[ol7_UEKR4_archive] kernel-uek-devel-4.1.12-124.33.4.el7uek.x86_64

This package provides kernel headers and makefiles sufficient to build modules
against the kernel package.

Changelog (Show File list) (Show related packages)

• Tue Nov 19 2019 Brian Maly <brian.maly@oracle.com> [4.1.12-124.33.4.el7uek]

  - ocfs2: protect extent tree in ocfs2_prepare_inode_for_write() (Shuning Zhang)  [Orabug: 30036349]  
  - ocfs2: direct-IO: protect get_blocks (Junxiao Bi)  [Orabug: 30036349]  
  - SUNRPC: Remove xprt_connect_status() (Trond Myklebust)  [Orabug: 30165838]  
  - SUNRPC: Handle ENETDOWN errors (Trond Myklebust)  [Orabug: 30165838]  
  - vhost: make sure log_num < in_num (yongduan)  [Orabug: 30312787]  {CVE-2019-14835} 
  - vhost: block speculation of translated descriptors (Michael S. Tsirkin)  [Orabug: 30312787]  {CVE-2019-14835} 
  - vhost: Fix Spectre V1 vulnerability (Jason Wang)  [Orabug: 30312787]  
  - array_index_nospec: Sanitize speculative array de-references (Dan Williams)  [Orabug: 30312787]  
  - net: hsr: fix memory leak in hsr_dev_finalize() (Mao Wenan)  [Orabug: 30444853]  {CVE-2019-16995} 
  - ieee802154: enforce CAP_NET_RAW for raw sockets (Ori Nimron)  [Orabug: 30444946]  {CVE-2019-17053} 
  - mISDN: enforce CAP_NET_RAW for raw sockets (Ori Nimron)  [Orabug: 30445158]  {CVE-2019-17055} 
  - net: sit: fix memory leak in sit_init_net() (Mao Wenan)  [Orabug: 30445305]  {CVE-2019-16994} 
  - media: dvb: usb: fix use after free in dvb_usb_device_exit (Oliver Neukum)  [Orabug: 30490491]  {CVE-2019-15213} 
  - media: cpia2_usb: first wake up, then free in disconnect (Oliver Neukum)  [Orabug: 30511741]  {CVE-2019-15215} 
  - media: usb:zr364xx:Fix KASAN:null-ptr-deref Read in zr364xx_vidioc_querycap (Vandana BN)  [Orabug: 30532774]  {CVE-2019-15217} 
  - target: Propagate backend read-only to core_tpg_add_lun (Nicholas Bellinger)  [Orabug: 30538419]  
  - kvm: mmu: ITLB_MULTIHIT mitigation selection (Kanth Ghatraju)  [Orabug: 30539766]  
  - cpu/speculation: Uninline and export CPU mitigations helpers (Kanth Ghatraju)  [Orabug: 30539766]

• Mon Nov 18 2019 Brian Maly <brian.maly@oracle.com> [4.1.12-124.33.3.el7uek]

  - rds: Use correct conn when dropping connections due to cancel (Håkon Bugge)  [Orabug: 30316058]  
  - rds: ib: Optimize rds_ib_laddr_check (Håkon Bugge)  [Orabug: 30327671]  
  - rds: Bring loop-back peer down as well (Håkon Bugge)  [Orabug: 30271704]  
  - rds: ib: Avoid connect retry on loopback connections (Håkon Bugge)  [Orabug: 30271704]  
  - rds: ib: Qualify CM REQ duplicate detection with connection being up (Håkon Bugge)  [Orabug: 30062150]  
  - rds: Further prioritize local loop-back connections (Håkon Bugge)  [Orabug: 30062150]  
  - rds: Fix initial zero delay when queuing re-connect work (Håkon Bugge)  [Orabug: 30062150]  
  - rds: Re-introduce separate work-queue for local connections (Håkon Bugge)  [Orabug: 30062150]  
  - rds: Re-factor and avoid superfluous queuing of shutdown work (Håkon Bugge)  [Orabug: 29994551]  
  - rds: ib: Flush ARP cache when connection attempt is rejected (Håkon Bugge)  [Orabug: 29994550]  
  - rds: ib: Fix incorrect setting of cp_reconnect_racing (Håkon Bugge)  [Orabug: 29994553]  
  - RDMA/cma: Make # CM retries configurable (Håkon Bugge)  [Orabug: 29994555]  
  - rds: Re-factor and avoid superfluous queuing of reconnect work (Håkon Bugge)  [Orabug: 29994558]  
  - rds: ib: Correct the cm_id compare commit (Håkon Bugge)  [Orabug: 29994560]  
  - rds: Increase entropy in hashing (Håkon Bugge)  [Orabug: 29994561]  
  - rds: ib: Resurrect the CQs instead of delete+create (Håkon Bugge)  [Orabug: 29994566]  
  - rds: Avoid queuing superfluous send and recv work (Håkon Bugge)  [Orabug: 29994564]

• Thu Nov 07 2019 Brian Maly <brian.maly@oracle.com> [4.1.12-124.33.2.el7uek]

  - x86/tsx: Add config options to set tsx=on|off|auto (Michal Hocko)  [Orabug: 30517133]  {CVE-2019-11135} 
  - x86/speculation/taa: Add documentation for TSX Async Abort (Pawan Gupta)  [Orabug: 30517133]  {CVE-2019-11135} 
  - x86/tsx: Add "auto" option to the tsx= cmdline parameter (Pawan Gupta)  [Orabug: 30517133]  {CVE-2019-11135} 
  - kvm/x86: Export MDS_NO=0 to guests when TSX is enabled (Pawan Gupta)  [Orabug: 30517133]  {CVE-2019-11135} 
  - x86/speculation/taa: Add sysfs reporting for TSX Async Abort (Pawan Gupta)  [Orabug: 30517133]  {CVE-2019-11135} 
  - x86/speculation/taa: Add mitigation for TSX Async Abort (Kanth Ghatraju)  [Orabug: 30517133]  {CVE-2019-11135} 
  - x86/cpu: Add a "tsx=" cmdline option with TSX disabled by default (Pawan Gupta)  [Orabug: 30517133]  {CVE-2019-11135} 
  - x86/cpu: Add a helper function x86_read_arch_cap_msr() (Pawan Gupta)  [Orabug: 30517133]  {CVE-2019-11135} 
  - x86/msr: Add the IA32_TSX_CTRL MSR (Pawan Gupta)  [Orabug: 30517133]  {CVE-2019-11135} 
  - kvm: x86: mmu: Recovery of shattered NX large pages (Junaid Shahid)  [Orabug: 30517059]  {CVE-2018-12207} 
  - kvm: Add helper function for creating VM worker threads (Junaid Shahid)  [Orabug: 30517059]  {CVE-2018-12207} 
  - kvm: mmu: ITLB_MULTIHIT mitigation (Paolo Bonzini)  [Orabug: 30517059]  {CVE-2018-12207} 
  - KVM: x86: remove now unneeded hugepage gfn adjustment (Paolo Bonzini)  [Orabug: 30517059]  {CVE-2018-12207} 
  - KVM: x86: make FNAME(fetch) and __direct_map more similar (Paolo Bonzini)  [Orabug: 30517059]  {CVE-2018-12207} 
  - kvm: x86: Do not release the page inside mmu_set_spte() (Junaid Shahid)  [Orabug: 30517059]  {CVE-2018-12207} 
  - x86/cpu: Add Tremont to the cpu vulnerability whitelist (Pawan Gupta)  [Orabug: 30517059]  {CVE-2018-12207} 
  - x86: Add ITLB_MULTIHIT bug infrastructure (Pawan Gupta)  [Orabug: 30517059]  {CVE-2018-12207} 
  - KVM: x86: MMU: Move mapping_level_dirty_bitmap() call in mapping_level() (Takuya Yoshikawa)  [Orabug: 30517059]  {CVE-2018-12207} 
  - Revert "KVM: x86: use the fast way to invalidate all pages" (Sean Christopherson)  [Orabug: 30517059]  {CVE-2018-12207} 
  - kvm: Convert kvm_lock to a mutex (Junaid Shahid)  [Orabug: 30517059]  {CVE-2018-12207} 
  - KVM: x86: MMU: Simplify force_pt_level calculation code in FNAME(page_fault)() (Takuya Yoshikawa)  [Orabug: 30517059]  {CVE-2018-12207} 
  - KVM: x86: MMU: Make force_pt_level bool (Takuya Yoshikawa)  [Orabug: 30517059]  {CVE-2018-12207} 
  - KVM: x86: MMU: Remove unused parameter parent_pte from kvm_mmu_get_page() (Takuya Yoshikawa)  [Orabug: 30517059]  {CVE-2018-12207} 
  - KVM: x86: extend usage of RET_MMIO_PF_* constants (Paolo Bonzini)  [Orabug: 30517059]  {CVE-2018-12207} 
  - KVM: x86: MMU: Make mmu_set_spte() return emulate value (Takuya Yoshikawa)  [Orabug: 30517059]  {CVE-2018-12207} 
  - KVM: x86: MMU: Move parent_pte handling from kvm_mmu_get_page() to link_shadow_page() (Takuya Yoshikawa)  [Orabug: 30517059]  {CVE-2018-12207} 
  - KVM: x86: MMU: Move initialization of parent_ptes out from kvm_mmu_alloc_page() (Takuya Yoshikawa)  [Orabug: 30517059]  {CVE-2018-12207}

• Tue Nov 05 2019 Brian Maly <brian.maly@oracle.com> [4.1.12-124.33.1.el7uek]

  - scsi: qla2xxx: Fix NULL pointer crash due to probe failure (himanshu.madhani@cavium.com)  [Orabug: 30161119]  
  - i2c: core-smbus: prevent stack corruption on read I2C_BLOCK_DATA (Jeremy Compostella)  [Orabug: 30210503]  {CVE-2017-18551} 
  - scsi: qla2xxx: Ability to process multiple SGEs in Command SGL for CT passthrough commands. (Giridhar Malavali)  [Orabug: 30256423]  
  - net-sysfs: Fix mem leak in netdev_register_kobject (YueHaibing)  [Orabug: 30350263]  {CVE-2019-15916} 
  - Drivers: hv: vmbus: add special crash handler (Vitaly Kuznetsov)  [Orabug: 30374399]

• Tue Oct 29 2019 Brian Maly <brian.maly@oracle.com> [4.1.12-124.32.5.el7uek]

  - floppy: fix div-by-zero in setup_format_params (Denis Efremov)  [Orabug: 30447843]  {CVE-2019-14284} 
  - x86/cpufeatures: Make CPU bugs sticky (Thomas Gleixner)  [Orabug: 30473385]  
  - x86/cpu: Factor out application of forced CPU caps (Andy Lutomirski)  [Orabug: 30473385]

• Tue Oct 22 2019 Brian Maly <brian.maly@oracle.com> [4.1.12-124.32.4.el7uek]

  - usb: misc: legousbtower: Fix NULL pointer deference (Greg Kroah-Hartman)  [Orabug: 27124665]  {CVE-2017-15102} 
  - userfaultfd: hugetlbfs: prevent UFFDIO_COPY to fill beyond the end of i_size (Andrea Arcangeli)  [Orabug: 27422557]  {CVE-2017-15128} 
  - tcp: fix tcp_rtx_queue_tail in case of empty retransmit queue (Tim Froidcoeur)  [Orabug: 30317608]  {CVE-2019-11478} 
  - tcp: be more careful in tcp_fragment() (Eric Dumazet)  [Orabug: 30317608]  {CVE-2019-11478} {CVE-2019-11478} 
  - tcp: refine memory limit test in tcp_fragment() (Eric Dumazet)  [Orabug: 30317608]  {CVE-2019-11478}

• Tue Oct 15 2019 Brian Maly <brian.maly@oracle.com> [4.1.12-124.32.3.el7uek]

  - scsi: sg: fixup infoleak when using SG_GET_REQUEST_TABLE (Hannes Reinecke)  [Orabug: 26941755]  {CVE-2017-14991} 
  - failover: allow name change on IFF_UP slave interfaces (Si-Wei Liu)  [Orabug: 29707258]  
  - Revert "net_failover: delay taking over primary device to accommodate udevd renaming" (Si-Wei Liu)  [Orabug: 29707258]  
  - build: Revert "repairing out-of-tree build functionality" (Todd Vierling)  [Orabug: 30257829]  
  - rds: add ibmr to busy_list in flush code path (Manjunath Patil)   
  - rds: fix uninteneded increase of rds_rdma:pool->max_items_soft (Manjunath Patil)

• Tue Oct 08 2019 Brian Maly <brian.maly@oracle.com> [4.1.12-124.32.2.el7uek]

  - ext4: fix data exposure after a crash (Jan Kara)  [Orabug: 30361860]  {CVE-2017-7495}

• Tue Oct 01 2019 Brian Maly <brian.maly@oracle.com> [4.1.12-124.32.1.el7uek]

  - NFSv4: Don't try to reclaim unused state owners (Trond Myklebust)  [Orabug: 30124013]  
  - x86/microcode: Update late microcode in parallel (Ashok Raj)  [Orabug: 30302412]  
  - floppy: fix out-of-bounds read in copy_buffer (Denis Efremov)  [Orabug: 30318219]  {CVE-2019-14283} 
  - xen-netback: stop netif TX queue on guest queuing failure (Ankur Arora)  [Orabug: 30351050]

• Thu Sep 26 2019 Brian Maly <brian.maly@oracle.com> [4.1.12-124.31.5.el7uek]

  - xfrm: policy: Fix out-of-bound array accesses in __xfrm_policy_unlink (YueHaibing)  [Orabug: 30322230]  {CVE-2019-15666} 
  - x86/tsc: Make calibration refinement more robust (Daniel Vacek)  [Orabug: 30217489]