[ol9_baseos_latest] kernel-debug-core-5.14.0-427.35.1.el9_4.x86_64

Name:	kernel-debug-core
Version:	5.14.0
Release:	427.35.1.el9_4
Architecture:	x86_64
Group:	Unspecified
Size:	95813796
License:	((GPL-2.0-only WITH Linux-syscall-note) OR BSD-2-Clause) AND ((GPL-2.0-only WITH Linux-syscall-note) OR BSD-3-Clause) AND ((GPL-2.0-only WITH Linux-syscall-note) OR CDDL-1.0) AND ((GPL-2.0-only WITH Linux-syscall-note) OR Linux-OpenIB) AND ((GPL-2.0-only WITH Linux-syscall-note) OR MIT) AND ((GPL-2.0-or-later WITH Linux-syscall-note) OR BSD-3-Clause) AND ((GPL-2.0-or-later WITH Linux-syscall-note) OR MIT) AND Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND BSD-3-Clause-Clear AND GFDL-1.1-no-invariants-or-later AND GPL-1.0-or-later AND (GPL-1.0-or-later OR BSD-3-Clause) AND (GPL-1.0-or-later WITH Linux-syscall-note) AND GPL-2.0-only AND (GPL-2.0-only OR Apache-2.0) AND (GPL-2.0-only OR BSD-2-Clause) AND (GPL-2.0-only OR BSD-3-Clause) AND (GPL-2.0-only OR CDDL-1.0) AND (GPL-2.0-only OR GFDL-1.1-no-invariants-or-later) AND (GPL-2.0-only OR GFDL-1.2-no-invariants-only) AND (GPL-2.0-only WITH Linux-syscall-note) AND GPL-2.0-or-later AND (GPL-2.0-or-later OR BSD-2-Clause) AND (GPL-2.0-or-later OR BSD-3-Clause) AND (GPL-2.0-or-later OR CC-BY-4.0) AND (GPL-2.0-or-later WITH GCC-exception-2.0) AND (GPL-2.0-or-later WITH Linux-syscall-note) AND ISC AND LGPL-2.0-or-later AND (LGPL-2.0-or-later OR BSD-2-Clause) AND (LGPL-2.0-or-later WITH Linux-syscall-note) AND LGPL-2.1-only AND (LGPL-2.1-only OR BSD-2-Clause) AND (LGPL-2.1-only WITH Linux-syscall-note) AND LGPL-2.1-or-later AND (LGPL-2.1-or-later WITH Linux-syscall-note) AND (Linux-OpenIB OR GPL-2.0-only) AND (Linux-OpenIB OR GPL-2.0-only OR BSD-2-Clause) AND Linux-man-pages-copyleft AND MIT AND (MIT OR GPL-2.0-only) AND (MIT OR GPL-2.0-or-later) AND (MIT OR LGPL-2.1-only) AND (MPL-1.1 OR GPL-2.0-only) AND (X11 OR GPL-2.0-only) AND (X11 OR GPL-2.0-or-later) AND Zlib
RPM:	kernel-debug-core-5.14.0-427.35.1.el9_4.x86_64.rpm
Source RPM:	kernel-5.14.0-427.35.1.el9_4.src.rpm
Build Date:	Wed Sep 11 2024
Build Host:	build-ol9-x86_64.oracle.com
Vendor:	Oracle America
URL:	https://www.kernel.org/
Summary:	The Linux kernel compiled with PREEMPT_RT enabled
Description:	The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. This variant of the kernel has numerous debugging options enabled. It should only be installed when trying to gather additional information on kernel bugs, as some of these options impact performance noticably.

Changelog (Show File list) (Show related packages)

Wed Sep 11 2024 Darren Archibald <darren.archibald@oracle.com> [5.14.0-427.35.1.el9_4.OL9]

- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5.el9
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates

Fri Aug 30 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.35.1.el9_4]

- usb-storage: alauda: Check whether the media is initialized (CKI Backport Bot) [RHEL-43716] {CVE-2024-38619}
- ceph: force sending a cap update msg back to MDS for revoke op (Xiubo Li) [RHEL-55437]
- ceph: periodically flush the cap releases (Xiubo Li) [RHEL-55437]
- mm: avoid overflows in dirty throttling logic (Jay Shin) [RHEL-51848 RHEL-50004] {CVE-2024-42131}
- Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" (Jay Shin) [RHEL-51701 RHEL-50004] {CVE-2024-42102}
- mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again (Jay Shin) [RHEL-42628 RHEL-5619] {CVE-2024-26720}
- net: fix out-of-bounds access in ops_init (Paolo Abeni) [RHEL-43188 RHEL-46610] {CVE-2024-36883}
- nvme: avoid double free special payload (CKI Backport Bot) [RHEL-51311] {CVE-2024-41073}
- kernfs: change kernfs_rename_lock into a read-write lock (Jay Shin) [RHEL-55253 RHEL-52956]
- kernfs: Separate kernfs_pr_cont_buf and rename_lock (Jay Shin) [RHEL-55253 RHEL-52956]
- kernfs: fix missing kernfs_iattr_rwsem locking (Jay Shin) [RHEL-55253 RHEL-52956]
- kernfs: Use a per-fs rwsem to protect per-fs list of kernfs_super_info (Jay Shin) [RHEL-55253 RHEL-52956]
- kernfs: Introduce separate rwsem to protect inode attributes (Jay Shin) [RHEL-55253 RHEL-52956]
- xhci: Handle TD clearing for multiple streams case (CKI Backport Bot) [RHEL-47894 RHEL-47892] {CVE-2024-40927}
- Bluetooth: af_bluetooth: Fix deadlock (Bastien Nocera) [RHEL-34161] {CVE-2024-26886}
- xdp: Remove WARN() from __xdp_reg_mem_model() (CKI Backport Bot) [RHEL-51586] {CVE-2024-42082}
- nfsd: don't take fi_lock in nfsd_break_deleg_cb() (Benjamin Coddington) [RHEL-42578 RHEL-34875]
- nfsd: fix RELEASE_LOCKOWNER (Benjamin Coddington) [RHEL-42578 RHEL-34875] {CVE-2024-26629}
- net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (CKI Backport Bot) [RHEL-43729 RHEL-43727]
- net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (CKI Backport Bot) [RHEL-43729 RHEL-43727]
- net: bridge: mst: fix vlan use-after-free (cki-backport-bot) [RHEL-43729] {CVE-2024-36979}
- efivarfs: force RO when remounting if SetVariable is not supported (Pavel Reichl) [RHEL-42343 RHEL-26588] {CVE-2023-52463}
- ACPI: arm64: export acpi_arch_thermal_cpufreq_pctg() (Charles Mirabile) [RHEL-34234 RHEL-1697]
- ACPI: processor: reduce CPUFREQ thermal reduction pctg for Tegra241 (Charles Mirabile) [RHEL-34234 RHEL-1697]
- ACPI: thermal: Add Thermal fast Sampling Period (_TFP) support (Scott Weaver) [RHEL-34234 RHEL-1697]

Thu Aug 22 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.34.1.el9_4]

- mm: prevent derefencing NULL ptr in pfn_section_valid() (Jarod Wilson) [RHEL-51140 RHEL-51138] {CVE-2024-41055}
- mm, kmsan: fix infinite recursion due to RCU critical section (Jarod Wilson) [RHEL-51140 RHEL-51138] {CVE-2024-41055}
- ppp: reject claimed-as-LCP but actually malformed packets (CKI Backport Bot) [RHEL-51061 RHEL-51059] {CVE-2024-41044}
- x86: stop playing stack games in profile_pc() (CKI Backport Bot) [RHEL-51651] {CVE-2024-42096}
- PCI/MSI: Fix UAF in msi_capability_init (CKI Backport Bot) [RHEL-51438] {CVE-2024-41096}
- iommufd: Fix missing update of domains_itree after splitting iopt_area (Jerry Snitselaar) [RHEL-42518 RHEL-28780] {CVE-2023-52801}
- mm: cachestat: fix folio read-after-free in cache walk (Nico Pache) [RHEL-41739 RHEL-5619] {CVE-2024-26630}
- regmap: maple: Fix cache corruption in regcache_maple_drop() (Jaroslav Kysela) [RHEL-43179 RHEL-39706] {CVE-2024-36019}
- mm: cachestat: fix two shmem bugs (Nico Pache) [RHEL-36912] {CVE-2024-35797}
- kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address (Steve Best) [RHEL-42778 RHEL-34985] {CVE-2024-26946}
- mm/hugetlb: fix missing hugetlb_lock for resv uncharge (Rafael Aquini) [RHEL-43132 RHEL-37467] {CVE-2024-36000}
- rbd: don't assume rbd_is_lock_owner() for exclusive mappings (Ilya Dryomov) [RHEL-52675 RHEL-50366]
- rbd: don't assume RBD_LOCK_STATE_LOCKED for exclusive mappings (Ilya Dryomov) [RHEL-52675 RHEL-50366]
- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (Ilya Dryomov) [RHEL-52675 RHEL-50366]
- gpio: tegra186: Fix tegra186_gpio_is_accessible() check (Charles Mirabile) [RHEL-49347 RHEL-32452]
- net/sched: Fix UAF when resolving a clash (CKI Backport Bot) [RHEL-51022 RHEL-51020] {CVE-2024-41040}
- KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (Maxim Levitsky) [RHEL-41462 RHEL-32430] {CVE-2024-35791}
- cxl/region: Fix memregion leaks in devm_cxl_add_region() (John W. Linville) [RHEL-47965 RHEL-23582] {CVE-2024-40936}
- x86/coco: Require seeding RNG with RDRAND on CoCo systems (Lenny Szubowicz) [RHEL-42986 RHEL-37269] {CVE-2024-35875}
- scsi: qedf: Ensure the copied buf is NUL terminated (cki-backport-bot) [RHEL-44203] {CVE-2024-38559}

Fri Aug 16 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.33.1.el9_4]

- bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (Kamal Heib) [RHEL-44287] {CVE-2024-38540}
- netfilter: flowtable: validate pppoe header (Florian Westphal) [RHEL-44430 RHEL-33469] {CVE-2024-27016}
- crypto: bcm - Fix pointer arithmetic (cki-backport-bot) [RHEL-44116] {CVE-2024-38579}
- udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port(). (CKI Backport Bot) [RHEL-51035 RHEL-51033] {CVE-2024-41041}
- netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (Florian Westphal) [RHEL-42832 RHEL-33985] {CVE-2024-27019}
- netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEV (Florian Westphal) [RHEL-42832 RHEL-33985]
- netfilter: nf_tables: NULL pointer dereference in nf_tables_updobj() (Florian Westphal) [RHEL-42832 RHEL-33985]
- netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path (Florian Westphal) [RHEL-41802 RHEL-33985] {CVE-2024-26925}
- netfilter: nf_tables: discard table flag update with pending basechain deletion (Florian Westphal) [RHEL-40231 RHEL-33985] {CVE-2024-35897}
- netfilter: nf_tables: reject table flag and netdev basechain updates (Florian Westphal) [RHEL-40231 RHEL-33985]
- netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-42966 RHEL-37040] {CVE-2024-35839}
- netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-42966 RHEL-37040] {CVE-2024-35839}
- netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-42966 RHEL-37040] {CVE-2024-35839}
- netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-42966 RHEL-37040] {CVE-2024-35839}
- netfilter: nft_limit: reject configurations that cause integer overflow (Florian Westphal) [RHEL-40065 RHEL-33985] {CVE-2024-26668}
- scsi: qedi: Fix crash while reading debugfs attribute (CKI Backport Bot) [RHEL-48339] {CVE-2024-40978}
- mm/huge_memory: don't unpoison huge_zero_folio (Aristeu Rozanski) [RHEL-47804] {CVE-2024-40914}
- tipc: force a dst refcount before doing decryption (Xin Long) [RHEL-48375 RHEL-6118] {CVE-2024-40983}
- netfilter: nft_set_rbtree: skip end interval element from gc (Florian Westphal) [RHEL-41265] {CVE-2024-26581}
- nvmet: fix a possible leak when destroy a ctrl during qp establishment (CKI Backport Bot) [RHEL-52021 RHEL-52019 RHEL-52020] {CVE-2024-42152}
- net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (CKI Backport Bot) [RHEL-51756] {CVE-2024-42110}
- netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (Florian Westphal) [RHEL-40265 RHEL-33985] {CVE-2024-35898}
- netfilter: br_netfilter: remove WARN traps (CKI Backport Bot) [RHEL-42882] {CVE-2024-27415}
- netfilter: br_netfilter: skip conntrack input hook for promisc packets (CKI Backport Bot) [RHEL-42882] {CVE-2024-27415}
- netfilter: bridge: confirm multicast packets before passing them up the stack (CKI Backport Bot) [RHEL-42882] {CVE-2024-27415}
- netfilter: nf_conntrack_bridge: initialize err to 0 (CKI Backport Bot) [RHEL-42882] {CVE-2024-27415}
- netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (Florian Westphal) [RHEL-42842 RHEL-33985] {CVE-2024-27020}

Mon Aug 12 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.32.1.el9_4]

- REDHAT: Makefile, dont reset dist-git-tmp if set (Lucas Zampieri)
- net/mlx5e: Fix netif state handling (Benjamin Poirier) [RHEL-43872 RHEL-43870] {CVE-2024-38608}
- net/mlx5e: Add wrapping for auxiliary_driver ops and remove unused args (Benjamin Poirier) [RHEL-43872 RHEL-43870] {CVE-2024-38608}
- tun: add missing verification for short frame (Patrick Talbert) [RHEL-50202 RHEL-50203] {CVE-2024-41091}
- tap: add missing verification for short frame (Patrick Talbert) [RHEL-50264 RHEL-50265] {CVE-2024-41090}
- vfio/pci: Lock external INTx masking ops (Alex Williamson) [RHEL-43421 RHEL-30023] {CVE-2024-26810}
- net: bridge: xmit: make sure we have at least eth header len bytes (cki-backport-bot) [RHEL-44299] {CVE-2024-38538}
- KVM: arm64: Ensure target address is granule-aligned for range TLBI (Sebastian Ott) [RHEL-52248 RHEL-31215]
- RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (cki-backport-bot) [RHEL-44250] {CVE-2024-38544}
- NFSv4: Fix memory leak in nfs4_set_security_label (CKI Backport Bot) [RHEL-52082] {CVE-2024-41076}
- md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING (Nigel Croxon) [RHEL-46421 RHEL-35393] {CVE-2024-39476}
- KVM: s390: fix LPSWEY handling (CKI Backport Bot) [RHEL-50074]
- cxl/port: Fix delete_endpoint() vs parent unregistration race (John W. Linville) [RHEL-39290 RHEL-23582] {CVE-2023-52771}
- net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() (Petr Oros) [RHEL-49862 RHEL-17486] {CVE-2024-26855}
- ice: fix LAG and VF lock dependency in ice_reset_vf() (Petr Oros) [RHEL-49820 RHEL-17486] {CVE-2024-36003}
- net: wwan: iosm: Fix tainted pointer delete is case of region creation fail (Jose Ignacio Tornos Martinez) [RHEL-47992 RHEL-9429] {CVE-2024-40939}
- wifi: cfg80211: Lock wiphy in cfg80211_get_station (CKI Backport Bot) [RHEL-47770] {CVE-2024-40911}
- wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (CKI Backport Bot) [RHEL-47788] {CVE-2024-40912}
- wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (CKI Backport Bot) [RHEL-47920] {CVE-2024-40929}
- wifi: iwlwifi: mvm: don't read past the mfuart notifcation (CKI Backport Bot) [RHEL-48028] {CVE-2024-40941}
- seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors (Hangbin Liu) [RHEL-48098 RHEL-45826] {CVE-2024-40957}
- ipv6: fix possible race in __fib6_drop_pcpu_from() (Hangbin Liu) [RHEL-47572 RHEL-45826] {CVE-2024-40905}
- redhat/configs: Enable CONFIG_DRM_MGAG200_DISABLE_WRITECOMBINE (Jocelyn Falempe) [RHEL-39581 RHEL-28760]
- drm/mgag200: Add an option to disable Write-Combine (Jocelyn Falempe) [RHEL-39581 RHEL-28760]
- drm/mgag200: Fix caching setup for remapped video memory (Scott Weaver) [RHEL-39581 RHEL-24102]
- Revert "drm/mgag200: Flush the cache to improve latency" (Scott Weaver) [RHEL-39581 RHEL-28760]
- net: psample: fix flag being set in wrong skb (Adrian Moreno) [RHEL-47275]
- net: openvswitch: store sampling probability in cb. (Adrian Moreno) [RHEL-47275]
- net: openvswitch: add psample action (Adrian Moreno) [RHEL-47275]
- net: psample: allow using rate as probability (Adrian Moreno) [RHEL-47275]
- net: psample: skip packet copy if no listeners (Adrian Moreno) [RHEL-47275]
- net: psample: add user cookie (Adrian Moreno) [RHEL-47275]
- i40e: fix: remove needless retries of NVM update (CKI Backport Bot) [RHEL-48169 RHEL-36692]
- ice: Reject pin requests with unsupported flags (Petr Oros) [RHEL-50388 RHEL-17486]
- ice: Don't process extts if PTP is disabled (Petr Oros) [RHEL-50388 RHEL-17486]
- ice: Fix improper extts handling (Petr Oros) [RHEL-50388 RHEL-17486]
- ice: stop destroying and reinitalizing Tx tracker during reset (Petr Oros) [RHEL-50388 RHEL-17486]
- ice: factor out ice_ptp_rebuild_owner() (Petr Oros) [RHEL-50388 RHEL-17486]
- ice: rename ice_ptp_tx_cfg_intr (Petr Oros) [RHEL-50388 RHEL-17486]
- ice: don't check has_ready_bitmap in E810 functions (Petr Oros) [RHEL-50388 RHEL-17486]
- ice: rename verify_cached to has_ready_bitmap (Petr Oros) [RHEL-50388 RHEL-17486]
- ice: pass reset type to PTP reset functions (Petr Oros) [RHEL-50388 RHEL-17486]
- ice: introduce PTP state machine (Petr Oros) [RHEL-50388 RHEL-17486]
- ice: make RX HW timestamp reading code more reusable (Petr Oros) [RHEL-50388 RHEL-17486]
- ice: Rename E822 to E82X (Petr Oros) [RHEL-50388 RHEL-17486]
- ice: periodically kick Tx timestamp interrupt (Petr Oros) [RHEL-50388 RHEL-17486]
- ice: Re-enable timestamping correctly after reset (Petr Oros) [RHEL-50388 RHEL-17486]
- ptp: introduce helpers to adjust by scaled parts per million (Petr Oros) [RHEL-50388 RHEL-17486]
- tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (Andrew Halaney) [RHEL-42566 RHEL-24205] {CVE-2023-52880}
- netfilter: complete validation of user input (Phil Sutter) [RHEL-47384 RHEL-37212] {CVE-2024-35962}
- netfilter: validate user input for expected length (Phil Sutter) [RHEL-41668 RHEL-37212] {CVE-2024-35896}
- scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (Ewan D. Milne) [RHEL-40051 RHEL-39719] {CVE-2024-36025}
- x86/xen: Add some null pointer checking to smp.c (Vitaly Kuznetsov) [RHEL-37615 RHEL-33260] {CVE-2024-26908}
- x86/xen: Fix memory leak in xen_smp_intr_init{_pv}() (Prarit Bhargava) [RHEL-37615 RHEL-25415]

Fri Aug 09 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.31.1.el9_4]

- net: fix __dst_negative_advice() race (CKI Backport Bot) [RHEL-46798] {CVE-2024-36971}
- net: annotate data-races around sk->sk_dst_pending_confirm (CKI Backport Bot) [RHEL-46798] {CVE-2024-36971}

Mon Aug 05 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.30.1.el9_4]

- dmaengine: idxd: add a write() method for applications to submit work (Jerry Snitselaar) [RHEL-35840] {CVE-2024-21823}
- dmaengine: idxd: add a new security check to deal with a hardware erratum (Jerry Snitselaar) [RHEL-35840] {CVE-2024-21823}
- VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist (Jerry Snitselaar) [RHEL-35840] {CVE-2024-21823}
- tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer (Mark Salter) [RHEL-49538 RHEL-39308]
- virtio: delete vq in vp_find_vqs_msix() when request_irq() fails (Jon Maloy) [RHEL-44467] {CVE-2024-37353}
- phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP (Izabela Bakollari) [RHEL-36271 RHEL-26682] {CVE-2024-26600}
- eeprom: at24: fix memory corruption race condition (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
- eeprom: at24: Probe for DDR3 thermal sensor in the SPD case (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
- eeprom: at24: Use dev_err_probe for nvmem register failure (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
- eeprom: at24: Add support for 24c1025 EEPROM (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
- eeprom: at24: remove struct at24_client (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
- at24: Support probing while in non-zero ACPI D state (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
- tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). (CKI Backport Bot) [RHEL-44439] {CVE-2024-37356}
- cxl/region: Fix cxlr_pmem leaks (cki-backport-bot) [RHEL-44486] {CVE-2024-38391}
- tls: fix missing memory barrier in tls_init (cki-backport-bot) [RHEL-44480] {CVE-2024-36489}
- igc: avoid returning frame twice in XDP_REDIRECT (Corinna Vinschen) [RHEL-42714 RHEL-33266] {CVE-2024-26853}
- ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound (Hangbin Liu) [RHEL-44404 RHEL-44402] {CVE-2024-33621}
- ipvlan: add ipvlan_route_v6_outbound() helper (Davide Caratti) [RHEL-44404 RHEL-32205]
- ipvlan: properly track tx_errors (Davide Caratti) [RHEL-44404 RHEL-32205]
- wifi: nl80211: don't free NULL coalescing rule (Jose Ignacio Tornos Martinez) [RHEL-41698 RHEL-39754] {CVE-2024-36941}
- wifi: iwlwifi: dbg-tlv: ensure NUL termination (Jose Ignacio Tornos Martinez) [RHEL-41658 RHEL-37028] {CVE-2024-35845}
- mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work (Ivan Vecera) [RHEL-41556 RHEL-37018] {CVE-2024-35852}
- net: openvswitch: fix overwriting ct original tuple for ICMPv6 (cki-backport-bot) [RHEL-44215] {CVE-2024-38558}
- wifi: iwlwifi: read txq->read_ptr under lock (Jose Ignacio Tornos Martinez) [RHEL-41520 RHEL-39799] {CVE-2024-36922}
- wifi: cfg80211: check A-MSDU format more carefully (Jose Ignacio Tornos Martinez) [RHEL-38754 RHEL-37345] {CVE-2024-35937}
- ice: fix memory corruption bug with suspend and rebuild (Petr Oros) [RHEL-49858 RHEL-17486] {CVE-2024-35911}
- ipv6: prevent possible NULL deref in fib6_nh_init() (Hangbin Liu) [RHEL-48182 RHEL-45826] {CVE-2024-40961}
- netns: Make get_net_ns() handle zero refcount net (Paolo Abeni) [RHEL-48117 RHEL-46610] {CVE-2024-40958}
- net: do not leave a dangling sk pointer, when socket creation fails (Paolo Abeni) [RHEL-48072 RHEL-46610] {CVE-2024-40954}
- net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool() (CKI Backport Bot) [RHEL-47902] {CVE-2024-40928}
- net: netlink: af_netlink: Prevent empty skb by adding a check on len. (Ivan Vecera) [RHEL-43619 RHEL-30344] {CVE-2021-47606}
- bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (CKI Backport Bot) [RHEL-46921] {CVE-2024-39487}
- nfs: fix panic when nfs4_ff_layout_prepare_ds() fails (Benjamin Coddington) [RHEL-42732 RHEL-34875] {CVE-2024-26868}
- efi: fix panic in kdump kernel (Steve Best) [RHEL-42920 RHEL-36998] {CVE-2024-35800}
- ipv6: fix potential "struct net" leak in inet6_rtm_getaddr() (Hangbin Liu) [RHEL-41735 RHEL-31050] {CVE-2024-27417}
- netfilter: nf_tables: do not compare internal table flags on updates (Florian Westphal) [RHEL-41682 RHEL-33985] {CVE-2024-27065}
- ipv6: Fix potential uninit-value access in __ip6_make_skb() (Antoine Tenart) [RHEL-41466 RHEL-39786] {CVE-2024-36903}
- netfilter: nf_tables: honor table dormant flag from netdev release event path (Florian Westphal) [RHEL-40056 RHEL-33985] {CVE-2024-36005}
- cifs: fix underflow in parse_server_interfaces() (Paulo Alcantara) [RHEL-34636 RHEL-31245] {CVE-2024-26828}
- drm/i915/audio: Fix audio time stamp programming for DP (CKI Backport Bot) [RHEL-45843]
- platform/x86: wmi: Fix opening of char device (David Arcari) [RHEL-42548 RHEL-38260] {CVE-2023-52864}
- platform/x86: wmi: remove unnecessary initializations (David Arcari) [RHEL-42548 RHEL-38260] {CVE-2023-52864}
- rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (CKI Backport Bot) [RHEL-43170] {CVE-2024-36017}
- netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain (Florian Westphal) [RHEL-40062 RHEL-33985] {CVE-2024-26808}
- ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr (Jiri Benc) [RHEL-39017 RHEL-32372] {CVE-2024-35969}
- netfilter: nf_tables: flush pending destroy work before exit_net release (Florian Westphal) [RHEL-38765 RHEL-33985] {CVE-2024-35899}
- vt: fix unicode buffer corruption when deleting characters (Andrew Halaney) [RHEL-42947 RHEL-24205] {CVE-2024-35823}

Fri Jul 26 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.29.1.el9_4]

- net: Avoid address overwrite in kernel_connect (Davide Caratti) [RHEL-45728 RHEL-30875]
- net: replace calls to sock->ops->connect() with kernel_connect() (Davide Caratti) [RHEL-45728 RHEL-33410]
- i40e: fix vf may be used uninitialized in this function warning (Kamal Heib) [RHEL-41638 RHEL-39704] {CVE-2024-36020}
- cifs: translate network errors on send to -ECONNABORTED (Jay Shin) [RHEL-47047 RHEL-31245]
- wifi: brcmfmac: pcie: handle randbuf allocation failure (Jose Ignacio Tornos Martinez) [RHEL-44132] {CVE-2024-38575}
- wifi: iwlwifi: mvm: guard against invalid STA ID on removal (Jose Ignacio Tornos Martinez) [RHEL-43208 RHEL-39803] {CVE-2024-36921}
- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (Jose Ignacio Tornos Martinez) [RHEL-42906 RHEL-36809] {CVE-2024-35789}
- wifi: iwlwifi: mvm: don't set the MFP flag for the GTK (Jose Ignacio Tornos Martinez) [RHEL-42886 RHEL-36900] {CVE-2024-27434}
- wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work (Jose Ignacio Tornos Martinez) [RHEL-42860 RHEL-35142] {CVE-2024-27052}
- wifi: mt76: mt7925e: fix use-after-free in free_irq() (Jose Ignacio Tornos Martinez) [RHEL-42856 RHEL-35148] {CVE-2024-27049}
- wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete (Jose Ignacio Tornos Martinez) [RHEL-42743 RHEL-34187] {CVE-2024-26897}
- wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (Jose Ignacio Tornos Martinez) [RHEL-42383 RHEL-35199] {CVE-2023-52651}
- net: core: reject skb_copy(_expand) for fraglist GSO skbs (Xin Long) [RHEL-41402 RHEL-39781] {CVE-2024-36929}

Fri Jul 19 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.28.1.el9_4]

- mlxbf_gige: call request_irq() after NAPI initialized (Kamal Heib) [RHEL-43012 RHEL-37179] {CVE-2024-35907}
- mlxbf_gige: stop PHY during open() error paths (Kamal Heib) [RHEL-43012 RHEL-37179] {CVE-2024-35907}
- mlxbf_gige: stop interface during shutdown (Kamal Heib) [RHEL-41708 RHEL-37244] {CVE-2024-35885}
- net: amd-xgbe: Fix skb data length underflow (Ken Cox) [RHEL-43796 RHEL-43794] {CVE-2022-48743}
- nfp: flower: handle acti_netdevs allocation failure (Ken Cox) [RHEL-42852 RHEL-35158] {CVE-2024-27046}
- block: add check that partition length needs to be aligned with block size (Ming Lei) [RHEL-45501 RHEL-26616] {CVE-2023-52458}
- nfsd: hold a lighter-weight client reference over CB_RECALL_ANY (Benjamin Coddington) [RHEL-45517 RHEL-31513]
- NFSD: CREATE_SESSION must never cache NFS4ERR_DELAY replies (Benjamin Coddington) [RHEL-45517 RHEL-31513]
- NFSD: Document the phases of CREATE_SESSION (Benjamin Coddington) [RHEL-45517 RHEL-31513]
- NFSD: Fix the NFSv4.1 CREATE_SESSION operation (Benjamin Coddington) [RHEL-45517 RHEL-31513]
- icmp: prevent possible NULL dereferences from icmp_build_probe() (Antoine Tenart) [RHEL-42974 RHEL-37002] {CVE-2024-35857}
- NFSv4.1: fix handling NFS4ERR_DELAY when testing for session trunking (Scott Mayhew) [RHEL-45360 RHEL-24133]
- RAS/AMD/ATL: Use system settings for MI300 DRAM to normalized address translation (Aristeu Rozanski) [RHEL-46335 RHEL-38634]
- RAS/AMD/ATL: Fix MI300 bank hash (Aristeu Rozanski) [RHEL-46335 RHEL-38634]
- net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (Hangbin Liu) [RHEL-42689 RHEL-33271] {CVE-2024-26852}
- epoll: be better about file lifetimes (Pavel Reichl) [RHEL-44091 RHEL-44083] {CVE-2024-38580}
- scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (Dick Kennedy) [RHEL-40659 RHEL-40665 RHEL-24508 RHEL-39793] {CVE-2024-36924}
- scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (Dick Kennedy) [RHEL-40659 RHEL-40669 RHEL-24508 RHEL-39887] {CVE-2024-36952}
- bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel (Viktor Malik) [RHEL-42640 RHEL-31726] {CVE-2024-26737}
- can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv (Ken Cox) [RHEL-41489 RHEL-38415] {CVE-2021-47459}
- wifi: ath11k: restore country code during resume (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
- wifi: ath11k: refactor setting country code logic (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
- bus: mhi: host: Add mhi_power_down_keep_dev() API to support system suspend/hibernation (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
- net: qrtr: support suspend/hibernation (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
- wifi: ath11k: support hibernation (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
- wifi: ath11k: thermal: don't try to register multiple times (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
- wifi: ath11k: fix warning on DMA ring capabilities event (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
- wifi: ath11k: do not dump SRNG statistics during resume (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
- wifi: ath11k: remove MHI LOOPBACK channels (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
- wifi: ath11k: rearrange IRQ enable/disable in reset path (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]

Mon Jul 15 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.27.1.el9_4]

- drm/ast: Fix soft lockup (CKI Backport Bot) [RHEL-45716]
- dm: call the resume method on internal suspend (Benjamin Marzinski) [RHEL-41838 RHEL-33217] {CVE-2024-26880}
- KVM: arm64: Do not re-initialize the KVM lock (Sebastian Ott) [RHEL-37528 RHEL-36279]
- KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() (Sebastian Ott) [RHEL-37528 RHEL-36279]
- KVM: arm64: Fix host-programmed guest events in nVHE (Sebastian Ott) [RHEL-37528 RHEL-36279]
- KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler (Sebastian Ott) [RHEL-37528 RHEL-36279]
- KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() (Sebastian Ott) [RHEL-37528 RHEL-36279]
- KVM: arm64: Fix double-free following kvm_pgtable_stage2_free_unlinked() (Sebastian Ott) [RHEL-37528 RHEL-36279]
- octeontx2-af: Use separate handlers for interrupts (Kamal Heib) [RHEL-42846 RHEL-35170] {CVE-2024-27030}
- Squashfs: check the inode number is not the invalid value of zero (Abhi Das) [RHEL-42811 RHEL-35098] {CVE-2024-26982}
- net: fix sk_memory_allocated_{add|sub} vs softirqs (Paolo Abeni) [RHEL-36773 RHEL-34070]
- tcp: sk_forced_mem_schedule() optimization (Paolo Abeni) [RHEL-36773 RHEL-34070]
- net: make SK_MEMORY_PCPU_RESERV tunable (Paolo Abeni) [RHEL-36773 RHEL-34070]
- ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() (Pavel Reichl) [RHEL-42655 RHEL-31690] {CVE-2024-26773}
- scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (John Meneghini) [RHEL-42528 RHEL-38200] {CVE-2023-52809}
- KVM: x86/mmu: Retry fault before acquiring mmu_lock if mapping is changing (Maxim Levitsky) [RHEL-43388]
- s390/cpum_cf: make crypto counters upward compatible across machine types (Tobias Huschle) [RHEL-40398 RHEL-36047]
- RAS: enable CONFIG_RAS_FMPM (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
- RAS: Avoid build errors when CONFIG_DEBUG_FS=n (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
- RAS/AMD/FMPM: Safely handle saved records of various sizes (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
- RAS/AMD/FMPM: Avoid NULL ptr deref in get_saved_records() (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
- Merge tag 'edac_updates_for_v6.9' of git://git.kernel.org/pub/scm/linux/kernel/git/ras/ras (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
- RAS/AMD/FMPM: Fix off by one when unwinding on error (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
- RAS/AMD/FMPM: Add debugfs interface to print record entries (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
- RAS/AMD/FMPM: Save SPA values (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
- RAS: Export helper to get ras_debugfs_dir (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
- RAS/AMD/ATL: Fix bit overflow in denorm_addr_df4_np2() (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
- RAS: Introduce a FRU memory poison manager (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
- x86/cpu/amd: Provide a separate accessor for Node ID (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
- RAS/AMD/ATL: Add MI300 row retirement support (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
- Documentation: Move RAS section to admin-guide (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
- RAS/AMD/ATL: Add MI300 DRAM to normalized address translation support (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
- RAS/AMD/ATL: Fix array overflow in get_logical_coh_st_fabric_id_mi300() (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
- RAS/AMD/ATL: Add MI300 support (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
- Documentation: RAS: Add index and address translation section (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
- cpu/SMT: Make SMT control more robust against enumeration failures (Aristeu Rozanski) [RHEL-36212 RHEL-17008]