel-uek-debug-modules-5.15.0-300.163.18.1.1.el9uek.aarch64.rpm
kernel-uek-debug-modules-extra-5.15.0-300.163.18.1.1.el9uek.aarch64.rpm
kernel-uek-devel-5.15.0-300.163.18.1.1.el9uek.aarch64.rpm
kernel-uek-doc-5.15.0-300.163.18.1.1.el9uek.noarch.rpm
kernel-uek-modules-5.15.0-300.163.18.1.1.el9uek.aarch64.rpm
kernel-uek-modules-extra-5.15.0-300.163.18.1.1.el9uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kernel-uek-5.15.0-300.163.18.1.1.el9uek.src.rpm

Description of changes:

[5.15.0-300.163.18.1.1.el9uek]
- uek-rpm: Enable CONFIG_BLK_DEV_DRBD (Vijayendra Suman) [Orabug: 37161894]



ELSA-2024-8039 Important: Oracle Linux 9 podman security update


Oracle Linux Security Advisory ELSA-2024-8039

http://linux.oracle.com/errata/ELSA-2024-8039.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
podman-4.9.4-13.0.1.el9_4.x86_64.rpm
podman-docker-4.9.4-13.0.1.el9_4.noarch.rpm
podman-plugins-4.9.4-13.0.1.el9_4.x86_64.rpm
podman-remote-4.9.4-13.0.1.el9_4.x86_64.rpm
podman-tests-4.9.4-13.0.1.el9_4.x86_64.rpm

aarch64:
podman-4.9.4-13.0.1.el9_4.aarch64.rpm
podman-docker-4.9.4-13.0.1.el9_4.noarch.rpm
podman-plugins-4.9.4-13.0.1.el9_4.aarch64.rpm
podman-remote-4.9.4-13.0.1.el9_4.aarch64.rpm
podman-tests-4.9.4-13.0.1.el9_4.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//podman-4.9.4-13.0.1.el9_4.src.rpm

Related CVEs:

CVE-2024-9341
CVE-2024-34155
CVE-2024-34156
CVE-2024-34158

Description of changes:

[4.9.4-13.0.1]
- Fixes issue of podman execvp error while using podmansh [Orabug: 36073625]
- Improved saving remote build context to tarfile in Podman daemon [Orabug: 36495655]
- Add devices on container startup, not on creation
- Backport fast gzip for compression [Orabug: 36420418]
- overlay: Put should ignore ENINVAL for Unmount [Orabug: 36234694]
- Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117404]

[4:4.9.4-13]
- update to the latest content of https://github.com/containers/podman/tree/v4.9-rhel
( https://github.com/containers/podman/commit/6cf9920)
- Resolves: RHEL-60964

[4:4.9.4-12]
- rebuild to address CVE-2024-34155 CVE-2024-34156 CVE-2024-34158
- Resolves: RHEL-57980 RHEL-57950 RHEL-58203

[4:4.9.4-11]
- update to the latest content of https://github.com/containers/podman/tree/v4.9-rhel
( https://github.com/containers/podman/commit/e3221b5)
- Resolves: RHEL-56327 RHEL-50231



ELBA-2024-12785 Oracle Linux 9 sos bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12785

http://linux.oracle.com/errata/ELBA-2024-12785.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
sos-4.7.2-3.0.2.el9.noarch.rpm
sos-audit-4.7.2-3.0.2.el9.noarch.rpm

aarch64:
sos-4.7.2-3.0.2.el9.noarch.rpm
sos-audit-4.7.2-3.0.2.el9.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//sos-4.7.2-3.0.2.el9.src.rpm

Description of changes:

[4.7.2-3.0.2]
- Remove rpc_clnt directory from sunrpc debugfs [Orabug: 37129232]
- Disable ethtool EEPROM dump for link down interfaces [Orabug: 37129428]



ELSA-2024-8025 Important: Oracle Linux 9 thunderbird security update


Oracle Linux Security Advisory ELSA-2024-8025

http://linux.oracle.com/errata/ELSA-2024-8025.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
thunderbird-128.3.1-1.0.1.el9_4.x86_64.rpm

aarch64:
thunderbird-128.3.1-1.0.1.el9_4.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//thunderbird-128.3.1-1.0.1.el9_4.src.rpm

Related CVEs:

CVE-2024-9680

Description of changes:

[128.3.1-1.0.1]
- Fix prefs for new nss [Orabug: 37079813]
- Add Oracle prefs

[128.3.1]
- Add OpenELA debranding

[128.3.1-1]
- Update to 128.3.1



ELBA-2024-12781 Oracle Linux 8 Unbreakable Enterprise kernel bug fix update


Oracle Linux Bug Fix Advisory ELBA-2024-12781

http://linux.oracle.com/errata/ELBA-2024-12781.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-5.15.0-300.163.18.1.1.el8uek.x86_64.rpm
kernel-uek-5.15.0-300.163.18.1.1.el8uek.x86_64.rpm
kernel-uek-core-5.15.0-300.163.18.1.1.el8uek.x86_64.rpm
kernel-uek-debug-5.15.0-300.163.18.1.1.el8uek.x86_64.rpm
kernel-uek-debug-core-5.15.0-300.163.18.1.1.el8uek.x86_64.rpm
kernel-uek-debug-devel-5.15.0-300.163.18.1.1.el8uek.x86_64.rpm
kernel-uek-debug-modules-5.15.0-300.163.18.1.1.el8uek.x86_64.rpm
kernel-uek-debug-modules-extra-5.15.0-300.163.18.1.1.el8uek.x86_64.rpm
kernel-uek-devel-5.15.0-300.163.18.1.1.el8uek.x86_64.rpm
kernel-uek-doc-5.15.0-300.163.18.1.1.el8uek.noarch.rpm
kernel-uek-modules-5.15.0-300.163.18.1.1.el8uek.x86_64.rpm
kernel-uek-modules-extra-5.15.0-300.163.18.1.1.el8uek.x86_64.rpm
kernel-uek-container-5.15.0-300.163.18.1.1.el8uek.x86_64.rpm
kernel-uek-container-debug-5.15.0-300.163.18.1.1.el8uek.x86_64.rpm

aarch64:
bpftool-5.15.0-300.163.18.1.1.el8uek.aarch64.rpm
kernel-uek-5.15.0-300.163.18.1.1.el8uek.aarch64.rpm
kernel-uek-core-5.15.0-300.163.18.1.1.el8uek.aarch64.rpm
kernel-uek-debug-5.15.0-300.163.18.1.1.el8uek.aarch64.rpm
kernel-uek-debug-core-5.15.0-300.163.18.1.1.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.15.0-300.163.18.1.1.el8uek.aarch64.rpm
kernel-uek-debug-modules-5.15.0-300.163.18.1.1.el8uek.aarch64.rpm
kernel-uek-debug-modules-extra-5.15.0-300.163.18.1.1.el8uek.aarch64.rpm
kernel-uek-devel-5.15.0-300.163.18.1.1.el8uek.aarch64.rpm
kernel-uek-doc-5.15.0-300.163.18.1.1.el8uek.noarch.rpm
kernel-uek-modules-5.15.0-300.163.18.1.1.el8uek.aarch64.rpm
kernel-uek-modules-extra-5.15.0-300.163.18.1.1.el8uek.aarch64.rpm
kernel-uek-container-5.15.0-300.163.18.1.1.el8uek.aarch64.rpm
kernel-uek-container-debug-5.15.0-300.163.18.1.1.el8uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.15.0-300.163.18.1.1.el8uek.src.rpm

Description of changes:

[5.15.0-300.163.18.1.1.el8uek]
- uek-rpm: Enable CONFIG_BLK_DEV_DRBD (Vijayendra Suman) [Orabug: 37161894]



ELSA-2024-12782 Important: Oracle Linux 8 Unbreakable Enterprise kernel-container security update


Oracle Linux Security Advisory ELSA-2024-12782

http://linux.oracle.com/errata/ELSA-2024-12782.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-container-5.4.17-2136.336.5.1.el8uek.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.336.5.1.el8uek.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.4.17-2136.336.5.1.el8uek.src.rpm

Related CVEs:

CVE-2024-46738
CVE-2024-43882
CVE-2024-42259
CVE-2024-41042
CVE-2024-27397
CVE-2024-44948
CVE-2024-43890
CVE-2024-43893
CVE-2024-44968
CVE-2024-44960
CVE-2024-43883
CVE-2024-44954
CVE-2024-43894
CVE-2024-44969
CVE-2024-43908
CVE-2024-43914
CVE-2024-43861
CVE-2024-44935
CVE-2024-44965
CVE-2024-42265
CVE-2024-42271
CVE-2024-43867
CVE-2024-43860
CVE-2024-42290
CVE-2024-43871
CVE-2024-42301
CVE-2024-42131
CVE-2024-42276
CVE-2024-42280
CVE-2024-42281
CVE-2024-42283
CVE-2024-42284
CVE-2024-43856
CVE-2024-43858
CVE-2024-42295
CVE-2024-42285
CVE-2024-42286
CVE-2024-42287
CVE-2024-42288
CVE-2024-42289
CVE-2024-42292
CVE-2024-42297
CVE-2024-42304
CVE-2024-42305
CVE-2024-42306
CVE-2024-42308
CVE-2024-42309
CVE-2024-42310
CVE-2024-42311
CVE-2024-42313
CVE-2024-44944
CVE-2024-43829
CVE-2024-43830
CVE-2024-43839
CVE-2024-43841
CVE-2024-43879
CVE-2024-43880
CVE-2024-43846
CVE-2024-41090
CVE-2024-41091
CVE-2024-41020
CVE-2024-41012
CVE-2024-41017
CVE-2024-41015
CVE-2024-41059
CVE-2024-41063
CVE-2024-41064
CVE-2024-41065
CVE-2024-41068
CVE-2024-41070
CVE-2024-41072
CVE-2024-41081

Description of changes:

[5.4.17-2136.336.5.1.el8uek]
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (Haoran Zhang) [Orabug: 37138988]

[5.4.17-2136.336.5.el8uek]
- uek-rpm: Add skx_edac_common.ko to nano_modules (Sherry Yang) [Orabug: 37030127]
- EDAC, i10nm: make skx_common.o a separate module (Arnd Bergmann) [Orabug: 37030127]
- uek-rpm: Integrating the container build in UEK6 (Jack Vogel) [Orabug: 37021061]
- i40e: Change user notification of non-SFP module in i40e_get_module_info() (Andrii Staikov) [Orabug: 36988197]
- xsigo: Use NAPI in UD/TX flows for xve (Alok Tiwari) [Orabug: 35180168]
- xsigo: remove incorrect spin_unlock_irqrestore call in vhba_queuecommand (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix slab-out-of-bounds in vhba_create (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix memory free issue in dma mapping (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix use-after-free n xsvbha for srb *sp (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix mtu setting issue in xve netdev (Alok Tiwari) [Orabug: 35180168]
- xsigo: Add struct ib_mad_send_buf to recv_handler (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove tx_outstanding variable from xve xmit (Alok Tiwari) [Orabug: 35180168]
- xsigo: Add extack argument to dev_change_flags() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove compare_data while calling ib_cm_listen() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Ignore the return value of "ib_destroy_cq" (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove sif_verbs header (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace setup_timer with the timer_setup (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use ib_ud_wr for xve_dev_priv instread of ib_send_wr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove return from register event handler (Alok Tiwari) [Orabug: 35180168]
- xsigo: Add client_data for struct ib_client remove() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace dev->trans_start update with helper netif_trans_update (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove usage of net_device last_rx member from xsigo (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace skb_frag page with bv_page in xve (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use sg_next() to get the next sg instead of SG_NEXT (Alok Tiwari) [Orabug: 35180168]
- xsigo: Rename ib_init_ah_from_path to ib_init_ah_attr_from_path (Alok Tiwari) [Orabug: 35180168]
- xsigo: remove pointer dereference for ib_fmr_pool_map_phys (Alok Tiwari) [Orabug: 35180168]
- xsigo: ib_fmr_pool_map_phys does not need rargs (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove ib_sg_dma_address() and ib_sg_dma_len() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix compiling error from xsvbha module (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove sg_copy_buffer from vhba_align (Alok Tiwari) [Orabug: 35180168]
- xsigo: Xve, replace .get_settings with ksettings() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove LRO code from xve module (Alok Tiwari) [Orabug: 35180168]
- xsigo: Xsvnic, replace .get_settings with ksettings() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove LRO code from xsvnic module (Alok Tiwari) [Orabug: 35180168]
- xsigo: Change port number from u8 to u32 (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use frag->bv_offset in place of page_offset (Alok Tiwari) [Orabug: 35180168]
- xsigo: Rename skb_frag_t size to bv_len (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix compiling error due to Constify of ib_cm_event (Alok Tiwari) [Orabug: 35180168]
- xsigo: Add the $(srctree)/ prefix to xsigo Makefile (Alok Tiwari) [Orabug: 35180168]
- xsigo: Assign IB_MGMT_BASE_VERSION for ib_create_send_mad (Alok Tiwari) [Orabug: 35180168]
- xsigo: Assign rdma_ctxs and port_num for struct ib_qp_init_attr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use struct ib_cq_init_attr for ib_create_cq() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace max_sge with max_send_sge for xscore_create_qp (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove ib_get_dma_mr and ib_dereg_mr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace ib_query_device with callback "ops.query_device" (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace ib_query_gid with rdma_query_gid (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace ib_modify_cq with rdma_set_cq_moderation (Alok Tiwari) [Orabug: 35180168]
- xsigo: Assign path record type rec_type for sa_path_rec (Alok Tiwari) [Orabug: 35180168]
- xsigo: Rename ib_sa_path_rec to sa_path_rec (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use struct ib_ud_wr ud_wr instead of ib_send_wr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace struct ib_ah_attr with struct rdma_ah_attr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Rename ib_create_ah and ib_destroy_ah (Alok Tiwari) [Orabug: 35180168]
- xsigo: Assign const argument for ib_post_send/recv() (Alok Tiwari) [Orabug: 35180168]
- uek-rpm: add xsigo module in ol7 and ol8 config file (Alok Tiwari) [Orabug: 35180168]
- Revert "RDMA/core/sa_query: Remove unused function" (Alok Tiwari) [Orabug: 35180168]
- xve: arm ud tx cq to generate completion interrupts (Ajaykumar Hotchandani) [Orabug: 28267050] [Orabug: 35180168]
- xscore: add dma address check (Zhu Yanjun) [Orabug: 27074085] [Orabug: 35180168]
- xsigo: PCA 2.3.1 Compute Node panics in xve_create_arp+430 (Pradeep Gopanapalli) [Orabug: 26474000] [Orabug: 35180168]
- xsigo: UEK4-master:poor performance discovering 256 FC LUNs w/4 paths per LUN (Pradeep Gopanapalli) [Orabug: 26199177] [Orabug: 35180168]
- xsigo: Compute node crash on FC failover (Pradeep Gopanapalli) [Orabug: 25981973] [Orabug: 35180168]
- xsigo: Fix spinlock release in case of error (Pradeep Gopanapalli) [Orabug: 25779803] [Orabug: 35180168]
- xsigo: Optimize xsvnic module parameters for UEK4 (Pradeep Gopanapalli) [Orabug: 25779865] [Orabug: 35180168]
- xsigo: Fix crash in accessing xve proc l2 entries (Pradeep Gopanapalli) [Orabug: 25165085] [Orabug: 35180168]
- xsigo: Fix race in freeing aged Forwarding table entry (Pradeep Gopanapalli) [Orabug: 25129729] [Orabug: 35180168]
- xsigo: Schedule while uninterruptible (Pradeep Gopanapalli) [Orabug: 25097469] [Orabug: 35180168]
- xsigo: supported SGE's for LSO QP (Pradeep Gopanapalli) [Orabug: 25029868] [Orabug: 35180168]
- xsigo: Hardening driver in handling remote QP failures (Pradeep Gopanapalli) [Orabug: 24929076] [Orabug: 35180168]
- xsigo: send nack codes (Pradeep Gopanapalli) [Orabug: 24442792] [Orabug: 35180168]
- xsigo: xve driver has excessive messages (Pradeep Gopanapalli) [Orabug: 24758335] [Orabug: 35180168]
- xsigo: hard LOCKUP in freeing paths (Pradeep Gopanapalli) [Orabug: 24669507] [Orabug: 35180168]
- xsigo: Crash in xscore_port_num (Pradeep Gopanapalli) [Orabug: 24760465] [Orabug: 35180168]
- xsigo: Resize uVNIC/PVI CQ size (Pradeep Gopanapalli) [Orabug: 24765034] [Orabug: 35180168]
- xsigo: Optimizing Transmit completions (Pradeep Gopanapalli) [Orabug: 24928865] [Orabug: 35180168]
- xsigo: Implementing Jumbo MTU support (Pradeep Gopanapalli) [Orabug: 24928804] [Orabug: 35180168]
- xsigo: EoiB QP support (Pradeep Gopanapalli) [Orabug: 24508359] [Orabug: 35180168]
- xsigo: Send Heart Beat Lost Operational state (Pradeep Gopanapalli) [Orabug: 23032392] [Orabug: 35180168]
- xsigo: SKB Frag cleanup (Pradeep Gopanapalli) [Orabug: 23514725] [Orabug: 35180168]
- xsigo: Tx_tail goes outof bound (Pradeep Gopanapalli) [Orabug: 23514725] [Orabug: 35180168]
- xsigo: Fixed Path locking issues (Pradeep Gopanapalli) [Orabug: 23514725] [Orabug: 35180168]
- Fixed vnic issue after saturn reset (Pradeep Gopanapalli) [Orabug: 22862488] [Orabug: 35180168]
- uvnic issues (Pradeep Gopanapalli) [Orabug: 22862488] [Orabug: 35180168]
- Fixed wrongly checked return type Added Debug print (Pradeep Gopanapalli) [Orabug: 22862488] [Orabug: 35180168]
- Integrate Uvnic functionality into uek-4.1 Revision 8008 (Pradeep Gopanapalli) [Orabug: 35180168]
- 1) S_IRWXU causing kernel soft crash changing to 0644 (Pradeep Gopanapalli) [Orabug: 35180168]
- 1) Support vnic for EDR based platform(uVnic) 2) Supported Types now Type 0 (Pradeep Gopanapalli) [Orabug: 35180168]
- Add Oracle virtual Networking Drivers for uek4 kernel (Pradeep Gopanapalli) [Orabug: 35180168]

[5.4.17-2136.336.4.el8uek]
- igb: Fix not clearing TimeSync interrupts for 82580 (Daiwei Li)
- VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (David Fernandez Gonzalez) [Orabug: 37037205] {CVE-2024-46738}
- x86/speculation: Basic IBRS is enabled with AMD Automatic IBRS (Alexandre Chartre) [Orabug: 37044540]

[5.4.17-2136.336.3.el8uek]
- Compiler Attributes: Add __uninitialized macro (Heiko Carstens)
- filelock: Correct the filelock owner in fcntl_setlk/fcntl_setlk64 (Long Li)
- ALSA: timer: Relax start tick time check for slave timer elements (Takashi Iwai)
- ALSA: hda/realtek: Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (Parsa Poorshikhian)
- LTS tag: v5.4.282 (Sherry Yang)
- media: Revert "media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()" (Sean Young)
- ARM: dts: imx6qdl-kontron-samx6i: fix phy-mode (Michael Walle)
- nvme/pci: Add APST quirk for Lenovo N60z laptop (WangYuli)
- exec: Fix ToCToU between perm check and set-uid/gid usage (Kees Cook) [Orabug: 36984017] {CVE-2024-43882}
- media: uvcvideo: Use entity get_cur in uvc_ctrl_set (Yunke Cao)
- arm64: cpufeature: Fix the visibility of compat hwcaps (Amit Daniel Kachhap)
- drm/i915/gem: Fix Virtual Memory mapping boundaries calculation (Andi Shyti) [Orabug: 36953969] {CVE-2024-42259}
- netfilter: nf_tables: prefer nft_chain_validate (Florian Westphal) [Orabug: 36896846] {CVE-2024-41042}
- netfilter: nf_tables: use timestamp to check for set element timeout (Pablo Neira Ayuso) [Orabug: 36630432] {CVE-2024-27397}
- netfilter: nf_tables: set element extended ACK reporting support (Pablo Neira Ayuso)
- kbuild: Fix '-S -c' in x86 stack protector scripts (Nathan Chancellor)
- Fix gcc 4.9 build issue in 5.4.y (Jari Ruusu)
- drm/mgag200: Set DDC timeout in milliseconds (Thomas Zimmermann)
- drm/bridge: analogix_dp: properly handle zero sized AUX transactions (Lucas Stach)
- x86/mtrr: Check if fixed MTRRs exist before saving them (Andi Kleen) [Orabug: 37028936] {CVE-2024-44948}
- tracing: Fix overflow in get_free_elt() (Tze-nan Wu) [Orabug: 36992998] {CVE-2024-43890}
- power: supply: axp288_charger: Round constant_charge_voltage writes down (Hans de Goede)
- power: supply: axp288_charger: Fix constant_charge_voltage writes (Hans de Goede)
- genirq/irqdesc: Honor caller provided affinity in alloc_desc() (Shay Drory)
- serial: core: check uartclk for zero to avoid divide by zero (George Kennedy) [Orabug: 36993009] {CVE-2024-43893}
- scsi: mpt3sas: Avoid IOMMU page faults on REPORT ZONES (Damien Le Moal)
- ntp: Safeguard against time_constant overflow (Justin Stitt)
- ntp: Clamp maxerror and esterror to operating range (Justin Stitt)
- tick/broadcast: Move per CPU pointer access into the atomic section (Thomas Gleixner) [Orabug: 37036032] {CVE-2024-44968}
- scsi: ufs: core: Fix hba->last_dme_cmd_tstamp timestamp updating logic (Vamshi Gajjela)
- usb: gadget: core: Check for unset descriptor (Chris Wulff) [Orabug: 37028988] {CVE-2024-44960}
- USB: serial: debug: do not echo input by default (Marek Marczykowski-Górecki)
- usb: vhci-hcd: Do not drop references before new references are gained (Oliver Neukum) [Orabug: 36992971] {CVE-2024-43883}
- ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (Takashi Iwai)
- ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (Steven 'Steve' Kendall)
- ALSA: line6: Fix racy access to midibuf (Takashi Iwai) [Orabug: 37028957] {CVE-2024-44954}
- drm/client: fix null pointer dereference in drm_client_modeset_probe (Ma Ke) [Orabug: 36993014] {CVE-2024-43894}
- spi: spi-fsl-lpspi: Fix scldiv calculation (Stefan Wahren)
- spi: fsl-lpspi: remove unneeded array (Oleksandr Suvorov)
- bpf: kprobe: remove unused declaring of bpf_kprobe_override (Menglong Dong)
- i2c: smbus: Send alert notifications to all devices if source not found (Guenter Roeck)
- i2c: smbus: Improve handling of stuck alerts (Guenter Roeck)
- i2c: smbus: Don't filter out duplicate alerts (Corey Minyard)
- arm64: errata: Expand speculative SSBS workaround (again) (Mark Rutland)
- arm64: cputype: Add Cortex-A725 definitions (Mark Rutland)
- arm64: cputype: Add Cortex-X1C definitions (Mark Rutland)
- arm64: errata: Expand speculative SSBS workaround (Mark Rutland)
- arm64: errata: Unify speculative SSBS errata logic (Mark Rutland)
- arm64: cputype: Add Cortex-X925 definitions (Mark Rutland)
- arm64: cputype: Add Cortex-A720 definitions (Mark Rutland)
- arm64: cputype: Add Cortex-X3 definitions (Mark Rutland)
- arm64: errata: Add workaround for Arm errata 3194386 and 3312417 (Mark Rutland)
- arm64: cputype: Add Neoverse-V3 definitions (Mark Rutland)
- arm64: cputype: Add Cortex-X4 definitions (Mark Rutland)
- arm64: Add Neoverse-V2 part (Besar Wicaksono)
- arm64: cpufeature: Force HWCAP to be based on the sysreg visible to user-space (James Morse)
- ext4: fix wrong unit use in ext4_mb_find_by_goal (Kemeng Shi)
- SUNRPC: Fix a race to wake a sync task (Benjamin Coddington)
- s390/sclp: Prevent release of buffer in I/O (Peter Oberparleiter) [Orabug: 37029020] {CVE-2024-44969}
- jbd2: avoid memleak in jbd2_journal_write_metadata_buffer (Kemeng Shi)
- media: uvcvideo: Fix the bandwdith quirk on USB 3.x (Michal Pecio)
- media: uvcvideo: Ignore empty TS packets (Ricardo Ribalda)
- drm/amdgpu: Fix the null pointer dereference to ras_manager (Ma Jun) [Orabug: 36993084] {CVE-2024-43908}
- btrfs: fix bitmap leak when loading free space cache on duplicate entry (Filipe Manana)
- wifi: nl80211: don't give key data to userspace (Johannes Berg)
- udf: prevent integer overflow in udf_bitmap_free_blocks() (Roman Smirnov)
- PCI: Add Edimax Vendor ID to pci_ids.h (FUJITA Tomonori)
- selftests/bpf: Fix send_signal test with nested CONFIG_PARAVIRT (Yonghong Song)
- ACPI: SBS: manage alarm sysfs attribute through psy core (Thomas Weißschuh)
- ACPI: battery: create alarm sysfs attribute atomically (Thomas Weißschuh)
- clocksource/drivers/sh_cmt: Address race condition for clock events (Niklas Söderlund)
- md/raid5: avoid BUG_ON() while continue reshape after reassembling (Yu Kuai) [Orabug: 36993127] {CVE-2024-43914}
- net: fec: Stop PPS on driver remove (Csókás, Bence)
- Bluetooth: l2cap: always unlock channel in l2cap_conless_channel() (Dmitry Antipov)
- net: linkwatch: use system_unbound_wq (Eric Dumazet)
- net: usb: qmi_wwan: fix memory leak for not ip packets (Daniele Palmas) [Orabug: 36983959] {CVE-2024-43861}
- sctp: Fix null-ptr-deref in reuseport_add_sock(). (Kuniyuki Iwashima) [Orabug: 36993147] {CVE-2024-44935}
- sctp: move hlist_node and hashent out of sctp_ep_common (Xin Long)
- x86/mm: Fix pti_clone_pgtable() alignment assumption (Peter Zijlstra) [Orabug: 37029012] {CVE-2024-44965}
- irqchip/mbigen: Fix mbigen node address layout (Yipeng Zou)
- genirq: Allow irq_chip registration functions to take a const irq_chip (Marc Zyngier)
- netfilter: ipset: Add list flush to cancel_gc (Alexander Maltsev)
- net: usb: sr9700: fix uninitialized variable use in sr_mdio_read (Ma Ke)
- ALSA: usb-audio: Correct surround channels in UAC1 channel map (Takashi Iwai)
- protect the fetch of ->fd[fd] in do_dup2() from mispredictions (Al Viro) [Orabug: 36963808] {CVE-2024-42265}
- HID: wacom: Modify pen IDs (Tatsunosuke Tobita)
- ipv6: fix ndisc_is_useropt() handling for PIO (Maciej Żenczykowski)
- net/mlx5e: Add a check for the return value from mlx5_port_set_eth_ptys (Shahar Shitrit)
- net/iucv: fix use after free in iucv_sock_close() (Alexandra Winter) [Orabug: 36964006] {CVE-2024-42271}
- drm/vmwgfx: Fix overlay when using Screen Targets (Ian Forbes)
- drm/nouveau: prime: fix refcount underflow (Danilo Krummrich) [Orabug: 36983979] {CVE-2024-43867}
- remoteproc: imx_rproc: Skip over memory region when node value is NULL (Aleksandr Mishin) [Orabug: 36964537] {CVE-2024-43860}
- remoteproc: imx_rproc: Fix ignoring mapping vdev regions (Dong Aisheng)
- remoteproc: imx_rproc: ignore mapping vdev regions (Peng Fan)
- irqchip/imx-irqsteer: Handle runtime power management correctly (Shenwei Wang) [Orabug: 36964085] {CVE-2024-42290}
- irqchip/imx-irqsteer: Add runtime PM support (Lucas Stach)
- irqchip/imx-irqsteer: Constify irq_chip struct (Lucas Stach)
- genirq: Allow the PM device to originate from irq domain (Marc Zyngier)
- devres: Fix memory leakage caused by driver API devm_free_percpu() (Zijun Hu) [Orabug: 36983991] {CVE-2024-43871}
- driver core: Cast to (void *) with __force for __percpu pointer (Andy Shevchenko)
- dev/parport: fix the array out-of-bounds risk (tuhaowen) [Orabug: 36964223] {CVE-2024-42301}
- parport: Standardize use of printmode (Joe Perches)
to pr_( (Joe Perches)
- PCI: rockchip: Use GPIOD_OUT_LOW flag while requesting ep_gpio (Manivannan Sadhasivam)
- PCI: rockchip: Make 'ep-gpios' DT property optional (Chen-Yu Tsai)
- mm: avoid overflows in dirty throttling logic (Jan Kara) [Orabug: 36897803] {CVE-2024-42131}
- nvme-pci: add missing condition check for existence of mapped data (Leon Romanovsky) [Orabug: 36964022] {CVE-2024-42276}
- ASoC: Intel: use soc_intel_is_byt_cr() only when IOSF_MBI is reachable (Pierre-Louis Bossart)
- ASoC: Intel: Move soc_intel_is_foo() helpers to a generic header (Hans de Goede)
- ASoC: Intel: Convert to new X86 CPU match macros (Thomas Gleixner)
- powerpc: fix a file leak in kvm_vcpu_ioctl_enable_cap() (Al Viro)
- apparmor: Fix null pointer deref when receiving skb during sock creation (Xiao Liang)
- mISDN: Fix a use after free in hfcmulti_tx() (Dan Carpenter) [Orabug: 36964032] {CVE-2024-42280}
- bpf: Fix a segment issue when downgrading gso_size (Fred Li) [Orabug: 36964038] {CVE-2024-42281}
- net: nexthop: Initialize all fields in dumped nexthops (Petr Machata) [Orabug: 36964044] {CVE-2024-42283}
- tipc: Return non-zero value from tipc_udp_addr2str() on error (Shigeru Yoshida) [Orabug: 36964047] {CVE-2024-42284}
- net: bonding: correctly annotate RCU in bond_should_notify_peers() (Johannes Berg)
- ipv4: Fix incorrect source address in Record Route option (Ido Schimmel)
- MIPS: SMP-CPS: Fix address for GCR_ACCESS register for CM3 and later (Gregory CLEMENT)
- dma: fix call order in dmam_free_coherent (Lance Richardson) [Orabug: 36964523] {CVE-2024-43856}
- libbpf: Fix no-args func prototype BTF dumping syntax (Andrii Nakryiko)
- um: time-travel: fix time-travel-start option (Johannes Berg)
- jfs: Fix array-index-out-of-bounds in diFree (Jeongjun Park) [Orabug: 36964530] {CVE-2024-43858}
- kdb: address -Wformat-security warnings (Arnd Bergmann)
- nilfs2: handle inconsistent state in nilfs_btnode_create_block() (Ryusuke Konishi) [Orabug: 36964203] {CVE-2024-42295}
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x13d3:0x3591 (WangYuli)
- Bluetooth: btusb: Add RTL8852BE device 0489:e125 to device tables (Hilda Wu)
- rbd: don't assume RBD_LOCK_STATE_LOCKED for exclusive mappings (Ilya Dryomov)
- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (Ilya Dryomov)
- drm/panfrost: Mark simple_ondemand governor as softdep (Dragan Simic)
- rbd: don't assume rbd_is_lock_owner() for exclusive mappings (Ilya Dryomov)
- selftests/sigaltstack: Fix ppc64 GCC build (Michael Ellerman)
- RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (Bart Van Assche) [Orabug: 36964054] {CVE-2024-42285}
- platform: mips: cpu_hwmon: Disable driver on unsupported hardware (Jiaxun Yang)
- watchdog/perf: properly initialize the turbo mode timestamp and rearm counter (Thomas Gleixner)
- rtc: isl1208: Fix return value of nvmem callbacks (Joy Chakraborty)
- perf/x86/intel/pt: Fix a topa_entry base address calculation (Adrian Hunter)
- perf/x86/intel/pt: Fix topa_entry base length (Marco Cavenati)
- scsi: qla2xxx: validate nvme_local_port correctly (Nilesh Javali) [Orabug: 36964059] {CVE-2024-42286}
- scsi: qla2xxx: Complete command early within lock (Shreyas Deodhar) [Orabug: 36964065] {CVE-2024-42287}
- scsi: qla2xxx: Fix for possible memory corruption (Shreyas Deodhar) [Orabug: 36964070] {CVE-2024-42288}
- scsi: qla2xxx: During vport delete send async logout explicitly (Manish Rangankar) [Orabug: 36964080] {CVE-2024-42289}
- rtc: cmos: Fix return value of nvmem callbacks (Joy Chakraborty)
- kobject_uevent: Fix OOB access within zap_modalias_env() (Zijun Hu) [Orabug: 36964092] {CVE-2024-42292}
- decompress_bunzip2: fix rare decompression failure (Ross Lagerwall)
- ubi: eba: properly rollback inside self_check_eba (Fedor Pchelkin)
- clk: davinci: da8xx-cfgchip: Initialize clk_init_data before use (Bastien Curutchet)
- f2fs: fix to don't dirty inode for readonly filesystem (Chao Yu) [Orabug: 36964213] {CVE-2024-42297}
- scsi: qla2xxx: Return ENOBUFS if sg_cnt is more than one for ELS cmds (Saurav Kashyap)
- binder: fix hang of unregistered readers (Carlos Llamas)
- PCI: hv: Return zero, not garbage, when reading PCI_INTERRUPT_PIN (Wei Liu)
- hwrng: amd - Convert PCIBIOS_* return codes to errnos (Ilpo Järvinen)
- tools/memory-model: Fix bug in lock.cat (Alan Stern)
- leds: ss4200: Convert PCIBIOS_* return codes to errnos (Ilpo Järvinen)
- wifi: mwifiex: Fix interface type change (Rafael Beims)
- ext4: make sure the first directory block is not a hole (Baokun Li) [Orabug: 36964232] {CVE-2024-42304}
- ext4: check dot and dotdot of dx_root before making dir indexed (Baokun Li) [Orabug: 36964237] {CVE-2024-42305}
- m68k: amiga: Turn off Warp1260 interrupts during boot (Paolo Pisati)
- udf: Avoid using corrupted block bitmap buffer (Jan Kara) [Orabug: 36964242] {CVE-2024-42306}
- drm/amd/display: Check for NULL pointer (Sung Joon Kim) [Orabug: 36964247] {CVE-2024-42308}
- drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes (Ma Ke) [Orabug: 36964253] {CVE-2024-42309}
- drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes (Ma Ke) [Orabug: 36964260] {CVE-2024-42310}
- hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (Chao Yu) [Orabug: 36964265] {CVE-2024-42311}
- media: venus: fix use after free in vdec_close (Dikshita Agarwal) [Orabug: 36964275] {CVE-2024-42313}
- char: tpm: Fix possible memory leak in tpm_bios_measurements_open() (Joe Hattori)
- ipv6: take care of scope when choosing the src addr (Nicolas Dichtel)
- af_packet: Handle outgoing VLAN packets without hardware offloading (Chengen Du)
- net: netconsole: Disable target before netpoll cleanup (Breno Leitao)
- tick/broadcast: Make takeover of broadcast hrtimer reliable (Yu Liao)
- rtc: interface: Add RTC offset to alarm after fix-up (Csókás, Bence)
- nilfs2: avoid undefined behavior in nilfs_cnt32_ge macro (Ryusuke Konishi)
- fs/nilfs2: remove some unused macros to tame gcc (Alex Shi)
- pinctrl: freescale: mxs: Fix refcount of child (Peng Fan)
- netfilter: ctnetlink: use helper function to calculate expect ID (Pablo Neira Ayuso) [Orabug: 37013755] {CVE-2024-44944}
- bnxt_re: Fix imm_data endianness (Jack Wang)
- macintosh/therm_windtunnel: fix module unload. (Nick Bowler)
- powerpc/xmon: Fix disassembly CPU feature checks (Michael Ellerman)
- Input: elan_i2c - do not leave interrupt disabled on suspend failure (Dmitry Torokhov)
- RDMA/device: Return error earlier if port in not valid (Leon Romanovsky)
- mtd: make mtd_test.c a separate module (Arnd Bergmann)
- ASoC: max98088: Check for clk_prepare_enable() error (Chen Ni)
- RDMA/rxe: Don't set BTH_ACK_MASK for UC or UD QPs (Honggang LI)
- RDMA/mlx4: Fix truncated output warning in alias_GUID.c (Leon Romanovsky)
- RDMA/mlx4: Fix truncated output warning in mad.c (Leon Romanovsky)
- Input: qt1050 - handle CHIP_ID reading error (Andrei Lalaev)
- PCI: Fix resource double counting on remove & rescan (Ilpo Järvinen)
- SUNRPC: Fixup gss_status tracepoint error output (Benjamin Coddington)
- sparc64: Fix incorrect function signature and add prototype for prom_cif_init (Andreas Larsson)
- ext4: avoid writing unitialized memory to disk in EA inodes (Jan Kara)
- SUNRPC: avoid soft lockup when transmitting UDP to reachable server. (NeilBrown)
- mfd: omap-usb-tll: Use struct_size to allocate tll (Javier Carrasco)
- drm/qxl: Add check for drm_cvt_mode (Chen Ni) [Orabug: 36964456] {CVE-2024-43829}
- drm/etnaviv: fix DMA direction handling for cached RW buffers (Lucas Stach)
- perf report: Fix condition in sort__sym_cmp() (Namhyung Kim)
- leds: trigger: Unregister sysfs attributes before calling deactivate() (Hans de Goede) [Orabug: 36964459] {CVE-2024-43830}
- media: renesas: vsp1: Store RPF partition configuration per RPF instance (Laurent Pinchart)
- media: renesas: vsp1: Fix _irqsave and _irq mix (Laurent Pinchart)
- media: uvcvideo: Override default flags (Daniel Schaefer)
- media: uvcvideo: Allow entity-defined get_info and get_cur (Ricardo Ribalda)
- saa7134: Unchecked i2c_transfer function result fixed (Aleksandr Burakov)
- media: imon: Fix race getting ictx->lock (Ricardo Ribalda)
- media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control() (Zheng Yejian)
- USB: move snd_usb_pipe_sanity_check into the USB core (Greg Kroah-Hartman)
- selftests: forwarding: devlink_lib: Wait for udev events after reloading (Amit Cohen)
- bna: adjust 'name' buf size of bna_tcb and bna_ccb structures (Alexey Kodanev) [Orabug: 36964480] {CVE-2024-43839}
- wifi: virt_wifi: don't use strlen() in const context (Johannes Berg)
- gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (Gaosheng Cui)
- wifi: virt_wifi: avoid reporting connection success with wrong SSID (En-Wei Wu) [Orabug: 36964487] {CVE-2024-43841}
- qed: Improve the stack space of filter_config() (Shai Malin)
- perf: Prevent passing zero nr_pages to rb_alloc_aux() (Adrian Hunter)
- perf: Fix perf_aux_size() for greater-than 32-bit size (Adrian Hunter)
- perf/x86/intel/pt: Fix pt_topa_entry_for_page() address calculation (Adrian Hunter)
- netfilter: nf_tables: rise cap on SELinux secmark context (Pablo Neira Ayuso)
- net: fec: Fix FEC_ECR_EN1588 being cleared on link-down (Csókás, Bence)
- net: fec: Refactor: #define magic constants (Csókás Bence)
- wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (Baochen Qiang) [Orabug: 36984010] {CVE-2024-43879}
- wifi: cfg80211: fix typo in cfg80211_calculate_bitrate_he() (Baochen Qiang)
- mlxsw: spectrum_acl_erp: Fix object nesting warning (Ido Schimmel) [Orabug: 36984013] {CVE-2024-43880}
- lib: objagg: Fix general protection fault (Ido Schimmel) [Orabug: 36964495] {CVE-2024-43846}
- selftests/bpf: Check length of recv in test_sockmap (Geliang Tang)
- net/smc: set rmb's SG_MAX_SINGLE_ALLOC limitation only when CONFIG_ARCH_NO_SG_CHAIN is defined (Guangguan Wang)
- net/smc: Allow SMC-D 1MB DMB allocations (Stefan Raspl)
- wifi: brcmsmac: LCN PHY code is used for BCM4313 2G-only device (Samasth Norway Ananda)
- firmware: turris-mox-rwtm: Initialize completion before mailbox (Marek Behún)
- firmware: turris-mox-rwtm: Fix checking return value of wait_for_completion_timeout() (Marek Behún)
- m68k: cmpxchg: Fix return value for default case in __arch_xchg() (Thorsten Blum)
- x86/xen: Convert comma to semicolon (Chen Ni)
- m68k: atari: Fix TT bootup freeze / unexpected (SCU) interrupt messages (Eero Tamminen)
- arm64: dts: amlogic: gx: correct hdmi clocks (Jerome Brunet)
- arm64: dts: mediatek: mt7622: fix "emmc" pinctrl mux (Rafał Miłecki)
- ARM: dts: imx6qdl-kontron-samx6i: fix PCIe reset polarity (Michael Walle)
- ARM: dts: imx6qdl-kontron-samx6i: fix board reset (Michael Walle)
- ARM: dts: imx6qdl-kontron-samx6i: fix PHY reset (Michael Walle)
- ARM: dts: imx6qdl-kontron-samx6i: move phy reset into phy-node (Marco Felsch)
- arm64: dts: rockchip: Increase VOP clk rate on RK3328 (Jonas Karlman)
- arm64: dts: qcom: msm8996: specify UFS core_clk frequencies (Dmitry Baryshkov)
- arm64: dts: qcom: sdm845: add power-domain to UFS PHY (Dmitry Baryshkov)
- hwmon: (max6697) Fix swapped temp{1,8} critical alarms (Guenter Roeck)
- hwmon: (max6697) Fix underflow when writing limit attributes (Guenter Roeck)
- pwm: stm32: Always do lazy disabling (Uwe Kleine-König)
- hwmon: (adt7475) Fix default duty on fan is disabled (Wayne Tung)
- x86/platform/iosf_mbi: Convert PCIBIOS_* return codes to errnos (Ilpo Järvinen)
- x86/pci/xen: Fix PCIBIOS_* return code handling (Ilpo Järvinen)
- x86/pci/intel_mid_pci: Fix PCIBIOS_* return code handling (Ilpo Järvinen)
- x86/of: Return consistent error type from x86_of_pci_irq_enable() (Ilpo Järvinen)
- hfsplus: fix to avoid false alarm of circular locking (Chao Yu)
- platform/chrome: cros_ec_debugfs: fix wrong EC message version (Tzung-Bi Shih)
- LTS tag: v5.4.281 (Sherry Yang)
- tap: add missing verification for short frame (Si-Wei Liu) [Orabug: 36660755] {CVE-2024-41090}
- tun: add missing verification for short frame (Dongli Zhang) [Orabug: 36660755] {CVE-2024-41091}
- filelock: Fix fcntl/close race recovery compat path (Jann Horn) [Orabug: 36896789] {CVE-2024-41020} {CVE-2024-41012}
- ALSA: hda/realtek: Enable headset mic on Positivo SU C1400 (Edson Juliano Drosdeck)
- jfs: don't walk off the end of ealist (lei lu) [Orabug: 36891667] {CVE-2024-41017}
- ocfs2: add bounds checking to ocfs2_check_dir_entry() (lei lu) [Orabug: 36891655] {CVE-2024-41015}
- ACPI: processor_idle: Fix invalid comparison with insertion sort for latency (Kuan-Wei Chiu)
- ARM: 9324/1: fix get_user() broken with veneer (Masahiro Yamada)
- hfsplus: fix uninit-value in copy_name (Edward Adam Davis) [Orabug: 36896969] {CVE-2024-41059}
- selftests/vDSO: fix clang build errors and warnings (John Hubbard)
- spi: imx: Don't expect DMA for i.MX{25,35,50,51,53} cspi devices (Uwe Kleine-König)
- fs: better handle deep ancestor chains in is_subdir() (Christian Brauner)
- Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (Tetsuo Handa) [Orabug: 36896994] {CVE-2024-41063}
- scsi: libsas: Fix exp-attached device scan after probe failure scanned in again after probe failed (Xingui Yang)
- powerpc/eeh: avoid possible crash when edev->pdev changes (Ganesh Goudar) [Orabug: 36897003] {CVE-2024-41064}
- powerpc/pseries: Whitelist dtl slub object for copying to userspace (Anjali K) [Orabug: 36897009] {CVE-2024-41065}
- net: mac802154: Fix racy device stats updates by DEV_STATS_INC() and DEV_STATS_ADD() (Yunshui Jiang)
- net: usb: qmi_wwan: add Telit FN912 compositions (Daniele Palmas)
- ALSA: dmaengine_pcm: terminate dmaengine before synchronize (Shengjiu Wang)
- s390/sclp: Fix sclp_init() cleanup on failure (Heiko Carstens) [Orabug: 36897032] {CVE-2024-41068}
- can: kvaser_usb: fix return value for hif_usb_send_regout (Chen Ni)
- ASoC: ti: omap-hdmi: Fix too long driver name (Primoz Fiser)
- ASoC: ti: davinci-mcasp: Set min period size using FIFO config (Jai Luthra)
- bytcr_rt5640 : inverse jack detect for Archos 101 cesium (Thomas GENTY)
- Input: elantech - fix touchpad state on resume for Lenovo N24 (Jonathan Denose)
- mips: fix compat_sys_lseek syscall (Arnd Bergmann)
- ALSA: hda/realtek: Add more codec ID to no shutup pins list (Kailang Yang)
- KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (Michael Ellerman) [Orabug: 36897048] {CVE-2024-41070}
- wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (Dmitry Antipov) [Orabug: 36897312] {CVE-2024-41072}
- mei: demote client disconnect warning on suspend to debug (Alexander Usyskin)
- fs/file: fix the check in find_next_fd() (Yuntao Wang)
- kconfig: remove wrong expr_trans_bool() (Masahiro Yamada)
- kconfig: gconf: give a proper initial state to the Save button (Masahiro Yamada)
- ila: block BH in ila_output() (Eric Dumazet) [Orabug: 36897360] {CVE-2024-41081}
- Input: silead - Always support 10 fingers (Hans de Goede)
- wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan() (Dmitry Antipov)
- wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata (Nicolas Escande)
- ACPI: EC: Avoid returning AE_OK on errors in address space handler (Armin Wolf)
- ACPI: EC: Abort address space access upon error (Armin Wolf)
- scsi: qedf: Set qed_slowpath_params to zero before use (Saurav Kashyap)
- filelock: Remove locks reliably when fcntl/close race is detected (Jann Horn) [Orabug: 36874758] {CVE-2024-41012} {CVE-2024-41020}
- gcc-plugins: Rename last_stmt() for GCC 14+ (Kees Cook)

[5.4.17-2136.336.2.el8uek]
- mm: Only enable HVO under UEK6 for Exadata system (Jane Chu) [Orabug: 36990830]
- mm: delete redundent old PageCompound() macro (Jane Chu) [Orabug: 36990830]

[5.4.17-2136.336.1.el8uek]
- mm/hwpoison: put page in already hwpoisoned case with MF_COUNT_INCREASED (Naoya Horiguchi) [Orabug: 36947110]
- mm/memory-failure: send SIGBUS in the event of thp split fail (Jane Chu) [Orabug: 36947110]
- mm/memory-failure: move hwpoison_filter() higher up (Jane Chu) [Orabug: 36947110]
- mm/memory-failure: improve memory failure action_result messages (Jane Chu) [Orabug: 36947110]
- mm/madvise: add MF_ACTION_REQUIRED to madvise(MADV_HWPOISON) (Jane Chu) [Orabug: 36947110]
- mm/memory-failure: try to send SIGBUS even if unmap failed (Jane Chu) [Orabug: 36947110]
- mm: memory-failure: cleanup try_to_split_thp_page() (Kefeng Wang) [Orabug: 36947110]
- mm,hwpoison: introduce MF_MSG_UNSPLIT_THP (Naoya Horiguchi) [Orabug: 36947110]
- KVM/x86: Do not clear SIPI while in SMM (Boris Ostrovsky) [Orabug: 36401960]



ELSA-2024-12780 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2024-12780

http://linux.oracle.com/errata/ELSA-2024-12780.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-5.4.17-2136.336.5.1.el8uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.336.5.1.el8uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.336.5.1.el8uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.336.5.1.el8uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.336.5.1.el8uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.4.17-2136.336.5.1.el8uek.src.rpm

Related CVEs:

CVE-2024-27397
CVE-2024-41012
CVE-2024-41015
CVE-2024-41017
CVE-2024-41020
CVE-2024-41042
CVE-2024-41059
CVE-2024-41063
CVE-2024-41064
CVE-2024-41065
CVE-2024-41068
CVE-2024-41070
CVE-2024-41072
CVE-2024-41081
CVE-2024-41090
CVE-2024-41091
CVE-2024-42131
CVE-2024-42259
CVE-2024-42265
CVE-2024-42271
CVE-2024-42276
CVE-2024-42280
CVE-2024-42281
CVE-2024-42283
CVE-2024-42284
CVE-2024-42285
CVE-2024-42286
CVE-2024-42287
CVE-2024-42288
CVE-2024-42289
CVE-2024-42290
CVE-2024-42292
CVE-2024-42295
CVE-2024-42297
CVE-2024-42301
CVE-2024-42304
CVE-2024-42305
CVE-2024-42306
CVE-2024-42308
CVE-2024-42309
CVE-2024-42310
CVE-2024-42311
CVE-2024-42313
CVE-2024-43829
CVE-2024-43830
CVE-2024-43839
CVE-2024-43841
CVE-2024-43846
CVE-2024-43856
CVE-2024-43858
CVE-2024-43860
CVE-2024-43861
CVE-2024-43867
CVE-2024-43871
CVE-2024-43879
CVE-2024-43880
CVE-2024-43882
CVE-2024-43883
CVE-2024-43890
CVE-2024-43893
CVE-2024-43894
CVE-2024-43908
CVE-2024-43914
CVE-2024-44935
CVE-2024-44944
CVE-2024-44948
CVE-2024-44954
CVE-2024-44960
CVE-2024-44965
CVE-2024-44968
CVE-2024-44969
CVE-2024-46738

Description of changes:

[5.4.17-2136.336.5.1.el8uek]
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (Haoran Zhang) [Orabug: 37138988]

[5.4.17-2136.336.5.el8uek]
- uek-rpm: Add skx_edac_common.ko to nano_modules (Sherry Yang) [Orabug: 37030127]
- EDAC, i10nm: make skx_common.o a separate module (Arnd Bergmann) [Orabug: 37030127]
- uek-rpm: Integrating the container build in UEK6 (Jack Vogel) [Orabug: 37021061]
- i40e: Change user notification of non-SFP module in i40e_get_module_info() (Andrii Staikov) [Orabug: 36988197]
- xsigo: Use NAPI in UD/TX flows for xve (Alok Tiwari) [Orabug: 35180168]
- xsigo: remove incorrect spin_unlock_irqrestore call in vhba_queuecommand (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix slab-out-of-bounds in vhba_create (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix memory free issue in dma mapping (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix use-after-free n xsvbha for srb *sp (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix mtu setting issue in xve netdev (Alok Tiwari) [Orabug: 35180168]
- xsigo: Add struct ib_mad_send_buf to recv_handler (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove tx_outstanding variable from xve xmit (Alok Tiwari) [Orabug: 35180168]
- xsigo: Add extack argument to dev_change_flags() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove compare_data while calling ib_cm_listen() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Ignore the return value of "ib_destroy_cq" (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove sif_verbs header (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace setup_timer with the timer_setup (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use ib_ud_wr for xve_dev_priv instread of ib_send_wr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove return from register event handler (Alok Tiwari) [Orabug: 35180168]
- xsigo: Add client_data for struct ib_client remove() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace dev->trans_start update with helper netif_trans_update (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove usage of net_device last_rx member from xsigo (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace skb_frag page with bv_page in xve (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use sg_next() to get the next sg instead of SG_NEXT (Alok Tiwari) [Orabug: 35180168]
- xsigo: Rename ib_init_ah_from_path to ib_init_ah_attr_from_path (Alok Tiwari) [Orabug: 35180168]
- xsigo: remove pointer dereference for ib_fmr_pool_map_phys (Alok Tiwari) [Orabug: 35180168]
- xsigo: ib_fmr_pool_map_phys does not need rargs (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove ib_sg_dma_address() and ib_sg_dma_len() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix compiling error from xsvbha module (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove sg_copy_buffer from vhba_align (Alok Tiwari) [Orabug: 35180168]
- xsigo: Xve, replace .get_settings with ksettings() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove LRO code from xve module (Alok Tiwari) [Orabug: 35180168]
- xsigo: Xsvnic, replace .get_settings with ksettings() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove LRO code from xsvnic module (Alok Tiwari) [Orabug: 35180168]
- xsigo: Change port number from u8 to u32 (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use frag->bv_offset in place of page_offset (Alok Tiwari) [Orabug: 35180168]
- xsigo: Rename skb_frag_t size to bv_len (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix compiling error due to Constify of ib_cm_event (Alok Tiwari) [Orabug: 35180168]
- xsigo: Add the $(srctree)/ prefix to xsigo Makefile (Alok Tiwari) [Orabug: 35180168]
- xsigo: Assign IB_MGMT_BASE_VERSION for ib_create_send_mad (Alok Tiwari) [Orabug: 35180168]
- xsigo: Assign rdma_ctxs and port_num for struct ib_qp_init_attr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use struct ib_cq_init_attr for ib_create_cq() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace max_sge with max_send_sge for xscore_create_qp (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove ib_get_dma_mr and ib_dereg_mr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace ib_query_device with callback "ops.query_device" (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace ib_query_gid with rdma_query_gid (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace ib_modify_cq with rdma_set_cq_moderation (Alok Tiwari) [Orabug: 35180168]
- xsigo: Assign path record type rec_type for sa_path_rec (Alok Tiwari) [Orabug: 35180168]
- xsigo: Rename ib_sa_path_rec to sa_path_rec (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use struct ib_ud_wr ud_wr instead of ib_send_wr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace struct ib_ah_attr with struct rdma_ah_attr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Rename ib_create_ah and ib_destroy_ah (Alok Tiwari) [Orabug: 35180168]
- xsigo: Assign const argument for ib_post_send/recv() (Alok Tiwari) [Orabug: 35180168]
- uek-rpm: add xsigo module in ol7 and ol8 config file (Alok Tiwari) [Orabug: 35180168]
- Revert "RDMA/core/sa_query: Remove unused function" (Alok Tiwari) [Orabug: 35180168]
- xve: arm ud tx cq to generate completion interrupts (Ajaykumar Hotchandani) [Orabug: 28267050] [Orabug: 35180168]
- xscore: add dma address check (Zhu Yanjun) [Orabug: 27074085] [Orabug: 35180168]
- xsigo: PCA 2.3.1 Compute Node panics in xve_create_arp+430 (Pradeep Gopanapalli) [Orabug: 26474000] [Orabug: 35180168]
- xsigo: UEK4-master:poor performance discovering 256 FC LUNs w/4 paths per LUN (Pradeep Gopanapalli) [Orabug: 26199177] [Orabug: 35180168]
- xsigo: Compute node crash on FC failover (Pradeep Gopanapalli) [Orabug: 25981973] [Orabug: 35180168]
- xsigo: Fix spinlock release in case of error (Pradeep Gopanapalli) [Orabug: 25779803] [Orabug: 35180168]
- xsigo: Optimize xsvnic module parameters for UEK4 (Pradeep Gopanapalli) [Orabug: 25779865] [Orabug: 35180168]
- xsigo: Fix crash in accessing xve proc l2 entries (Pradeep Gopanapalli) [Orabug: 25165085] [Orabug: 35180168]
- xsigo: Fix race in freeing aged Forwarding table entry (Pradeep Gopanapalli) [Orabug: 25129729] [Orabug: 35180168]
- xsigo: Schedule while uninterruptible (Pradeep Gopanapalli) [Orabug: 25097469] [Orabug: 35180168]
- xsigo: supported SGE's for LSO QP (Pradeep Gopanapalli) [Orabug: 25029868] [Orabug: 35180168]
- xsigo: Hardening driver in handling remote QP failures (Pradeep Gopanapalli) [Orabug: 24929076] [Orabug: 35180168]
- xsigo: send nack codes (Pradeep Gopanapalli) [Orabug: 24442792] [Orabug: 35180168]
- xsigo: xve driver has excessive messages (Pradeep Gopanapalli) [Orabug: 24758335] [Orabug: 35180168]
- xsigo: hard LOCKUP in freeing paths (Pradeep Gopanapalli) [Orabug: 24669507] [Orabug: 35180168]
- xsigo: Crash in xscore_port_num (Pradeep Gopanapalli) [Orabug: 24760465] [Orabug: 35180168]
- xsigo: Resize uVNIC/PVI CQ size (Pradeep Gopanapalli) [Orabug: 24765034] [Orabug: 35180168]
- xsigo: Optimizing Transmit completions (Pradeep Gopanapalli) [Orabug: 24928865] [Orabug: 35180168]
- xsigo: Implementing Jumbo MTU support (Pradeep Gopanapalli) [Orabug: 24928804] [Orabug: 35180168]
- xsigo: EoiB QP support (Pradeep Gopanapalli) [Orabug: 24508359] [Orabug: 35180168]
- xsigo: Send Heart Beat Lost Operational state (Pradeep Gopanapalli) [Orabug: 23032392] [Orabug: 35180168]
- xsigo: SKB Frag cleanup (Pradeep Gopanapalli) [Orabug: 23514725] [Orabug: 35180168]
- xsigo: Tx_tail goes outof bound (Pradeep Gopanapalli) [Orabug: 23514725] [Orabug: 35180168]
- xsigo: Fixed Path locking issues (Pradeep Gopanapalli) [Orabug: 23514725] [Orabug: 35180168]
- Fixed vnic issue after saturn reset (Pradeep Gopanapalli) [Orabug: 22862488] [Orabug: 35180168]
- uvnic issues (Pradeep Gopanapalli) [Orabug: 22862488] [Orabug: 35180168]
- Fixed wrongly checked return type Added Debug print (Pradeep Gopanapalli) [Orabug: 22862488] [Orabug: 35180168]
- Integrate Uvnic functionality into uek-4.1 Revision 8008 (Pradeep Gopanapalli) [Orabug: 35180168]
- 1) S_IRWXU causing kernel soft crash changing to 0644 (Pradeep Gopanapalli) [Orabug: 35180168]
- 1) Support vnic for EDR based platform(uVnic) 2) Supported Types now Type 0 (Pradeep Gopanapalli) [Orabug: 35180168]
- Add Oracle virtual Networking Drivers for uek4 kernel (Pradeep Gopanapalli) [Orabug: 35180168]

[5.4.17-2136.336.4.el8uek]
- igb: Fix not clearing TimeSync interrupts for 82580 (Daiwei Li)
- VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (David Fernandez Gonzalez) [Orabug: 37037205] {CVE-2024-46738}
- x86/speculation: Basic IBRS is enabled with AMD Automatic IBRS (Alexandre Chartre) [Orabug: 37044540]

[5.4.17-2136.336.3.el8uek]
- Compiler Attributes: Add __uninitialized macro (Heiko Carstens)
- filelock: Correct the filelock owner in fcntl_setlk/fcntl_setlk64 (Long Li)
- ALSA: timer: Relax start tick time check for slave timer elements (Takashi Iwai)
- ALSA: hda/realtek: Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (Parsa Poorshikhian)
- LTS tag: v5.4.282 (Sherry Yang)
- media: Revert "media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()" (Sean Young)
- ARM: dts: imx6qdl-kontron-samx6i: fix phy-mode (Michael Walle)
- nvme/pci: Add APST quirk for Lenovo N60z laptop (WangYuli)
- exec: Fix ToCToU between perm check and set-uid/gid usage (Kees Cook) [Orabug: 36984017] {CVE-2024-43882}
- media: uvcvideo: Use entity get_cur in uvc_ctrl_set (Yunke Cao)
- arm64: cpufeature: Fix the visibility of compat hwcaps (Amit Daniel Kachhap)
- drm/i915/gem: Fix Virtual Memory mapping boundaries calculation (Andi Shyti) [Orabug: 36953969] {CVE-2024-42259}
- netfilter: nf_tables: prefer nft_chain_validate (Florian Westphal) [Orabug: 36896846] {CVE-2024-41042}
- netfilter: nf_tables: use timestamp to check for set element timeout (Pablo Neira Ayuso) [Orabug: 36630432] {CVE-2024-27397}
- netfilter: nf_tables: set element extended ACK reporting support (Pablo Neira Ayuso)
- kbuild: Fix '-S -c' in x86 stack protector scripts (Nathan Chancellor)
- Fix gcc 4.9 build issue in 5.4.y (Jari Ruusu)
- drm/mgag200: Set DDC timeout in milliseconds (Thomas Zimmermann)
- drm/bridge: analogix_dp: properly handle zero sized AUX transactions (Lucas Stach)
- x86/mtrr: Check if fixed MTRRs exist before saving them (Andi Kleen) [Orabug: 37028936] {CVE-2024-44948}
- tracing: Fix overflow in get_free_elt() (Tze-nan Wu) [Orabug: 36992998] {CVE-2024-43890}
- power: supply: axp288_charger: Round constant_charge_voltage writes down (Hans de Goede)
- power: supply: axp288_charger: Fix constant_charge_voltage writes (Hans de Goede)
- genirq/irqdesc: Honor caller provided affinity in alloc_desc() (Shay Drory)
- serial: core: check uartclk for zero to avoid divide by zero (George Kennedy) [Orabug: 36993009] {CVE-2024-43893}
- scsi: mpt3sas: Avoid IOMMU page faults on REPORT ZONES (Damien Le Moal)
- ntp: Safeguard against time_constant overflow (Justin Stitt)
- ntp: Clamp maxerror and esterror to operating range (Justin Stitt)
- tick/broadcast: Move per CPU pointer access into the atomic section (Thomas Gleixner) [Orabug: 37036032] {CVE-2024-44968}
- scsi: ufs: core: Fix hba->last_dme_cmd_tstamp timestamp updating logic (Vamshi Gajjela)
- usb: gadget: core: Check for unset descriptor (Chris Wulff) [Orabug: 37028988] {CVE-2024-44960}
- USB: serial: debug: do not echo input by default (Marek Marczykowski-Górecki)
- usb: vhci-hcd: Do not drop references before new references are gained (Oliver Neukum) [Orabug: 36992971] {CVE-2024-43883}
- ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (Takashi Iwai)
- ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (Steven 'Steve' Kendall)
- ALSA: line6: Fix racy access to midibuf (Takashi Iwai) [Orabug: 37028957] {CVE-2024-44954}
- drm/client: fix null pointer dereference in drm_client_modeset_probe (Ma Ke) [Orabug: 36993014] {CVE-2024-43894}
- spi: spi-fsl-lpspi: Fix scldiv calculation (Stefan Wahren)
- spi: fsl-lpspi: remove unneeded array (Oleksandr Suvorov)
- bpf: kprobe: remove unused declaring of bpf_kprobe_override (Menglong Dong)
- i2c: smbus: Send alert notifications to all devices if source not found (Guenter Roeck)
- i2c: smbus: Improve handling of stuck alerts (Guenter Roeck)
- i2c: smbus: Don't filter out duplicate alerts (Corey Minyard)
- arm64: errata: Expand speculative SSBS workaround (again) (Mark Rutland)
- arm64: cputype: Add Cortex-A725 definitions (Mark Rutland)
- arm64: cputype: Add Cortex-X1C definitions (Mark Rutland)
- arm64: errata: Expand speculative SSBS workaround (Mark Rutland)
- arm64: errata: Unify speculative SSBS errata logic (Mark Rutland)
- arm64: cputype: Add Cortex-X925 definitions (Mark Rutland)
- arm64: cputype: Add Cortex-A720 definitions (Mark Rutland)
- arm64: cputype: Add Cortex-X3 definitions (Mark Rutland)
- arm64: errata: Add workaround for Arm errata 3194386 and 3312417 (Mark Rutland)
- arm64: cputype: Add Neoverse-V3 definitions (Mark Rutland)
- arm64: cputype: Add Cortex-X4 definitions (Mark Rutland)
- arm64: Add Neoverse-V2 part (Besar Wicaksono)
- arm64: cpufeature: Force HWCAP to be based on the sysreg visible to user-space (James Morse)
- ext4: fix wrong unit use in ext4_mb_find_by_goal (Kemeng Shi)
- SUNRPC: Fix a race to wake a sync task (Benjamin Coddington)
- s390/sclp: Prevent release of buffer in I/O (Peter Oberparleiter) [Orabug: 37029020] {CVE-2024-44969}
- jbd2: avoid memleak in jbd2_journal_write_metadata_buffer (Kemeng Shi)
- media: uvcvideo: Fix the bandwdith quirk on USB 3.x (Michal Pecio)
- media: uvcvideo: Ignore empty TS packets (Ricardo Ribalda)
- drm/amdgpu: Fix the null pointer dereference to ras_manager (Ma Jun) [Orabug: 36993084] {CVE-2024-43908}
- btrfs: fix bitmap leak when loading free space cache on duplicate entry (Filipe Manana)
- wifi: nl80211: don't give key data to userspace (Johannes Berg)
- udf: prevent integer overflow in udf_bitmap_free_blocks() (Roman Smirnov)
- PCI: Add Edimax Vendor ID to pci_ids.h (FUJITA Tomonori)
- selftests/bpf: Fix send_signal test with nested CONFIG_PARAVIRT (Yonghong Song)
- ACPI: SBS: manage alarm sysfs attribute through psy core (Thomas Weißschuh)
- ACPI: battery: create alarm sysfs attribute atomically (Thomas Weißschuh)
- clocksource/drivers/sh_cmt: Address race condition for clock events (Niklas Söderlund)
- md/raid5: avoid BUG_ON() while continue reshape after reassembling (Yu Kuai) [Orabug: 36993127] {CVE-2024-43914}
- net: fec: Stop PPS on driver remove (Csókás, Bence)
- Bluetooth: l2cap: always unlock channel in l2cap_conless_channel() (Dmitry Antipov)
- net: linkwatch: use system_unbound_wq (Eric Dumazet)
- net: usb: qmi_wwan: fix memory leak for not ip packets (Daniele Palmas) [Orabug: 36983959] {CVE-2024-43861}
- sctp: Fix null-ptr-deref in reuseport_add_sock(). (Kuniyuki Iwashima) [Orabug: 36993147] {CVE-2024-44935}
- sctp: move hlist_node and hashent out of sctp_ep_common (Xin Long)
- x86/mm: Fix pti_clone_pgtable() alignment assumption (Peter Zijlstra) [Orabug: 37029012] {CVE-2024-44965}
- irqchip/mbigen: Fix mbigen node address layout (Yipeng Zou)
- genirq: Allow irq_chip registration functions to take a const irq_chip (Marc Zyngier)
- netfilter: ipset: Add list flush to cancel_gc (Alexander Maltsev)
- net: usb: sr9700: fix uninitialized variable use in sr_mdio_read (Ma Ke)
- ALSA: usb-audio: Correct surround channels in UAC1 channel map (Takashi Iwai)
- protect the fetch of ->fd[fd] in do_dup2() from mispredictions (Al Viro) [Orabug: 36963808] {CVE-2024-42265}
- HID: wacom: Modify pen IDs (Tatsunosuke Tobita)
- ipv6: fix ndisc_is_useropt() handling for PIO (Maciej Żenczykowski)
- net/mlx5e: Add a check for the return value from mlx5_port_set_eth_ptys (Shahar Shitrit)
- net/iucv: fix use after free in iucv_sock_close() (Alexandra Winter) [Orabug: 36964006] {CVE-2024-42271}
- drm/vmwgfx: Fix overlay when using Screen Targets (Ian Forbes)
- drm/nouveau: prime: fix refcount underflow (Danilo Krummrich) [Orabug: 36983979] {CVE-2024-43867}
- remoteproc: imx_rproc: Skip over memory region when node value is NULL (Aleksandr Mishin) [Orabug: 36964537] {CVE-2024-43860}
- remoteproc: imx_rproc: Fix ignoring mapping vdev regions (Dong Aisheng)
- remoteproc: imx_rproc: ignore mapping vdev regions (Peng Fan)
- irqchip/imx-irqsteer: Handle runtime power management correctly (Shenwei Wang) [Orabug: 36964085] {CVE-2024-42290}
- irqchip/imx-irqsteer: Add runtime PM support (Lucas Stach)
- irqchip/imx-irqsteer: Constify irq_chip struct (Lucas Stach)
- genirq: Allow the PM device to originate from irq domain (Marc Zyngier)
- devres: Fix memory leakage caused by driver API devm_free_percpu() (Zijun Hu) [Orabug: 36983991] {CVE-2024-43871}
- driver core: Cast to (void *) with __force for __percpu pointer (Andy Shevchenko)
- dev/parport: fix the array out-of-bounds risk (tuhaowen) [Orabug: 36964223] {CVE-2024-42301}
- parport: Standardize use of printmode (Joe Perches)
to pr_( (Joe Perches)
- PCI: rockchip: Use GPIOD_OUT_LOW flag while requesting ep_gpio (Manivannan Sadhasivam)
- PCI: rockchip: Make 'ep-gpios' DT property optional (Chen-Yu Tsai)
- mm: avoid overflows in dirty throttling logic (Jan Kara) [Orabug: 36897803] {CVE-2024-42131}
- nvme-pci: add missing condition check for existence of mapped data (Leon Romanovsky) [Orabug: 36964022] {CVE-2024-42276}
- ASoC: Intel: use soc_intel_is_byt_cr() only when IOSF_MBI is reachable (Pierre-Louis Bossart)
- ASoC: Intel: Move soc_intel_is_foo() helpers to a generic header (Hans de Goede)
- ASoC: Intel: Convert to new X86 CPU match macros (Thomas Gleixner)
- powerpc: fix a file leak in kvm_vcpu_ioctl_enable_cap() (Al Viro)
- apparmor: Fix null pointer deref when receiving skb during sock creation (Xiao Liang)
- mISDN: Fix a use after free in hfcmulti_tx() (Dan Carpenter) [Orabug: 36964032] {CVE-2024-42280}
- bpf: Fix a segment issue when downgrading gso_size (Fred Li) [Orabug: 36964038] {CVE-2024-42281}
- net: nexthop: Initialize all fields in dumped nexthops (Petr Machata) [Orabug: 36964044] {CVE-2024-42283}
- tipc: Return non-zero value from tipc_udp_addr2str() on error (Shigeru Yoshida) [Orabug: 36964047] {CVE-2024-42284}
- net: bonding: correctly annotate RCU in bond_should_notify_peers() (Johannes Berg)
- ipv4: Fix incorrect source address in Record Route option (Ido Schimmel)
- MIPS: SMP-CPS: Fix address for GCR_ACCESS register for CM3 and later (Gregory CLEMENT)
- dma: fix call order in dmam_free_coherent (Lance Richardson) [Orabug: 36964523] {CVE-2024-43856}
- libbpf: Fix no-args func prototype BTF dumping syntax (Andrii Nakryiko)
- um: time-travel: fix time-travel-start option (Johannes Berg)
- jfs: Fix array-index-out-of-bounds in diFree (Jeongjun Park) [Orabug: 36964530] {CVE-2024-43858}
- kdb: address -Wformat-security warnings (Arnd Bergmann)
- nilfs2: handle inconsistent state in nilfs_btnode_create_block() (Ryusuke Konishi) [Orabug: 36964203] {CVE-2024-42295}
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x13d3:0x3591 (WangYuli)
- Bluetooth: btusb: Add RTL8852BE device 0489:e125 to device tables (Hilda Wu)
- rbd: don't assume RBD_LOCK_STATE_LOCKED for exclusive mappings (Ilya Dryomov)
- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (Ilya Dryomov)
- drm/panfrost: Mark simple_ondemand governor as softdep (Dragan Simic)
- rbd: don't assume rbd_is_lock_owner() for exclusive mappings (Ilya Dryomov)
- selftests/sigaltstack: Fix ppc64 GCC build (Michael Ellerman)
- RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (Bart Van Assche) [Orabug: 36964054] {CVE-2024-42285}
- platform: mips: cpu_hwmon: Disable driver on unsupported hardware (Jiaxun Yang)
- watchdog/perf: properly initialize the turbo mode timestamp and rearm counter (Thomas Gleixner)
- rtc: isl1208: Fix return value of nvmem callbacks (Joy Chakraborty)
- perf/x86/intel/pt: Fix a topa_entry base address calculation (Adrian Hunter)
- perf/x86/intel/pt: Fix topa_entry base length (Marco Cavenati)
- scsi: qla2xxx: validate nvme_local_port correctly (Nilesh Javali) [Orabug: 36964059] {CVE-2024-42286}
- scsi: qla2xxx: Complete command early within lock (Shreyas Deodhar) [Orabug: 36964065] {CVE-2024-42287}
- scsi: qla2xxx: Fix for possible memory corruption (Shreyas Deodhar) [Orabug: 36964070] {CVE-2024-42288}
- scsi: qla2xxx: During vport delete send async logout explicitly (Manish Rangankar) [Orabug: 36964080] {CVE-2024-42289}
- rtc: cmos: Fix return value of nvmem callbacks (Joy Chakraborty)
- kobject_uevent: Fix OOB access within zap_modalias_env() (Zijun Hu) [Orabug: 36964092] {CVE-2024-42292}
- decompress_bunzip2: fix rare decompression failure (Ross Lagerwall)
- ubi: eba: properly rollback inside self_check_eba (Fedor Pchelkin)
- clk: davinci: da8xx-cfgchip: Initialize clk_init_data before use (Bastien Curutchet)
- f2fs: fix to don't dirty inode for readonly filesystem (Chao Yu) [Orabug: 36964213] {CVE-2024-42297}
- scsi: qla2xxx: Return ENOBUFS if sg_cnt is more than one for ELS cmds (Saurav Kashyap)
- binder: fix hang of unregistered readers (Carlos Llamas)
- PCI: hv: Return zero, not garbage, when reading PCI_INTERRUPT_PIN (Wei Liu)
- hwrng: amd - Convert PCIBIOS_* return codes to errnos (Ilpo Järvinen)
- tools/memory-model: Fix bug in lock.cat (Alan Stern)
- leds: ss4200: Convert PCIBIOS_* return codes to errnos (Ilpo Järvinen)
- wifi: mwifiex: Fix interface type change (Rafael Beims)
- ext4: make sure the first directory block is not a hole (Baokun Li) [Orabug: 36964232] {CVE-2024-42304}
- ext4: check dot and dotdot of dx_root before making dir indexed (Baokun Li) [Orabug: 36964237] {CVE-2024-42305}
- m68k: amiga: Turn off Warp1260 interrupts during boot (Paolo Pisati)
- udf: Avoid using corrupted block bitmap buffer (Jan Kara) [Orabug: 36964242] {CVE-2024-42306}
- drm/amd/display: Check for NULL pointer (Sung Joon Kim) [Orabug: 36964247] {CVE-2024-42308}
- drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes (Ma Ke) [Orabug: 36964253] {CVE-2024-42309}
- drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes (Ma Ke) [Orabug: 36964260] {CVE-2024-42310}
- hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (Chao Yu) [Orabug: 36964265] {CVE-2024-42311}
- media: venus: fix use after free in vdec_close (Dikshita Agarwal) [Orabug: 36964275] {CVE-2024-42313}
- char: tpm: Fix possible memory leak in tpm_bios_measurements_open() (Joe Hattori)
- ipv6: take care of scope when choosing the src addr (Nicolas Dichtel)
- af_packet: Handle outgoing VLAN packets without hardware offloading (Chengen Du)
- net: netconsole: Disable target before netpoll cleanup (Breno Leitao)
- tick/broadcast: Make takeover of broadcast hrtimer reliable (Yu Liao)
- rtc: interface: Add RTC offset to alarm after fix-up (Csókás, Bence)
- nilfs2: avoid undefined behavior in nilfs_cnt32_ge macro (Ryusuke Konishi)
- fs/nilfs2: remove some unused macros to tame gcc (Alex Shi)
- pinctrl: freescale: mxs: Fix refcount of child (Peng Fan)
- netfilter: ctnetlink: use helper function to calculate expect ID (Pablo Neira Ayuso) [Orabug: 37013755] {CVE-2024-44944}
- bnxt_re: Fix imm_data endianness (Jack Wang)
- macintosh/therm_windtunnel: fix module unload. (Nick Bowler)
- powerpc/xmon: Fix disassembly CPU feature checks (Michael Ellerman)
- Input: elan_i2c - do not leave interrupt disabled on suspend failure (Dmitry Torokhov)
- RDMA/device: Return error earlier if port in not valid (Leon Romanovsky)
- mtd: make mtd_test.c a separate module (Arnd Bergmann)
- ASoC: max98088: Check for clk_prepare_enable() error (Chen Ni)
- RDMA/rxe: Don't set BTH_ACK_MASK for UC or UD QPs (Honggang LI)
- RDMA/mlx4: Fix truncated output warning in alias_GUID.c (Leon Romanovsky)
- RDMA/mlx4: Fix truncated output warning in mad.c (Leon Romanovsky)
- Input: qt1050 - handle CHIP_ID reading error (Andrei Lalaev)
- PCI: Fix resource double counting on remove & rescan (Ilpo Järvinen)
- SUNRPC: Fixup gss_status tracepoint error output (Benjamin Coddington)
- sparc64: Fix incorrect function signature and add prototype for prom_cif_init (Andreas Larsson)
- ext4: avoid writing unitialized memory to disk in EA inodes (Jan Kara)
- SUNRPC: avoid soft lockup when transmitting UDP to reachable server. (NeilBrown)
- mfd: omap-usb-tll: Use struct_size to allocate tll (Javier Carrasco)
- drm/qxl: Add check for drm_cvt_mode (Chen Ni) [Orabug: 36964456] {CVE-2024-43829}
- drm/etnaviv: fix DMA direction handling for cached RW buffers (Lucas Stach)
- perf report: Fix condition in sort__sym_cmp() (Namhyung Kim)
- leds: trigger: Unregister sysfs attributes before calling deactivate() (Hans de Goede) [Orabug: 36964459] {CVE-2024-43830}
- media: renesas: vsp1: Store RPF partition configuration per RPF instance (Laurent Pinchart)
- media: renesas: vsp1: Fix _irqsave and _irq mix (Laurent Pinchart)
- media: uvcvideo: Override default flags (Daniel Schaefer)
- media: uvcvideo: Allow entity-defined get_info and get_cur (Ricardo Ribalda)
- saa7134: Unchecked i2c_transfer function result fixed (Aleksandr Burakov)
- media: imon: Fix race getting ictx->lock (Ricardo Ribalda)
- media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control() (Zheng Yejian)
- USB: move snd_usb_pipe_sanity_check into the USB core (Greg Kroah-Hartman)
- selftests: forwarding: devlink_lib: Wait for udev events after reloading (Amit Cohen)
- bna: adjust 'name' buf size of bna_tcb and bna_ccb structures (Alexey Kodanev) [Orabug: 36964480] {CVE-2024-43839}
- wifi: virt_wifi: don't use strlen() in const context (Johannes Berg)
- gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (Gaosheng Cui)
- wifi: virt_wifi: avoid reporting connection success with wrong SSID (En-Wei Wu) [Orabug: 36964487] {CVE-2024-43841}
- qed: Improve the stack space of filter_config() (Shai Malin)
- perf: Prevent passing zero nr_pages to rb_alloc_aux() (Adrian Hunter)
- perf: Fix perf_aux_size() for greater-than 32-bit size (Adrian Hunter)
- perf/x86/intel/pt: Fix pt_topa_entry_for_page() address calculation (Adrian Hunter)
- netfilter: nf_tables: rise cap on SELinux secmark context (Pablo Neira Ayuso)
- net: fec: Fix FEC_ECR_EN1588 being cleared on link-down (Csókás, Bence)
- net: fec: Refactor: #define magic constants (Csókás Bence)
- wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (Baochen Qiang) [Orabug: 36984010] {CVE-2024-43879}
- wifi: cfg80211: fix typo in cfg80211_calculate_bitrate_he() (Baochen Qiang)
- mlxsw: spectrum_acl_erp: Fix object nesting warning (Ido Schimmel) [Orabug: 36984013] {CVE-2024-43880}
- lib: objagg: Fix general protection fault (Ido Schimmel) [Orabug: 36964495] {CVE-2024-43846}
- selftests/bpf: Check length of recv in test_sockmap (Geliang Tang)
- net/smc: set rmb's SG_MAX_SINGLE_ALLOC limitation only when CONFIG_ARCH_NO_SG_CHAIN is defined (Guangguan Wang)
- net/smc: Allow SMC-D 1MB DMB allocations (Stefan Raspl)
- wifi: brcmsmac: LCN PHY code is used for BCM4313 2G-only device (Samasth Norway Ananda)
- firmware: turris-mox-rwtm: Initialize completion before mailbox (Marek Behún)
- firmware: turris-mox-rwtm: Fix checking return value of wait_for_completion_timeout() (Marek Behún)
- m68k: cmpxchg: Fix return value for default case in __arch_xchg() (Thorsten Blum)
- x86/xen: Convert comma to semicolon (Chen Ni)
- m68k: atari: Fix TT bootup freeze / unexpected (SCU) interrupt messages (Eero Tamminen)
- arm64: dts: amlogic: gx: correct hdmi clocks (Jerome Brunet)
- arm64: dts: mediatek: mt7622: fix "emmc" pinctrl mux (Rafał Miłecki)
- ARM: dts: imx6qdl-kontron-samx6i: fix PCIe reset polarity (Michael Walle)
- ARM: dts: imx6qdl-kontron-samx6i: fix board reset (Michael Walle)
- ARM: dts: imx6qdl-kontron-samx6i: fix PHY reset (Michael Walle)
- ARM: dts: imx6qdl-kontron-samx6i: move phy reset into phy-node (Marco Felsch)
- arm64: dts: rockchip: Increase VOP clk rate on RK3328 (Jonas Karlman)
- arm64: dts: qcom: msm8996: specify UFS core_clk frequencies (Dmitry Baryshkov)
- arm64: dts: qcom: sdm845: add power-domain to UFS PHY (Dmitry Baryshkov)
- hwmon: (max6697) Fix swapped temp{1,8} critical alarms (Guenter Roeck)
- hwmon: (max6697) Fix underflow when writing limit attributes (Guenter Roeck)
- pwm: stm32: Always do lazy disabling (Uwe Kleine-König)
- hwmon: (adt7475) Fix default duty on fan is disabled (Wayne Tung)
- x86/platform/iosf_mbi: Convert PCIBIOS_* return codes to errnos (Ilpo Järvinen)
- x86/pci/xen: Fix PCIBIOS_* return code handling (Ilpo Järvinen)
- x86/pci/intel_mid_pci: Fix PCIBIOS_* return code handling (Ilpo Järvinen)
- x86/of: Return consistent error type from x86_of_pci_irq_enable() (Ilpo Järvinen)
- hfsplus: fix to avoid false alarm of circular locking (Chao Yu)
- platform/chrome: cros_ec_debugfs: fix wrong EC message version (Tzung-Bi Shih)
- LTS tag: v5.4.281 (Sherry Yang)
- tap: add missing verification for short frame (Si-Wei Liu) [Orabug: 36660755] {CVE-2024-41090}
- tun: add missing verification for short frame (Dongli Zhang) [Orabug: 36660755] {CVE-2024-41091}
- filelock: Fix fcntl/close race recovery compat path (Jann Horn) [Orabug: 36896789] {CVE-2024-41020} {CVE-2024-41012}
- ALSA: hda/realtek: Enable headset mic on Positivo SU C1400 (Edson Juliano Drosdeck)
- jfs: don't walk off the end of ealist (lei lu) [Orabug: 36891667] {CVE-2024-41017}
- ocfs2: add bounds checking to ocfs2_check_dir_entry() (lei lu) [Orabug: 36891655] {CVE-2024-41015}
- ACPI: processor_idle: Fix invalid comparison with insertion sort for latency (Kuan-Wei Chiu)
- ARM: 9324/1: fix get_user() broken with veneer (Masahiro Yamada)
- hfsplus: fix uninit-value in copy_name (Edward Adam Davis) [Orabug: 36896969] {CVE-2024-41059}
- selftests/vDSO: fix clang build errors and warnings (John Hubbard)
- spi: imx: Don't expect DMA for i.MX{25,35,50,51,53} cspi devices (Uwe Kleine-König)
- fs: better handle deep ancestor chains in is_subdir() (Christian Brauner)
- Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (Tetsuo Handa) [Orabug: 36896994] {CVE-2024-41063}
- scsi: libsas: Fix exp-attached device scan after probe failure scanned in again after probe failed (Xingui Yang)
- powerpc/eeh: avoid possible crash when edev->pdev changes (Ganesh Goudar) [Orabug: 36897003] {CVE-2024-41064}
- powerpc/pseries: Whitelist dtl slub object for copying to userspace (Anjali K) [Orabug: 36897009] {CVE-2024-41065}
- net: mac802154: Fix racy device stats updates by DEV_STATS_INC() and DEV_STATS_ADD() (Yunshui Jiang)
- net: usb: qmi_wwan: add Telit FN912 compositions (Daniele Palmas)
- ALSA: dmaengine_pcm: terminate dmaengine before synchronize (Shengjiu Wang)
- s390/sclp: Fix sclp_init() cleanup on failure (Heiko Carstens) [Orabug: 36897032] {CVE-2024-41068}
- can: kvaser_usb: fix return value for hif_usb_send_regout (Chen Ni)
- ASoC: ti: omap-hdmi: Fix too long driver name (Primoz Fiser)
- ASoC: ti: davinci-mcasp: Set min period size using FIFO config (Jai Luthra)
- bytcr_rt5640 : inverse jack detect for Archos 101 cesium (Thomas GENTY)
- Input: elantech - fix touchpad state on resume for Lenovo N24 (Jonathan Denose)
- mips: fix compat_sys_lseek syscall (Arnd Bergmann)
- ALSA: hda/realtek: Add more codec ID to no shutup pins list (Kailang Yang)
- KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (Michael Ellerman) [Orabug: 36897048] {CVE-2024-41070}
- wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (Dmitry Antipov) [Orabug: 36897312] {CVE-2024-41072}
- mei: demote client disconnect warning on suspend to debug (Alexander Usyskin)
- fs/file: fix the check in find_next_fd() (Yuntao Wang)
- kconfig: remove wrong expr_trans_bool() (Masahiro Yamada)
- kconfig: gconf: give a proper initial state to the Save button (Masahiro Yamada)
- ila: block BH in ila_output() (Eric Dumazet) [Orabug: 36897360] {CVE-2024-41081}
- Input: silead - Always support 10 fingers (Hans de Goede)
- wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan() (Dmitry Antipov)
- wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata (Nicolas Escande)
- ACPI: EC: Avoid returning AE_OK on errors in address space handler (Armin Wolf)
- ACPI: EC: Abort address space access upon error (Armin Wolf)
- scsi: qedf: Set qed_slowpath_params to zero before use (Saurav Kashyap)
- filelock: Remove locks reliably when fcntl/close race is detected (Jann Horn) [Orabug: 36874758] {CVE-2024-41012} {CVE-2024-41020}
- gcc-plugins: Rename last_stmt() for GCC 14+ (Kees Cook)

[5.4.17-2136.336.2.el8uek]
- mm: Only enable HVO under UEK6 for Exadata system (Jane Chu) [Orabug: 36990830]
- mm: delete redundent old PageCompound() macro (Jane Chu) [Orabug: 36990830]

[5.4.17-2136.336.1.el8uek]
- mm/hwpoison: put page in already hwpoisoned case with MF_COUNT_INCREASED (Naoya Horiguchi) [Orabug: 36947110]
- mm/memory-failure: send SIGBUS in the event of thp split fail (Jane Chu) [Orabug: 36947110]
- mm/memory-failure: move hwpoison_filter() higher up (Jane Chu) [Orabug: 36947110]
- mm/memory-failure: improve memory failure action_result messages (Jane Chu) [Orabug: 36947110]
- mm/madvise: add MF_ACTION_REQUIRED to madvise(MADV_HWPOISON) (Jane Chu) [Orabug: 36947110]
- mm/memory-failure: try to send SIGBUS even if unmap failed (Jane Chu) [Orabug: 36947110]
- mm: memory-failure: cleanup try_to_split_thp_page() (Kefeng Wang) [Orabug: 36947110]
- mm,hwpoison: introduce MF_MSG_UNSPLIT_THP (Naoya Horiguchi) [Orabug: 36947110]
- KVM/x86: Do not clear SIPI while in SMM (Boris Ostrovsky) [Orabug: 36401960]



ELSA-2024-8038 Important: Oracle Linux 8 container-tools:ol8 security update


Oracle Linux Security Advisory ELSA-2024-8038

http://linux.oracle.com/errata/ELSA-2024-8038.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
aardvark-dns-1.10.1-2.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
buildah-1.33.8-4.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
buildah-tests-1.33.8-4.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
cockpit-podman-84.1-1.module+el8.10.0+90416+5b0f6a17.noarch.rpm
conmon-2.1.10-1.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
containernetworking-plugins-1.4.0-5.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
containers-common-1-82.0.1.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
container-selinux-2.229.0-2.module+el8.10.0+90416+5b0f6a17.noarch.rpm
crit-3.18-5.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
criu-3.18-5.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
criu-devel-3.18-5.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
criu-libs-3.18-5.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
crun-1.14.3-2.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
fuse-overlayfs-1.13-1.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
libslirp-4.4.0-2.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
libslirp-devel-4.4.0-2.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
netavark-1.10.3-1.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
oci-seccomp-bpf-hook-1.2.10-1.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
podman-4.9.4-13.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
podman-catatonit-4.9.4-13.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
podman-docker-4.9.4-13.module+el8.10.0+90416+5b0f6a17.noarch.rpm
podman-gvproxy-4.9.4-13.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
podman-plugins-4.9.4-13.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
podman-remote-4.9.4-13.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
podman-tests-4.9.4-13.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
python3-criu-3.18-5.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
python3-podman-4.9.0-2.module+el8.10.0+90416+5b0f6a17.noarch.rpm
runc-1.1.12-5.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
skopeo-1.14.5-3.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
skopeo-tests-1.14.5-3.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
slirp4netns-1.2.3-1.module+el8.10.0+90416+5b0f6a17.x86_64.rpm
udica-0.2.6-21.module+el8.10.0+90416+5b0f6a17.noarch.rpm

aarch64:
aardvark-dns-1.10.1-2.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
buildah-1.33.8-4.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
buildah-tests-1.33.8-4.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
cockpit-podman-84.1-1.module+el8.10.0+90416+5b0f6a17.noarch.rpm
conmon-2.1.10-1.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
containernetworking-plugins-1.4.0-5.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
containers-common-1-82.0.1.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
container-selinux-2.229.0-2.module+el8.10.0+90416+5b0f6a17.noarch.rpm
crit-3.18-5.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
criu-3.18-5.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
criu-devel-3.18-5.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
criu-libs-3.18-5.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
crun-1.14.3-2.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
fuse-overlayfs-1.13-1.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
libslirp-4.4.0-2.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
libslirp-devel-4.4.0-2.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
netavark-1.10.3-1.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
oci-seccomp-bpf-hook-1.2.10-1.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
podman-4.9.4-13.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
podman-catatonit-4.9.4-13.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
podman-docker-4.9.4-13.module+el8.10.0+90416+5b0f6a17.noarch.rpm
podman-gvproxy-4.9.4-13.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
podman-plugins-4.9.4-13.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
podman-remote-4.9.4-13.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
podman-tests-4.9.4-13.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
python3-criu-3.18-5.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
python3-podman-4.9.0-2.module+el8.10.0+90416+5b0f6a17.noarch.rpm
runc-1.1.12-5.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
skopeo-1.14.5-3.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
skopeo-tests-1.14.5-3.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
slirp4netns-1.2.3-1.module+el8.10.0+90416+5b0f6a17.aarch64.rpm
udica-0.2.6-21.module+el8.10.0+90416+5b0f6a17.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//aardvark-dns-1.10.1-2.module+el8.10.0+90416+5b0f6a17.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//buildah-1.33.8-4.module+el8.10.0+90416+5b0f6a17.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//cockpit-podman-84.1-1.module+el8.10.0+90416+5b0f6a17.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//conmon-2.1.10-1.module+el8.10.0+90416+5b0f6a17.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//containernetworking-plugins-1.4.0-5.module+el8.10.0+90416+5b0f6a17.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//containers-common-1-82.0.1.module+el8.10.0+90416+5b0f6a17.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//container-selinux-2.229.0-2.module+el8.10.0+90416+5b0f6a17.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//criu-3.18-5.module+el8.10.0+90416+5b0f6a17.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//crun-1.14.3-2.module+el8.10.0+90416+5b0f6a17.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//fuse-overlayfs-1.13-1.module+el8.10.0+90416+5b0f6a17.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//libslirp-4.4.0-2.module+el8.10.0+90416+5b0f6a17.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//netavark-1.10.3-1.module+el8.10.0+90416+5b0f6a17.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//oci-seccomp-bpf-hook-1.2.10-1.module+el8.10.0+90416+5b0f6a17.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//podman-4.9.4-13.module+el8.10.0+90416+5b0f6a17.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//python-podman-4.9.0-2.module+el8.10.0+90416+5b0f6a17.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//runc-1.1.12-5.module+el8.10.0+90416+5b0f6a17.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//skopeo-1.14.5-3.module+el8.10.0+90416+5b0f6a17.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//slirp4netns-1.2.3-1.module+el8.10.0+90416+5b0f6a17.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//udica-0.2.6-21.module+el8.10.0+90416+5b0f6a17.src.rpm

Related CVEs:

CVE-2023-45290
CVE-2024-34155
CVE-2024-34156
CVE-2024-34158

Description of changes:

aardvark-dns
[2:1.10.1-2]
- build off the RHEL maintenance branch
- Resolves: RHEL-59129

buildah
cockpit-podman
conmon
containernetworking-plugins
containers-common
container-selinux
criu
crun
fuse-overlayfs
libslirp
netavark
oci-seccomp-bpf-hook
podman
python-podman
runc
[1:1.1.12-5]
- bump golang buildrequires
- add no_openssl build tag
- Resolves RHEL-55757

skopeo
slirp4netns
udica



ELSA-2024-12780 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2024-12780

http://linux.oracle.com/errata/ELSA-2024-12780.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

aarch64:
kernel-uek-5.4.17-2136.336.5.1.el8uek.aarch64.rpm
kernel-uek-debug-5.4.17-2136.336.5.1.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2136.336.5.1.el8uek.aarch64.rpm
kernel-uek-devel-5.4.17-2136.336.5.1.el8uek.aarch64.rpm
kernel-uek-doc-5.4.17-2136.336.5.1.el8uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.4.17-2136.336.5.1.el8uek.src.rpm

Related CVEs:

CVE-2024-27397
CVE-2024-41012
CVE-2024-41015
CVE-2024-41017
CVE-2024-41020
CVE-2024-41042
CVE-2024-41059
CVE-2024-41063
CVE-2024-41064
CVE-2024-41065
CVE-2024-41068
CVE-2024-41070
CVE-2024-41072
CVE-2024-41081
CVE-2024-41090
CVE-2024-41091
CVE-2024-42131
CVE-2024-42259
CVE-2024-42265
CVE-2024-42271
CVE-2024-42276
CVE-2024-42280
CVE-2024-42281
CVE-2024-42283
CVE-2024-42284
CVE-2024-42285
CVE-2024-42286
CVE-2024-42287
CVE-2024-42288
CVE-2024-42289
CVE-2024-42290
CVE-2024-42292
CVE-2024-42295
CVE-2024-42297
CVE-2024-42301
CVE-2024-42304
CVE-2024-42305
CVE-2024-42306
CVE-2024-42308
CVE-2024-42309
CVE-2024-42310
CVE-2024-42311
CVE-2024-42313
CVE-2024-43829
CVE-2024-43830
CVE-2024-43839
CVE-2024-43841
CVE-2024-43846
CVE-2024-43856
CVE-2024-43858
CVE-2024-43860
CVE-2024-43861
CVE-2024-43867
CVE-2024-43871
CVE-2024-43879
CVE-2024-43880
CVE-2024-43882
CVE-2024-43883
CVE-2024-43890
CVE-2024-43893
CVE-2024-43894
CVE-2024-43908
CVE-2024-43914
CVE-2024-44935
CVE-2024-44944
CVE-2024-44948
CVE-2024-44954
CVE-2024-44960
CVE-2024-44965
CVE-2024-44968
CVE-2024-44969
CVE-2024-46738

Description of changes:

[5.4.17-2136.336.5.1.el8uek]
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (Haoran Zhang) [Orabug: 37138988]

[5.4.17-2136.336.5.el8uek]
- uek-rpm: Add skx_edac_common.ko to nano_modules (Sherry Yang) [Orabug: 37030127]
- EDAC, i10nm: make skx_common.o a separate module (Arnd Bergmann) [Orabug: 37030127]
- uek-rpm: Integrating the container build in UEK6 (Jack Vogel) [Orabug: 37021061]
- i40e: Change user notification of non-SFP module in i40e_get_module_info() (Andrii Staikov) [Orabug: 36988197]
- xsigo: Use NAPI in UD/TX flows for xve (Alok Tiwari) [Orabug: 35180168]
- xsigo: remove incorrect spin_unlock_irqrestore call in vhba_queuecommand (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix slab-out-of-bounds in vhba_create (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix memory free issue in dma mapping (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix use-after-free n xsvbha for srb *sp (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix mtu setting issue in xve netdev (Alok Tiwari) [Orabug: 35180168]
- xsigo: Add struct ib_mad_send_buf to recv_handler (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove tx_outstanding variable from xve xmit (Alok Tiwari) [Orabug: 35180168]
- xsigo: Add extack argument to dev_change_flags() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove compare_data while calling ib_cm_listen() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Ignore the return value of "ib_destroy_cq" (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove sif_verbs header (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace setup_timer with the timer_setup (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use ib_ud_wr for xve_dev_priv instread of ib_send_wr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove return from register event handler (Alok Tiwari) [Orabug: 35180168]
- xsigo: Add client_data for struct ib_client remove() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace dev->trans_start update with helper netif_trans_update (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove usage of net_device last_rx member from xsigo (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace skb_frag page with bv_page in xve (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use sg_next() to get the next sg instead of SG_NEXT (Alok Tiwari) [Orabug: 35180168]
- xsigo: Rename ib_init_ah_from_path to ib_init_ah_attr_from_path (Alok Tiwari) [Orabug: 35180168]
- xsigo: remove pointer dereference for ib_fmr_pool_map_phys (Alok Tiwari) [Orabug: 35180168]
- xsigo: ib_fmr_pool_map_phys does not need rargs (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove ib_sg_dma_address() and ib_sg_dma_len() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix compiling error from xsvbha module (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove sg_copy_buffer from vhba_align (Alok Tiwari) [Orabug: 35180168]
- xsigo: Xve, replace .get_settings with ksettings() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove LRO code from xve module (Alok Tiwari) [Orabug: 35180168]
- xsigo: Xsvnic, replace .get_settings with ksettings() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove LRO code from xsvnic module (Alok Tiwari) [Orabug: 35180168]
- xsigo: Change port number from u8 to u32 (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use frag->bv_offset in place of page_offset (Alok Tiwari) [Orabug: 35180168]
- xsigo: Rename skb_frag_t size to bv_len (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix compiling error due to Constify of ib_cm_event (Alok Tiwari) [Orabug: 35180168]
- xsigo: Add the $(srctree)/ prefix to xsigo Makefile (Alok Tiwari) [Orabug: 35180168]
- xsigo: Assign IB_MGMT_BASE_VERSION for ib_create_send_mad (Alok Tiwari) [Orabug: 35180168]
- xsigo: Assign rdma_ctxs and port_num for struct ib_qp_init_attr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use struct ib_cq_init_attr for ib_create_cq() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace max_sge with max_send_sge for xscore_create_qp (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove ib_get_dma_mr and ib_dereg_mr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace ib_query_device with callback "ops.query_device" (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace ib_query_gid with rdma_query_gid (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace ib_modify_cq with rdma_set_cq_moderation (Alok Tiwari) [Orabug: 35180168]
- xsigo: Assign path record type rec_type for sa_path_rec (Alok Tiwari) [Orabug: 35180168]
- xsigo: Rename ib_sa_path_rec to sa_path_rec (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use struct ib_ud_wr ud_wr instead of ib_send_wr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace struct ib_ah_attr with struct rdma_ah_attr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Rename ib_create_ah and ib_destroy_ah (Alok Tiwari) [Orabug: 35180168]
- xsigo: Assign const argument for ib_post_send/recv() (Alok Tiwari) [Orabug: 35180168]
- uek-rpm: add xsigo module in ol7 and ol8 config file (Alok Tiwari) [Orabug: 35180168]
- Revert "RDMA/core/sa_query: Remove unused function" (Alok Tiwari) [Orabug: 35180168]
- xve: arm ud tx cq to generate completion interrupts (Ajaykumar Hotchandani) [Orabug: 28267050] [Orabug: 35180168]
- xscore: add dma address check (Zhu Yanjun) [Orabug: 27074085] [Orabug: 35180168]
- xsigo: PCA 2.3.1 Compute Node panics in xve_create_arp+430 (Pradeep Gopanapalli) [Orabug: 26474000] [Orabug: 35180168]
- xsigo: UEK4-master:poor performance discovering 256 FC LUNs w/4 paths per LUN (Pradeep Gopanapalli) [Orabug: 26199177] [Orabug: 35180168]
- xsigo: Compute node crash on FC failover (Pradeep Gopanapalli) [Orabug: 25981973] [Orabug: 35180168]
- xsigo: Fix spinlock release in case of error (Pradeep Gopanapalli) [Orabug: 25779803] [Orabug: 35180168]
- xsigo: Optimize xsvnic module parameters for UEK4 (Pradeep Gopanapalli) [Orabug: 25779865] [Orabug: 35180168]
- xsigo: Fix crash in accessing xve proc l2 entries (Pradeep Gopanapalli) [Orabug: 25165085] [Orabug: 35180168]
- xsigo: Fix race in freeing aged Forwarding table entry (Pradeep Gopanapalli) [Orabug: 25129729] [Orabug: 35180168]
- xsigo: Schedule while uninterruptible (Pradeep Gopanapalli) [Orabug: 25097469] [Orabug: 35180168]
- xsigo: supported SGE's for LSO QP (Pradeep Gopanapalli) [Orabug: 25029868] [Orabug: 35180168]
- xsigo: Hardening driver in handling remote QP failures (Pradeep Gopanapalli) [Orabug: 24929076] [Orabug: 35180168]
- xsigo: send nack codes (Pradeep Gopanapalli) [Orabug: 24442792] [Orabug: 35180168]
- xsigo: xve driver has excessive messages (Pradeep Gopanapalli) [Orabug: 24758335] [Orabug: 35180168]
- xsigo: hard LOCKUP in freeing paths (Pradeep Gopanapalli) [Orabug: 24669507] [Orabug: 35180168]
- xsigo: Crash in xscore_port_num (Pradeep Gopanapalli) [Orabug: 24760465] [Orabug: 35180168]
- xsigo: Resize uVNIC/PVI CQ size (Pradeep Gopanapalli) [Orabug: 24765034] [Orabug: 35180168]
- xsigo: Optimizing Transmit completions (Pradeep Gopanapalli) [Orabug: 24928865] [Orabug: 35180168]
- xsigo: Implementing Jumbo MTU support (Pradeep Gopanapalli) [Orabug: 24928804] [Orabug: 35180168]
- xsigo: EoiB QP support (Pradeep Gopanapalli) [Orabug: 24508359] [Orabug: 35180168]
- xsigo: Send Heart Beat Lost Operational state (Pradeep Gopanapalli) [Orabug: 23032392] [Orabug: 35180168]
- xsigo: SKB Frag cleanup (Pradeep Gopanapalli) [Orabug: 23514725] [Orabug: 35180168]
- xsigo: Tx_tail goes outof bound (Pradeep Gopanapalli) [Orabug: 23514725] [Orabug: 35180168]
- xsigo: Fixed Path locking issues (Pradeep Gopanapalli) [Orabug: 23514725] [Orabug: 35180168]
- Fixed vnic issue after saturn reset (Pradeep Gopanapalli) [Orabug: 22862488] [Orabug: 35180168]
- uvnic issues (Pradeep Gopanapalli) [Orabug: 22862488] [Orabug: 35180168]
- Fixed wrongly checked return type Added Debug print (Pradeep Gopanapalli) [Orabug: 22862488] [Orabug: 35180168]
- Integrate Uvnic functionality into uek-4.1 Revision 8008 (Pradeep Gopanapalli) [Orabug: 35180168]
- 1) S_IRWXU causing kernel soft crash changing to 0644 (Pradeep Gopanapalli) [Orabug: 35180168]
- 1) Support vnic for EDR based platform(uVnic) 2) Supported Types now Type 0 (Pradeep Gopanapalli) [Orabug: 35180168]
- Add Oracle virtual Networking Drivers for uek4 kernel (Pradeep Gopanapalli) [Orabug: 35180168]

[5.4.17-2136.336.4.el8uek]
- igb: Fix not clearing TimeSync interrupts for 82580 (Daiwei Li)
- VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (David Fernandez Gonzalez) [Orabug: 37037205] {CVE-2024-46738}
- x86/speculation: Basic IBRS is enabled with AMD Automatic IBRS (Alexandre Chartre) [Orabug: 37044540]

[5.4.17-2136.336.3.el8uek]
- Compiler Attributes: Add __uninitialized macro (Heiko Carstens)
- filelock: Correct the filelock owner in fcntl_setlk/fcntl_setlk64 (Long Li)
- ALSA: timer: Relax start tick time check for slave timer elements (Takashi Iwai)
- ALSA: hda/realtek: Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (Parsa Poorshikhian)
- LTS tag: v5.4.282 (Sherry Yang)
- media: Revert "media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()" (Sean Young)
- ARM: dts: imx6qdl-kontron-samx6i: fix phy-mode (Michael Walle)
- nvme/pci: Add APST quirk for Lenovo N60z laptop (WangYuli)
- exec: Fix ToCToU between perm check and set-uid/gid usage (Kees Cook) [Orabug: 36984017] {CVE-2024-43882}
- media: uvcvideo: Use entity get_cur in uvc_ctrl_set (Yunke Cao)
- arm64: cpufeature: Fix the visibility of compat hwcaps (Amit Daniel Kachhap)
- drm/i915/gem: Fix Virtual Memory mapping boundaries calculation (Andi Shyti) [Orabug: 36953969] {CVE-2024-42259}
- netfilter: nf_tables: prefer nft_chain_validate (Florian Westphal) [Orabug: 36896846] {CVE-2024-41042}
- netfilter: nf_tables: use timestamp to check for set element timeout (Pablo Neira Ayuso) [Orabug: 36630432] {CVE-2024-27397}
- netfilter: nf_tables: set element extended ACK reporting support (Pablo Neira Ayuso)
- kbuild: Fix '-S -c' in x86 stack protector scripts (Nathan Chancellor)
- Fix gcc 4.9 build issue in 5.4.y (Jari Ruusu)
- drm/mgag200: Set DDC timeout in milliseconds (Thomas Zimmermann)
- drm/bridge: analogix_dp: properly handle zero sized AUX transactions (Lucas Stach)
- x86/mtrr: Check if fixed MTRRs exist before saving them (Andi Kleen) [Orabug: 37028936] {CVE-2024-44948}
- tracing: Fix overflow in get_free_elt() (Tze-nan Wu) [Orabug: 36992998] {CVE-2024-43890}
- power: supply: axp288_charger: Round constant_charge_voltage writes down (Hans de Goede)
- power: supply: axp288_charger: Fix constant_charge_voltage writes (Hans de Goede)
- genirq/irqdesc: Honor caller provided affinity in alloc_desc() (Shay Drory)
- serial: core: check uartclk for zero to avoid divide by zero (George Kennedy) [Orabug: 36993009] {CVE-2024-43893}
- scsi: mpt3sas: Avoid IOMMU page faults on REPORT ZONES (Damien Le Moal)
- ntp: Safeguard against time_constant overflow (Justin Stitt)
- ntp: Clamp maxerror and esterror to operating range (Justin Stitt)
- tick/broadcast: Move per CPU pointer access into the atomic section (Thomas Gleixner) [Orabug: 37036032] {CVE-2024-44968}
- scsi: ufs: core: Fix hba->last_dme_cmd_tstamp timestamp updating logic (Vamshi Gajjela)
- usb: gadget: core: Check for unset descriptor (Chris Wulff) [Orabug: 37028988] {CVE-2024-44960}
- USB: serial: debug: do not echo input by default (Marek Marczykowski-Górecki)
- usb: vhci-hcd: Do not drop references before new references are gained (Oliver Neukum) [Orabug: 36992971] {CVE-2024-43883}
- ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (Takashi Iwai)
- ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (Steven 'Steve' Kendall)
- ALSA: line6: Fix racy access to midibuf (Takashi Iwai) [Orabug: 37028957] {CVE-2024-44954}
- drm/client: fix null pointer dereference in drm_client_modeset_probe (Ma Ke) [Orabug: 36993014] {CVE-2024-43894}
- spi: spi-fsl-lpspi: Fix scldiv calculation (Stefan Wahren)
- spi: fsl-lpspi: remove unneeded array (Oleksandr Suvorov)
- bpf: kprobe: remove unused declaring of bpf_kprobe_override (Menglong Dong)
- i2c: smbus: Send alert notifications to all devices if source not found (Guenter Roeck)
- i2c: smbus: Improve handling of stuck alerts (Guenter Roeck)
- i2c: smbus: Don't filter out duplicate alerts (Corey Minyard)
- arm64: errata: Expand speculative SSBS workaround (again) (Mark Rutland)
- arm64: cputype: Add Cortex-A725 definitions (Mark Rutland)
- arm64: cputype: Add Cortex-X1C definitions (Mark Rutland)
- arm64: errata: Expand speculative SSBS workaround (Mark Rutland)
- arm64: errata: Unify speculative SSBS errata logic (Mark Rutland)
- arm64: cputype: Add Cortex-X925 definitions (Mark Rutland)
- arm64: cputype: Add Cortex-A720 definitions (Mark Rutland)
- arm64: cputype: Add Cortex-X3 definitions (Mark Rutland)
- arm64: errata: Add workaround for Arm errata 3194386 and 3312417 (Mark Rutland)
- arm64: cputype: Add Neoverse-V3 definitions (Mark Rutland)
- arm64: cputype: Add Cortex-X4 definitions (Mark Rutland)
- arm64: Add Neoverse-V2 part (Besar Wicaksono)
- arm64: cpufeature: Force HWCAP to be based on the sysreg visible to user-space (James Morse)
- ext4: fix wrong unit use in ext4_mb_find_by_goal (Kemeng Shi)
- SUNRPC: Fix a race to wake a sync task (Benjamin Coddington)
- s390/sclp: Prevent release of buffer in I/O (Peter Oberparleiter) [Orabug: 37029020] {CVE-2024-44969}
- jbd2: avoid memleak in jbd2_journal_write_metadata_buffer (Kemeng Shi)
- media: uvcvideo: Fix the bandwdith quirk on USB 3.x (Michal Pecio)
- media: uvcvideo: Ignore empty TS packets (Ricardo Ribalda)
- drm/amdgpu: Fix the null pointer dereference to ras_manager (Ma Jun) [Orabug: 36993084] {CVE-2024-43908}
- btrfs: fix bitmap leak when loading free space cache on duplicate entry (Filipe Manana)
- wifi: nl80211: don't give key data to userspace (Johannes Berg)
- udf: prevent integer overflow in udf_bitmap_free_blocks() (Roman Smirnov)
- PCI: Add Edimax Vendor ID to pci_ids.h (FUJITA Tomonori)
- selftests/bpf: Fix send_signal test with nested CONFIG_PARAVIRT (Yonghong Song)
- ACPI: SBS: manage alarm sysfs attribute through psy core (Thomas Weißschuh)
- ACPI: battery: create alarm sysfs attribute atomically (Thomas Weißschuh)
- clocksource/drivers/sh_cmt: Address race condition for clock events (Niklas Söderlund)
- md/raid5: avoid BUG_ON() while continue reshape after reassembling (Yu Kuai) [Orabug: 36993127] {CVE-2024-43914}
- net: fec: Stop PPS on driver remove (Csókás, Bence)
- Bluetooth: l2cap: always unlock channel in l2cap_conless_channel() (Dmitry Antipov)
- net: linkwatch: use system_unbound_wq (Eric Dumazet)
- net: usb: qmi_wwan: fix memory leak for not ip packets (Daniele Palmas) [Orabug: 36983959] {CVE-2024-43861}
- sctp: Fix null-ptr-deref in reuseport_add_sock(). (Kuniyuki Iwashima) [Orabug: 36993147] {CVE-2024-44935}
- sctp: move hlist_node and hashent out of sctp_ep_common (Xin Long)
- x86/mm: Fix pti_clone_pgtable() alignment assumption (Peter Zijlstra) [Orabug: 37029012] {CVE-2024-44965}
- irqchip/mbigen: Fix mbigen node address layout (Yipeng Zou)
- genirq: Allow irq_chip registration functions to take a const irq_chip (Marc Zyngier)
- netfilter: ipset: Add list flush to cancel_gc (Alexander Maltsev)
- net: usb: sr9700: fix uninitialized variable use in sr_mdio_read (Ma Ke)
- ALSA: usb-audio: Correct surround channels in UAC1 channel map (Takashi Iwai)
- protect the fetch of ->fd[fd] in do_dup2() from mispredictions (Al Viro) [Orabug: 36963808] {CVE-2024-42265}
- HID: wacom: Modify pen IDs (Tatsunosuke Tobita)
- ipv6: fix ndisc_is_useropt() handling for PIO (Maciej Żenczykowski)
- net/mlx5e: Add a check for the return value from mlx5_port_set_eth_ptys (Shahar Shitrit)
- net/iucv: fix use after free in iucv_sock_close() (Alexandra Winter) [Orabug: 36964006] {CVE-2024-42271}
- drm/vmwgfx: Fix overlay when using Screen Targets (Ian Forbes)
- drm/nouveau: prime: fix refcount underflow (Danilo Krummrich) [Orabug: 36983979] {CVE-2024-43867}
- remoteproc: imx_rproc: Skip over memory region when node value is NULL (Aleksandr Mishin) [Orabug: 36964537] {CVE-2024-43860}
- remoteproc: imx_rproc: Fix ignoring mapping vdev regions (Dong Aisheng)
- remoteproc: imx_rproc: ignore mapping vdev regions (Peng Fan)
- irqchip/imx-irqsteer: Handle runtime power management correctly (Shenwei Wang) [Orabug: 36964085] {CVE-2024-42290}
- irqchip/imx-irqsteer: Add runtime PM support (Lucas Stach)
- irqchip/imx-irqsteer: Constify irq_chip struct (Lucas Stach)
- genirq: Allow the PM device to originate from irq domain (Marc Zyngier)
- devres: Fix memory leakage caused by driver API devm_free_percpu() (Zijun Hu) [Orabug: 36983991] {CVE-2024-43871}
- driver core: Cast to (void *) with __force for __percpu pointer (Andy Shevchenko)
- dev/parport: fix the array out-of-bounds risk (tuhaowen) [Orabug: 36964223] {CVE-2024-42301}
- parport: Standardize use of printmode (Joe Perches)
to pr_( (Joe Perches)
- PCI: rockchip: Use GPIOD_OUT_LOW flag while requesting ep_gpio (Manivannan Sadhasivam)
- PCI: rockchip: Make 'ep-gpios' DT property optional (Chen-Yu Tsai)
- mm: avoid overflows in dirty throttling logic (Jan Kara) [Orabug: 36897803] {CVE-2024-42131}
- nvme-pci: add missing condition check for existence of mapped data (Leon Romanovsky) [Orabug: 36964022] {CVE-2024-42276}
- ASoC: Intel: use soc_intel_is_byt_cr() only when IOSF_MBI is reachable (Pierre-Louis Bossart)
- ASoC: Intel: Move soc_intel_is_foo() helpers to a generic header (Hans de Goede)
- ASoC: Intel: Convert to new X86 CPU match macros (Thomas Gleixner)
- powerpc: fix a file leak in kvm_vcpu_ioctl_enable_cap() (Al Viro)
- apparmor: Fix null pointer deref when receiving skb during sock creation (Xiao Liang)
- mISDN: Fix a use after free in hfcmulti_tx() (Dan Carpenter) [Orabug: 36964032] {CVE-2024-42280}
- bpf: Fix a segment issue when downgrading gso_size (Fred Li) [Orabug: 36964038] {CVE-2024-42281}
- net: nexthop: Initialize all fields in dumped nexthops (Petr Machata) [Orabug: 36964044] {CVE-2024-42283}
- tipc: Return non-zero value from tipc_udp_addr2str() on error (Shigeru Yoshida) [Orabug: 36964047] {CVE-2024-42284}
- net: bonding: correctly annotate RCU in bond_should_notify_peers() (Johannes Berg)
- ipv4: Fix incorrect source address in Record Route option (Ido Schimmel)
- MIPS: SMP-CPS: Fix address for GCR_ACCESS register for CM3 and later (Gregory CLEMENT)
- dma: fix call order in dmam_free_coherent (Lance Richardson) [Orabug: 36964523] {CVE-2024-43856}
- libbpf: Fix no-args func prototype BTF dumping syntax (Andrii Nakryiko)
- um: time-travel: fix time-travel-start option (Johannes Berg)
- jfs: Fix array-index-out-of-bounds in diFree (Jeongjun Park) [Orabug: 36964530] {CVE-2024-43858}
- kdb: address -Wformat-security warnings (Arnd Bergmann)
- nilfs2: handle inconsistent state in nilfs_btnode_create_block() (Ryusuke Konishi) [Orabug: 36964203] {CVE-2024-42295}
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x13d3:0x3591 (WangYuli)
- Bluetooth: btusb: Add RTL8852BE device 0489:e125 to device tables (Hilda Wu)
- rbd: don't assume RBD_LOCK_STATE_LOCKED for exclusive mappings (Ilya Dryomov)
- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (Ilya Dryomov)
- drm/panfrost: Mark simple_ondemand governor as softdep (Dragan Simic)
- rbd: don't assume rbd_is_lock_owner() for exclusive mappings (Ilya Dryomov)
- selftests/sigaltstack: Fix ppc64 GCC build (Michael Ellerman)
- RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (Bart Van Assche) [Orabug: 36964054] {CVE-2024-42285}
- platform: mips: cpu_hwmon: Disable driver on unsupported hardware (Jiaxun Yang)
- watchdog/perf: properly initialize the turbo mode timestamp and rearm counter (Thomas Gleixner)
- rtc: isl1208: Fix return value of nvmem callbacks (Joy Chakraborty)
- perf/x86/intel/pt: Fix a topa_entry base address calculation (Adrian Hunter)
- perf/x86/intel/pt: Fix topa_entry base length (Marco Cavenati)
- scsi: qla2xxx: validate nvme_local_port correctly (Nilesh Javali) [Orabug: 36964059] {CVE-2024-42286}
- scsi: qla2xxx: Complete command early within lock (Shreyas Deodhar) [Orabug: 36964065] {CVE-2024-42287}
- scsi: qla2xxx: Fix for possible memory corruption (Shreyas Deodhar) [Orabug: 36964070] {CVE-2024-42288}
- scsi: qla2xxx: During vport delete send async logout explicitly (Manish Rangankar) [Orabug: 36964080] {CVE-2024-42289}
- rtc: cmos: Fix return value of nvmem callbacks (Joy Chakraborty)
- kobject_uevent: Fix OOB access within zap_modalias_env() (Zijun Hu) [Orabug: 36964092] {CVE-2024-42292}
- decompress_bunzip2: fix rare decompression failure (Ross Lagerwall)
- ubi: eba: properly rollback inside self_check_eba (Fedor Pchelkin)
- clk: davinci: da8xx-cfgchip: Initialize clk_init_data before use (Bastien Curutchet)
- f2fs: fix to don't dirty inode for readonly filesystem (Chao Yu) [Orabug: 36964213] {CVE-2024-42297}
- scsi: qla2xxx: Return ENOBUFS if sg_cnt is more than one for ELS cmds (Saurav Kashyap)
- binder: fix hang of unregistered readers (Carlos Llamas)
- PCI: hv: Return zero, not garbage, when reading PCI_INTERRUPT_PIN (Wei Liu)
- hwrng: amd - Convert PCIBIOS_* return codes to errnos (Ilpo Järvinen)
- tools/memory-model: Fix bug in lock.cat (Alan Stern)
- leds: ss4200: Convert PCIBIOS_* return codes to errnos (Ilpo Järvinen)
- wifi: mwifiex: Fix interface type change (Rafael Beims)
- ext4: make sure the first directory block is not a hole (Baokun Li) [Orabug: 36964232] {CVE-2024-42304}
- ext4: check dot and dotdot of dx_root before making dir indexed (Baokun Li) [Orabug: 36964237] {CVE-2024-42305}
- m68k: amiga: Turn off Warp1260 interrupts during boot (Paolo Pisati)
- udf: Avoid using corrupted block bitmap buffer (Jan Kara) [Orabug: 36964242] {CVE-2024-42306}
- drm/amd/display: Check for NULL pointer (Sung Joon Kim) [Orabug: 36964247] {CVE-2024-42308}
- drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes (Ma Ke) [Orabug: 36964253] {CVE-2024-42309}
- drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes (Ma Ke) [Orabug: 36964260] {CVE-2024-42310}
- hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (Chao Yu) [Orabug: 36964265] {CVE-2024-42311}
- media: venus: fix use after free in vdec_close (Dikshita Agarwal) [Orabug: 36964275] {CVE-2024-42313}
- char: tpm: Fix possible memory leak in tpm_bios_measurements_open() (Joe Hattori)
- ipv6: take care of scope when choosing the src addr (Nicolas Dichtel)
- af_packet: Handle outgoing VLAN packets without hardware offloading (Chengen Du)
- net: netconsole: Disable target before netpoll cleanup (Breno Leitao)
- tick/broadcast: Make takeover of broadcast hrtimer reliable (Yu Liao)
- rtc: interface: Add RTC offset to alarm after fix-up (Csókás, Bence)
- nilfs2: avoid undefined behavior in nilfs_cnt32_ge macro (Ryusuke Konishi)
- fs/nilfs2: remove some unused macros to tame gcc (Alex Shi)
- pinctrl: freescale: mxs: Fix refcount of child (Peng Fan)
- netfilter: ctnetlink: use helper function to calculate expect ID (Pablo Neira Ayuso) [Orabug: 37013755] {CVE-2024-44944}
- bnxt_re: Fix imm_data endianness (Jack Wang)
- macintosh/therm_windtunnel: fix module unload. (Nick Bowler)
- powerpc/xmon: Fix disassembly CPU feature checks (Michael Ellerman)
- Input: elan_i2c - do not leave interrupt disabled on suspend failure (Dmitry Torokhov)
- RDMA/device: Return error earlier if port in not valid (Leon Romanovsky)
- mtd: make mtd_test.c a separate module (Arnd Bergmann)
- ASoC: max98088: Check for clk_prepare_enable() error (Chen Ni)
- RDMA/rxe: Don't set BTH_ACK_MASK for UC or UD QPs (Honggang LI)
- RDMA/mlx4: Fix truncated output warning in alias_GUID.c (Leon Romanovsky)
- RDMA/mlx4: Fix truncated output warning in mad.c (Leon Romanovsky)
- Input: qt1050 - handle CHIP_ID reading error (Andrei Lalaev)
- PCI: Fix resource double counting on remove & rescan (Ilpo Järvinen)
- SUNRPC: Fixup gss_status tracepoint error output (Benjamin Coddington)
- sparc64: Fix incorrect function signature and add prototype for prom_cif_init (Andreas Larsson)
- ext4: avoid writing unitialized memory to disk in EA inodes (Jan Kara)
- SUNRPC: avoid soft lockup when transmitting UDP to reachable server. (NeilBrown)
- mfd: omap-usb-tll: Use struct_size to allocate tll (Javier Carrasco)
- drm/qxl: Add check for drm_cvt_mode (Chen Ni) [Orabug: 36964456] {CVE-2024-43829}
- drm/etnaviv: fix DMA direction handling for cached RW buffers (Lucas Stach)
- perf report: Fix condition in sort__sym_cmp() (Namhyung Kim)
- leds: trigger: Unregister sysfs attributes before calling deactivate() (Hans de Goede) [Orabug: 36964459] {CVE-2024-43830}
- media: renesas: vsp1: Store RPF partition configuration per RPF instance (Laurent Pinchart)
- media: renesas: vsp1: Fix _irqsave and _irq mix (Laurent Pinchart)
- media: uvcvideo: Override default flags (Daniel Schaefer)
- media: uvcvideo: Allow entity-defined get_info and get_cur (Ricardo Ribalda)
- saa7134: Unchecked i2c_transfer function result fixed (Aleksandr Burakov)
- media: imon: Fix race getting ictx->lock (Ricardo Ribalda)
- media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control() (Zheng Yejian)
- USB: move snd_usb_pipe_sanity_check into the USB core (Greg Kroah-Hartman)
- selftests: forwarding: devlink_lib: Wait for udev events after reloading (Amit Cohen)
- bna: adjust 'name' buf size of bna_tcb and bna_ccb structures (Alexey Kodanev) [Orabug: 36964480] {CVE-2024-43839}
- wifi: virt_wifi: don't use strlen() in const context (Johannes Berg)
- gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (Gaosheng Cui)
- wifi: virt_wifi: avoid reporting connection success with wrong SSID (En-Wei Wu) [Orabug: 36964487] {CVE-2024-43841}
- qed: Improve the stack space of filter_config() (Shai Malin)
- perf: Prevent passing zero nr_pages to rb_alloc_aux() (Adrian Hunter)
- perf: Fix perf_aux_size() for greater-than 32-bit size (Adrian Hunter)
- perf/x86/intel/pt: Fix pt_topa_entry_for_page() address calculation (Adrian Hunter)
- netfilter: nf_tables: rise cap on SELinux secmark context (Pablo Neira Ayuso)
- net: fec: Fix FEC_ECR_EN1588 being cleared on link-down (Csókás, Bence)
- net: fec: Refactor: #define magic constants (Csókás Bence)
- wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (Baochen Qiang) [Orabug: 36984010] {CVE-2024-43879}
- wifi: cfg80211: fix typo in cfg80211_calculate_bitrate_he() (Baochen Qiang)
- mlxsw: spectrum_acl_erp: Fix object nesting warning (Ido Schimmel) [Orabug: 36984013] {CVE-2024-43880}
- lib: objagg: Fix general protection fault (Ido Schimmel) [Orabug: 36964495] {CVE-2024-43846}
- selftests/bpf: Check length of recv in test_sockmap (Geliang Tang)
- net/smc: set rmb's SG_MAX_SINGLE_ALLOC limitation only when CONFIG_ARCH_NO_SG_CHAIN is defined (Guangguan Wang)
- net/smc: Allow SMC-D 1MB DMB allocations (Stefan Raspl)
- wifi: brcmsmac: LCN PHY code is used for BCM4313 2G-only device (Samasth Norway Ananda)
- firmware: turris-mox-rwtm: Initialize completion before mailbox (Marek Behún)
- firmware: turris-mox-rwtm: Fix checking return value of wait_for_completion_timeout() (Marek Behún)
- m68k: cmpxchg: Fix return value for default case in __arch_xchg() (Thorsten Blum)
- x86/xen: Convert comma to semicolon (Chen Ni)
- m68k: atari: Fix TT bootup freeze / unexpected (SCU) interrupt messages (Eero Tamminen)
- arm64: dts: amlogic: gx: correct hdmi clocks (Jerome Brunet)
- arm64: dts: mediatek: mt7622: fix "emmc" pinctrl mux (Rafał Miłecki)
- ARM: dts: imx6qdl-kontron-samx6i: fix PCIe reset polarity (Michael Walle)
- ARM: dts: imx6qdl-kontron-samx6i: fix board reset (Michael Walle)
- ARM: dts: imx6qdl-kontron-samx6i: fix PHY reset (Michael Walle)
- ARM: dts: imx6qdl-kontron-samx6i: move phy reset into phy-node (Marco Felsch)
- arm64: dts: rockchip: Increase VOP clk rate on RK3328 (Jonas Karlman)
- arm64: dts: qcom: msm8996: specify UFS core_clk frequencies (Dmitry Baryshkov)
- arm64: dts: qcom: sdm845: add power-domain to UFS PHY (Dmitry Baryshkov)
- hwmon: (max6697) Fix swapped temp{1,8} critical alarms (Guenter Roeck)
- hwmon: (max6697) Fix underflow when writing limit attributes (Guenter Roeck)
- pwm: stm32: Always do lazy disabling (Uwe Kleine-König)
- hwmon: (adt7475) Fix default duty on fan is disabled (Wayne Tung)
- x86/platform/iosf_mbi: Convert PCIBIOS_* return codes to errnos (Ilpo Järvinen)
- x86/pci/xen: Fix PCIBIOS_* return code handling (Ilpo Järvinen)
- x86/pci/intel_mid_pci: Fix PCIBIOS_* return code handling (Ilpo Järvinen)
- x86/of: Return consistent error type from x86_of_pci_irq_enable() (Ilpo Järvinen)
- hfsplus: fix to avoid false alarm of circular locking (Chao Yu)
- platform/chrome: cros_ec_debugfs: fix wrong EC message version (Tzung-Bi Shih)
- LTS tag: v5.4.281 (Sherry Yang)
- tap: add missing verification for short frame (Si-Wei Liu) [Orabug: 36660755] {CVE-2024-41090}
- tun: add missing verification for short frame (Dongli Zhang) [Orabug: 36660755] {CVE-2024-41091}
- filelock: Fix fcntl/close race recovery compat path (Jann Horn) [Orabug: 36896789] {CVE-2024-41020} {CVE-2024-41012}
- ALSA: hda/realtek: Enable headset mic on Positivo SU C1400 (Edson Juliano Drosdeck)
- jfs: don't walk off the end of ealist (lei lu) [Orabug: 36891667] {CVE-2024-41017}
- ocfs2: add bounds checking to ocfs2_check_dir_entry() (lei lu) [Orabug: 36891655] {CVE-2024-41015}
- ACPI: processor_idle: Fix invalid comparison with insertion sort for latency (Kuan-Wei Chiu)
- ARM: 9324/1: fix get_user() broken with veneer (Masahiro Yamada)
- hfsplus: fix uninit-value in copy_name (Edward Adam Davis) [Orabug: 36896969] {CVE-2024-41059}
- selftests/vDSO: fix clang build errors and warnings (John Hubbard)
- spi: imx: Don't expect DMA for i.MX{25,35,50,51,53} cspi devices (Uwe Kleine-König)
- fs: better handle deep ancestor chains in is_subdir() (Christian Brauner)
- Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (Tetsuo Handa) [Orabug: 36896994] {CVE-2024-41063}
- scsi: libsas: Fix exp-attached device scan after probe failure scanned in again after probe failed (Xingui Yang)
- powerpc/eeh: avoid possible crash when edev->pdev changes (Ganesh Goudar) [Orabug: 36897003] {CVE-2024-41064}
- powerpc/pseries: Whitelist dtl slub object for copying to userspace (Anjali K) [Orabug: 36897009] {CVE-2024-41065}
- net: mac802154: Fix racy device stats updates by DEV_STATS_INC() and DEV_STATS_ADD() (Yunshui Jiang)
- net: usb: qmi_wwan: add Telit FN912 compositions (Daniele Palmas)
- ALSA: dmaengine_pcm: terminate dmaengine before synchronize (Shengjiu Wang)
- s390/sclp: Fix sclp_init() cleanup on failure (Heiko Carstens) [Orabug: 36897032] {CVE-2024-41068}
- can: kvaser_usb: fix return value for hif_usb_send_regout (Chen Ni)
- ASoC: ti: omap-hdmi: Fix too long driver name (Primoz Fiser)
- ASoC: ti: davinci-mcasp: Set min period size using FIFO config (Jai Luthra)
- bytcr_rt5640 : inverse jack detect for Archos 101 cesium (Thomas GENTY)
- Input: elantech - fix touchpad state on resume for Lenovo N24 (Jonathan Denose)
- mips: fix compat_sys_lseek syscall (Arnd Bergmann)
- ALSA: hda/realtek: Add more codec ID to no shutup pins list (Kailang Yang)
- KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (Michael Ellerman) [Orabug: 36897048] {CVE-2024-41070}
- wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (Dmitry Antipov) [Orabug: 36897312] {CVE-2024-41072}
- mei: demote client disconnect warning on suspend to debug (Alexander Usyskin)
- fs/file: fix the check in find_next_fd() (Yuntao Wang)
- kconfig: remove wrong expr_trans_bool() (Masahiro Yamada)
- kconfig: gconf: give a proper initial state to the Save button (Masahiro Yamada)
- ila: block BH in ila_output() (Eric Dumazet) [Orabug: 36897360] {CVE-2024-41081}
- Input: silead - Always support 10 fingers (Hans de Goede)
- wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan() (Dmitry Antipov)
- wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata (Nicolas Escande)
- ACPI: EC: Avoid returning AE_OK on errors in address space handler (Armin Wolf)
- ACPI: EC: Abort address space access upon error (Armin Wolf)
- scsi: qedf: Set qed_slowpath_params to zero before use (Saurav Kashyap)
- filelock: Remove locks reliably when fcntl/close race is detected (Jann Horn) [Orabug: 36874758] {CVE-2024-41012} {CVE-2024-41020}
- gcc-plugins: Rename last_stmt() for GCC 14+ (Kees Cook)

[5.4.17-2136.336.2.el8uek]
- mm: Only enable HVO under UEK6 for Exadata system (Jane Chu) [Orabug: 36990830]
- mm: delete redundent old PageCompound() macro (Jane Chu) [Orabug: 36990830]

[5.4.17-2136.336.1.el8uek]
- mm/hwpoison: put page in already hwpoisoned case with MF_COUNT_INCREASED (Naoya Horiguchi) [Orabug: 36947110]
- mm/memory-failure: send SIGBUS in the event of thp split fail (Jane Chu) [Orabug: 36947110]
- mm/memory-failure: move hwpoison_filter() higher up (Jane Chu) [Orabug: 36947110]
- mm/memory-failure: improve memory failure action_result messages (Jane Chu) [Orabug: 36947110]
- mm/madvise: add MF_ACTION_REQUIRED to madvise(MADV_HWPOISON) (Jane Chu) [Orabug: 36947110]
- mm/memory-failure: try to send SIGBUS even if unmap failed (Jane Chu) [Orabug: 36947110]
- mm: memory-failure: cleanup try_to_split_thp_page() (Kefeng Wang) [Orabug: 36947110]
- mm,hwpoison: introduce MF_MSG_UNSPLIT_THP (Naoya Horiguchi) [Orabug: 36947110]
- KVM/x86: Do not clear SIPI while in SMM (Boris Ostrovsky) [Orabug: 36401960]



ELSA-2024-8024 Important: Oracle Linux 8 thunderbird security update


Oracle Linux Security Advisory ELSA-2024-8024

http://linux.oracle.com/errata/ELSA-2024-8024.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
thunderbird-128.3.1-1.0.1.el8_10.x86_64.rpm

aarch64:
thunderbird-128.3.1-1.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//thunderbird-128.3.1-1.0.1.el8_10.src.rpm

Related CVEs:

CVE-2024-9680

Description of changes:

[128.3.1-1.0.1]
- Fix prefs for new nss [Orabug: 37079820]
- Add Oracle prefs file

[128.3.1]
- Add OpenELA debranding

[128.3.1-1]
- Update to 128.3.1



ELSA-2024-12780 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2024-12780

http://linux.oracle.com/errata/ELSA-2024-12780.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-5.4.17-2136.336.5.1.el7uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.336.5.1.el7uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.336.5.1.el7uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.336.5.1.el7uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.336.5.1.el7uek.noarch.rpm
kernel-uek-tools-5.4.17-2136.336.5.1.el7uek.x86_64.rpm

aarch64:
kernel-uek-5.4.17-2136.336.5.1.el7uek.aarch64.rpm
kernel-uek-debug-5.4.17-2136.336.5.1.el7uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2136.336.5.1.el7uek.aarch64.rpm
kernel-uek-devel-5.4.17-2136.336.5.1.el7uek.aarch64.rpm
kernel-uek-doc-5.4.17-2136.336.5.1.el7uek.noarch.rpm
kernel-uek-tools-5.4.17-2136.336.5.1.el7uek.aarch64.rpm
kernel-uek-tools-libs-5.4.17-2136.336.5.1.el7uek.aarch64.rpm
perf-5.4.17-2136.336.5.1.el7uek.aarch64.rpm
python-perf-5.4.17-2136.336.5.1.el7uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//kernel-uek-5.4.17-2136.336.5.1.el7uek.src.rpm

Related CVEs:

CVE-2024-27397
CVE-2024-41012
CVE-2024-41015
CVE-2024-41017
CVE-2024-41020
CVE-2024-41042
CVE-2024-41059
CVE-2024-41063
CVE-2024-41064
CVE-2024-41065
CVE-2024-41068
CVE-2024-41070
CVE-2024-41072
CVE-2024-41081
CVE-2024-41090
CVE-2024-41091
CVE-2024-42131
CVE-2024-42259
CVE-2024-42265
CVE-2024-42271
CVE-2024-42276
CVE-2024-42280
CVE-2024-42281
CVE-2024-42283
CVE-2024-42284
CVE-2024-42285
CVE-2024-42286
CVE-2024-42287
CVE-2024-42288
CVE-2024-42289
CVE-2024-42290
CVE-2024-42292
CVE-2024-42295
CVE-2024-42297
CVE-2024-42301
CVE-2024-42304
CVE-2024-42305
CVE-2024-42306
CVE-2024-42308
CVE-2024-42309
CVE-2024-42310
CVE-2024-42311
CVE-2024-42313
CVE-2024-43829
CVE-2024-43830
CVE-2024-43839
CVE-2024-43841
CVE-2024-43846
CVE-2024-43856
CVE-2024-43858
CVE-2024-43860
CVE-2024-43861
CVE-2024-43867
CVE-2024-43871
CVE-2024-43879
CVE-2024-43880
CVE-2024-43882
CVE-2024-43883
CVE-2024-43890
CVE-2024-43893
CVE-2024-43894
CVE-2024-43908
CVE-2024-43914
CVE-2024-44935
CVE-2024-44944
CVE-2024-44948
CVE-2024-44954
CVE-2024-44960
CVE-2024-44965
CVE-2024-44968
CVE-2024-44969
CVE-2024-46738

Description of changes:

[5.4.17-2136.336.5.1.el7uek]
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (Haoran Zhang) [Orabug: 37138988]

[5.4.17-2136.336.5.el7uek]
- uek-rpm: Add skx_edac_common.ko to nano_modules (Sherry Yang) [Orabug: 37030127]
- EDAC, i10nm: make skx_common.o a separate module (Arnd Bergmann) [Orabug: 37030127]
- uek-rpm: Integrating the container build in UEK6 (Jack Vogel) [Orabug: 37021061]
- i40e: Change user notification of non-SFP module in i40e_get_module_info() (Andrii Staikov) [Orabug: 36988197]
- xsigo: Use NAPI in UD/TX flows for xve (Alok Tiwari) [Orabug: 35180168]
- xsigo: remove incorrect spin_unlock_irqrestore call in vhba_queuecommand (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix slab-out-of-bounds in vhba_create (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix memory free issue in dma mapping (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix use-after-free n xsvbha for srb *sp (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix mtu setting issue in xve netdev (Alok Tiwari) [Orabug: 35180168]
- xsigo: Add struct ib_mad_send_buf to recv_handler (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove tx_outstanding variable from xve xmit (Alok Tiwari) [Orabug: 35180168]
- xsigo: Add extack argument to dev_change_flags() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove compare_data while calling ib_cm_listen() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Ignore the return value of "ib_destroy_cq" (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove sif_verbs header (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace setup_timer with the timer_setup (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use ib_ud_wr for xve_dev_priv instread of ib_send_wr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove return from register event handler (Alok Tiwari) [Orabug: 35180168]
- xsigo: Add client_data for struct ib_client remove() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace dev->trans_start update with helper netif_trans_update (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove usage of net_device last_rx member from xsigo (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace skb_frag page with bv_page in xve (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use sg_next() to get the next sg instead of SG_NEXT (Alok Tiwari) [Orabug: 35180168]
- xsigo: Rename ib_init_ah_from_path to ib_init_ah_attr_from_path (Alok Tiwari) [Orabug: 35180168]
- xsigo: remove pointer dereference for ib_fmr_pool_map_phys (Alok Tiwari) [Orabug: 35180168]
- xsigo: ib_fmr_pool_map_phys does not need rargs (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove ib_sg_dma_address() and ib_sg_dma_len() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix compiling error from xsvbha module (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove sg_copy_buffer from vhba_align (Alok Tiwari) [Orabug: 35180168]
- xsigo: Xve, replace .get_settings with ksettings() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove LRO code from xve module (Alok Tiwari) [Orabug: 35180168]
- xsigo: Xsvnic, replace .get_settings with ksettings() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove LRO code from xsvnic module (Alok Tiwari) [Orabug: 35180168]
- xsigo: Change port number from u8 to u32 (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use frag->bv_offset in place of page_offset (Alok Tiwari) [Orabug: 35180168]
- xsigo: Rename skb_frag_t size to bv_len (Alok Tiwari) [Orabug: 35180168]
- xsigo: Fix compiling error due to Constify of ib_cm_event (Alok Tiwari) [Orabug: 35180168]
- xsigo: Add the $(srctree)/ prefix to xsigo Makefile (Alok Tiwari) [Orabug: 35180168]
- xsigo: Assign IB_MGMT_BASE_VERSION for ib_create_send_mad (Alok Tiwari) [Orabug: 35180168]
- xsigo: Assign rdma_ctxs and port_num for struct ib_qp_init_attr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use struct ib_cq_init_attr for ib_create_cq() (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace max_sge with max_send_sge for xscore_create_qp (Alok Tiwari) [Orabug: 35180168]
- xsigo: Remove ib_get_dma_mr and ib_dereg_mr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace ib_query_device with callback "ops.query_device" (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace ib_query_gid with rdma_query_gid (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace ib_modify_cq with rdma_set_cq_moderation (Alok Tiwari) [Orabug: 35180168]
- xsigo: Assign path record type rec_type for sa_path_rec (Alok Tiwari) [Orabug: 35180168]
- xsigo: Rename ib_sa_path_rec to sa_path_rec (Alok Tiwari) [Orabug: 35180168]
- xsigo: Use struct ib_ud_wr ud_wr instead of ib_send_wr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Replace struct ib_ah_attr with struct rdma_ah_attr (Alok Tiwari) [Orabug: 35180168]
- xsigo: Rename ib_create_ah and ib_destroy_ah (Alok Tiwari) [Orabug: 35180168]
- xsigo: Assign const argument for ib_post_send/recv() (Alok Tiwari) [Orabug: 35180168]
- uek-rpm: add xsigo module in ol7 and ol8 config file (Alok Tiwari) [Orabug: 35180168]
- Revert "RDMA/core/sa_query: Remove unused function" (Alok Tiwari) [Orabug: 35180168]
- xve: arm ud tx cq to generate completion interrupts (Ajaykumar Hotchandani) [Orabug: 28267050] [Orabug: 35180168]
- xscore: add dma address check (Zhu Yanjun) [Orabug: 27074085] [Orabug: 35180168]
- xsigo: PCA 2.3.1 Compute Node panics in xve_create_arp+430 (Pradeep Gopanapalli) [Orabug: 26474000] [Orabug: 35180168]
- xsigo: UEK4-master:poor performance discovering 256 FC LUNs w/4 paths per LUN (Pradeep Gopanapalli) [Orabug: 26199177] [Orabug: 35180168]
- xsigo: Compute node crash on FC failover (Pradeep Gopanapalli) [Orabug: 25981973] [Orabug: 35180168]
- xsigo: Fix spinlock release in case of error (Pradeep Gopanapalli) [Orabug: 25779803] [Orabug: 35180168]
- xsigo: Optimize xsvnic module parameters for UEK4 (Pradeep Gopanapalli) [Orabug: 25779865] [Orabug: 35180168]
- xsigo: Fix crash in accessing xve proc l2 entries (Pradeep Gopanapalli) [Orabug: 25165085] [Orabug: 35180168]
- xsigo: Fix race in freeing aged Forwarding table entry (Pradeep Gopanapalli) [Orabug: 25129729] [Orabug: 35180168]
- xsigo: Schedule while uninterruptible (Pradeep Gopanapalli) [Orabug: 25097469] [Orabug: 35180168]
- xsigo: supported SGE's for LSO QP (Pradeep Gopanapalli) [Orabug: 25029868] [Orabug: 35180168]
- xsigo: Hardening driver in handling remote QP failures (Pradeep Gopanapalli) [Orabug: 24929076] [Orabug: 35180168]
- xsigo: send nack codes (Pradeep Gopanapalli) [Orabug: 24442792] [Orabug: 35180168]
- xsigo: xve driver has excessive messages (Pradeep Gopanapalli) [Orabug: 24758335] [Orabug: 35180168]
- xsigo: hard LOCKUP in freeing paths (Pradeep Gopanapalli) [Orabug: 24669507] [Orabug: 35180168]
- xsigo: Crash in xscore_port_num (Pradeep Gopanapalli) [Orabug: 24760465] [Orabug: 35180168]
- xsigo: Resize uVNIC/PVI CQ size (Pradeep Gopanapalli) [Orabug: 24765034] [Orabug: 35180168]
- xsigo: Optimizing Transmit completions (Pradeep Gopanapalli) [Orabug: 24928865] [Orabug: 35180168]
- xsigo: Implementing Jumbo MTU support (Pradeep Gopanapalli) [Orabug: 24928804] [Orabug: 35180168]
- xsigo: EoiB QP support (Pradeep Gopanapalli) [Orabug: 24508359] [Orabug: 35180168]
- xsigo: Send Heart Beat Lost Operational state (Pradeep Gopanapalli) [Orabug: 23032392] [Orabug: 35180168]
- xsigo: SKB Frag cleanup (Pradeep Gopanapalli) [Orabug: 23514725] [Orabug: 35180168]
- xsigo: Tx_tail goes outof bound (Pradeep Gopanapalli) [Orabug: 23514725] [Orabug: 35180168]
- xsigo: Fixed Path locking issues (Pradeep Gopanapalli) [Orabug: 23514725] [Orabug: 35180168]
- Fixed vnic issue after saturn reset (Pradeep Gopanapalli) [Orabug: 22862488] [Orabug: 35180168]
- uvnic issues (Pradeep Gopanapalli) [Orabug: 22862488] [Orabug: 35180168]
- Fixed wrongly checked return type Added Debug print (Pradeep Gopanapalli) [Orabug: 22862488] [Orabug: 35180168]
- Integrate Uvnic functionality into uek-4.1 Revision 8008 (Pradeep Gopanapalli) [Orabug: 35180168]
- 1) S_IRWXU causing kernel soft crash changing to 0644 (Pradeep Gopanapalli) [Orabug: 35180168]
- 1) Support vnic for EDR based platform(uVnic) 2) Supported Types now Type 0 (Pradeep Gopanapalli) [Orabug: 35180168]
- Add Oracle virtual Networking Drivers for uek4 kernel (Pradeep Gopanapalli) [Orabug: 35180168]

[5.4.17-2136.336.4.el7uek]
- igb: Fix not clearing TimeSync interrupts for 82580 (Daiwei Li)
- VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (David Fernandez Gonzalez) [Orabug: 37037205] {CVE-2024-46738}
- x86/speculation: Basic IBRS is enabled with AMD Automatic IBRS (Alexandre Chartre) [Orabug: 37044540]

[5.4.17-2136.336.3.el7uek]
- Compiler Attributes: Add __uninitialized macro (Heiko Carstens)
- filelock: Correct the filelock owner in fcntl_setlk/fcntl_setlk64 (Long Li)
- ALSA: timer: Relax start tick time check for slave timer elements (Takashi Iwai)
- ALSA: hda/realtek: Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (Parsa Poorshikhian)
- LTS tag: v5.4.282 (Sherry Yang)
- media: Revert "media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()" (Sean Young)
- ARM: dts: imx6qdl-kontron-samx6i: fix phy-mode (Michael Walle)
- nvme/pci: Add APST quirk for Lenovo N60z laptop (WangYuli)
- exec: Fix ToCToU between perm check and set-uid/gid usage (Kees Cook) [Orabug: 36984017] {CVE-2024-43882}
- media: uvcvideo: Use entity get_cur in uvc_ctrl_set (Yunke Cao)
- arm64: cpufeature: Fix the visibility of compat hwcaps (Amit Daniel Kachhap)
- drm/i915/gem: Fix Virtual Memory mapping boundaries calculation (Andi Shyti) [Orabug: 36953969] {CVE-2024-42259}
- netfilter: nf_tables: prefer nft_chain_validate (Florian Westphal) [Orabug: 36896846] {CVE-2024-41042}
- netfilter: nf_tables: use timestamp to check for set element timeout (Pablo Neira Ayuso) [Orabug: 36630432] {CVE-2024-27397}
- netfilter: nf_tables: set element extended ACK reporting support (Pablo Neira Ayuso)
- kbuild: Fix '-S -c' in x86 stack protector scripts (Nathan Chancellor)
- Fix gcc 4.9 build issue in 5.4.y (Jari Ruusu)
- drm/mgag200: Set DDC timeout in milliseconds (Thomas Zimmermann)
- drm/bridge: analogix_dp: properly handle zero sized AUX transactions (Lucas Stach)
- x86/mtrr: Check if fixed MTRRs exist before saving them (Andi Kleen) [Orabug: 37028936] {CVE-2024-44948}
- tracing: Fix overflow in get_free_elt() (Tze-nan Wu) [Orabug: 36992998] {CVE-2024-43890}
- power: supply: axp288_charger: Round constant_charge_voltage writes down (Hans de Goede)
- power: supply: axp288_charger: Fix constant_charge_voltage writes (Hans de Goede)
- genirq/irqdesc: Honor caller provided affinity in alloc_desc() (Shay Drory)
- serial: core: check uartclk for zero to avoid divide by zero (George Kennedy) [Orabug: 36993009] {CVE-2024-43893}
- scsi: mpt3sas: Avoid IOMMU page faults on REPORT ZONES (Damien Le Moal)
- ntp: Safeguard against time_constant overflow (Justin Stitt)
- ntp: Clamp maxerror and esterror to operating range (Justin Stitt)
- tick/broadcast: Move per CPU pointer access into the atomic section (Thomas Gleixner) [Orabug: 37036032] {CVE-2024-44968}
- scsi: ufs: core: Fix hba->last_dme_cmd_tstamp timestamp updating logic (Vamshi Gajjela)
- usb: gadget: core: Check for unset descriptor (Chris Wulff) [Orabug: 37028988] {CVE-2024-44960}
- USB: serial: debug: do not echo input by default (Marek Marczykowski-Górecki)
- usb: vhci-hcd: Do not drop references before new references are gained (Oliver Neukum) [Orabug: 36992971] {CVE-2024-43883}
- ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (Takashi Iwai)
- ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (Steven 'Steve' Kendall)
- ALSA: line6: Fix racy access to midibuf (Takashi Iwai) [Orabug: 37028957] {CVE-2024-44954}
- drm/client: fix null pointer dereference in drm_client_modeset_probe (Ma Ke) [Orabug: 36993014] {CVE-2024-43894}
- spi: spi-fsl-lpspi: Fix scldiv calculation (Stefan Wahren)
- spi: fsl-lpspi: remove unneeded array (Oleksandr Suvorov)
- bpf: kprobe: remove unused declaring of bpf_kprobe_override (Menglong Dong)
- i2c: smbus: Send alert notifications to all devices if source not found (Guenter Roeck)
- i2c: smbus: Improve handling of stuck alerts (Guenter Roeck)
- i2c: smbus: Don't filter out duplicate alerts (Corey Minyard)
- arm64: errata: Expand speculative SSBS workaround (again) (Mark Rutland)
- arm64: cputype: Add Cortex-A725 definitions (Mark Rutland)
- arm64: cputype: Add Cortex-X1C definitions (Mark Rutland)
- arm64: errata: Expand speculative SSBS workaround (Mark Rutland)
- arm64: errata: Unify speculative SSBS errata logic (Mark Rutland)
- arm64: cputype: Add Cortex-X925 definitions (Mark Rutland)
- arm64: cputype: Add Cortex-A720 definitions (Mark Rutland)
- arm64: cputype: Add Cortex-X3 definitions (Mark Rutland)
- arm64: errata: Add workaround for Arm errata 3194386 and 3312417 (Mark Rutland)
- arm64: cputype: Add Neoverse-V3 definitions (Mark Rutland)
- arm64: cputype: Add Cortex-X4 definitions (Mark Rutland)
- arm64: Add Neoverse-V2 part (Besar Wicaksono)
- arm64: cpufeature: Force HWCAP to be based on the sysreg visible to user-space (James Morse)
- ext4: fix wrong unit use in ext4_mb_find_by_goal (Kemeng Shi)
- SUNRPC: Fix a race to wake a sync task (Benjamin Coddington)
- s390/sclp: Prevent release of buffer in I/O (Peter Oberparleiter) [Orabug: 37029020] {CVE-2024-44969}
- jbd2: avoid memleak in jbd2_journal_write_metadata_buffer (Kemeng Shi)
- media: uvcvideo: Fix the bandwdith quirk on USB 3.x (Michal Pecio)
- media: uvcvideo: Ignore empty TS packets (Ricardo Ribalda)
- drm/amdgpu: Fix the null pointer dereference to ras_manager (Ma Jun) [Orabug: 36993084] {CVE-2024-43908}
- btrfs: fix bitmap leak when loading free space cache on duplicate entry (Filipe Manana)
- wifi: nl80211: don't give key data to userspace (Johannes Berg)
- udf: prevent integer overflow in udf_bitmap_free_blocks() (Roman Smirnov)
- PCI: Add Edimax Vendor ID to pci_ids.h (FUJITA Tomonori)
- selftests/bpf: Fix send_signal test with nested CONFIG_PARAVIRT (Yonghong Song)
- ACPI: SBS: manage alarm sysfs attribute through psy core (Thomas Weißschuh)
- ACPI: battery: create alarm sysfs attribute atomically (Thomas Weißschuh)
- clocksource/drivers/sh_cmt: Address race condition for clock events (Niklas Söderlund)
- md/raid5: avoid BUG_ON() while continue reshape after reassembling (Yu Kuai) [Orabug: 36993127] {CVE-2024-43914}
- net: fec: Stop PPS on driver remove (Csókás, Bence)
- Bluetooth: l2cap: always unlock channel in l2cap_conless_channel() (Dmitry Antipov)
- net: linkwatch: use system_unbound_wq (Eric Dumazet)
- net: usb: qmi_wwan: fix memory leak for not ip packets (Daniele Palmas) [Orabug: 36983959] {CVE-2024-43861}
- sctp: Fix null-ptr-deref in reuseport_add_sock(). (Kuniyuki Iwashima) [Orabug: 36993147] {CVE-2024-44935}
- sctp: move hlist_node and hashent out of sctp_ep_common (Xin Long)
- x86/mm: Fix pti_clone_pgtable() alignment assumption (Peter Zijlstra) [Orabug: 37029012] {CVE-2024-44965}
- irqchip/mbigen: Fix mbigen node address layout (Yipeng Zou)
- genirq: Allow irq_chip registration functions to take a const irq_chip (Marc Zyngier)
- netfilter: ipset: Add list flush to cancel_gc (Alexander Maltsev)
- net: usb: sr9700: fix uninitialized variable use in sr_mdio_read (Ma Ke)
- ALSA: usb-audio: Correct surround channels in UAC1 channel map (Takashi Iwai)
- protect the fetch of ->fd[fd] in do_dup2() from mispredictions (Al Viro) [Orabug: 36963808] {CVE-2024-42265}
- HID: wacom: Modify pen IDs (Tatsunosuke Tobita)
- ipv6: fix ndisc_is_useropt() handling for PIO (Maciej Żenczykowski)
- net/mlx5e: Add a check for the return value from mlx5_port_set_eth_ptys (Shahar Shitrit)
- net/iucv: fix use after free in iucv_sock_close() (Alexandra Winter) [Orabug: 36964006] {CVE-2024-42271}
- drm/vmwgfx: Fix overlay when using Screen Targets (Ian Forbes)
- drm/nouveau: prime: fix refcount underflow (Danilo Krummrich) [Orabug: 36983979] {CVE-2024-43867}
- remoteproc: imx_rproc: Skip over memory region when node value is NULL (Aleksandr Mishin) [Orabug: 36964537] {CVE-2024-43860}
- remoteproc: imx_rproc: Fix ignoring mapping vdev regions (Dong Aisheng)
- remoteproc: imx_rproc: ignore mapping vdev regions (Peng Fan)
- irqchip/imx-irqsteer: Handle runtime power management correctly (Shenwei Wang) [Orabug: 36964085] {CVE-2024-42290}
- irqchip/imx-irqsteer: Add runtime PM support (Lucas Stach)
- irqchip/imx-irqsteer: Constify irq_chip struct (Lucas Stach)
- genirq: Allow the PM device to originate from irq domain (Marc Zyngier)
- devres: Fix memory leakage caused by driver API devm_free_percpu() (Zijun Hu) [Orabug: 36983991] {CVE-2024-43871}
- driver core: Cast to (void *) with __force for __percpu pointer (Andy Shevchenko)
- dev/parport: fix the array out-of-bounds risk (tuhaowen) [Orabug: 36964223] {CVE-2024-42301}
- parport: Standardize use of printmode (Joe Perches)
to pr_( (Joe Perches)
- PCI: rockchip: Use GPIOD_OUT_LOW flag while requesting ep_gpio (Manivannan Sadhasivam)
- PCI: rockchip: Make 'ep-gpios' DT property optional (Chen-Yu Tsai)
- mm: avoid overflows in dirty throttling logic (Jan Kara) [Orabug: 36897803] {CVE-2024-42131}
- nvme-pci: add missing condition check for existence of mapped data (Leon Romanovsky) [Orabug: 36964022] {CVE-2024-42276}
- ASoC: Intel: use soc_intel_is_byt_cr() only when IOSF_MBI is reachable (Pierre-Louis Bossart)
- ASoC: Intel: Move soc_intel_is_foo() helpers to a generic header (Hans de Goede)
- ASoC: Intel: Convert to new X86 CPU match macros (Thomas Gleixner)
- powerpc: fix a file leak in kvm_vcpu_ioctl_enable_cap() (Al Viro)
- apparmor: Fix null pointer deref when receiving skb during sock creation (Xiao Liang)
- mISDN: Fix a use after free in hfcmulti_tx() (Dan Carpenter) [Orabug: 36964032] {CVE-2024-42280}
- bpf: Fix a segment issue when downgrading gso_size (Fred Li) [Orabug: 36964038] {CVE-2024-42281}
- net: nexthop: Initialize all fields in dumped nexthops (Petr Machata) [Orabug: 36964044] {CVE-2024-42283}
- tipc: Return non-zero value from tipc_udp_addr2str() on error (Shigeru Yoshida) [Orabug: 36964047] {CVE-2024-42284}
- net: bonding: correctly annotate RCU in bond_should_notify_peers() (Johannes Berg)
- ipv4: Fix incorrect source address in Record Route option (Ido Schimmel)
- MIPS: SMP-CPS: Fix address for GCR_ACCESS register for CM3 and later (Gregory CLEMENT)
- dma: fix call order in dmam_free_coherent (Lance Richardson) [Orabug: 36964523] {CVE-2024-43856}
- libbpf: Fix no-args func prototype BTF dumping syntax (Andrii Nakryiko)
- um: time-travel: fix time-travel-start option (Johannes Berg)
- jfs: Fix array-index-out-of-bounds in diFree (Jeongjun Park) [Orabug: 36964530] {CVE-2024-43858}
- kdb: address -Wformat-security warnings (Arnd Bergmann)
- nilfs2: handle inconsistent state in nilfs_btnode_create_block() (Ryusuke Konishi) [Orabug: 36964203] {CVE-2024-42295}
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x13d3:0x3591 (WangYuli)
- Bluetooth: btusb: Add RTL8852BE device 0489:e125 to device tables (Hilda Wu)
- rbd: don't assume RBD_LOCK_STATE_LOCKED for exclusive mappings (Ilya Dryomov)
- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (Ilya Dryomov)
- drm/panfrost: Mark simple_ondemand governor as softdep (Dragan Simic)
- rbd: don't assume rbd_is_lock_owner() for exclusive mappings (Ilya Dryomov)
- selftests/sigaltstack: Fix ppc64 GCC build (Michael Ellerman)
- RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (Bart Van Assche) [Orabug: 36964054] {CVE-2024-42285}
- platform: mips: cpu_hwmon: Disable driver on unsupported hardware (Jiaxun Yang)
- watchdog/perf: properly initialize the turbo mode timestamp and rearm counter (Thomas Gleixner)
- rtc: isl1208: Fix return value of nvmem callbacks (Joy Chakraborty)
- perf/x86/intel/pt: Fix a topa_entry base address calculation (Adrian Hunter)
- perf/x86/intel/pt: Fix topa_entry base length (Marco Cavenati)
- scsi: qla2xxx: validate nvme_local_port correctly (Nilesh Javali) [Orabug: 36964059] {CVE-2024-42286}
- scsi: qla2xxx: Complete command early within lock (Shreyas Deodhar) [Orabug: 36964065] {CVE-2024-42287}
- scsi: qla2xxx: Fix for possible memory corruption (Shreyas Deodhar) [Orabug: 36964070] {CVE-2024-42288}
- scsi: qla2xxx: During vport delete send async logout explicitly (Manish Rangankar) [Orabug: 36964080] {CVE-2024-42289}
- rtc: cmos: Fix return value of nvmem callbacks (Joy Chakraborty)
- kobject_uevent: Fix OOB access within zap_modalias_env() (Zijun Hu) [Orabug: 36964092] {CVE-2024-42292}
- decompress_bunzip2: fix rare decompression failure (Ross Lagerwall)
- ubi: eba: properly rollback inside self_check_eba (Fedor Pchelkin)
- clk: davinci: da8xx-cfgchip: Initialize clk_init_data before use (Bastien Curutchet)
- f2fs: fix to don't dirty inode for readonly filesystem (Chao Yu) [Orabug: 36964213] {CVE-2024-42297}
- scsi: qla2xxx: Return ENOBUFS if sg_cnt is more than one for ELS cmds (Saurav Kashyap)
- binder: fix hang of unregistered readers (Carlos Llamas)
- PCI: hv: Return zero, not garbage, when reading PCI_INTERRUPT_PIN (Wei Liu)
- hwrng: amd - Convert PCIBIOS_* return codes to errnos (Ilpo Järvinen)
- tools/memory-model: Fix bug in lock.cat (Alan Stern)
- leds: ss4200: Convert PCIBIOS_* return codes to errnos (Ilpo Järvinen)
- wifi: mwifiex: Fix interface type change (Rafael Beims)
- ext4: make sure the first directory block is not a hole (Baokun Li) [Orabug: 36964232] {CVE-2024-42304}
- ext4: check dot and dotdot of dx_root before making dir indexed (Baokun Li) [Orabug: 36964237] {CVE-2024-42305}
- m68k: amiga: Turn off Warp1260 interrupts during boot (Paolo Pisati)
- udf: Avoid using corrupted block bitmap buffer (Jan Kara) [Orabug: 36964242] {CVE-2024-42306}
- drm/amd/display: Check for NULL pointer (Sung Joon Kim) [Orabug: 36964247] {CVE-2024-42308}
- drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes (Ma Ke) [Orabug: 36964253] {CVE-2024-42309}
- drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes (Ma Ke) [Orabug: 36964260] {CVE-2024-42310}
- hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (Chao Yu) [Orabug: 36964265] {CVE-2024-42311}
- media: venus: fix use after free in vdec_close (Dikshita Agarwal) [Orabug: 36964275] {CVE-2024-42313}
- char: tpm: Fix possible memory leak in tpm_bios_measurements_open() (Joe Hattori)
- ipv6: take care of scope when choosing the src addr (Nicolas Dichtel)
- af_packet: Handle outgoing VLAN packets without hardware offloading (Chengen Du)
- net: netconsole: Disable target before netpoll cleanup (Breno Leitao)
- tick/broadcast: Make takeover of broadcast hrtimer reliable (Yu Liao)
- rtc: interface: Add RTC offset to alarm after fix-up (Csókás, Bence)
- nilfs2: avoid undefined behavior in nilfs_cnt32_ge macro (Ryusuke Konishi)
- fs/nilfs2: remove some unused macros to tame gcc (Alex Shi)
- pinctrl: freescale: mxs: Fix refcount of child (Peng Fan)
- netfilter: ctnetlink: use helper function to calculate expect ID (Pablo Neira Ayuso) [Orabug: 37013755] {CVE-2024-44944}
- bnxt_re: Fix imm_data endianness (Jack Wang)
- macintosh/therm_windtunnel: fix module unload. (Nick Bowler)
- powerpc/xmon: Fix disassembly CPU feature checks (Michael Ellerman)
- Input: elan_i2c - do not leave interrupt disabled on suspend failure (Dmitry Torokhov)
- RDMA/device: Return error earlier if port in not valid (Leon Romanovsky)
- mtd: make mtd_test.c a separate module (Arnd Bergmann)
- ASoC: max98088: Check for clk_prepare_enable() error (Chen Ni)
- RDMA/rxe: Don't set BTH_ACK_MASK for UC or UD QPs (Honggang LI)
- RDMA/mlx4: Fix truncated output warning in alias_GUID.c (Leon Romanovsky)
- RDMA/mlx4: Fix truncated output warning in mad.c (Leon Romanovsky)
- Input: qt1050 - handle CHIP_ID reading error (Andrei Lalaev)
- PCI: Fix resource double counting on remove & rescan (Ilpo Järvinen)
- SUNRPC: Fixup gss_status tracepoint error output (Benjamin Coddington)
- sparc64: Fix incorrect function signature and add prototype for prom_cif_init (Andreas Larsson)
- ext4: avoid writing unitialized memory to disk in EA inodes (Jan Kara)
- SUNRPC: avoid soft lockup when transmitting UDP to reachable server. (NeilBrown)
- mfd: omap-usb-tll: Use struct_size to allocate tll (Javier Carrasco)
- drm/qxl: Add check for drm_cvt_mode (Chen Ni) [Orabug: 36964456] {CVE-2024-43829}
- drm/etnaviv: fix DMA direction handling for cached RW buffers (Lucas Stach)
- perf report: Fix condition in sort__sym_cmp() (Namhyung Kim)
- leds: trigger: Unregister sysfs attributes before calling deactivate() (Hans de Goede) [Orabug: 36964459] {CVE-2024-43830}
- media: renesas: vsp1: Store RPF partition configuration per RPF instance (Laurent Pinchart)
- media: renesas: vsp1: Fix _irqsave and _irq mix (Laurent Pinchart)
- media: uvcvideo: Override default flags (Daniel Schaefer)
- media: uvcvideo: Allow entity-defined get_info and get_cur (Ricardo Ribalda)
- saa7134: Unchecked i2c_transfer function result fixed (Aleksandr Burakov)
- media: imon: Fix race getting ictx->lock (Ricardo Ribalda)
- media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control() (Zheng Yejian)
- USB: move snd_usb_pipe_sanity_check into the USB core (Greg Kroah-Hartman)
- selftests: forwarding: devlink_lib: Wait for udev events after reloading (Amit Cohen)
- bna: adjust 'name' buf size of bna_tcb and bna_ccb structures (Alexey Kodanev) [Orabug: 36964480] {CVE-2024-43839}
- wifi: virt_wifi: don't use strlen() in const context (Johannes Berg)
- gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (Gaosheng Cui)
- wifi: virt_wifi: avoid reporting connection success with wrong SSID (En-Wei Wu) [Orabug: 36964487] {CVE-2024-43841}
- qed: Improve the stack space of filter_config() (Shai Malin)
- perf: Prevent passing zero nr_pages to rb_alloc_aux() (Adrian Hunter)
- perf: Fix perf_aux_size() for greater-than 32-bit size (Adrian Hunter)
- perf/x86/intel/pt: Fix pt_topa_entry_for_page() address calculation (Adrian Hunter)
- netfilter: nf_tables: rise cap on SELinux secmark context (Pablo Neira Ayuso)
- net: fec: Fix FEC_ECR_EN1588 being cleared on link-down (Csókás, Bence)
- net: fec: Refactor: #define magic constants (Csókás Bence)
- wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (Baochen Qiang) [Orabug: 36984010] {CVE-2024-43879}
- wifi: cfg80211: fix typo in cfg80211_calculate_bitrate_he() (Baochen Qiang)
- mlxsw: spectrum_acl_erp: Fix object nesting warning (Ido Schimmel) [Orabug: 36984013] {CVE-2024-43880}
- lib: objagg: Fix general protection fault (Ido Schimmel) [Orabug: 36964495] {CVE-2024-43846}
- selftests/bpf: Check length of recv in test_sockmap (Geliang Tang)
- net/smc: set rmb's SG_MAX_SINGLE_ALLOC limitation only when CONFIG_ARCH_NO_SG_CHAIN is defined (Guangguan Wang)
- net/smc: Allow SMC-D 1MB DMB allocations (Stefan Raspl)
- wifi: brcmsmac: LCN PHY code is used for BCM4313 2G-only device (Samasth Norway Ananda)
- firmware: turris-mox-rwtm: Initialize completion before mailbox (Marek Behún)
- firmware: turris-mox-rwtm: Fix checking return value of wait_for_completion_timeout() (Marek Behún)
- m68k: cmpxchg: Fix return value for default case in __arch_xchg() (Thorsten Blum)
- x86/xen: Convert comma to semicolon (Chen Ni)
- m68k: atari: Fix TT bootup freeze / unexpected (SCU) interrupt messages (Eero Tamminen)
- arm64: dts: amlogic: gx: correct hdmi clocks (Jerome Brunet)
- arm64: dts: mediatek: mt7622: fix "emmc" pinctrl mux (Rafał Miłecki)
- ARM: dts: imx6qdl-kontron-samx6i: fix PCIe reset polarity (Michael Walle)
- ARM: dts: imx6qdl-kontron-samx6i: fix board reset (Michael Walle)
- ARM: dts: imx6qdl-kontron-samx6i: fix PHY reset (Michael Walle)
- ARM: dts: imx6qdl-kontron-samx6i: move phy reset into phy-node (Marco Felsch)
- arm64: dts: rockchip: Increase VOP clk rate on RK3328 (Jonas Karlman)
- arm64: dts: qcom: msm8996: specify UFS core_clk frequencies (Dmitry Baryshkov)
- arm64: dts: qcom: sdm845: add power-domain to UFS PHY (Dmitry Baryshkov)
- hwmon: (max6697) Fix swapped temp{1,8} critical alarms (Guenter Roeck)
- hwmon: (max6697) Fix underflow when writing limit attributes (Guenter Roeck)
- pwm: stm32: Always do lazy disabling (Uwe Kleine-König)
- hwmon: (adt7475) Fix default duty on fan is disabled (Wayne Tung)
- x86/platform/iosf_mbi: Convert PCIBIOS_* return codes to errnos (Ilpo Järvinen)
- x86/pci/xen: Fix PCIBIOS_* return code handling (Ilpo Järvinen)
- x86/pci/intel_mid_pci: Fix PCIBIOS_* return code handling (Ilpo Järvinen)
- x86/of: Return consistent error type from x86_of_pci_irq_enable() (Ilpo Järvinen)
- hfsplus: fix to avoid false alarm of circular locking (Chao Yu)
- platform/chrome: cros_ec_debugfs: fix wrong EC message version (Tzung-Bi Shih)
- LTS tag: v5.4.281 (Sherry Yang)
- tap: add missing verification for short frame (Si-Wei Liu) [Orabug: 36660755] {CVE-2024-41090}
- tun: add missing verification for short frame (Dongli Zhang) [Orabug: 36660755] {CVE-2024-41091}
- filelock: Fix fcntl/close race recovery compat path (Jann Horn) [Orabug: 36896789] {CVE-2024-41020} {CVE-2024-41012}
- ALSA: hda/realtek: Enable headset mic on Positivo SU C1400 (Edson Juliano Drosdeck)
- jfs: don't walk off the end of ealist (lei lu) [Orabug: 36891667] {CVE-2024-41017}
- ocfs2: add bounds checking to ocfs2_check_dir_entry() (lei lu) [Orabug: 36891655] {CVE-2024-41015}
- ACPI: processor_idle: Fix invalid comparison with insertion sort for latency (Kuan-Wei Chiu)
- ARM: 9324/1: fix get_user() broken with veneer (Masahiro Yamada)
- hfsplus: fix uninit-value in copy_name (Edward Adam Davis) [Orabug: 36896969] {CVE-2024-41059}
- selftests/vDSO: fix clang build errors and warnings (John Hubbard)
- spi: imx: Don't expect DMA for i.MX{25,35,50,51,53} cspi devices (Uwe Kleine-König)
- fs: better handle deep ancestor chains in is_subdir() (Christian Brauner)
- Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (Tetsuo Handa) [Orabug: 36896994] {CVE-2024-41063}
- scsi: libsas: Fix exp-attached device scan after probe failure scanned in again after probe failed (Xingui Yang)
- powerpc/eeh: avoid possible crash when edev->pdev changes (Ganesh Goudar) [Orabug: 36897003] {CVE-2024-41064}
- powerpc/pseries: Whitelist dtl slub object for copying to userspace (Anjali K) [Orabug: 36897009] {CVE-2024-41065}
- net: mac802154: Fix racy device stats updates by DEV_STATS_INC() and DEV_STATS_ADD() (Yunshui Jiang)
- net: usb: qmi_wwan: add Telit FN912 compositions (Daniele Palmas)
- ALSA: dmaengine_pcm: terminate dmaengine before synchronize (Shengjiu Wang)
- s390/sclp: Fix sclp_init() cleanup on failure (Heiko Carstens) [Orabug: 36897032] {CVE-2024-41068}
- can: kvaser_usb: fix return value for hif_usb_send_regout (Chen Ni)
- ASoC: ti: omap-hdmi: Fix too long driver name (Primoz Fiser)
- ASoC: ti: davinci-mcasp: Set min period size using FIFO config (Jai Luthra)
- bytcr_rt5640 : inverse jack detect for Archos 101 cesium (Thomas GENTY)
- Input: elantech - fix touchpad state on resume for Lenovo N24 (Jonathan Denose)
- mips: fix compat_sys_lseek syscall (Arnd Bergmann)
- ALSA: hda/realtek: Add more codec ID to no shutup pins list (Kailang Yang)
- KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (Michael Ellerman) [Orabug: 36897048] {CVE-2024-41070}
- wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (Dmitry Antipov) [Orabug: 36897312] {CVE-2024-41072}
- mei: demote client disconnect warning on suspend to debug (Alexander Usyskin)
- fs/file: fix the check in find_next_fd() (Yuntao Wang)
- kconfig: remove wrong expr_trans_bool() (Masahiro Yamada)
- kconfig: gconf: give a proper initial state to the Save button (Masahiro Yamada)
- ila: block BH in ila_output() (Eric Dumazet) [Orabug: 36897360] {CVE-2024-41081}
- Input: silead - Always support 10 fingers (Hans de Goede)
- wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan() (Dmitry Antipov)
- wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata (Nicolas Escande)
- ACPI: EC: Avoid returning AE_OK on errors in address space handler (Armin Wolf)
- ACPI: EC: Abort address space access upon error (Armin Wolf)
- scsi: qedf: Set qed_slowpath_params to zero before use (Saurav Kashyap)
- filelock: Remove locks reliably when fcntl/close race is detected (Jann Horn) [Orabug: 36874758] {CVE-2024-41012} {CVE-2024-41020}
- gcc-plugins: Rename last_stmt() for GCC 14+ (Kees Cook)

[5.4.17-2136.336.2.el7uek]
- mm: Only enable HVO under UEK6 for Exadata system (Jane Chu) [Orabug: 36990830]
- mm: delete redundent old PageCompound() macro (Jane Chu) [Orabug: 36990830]

[5.4.17-2136.336.1.el7uek]
- mm/hwpoison: put page in already hwpoisoned case with MF_COUNT_INCREASED (Naoya Horiguchi) [Orabug: 36947110]
- mm/memory-failure: send SIGBUS in the event of thp split fail (Jane Chu) [Orabug: 36947110]
- mm/memory-failure: move hwpoison_filter() higher up (Jane Chu) [Orabug: 36947110]
- mm/memory-failure: improve memory failure action_result messages (Jane Chu) [Orabug: 36947110]
- mm/madvise: add MF_ACTION_REQUIRED to madvise(MADV_HWPOISON) (Jane Chu) [Orabug: 36947110]
- mm/memory-failure: try to send SIGBUS even if unmap failed (Jane Chu) [Orabug: 36947110]
- mm: memory-failure: cleanup try_to_split_thp_page() (Kefeng Wang) [Orabug: 36947110]
- mm,hwpoison: introduce MF_MSG_UNSPLIT_THP (Naoya Horiguchi) [Orabug: 36947110]
- KVM/x86: Do not clear SIPI while in SMM (Boris Ostrovsky) [Orabug: 36401960]



ELSA-2024-12779 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update (aarch64)


Oracle Linux Security Advisory ELSA-2024-12779

http://linux.oracle.com/errata/ELSA-2024-12779.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
kernel-uek-4.14.35-2047.541.4.1.el7uek.aarch64.rpm
kernel-uek-debug-4.14.35-2047.541.4.1.el7uek.aarch64.rpm
kernel-uek-debug-devel-4.14.35-2047.541.4.1.el7uek.aarch64.rpm
kernel-uek-devel-4.14.35-2047.541.4.1.el7uek.aarch64.rpm
kernel-uek-tools-4.14.35-2047.541.4.1.el7uek.aarch64.rpm
kernel-uek-tools-libs-4.14.35-2047.541.4.1.el7uek.aarch64.rpm
kernel-uek-tools-libs-devel-4.14.35-2047.541.4.1.el7uek.aarch64.rpm
perf-4.14.35-2047.541.4.1.el7uek.aarch64.rpm
python-perf-4.14.35-2047.541.4.1.el7uek.aarch64.rpm
kernel-uek-headers-4.14.35-2047.541.4.1.el7uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//kernel-uek-4.14.35-2047.541.4.1.el7uek.src.rpm

Related CVEs:

CVE-2022-3566
CVE-2022-3567
CVE-2023-52803
CVE-2024-36894
CVE-2024-36905
CVE-2024-37078
CVE-2024-38619
CVE-2024-39469
CVE-2024-39487
CVE-2024-39499
CVE-2024-39501
CVE-2024-39509
CVE-2024-40901
CVE-2024-40902
CVE-2024-40904
CVE-2024-40912
CVE-2024-40932
CVE-2024-40941
CVE-2024-40942
CVE-2024-40943
CVE-2024-40959
CVE-2024-40974
CVE-2024-40978
CVE-2024-40981
CVE-2024-40987
CVE-2024-40988
CVE-2024-41006
CVE-2024-41034
CVE-2024-41035
CVE-2024-41044
CVE-2024-41046
CVE-2024-41089
CVE-2024-41095
CVE-2024-41097
CVE-2024-42070
CVE-2024-42084
CVE-2024-42089
CVE-2024-42090
CVE-2024-42094
CVE-2024-42096
CVE-2024-42097
CVE-2024-42101
CVE-2024-42104
CVE-2024-42105
CVE-2024-42106
CVE-2024-42115
CVE-2024-42143
CVE-2024-42145
CVE-2024-42148
CVE-2024-42153
CVE-2024-42154
CVE-2024-42157
CVE-2024-42223
CVE-2024-42224
CVE-2024-42232
CVE-2024-42236
CVE-2024-44952
CVE-2024-46738

Description of changes:

[4.14.35-2047.541.4.1.el7uek]
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (Haoran Zhang) [Orabug: 37137499]

[4.14.35-2047.541.4.el7uek]
- selftests: make order checking verbose in msg_zerocopy selftest (Zijian Zhang) [Orabug: 37063821]
- selftests: fix OOM in msg_zerocopy selftest (Zijian Zhang) [Orabug: 37063821]
- Revert "selftests/net: reap zerocopy completions passed up as ancillary data." (Harshit Mogalapalli) [Orabug: 37063821]
- Revert "selftests: fix OOM in msg_zerocopy selftest" (Harshit Mogalapalli) [Orabug: 37063821]
- Revert "selftests: make order checking verbose in msg_zerocopy selftest" (Harshit Mogalapalli) [Orabug: 37063821]

[4.14.35-2047.541.3.el7uek]
- ALSA: timer: Relax start tick time check for slave timer elements (Takashi Iwai)
- driver core: Fix uevent_show() vs driver detach race (Dan Williams) [Orabug: 37029154] {CVE-2024-44952}
- VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (David Fernandez Gonzalez) [Orabug: 37037206] {CVE-2024-46738}

[4.14.35-2047.541.2.el7uek]
- Revert "selftests/mm: conform test to TAP format output" (Samasth Norway Ananda) [Orabug: 36997529]
- Revert "selftests/kcmp: Make the test output consistent and clear" (Samasth Norway Ananda) [Orabug: 36997529]

[4.14.35-2047.541.1.el7uek]
- LTS version v4.14.351 (Yifei Liu)
- i2c: rcar: bring hardware to known state when probing (Wolfram Sang)
- nilfs2: fix kernel bug on rename operation of broken directory (Ryusuke Konishi) [Orabug: 36896822] {CVE-2024-41034}
- tcp: use signed arithmetic in tcp_rtx_probe0_timed_out() (Eric Dumazet)
- libceph: fix race between delayed_work() and ceph_monc_stop() (Ilya Dryomov) [Orabug: 36930130] {CVE-2024-42232}
- hpet: Support 32-bit userspace (He Zhe)
- USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (Alan Stern) [Orabug: 36896827] {CVE-2024-41035}
- usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() (Lee Jones) [Orabug: 36930140] {CVE-2024-42236}
- USB: Add USB_QUIRK_NO_SET_INTF quirk for START BP-850k (WangYuli)
- USB: serial: option: add Rolling RW350-GL variants (Vanillan Wang)
- USB: serial: option: add Netprisma LCUK54 series modules (Mank Wang)
- USB: serial: option: add support for Foxconn T99W651 (Slark Xiao)
- USB: serial: option: add Fibocom FM350-GL (Bjørn Mork)
- USB: serial: option: add Telit FN912 rmnet compositions (Daniele Palmas)
- USB: serial: option: add Telit generic core-dump composition (Daniele Palmas)
- ARM: davinci: Convert comma to semicolon (Chen Ni)
- ppp: reject claimed-as-LCP but actually malformed packets (Dmitry Antipov) [Orabug: 36896857] {CVE-2024-41044}
- net: ethernet: lantiq_etop: fix double free in detach (Aleksander Jan Bajkowski) [Orabug: 36896864] {CVE-2024-41046}
- net: lantiq_etop: add blank line after declaration (Aleksander Jan Bajkowski)
- tcp: fix incorrect undo caused by DSACK of TLP retransmit (Neal Cardwell)
- nilfs2: fix incorrect inode allocation from reserved inodes (Ryusuke Konishi)
- i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr (Piotr Wojtaszczyk) [Orabug: 36897910] {CVE-2024-42153}
- i2c/busses: Convert timers to use timer_setup() (Kees Cook)
- i2c: pnx: move header into the driver (Wolfram Sang)
- media: dw2102: fix a potential buffer overflow (Mauro Carvalho Chehab)
- bnx2x: Fix multiple UBSAN array-index-out-of-bounds (Ghadi Elie Rahme) [Orabug: 36897887] {CVE-2024-42148}
- drm/amdgpu/atomfirmware: silence UBSAN warning (Alex Deucher)
- drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes (Ma Ke) [Orabug: 36897641] {CVE-2024-42101}
- fsnotify: Do not generate events for O_PATH file descriptors (Jan Kara)
- Bluetooth: Fix incorrect pointer arithmatic in ext_adv_report_evt (Jaganath Kanakkassery)
- mm: optimize the redundant loop of mm_update_owner_next() (Jinliang Zheng)
- nilfs2: add missing check for inode numbers on directory entries (Ryusuke Konishi) [Orabug: 36897653] {CVE-2024-42104}
- nilfs2: fix inode number range checks (Ryusuke Konishi) [Orabug: 36897659] {CVE-2024-42105}
- inet_diag: Initialize pad field in struct inet_diag_req_v2 (Shigeru Yoshida) [Orabug: 36897667] {CVE-2024-42106}
- selftests: make order checking verbose in msg_zerocopy selftest (Zijian Zhang)
- selftests: fix OOM in msg_zerocopy selftest (Zijian Zhang)
- selftests/net: reap zerocopy completions passed up as ancillary data. (Sowmini Varadhan)
- bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (Sam Sun) [Orabug: 36825249] {CVE-2024-39487}
- tcp_metrics: validate source addr length (Jakub Kicinski) [Orabug: 36897917] {CVE-2024-42154}
- UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (Neal Cardwell)
- s390/pkey: Wipe sensitive data on failure (Holger Dengler) [Orabug: 36897935] {CVE-2024-42157}
- jffs2: Fix potential illegal address access in jffs2_free_inode (Wang Yong) [Orabug: 36897698] {CVE-2024-42115}
- powerpc/xmon: Check cpu id in commands "c#", "dp#" and "dx#" (Greg Kurz)
- orangefs: fix out-of-bounds fsid access (Mike Marshall) [Orabug: 36897838] {CVE-2024-42143}
- powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n (Michael Ellerman)
- i2c: i801: Annotate apanel_addr as __ro_after_init (Heiner Kallweit)
- media: dvb-frontends: tda10048: Fix integer overflow (Ricardo Ribalda) [Orabug: 36897977] {CVE-2024-42223}
- media: s2255: Use refcount_t instead of atomic_t for num_channels (Ricardo Ribalda)
- media: dvb-frontends: tda18271c2dd: Remove casting during div (Ricardo Ribalda)
- net: dsa: mv88e6xxx: Correct check for empty list (Simon Horman) [Orabug: 36897983] {CVE-2024-42224}
- Input: ff-core - prefer struct_size over open coded arithmetic (Erick Archer)
- firmware: dmi: Stop decoding on broken entry (Jean Delvare)
- sctp: prefer struct_size over open coded arithmetic (Erick Archer)
- media: dw2102: Don't translate i2c read into write (Michael Bunk)
- IB/core: Implement a limit on UMAD receive List (Michael Guralnik) [Orabug: 36897848] {CVE-2024-42145}
- media: dvb-usb: dib0700_devices: Add missing release_firmware() (Ricardo Ribalda)
- media: dvb: as102-fe: Fix as10x_register_addr packing (Ricardo Ribalda)
- LTS version v4.14.350 (Yifei Liu)
- SUNRPC: Fix RPC client cleaned up the freed pipefs dentries (felix) [Orabug: 36940548] {CVE-2023-52803}
- arm64: dts: rockchip: Add sound-dai-cells for RK3368 (Alex Bee)
- tcp: Fix data races around icsk->icsk_af_ops. (Kuniyuki Iwashima) [Orabug: 34719867] {CVE-2022-3566}
- ipv6: Fix data races around sk->sk_prot. (Kuniyuki Iwashima) [Orabug: 34719907] {CVE-2022-3567}
- ipv6: annotate some data-races around sk->sk_prot (Eric Dumazet)
- pwm: stm32: Refuse too small period requests (Uwe Kleine-König)
- ftruncate: pass a signed offset (Arnd Bergmann) [Orabug: 36897559] {CVE-2024-42084}
- batman-adv: Don't accept TT entries for out-of-spec VIDs (Vegard Nossum)
- batman-adv: include gfp.h for GFP_* defines (Sven Eckelmann)
- drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes (Ma Ke) [Orabug: 36897381] {CVE-2024-41089}
- drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes (Ma Ke) [Orabug: 36897446] {CVE-2024-41095}
- hexagon: fix fadvise64_64 calling conventions (Arnd Bergmann)
- tty: mcf: MCF54418 has 10 UARTS (Jean-Michel Hautbois)
- usb: atm: cxacru: fix endpoint checking in cxacru_bind() (Nikita Zhandarovich) [Orabug: 36897452] {CVE-2024-41097}
- usb: musb: da8xx: fix a resource leak in probe() (Dan Carpenter)
- usb: gadget: printer: SS+ support (Oliver Neukum)
- net: usb: ax88179_178a: improve link status logs (Jose Ignacio Tornos Martinez)
- iio: adc: ad7266: Fix variable checking bug (Fernando Yang)
- mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos (Ilpo Järvinen)
- x86: stop playing stack games in profile_pc() (Linus Torvalds) [Orabug: 36897617] {CVE-2024-42096}
- i2c: ocores: set IACK bit after core is enabled (Grygorii Tertychnyi)
- i2c: ocores: stop transfer on timeout (Federico Vaga)
- nvme: fixup comment for nvme RDMA Provider Type (Hannes Reinecke)
- soc: ti: wkup_m3_ipc: Send NULL dummy message instead of pointer message (Andrew Davis)
- media: dvbdev: Initialize sbuf (Ricardo Ribalda)
- ALSA: emux: improve patch ioctl data validation (Oswald Buddenhagen) [Orabug: 36897626] {CVE-2024-42097}
- net/iucv: Avoid explicit cpumask var allocation on stack (Dawei Li) [Orabug: 36897609] {CVE-2024-42094}
- netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (Pablo Neira Ayuso) [Orabug: 36897501] {CVE-2024-42070}
- ASoC: fsl-asoc-card: set priv->pdev before using it (Elinor Montmasson) [Orabug: 36897579] {CVE-2024-42089}
- drm/amdgpu: fix UBSAN warning in kv_dpm.c (Alex Deucher) [Orabug: 36835993] {CVE-2024-40987}
- pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set (Huang-Huang Bao)
- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins (Huang-Huang Bao)
- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins (Huang-Huang Bao)
- pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (Hagar Hemdan) [Orabug: 36897587] {CVE-2024-42090}
- usb: xhci: do not perform Soft Retry for some xHCI hosts (Stanislaw Gruszka)
- xhci: Set correct transferred length for cancelled bulk transfers (Mathias Nyman)
- xhci: Use soft retry to recover faster from transaction errors (Mathias Nyman)
- usb: xhci: Remove ep_trb from xhci_cleanup_halted_endpoint() (Lu Baolu)
- scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory (Breno Leitao) [Orabug: 36835697] {CVE-2024-40901}
- scsi: mpt3sas: Gracefully handle online firmware update (Suganath Prabu)
logging macros (Joe Perches)
- iio: dac: ad5592r: fix temperature channel scaling value (Marc Ferland)
- iio: dac: ad5592r: un-indent code-block for scale read (Alexandru Ardelean)
- iio: dac: ad5592r-base: Replace indio_dev->mlock with own device lock (Sergiu Cuciurean)
- x86/amd_nb: Check for invalid SMN reads (Yazen Ghannam)
- PCI: Add PCI_ERROR_RESPONSE and related definitions (Naveen Naidu)
- ARM: dts: samsung: smdk4412: fix keypad no-autorepeat (Krzysztof Kozlowski)
- ARM: dts: samsung: exynos4412-origen: fix keypad no-autorepeat (Krzysztof Kozlowski)
- ARM: dts: samsung: smdkv310: fix keypad no-autorepeat (Krzysztof Kozlowski)
- gcov: add support for GCC 14 (Peter Oberparleiter)
- drm/radeon: fix UBSAN warning in kv_dpm.c (Alex Deucher) [Orabug: 36835998] {CVE-2024-40988}
- ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (Raju Rangoju)
- dmaengine: ioatdma: Fix missing kmem_cache_destroy() (Nikita Shubin)
- regulator: core: Fix modpost error "regulator_get_regmap" undefined (Biju Das)
- net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (Oliver Neukum)
- virtio_net: checksum offloading handling fix (Heng Qi)
- xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (Eric Dumazet) [Orabug: 36835853] {CVE-2024-40959}
- netrom: Fix a memory leak in nr_heartbeat_expiry() (Gavrilov Ilia) [Orabug: 36836088] {CVE-2024-41006}
- cipso: fix total option length computation (Ondrej Mosnacek)
- MIPS: Routerboard 532: Fix vendor retry check code (Ilpo Järvinen)
- udf: udftime: prevent overflow in udf_disk_stamp_to_time() (Roman Smirnov)
- udf: Simplify calls to udf_disk_stamp_to_time (Deepa Dinamani)
- udf: Sanitize nanoseconds for time stamps (Jan Kara)
- usb: misc: uss720: check for incompatible versions of the Belkin F5U002 (Alex Henrie)
- powerpc/io: Avoid clang null pointer arithmetic warnings (Michael Ellerman)
- powerpc/pseries: Enforce hcall result buffer validity and size (Nathan Lynch) [Orabug: 36835927] {CVE-2024-40974}
- scsi: qedi: Fix crash while reading debugfs attribute (Manish Rangankar) [Orabug: 36835948] {CVE-2024-40978}
- batman-adv: bypass empty buckets in batadv_purge_orig_ref() (Eric Dumazet) [Orabug: 36835967] {CVE-2024-40981}
- rcutorture: Fix rcu_torture_one_read() pipe_count overflow comment (Paul E. McKenney)
- usb-storage: alauda: Check whether the media is initialized (Shichao Lai) [Orabug: 36753735] {CVE-2024-38619}
- hugetlb_encode.h: fix undefined behaviour (34 sk_shutdown in sk_diag_fill(). (Kuniyuki Iwashima)
- af_unix: Use skb_queue_len_lockless() in sk_diag_show_rqlen(). (Kuniyuki Iwashima)
- af_unix: Use unix_recvq_full_lockless() in unix_stream_connect(). (Kuniyuki Iwashima)
- af_unix: Annotate data-race of net->unx.sysctl_max_dgram_qlen. (Kuniyuki Iwashima)
- af_unix: Annotate data-races around sk->sk_state in UNIX_DIAG. (Kuniyuki Iwashima)
- af_unix: Annotate data-races around sk->sk_state in sendmsg() and recvmsg(). (Kuniyuki Iwashima)
- af_unix: Annotate data-races around sk->sk_state in unix_write_space() and poll(). (Kuniyuki Iwashima)
- af_unix: Fix data races around sk->sk_shutdown. (Kuniyuki Iwashima)
- af_unix: Annotate data-race of sk->sk_state in unix_inq_len(). (Kuniyuki Iwashima)
- af_unix: Fix a data-race in unix_dgram_peer_wake_me(). (Kuniyuki Iwashima)
- af_unix: ensure POLLOUT on remote close() for connected dgram socket (Jason Baron)
- ptp: Fix error message on failed pin verification (Karol Kolacinski)
- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (Jason Xing)
- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (Eric Dumazet)
- wifi: iwlwifi: mvm: don't read past the mfuart notifcation (Emmanuel Grumbach) [Orabug: 36835809] {CVE-2024-40941}
- wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (Remi Pommarel) [Orabug: 36835736] {CVE-2024-40912}
- wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects (Nicolas Escande) [Orabug: 36835813] {CVE-2024-40942}
- tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (Eric Dumazet) [Orabug: 36683297] {CVE-2024-36905}
- Revert "tcp: remove redundant check on tskb" (Vegard Nossum)
- Revert "tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets" (Vegard Nossum)
- Revert "scsi: target: Fix SELinux error when systemd-modules loads the target module" (Vegard Nossum)



ELSA-2024-12779 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update


Oracle Linux Security Advisory ELSA-2024-12779

http://linux.oracle.com/errata/ELSA-2024-12779.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-4.14.35-2047.541.4.1.el7uek.x86_64.rpm
kernel-uek-debug-4.14.35-2047.541.4.1.el7uek.x86_64.rpm
kernel-uek-debug-devel-4.14.35-2047.541.4.1.el7uek.x86_64.rpm
kernel-uek-devel-4.14.35-2047.541.4.1.el7uek.x86_64.rpm
kernel-uek-tools-4.14.35-2047.541.4.1.el7uek.x86_64.rpm
kernel-uek-doc-4.14.35-2047.541.4.1.el7uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//kernel-uek-4.14.35-2047.541.4.1.el7uek.src.rpm

Related CVEs:

CVE-2022-3566
CVE-2022-3567
CVE-2023-52803
CVE-2024-36894
CVE-2024-36905
CVE-2024-37078
CVE-2024-38619
CVE-2024-39469
CVE-2024-39487
CVE-2024-39499
CVE-2024-39501
CVE-2024-39509
CVE-2024-40901
CVE-2024-40902
CVE-2024-40904
CVE-2024-40912
CVE-2024-40932
CVE-2024-40941
CVE-2024-40942
CVE-2024-40943
CVE-2024-40959
CVE-2024-40974
CVE-2024-40978
CVE-2024-40981
CVE-2024-40987
CVE-2024-40988
CVE-2024-41006
CVE-2024-41034
CVE-2024-41035
CVE-2024-41044
CVE-2024-41046
CVE-2024-41089
CVE-2024-41095
CVE-2024-41097
CVE-2024-42070
CVE-2024-42084
CVE-2024-42089
CVE-2024-42090
CVE-2024-42094
CVE-2024-42096
CVE-2024-42097
CVE-2024-42101
CVE-2024-42104
CVE-2024-42105
CVE-2024-42106
CVE-2024-42115
CVE-2024-42143
CVE-2024-42145
CVE-2024-42148
CVE-2024-42153
CVE-2024-42154
CVE-2024-42157
CVE-2024-42223
CVE-2024-42224
CVE-2024-42232
CVE-2024-42236
CVE-2024-44952
CVE-2024-46738

Description of changes:

[4.14.35-2047.541.4.1.el7uek]
- vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (Haoran Zhang) [Orabug: 37137499]

[4.14.35-2047.541.4.el7uek]
- selftests: make order checking verbose in msg_zerocopy selftest (Zijian Zhang) [Orabug: 37063821]
- selftests: fix OOM in msg_zerocopy selftest (Zijian Zhang) [Orabug: 37063821]
- Revert "selftests/net: reap zerocopy completions passed up as ancillary data." (Harshit Mogalapalli) [Orabug: 37063821]
- Revert "selftests: fix OOM in msg_zerocopy selftest" (Harshit Mogalapalli) [Orabug: 37063821]
- Revert "selftests: make order checking verbose in msg_zerocopy selftest" (Harshit Mogalapalli) [Orabug: 37063821]

[4.14.35-2047.541.3.el7uek]
- ALSA: timer: Relax start tick time check for slave timer elements (Takashi Iwai)
- driver core: Fix uevent_show() vs driver detach race (Dan Williams) [Orabug: 37029154] {CVE-2024-44952}
- VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (David Fernandez Gonzalez) [Orabug: 37037206] {CVE-2024-46738}

[4.14.35-2047.541.2.el7uek]
- Revert "selftests/mm: conform test to TAP format output" (Samasth Norway Ananda) [Orabug: 36997529]
- Revert "selftests/kcmp: Make the test output consistent and clear" (Samasth Norway Ananda) [Orabug: 36997529]

[4.14.35-2047.541.1.el7uek]
- LTS version v4.14.351 (Yifei Liu)
- i2c: rcar: bring hardware to known state when probing (Wolfram Sang)
- nilfs2: fix kernel bug on rename operation of broken directory (Ryusuke Konishi) [Orabug: 36896822] {CVE-2024-41034}
- tcp: use signed arithmetic in tcp_rtx_probe0_timed_out() (Eric Dumazet)
- libceph: fix race between delayed_work() and ceph_monc_stop() (Ilya Dryomov) [Orabug: 36930130] {CVE-2024-42232}
- hpet: Support 32-bit userspace (He Zhe)
- USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (Alan Stern) [Orabug: 36896827] {CVE-2024-41035}
- usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() (Lee Jones) [Orabug: 36930140] {CVE-2024-42236}
- USB: Add USB_QUIRK_NO_SET_INTF quirk for START BP-850k (WangYuli)
- USB: serial: option: add Rolling RW350-GL variants (Vanillan Wang)
- USB: serial: option: add Netprisma LCUK54 series modules (Mank Wang)
- USB: serial: option: add support for Foxconn T99W651 (Slark Xiao)
- USB: serial: option: add Fibocom FM350-GL (Bjørn Mork)
- USB: serial: option: add Telit FN912 rmnet compositions (Daniele Palmas)
- USB: serial: option: add Telit generic core-dump composition (Daniele Palmas)
- ARM: davinci: Convert comma to semicolon (Chen Ni)
- ppp: reject claimed-as-LCP but actually malformed packets (Dmitry Antipov) [Orabug: 36896857] {CVE-2024-41044}
- net: ethernet: lantiq_etop: fix double free in detach (Aleksander Jan Bajkowski) [Orabug: 36896864] {CVE-2024-41046}
- net: lantiq_etop: add blank line after declaration (Aleksander Jan Bajkowski)
- tcp: fix incorrect undo caused by DSACK of TLP retransmit (Neal Cardwell)
- nilfs2: fix incorrect inode allocation from reserved inodes (Ryusuke Konishi)
- i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr (Piotr Wojtaszczyk) [Orabug: 36897910] {CVE-2024-42153}
- i2c/busses: Convert timers to use timer_setup() (Kees Cook)
- i2c: pnx: move header into the driver (Wolfram Sang)
- media: dw2102: fix a potential buffer overflow (Mauro Carvalho Chehab)
- bnx2x: Fix multiple UBSAN array-index-out-of-bounds (Ghadi Elie Rahme) [Orabug: 36897887] {CVE-2024-42148}
- drm/amdgpu/atomfirmware: silence UBSAN warning (Alex Deucher)
- drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes (Ma Ke) [Orabug: 36897641] {CVE-2024-42101}
- fsnotify: Do not generate events for O_PATH file descriptors (Jan Kara)
- Bluetooth: Fix incorrect pointer arithmatic in ext_adv_report_evt (Jaganath Kanakkassery)
- mm: optimize the redundant loop of mm_update_owner_next() (Jinliang Zheng)
- nilfs2: add missing check for inode numbers on directory entries (Ryusuke Konishi) [Orabug: 36897653] {CVE-2024-42104}
- nilfs2: fix inode number range checks (Ryusuke Konishi) [Orabug: 36897659] {CVE-2024-42105}
- inet_diag: Initialize pad field in struct inet_diag_req_v2 (Shigeru Yoshida) [Orabug: 36897667] {CVE-2024-42106}
- selftests: make order checking verbose in msg_zerocopy selftest (Zijian Zhang)
- selftests: fix OOM in msg_zerocopy selftest (Zijian Zhang)
- selftests/net: reap zerocopy completions passed up as ancillary data. (Sowmini Varadhan)
- bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (Sam Sun) [Orabug: 36825249] {CVE-2024-39487}
- tcp_metrics: validate source addr length (Jakub Kicinski) [Orabug: 36897917] {CVE-2024-42154}
- UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (Neal Cardwell)
- s390/pkey: Wipe sensitive data on failure (Holger Dengler) [Orabug: 36897935] {CVE-2024-42157}
- jffs2: Fix potential illegal address access in jffs2_free_inode (Wang Yong) [Orabug: 36897698] {CVE-2024-42115}
- powerpc/xmon: Check cpu id in commands "c#", "dp#" and "dx#" (Greg Kurz)
- orangefs: fix out-of-bounds fsid access (Mike Marshall) [Orabug: 36897838] {CVE-2024-42143}
- powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n (Michael Ellerman)
- i2c: i801: Annotate apanel_addr as __ro_after_init (Heiner Kallweit)
- media: dvb-frontends: tda10048: Fix integer overflow (Ricardo Ribalda) [Orabug: 36897977] {CVE-2024-42223}
- media: s2255: Use refcount_t instead of atomic_t for num_channels (Ricardo Ribalda)
- media: dvb-frontends: tda18271c2dd: Remove casting during div (Ricardo Ribalda)
- net: dsa: mv88e6xxx: Correct check for empty list (Simon Horman) [Orabug: 36897983] {CVE-2024-42224}
- Input: ff-core - prefer struct_size over open coded arithmetic (Erick Archer)
- firmware: dmi: Stop decoding on broken entry (Jean Delvare)
- sctp: prefer struct_size over open coded arithmetic (Erick Archer)
- media: dw2102: Don't translate i2c read into write (Michael Bunk)
- IB/core: Implement a limit on UMAD receive List (Michael Guralnik) [Orabug: 36897848] {CVE-2024-42145}
- media: dvb-usb: dib0700_devices: Add missing release_firmware() (Ricardo Ribalda)
- media: dvb: as102-fe: Fix as10x_register_addr packing (Ricardo Ribalda)
- LTS version v4.14.350 (Yifei Liu)
- SUNRPC: Fix RPC client cleaned up the freed pipefs dentries (felix) [Orabug: 36940548] {CVE-2023-52803}
- arm64: dts: rockchip: Add sound-dai-cells for RK3368 (Alex Bee)
- tcp: Fix data races around icsk->icsk_af_ops. (Kuniyuki Iwashima) [Orabug: 34719867] {CVE-2022-3566}
- ipv6: Fix data races around sk->sk_prot. (Kuniyuki Iwashima) [Orabug: 34719907] {CVE-2022-3567}
- ipv6: annotate some data-races around sk->sk_prot (Eric Dumazet)
- pwm: stm32: Refuse too small period requests (Uwe Kleine-König)
- ftruncate: pass a signed offset (Arnd Bergmann) [Orabug: 36897559] {CVE-2024-42084}
- batman-adv: Don't accept TT entries for out-of-spec VIDs (Vegard Nossum)
- batman-adv: include gfp.h for GFP_* defines (Sven Eckelmann)
- drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes (Ma Ke) [Orabug: 36897381] {CVE-2024-41089}
- drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes (Ma Ke) [Orabug: 36897446] {CVE-2024-41095}
- hexagon: fix fadvise64_64 calling conventions (Arnd Bergmann)
- tty: mcf: MCF54418 has 10 UARTS (Jean-Michel Hautbois)
- usb: atm: cxacru: fix endpoint checking in cxacru_bind() (Nikita Zhandarovich) [Orabug: 36897452] {CVE-2024-41097}
- usb: musb: da8xx: fix a resource leak in probe() (Dan Carpenter)
- usb: gadget: printer: SS+ support (Oliver Neukum)
- net: usb: ax88179_178a: improve link status logs (Jose Ignacio Tornos Martinez)
- iio: adc: ad7266: Fix variable checking bug (Fernando Yang)
- mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos (Ilpo Järvinen)
- x86: stop playing stack games in profile_pc() (Linus Torvalds) [Orabug: 36897617] {CVE-2024-42096}
- i2c: ocores: set IACK bit after core is enabled (Grygorii Tertychnyi)
- i2c: ocores: stop transfer on timeout (Federico Vaga)
- nvme: fixup comment for nvme RDMA Provider Type (Hannes Reinecke)
- soc: ti: wkup_m3_ipc: Send NULL dummy message instead of pointer message (Andrew Davis)
- media: dvbdev: Initialize sbuf (Ricardo Ribalda)
- ALSA: emux: improve patch ioctl data validation (Oswald Buddenhagen) [Orabug: 36897626] {CVE-2024-42097}
- net/iucv: Avoid explicit cpumask var allocation on stack (Dawei Li) [Orabug: 36897609] {CVE-2024-42094}
- netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (Pablo Neira Ayuso) [Orabug: 36897501] {CVE-2024-42070}
- ASoC: fsl-asoc-card: set priv->pdev before using it (Elinor Montmasson) [Orabug: 36897579] {CVE-2024-42089}
- drm/amdgpu: fix UBSAN warning in kv_dpm.c (Alex Deucher) [Orabug: 36835993] {CVE-2024-40987}
- pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set (Huang-Huang Bao)
- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins (Huang-Huang Bao)
- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins (Huang-Huang Bao)
- pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (Hagar Hemdan) [Orabug: 36897587] {CVE-2024-42090}
- usb: xhci: do not perform Soft Retry for some xHCI hosts (Stanislaw Gruszka)
- xhci: Set correct transferred length for cancelled bulk transfers (Mathias Nyman)
- xhci: Use soft retry to recover faster from transaction errors (Mathias Nyman)
- usb: xhci: Remove ep_trb from xhci_cleanup_halted_endpoint() (Lu Baolu)
- scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory (Breno Leitao) [Orabug: 36835697] {CVE-2024-40901}
- scsi: mpt3sas: Gracefully handle online firmware update (Suganath Prabu)
logging macros (Joe Perches)
- iio: dac: ad5592r: fix temperature channel scaling value (Marc Ferland)
- iio: dac: ad5592r: un-indent code-block for scale read (Alexandru Ardelean)
- iio: dac: ad5592r-base: Replace indio_dev->mlock with own device lock (Sergiu Cuciurean)
- x86/amd_nb: Check for invalid SMN reads (Yazen Ghannam)
- PCI: Add PCI_ERROR_RESPONSE and related definitions (Naveen Naidu)
- ARM: dts: samsung: smdk4412: fix keypad no-autorepeat (Krzysztof Kozlowski)
- ARM: dts: samsung: exynos4412-origen: fix keypad no-autorepeat (Krzysztof Kozlowski)
- ARM: dts: samsung: smdkv310: fix keypad no-autorepeat (Krzysztof Kozlowski)
- gcov: add support for GCC 14 (Peter Oberparleiter)
- drm/radeon: fix UBSAN warning in kv_dpm.c (Alex Deucher) [Orabug: 36835998] {CVE-2024-40988}
- ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (Raju Rangoju)
- dmaengine: ioatdma: Fix missing kmem_cache_destroy() (Nikita Shubin)
- regulator: core: Fix modpost error "regulator_get_regmap" undefined (Biju Das)
- net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (Oliver Neukum)
- virtio_net: checksum offloading handling fix (Heng Qi)
- xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (Eric Dumazet) [Orabug: 36835853] {CVE-2024-40959}
- netrom: Fix a memory leak in nr_heartbeat_expiry() (Gavrilov Ilia) [Orabug: 36836088] {CVE-2024-41006}
- cipso: fix total option length computation (Ondrej Mosnacek)
- MIPS: Routerboard 532: Fix vendor retry check code (Ilpo Järvinen)
- udf: udftime: prevent overflow in udf_disk_stamp_to_time() (Roman Smirnov)
- udf: Simplify calls to udf_disk_stamp_to_time (Deepa Dinamani)
- udf: Sanitize nanoseconds for time stamps (Jan Kara)
- usb: misc: uss720: check for incompatible versions of the Belkin F5U002 (Alex Henrie)
- powerpc/io: Avoid clang null pointer arithmetic warnings (Michael Ellerman)
- powerpc/pseries: Enforce hcall result buffer validity and size (Nathan Lynch) [Orabug: 36835927] {CVE-2024-40974}
- scsi: qedi: Fix crash while reading debugfs attribute (Manish Rangankar) [Orabug: 36835948] {CVE-2024-40978}
- batman-adv: bypass empty buckets in batadv_purge_orig_ref() (Eric Dumazet) [Orabug: 36835967] {CVE-2024-40981}
- rcutorture: Fix rcu_torture_one_read() pipe_count overflow comment (Paul E. McKenney)
- usb-storage: alauda: Check whether the media is initialized (Shichao Lai) [Orabug: 36753735] {CVE-2024-38619}
- hugetlb_encode.h: fix undefined behaviour (34 sk_shutdown in sk_diag_fill(). (Kuniyuki Iwashima)
- af_unix: Use skb_queue_len_lockless() in sk_diag_show_rqlen(). (Kuniyuki Iwashima)
- af_unix: Use unix_recvq_full_lockless() in unix_stream_connect(). (Kuniyuki Iwashima)
- af_unix: Annotate data-race of net->unx.sysctl_max_dgram_qlen. (Kuniyuki Iwashima)
- af_unix: Annotate data-races around sk->sk_state in UNIX_DIAG. (Kuniyuki Iwashima)
- af_unix: Annotate data-races around sk->sk_state in sendmsg() and recvmsg(). (Kuniyuki Iwashima)
- af_unix: Annotate data-races around sk->sk_state in unix_write_space() and poll(). (Kuniyuki Iwashima)
- af_unix: Fix data races around sk->sk_shutdown. (Kuniyuki Iwashima)
- af_unix: Annotate data-race of sk->sk_state in unix_inq_len(). (Kuniyuki Iwashima)
- af_unix: Fix a data-race in unix_dgram_peer_wake_me(). (Kuniyuki Iwashima)
- af_unix: ensure POLLOUT on remote close() for connected dgram socket (Jason Baron)
- ptp: Fix error message on failed pin verification (Karol Kolacinski)
- tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (Jason Xing)
- ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (Eric Dumazet)
- wifi: iwlwifi: mvm: don't read past the mfuart notifcation (Emmanuel Grumbach) [Orabug: 36835809] {CVE-2024-40941}
- wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (Remi Pommarel) [Orabug: 36835736] {CVE-2024-40912}
- wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects (Nicolas Escande) [Orabug: 36835813] {CVE-2024-40942}
- tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (Eric Dumazet) [Orabug: 36683297] {CVE-2024-36905}
- Revert "tcp: remove redundant check on tskb" (Vegard Nossum)
- Revert "tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets" (Vegard Nossum)
- Revert "scsi: target: Fix SELinux error when systemd-modules loads the target module" (Vegard Nossum)



ELSA-2024-5930 Important: Oracle Linux 7 bind security update (aarch64)


Oracle Linux Security Advisory ELSA-2024-5930

http://linux.oracle.com/errata/ELSA-2024-5930.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

aarch64:
bind-9.11.4-26.0.1.P2.el7_9.16.aarch64.rpm
bind-chroot-9.11.4-26.0.1.P2.el7_9.16.aarch64.rpm
bind-libs-9.11.4-26.0.1.P2.el7_9.16.aarch64.rpm
bind-export-libs-9.11.4-26.0.1.P2.el7_9.16.aarch64.rpm
bind-libs-lite-9.11.4-26.0.1.P2.el7_9.16.aarch64.rpm
bind-license-9.11.4-26.0.1.P2.el7_9.16.noarch.rpm
bind-pkcs11-9.11.4-26.0.1.P2.el7_9.16.aarch64.rpm
bind-pkcs11-libs-9.11.4-26.0.1.P2.el7_9.16.aarch64.rpm
bind-pkcs11-utils-9.11.4-26.0.1.P2.el7_9.16.aarch64.rpm
bind-utils-9.11.4-26.0.1.P2.el7_9.16.aarch64.rpm
bind-export-devel-9.11.4-26.0.1.P2.el7_9.16.aarch64.rpm
bind-devel-9.11.4-26.0.1.P2.el7_9.16.aarch64.rpm
bind-lite-devel-9.11.4-26.0.1.P2.el7_9.16.aarch64.rpm
bind-pkcs11-devel-9.11.4-26.0.1.P2.el7_9.16.aarch64.rpm
bind-sdb-9.11.4-26.0.1.P2.el7_9.16.aarch64.rpm
bind-sdb-chroot-9.11.4-26.0.1.P2.el7_9.16.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//bind-9.11.4-26.0.1.P2.el7_9.16.src.rpm

Related CVEs:

CVE-2024-1737
CVE-2024-1975

Description of changes:

[32:9.11.4-26.0.1.P2.16]
- Resolve CVE-2024-1975
- Resolve CVE-2024-1737
- Add ability to change runtime limits for max types and records per name



ELSA-2024-5930 Important: Oracle Linux 7 bind security update


Oracle Linux Security Advisory ELSA-2024-5930

http://linux.oracle.com/errata/ELSA-2024-5930.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
bind-9.11.4-26.0.1.P2.el7_9.16.x86_64.rpm
bind-chroot-9.11.4-26.0.1.P2.el7_9.16.x86_64.rpm
bind-devel-9.11.4-26.0.1.P2.el7_9.16.i686.rpm
bind-devel-9.11.4-26.0.1.P2.el7_9.16.x86_64.rpm
bind-export-devel-9.11.4-26.0.1.P2.el7_9.16.i686.rpm
bind-export-devel-9.11.4-26.0.1.P2.el7_9.16.x86_64.rpm
bind-export-libs-9.11.4-26.0.1.P2.el7_9.16.i686.rpm
bind-export-libs-9.11.4-26.0.1.P2.el7_9.16.x86_64.rpm
bind-libs-9.11.4-26.0.1.P2.el7_9.16.i686.rpm
bind-libs-9.11.4-26.0.1.P2.el7_9.16.x86_64.rpm
bind-libs-lite-9.11.4-26.0.1.P2.el7_9.16.i686.rpm
bind-libs-lite-9.11.4-26.0.1.P2.el7_9.16.x86_64.rpm
bind-license-9.11.4-26.0.1.P2.el7_9.16.noarch.rpm
bind-lite-devel-9.11.4-26.0.1.P2.el7_9.16.i686.rpm
bind-lite-devel-9.11.4-26.0.1.P2.el7_9.16.x86_64.rpm
bind-pkcs11-9.11.4-26.0.1.P2.el7_9.16.x86_64.rpm
bind-pkcs11-devel-9.11.4-26.0.1.P2.el7_9.16.i686.rpm
bind-pkcs11-devel-9.11.4-26.0.1.P2.el7_9.16.x86_64.rpm
bind-pkcs11-libs-9.11.4-26.0.1.P2.el7_9.16.i686.rpm
bind-pkcs11-libs-9.11.4-26.0.1.P2.el7_9.16.x86_64.rpm
bind-pkcs11-utils-9.11.4-26.0.1.P2.el7_9.16.x86_64.rpm
bind-sdb-9.11.4-26.0.1.P2.el7_9.16.x86_64.rpm
bind-sdb-chroot-9.11.4-26.0.1.P2.el7_9.16.x86_64.rpm
bind-utils-9.11.4-26.0.1.P2.el7_9.16.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//bind-9.11.4-26.0.1.P2.el7_9.16.src.rpm

Related CVEs:

CVE-2024-1737
CVE-2024-1975

Description of changes:

[32:9.11.4-26.0.1.P2.16]
- Resolve CVE-2024-1975
- Resolve CVE-2024-1737
- Add ability to change runtime limits for max types and records per name