Fedora 26: 2018-4ca01704a2 Critical: Kernel Denial Of Service

The kernel meta package

The 4.15.17 update contains a number of important fixes across the tree.

* Thu Apr 12 2018 Laura Abbott - 4.15.17-200

- Linux v4.15.17

* Thu Apr 12 2018 Justin M. Forbes

- Fix CVE-2018-10021 (rhbz 1566407 1566409)

* Mon Apr 9 2018 Laura Abbott - 4.15.16-200

- Linux v4.15.16

* Mon Apr 2 2018 Laura Abbott - 4.15.15-200

- Linux v4.15.15

* Thu Mar 29 2018 Laura Abbott - 4.15.14-200

- Linux v4.15.14

* Thu Mar 29 2018 Jeremy Cline

- Fix mounting NFS with kerberos (rhbz 1558977)

* Mon Mar 26 2018 Laura Abbott - 4.15.13-200

- Linux v4.15.13

* Thu Mar 22 2018 Laura Abbott - 4.15.12-201

- Rebuild for kernel-devel fix

* Thu Mar 22 2018 Jeremy Cline

- Fix for nouveau backlight regression (rhbz 1511786)

* Wed Mar 21 2018 Laura Abbott - 4.15.12-200

- Linux v4.15.12

* Mon Mar 19 2018 Laura Abbott - 4.15.11-200

- Linux v4.15.11

* Mon Mar 19 2018 Justin M. Forbes

- Fix CVE-2017-18232 (rhbz 1558066 1558067)

* Thu Mar 15 2018 Laura Abbott - 4.15.10-200

- Linux v4.15.10

- Fix for dock booting (rhbz 1549042)

- Fix THP bug (rhbz 1546709)

* Mon Mar 12 2018 Laura Abbott - 4.15.9-200

- Linux v4.15.9

* Mon Mar 12 2018 Justin M. Forbes

- Fix CVE-2018-7995 (rhbz 1553911 1553918)

- Fix CVE-2018-8043 (rhbz 1554199 1554200)

* Fri Mar 9 2018 Laura Abbott - 4.15.8-200

- Linux v4.15.8

* Thu Mar 8 2018 Justin M. Forbes

- Fix CVE-2018-7757 (rhbz 1553361 1553363)

* Tue Mar 6 2018 Laura Abbott

- Fixes for IPMI crash (rbhz 1549316)

* Mon Mar 5 2018 Justin M. Forbes

- Fix CVE-2018-5803 (rhbz 1551051 1551053)

* Fri Mar 2 2018 Justin M. Forbes

- Fix CVE-2018-1065 (rhbz 1547824 1547831)

* Wed Feb 28 2018 Laura Abbott - 4.15.7-200

- Linux v4.15.7

- Fix IPMI crash (rhbz 1549316)

* Mon Feb 26 2018 Laura Abbott - 4.15.6-200

- Linux v4.15.6

* Fri Feb 23 2018 Laura Abbott - 4.15.5-200

- Linux v4.15.5

* Mon Feb 19 2018 Laura Abbott - 4.15.4-200

- Linux v4.15.4

* Mon Feb 19 2018 Justin M. Forbes

- Fix CVE-2018-1000026 (rhbz 1541846 1546744)

* Tue Feb 13 2018 Laura Abbott - 4.15.3-200

- Linux v4.15.3 rebase

* Wed Feb 7 2018 Justin M. Forbes - 4.14.18-200

- Linux v4.14.18

* Mon Feb 5 2018 Justin M. Forbes - 4.14.17-200

- Linux v4.14.17

* Wed Jan 31 2018 Justin M. Forbes - 4.14.16-200

- Linux v4.14.16

* Mon Jan 29 2018 Justin M. Forbes

- Fix CVE-2018-5750 (rhbz 1539706 1539708)

- Fix softlockup (rhbz 1492664 1492665)

* Sat Jan 27 2018 Laura Abbott

- Add support for Wacom tablet (rhbz 1539238)

* Fri Jan 26 2018 Justin M. Forbes - 4.14.15-201

- Revert retpoline vermagic tag

* Wed Jan 24 2018 Justin M. Forbes - 4.14.15-200

- Linux v4.14.15

- Fix CVE-2018-1000004 (rhbz 1535315 1535316)

* Tue Jan 23 2018 Laura Abbott

- Fix for nouveau crash (rhbz 1513150)

* Thu Jan 18 2018 Justin M. Forbes - 4.14.14-300

- Add some ppc mitigations from upstream

* Wed Jan 17 2018 Justin M. Forbes

- Linux v4.14.14

- Fixes (rhbz 1532458)

* Fri Jan 12 2018 Jeremy Cline

- Fix for CVE-2018-5344 (rhbz 1533909 1533911)

- Fix for CVE-2018-5332 (rhbz 1533890 1533895)

- Fix for CVE-2018-5333 (rhbz 1533891 1533895)

* Wed Jan 10 2018 Justin M. Forbes - 4.14.13-200

- Linux v4.14.13

- Iniital retpoline fixes for Spectre v2

* Mon Jan 8 2018 Laura Abbott

- Disable CONFIG_RESET_ATTACK_MITIGATION (rhbz 1532058)

* Fri Jan 5 2018 Laura Abbott

- Copy module linker script (rhbz 1531182)

* Fri Jan 5 2018 Justin M. Forbes - 4.14.12-200

- Linux v4.14.12

- Add a patch to filter false positive kbd backlight change events (rhbz 1514969)

* Wed Jan 3 2018 Justin M. Forbes - 4.14.11-200

- Linux v4.14.11

* Mon Jan 1 2018 Laura Abbott - 4.14.10-200

- Linux v4.14.10

* Tue Dec 26 2017 Justin M. Forbes - 4.14.9-200

- Linux v4.14.9

- Fixes CVE-2017-17862 CVE-2017-17863 CVE-2017-17864 (rhbz 1529120 1529123 1529124 1529125)

- Fixes CVE-2017-17852 CVE-2017-17853 CVE-2017-17854 CVE-2017-17855 CVE-2017-17856 CVE-2017-17857

(rhbz 1530269 1530270 1530271 1530272 1530273 1530274 1530279)

* Wed Dec 20 2017 Justin M. Forbes - 4.14.8-200

- Linux v4.14.8

* Wed Dec 20 2017 Jeremy Cline

- Backport fix e1000_check_for_copper_link_ich8lan return value

* Tue Dec 19 2017 Justin M. Forbes

- Fix CVE-2017-17741 (rhbz 1527112 1527113)

* Mon Dec 18 2017 Justin M. Forbes - 4.14.7-200

- Linux v4.14.7

- Fix CVE-2017-17712 (rhbz 1526427 1526933)

* Thu Dec 14 2017 Jeremy Cline - 4.14.6-200

- Linux v4.14.6

- Security fix for CVE-2017-17449 (rhbz 1525762 1525763)

- Security fix for CVE-2017-17450 (rhbz 1525761 1525764)

- Security fix for CVE-2017-17448 (rhbz 1525768 1525769)

* Wed Dec 13 2017 Jeremy Cline

- Fix CVE-2017-17558 (rhbz 1525474 1525476)

- Revert exec: avoid RLIMIT_STACK races with prlimit()

* Tue Dec 12 2017 Jeremy Cline

- Fix CVE-2017-8824 (rhbz 1519591 1520764)

* Mon Dec 11 2017 Jeremy Cline

- Re-fix USB null pointer dereference on ThinkPad X1 (rhbz 1462175)

* Mon Dec 11 2017 Jeremy Cline - 4.14.5-200

- Linux v4.14.5

* Thu Dec 7 2017 Jeremy Cline - 4.14.4-200

- Linux v4.14.4 rebase

- Fixes for dwmac-sun8i for A64/Pine64

- Fixes for Cavium ThunderX (rhbz 1521190)

* Thu Nov 30 2017 Jeremy Cline - 4.13.16-202

- Fix CVE-2017-1000405 (rhbz 1516514 1519115)

* Wed Nov 29 2017 Jeremy Cline - 4.13.16-201

- Fix USB null pointer dereference on ThinkPad X1 (rhbz 1462175)

- Patches ppc64, ppc64le mm failure (rhbz 1518707)

* Mon Nov 27 2017 Jeremy Cline - 4.13.16-200

- Linux v4.13.16

- Fix CVE-2017-16649 (rhbz 1516267 1516274)

- Fix CVE-2017-16650 (rhbz 1516265 1516274)

- Fix CVE-2017-16644 (rhbz 1516273 1516274)

- Fix CVE-2017-16647 (rhbz 1516270 1516274)

* Tue Nov 21 2017 Justin M. Forbes

- Fix cursor issues with QXL (rhbz 1507931)

* Tue Nov 21 2017 Jeremy Cline - 4.13.15-200

- Linux v4.13.15

* Mon Nov 20 2017 Laura Abbott

- Enable driver for the Behringer BCD 2000 (rhbz 1514945)

* Sun Nov 19 2017 Jeremy Cline - 4.13.14-200

- Linux v4.13.14

* Wed Nov 15 2017 Jeremy Cline - 4.13.13-200

- Linux v4.13.13

- Fix CVE-2017-15115 (rhbz 1513346 1513345)

* Wed Nov 15 2017 Peter Robinson

- Add fix for vc4 interupts

* Wed Nov 8 2017 Jeremy Cline - 4.13.12-200

- Linux v4.13.12

* Wed Nov 8 2017 Justin M. Forbes

- Fix CVE-2017-16532 (rhbz 1510835 1510854)

- Fix CVE-2017-16538 (rhbz 1510826 1510854)

* Mon Nov 6 2017 Laura Abbott

- Patches for ThinkPad X1 Carbon Gen5 Touchpad (rhbz 1509461)

- Fix for KVM regression on some machines (rhbz 1490803)

* Thu Nov 2 2017 Jeremy Cline - 4.13.11-200

- Linux v4.13.11

- Fix CVE-2017-12193 (rhbz 1501215 1508717)

- SMB3: Validate negotiate request must always be signed (rhbz 1502606)

- Backport new SELinux NNP/nosuid patch to resolve interactions with systemd

* Wed Nov 1 2017 Laura Abbott

- Add fix for potential mlxsw firmware incompatibility

* Fri Oct 27 2017 Jeremy Cline - 4.13.10-200

- Linux v4.13.10

* Mon Oct 23 2017 Laura Abbott - 4.13.9-200

- Linux v4.13.9

* Wed Oct 18 2017 Laura Abbott - 4.13.8-200

- Linux v4.13.8

- Fix CVE-2017-12190 (rhbz 1495089 1503580)

* Mon Oct 16 2017 Justin M. Forbes - 4.13.7-200

- Linux v4.13.7

- Fixes CVE-2017-5123 (rhbz 1500094 1501762)

- Fix CVE-2017-15265 (rhbz 1501878 1501880)

* Thu Oct 12 2017 Justin M. Forbes - 4.13.6-200

- Linux v4.13.6

- Fixes CVE-2017-1000255 (rhbz 1498067 1500335)

* Thu Oct 12 2017 Peter Robinson

- Some minor ARM fixes and cleanups

- Fixes for Cavium ThunderX plaforms

* Wed Oct 11 2017 Jeremy Cline

- Fix incorrect updates of uninstantiated keys crash the kernel (rhbz 1498016 1498017)

* Tue Oct 10 2017 Justin M. Forbes

- Disable kernel tracking on SMBus devices (rhbz 1482648)

* Fri Oct 6 2017 Peter Robinson

- ARM ACPI fix for x-gene RHBZ #1498117

* Thu Oct 5 2017 Laura Abbott - 4.13.5-200

- Linux v4.13.5

- Fix for peaq_wmi nul spew (rhbz 1497861)

- Fixes CVE-2017-14954 (rhbz 1497745 1497747)

* Thu Sep 28 2017 Laura Abbott - 4.13.4-200

- Linux v4.13.4

* Mon Sep 25 2017 Peter Robinson

- Add patch to fix PCI on tegra20

* Thu Sep 21 2017 Laura Abbott - 4.13.3-200

- Linux v4.13.3

- Fix NFS locks (rhbz 1493498)

- Fix bindport regression (rhbz 1432684)

* Wed Sep 20 2017 Justin M. Forbes - 4.12.14-300

- Linux v4.12.14

- Fixes 1493435 1493436

- Fixes CVE-2017-14497 (rhbz 1492593 1492594)

* Mon Sep 18 2017 Justin M. Forbes

- Fixes for QXL (rhbz 1462381)

* Thu Sep 14 2017 Justin M. Forbes - 4.12.13-300

- Linux v4.12.13

* Wed Sep 13 2017 Justin M. Forbes

- Fix CVE-2017-12154 (rhbz 1491224 1491231)

- Fix CVE-2017-12153 (rhbz 1491046 1491057)

- Fix CVE-2017-1000251 (rhbz 1489716 1490906)

* Mon Sep 11 2017 Justin M. Forbes - 4.12.12-300

- Linux v4.12.12

- QXL Fixes

- Fix for xen ballow with AWS (rhbz 1463000)

* Thu Sep 7 2017 Justin M. Forbes - 4.12.11-300

- Linux v4.12.11

* Thu Aug 31 2017 Justin M. Forbes - 4.12.10-300

- Fix CVE-2017-14051 (rhbz 1487126 1487127)

* Wed Aug 30 2017 Justin M. Forbes

- Linux v4.12.10

- Fix for CVE-2017-13693 (rhbz 1485346 1485356)

- Fix for CVE-2017-13694 (rhbz 1485348)

- Fix for CVE-2017-13695 (rhbz 1485349)

- Fix for raid 1/10 (rhbz 1484587)

* Fri Aug 25 2017 Justin M. Forbes - 4.12.9-300

- Linux v4.12.9

- For for AMD Stoney GPU (rhbz 1485086)

- Fix for RT3573 regression (rhbz 1480829)

- Fix for CVE-2017-7558 (rhbz 1480266 1484810)

- Fix for kvm_stat (rhbz 1483527)

* Thu Aug 17 2017 Justin M. Forbes

- Fix for vmalloc_32 crash (rhbz 1482249 1482570)

* Thu Aug 17 2017 Justin M. Forbes - 4.12.8-300

- Linux v4.12.8

* Wed Aug 16 2017 Laura Abbott

- Fix for iio race

* Wed Aug 16 2017 Justin M. Forbes

- Fix xen CVE-2017-12134 (rhbz 1477656 1481786)

* Mon Aug 14 2017 Justin M. Forbes - 4.12.7-300

- Linux v4.12.7

* Fri Aug 11 2017 Justin M. Forbes - 4.12.6-300

- Linux v4.12.6

- Fix CVE-2017-1000111 (rhbz 1479304 1480464)

- Fix CVE-2017-1000112 (rhbz 1479307 1480465)

* Fri Aug 11 2017 Dan Horak

- disable SWIOTLB on Power (#1480380)

* Fri Aug 11 2017 Josh Boyer

- Disable MEMORY_HOTPLUG_DEFAULT_ONLINE on ppc64 (rhbz 1476380)

* Mon Aug 7 2017 Justin M. Forbes - 4.12.5-300

- Linux v4.12.5

- Fixes CVE-2017-7533 (rhbz 1468283 1478086)

* Thu Aug 3 2017 Justin M. Forbes

- Temp fix for QXL (rhbz 1462381)

- Fix for signed module loading (rhbz 1476467)

* Thu Aug 3 2017 Laura Abbott

- Keep UDF in the main kernel package (rhbz 1471314)

* Thu Jul 27 2017 Justin M. Forbes - 4.12.4-300

- Linux v4.12.4

* Wed Jul 26 2017 Justin M. Forbes

- Fix mtx (rhbz 1471302)

* Tue Jul 25 2017 Justin M. Forbes

- Force python3 for kvm_stat because we can't dep (rhbz 1456722)

* Tue Jul 25 2017 Peter Robinson 4.12.3-301

- Bring in ARM patches from stabilization branch

* Mon Jul 24 2017 Justin M. Forbes - 4.12.3-300

- Linux v4.12.3

- Fix rhbz 1431375

* Mon Jul 17 2017 Laura Abbott - 4.11.11-300

- Linux v4.11.11

- Bring back /dev/port (rhbz 1471429 1451220)

* Wed Jul 12 2017 Peter Robinson

- Build in i2c-rk3x to fix some device boot

* Wed Jul 12 2017 Laura Abbott - 4.11.10-300

- Linux v4.11.10

* Mon Jul 10 2017 Laura Abbott

- Only call pwm_add_table for the first PWM controller (rhbz 1458599)

* Thu Jul 6 2017 Justin M. Forbes

- CVE-2017-10810 fix virtio-gpu mem leak (rhbz 1468023 1468024)

* Wed Jul 5 2017 Laura Abbott - 4.11.9-300

- Linux v4.11.9

[ 1 ] Bug #1566407 - CVE-2018-10021 kernel: ata qc leak in drivers/scsi/libsas/sas_scsi_host.c allows local users to cause denial-of-service

https://bugzilla.redhat.com/show_bug.cgi?id=1566407

su -c 'dnf upgrade --advisory FEDORA-2018-4ca01704a2' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org