-
Fri Jan 05 2018 Brian Maly <brian.maly@oracle.com> [4.1.12-112.14.5.el7uek]
- x86/ibrs: Remove 'ibrs_dump' and remove the pr_debug (Konrad Rzeszutek Wilk) [Orabug: 27350825]
-
Fri Jan 05 2018 Brian Maly <brian.maly@oracle.com> [4.1.12-112.14.4.el7uek]
- kABI: Revert kABI: Make the boot_cpu_data look normal (Konrad Rzeszutek Wilk) {CVE-2017-5715}
-
Fri Jan 05 2018 Brian Maly <brian.maly@oracle.com> [4.1.12-112.14.3.el7uek]
- userns: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- udf: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- net: mpls: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- fs: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- ipv6: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- ipv4: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- Thermal/int340x: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- cw1200: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- qla2xxx: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- p54: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- carl9170: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- uvcvideo: prevent speculative execution (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- bpf: prevent speculative execution in eBPF interpreter (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- locking/barriers: introduce new observable speculation barrier (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- x86/cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- x86/cpu/AMD: Make the LFENCE instruction serialized (Elena Reshetova) [Orabug: 27340459] {CVE-2017-5753}
- kABI: Make the boot_cpu_data look normal. (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
- kernel.spec: Require the new microcode_ctl. (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715} {CVE-2017-5715}
- x86/microcode/AMD: Add support for fam17h microcode loading (Tom Lendacky) [Orabug: 27339995] {CVE-2017-5715}
- x86/spec_ctrl: Disable if running as Xen PV guest. (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
- Set IBPB when running a different VCPU (Dave Hansen) [Orabug: 27339995] {CVE-2017-5715}
- Clear the host registers after setbe (Jun Nakajima) [Orabug: 27339995] {CVE-2017-5715}
- Use the ibpb_inuse variable. (Jun Nakajima) [Orabug: 27339995] {CVE-2017-5715}
- KVM: x86: add SPEC_CTRL to MSR and CPUID lists (Andrea Arcangeli) [Orabug: 27339995] {CVE-2017-5715}
- kvm: vmx: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Paolo Bonzini) [Orabug: 27339995] {CVE-2017-5715}
- Use the "ibrs_inuse" variable. (Jun Nakajima) [Orabug: 27339995] {CVE-2017-5715}
- kvm: svm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Andrea Arcangeli) [Orabug: 27339995] {CVE-2017-5715}
- x86/svm: Set IBPB when running a different VCPU (Paolo Bonzini) [Orabug: 27339995] {CVE-2017-5715}
- x86/kvm: Pad RSB on VM transition (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86/cpu/AMD: Add speculative control support for AMD (Tom Lendacky) [Orabug: 27339995] {CVE-2017-5715}
- x86/microcode: Recheck IBRS and IBPB feature on microcode reload (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86: Move IBRS/IBPB feature detection to scattered.c (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86/spec_ctrl: Add lock to serialize changes to ibrs and ibpb control (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
- x86/kvm: clear registers on VM exit (Tom Lendacky) [Orabug: 27339995] {CVE-2017-5715}
- x86/kvm: Set IBPB when switching VM (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- *INCOMPLETE* x86/syscall: Clear unused extra registers on syscall entrance (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
- x86/entry: Stuff RSB for entry to kernel for non-SMEP platform (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
- x86/mm: Only set IBPB when the new thread cannot ptrace current thread (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
- x86/mm: Set IBPB upon context switch (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86/idle: Disable IBRS when offlining cpu and re-enable on wakeup (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86/idle: Disable IBRS entering idle and enable it on wakeup (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86/spec_ctrl: save IBRS MSR value in paranoid_entry (Andrea Arcangeli) [Orabug: 27339995] {CVE-2017-5715}
- *Scaffolding* x86/spec_ctrl: Add sysctl knobs to enable/disable SPEC_CTRL feature (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86/enter: Use IBRS on syscall and interrupts (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86: Add macro that does not save rax, rcx, rdx on stack to disable IBRS (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86/enter: MACROS to set/clear IBRS and set IBP (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86/feature: Report presence of IBPB and IBRS control (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
- x86: Add STIBP feature enumeration (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
- x86/cpufeature: Add X86_FEATURE_IA32_ARCH_CAPS and X86_FEATURE_IBRS_ATT (Konrad Rzeszutek Wilk) [Orabug: 27339995] {CVE-2017-5715}
- x86/feature: Enable the x86 feature to control (Tim Chen) [Orabug: 27339995] {CVE-2017-5715}
-
Fri Dec 15 2017 Brian Maly <brian.maly@oracle.com> [4.1.12-112.14.2.el7uek]
- fuse: Call end_queued_requests() after releasing fc->lock in fuse_dev_release() (Ashish Samant) [Orabug: 26431550]
- rds: Fix inaccurate accounting of unsignaled wrs in rds_ib_xmit_rdma (Håkon Bugge) [Orabug: 27097105]
- rds: Fix inaccurate accounting of unsignaled wrs (Håkon Bugge) [Orabug: 27097105]
- rds: ib: Fix NULL pointer dereference in debug code (Håkon Bugge) [Orabug: 27116566]
- bnx2x: fix slowpath null crash (Zhu Yanjun) [Orabug: 27133587]
- rds: System panic if RDS netfilter is enabled and RDS/TCP is used (Ka-Cheong Poon) [Orabug: 27150029]
- USB: serial: console: fix use-after-free after failed setup (Johan Hovold) [Orabug: 27206830] {CVE-2017-16525}
- mlx4: Subscribe to PXM notifier (Konrad Rzeszutek Wilk)
- xen/pci: Add PXM node notifier for PXM (NUMA) changes. (Konrad Rzeszutek Wilk)
- xen/pcifront: Walk the PCI bus after XenStore notification (Konrad Rzeszutek Wilk)
- uwb: properly check kthread_run return value (Andrey Konovalov) [Orabug: 27206880] {CVE-2017-16526}
- ALSA: usb-audio: Check out-of-bounds access by corrupted buffer descriptor (Takashi Iwai) [Orabug: 27206923] {CVE-2017-16529}
- USB: uas: fix bug in handling of alternate settings (Alan Stern) [Orabug: 27206999] {CVE-2017-16530}
- USB: fix out-of-bounds in usb_set_configuration (Greg Kroah-Hartman) [Orabug: 27207224] {CVE-2017-16531}
- HID: usbhid: fix out-of-bounds bug (Jaejoong Kim) [Orabug: 27207918] {CVE-2017-16533}
- USB: core: fix out-of-bounds access bug in usb_get_bos_descriptor() (Alan Stern) [Orabug: 27207970] {CVE-2017-16535}
- [media] cx231xx-cards: fix NULL-deref on missing association descriptor (Johan Hovold) [Orabug: 27208047] {CVE-2017-16536}
- Replace max_t() with sub_positive() in dequeue_entity_load_avg() (Gayatri Vasudevan) [Orabug: 27222316]
- sched/fair: Fix cfs_rq avg tracking underflow (Gayatri Vasudevan) [Orabug: 27222316]
- KVM: nVMX: Fix vmx_check_nested_events() return value in case an event was reinjected to L2 (Liran Alon) [Orabug: 27250111]
- KVM: VMX: use kvm_event_needs_reinjection (Wanpeng Li) [Orabug: 27250111]
- KVM: nVMX: Fix pending events injection (Wanpeng Li) [Orabug: 27250111]
-
Fri Dec 08 2017 Brian Maly <brian.maly@oracle.com> [4.1.12-112.14.1.el7uek]
- ext4: fix off-by-one on max nr_pages in ext4_find_unwritten_pgoff() (Eryu Guan) [Orabug: 27233471]
-
Fri Dec 08 2017 Brian Maly <brian.maly@oracle.com> [4.1.12-112.13.1.el7uek]
- cgroup: make sure a parent css isn't offlined before its children (Tejun Heo) [Orabug: 27179269]
-
Tue Dec 05 2017 Dhaval Giani <dhaval.giani@oracle.com> [4.1.12-112.12.1.el7uek]
- ctf: allow dwarf2ctf to run as root but produce no output (Nick Alcock) [Orabug: 27133094]
- net: qmi_wwan: fix divide by 0 on bad descriptors (Bjørn Mork) [Orabug: 27215221] {CVE-2017-16650}
- ctf: fix thinko preventing linking of out-of-tree modules when CTF is off (Nick Alcock) [Orabug: 27215293]
- Revert "firmware: dmi_scan: add SBMIOS entry and DMI tables" (Dan Duval) [Orabug: 27100376]
-
Tue Dec 05 2017 Dhaval Giani <dhaval.giani@oracle.com> [4.1.12-112.11.1.el7uek]
- mm, thp: Do not make page table dirty unconditionally in follow_trans_huge_pmd() (Kirill A. Shutemov) [Orabug: 27200880] {CVE-2017-1000405}
- uek-rpm: Update linux firmware package for OL7 (Dhaval Giani) [Orabug: 27210206]
- uek-rpm: Update firmware for OL6 UEK spec file (Dhaval Giani) [Orabug: 27210204]
- scsi: Add STARGET_CREATED_REMOVE state to scsi_target_state (Ewan D. Milne) [Orabug: 27187218]
- xen/time: do not decrease steal time after live migration on xen (Dongli Zhang) [Orabug: 26770163]
- ALSA: usb-audio: Kill stray URB at exiting (Takashi Iwai) [Orabug: 27148272] {CVE-2017-16527}
- scsi: qla2xxx: Fix NULL pointer access due to redundant fc_host_port_name call (Quinn Tran) [Orabug: 27149785]
- scsi: qla2xxx: Initialize Work element before requesting IRQs (Himanshu Madhani) [Orabug: 27149785]
- scsi: qla2xxx: Fix uninitialized work element (Quinn Tran) [Orabug: 27149785]
-
Thu Nov 23 2017 Dhaval Giani <dhaval.giani@oracle.com> [4.1.12-112.10.1.el7uek]
- Revert "Improves clear_huge_page() using work queues" (Jack Vogel) [Orabug: 27055693]
- packet: in packet_do_bind, test fanout with bind_lock held (Willem de Bruijn) [Orabug: 27069060] {CVE-2017-15649}
- packet: hold bind lock when rebinding to fanout hook (Willem de Bruijn) [Orabug: 27069060] {CVE-2017-15649}
- net: convert packet_fanout.sk_ref from atomic_t to refcount_t (Reshetova, Elena) [Orabug: 27069060] {CVE-2017-15649}
- packet: fix races in fanout_add() (Eric Dumazet) [Orabug: 27069060] {CVE-2017-15649}
- refcount_t: Introduce a special purpose refcount type (Peter Zijlstra) [Orabug: 27069060] {CVE-2017-15649}
- locking/atomics: Add _{acquire|release|relaxed}() variants of some atomic operations (Will Deacon) [Orabug: 27069060] {CVE-2017-15649}
- scsi: qla2xxx: Fix slow mem alloc behind lock (Quinn Tran) [Orabug: 27100873]
-
Thu Nov 16 2017 Dhaval Giani <dhaval.giani@oracle.com> [4.1.12-112.9.1.el7uek]
- xfs: Fix off-by-in in loop termination in xfs_find_get_desired_pgoff() (Jan Kara) [Orabug: 26862911]
- xfs: Fix missed holes in SEEK_HOLE implementation (Jan Kara) [Orabug: 26862911]
- ext4: fix off-by-in in loop termination in ext4_find_unwritten_pgoff() (Jan Kara) [Orabug: 26862911]
- ext4: fix SEEK_HOLE (Jan Kara) [Orabug: 26862911]
- rtc: cmos: century support (Sylvain Chouleur) [Orabug: 27025943]
- ocfs2: code clean up for direct io (Ryan Ding) [Orabug: 27117733]
- scsi: Don't abort scsi_scan due to unexpected response (John Sobecki) [Orabug: 27119610]
- ocfs2: fstrim: Fix start offset of first cluster group during fstrim (Ashish Samant) [Orabug: 26326914]