[ol8_baseos_latest] kernel-core-4.18.0-553.8.1.el8_10.x86_64

Name:	kernel-core
Version:	4.18.0
Release:	553.8.1.el8_10
Architecture:	x86_64
Group:	System Environment/Kernel
Size:	74288718
License:	GPLv2 and Redistributable, no modification permitted
RPM:	kernel-core-4.18.0-553.8.1.el8_10.x86_64.rpm
Source RPM:	kernel-4.18.0-553.8.1.el8_10.src.rpm
Build Date:	Tue Jul 02 2024
Build Host:	build-ol8-x86_64.oracle.com
Vendor:	Oracle America
URL:	http://www.kernel.org/
Summary:	The Linux kernel
Description:	The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.

Changelog (Show File list) (Show related packages)

Tue Jul 02 2024 Craig Guiller <craig.guiller@oracle.com> - [4.18.0-553.8.1.el8_10.OL8]

- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
- Drop not needed patch

Fri Jun 14 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.8.1.el8_10]

- udf: Fix NULL pointer dereference in udf_symlink function (Pavel Reichl) [RHEL-37769] {CVE-2021-47353}
- net: ti: fix UAF in tlan_remove_one (Jose Ignacio Tornos Martinez) [RHEL-38940] {CVE-2021-47310}
- ARM: footbridge: fix PCI interrupt mapping (Myron Stowe) [RHEL-26971] {CVE-2021-46909}
- i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (Kamal Heib) [RHEL-37454] {CVE-2024-36004}
- net/mlx5e: Fix mlx5e_priv_init() cleanup flow (Kamal Heib) [RHEL-37424] {CVE-2024-35959}
- net/mlx5: Properly link new fs rules into the tree (Kamal Heib) [RHEL-37420] {CVE-2024-35960}
- net/mlx5e: fix a potential double-free in fs_any_create_groups (Kamal Heib) [RHEL-37091] {CVE-2023-52667}
- net: ena: Fix incorrect descriptor free behavior (Kamal Heib) [RHEL-37428] {CVE-2024-35958}
- mISDN: hfcpci: Fix use-after-free bug in hfcpci_softirq (Jose Ignacio Tornos Martinez) [RHEL-37763] {CVE-2021-47356}
- mISDN: fix possible use-after-free in HFC_cleanup() (Jose Ignacio Tornos Martinez) [RHEL-37763] {CVE-2021-47356}
- crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (Vladis Dronov) [RHEL-35106] {CVE-2024-26974}
- crypto: qat - implement dh fallback for primes > 4K (Vladis Dronov) [RHEL-35106]
- crypto: qat - avoid division by zero (Vladis Dronov) [RHEL-35106]
- crypto: qat - resolve race condition during AER recovery (Vladis Dronov) [RHEL-35106] {CVE-2024-26974}
- crypto: qat - use kcalloc_node() instead of kzalloc_node() (Vladis Dronov) [RHEL-35106]
- [rt] Enable CONFIG_DRM_MGAG200_DISABLE_WRITECOMBINE (Jocelyn Falempe) [RHEL-36172]
- drm/mgag200: Add an option to disable Write-Combine (Jocelyn Falempe) [RHEL-36172]
- drm/mgag200: Fix caching setup for remapped video memory (Jocelyn Falempe) [RHEL-36172]
- Revert "drm/mgag200: Add a workaround for low-latency" (Jocelyn Falempe) [RHEL-36172]
- mptcp: fix data re-injection from stale subflow (Davide Caratti) [RHEL-33133] {CVE-2024-26826}
- ipv6: sr: fix incorrect unregister order (Hangbin Liu) [RHEL-31730]
- ipv6: sr: fix possible use-after-free and null-ptr-deref (Hangbin Liu) [RHEL-31730] {CVE-2024-26735}
- net/bnx2x: Prevent access to a freed page in page_pool (Michal Schmidt) [RHEL-14195 RHEL-33243] {CVE-2024-26859}
- bnx2x: new flag for track HW resource allocation (Michal Schmidt) [RHEL-14195 RHEL-33243]
- bnx2x: fix page fault following EEH recovery (Michal Schmidt) [RHEL-14195 RHEL-33243]
- x86: KVM: SVM: always update the x2avic msr interception (Maxim Levitsky) [RHEL-15495] {CVE-2023-5090}
- EDAC/thunderx: Fix possible out-of-bounds string access (Aristeu Rozanski) [RHEL-26573] {CVE-2023-52464}

Thu Jun 06 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.7.1.el8_10]

- net: qcom/emac: fix UAF in emac_remove (Ken Cox) [RHEL-37834] {CVE-2021-47311}
- perf/core: Bail out early if the request AUX area is out of bound (Michael Petlan) [RHEL-38268] {CVE-2023-52835}
- crypto: pcrypt - Fix hungtask for PADATA_RESET (Herbert Xu) [RHEL-38171] {CVE-2023-52813}
- drm/amdgpu: fix use-after-free bug (Jocelyn Falempe) [RHEL-31240] {CVE-2024-26656}
- mlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash (Ivan Vecera) [RHEL-37008] {CVE-2024-35854}
- mlxsw: spectrum_acl_tcam: Fix possible use-after-free during activity update (Ivan Vecera) [RHEL-37004] {CVE-2024-35855}
- mlxsw: spectrum_acl_tcam: Fix memory leak during rehash (Ivan Vecera) [RHEL-37012] {CVE-2024-35853}
- mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work (Ivan Vecera) [RHEL-37016] {CVE-2024-35852}
- mlxsw: spectrum_acl_tcam: Fix warning during rehash (Ivan Vecera) [RHEL-37480] {CVE-2024-36007}
- can: peak_pci: peak_pci_remove(): fix UAF (Jose Ignacio Tornos Martinez) [RHEL-38419] {CVE-2021-47456}
- usbnet: fix error return code in usbnet_probe() (Jose Ignacio Tornos Martinez) [RHEL-38440] {CVE-2021-47495}
- usbnet: sanity check for maxpacket (Jose Ignacio Tornos Martinez) [RHEL-38440] {CVE-2021-47495}
- net/mlx5e: fix a double-free in arfs_create_groups (Kamal Heib) [RHEL-36920] {CVE-2024-35835}
- can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds (Jose Ignacio Tornos Martinez) [RHEL-38220] {CVE-2023-52878}
- net: cdc_eem: fix tx fixup skb leak (Jose Ignacio Tornos Martinez) [RHEL-38080] {CVE-2021-47236}
- net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path (Jose Ignacio Tornos Martinez) [RHEL-38113] {CVE-2023-52703}
- usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() (Desnes Nunes) [RHEL-38248] {CVE-2023-52877}
- usb: config: fix iteration issue in 'usb_get_bos_descriptor()' (Desnes Nunes) [RHEL-38240] {CVE-2023-52781}
- gro: fix ownership transfer (Xin Long) [RHEL-37226] {CVE-2024-35890}
- tipc: fix kernel warning when sending SYN message (Xin Long) [RHEL-38109] {CVE-2023-52700}
- erspan: make sure erspan_base_hdr is present in skb->head (Xin Long) [RHEL-37230] {CVE-2024-35888}
- scsi: mpi3mr: Use proper format specifier in mpi3mr_sas_port_add() (Bryan Gurney) [RHEL-17366]
- scsi: mpi3mr: Sanitise num_phys (Bryan Gurney) [RHEL-17366]
- netfilter: nf_tables: use timestamp to check for set element timeout (Phil Sutter) [RHEL-38023] {CVE-2024-27397}
- net/ipv6: SKB symmetric hash should incorporate transport ports (Sabrina Dubroca) [RHEL-32061]
- crypto: s390/aes - Fix buffer overread in CTR mode (Herbert Xu) [RHEL-37089] {CVE-2023-52669}
- net: Save and restore msg_namelen in sock_sendmsg (Jamie Bainbridge) [RHEL-35893]
- net: prevent address rewrite in kernel_bind() (Jamie Bainbridge) [RHEL-35893]
- net: prevent rewrite of msg_name in sock_sendmsg() (Jamie Bainbridge) [RHEL-35893]
- net: replace calls to sock->ops->connect() with kernel_connect() (Jamie Bainbridge) [RHEL-35893]
- net: Avoid address overwrite in kernel_connect (Jamie Bainbridge) [RHEL-35893]
- wifi: iwlwifi: dbg-tlv: ensure NUL termination (Jose Ignacio Tornos Martinez) [RHEL-37026] {CVE-2024-35845}
- wifi: mac80211: fix potential sta-link leak (Jose Ignacio Tornos Martinez) [RHEL-36916] {CVE-2024-35838}
- wifi: nl80211: reject iftype change with mesh ID change (Jose Ignacio Tornos Martinez) [RHEL-36884] {CVE-2024-27410}
- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (Jose Ignacio Tornos Martinez) [RHEL-36807] {CVE-2024-35789}
- Bluetooth: Avoid potential use-after-free in hci_error_reset (David Marlin) [RHEL-31826] {CVE-2024-26801}
- tls: disable async encrypt/decrypt (Sabrina Dubroca) [RHEL-26362 RHEL-26409 RHEL-26420] {CVE-2024-26584 CVE-2024-26583 CVE-2024-26585}
- Squashfs: check the inode number is not the invalid value of zero (Phillip Lougher) [RHEL-35096] {CVE-2024-26982}
- ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry (Rafael Aquini) [RHEL-27782] {CVE-2021-47069}
- ipc/msg.c: update and document memory barriers (Rafael Aquini) [RHEL-27782] {CVE-2021-47069}
- ipc/sem.c: document and update memory barriers (Rafael Aquini) [RHEL-27782] {CVE-2021-47069}
- ipc/mqueue.c: update/document memory barriers (Rafael Aquini) [RHEL-27782] {CVE-2021-47069}
- ipc/mqueue.c: remove duplicated code (Rafael Aquini) [RHEL-27782] {CVE-2021-47069}
- net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context (Kamal Heib) [RHEL-30582] {CVE-2023-52626}
- Revert "ACPI: bus: Rework system-level device notification handling" (Prarit Bhargava) [RHEL-21486]
- hwrng: core - Fix page fault dead lock on mmap-ed hwrng (Prarit Bhargava) [RHEL-29485] {CVE-2023-52615}

Wed May 29 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.6.1.el8_10]

- powerpc/powernv: Add a null pointer check in opal_event_init() (Mamatha Inamdar) [RHEL-37058] {CVE-2023-52686}
- crypto: rsa - add a check for allocation failure (Vladis Dronov) [RHEL-35361]
- crypto: rsa - allow only odd e and restrict value in FIPS mode (Vladis Dronov) [RHEL-35361]
- KEYS: use kfree_sensitive with key (Vladis Dronov) [RHEL-35361]
- lib/mpi: Extend the MPI library (only mpi_*_bit() part) (Vladis Dronov) [RHEL-35361]
- net: ip_tunnel: prevent perpetual headroom growth (Felix Maurer) [RHEL-31814] {CVE-2024-26804}
- s390/cpum_cf: make crypto counters upward compatible across machine types (Tobias Huschle) [RHEL-36048]
- RDMA/mlx5: Fix fortify source warning while accessing Eth segment (Kamal Heib) [RHEL-33162] {CVE-2024-26907}
- ovl: fix leaked dentry (Miklos Szeredi) [RHEL-27306] {CVE-2021-46972}
- x86/mm: Disallow vsyscall page read for copy_from_kernel_nofault() (Rafael Aquini) [RHEL-33166] {CVE-2024-26906}
- x86/mm: Move is_vsyscall_vaddr() into asm/vsyscall.h (Rafael Aquini) [RHEL-33166] {CVE-2024-26906}
- x86/mm/vsyscall: Consider vsyscall page part of user address space (Rafael Aquini) [RHEL-33166] {CVE-2024-26906}
- x86/mm: Add vsyscall address helper (Rafael Aquini) [RHEL-33166] {CVE-2024-26906}
- mm/swap: fix race when skipping swapcache (Rafael Aquini) [RHEL-31644] {CVE-2024-26759}
- swap: fix do_swap_page() race with swapoff (Rafael Aquini) [RHEL-31644] {CVE-2024-26759}
- mm/swapfile: use percpu_ref to serialize against concurrent swapoff (Rafael Aquini) [RHEL-31644] {CVE-2024-26759}
- mm/damon/vaddr-test: fix memory leak in damon_do_test_apply_three_regions() (Rafael Aquini) [RHEL-29294] {CVE-2023-52560}
- ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr (Jiri Benc) [RHEL-29783]
- block: null_blk: Fix handling of fake timeout request (Ming Lei) [RHEL-8130]
- null_blk: fix poll request timeout handling (Ming Lei) [RHEL-8130]
- block: null_blk: end timed out poll request (Ming Lei) [RHEL-8130]
- block: null_blk: only set set->nr_maps as 3 if active poll_queues is > 0 (Ming Lei) [RHEL-8130]
- null_blk: allow zero poll queues (Ming Lei) [RHEL-8130]
- null_blk: Fix handling of submit_queues and poll_queues attributes (Ming Lei) [RHEL-8130]
- null_blk: poll queue support (Ming Lei) [RHEL-8130]
- null_blk: fix command timeout completion handling (Ming Lei) [RHEL-8130]
- platform/x86: dell-smbios-wmi: Fix oops on rmmod dell_smbios (Prarit Bhargava) [RHEL-27790] {CVE-2021-47073}
- Bluetooth: avoid memcmp() out of bounds warning (David Marlin) [RHEL-3017] {CVE-2020-26555}
- Bluetooth: hci_event: Fix coding style (David Marlin) [RHEL-3017] {CVE-2020-26555}
- Bluetooth: hci_event: Fix using memcmp when comparing keys (David Marlin) [RHEL-3017] {CVE-2020-26555}
- Bluetooth: Reject connection with the device which has same BD_ADDR (David Marlin) [RHEL-3017] {CVE-2020-26555}
- Bluetooth: hci_event: Ignore NULL link key (David Marlin) [RHEL-3017] {CVE-2020-26555}
- ppp_async: limit MRU to 64K (Guillaume Nault) [RHEL-31353] {CVE-2024-26675}
- powerpc/imc-pmu: Add a null pointer check in update_events_in_group() (Mamatha Inamdar) [RHEL-37078] {CVE-2023-52675}
- tcp: do not accept ACK of bytes we never sent (Xin Long) [RHEL-21952]

Mon May 20 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.5.1.el8_10]

- tools/power/turbostat: Fix uncore frequency file string (David Arcari) [RHEL-29238]
- tools/power turbostat: Expand probe_intel_uncore_frequency() (David Arcari) [RHEL-29238]
- uio: Fix use-after-free in uio_open (Ricardo Robaina) [RHEL-26232] {CVE-2023-52439}
- net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send (Ken Cox) [RHEL-27316] {CVE-2021-47013}
- keys: Fix linking a duplicate key to a keyring's assoc_array (David Howells) [RHEL-30772]
- keys: Hoist locking out of __key_link_begin() (David Howells) [RHEL-30772]
- keys: Break bits out of key_unlink() (David Howells) [RHEL-30772]
- keys: Change keyring_serialise_link_sem to a mutex (David Howells) [RHEL-30772]
- wifi: brcm80211: handle pmk_op allocation failure (Jose Ignacio Tornos Martinez) [RHEL-35150] {CVE-2024-27048}
- wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work (Jose Ignacio Tornos Martinez) [RHEL-35140] {CVE-2024-27052}
- wifi: iwlwifi: mvm: ensure offloading TID queue exists (Jose Ignacio Tornos Martinez) [RHEL-35130] {CVE-2024-27056}
- wifi: mt76: mt7921e: fix use-after-free in free_irq() (Jose Ignacio Tornos Martinez) [RHEL-34866] {CVE-2024-26892}
- wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete (Jose Ignacio Tornos Martinez) [RHEL-34189] {CVE-2024-26897}
- wifi: iwlwifi: mvm: fix a crash when we run out of stations (Jose Ignacio Tornos Martinez) [RHEL-31547] {CVE-2024-26693}
- wifi: iwlwifi: fix double-free bug (Jose Ignacio Tornos Martinez) [RHEL-31543] {CVE-2024-26694}
- wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() (Jose Ignacio Tornos Martinez) [RHEL-29089] {CVE-2023-52594}
- wifi: rt2x00: restart beacon queue when hardware reset (Jose Ignacio Tornos Martinez) [RHEL-29093] {CVE-2023-52595}
- wifi: iwlwifi: fix a memory corruption (Jose Ignacio Tornos Martinez) [RHEL-28903] {CVE-2024-26610}

Wed May 15 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.4.1.el8_10]

- cpuhotplug: Fix kABI breakage caused by CPUHP_AP_HYPERV_ONLINE (Vitaly Kuznetsov) [RHEL-36117]
- net/mlx5e: Prevent deadlock while disabling aRFS (Kamal Heib) [RHEL-35041] {CVE-2024-27014}
- x86/tsc: Defer marking TSC unstable to a worker (Wander Lairson Costa) [RHEL-32676]
- x86/smpboot: Make TSC synchronization function call based (Wander Lairson Costa) [RHEL-32676]
- net: usb: fix possible use-after-free in smsc75xx_bind (Jose Ignacio Tornos Martinez) [RHEL-30311] {CVE-2021-47171}
- net: usb: fix memory leak in smsc75xx_bind (Jose Ignacio Tornos Martinez) [RHEL-30311] {CVE-2021-47171}

Sat May 11 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-552.3.1.el8_10]

- netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout (Phil Sutter) [RHEL-30076] {CVE-2024-26643}
- netfilter: nf_tables: disallow anonymous set with timeout flag (Phil Sutter) [RHEL-30080] {CVE-2024-26642}
- selftests/bpf: Fix pyperf180 compilation failure with clang18 (Artem Savkov) [RHEL-35576]
- md/raid5: fix atomicity violation in raid5_cache_count (Nigel Croxon) [RHEL-27930] {CVE-2024-23307}
- usb: ulpi: Fix debugfs directory leak (Desnes Nunes) [RHEL-33287] {CVE-2024-26919}
- powerpc/pseries: Fix potential memleak in papr_get_attr() (Mamatha Inamdar) [RHEL-35213] {CVE-2022-48669}
- USB: usb-storage: Prevent divide-by-0 error in isd200_ata_command (Desnes Nunes) [RHEL-35122] {CVE-2024-27059}
- NFSv4: fairly test all delegations on a SEQ4_ revocation (Benjamin Coddington) [RHEL-34912]
- USB: core: Fix deadlock in usb_deauthorize_interface() (Desnes Nunes) [RHEL-35002] {CVE-2024-26934}
- usb: xhci: Add error handling in xhci_map_urb_for_dma (Desnes Nunes) [RHEL-34958] {CVE-2024-26964}
- fs: sysfs: Fix reference leak in sysfs_break_active_protection() (Ewan D. Milne) [RHEL-35076] {CVE-2024-26993}
- xhci: handle isoc Babble and Buffer Overrun events properly (Desnes Nunes) [RHEL-31297] {CVE-2024-26659}
- xhci: process isoc TD properly when there was a transaction error mid TD. (Desnes Nunes) [RHEL-31297] {CVE-2024-26659}
- USB: core: Fix deadlock in port "disable" sysfs attribute (Desnes Nunes) [RHEL-35006] {CVE-2024-26933}
- USB: core: Add hub_get() and hub_put() routines (Desnes Nunes) [RHEL-35006] {CVE-2024-26933}
- netfilter: ipset: Missing gc cancellations fixed (Phil Sutter) [RHEL-30521]
- netfilter: ipset: fix performance regression in swap operation (Phil Sutter) [RHEL-30521]
- netfilter: ipset: Fix "INFO: rcu detected stall in hash_xxx" reports (Phil Sutter) [RHEL-30521]
- netfilter: ipset: fix race condition between swap/destroy and kernel side add/del/test (Phil Sutter) [RHEL-30521]
- x86/apic/x2apic: Fix a NULL pointer deref when handling a dying cpu (David Arcari) [RHEL-32516]
- x86/coco: Disable 32-bit emulation by default on TDX and SEV (Vitaly Kuznetsov) [RHEL-25087] {CVE-2024-25744}
- x86: Make IA32_EMULATION boot time configurable (Vitaly Kuznetsov) [RHEL-25087] {CVE-2024-25744}
- x86/entry: Make IA32 syscalls' availability depend on ia32_enabled() (Vitaly Kuznetsov) [RHEL-25087] {CVE-2024-25744}
- x86/elf: Make loading of 32bit processes depend on ia32_enabled() (Vitaly Kuznetsov) [RHEL-25087] {CVE-2024-25744}
- x86/entry: Rename ignore_sysret() (Vitaly Kuznetsov) [RHEL-25087] {CVE-2024-25744}
- x86/cpu: Don't write CSTAR MSR on Intel CPUs (Vitaly Kuznetsov) [RHEL-25087] {CVE-2024-25744}
- x86: Introduce ia32_enabled() (Vitaly Kuznetsov) [RHEL-25087] {CVE-2024-25744}

Mon May 06 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-552.2.1.el8_10]

- s390/ptrace: handle setting of fpc register correctly (Tobias Huschle) [RHEL-29106] {CVE-2023-52598}
- net/smc: fix illegal rmb_desc access in SMC-D connection dump (Tobias Huschle) [RHEL-27746] {CVE-2024-26615}
- wifi: mac80211: fix race condition on enabling fast-xmit (Jose Ignacio Tornos Martinez) [RHEL-31664] {CVE-2024-26779}
- powerpc/fadump: make is_kdump_kernel() return false when fadump is active (Mamatha Inamdar) [RHEL-24401]
- vmcore: remove dependency with is_kdump_kernel() for exporting vmcore (Mamatha Inamdar) [RHEL-24401]
- mtd: require write permissions for locking and badblock ioctls (Prarit Bhargava) [RHEL-27585] {CVE-2021-47055}
- mtd: properly check all write ioctls for permissions (Prarit Bhargava) [RHEL-27585] {CVE-2021-47055}
- pid: take a reference when initializing `cad_pid` (Waiman Long) [RHEL-29420] {CVE-2021-47118}
- i2c: i801: Don't generate an interrupt on bus reset (Prarit Bhargava) [RHEL-30325] {CVE-2021-47153}
- RDMA/srpt: Do not register event handler until srpt device is fully setup (Kamal Heib) [RHEL-33224] {CVE-2024-26872}
- ceph: switch to corrected encoding of max_xattr_size in mdsmap (Xiubo Li) [RHEL-26723]
- ceph: switch to use cap_delay_lock for the unlink delay list (Xiubo Li) [RHEL-32870]
- ceph: pass ino# instead of old_dentry if it's disconnected (Xiubo Li) [RHEL-32870]
- fat: fix uninitialized field in nostale filehandles (Andrey Albershteyn) [RHEL-33186 RHEL-35108] {CVE-2024-26973}
- do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak (Andrey Albershteyn) [RHEL-33186] {CVE-2024-26901}
- idpf: limit the support to GCP only (Michal Schmidt) [RHEL-15652]
- redhat/configs: enable CONFIG_IDPF (Michal Schmidt) [RHEL-15652]
- idpf: remove the use of ETHTOOL_RING_USE_TCP_DATA_SPLIT (Michal Schmidt) [RHEL-15652]
- idpf: workaround for unavailable skb page recycling (Michal Schmidt) [RHEL-15652]
- idpf: always allocate a full page (Michal Schmidt) [RHEL-15652]
- idpf: remove page pool stats code (Michal Schmidt) [RHEL-15652]
- idpf: add minimal macros for __free(kfree) to work (Michal Schmidt) [RHEL-15652]
- idpf: fixup include paths for RHEL 8 (Michal Schmidt) [RHEL-15652]
- idpf: fix kernel panic on unknown packet types (Michal Schmidt) [RHEL-15652]
- idpf: disable local BH when scheduling napi for marker packets (Michal Schmidt) [RHEL-15652]
- idpf: remove dealloc vector msg err in idpf_intr_rel (Michal Schmidt) [RHEL-15652]
- idpf: fix minor controlq issues (Michal Schmidt) [RHEL-15652]
- idpf: prevent deinit uninitialized virtchnl core (Michal Schmidt) [RHEL-15652]
- idpf: cleanup virtchnl cruft (Michal Schmidt) [RHEL-15652]
- idpf: refactor idpf_recv_mb_msg (Michal Schmidt) [RHEL-15652]
- idpf: add async_handler for MAC filter messages (Michal Schmidt) [RHEL-15652]
- idpf: refactor remaining virtchnl messages (Michal Schmidt) [RHEL-15652]
- idpf: refactor queue related virtchnl messages (Michal Schmidt) [RHEL-15652]
- idpf: refactor vport virtchnl messages (Michal Schmidt) [RHEL-15652]
- idpf: implement virtchnl transaction manager (Michal Schmidt) [RHEL-15652]
- idpf: add idpf_virtchnl.h (Michal Schmidt) [RHEL-15652]
- idpf: avoid compiler padding in virtchnl2_ptype struct (Michal Schmidt) [RHEL-15652]
- idpf: distinguish vports by the dev_port attribute (Michal Schmidt) [RHEL-15652]
- idpf: avoid compiler introduced padding in virtchnl2_rss_key struct (Michal Schmidt) [RHEL-15652]
- idpf: fix corrupted frames and skb leaks in singleq mode (Michal Schmidt) [RHEL-15652]
- idpf: refactor some missing field get/prep conversions (Michal Schmidt) [RHEL-15652]
- idpf: add get/set for Ethtool's header split ringparam (Michal Schmidt) [RHEL-15652]
- idpf: fix potential use-after-free in idpf_tso() (Michal Schmidt) [RHEL-15652]
- idpf: cancel mailbox work in error path (Michal Schmidt) [RHEL-15652]
- idpf: set scheduling mode for completion queue (Michal Schmidt) [RHEL-15652]
- idpf: add SRIOV support and other ndo_ops (Michal Schmidt) [RHEL-15652]
- idpf: add ethtool callbacks (Michal Schmidt) [RHEL-15652]
- idpf: add singleq start_xmit and napi poll (Michal Schmidt) [RHEL-15652]
- idpf: add RX splitq napi poll support (Michal Schmidt) [RHEL-15652]
- idpf: add TX splitq napi poll support (Michal Schmidt) [RHEL-15652]
- idpf: add splitq start_xmit (Michal Schmidt) [RHEL-15652]
- idpf: initialize interrupts and enable vport (Michal Schmidt) [RHEL-15652]
- idpf: configure resources for RX queues (Michal Schmidt) [RHEL-15652]
- idpf: configure resources for TX queues (Michal Schmidt) [RHEL-15652]
- idpf: add ptypes and MAC filter support (Michal Schmidt) [RHEL-15652]
- idpf: add create vport and netdev configuration (Michal Schmidt) [RHEL-15652]
- idpf: add core init and interrupt request (Michal Schmidt) [RHEL-15652]
- idpf: add controlq init and reset checks (Michal Schmidt) [RHEL-15652]
- idpf: add module register and probe functionality (Michal Schmidt) [RHEL-15652]
- virtchnl: add virtchnl version 2 ops (Michal Schmidt) [RHEL-15652]
- net: netdev_queue: netdev_txq_completed_mb(): fix wake condition (Michal Schmidt) [RHEL-15652]
- net: piggy back on the memory barrier in bql when waking queues (Michal Schmidt) [RHEL-15652]
- net: provide macros for commonly copied lockless queue stop/wake code (Michal Schmidt) [RHEL-15652]

Fri Apr 26 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-552.1.1.el8_10]

- redhat: set DIST to el8_10 and ZSTREAM to yes for 8.10 (Denys Vlasenko)
- tty: tty_buffer: Fix the softlockup issue in flush_to_ldisc (Prarit Bhargava) [RHEL-32590] {CVE-2021-47185}
- net: mana: Fix Rx DMA datasize and skb_over_panic (Cathy Avery) [RHEL-32579]
- RDMA/srpt: Support specifying the srpt_service_guid parameter (Kamal Heib) [RHEL-31710] {CVE-2024-26744}
- RDMA/qedr: Fix qedr_create_user_qp error flow (Kamal Heib) [RHEL-31714] {CVE-2024-26743}
- hwmon: (coretemp) Fix out-of-bounds memory access (David Arcari) [RHEL-31305] {CVE-2024-26664}
- RDMA/irdma: Fix KASAN issue with tasklet (Kamal Heib) [RHEL-15776]
- net: bridge: use DEV_STATS_INC() (Ivan Vecera) [RHEL-27989] {CVE-2023-52578}
- net: Fix unwanted sign extension in netdev_stats_to_stats64() (Ivan Vecera) [RHEL-27989] {CVE-2023-52578}
- net: add atomic_long_t to net_device_stats fields (Ivan Vecera) [RHEL-27989] {CVE-2023-52578}
- net/sched: act_ct: fix skb leak and crash on ooo frags (Xin Long) [RHEL-29467] {CVE-2023-52610}
- net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg (Jose Ignacio Tornos Martinez) [RHEL-28015] {CVE-2023-52528}
- RDMA/core: Fix uninit-value access in ib_get_eth_speed() (Kamal Heib) [RHEL-30130]
- RDMA/core: Get IB width and speed from netdev (Kamal Heib) [RHEL-30130]
- cpufreq: intel_pstate: Add Emerald Rapids support in no-HWP mode (Prarit Bhargava) [RHEL-29444]
- powerpc/mm: Fix null-pointer dereference in pgtable_cache_add (Mamatha Inamdar) [RHEL-29118] {CVE-2023-52607}
- powerpc/lib: Validate size for vector operations (Mamatha Inamdar) [RHEL-29114] {CVE-2023-52606}
- usb: hub: Guard against accesses to uninitialized BOS descriptors (Desnes Nunes) [RHEL-28986] {CVE-2023-52477}
- media: uvcvideo: Fix OOB read (Desnes Nunes) [RHEL-27940] {CVE-2023-52565}
- media: pvrusb2: fix use after free on context disconnection (Desnes Nunes) [RHEL-26498] {CVE-2023-52445}
- i2c: i801: Fix block process call transactions (Prarit Bhargava) [RHEL-26478] {CVE-2024-26593}
- overlay: disable EVM (Coiby Xu) [RHEL-19863]
- evm: add support to disable EVM on unsupported filesystems (Coiby Xu) [RHEL-19863]
- evm: don't copy up 'security.evm' xattr (Coiby Xu) [RHEL-19863]
- net: ena: Remove ena_select_queue (Kamal Heib) [RHEL-14286]
- media: dvbdev: Fix memory leak in dvb_media_device_free() (Prarit Bhargava) [RHEL-27254] {CVE-2020-36777}
- gfs2: Fix invalid metadata access in punch_hole (Andrew Price) [RHEL-28784]
- i2c: Fix a potential use after free (Prarit Bhargava) [RHEL-26849] {CVE-2019-25162}
- i2c: validate user data in compat ioctl (Prarit Bhargava) [RHEL-27022] {CVE-2021-46934}
- platform/x86: think-lmi: Fix reference leak (Prarit Bhargava) [RHEL-28030] {CVE-2023-52520}
- vhost: use kzalloc() instead of kmalloc() followed by memset() (Jon Maloy) [RHEL-21505] {CVE-2024-0340}
- RDMA/siw: Fix connection failure handling (Kamal Heib) [RHEL-28042] {CVE-2023-52513}
- vt: fix memory overlapping when deleting chars in the buffer (Waiman Long) [RHEL-27778 RHEL-27779] {CVE-2022-48627}
- x86/fpu: Stop relying on userspace for info to fault in xsave buffer (Steve Best) [RHEL-26669] {CVE-2024-26603}
- mptcp: fix double-free on socket dismantle (Davide Caratti) [RHEL-22773] {CVE-2024-26782}
- crypto: akcipher - Disable signing and decryption (Herbert Xu) [RHEL-17114] {CVE-2023-6240}
- crypto: akcipher - default implementations for request callbacks (Herbert Xu) [RHEL-17114] {CVE-2023-6240}
- crypto: testmgr - split akcipher tests by a key type (Herbert Xu) [RHEL-17114] {CVE-2023-6240}
- workqueue: Warn when a rescuer could not be created (Waiman Long) [RHEL-22136]
- RDMA/cma: Avoid GID lookups on iWARP devices (Benjamin Coddington) [RHEL-12456]
- RDMA/cma: Deduplicate error flow in cma_validate_port() (Benjamin Coddington) [RHEL-12456]
- RDMA/core: Set gid_attr.ndev for iWARP devices (Benjamin Coddington) [RHEL-12456]
- RDMA/siw: Fabricate a GID on tun and loopback devices (Benjamin Coddington) [RHEL-12456]

Sun Apr 07 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-552.el8]

- i40e: Enforce software interrupt during busy-poll exit (Ivan Vecera) [RHEL-26248]
- i40e: Remove _t suffix from enum type names (Ivan Vecera) [RHEL-26248]