-
Fri Jul 14 2017 Chuck Anderson <chuck.anderson@oracle.com> [4.1.12-94.3.9.el7uek]
- bonding: avoid defaulting hard_header_len to ETH_HLEN on slave removal (Paolo Abeni) [Orabug: 26445633]
-
Fri Jun 30 2017 Brian Maly <brian.maly@oracle.com> [4.1.12-94.3.8.el7uek]
- macsec: dynamically allocate space for sglist (Jason A. Donenfeld) [Orabug: 26368162] {CVE-2017-7477}
- macsec: avoid heap overflow in skb_to_sgvec (Jason A. Donenfeld) [Orabug: 26368162] {CVE-2017-7477}
- nfsd: check for oversized NFSv2/v3 arguments (J. Bruce Fields) [Orabug: 26366988] {CVE-2017-7645}
-
Tue Jun 27 2017 Brian Maly <brian.maly@oracle.com> [4.1.12-94.3.7.el7uek]
- mm: fix new crash in unmapped_area_topdown() (Hugh Dickins) [Orabug: 26326143] {CVE-2017-1000364}
- mm: larger stack guard gap, between vmas (Hugh Dickins) [Orabug: 26326143] {CVE-2017-1000364}
-
Tue May 30 2017 Brian Maly <brian.maly@oracle.com> [4.1.12-94.3.6.el7uek]
- net/packet: fix overflow in check for tp_reserve (Andrey Konovalov) [Orabug: 26143545] {CVE-2017-7308}
- net/packet: fix overflow in check for tp_frame_nr (Andrey Konovalov) [Orabug: 26143545] {CVE-2017-7308}
- net/packet: fix overflow in check for priv area size (Andrey Konovalov) [Orabug: 26143545] {CVE-2017-7308}
-
Wed May 24 2017 Brian Maly <brian.maly@oracle.com> [4.1.12-94.3.5.el7uek]
- dccp/tcp: do not inherit mc_list from parent (Eric Dumazet) [Orabug: 26132091] {CVE-2017-8890}
-
Mon May 15 2017 Chuck Anderson <chuck.anderson@oracle.com> [4.1.12-94.3.4.el7uek]
- ipv6: catch a null skb before using it in a DTRACE (Shannon Nelson) [Orabug: 26075879]
- sparc64: Do not retain old VM_SPARC_ADI flag when protection changes on page (Khalid Aziz) [Orabug: 26038830]
-
Fri May 12 2017 Brian Maly <brian.maly@oracle.com> [4.1.12-94.3.3.el7uek]
- nfsd: stricter decoding of write-like NFSv2/v3 ops (J. Bruce Fields) [Orabug: 25986971] {CVE-2017-7895}
-
Fri May 05 2017 Chuck Anderson <chuck.anderson@oracle.com> [4.1.12-94.3.2.el7uek]
- sparc64: Detect DAX ra+pgsz when hvapi minor doesn't indicate it (Rob Gardner) [Orabug: 25997533]
- sparc64: DAX memory will use RA+PGSZ feature in HV (Rob Gardner) [Orabug: 25997533] [Orabug: 25931417]
- sparc64: Disable DAX flow control (Rob Gardner) [Orabug: 25997226]
- sparc64: DAX memory needs persistent mappings (Rob Gardner) [Orabug: 25997137]
- sparc64: Fix incorrect error print in DAX driver when validating ccb (Sanath Kumar) [Orabug: 25996975]
- sparc64: DAX request for non 4MB memory should return with unique errno (Sanath Kumar) [Orabug: 25996823]
- sparc64: DAX request to mmap non 4MB memory should fail with a debug print (Sanath Kumar) [Orabug: 25996823]
- sparc64: DAX request for non 4MB memory should return with unique errno (Sanath Kumar) [Orabug: 25996823]
- sparc64: Incorrect print by DAX driver when old driver API is used (Sanath Kumar) [Orabug: 25996790]
- sparc64: DAX request to dequeue half of a long CCB should not succeed (Sanath Kumar) [Orabug: 25996747]
- sparc64: dax_overflow_check reports incorrect data (Sanath Kumar) [Orabug: 25996655]
- sparc64: Ignored DAX ref count causes lockup (Rob Gardner) [Orabug: 25996628]
- sparc64: disable dax page range checking on RA (Rob Gardner) [Orabug: 25996546]
- sparc64: Oracle Data Analytics Accelerator (DAX) driver (Sanath Kumar) [Orabug: 25996522]
- sparc64: Add DAX hypervisor services (Allen Pais) [Orabug: 25996475]
- sparc64: create/destroy cpu sysfs dynamically (Atish Patra) [Orabug: 21775890] [Orabug: 25216469]
- megaraid: Fix unaligned warning (Allen Pais) [Orabug: 24817799]
-
Thu May 04 2017 Brian Maly <brian.maly@oracle.com> [4.1.12-94.3.1.el7uek]
- Re-enable SDP for uek-nano kernel (Ashok Vairavan) [Orabug: 25968572]
- xsigo: Compute node crash on FC failover (Pradeep Gopanapalli) [Orabug: 25946533]
- NVMe: Set affinity after allocating request queues (Keith Busch) [Orabug: 25945973]
- nvme: use an integer value to Linux errno values (Christoph Hellwig) [Orabug: 25945973]
- blk-mq: fix racy updates of rq->errors (Christoph Hellwig) [Orabug: 25945973]
- x86/apic: Handle zero vector gracefully in clear_vector_irq() (Keith Busch) [Orabug: 24515998]
- PCI: Prevent VPD access for QLogic ISP2722 (Ethan Zhao) [Orabug: 24819170]
- PCI: Prevent VPD access for buggy devices (Babu Moger) [Orabug: 24819170]
- ipv6: Skip XFRM lookup if dst_entry in socket cache is valid (Jakub Sitnicki) [Orabug: 25525433]
- Btrfs: don't BUG_ON() in btrfs_orphan_add (Josef Bacik) [Orabug: 25534945]
- Btrfs: clarify do_chunk_alloc()'s return value (Liu Bo) [Orabug: 25534945]
- btrfs: flush_space: treat return value of do_chunk_alloc properly (Alex Lyakas) [Orabug: 25534945]
- Revert "[SCSI] libiscsi: Reduce locking contention in fast path" (Ashish Samant) [Orabug: 25721518]
- qla2xxx: Allow vref count to timeout on vport delete. (Joe Carnuccio) [Orabug: 25862953]
- Drivers: hv: kvp: fix IP Failover (Vitaly Kuznetsov) [Orabug: 25866691]
- Drivers: hv: util: Pass the channel information during the init call (K. Y. Srinivasan) [Orabug: 25866691]
- Drivers: hv: utils: run polling callback always in interrupt context (Olaf Hering) [Orabug: 25866691]
- Drivers: hv: util: Increase the timeout for util services (K. Y. Srinivasan) [Orabug: 25866691]
- Drivers: hv: kvp: check kzalloc return value (Vitaly Kuznetsov) [Orabug: 25866691]
- Drivers: hv: fcopy: dynamically allocate smsg_out in fcopy_send_data() (Vitaly Kuznetsov)
- Drivers: hv: vss: full handshake support (Vitaly Kuznetsov) [Orabug: 25866691]
- xen: Make VPMU init message look less scary (Juergen Gross) [Orabug: 25873416]
- udp: properly support MSG_PEEK with truncated buffers (Eric Dumazet) [Orabug: 25876652] {CVE-2016-10229}
-
Wed Apr 26 2017 Chuck Anderson <chuck.anderson@oracle.com> [4.1.12-94.2.1.el7uek]
- KVM: VMX: fix vmwrite to invalid VMCS (Radim Krčmář)
- Revert "i40e: enable VSI broadcast promiscuous mode instead of adding broadcast filter" (Brian Maly) [Orabug: 25825419]
- qla2xxx: Fix NULL pointer deref in QLA interrupt (Bruno Prémont) [Orabug: 25894919]
- sched/wait: Fix the signal handling fix (Peter Zijlstra) [Orabug: 25896852]
- Change return value for notify_change() to EACCES (Dhaval Giani) [Orabug: 25897119]
- block: fix use-after-free in seq file (Vegard Nossum) [Orabug: 25877496] {CVE-2016-7910}
- net/mlx4_core: panic the system on unrecoverable errors (Santosh Shilimkar) [Orabug: 25225861]
- restore mutex_lock() call to blk_mq_freeze_queue_start() (Dan Duval) [Orabug: 25638616]
- Revert "restrict /dev/mem to idle io memory ranges" (Chuck Anderson) [Orabug: 25785410]
- Revert "be2net: fix MAC addr setting on privileged BE3 VFs" (Somasundaram Krishnasamy) [Orabug: 25814899]
- xfrm_user: validate XFRM_MSG_NEWAE incoming ESN size harder (Andy Whitcroft) [Orabug: 25814632] {CVE-2017-7184}
- xfrm_user: validate XFRM_MSG_NEWAE XFRMA_REPLAY_ESN_VAL replay_window (Andy Whitcroft) [Orabug: 25814632] {CVE-2017-7184}
- ipc/shm: Fix shmat mmap nil-page protection (Davidlohr Bueso) [Orabug: 25796993] {CVE-2017-5669}
- vfs: move permission checking into notify_change() for utimes(NULL) (Miklos Szeredi) [Orabug: 25684456]
- dtrace: fix handling of save_stack_trace sentinel (x86 only) (Kris Van Hees) [Orabug: 25727046]
- xen-netfront: Rework the fix for Rx stall during OOM and network stress (Dongli Zhang) [Orabug: 25803206]
- xen-netfront: Fix Rx stall during network stress and OOM (Dongli Zhang) [Orabug: 25803206]
- lpfc cannot establish connection with targets that send PRLI under P2P mode (Joe Jin) [Orabug: 25790926]
- Revert "fix minor infoleak in get_user_ex()" (Brian Maly) [Orabug: 25790386] {CVE-2016-9644}
- Revert "ipv4: use skb coalescing in defragmentation" (Florian Westphal) [Orabug: 25508841]
- Drivers: hv: vss: convert to hv_utils_transport (Vitaly Kuznetsov) [Orabug: 24745861]
- Drivers: hv: vss: switch to using the hvutil_device_state state machine (Vitaly Kuznetsov) [Orabug: 24745861]
- Drivers: hv: vss: process deferred messages when we complete the transaction (Vitaly Kuznetsov) [Orabug: 24745861]
- Drivers: hv: kvp: convert to hv_utils_transport (Vitaly Kuznetsov) [Orabug: 24745861]
- dtrace: DTrace walltime lock-free implementation (Tomas Jedlicka) [Orabug: 25715256]
- net: ping: check minimum size on ICMP header length (Kees Cook) [Orabug: 25766894] {CVE-2016-8399} {CVE-2016-8399}
- Revert "be2net: fix initial MAC setting" (Somasundaram Krishnasamy) [Orabug: 25766096]
- sg_write()/bsg_write() is not fit to be called under KERNEL_DS (Al Viro) [Orabug: 25765432] {CVE-2016-10088}
- scsi: sg: check length passed to SG_NEXT_CMD_LEN (peter chang) [Orabug: 25758993] {CVE-2017-7187}
- xsigo: Fix spinlock release in case of error (Pradeep Gopanapalli) [Orabug: 25714787]
- IB/CORE: sync the resouce access in fmr_pool (Wengang Wang)
- tty: n_hdlc: get rid of racy n_hdlc.tbuf (Alexander Popov) [Orabug: 25696600] {CVE-2017-2636}
- TTY: n_hdlc, fix lockdep false positive (Jiri Slaby) [Orabug: 25696600] {CVE-2017-2636}
- xsigo: Optimize xsvnic module parameters for UEK4 (Pradeep Gopanapalli) [Orabug: 25675936]
- ovl: Do d_type check only if work dir creation was successful (Vivek Goyal) [Orabug: 25656740]
- ovl: Ensure upper filesystem supports d_type (Vivek Goyal) [Orabug: 25656740]
- net/llc: avoid BUG_ON() in skb_orphan() (Eric Dumazet) [Orabug: 25644572] {CVE-2017-6345}
- ip: fix IP_CHECKSUM handling (Paolo Abeni) [Orabug: 25644367] {CVE-2017-6347}
- udp: fix IP_CHECKSUM handling (Eric Dumazet) [Orabug: 25644367] {CVE-2017-6347}
- udp: do not expect udp headers in recv cmsg IP_CMSG_CHECKSUM (Willem de Bruijn) [Orabug: 25644367] {CVE-2017-6347}
- tcp: avoid infinite loop in tcp_splice_read() (Eric Dumazet) [Orabug: 25615169] {CVE-2017-6214}
- sctp: avoid BUG_ON on sctp_wait_for_sndbuf (Marcelo Ricardo Leitner) [Orabug: 25557999] {CVE-2017-5986}
- ext4: store checksum seed in superblock (Darrick J. Wong) [Orabug: 25494931] {CVE-2016-10208}
- ext4: reserve code points for the project quota feature (Theodore Ts'o) [Orabug: 25494931] {CVE-2016-10208}
- ext4: validate s_first_meta_bg at mount time (Eryu Guan) [Orabug: 25494931] {CVE-2016-10208}
- ext4: clean up feature test macros with predicate functions (Darrick J. Wong) [Orabug: 25494931] {CVE-2016-10208}
- KVM: x86: fix emulation of "MOV SS, null selector" (Paolo Bonzini) [Orabug: 25437453] {CVE-2017-2583} {CVE-2017-2583}
- gfs2: fix slab corruption during mounting and umounting gfs file system (Thomas Tai)
- gfs2: handle NULL rgd in set_rgrp_preferences (Abhi Das)
- sched/wait: Fix signal handling in bit wait helpers (Peter Zijlstra) [Orabug: 25416990]
- net/mlx4_core: Disallow creation of RAW QPs on a VF (Eli Cohen) [Orabug: 25652330]