[ol8_baseos_latest] kernel-tools-libs-4.18.0-513.18.0.1.el8_9.aarch64

Name:	kernel-tools-libs
Version:	4.18.0
Release:	513.18.0.1.el8_9
Architecture:	aarch64
Group:	Development/System
Size:	68592
License:	GPLv2
RPM:	kernel-tools-libs-4.18.0-513.18.0.1.el8_9.aarch64.rpm
Source RPM:	kernel-4.18.0-513.18.0.1.el8_9.src.rpm
Build Date:	Thu Feb 22 2024
Build Host:	build-ol8-aarch64.oracle.com
Vendor:	Oracle America
URL:	http://www.kernel.org/
Summary:	Libraries for the kernel-tools
Description:	This package contains the libraries built from the tools/ directory from the kernel source.

Changelog (Show File list) (Show related packages)

Tue Feb 20 2024 Mridula Shastry <mridula.c.shastry@oracle.com> [4.18.0-513.18.0.1.el8_9.OL8]

- drivers: net: slip: fix NPD bug in sl_tx_timeout() {CVE-2022-41858}
- nfp: fix use-after-free in area_cache_get() {CVE-2022-3545}
- HID: check empty report_list in hid_validate_values() {CVE-2023-1073}
- Fix double fget() in vhost_net_set_backend() {CVE-2023-1838}
- can: af_can: fix NULL pointer dereference in can_rcv_filter {CVE-2023-2166}
- net: sched: sch_qfq: Fix UAF in qfq_dequeue() {CVE-2023-4921}
- perf: Disallow mis-matched inherited group reads {CVE-2023-5717}
- perf/core: Fix potential NULL deref {CVE-2023-5717}
- nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length {CVE-2023-6536 CVE-2023-6535 CVE-2023-6356}
- nvmet-tcp: fix a crash in nvmet_req_complete() {CVE-2023-6536 CVE-2023-6535 CVE-2023-6356}
- nvmet-tcp: remove boilerplate code {CVE-2023-6536 CVE-2023-6535 CVE-2023-6356}
- nvmet-tcp: Fix the H2C expected PDU len calculation {CVE-2023-6536 CVE-2023-6535 CVE-2023-6356}
- smb: client: fix potential OOB in cifs_dump_detail() {CVE-2023-6610}
- smb: client: fix potential OOB in smb2_dump_detail() {CVE-2023-6610}
- smb: client: fix OOB in smbCalcSize() {CVE-2023-6606}
- net: tls, update curr on splice as well {CVE-2024-0646}
- netfilter: nft_set_pipapo: skip inactive elements during set walk {CVE-2023-6817}
- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb {CVE-2023-40283}
- igb: set max size RX buffer when store bad packet is enabled {CVE-2023-45871}

Tue Jan 09 2024 Mohith Kumar Thummaluru <mohith.k.kumar.thummaluru@oracle.com> [4.18.0-513.11.1.0.1.el8_9.OL8]

- scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress {CVE-2023-2162}
- af_unix: Fix null-ptr-deref in unix_stream_sendpage() {CVE-2023-4622}
- netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet {CVE-2023-42753}

Tue Nov 28 2023 Mridula Shastry <mridula.c.shastry@oracle.com> [4.18.0-513.9.1.el8_9.OL8]

- media: dvb-core: Fix use-after-free due to race at dvb_register_device() (Mauro Carvalho Chehab) {CVE-2022-45884}
- cifs: Fix UAF in cifs_demultiplex_thread() (Zhang Xiaoxu) {CVE-2023-1192}
- nvmet-tcp: Fix a possible UAF in queue intialization setup (Sagi Grimberg) {CVE-2023-5178}
- net: tun: fix bugs for oversize packet when napi frags enabled (Ziyang Xuan) {CVE-2023-3812}
- bpf: Fix incorrect verifier pruning due to missing register precision taints (Daniel Borkmann) (Andrii Nakryiko) {CVE-2023-2163}
- media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 (Hyunwoo Kim) {CVE-2022-45919}
- media: dvbdev: fix error logic at dvb_register_device() (Mauro Carvalho Chehab)
- media: dvbdev: Fix memleak in dvb_register_device (Dinghao Liu)
- media: dvb-core: Fix use-after-free due on race condition at dvb_net (Hyunwoo Kim} {CVE-2022-45886}

Wed Nov 15 2023 Darren Archibald <darren.archibald@oracle.com> [4.18.0-513.5.1.el8_9.OL8]

- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
- Drop not needed patch

Fri Sep 29 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.5.1.el8_9]

- redhat: list Z-Jiras in the changelog before Y-Jiras (Herton R. Krzesinski)
- Revert "mm, meminit: recalculate pcpu batch and high limits after init completes" (Chris von Recklinghausen) [RHEL-8539]
- Revert "mm,memory_hotplug: factor out adjusting present pages into adjust_present_page_count()" (Chris von Recklinghausen) [RHEL-8539]
- Revert "mm/page_alloc: move free_the_page" (Chris von Recklinghausen) [RHEL-8539]
- Revert "mm/page_alloc: allow high-order pages to be stored on the per-cpu lists" (Chris von Recklinghausen) [RHEL-8539]
- Revert "mm/page_alloc: fetch the correct pcp buddy during bulk free" (Chris von Recklinghausen) [RHEL-8539]
- Revert "mm/page_alloc: track range of active PCP lists during bulk free" (Chris von Recklinghausen) [RHEL-8539]
- Revert "mm/page_alloc: simplify how many pages are selected per pcp list during bulk free" (Chris von Recklinghausen) [RHEL-8539]
- Revert "mm/page_alloc: drain the requested list first during bulk free" (Chris von Recklinghausen) [RHEL-8539]
- Revert "mm/page_alloc: free pages in a single pass during bulk free" (Chris von Recklinghausen) [RHEL-8539]
- Revert "mm/page_alloc: do not prefetch buddies during bulk free" (Chris von Recklinghausen) [RHEL-8539]
- Revert "mm/page_alloc: check high-order pages for corruption during PCP operations" (Chris von Recklinghausen) [RHEL-8539]
- Revert "mm/page_alloc: fix incorrect PGFREE and PGALLOC for high-order page" (Chris von Recklinghausen) [RHEL-8539]

Wed Sep 27 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.4.1.el8_9]

- Revert "cnic: Use the bitmap API to allocate bitmaps" (Chris Leech) [RHEL-1950]
- Revert "cnic: don't pass bogus GFP_ flags to dma_alloc_coherent" (Chris Leech) [RHEL-1950]
- scsi: lpfc: Prevent use-after-free during rmmod with mapped NVMe rports (Paul Ely) [RHEL-2602]
- scsi: lpfc: Early return after marking final NLP_DROPPED flag in dev_loss_tmo (Paul Ely) [RHEL-2602]
- gfs2: Add quota_change type (Bob Peterson) [2224075]

Wed Sep 20 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.3.1.el8_9]

- drm/amd/display: fix the white screen issue when >= 64GB DRAM (Mika Penttilä) [2231934]
- gfs2: conversion deadlock do_promote bypass (Bob Peterson) [2225228]
- gfs2: do_promote cleanup (Andreas Gruenbacher) [2225228]
- gfs2: Make use of list_is_first (Andreas Gruenbacher) [2225228]

Fri Sep 15 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.2.1.el8_9]

- x86/cpu: Enable STIBP on AMD if Automatic IBRS is enabled (Waiman Long) [2227916]
- Documentation/hw-vuln: Document the interaction between IBRS and STIBP (Waiman Long) [2227916]
- x86/CPU/AMD: Make sure EFER[AIBRSE] is set (Waiman Long) [2227916]
- fs: don't audit the capability check in simple_xattr_list() (Andrey Albershteyn) [RHEL-863]

Wed Sep 06 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.1.1.el8_9]

- thunderbolt: Fix Thunderbolt 3 display flickering issue on 2nd hot plug onwards (Desnes Nunes) [2233974]
- mm/userfaultfd: don't consider uffd-wp bit of writable migration entries (Rafael Aquini) [2231554]
- mm/userfaultfd: fix uffd-wp handling for THP migration entries (Rafael Aquini) [2231554]
- mm/userfaultfd: fix uffd-wp special cases for fork() (Rafael Aquini) [2231554]
- mm/thp: simplify copying of huge zero page pmd when fork (Rafael Aquini) [2231554]

Fri Aug 25 2023 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-513.el8]

- redhat/configs: enable CONFIG_INET_DIAG_DESTROY (Andrea Claudi) [2230213]
- net/sched: cls_u32: Fix reference counter leak leading to overflow (Davide Caratti) [2225202] {CVE-2023-3609}
- cifs: fix bogus cifs_mount error handling in RHEL8 (Jeffrey Layton) [2215018]
- KVM: nVMX: add missing consistency checks for CR0 and CR4 (Ricardo Robaina) [2190257] {CVE-2023-30456}
- netfilter: snat: evict closing tcp entries on reply tuple collision (Florian Westphal) [2196717]
- tun: avoid double free in tun_free_netdev (Jon Maloy) [2156366 2156371] {CVE-2022-4744}
- net/sched: cls_fw: Fix improper refcount update leads to use-after-free (Davide Caratti) [2225103] {CVE-2023-3776}
- net/sched: sch_qfq: account for stab overhead in qfq_enqueue (Davide Caratti) [2225196] {CVE-2023-3611}
- net/sched: sch_qfq: reintroduce lmax bound check for MTU (Davide Caratti) [2225196]
- net/sched: sch_qfq: refactor parsing of netlink parameters (Davide Caratti) [2225196]
- net/sched: cls_route: No longer copy tcf_result on update to avoid use-after-free (Davide Caratti) [2225512] {CVE-2023-4128}
- net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free (Davide Caratti) [2225512] {CVE-2023-4128}
- net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free (Davide Caratti) [2225512] {CVE-2023-4128}
- scsi: lpfc: Remove reftag check in DIF paths (Paul Ely) [2229152]
- scsi: lpfc: Modify when a node should be put in device recovery mode during RSCN (Paul Ely) [2229152]
- scsi: lpfc: Make fabric zone discovery more robust when handling unsolicited LOGO (Paul Ely) [2229152]
- scsi: lpfc: Set Establish Image Pair service parameter only for Target Functions (Paul Ely) [2229152]
- scsi: lpfc: Revise ndlp kref handling for dev_loss_tmo_callbk and lpfc_drop_node (Paul Ely) [2229152]
- scsi: lpfc: Qualify ndlp discovery state when processing RSCN (Paul Ely) [2229152]
- gfs2: Fix freeze consistency check in gfs2_trans_add_meta (Andreas Gruenbacher) [2095340]
- gfs2: gfs2_freeze_lock_shared cleanup (Andreas Gruenbacher) [2095340]
- gfs2: Replace sd_freeze_state with SDF_FROZEN flag (Andreas Gruenbacher) [2095340]
- gfs2: Rework freeze / thaw logic (Andreas Gruenbacher) [2095340]
- gfs2: Rename SDF_{FS_FROZEN => FREEZE_INITIATOR} (Andreas Gruenbacher) [2095340]
- gfs2: Reconfiguring frozen filesystem already rejected (Andreas Gruenbacher) [2095340]
- gfs2: Rename gfs2_freeze_lock{ => _shared } (Andreas Gruenbacher) [2095340]
- gfs2: Rename the {freeze,thaw}_super callbacks (Andreas Gruenbacher) [2095340]
- gfs2: Rename remaining "transaction" glock references (Andreas Gruenbacher) [2095340]
- gfs2: init system threads before freeze lock (Bob Peterson) [2095340]
- net: mana: Use the correct WQE count for ringing RQ doorbell (Bandan Das) [2222573]
- net: mana: Batch ringing RX queue doorbell on receiving packets (Bandan Das) [2222573]
- net: mana: Add support for vlan tagging (Bandan Das) [2222573]
- net: mana: Fix perf regression: remove rx_cqes, tx_cqes counters (Bandan Das) [2222573]
- net: mana: Check if netdev/napi_alloc_frag returns single page (Bandan Das) [2222573]
- net: mana: Rename mana_refill_rxoob and remove some empty lines (Bandan Das) [2222573]
- net: mana: Add support for jumbo frame (Bandan Das) [2222573]
- net: mana: Enable RX path to handle various MTU sizes (Bandan Das) [2222573]
- net: mana: Refactor RX buffer allocation code to prepare for various MTU (Bandan Das) [2222573]
- net: mana: Use napi_build_skb in RX path (Bandan Das) [2222573]
- net: mana: Remove redundant pci_clear_master (Bandan Das) [2222573]
- net: mana: Add new MANA VF performance counters for easier troubleshooting (Bandan Das) [2222573]
- ice: Fix NULL pointer deref during VF reset (Petr Oros) [2227743]
- x86/kasan: Populate shadow for shared chunk of the CPU entry area (Rafael Aquini) [2232451]
- x86/kasan: Add helpers to align shadow addresses up and down (Rafael Aquini) [2232451]
- x86/kasan: Rename local CPU_ENTRY_AREA variables to shorten names (Rafael Aquini) [2232451]
- x86/mm: Populate KASAN shadow for entire per-CPU range of CPU entry area (Rafael Aquini) [2232451]
- x86/mm: Recompute physical address for every page of per-CPU CEA mapping (Rafael Aquini) [2232451]