-
Tue May 08 2018 Brian Maly <brian.maly@oracle.com> [4.1.12-124.15.1.el7uek]
- netfilter: nfnetlink_cthelper: Add missing permission checks (Kevin Cernekee) [Orabug: 27260771] {CVE-2017-17448}
- netlink: Add netns check on taps (Kevin Cernekee) [Orabug: 27260799] {CVE-2017-17449}
- KVM: Fix stack-out-of-bounds read in write_mmio (Wanpeng Li) [Orabug: 27290606] {CVE-2017-17741} {CVE-2017-17741}
- xprtrdma: Detect unreachable NFS/RDMA servers more reliably (Chuck Lever) [Orabug: 27587008]
- sunrpc: Export xprt_force_disconnect() (Chuck Lever) [Orabug: 27587008]
- sunrpc: Allow xprt->ops->timer method to sleep (Chuck Lever) [Orabug: 27587008]
- KVM: nVMX: fix guest CR4 loading when emulating L2 to L1 exit (Haozhong Zhang) [Orabug: 27720128]
- x86/microcode: probe CPU features on microcode update (Ankur Arora) [Orabug: 27878230]
- x86/microcode: microcode_write() should not reference boot_cpu_data (Ankur Arora) [Orabug: 27878230]
- x86/cpufeatures: use cpu_data in init_scattered_cpuid_flags() (Ankur Arora) [Orabug: 27878230]
- mm/pagewalk.c: report holes in hugetlb ranges (Jann Horn) [Orabug: 27913118] {CVE-2017-16994}
- KEYS: don't let add_key() update an uninstantiated key (David Howells) [Orabug: 27913330] {CVE-2017-15299}
- drm/vmwgfx: NULL pointer dereference in vmw_surface_define_ioctl() (Murray McAllister) [Orabug: 27913367] {CVE-2017-7294}
- vmscan: Support multiple kswapd threads per node (Buddy Lumpkin) [Orabug: 27913411]
- tcp: don't use F-RTO on non-recurring timeouts (Yuchung Cheng) [Orabug: 27901860]
- net/rds: ib: Release correct number of frags (Håkon Bugge) [Orabug: 27924161]
- crypto: rng - Remove old low-level rng interface (Herbert Xu) [Orabug: 27926676] {CVE-2017-15116}
- crypto: drbg - Convert to new rng interface (Herbert Xu) [Orabug: 27926676] {CVE-2017-15116}
- crypto: ansi_cprng - Convert to new rng interface (Herbert Xu) [Orabug: 27926676] {CVE-2017-15116}
- crypto: krng - Convert to new rng interface (Herbert Xu) [Orabug: 27926676] {CVE-2017-15116}
- RDS: Heap OOB write in rds_message_alloc_sgs() (Mohamed Ghannam) [Orabug: 27934066] {CVE-2018-5332}
- net: Fix double free and memory corruption in get_net_ns_by_id() (Eric W. Biederman) [Orabug: 27934789] {CVE-2017-15129}
-
Fri May 04 2018 Brian Maly <brian.maly@oracle.com> [4.1.12-124.14.5.el7uek]
- vhost/scsi: fix reuse of &vq->iov[out] in response (Benjamin Coddington) [Orabug: 27928330]
-
Thu May 03 2018 Brian Maly <brian.maly@oracle.com> [4.1.12-124.14.4.el7uek]
- kernel.spec: add requires system-release for OL7 (Brian Maly) [Orabug: 27955380]
- x86/kernel/traps.c: fix trace_die_notifier return value (Kris Van Hees) {CVE-2018-8897}
- x86/entry/64: Dont use IST entry for #BP stack (Andy Lutomirski) {CVE-2018-8897}
- kvm/x86: fix icebp instruction handling (gregkh@linuxfoundation.org) {CVE-2018-1087}
-
Mon Apr 30 2018 Brian Maly <brian.maly@oracle.com> [4.1.12-124.14.3.el7uek]
- perf/hwbp: Simplify the perf-hwbp code, fix documentation (Linus Torvalds) [Orabug: 27947602] {CVE-2018-100199}
-
Mon Apr 23 2018 Brian Maly <brian.maly@oracle.com> [4.1.12-124.14.2.el7uek]
- scsi: iscsi_tcp: set BDI_CAP_STABLE_WRITES when data digest enabled (Jianchao Wang) [Orabug: 27726302]
- block: fix bio_will_gap() for first bvec with offset (Ming Lei) [Orabug: 27775588]
- block: relax check on sg gap (Ming Lei) [Orabug: 27775588]
- block: don't optimize for non-cloned bio in bio_get_last_bvec() (Ming Lei) [Orabug: 27775588]
- block: merge: get the 1st and last bvec via helpers (Ming Lei) [Orabug: 27775588]
- block: get the 1st and last bvec via helpers (Ming Lei) [Orabug: 27775588]
- block: check virt boundary in bio_will_gap() (Ming Lei) [Orabug: 27775588]
- block: bio: introduce helpers to get the 1st and last bvec (Ming Lei) [Orabug: 27775588]
- Failing to send a CLOSE if file is opened WRONLY and server reboots on a 4.x mount (Olga Kornievskaia) [Orabug: 27848303]
- ext4: add validity checks for bitmap block numbers (Theodore Ts'o) [Orabug: 27854373] {CVE-2018-1093} {CVE-2018-1093}
- ocfs2: Take inode cluster lock before moving reflinked inode from orphan dir (Ashish Samant) [Orabug: 27869411]
- Input: gtco - fix potential out-of-bound access (Dmitry Torokhov) [Orabug: 27869844] {CVE-2017-16643}
- Input: ims-psu - check if CDC union descriptor is sane (Dmitry Torokhov) [Orabug: 27870333] {CVE-2017-16645}
- vfio/pci: Virtualize Maximum Payload Size (Alex Williamson)
- vfio-pci: Virtualize PCIe & AF FLR (Alex Williamson)
- uek-rpm: Disable DMA CMA (Jianchao Wang) [Orabug: 27892359]
- nvme-pci: fix multiple ctrl removal scheduling (Rakesh Pandit) [Orabug: 27892359]
- nvme-pci: Fix nvme queue cleanup if IRQ setup fails (Jianchao Wang) [Orabug: 27892359]
- nvme/pci: Fix stuck nvme reset (Keith Busch) [Orabug: 27892359]
- nvme: don't schedule multiple resets (Keith Busch) [Orabug: 27892359]
- blk-mq: fix use-after-free in blk_mq_free_tag_set() (Junichi Nomura) [Orabug: 27892359]
- USB: core: prevent malicious bNumInterfaces overflow (Alan Stern) [Orabug: 27895909]
- driver core: platform: fix race condition with driver_override (Adrian Salido) [Orabug: 27897874] {CVE-2017-12146}
- usb/core: usb_alloc_dev(): fix setting of ->portnum (Nicolai Stange) [Orabug: 27908746]
-
Thu Apr 12 2018 Jack Vogel <jack.vogel@oracle.com> [4.1.12-124.14.1.el7uek]
- ctf: drop the run-as-root error (Nick Alcock) [Orabug: 27852654]
- rds: Node crashes when trace buffer is opened (Ka-Cheong Poon) [Orabug: 27846191]
- xfs: fix accidental reversion of aa6a6227435cb (Darrick J. Wong) [Orabug: 27845869]
-
Tue Apr 10 2018 Jack Vogel <jack.vogel@oracle.com> [4.1.12-124.13.1.el7uek]
- net: cdc_ether: fix divide by 0 on bad descriptors (Bjørn Mork) [Orabug: 27841392] {CVE-2017-16649}
- sysctl: Drop reference added by grab_header in proc_sys_readdir (Zhou Chengming) [Orabug: 27841944] {CVE-2016-9191} {CVE-2016-9191} {CVE-2016-9191}
- Revert "sysctl: Drop reference added by grab_header in proc_sys_readdir" (Jack Vogel)
-
Mon Apr 09 2018 Jack Vogel <jack.vogel@oracle.com> [4.1.12-124.12.1.el7uek]
- xfs: remove "no-allocation" reservations for file creations (Darrick J. Wong) [Orabug: 27609439]
- xfs: don't print warnings when xfs_log_force fails (Christoph Hellwig) [Orabug: 27609404]
- xfs: Properly retry failed dquot items in case of error during buffer writeback (Carlos Maiolino) [Orabug: 27609404]
- xfs: Properly retry failed inode items in case of error during buffer writeback (Carlos Maiolino) [Orabug: 27609404]
- xfs: Add infrastructure needed for error propagation during buffer IO failure (Carlos Maiolino) [Orabug: 27609404]
- xfs: remove xfs_trans_ail_delete_bulk (Christoph Hellwig) [Orabug: 27609404]
- xfs: fix and streamline error handling in xfs_end_io (Darrick J. Wong) [Orabug: 27609404]
- xfs: don't leave EFIs on AIL on mount failure (Brian Foster) [Orabug: 27609404]
- xfs: use EFI refcount consistently in log recovery (Brian Foster) [Orabug: 27609404]
- xfs: ensure EFD trans aborts on log recovery extent free failure (Brian Foster) [Orabug: 27609404]
- xfs: fix efi/efd error handling to avoid fs shutdown hangs (Brian Foster) [Orabug: 27609404]
- xfs: return committed status from xfs_trans_roll() (Brian Foster) [Orabug: 27609404]
- xfs: disentagle EFI release from the extent count (Brian Foster) [Orabug: 27609404]
-
Thu Apr 05 2018 Jack Vogel <jack.vogel@oracle.com> [4.1.12-124.11.1.el7uek]
- netfilter: ebtables: CONFIG_COMPAT: don't trust userland offsets (Florian Westphal) [Orabug: 27774012] {CVE-2018-1068}
- ACPI / PAD: don't register acpi_pad driver if running as Xen dom0 (Juergen Gross) [Orabug: 27796473]
- sched/fair: Fix typo in sync_throttle() (Xunlei Pang) [Orabug: 27787518]
- sched/fair: Do not announce throttled next buddy in dequeue_task_fair() (Konstantin Khlebnikov) [Orabug: 27787518]
- sched/fair: Initialize and rework throttle_count for new task-groups (Peter Zijlstra) [Orabug: 27787518]
- perf tools: Move syscall number fallbacks from perf-sys.h to tools/arch/x86/include/asm/ (Arnaldo Carvalho de Melo) [Orabug: 27240053]
- crypto: FIPS - allow tests to be disabled in FIPS mode (Stephan Mueller) [Orabug: 27809271]
- crypto: xts - consolidate sanity check for keys (Stephan Mueller) [Orabug: 27809271]
- crypto: rng - Zero seed in crypto_rng_reset (Herbert Xu) [Orabug: 27809271]
- enic: set IG desc cache flag in open (Govindarajulu Varadarajan) [Orabug: 27587345]
-
Thu Mar 29 2018 Jack Vogel <jack.vogel@oracle.com> [4.1.12-124.10.1.el7uek]
- Drivers: hv: utils: fix crash when device is removed from host side (Vitaly Kuznetsov) [Orabug: 27426102]
- Drivers: hv: utils: introduce HVUTIL_TRANSPORT_DESTROY mode (Vitaly Kuznetsov) [Orabug: 27426102]
- Drivers: hv: utils: rename outmsg_lock (Vitaly Kuznetsov) [Orabug: 27426102]
- Drivers: hv: utils: fix memory leak on on_msg() failure (Vitaly Kuznetsov) [Orabug: 27426102]
- Drivers: hv: utils: use memdup_user in hvt_op_write (Olaf Hering) [Orabug: 27426102]
- hv: util: checking the wrong variable (Dan Carpenter) [Orabug: 27426102]
- net/rds: Avoid copy overhead if send buff is full (Gerd Rausch) [Orabug: 27747165]
- ext4: fix ->put_link panic (Junxiao Bi) [Orabug: 27498770]
- KVM/VMX: Clear spec_ctrl status when resetting vcpu (Patrick Colp)
- mlx4: change the ICM table allocations to lowest needed size (Daniel Jurgens) [Orabug: 27718303]
- Revert "Drivers: hv: utils: fix a race on userspace daemons registration" (Jack Vogel) [Orabug: 27673755]