-
Tue Jun 09 2020 Brian Maly <brian.maly@oracle.com> [4.1.12-124.39.5.1.el7uek]
- x86/speculation: Add Ivy Bridge to affected list (Josh Poimboeuf) [Orabug: 31352782] {CVE-2020-0543}
- x86/speculation: Add SRBDS vulnerability and mitigation documentation (Mark Gross) [Orabug: 31352782] {CVE-2020-0543}
- x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Mark Gross) [Orabug: 31352782] {CVE-2020-0543}
- x86/cpu: Add 'table' argument to cpu_matches() (Mark Gross) [Orabug: 31352782] {CVE-2020-0543}
- x86/cpu: Add a steppings field to struct x86_cpu_id (Mark Gross) [Orabug: 31352782] {CVE-2020-0543}
- x86/cpu: Rename cpu_data.x86_mask to cpu_data.x86_stepping (Jia Zhang) [Orabug: 31352782] {CVE-2020-0543}
-
Tue May 26 2020 Brian Maly <brian.maly@oracle.com> [4.1.12-124.39.5.el7uek]
- Input: ff-memless - kill timer in destroy() (Oliver Neukum) [Orabug: 31213691] {CVE-2019-19524}
- libertas: Fix two buffer overflows at parsing bss descriptor (Wen Huang) [Orabug: 31351307] {CVE-2019-14896} {CVE-2019-14897} {CVE-2019-14897}
- binfmt_elf: use ELF_ET_DYN_BASE only for PIE (Kees Cook) [Orabug: 31352068] {CVE-2017-1000370} {CVE-2017-1000371} {CVE-2017-1000370}
- NFSv4.0: Remove transport protocol name from non-UCS client ID (Chuck Lever) [Orabug: 31357212]
- NFSv4.0: Remove cl_ipaddr from non-UCS client ID (Chuck Lever) [Orabug: 31357212]
- xen/manage: enable C_A_D to force reboot (Dongli Zhang) [Orabug: 31387466]
-
Tue May 19 2020 Brian Maly <brian.maly@oracle.com> [4.1.12-124.39.4.el7uek]
- acpi: disable erst (Wengang Wang) [Orabug: 31194253]
- mdio_bus: Fix use-after-free on device_register fails (YueHaibing) [Orabug: 31222292] {CVE-2019-12819}
- rds: ib: Fix dysfunctional long address resolve timeout (HÃ¥kon Bugge) [Orabug: 31302708]
- vxlan: dont migrate permanent fdb entries during learn (Roopa Prabhu) [Orabug: 31325318]
- USB: iowarrior: fix use-after-free on disconnect (Johan Hovold) [Orabug: 31351061] {CVE-2019-19528}
- usb: iowarrior: fix deadlock on disconnect (Oliver Neukum) [Orabug: 31351061] {CVE-2019-19528}
- mremap: properly flush TLB before releasing the page (Linus Torvalds) [Orabug: 31352011] {CVE-2018-18281}
-
Tue May 12 2020 Brian Maly <brian.maly@oracle.com> [4.1.12-124.39.3.el7uek]
- Input: add safety guards to input_set_keycode() (Dmitry Torokhov) [Orabug: 31200558] {CVE-2019-20636}
- media: stv06xx: add missing descriptor sanity checks (Johan Hovold) [Orabug: 31200579] {CVE-2020-11609}
- media: ov519: add missing endpoint sanity checks (Johan Hovold) [Orabug: 31213758] {CVE-2020-11608}
- media: xirlink_cit: add missing descriptor sanity checks (Johan Hovold) [Orabug: 31213767] {CVE-2020-11668}
- mwifiex: pcie: Fix memory leak in mwifiex_pcie_init_evt_ring (Navid Emamdoost) [Orabug: 31263147] {CVE-2019-19057}
- USB: core: Fix races in character device registration and deregistraion (Alan Stern) [Orabug: 31317667] {CVE-2019-19537}
-
Thu May 07 2020 Brian Maly <brian.maly@oracle.com> [4.1.12-124.39.2.el7uek]
- genirq: Use rcu in kstat_irqs_usr() (Eric Dumazet)
- genirq: Make sparse_irq_lock protect what it should protect (Thomas Gleixner) [Orabug: 30953676]
- genirq: Free irq_desc with rcu (Thomas Gleixner) [Orabug: 30953676]
-
Tue May 05 2020 Brian Maly <brian.maly@oracle.com> [4.1.12-124.39.1.el7uek]
- qla2xxx: Update driver version to 9.00.00.00.42.0-k1-v2 (Arun Easi) [Orabug: 30372266]
- qla2xxx: Fix device discovery when FCP2 device is lost. (Arun Easi) [Orabug: 30372266]
- brcmfmac: add subtype check for event handling in data path (John Donnelly) [Orabug: 30776354] {CVE-2019-9503}
- percpu-refcount: fix reference leak during percpu-atomic transition (Douglas Miller) [Orabug: 30867060]
- blk-mq: Allow timeouts to run while queue is freezing (Gabriel Krisman Bertazi) [Orabug: 30867060]
- fs/dcache.c: fix spin lockup issue on nlru->lock (Junxiao Bi) [Orabug: 30953290]
- jbd2: disable CONFIG_JBD2_DEBUG (Junxiao Bi) [Orabug: 31234664]
- mwifiex: pcie: Fix memory leak in mwifiex_pcie_alloc_cmdrsp_buf (Navid Emamdoost) [Orabug: 31246302] {CVE-2019-19056}
- drm/vmwgfx: limit the number of mip levels in vmw_gb_surface_define_ioctl() (Vladis Dronov) [Orabug: 31262557] {CVE-2017-7346}
-
Tue Apr 28 2020 Brian Maly <brian.maly@oracle.com> [4.1.12-124.38.5.el7uek]
- i40e: Increment the driver version for FW API update (Jack Vogel) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}
- i40e: Update FW API version to 1.9 (Piotr Azarewicz) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}
- i40e: Changed maximum supported FW API version to 1.8 (Adam Ludkiewicz) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}
- i40e: Stop dropping 802.1ad tags - eth proto 0x88a8 (Scott Peterson) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}
- i40e: fix reading LLDP configuration (Mariusz Stachura) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}
- i40e: Add capability flag for stopping FW LLDP (Krzysztof Galazka) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}
- i40e: refactor FW version checking (Mitch Williams) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}
- i40e: shutdown all IRQs and disable MSI-X when suspended (Jacob Keller) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}
- i40e: prevent service task from running while we're suspended (Jacob Keller) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}
- i40e: don't clear suspended state until we finish resuming (Jacob Keller) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}
- i40e: use newer generic PM support instead of legacy PM callbacks (Jacob Keller) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}
- i40e: use separate state bit for miscellaneous IRQ setup (Jacob Keller) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}
- i40e: fix for flow director counters not wrapping as expected (Mariusz Stachura) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}
- i40e: relax warning message in case of version mismatch (Mariusz Stachura) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}
- i40e: simplify member variable accesses (Sudheer Mogilappagari) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}
- i40e: Fix link down message when interface is brought up (Sudheer Mogilappagari) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}
- i40e: Fix unqualified module message while bringing link up (Sudheer Mogilappagari) [Orabug: 31051191] {CVE-2019-0140} {CVE-2019-0139} {CVE-2019-0144}
-
Tue Apr 28 2020 Brian Maly <brian.maly@oracle.com> [4.1.12-124.38.4.el7uek]
- HID: Fix assumption that devices have inputs (Alan Stern) [Orabug: 31208622] {CVE-2019-19532}
- qla2xxx: DBG: disable 3D mailbox. (Quinn Tran) [Orabug: 30890687]
- scsi: qla2xxx: Fix mtcp dump collection failure (Quinn Tran) [Orabug: 30890687]
- scsi: qla2xxx: Add Serdes support for ISP27XX (Joe Carnuccio) [Orabug: 30890687]
- vgacon: Fix a UAF in vgacon_invert_region (Zhang Xiaoxu) [Orabug: 31143947] {CVE-2020-8649} {CVE-2020-8647} {CVE-2020-8647} {CVE-2020-8649} {CVE-2020-8649} {CVE-2020-8647}
- HID: hiddev: do cleanup in failure of opening a device (Hillf Danton) [Orabug: 31206360] {CVE-2019-19527}
- HID: hiddev: avoid opening a disconnected device (Hillf Danton) [Orabug: 31206360] {CVE-2019-19527}
- USB: adutux: fix use-after-free on disconnect (Johan Hovold) [Orabug: 31233769] {CVE-2019-19523}
-
Wed Apr 22 2020 Brian Maly <brian.maly@oracle.com> [4.1.12-124.38.3.el7uek]
- ipv4: implement support for NOPREFIXROUTE ifa flag for ipv4 address (Paolo Abeni) [Orabug: 30292825]
- vt: selection, push sel_lock up (Jiri Slaby) [Orabug: 30923298] {CVE-2020-8648}
- vt: selection, push console lock down (Jiri Slaby) [Orabug: 30923298] {CVE-2020-8648}
- vt: selection, close sel_buffer race (Jiri Slaby) [Orabug: 30923298] {CVE-2020-8648} {CVE-2020-8648}
- xfs: stop searching for free slots in an inode chunk when there are none (Carlos Maiolino) [Orabug: 31030659]
- xfs: fix up xfs_swap_extent_forks inline extent handling (Eric Sandeen) [Orabug: 31032831]
- xfs: validate sb_logsunit is a multiple of the fs blocksize (Darrick J. Wong) [Orabug: 31034071]
- mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings (Wen Huang) [Orabug: 31104481] {CVE-2019-14814} {CVE-2019-14815} {CVE-2019-14816} {CVE-2019-14814} {CVE-2019-14815} {CVE-2019-14816}
-
Tue Apr 14 2020 Brian Maly <brian.maly@oracle.com> [4.1.12-124.38.2.el7uek]
- rds: fix an infoleak in rds_inc_info_copy (Kangjie Lu) [Orabug: 30770962] {CVE-2016-5244}
- xfs: do async inactivation only when fs freezed (Junxiao Bi) [Orabug: 30944736]
- xfs: fix deadlock between shrinker and fs freeze (Junxiao Bi) [Orabug: 30944736]
- xfs: increase the default parallelism levels of pwork clients (Junxiao Bi) [Orabug: 30944736]
- xfs: decide if inode needs inactivation (Junxiao Bi) [Orabug: 30944736]
- xfs: refactor the predicate part of xfs_free_eofblocks (Junxiao Bi) [Orabug: 30944736]
- floppy: check FDC index for errors before assigning it (Linus Torvalds) [Orabug: 31067516] {CVE-2020-9383}
- KVM: x86: clear stale x86_emulate_ctxt->intercept value (Vitaly Kuznetsov) [Orabug: 31118691]
- slcan: Don't transmit uninitialized stack data in padding (Richard Palethorpe) [Orabug: 31136753] {CVE-2020-11494}