-
Tue Jan 24 2023 Alok Tiwari <alok.a.tiwari@oracle.com> [4.1.12-124.71.3.el7uek]
- USB: core: Prevent nested device-reset calls (Alan Stern) [Orabug: 34951641] {CVE-2022-4662}
- Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM (Luiz Augusto von Dentz) [Orabug: 34833307] {CVE-2022-42896} {CVE-2022-42896}
- Bluetooth: L2CAP: Introduce proper defines for PSM ranges (Johan Hedberg) [Orabug: 34833307]
- ext4: fix data corruption caused by overlapping unaligned and aligned IO (Lukas Czerner) [Orabug: 34190035]
-
Mon Jan 16 2023 Alok Tiwari <alok.a.tiwari@oracle.com> [4.1.12-124.71.2.el7uek]
- scsi: qla2xxx: Fix use after free in eh_abort path (Quinn Tran) [Orabug: 34970763]
- check-kabi provides exception on broken symbols (Alok Tiwari) [Orabug: 34742865]
- KABI validation broken on UEK4 for symbols change (Alok Tiwari) [Orabug: 34742865]
- Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu (Maxim Mikityanskiy) [Orabug: 34719829] {CVE-2022-3564}
- Bluetooth: remove unneeded variable in l2cap_stream_rx (Prasanna Karthik) [Orabug: 34719829] {CVE-2022-3564}
-
Wed Jan 11 2023 Alok Tiwari <alok.a.tiwari@oracle.com> [4.1.12-124.71.1.el7uek]
- Bluetooth: L2CAP: Fix attempting to access uninitialized memory (Luiz Augusto von Dentz) [Orabug: 34951662] {CVE-2022-42895} {CVE-2022-42895}
- wifi: brcmfmac: Fix potential buffer overflow in brcmf_fweh_event_worker() (Dokyung Song) [Orabug: 34951546] {CVE-2022-3628}
- tcp/udp: Fix memory leak in ipv6_renew_options(). (Kuniyuki Iwashima) [Orabug: 34719347] {CVE-2022-3524}
-
Mon Dec 12 2022 Alok Tiwari <alok.a.tiwari@oracle.com> [4.1.12-124.70.2.el7uek]
- proc: proc_skip_spaces() shouldn't think it is working on C strings (Linus Torvalds) [Orabug: 34882781] {CVE-2022-4378}
- proc: avoid integer type confusion in get_proc_long (Linus Torvalds) [Orabug: 34882781] {CVE-2022-4378}
- netfilter: nf_conntrack_irc: Fix forged IP logic (David Leadbeater) [Orabug: 34872056] {CVE-2022-2663}
- r8152: Rate limit overflow messages (Andrew Gaul) [Orabug: 34719940] {CVE-2022-3594}
- HID: roccat: Fix use-after-free in roccat_read() (Hyunwoo Kim) [Orabug: 34670789] {CVE-2022-41850}
-
Tue Dec 06 2022 Alok Tiwari <alok.a.tiwari@oracle.com> [4.1.12-124.70.1.el7uek]
- usb: mon: make mmapped memory read only (Tadeusz Struk) [Orabug: 34820828] {CVE-2022-43750}
- sch_sfb: Also store skb len before calling child enqueue (Toke Høiland-Jørgensen) [Orabug: 34731314] {CVE-2022-3586}
- sch_sfb: Don't assume the skb is still around after enqueueing to child (Toke Høiland-Jørgensen) [Orabug: 34731314] {CVE-2022-3586}
- sch_sfb: keep backlog updated with qlen (WANG Cong) [Orabug: 34731314]
-
Thu Dec 01 2022 Vijayendra Suman <vijayendra.suman@oracle.com> [4.1.12-124.69.5.el7uek]
- x86/smpboot: check cpu_initialized_mask first after returning from schedule() (Dongli Zhang) [Orabug: 34798594]
-
Thu Dec 01 2022 Vijayendra Suman <vijayendra.suman@oracle.com> [4.1.12-124.69.4.el7uek]
- btrfs: Remove BUG_ON() as it is causing kernel to panic (Rhythm Mahajan) [Orabug: 34840579]
-
Fri Nov 25 2022 Alok Tiwari <alok.a.tiwari@oracle.com> [4.1.12-124.69.3.el7uek]
- btrfs: fix missing return for a non-void function. (Harshit Mogalapalli) [Orabug: 34827292]
-
Tue Nov 22 2022 Alok Tiwari <alok.a.tiwari@oracle.com> [4.1.12-124.69.2.el7uek]
- btrfs: Don't submit any btree write bio if the fs has errors (Qu Wenruo) [Orabug: 31265340] {CVE-2019-19377}
- scsi: stex: Properly zero out the passthrough command structure (Linus Torvalds) [Orabug: 34670757] {CVE-2022-40768}
- net/packet: fix slab-out-of-bounds access in packet_recvmsg() (Eric Dumazet) [Orabug: 34791643] {CVE-2022-20368}
- packet: in recvmsg msg_name return at least sizeof sockaddr_ll (Willem de Bruijn) [Orabug: 34791643]
- fs/attr.c: handling case when inode does not attach with dentry structure (Alok Tiwari) [Orabug: 34733462] [Orabug: 34798221] [Orabug: 34816013]
-
Tue Nov 08 2022 Alok Tiwari <alok.a.tiwari@oracle.com> [4.1.12-124.69.1.el7uek]
- drm/ttm/nouveau: don't call tt destroy callback on alloc failure. (Dave Airlie) [Orabug: 33014078] {CVE-2021-20292}
- netfilter: nf_conntrack_irc: Tighten matching on DCC message (David Leadbeater) [Orabug: 34555474] {CVE-2022-2663}
- openvswitch: fix OOB access in reserve_sfa_size() (Paolo Valerio) [Orabug: 34607642] {CVE-2022-2639}
- openvswitch: fix flow actions reallocation (Andrea Righi) [Orabug: 34607642]
- openvswitch: fix the incorrect flow action alloc size (zhangliping) [Orabug: 34607642]
- cgroup: Prevent kill_css() from being called more than once (Waiman Long) [Orabug: 34679307]
- mISDN: fix use-after-free bugs in l1oip timer handlers (Duoming Zhou) [Orabug: 34719783] {CVE-2022-3565}
- vsock: Fix memory leak in vsock_connect() (Peilin Ye) [Orabug: 34731194] {CVE-2022-3629}
- vsock: split dwork to avoid reinitializations (Cong Wang) [Orabug: 34731194]