Fedora 30: 2019-021c968423 Critical: Kernel Memory Leak Fix

The kernel meta package

The 5.3.12 update contains a number of important fixes across the tree

* Thu Nov 21 2019 Justin M. Forbes - 5.3.12-200

- Fix CVE-2019-19074 (rhbz 1774933 1774934)

- Fix CVE-2019-19073 (rhbz 1774937 1774939)

- Fix CVE-2019-19072 (rhbz 1774946 1774947)

- Fix CVE-2019-19071 (rhbz 1774949 1774950)

- Fix CVE-2019-19070 (rhbz 1774957 1774958)

- Fix CVE-2019-19068 (rhbz 1774963 1774965)

- Fix CVE-2019-19043 (rhbz 1774972 1774973)

- Fix CVE-2019-19066 (rhbz 1774976 1774978)

- Fix CVE-2019-19046 (rhbz 1774988 1774989)

- Fix CVE-2019-19050 (rhbz 1774998 1775002)

- Fix CVE-2019-19062 (rhbz 1775021 1775023)

- Fix CVE-2019-19064 (rhbz 1775010 1775011)

- Fix CVE-2019-19063 (rhbz 1775015 1775016)

- Fix CVE-2019-19059 (rhbz 1775042 1775043)

- Fix CVE-2019-19058 (rhbz 1775047 1775048)

- Fix CVE-2019-19057 (rhbz 1775050 1775051)

- Fix CVE-2019-19053 (rhbz 1775956 1775110)

- Fix CVE-2019-19056 (rhbz 1775097 1775115)

- Fix CVE-2019-19055 (rhbz 1775074 1775116)

- Fix CVE-2019-19054 (rhbz 1775063 1775117)

* Thu Nov 21 2019 Laura Abbott

- Linux v5.3.12

* Tue Nov 12 2019 Justin M. Forbes - 5.3.11-200

- Linux v5.3.11

- Fixes CVE-2019-11135 (rhbz 1753062 1771649)

- Fixes CVE-2018-12207 (rhbz 1646768 1771645)

- Fixes CVE-2019-0154 (rhbz 1724393 1771642)

- Fixes CVE-2019-0155 (rhbz 1724398 1771644)

* Mon Nov 11 2019 Laura Abbott - 5.3.10-200

- Linux v5.3.10

* Thu Nov 7 2019 Jeremy Cline

- Add support for a number of Macbook keyboards and touchpads (rhbz 1769465)

* Wed Nov 6 2019 Laura Abbott - 5.3.9-200

- Linux v5.3.9

* Tue Oct 29 2019 Laura Abbott - 5.3.8-200

- Linux v5.3.8

- Fix CVE-2019-17666 (rhbz 1763692)

* Fri Oct 18 2019 Laura Abbott - 5.3.7-200

- Linux v5.3.7

* Mon Oct 14 2019 Laura Abbott - 5.3.6-200

- Linux v5.3.6

* Fri Oct 11 2019 Laura Abbott

- Fix disappearing cursor issue (rhbz 1738614)

* Fri Oct 11 2019 Peter Robinson

- Last iwlwifi fix for the recent firmware issues (rhbz 1733369)

* Tue Oct 8 2019 Laura Abbott - 5.3.5-200

- Linux v5.3.5 Rebase

* Wed Oct 2 2019 Justin M. Forbes

- Fix CVE-2019-17052 CVE-2019-17053 CVE-2019-17054 CVE-2019-17055 CVE-2019-17056

(rhbz 1758239 1758240 1758242 1758243 1758245 1758246 1758248 1758249 1758256 1758257)

* Tue Oct 1 2019 Justin M. Forbes - 5.2.18-200

- Linux v5.2.18

* Mon Sep 23 2019 Peter Robinson

- Upstream patch for iwlwifi 8000 series FW issues (rhbz: 1749949)

* Mon Sep 23 2019 Justin M. Forbes - 5.2.17-200

- Linux v5.2.17

* Thu Sep 19 2019 Laura Abbott

- Fix for dwc3 (rhbz 1753099)

* Thu Sep 19 2019 Justin M. Forbes - 5.2.16-200

- Linux v5.2.16

- Fix CVE-2019-14821 (rhbz 1746708 1753596)

* Mon Sep 16 2019 Justin M. Forbes - 5.2.15-200

- Linux v5.2.15

- Fixes rhbz 1751901

* Tue Sep 10 2019 Justin M. Forbes - 5.2.14-200

- Linux v5.2.14

* Fri Sep 6 2019 Justin M. Forbes - 5.2.13-200

- Linux v5.2.13

* Thu Aug 29 2019 Justin M. Forbes - 5.2.11-200

- Linux v5.2.11

- Fix CVE-2019-15504 (rhbz 1746725 1746726)

- Fix CVE-2019-15505 (rhbz 1746732 1746734)

- Fix CVE-2019-15538 (rhbz 1746777 1746779)

* Wed Aug 28 2019 Justin M. Forbes

- Fix mwifiex CVE-2019-14814 CVE-2019-14815 CVE-2019-14816

- (rhbz 1744130 1744137 1744149 1746566 1746567)

* Mon Aug 26 2019 Justin M. Forbes - 5.2.10-200

- Linux v5.2.10

* Fri Aug 16 2019 Justin M. Forbes - 5.2.9-200

- Linux v5.2.9

* Sat Aug 10 2019 Justin M. Forbes - 5.2.8-200

- Linux v5.2.8

* Thu Aug 8 2019 Justin M. Forbes - 5.2.7-200

- Linux v5.2.7

* Tue Aug 6 2019 Laura Abbott

- Fix netfilter regression (rhbz 1737171)

* Mon Aug 5 2019 Justin M. Forbes - 5.2.6-200

- Linux v5.2.6

- Temporary fixes for (rhbz 1737046 1730762)

* Wed Jul 31 2019 Justin M. Forbes - 5.2.5-200

- Linux v5.2.5

- Fix CVE-2019-10207 (rhbz 1733874 1734242)

* Tue Jul 30 2019 Justin M. Forbes

- Fix for screen freezes with i915

* Mon Jul 29 2019 Justin M. Forbes - 5.2.4-200

- Linux v5.2.4 Rebase

* Fri Jul 26 2019 Jeremy Cline - 5.1.20-300

- Linux v5.1.20

* Mon Jul 22 2019 Laura Abbott

- Bring in DMA fix (rhbz 1732045)

* Mon Jul 22 2019 Jeremy Cline - 5.1.19-300

- Linux v5.1.19

- Fix Xen Security Advisory 300 (rhbz 1731862 1731864)

- Fix a null pointer dereference in the 8250_lpss serial driver (rhbz 1731784)

* Thu Jul 18 2019 Jeremy Cline

- Fix CVE-2019-13631 (rhbz 1731000 1731001)

* Mon Jul 15 2019 Jeremy Cline - 5.1.18-300

- Linux v5.1.18

* Wed Jul 10 2019 Jeremy Cline - 5.1.17-300

- Linux v5.1.17

* Mon Jul 8 2019 Jeremy Cline

- Fix a firmware crash in Intel 7000 and 8000 devices (rhbz 1716334)

* Thu Jul 4 2019 Peter Robinson

- Fixes for load avg and display on Raspberry Pi

* Wed Jul 3 2019 Jeremy Cline - 5.1.16-300

- Linux v5.1.16

- Fix an issue with deleting singular conntrack entries (rhbz 1724357)

* Tue Jun 25 2019 Jeremy Cline - 5.1.15-300

- Linux v5.1.15

- Fixes CVE-2019-12817 (rhbz 1720616 1723697)

* Mon Jun 24 2019 Hans de Goede

- Extend GPD MicroPC LCD panel quirk to also apply to newer BIOS versions

* Mon Jun 24 2019 Jeremy Cline - 5.1.14-300

- Linux v5.1.14

* Wed Jun 19 2019 Jeremy Cline - 5.1.12-300

- Linux v5.1.12

* Mon Jun 17 2019 Jeremy Cline - 5.1.11-300

- Linux v5.1.11

- Fixes CVE-2019-11477 (rhbz 1719123 1721254)

- Fixes CVE-2019-11479 (rhbz 1719129 1721255)

- Fixes CVE-2019-11478 (rhbz 1719128 1721256)

* Mon Jun 17 2019 Jeremy Cline - 5.1.10-300

- Linux v5.1.10

* Fri Jun 14 2019 Hans de Goede

- Fix the LCD panel an Asus EeePC 1025C not lighting up (rhbz#1697069)

- Fix the LCD panel on the GPD MicroPC not working

* Thu Jun 13 2019 Justin M. Forbes

- Fix CVE-2019-10126 (rhbz 1716992 1720122)

* Tue Jun 11 2019 Jeremy Cline - 5.1.9-300

- Linux v5.1.9

- Fix UDP checkshums for SIP packets (rhbz 1716289)

* Sun Jun 9 2019 Jeremy Cline - 5.1.8-300

- Linux v5.1.8

* Fri Jun 7 2019 Justin M. Forbes

- Fix CVE-2019-12614 (rhbz 1718176 1718185)

* Thu Jun 6 2019 Jeremy Cline

- Fix incorrect permission denied with lock down off (rhbz 1658675)

- Fix an issue with the IPv6 neighbor table (rhbz 1708717)

* Wed Jun 5 2019 Justin M. Forbes

- Fix CVE-2019-12456 (rhbz 1717182 1717183)

* Tue Jun 4 2019 Jeremy Cline - 5.1.7-300

- Linux v5.1.7

- Fix CVE-2019-12455 (rhbz 1716990 1717003)

- Fix CVE-2019-12454 (rhbz 1716996 1717003)

* Mon Jun 3 2019 Justin M. Forbes

- Fix CVE-2019-12378 (rhbz 1715459 1715460)

- Fix CVE-2019-3846 (rhbz 1713059 1715475)

- Fix CVE-2019-12380 (rhbz 1715494 1715495)

- Fix CVE-2019-12381 (rhbz 1715501 1715502)

- Fix CVE-2019-12382 (rhbz 1715554 1715556)

- Fix CVE-2019-12379 (rhbz 1715491 1715706)

* Fri May 31 2019 Laura Abbott - 5.1.6-300

- Linux v5.1.6

* Sat May 25 2019 Jeremy Cline - 5.1.5-300

- Linux v5.1.5

* Fri May 24 2019 Jeremy Cline - 5.1.4-301

- Fix fstrim discarding too many blocks

* Wed May 22 2019 Jeremy Cline - 5.1.4-300

- Linux v5.1.4

- Fix an issue with Bluetooth 2.0 and earlier devices (rhbz 1711468)

* Mon May 20 2019 Laura Abbott - 5.0.17-300

- Linux v5.0.17

* Tue May 14 2019 Justin M. Forbes - 5.0.16-300

- Linux v5.0.16

- Fixes CVE-2018-12126 (rhbz 1646781 1709976)

- Fixes CVE-2018-12127 (rhbz 1667782 1709978)

- Fixes CVE-2018-12130 (rhbz 1646784 1709989 1709996)

- Fixes CVE-2019-11091 (rhbz 1705312 1709983)

* Mon May 13 2019 Laura Abbott - 5.0.15-300

- Linux v5.0.15

- Fixes CVE-2019-11884 (rhbz 1709837 1709838)

* Thu May 9 2019 Laura Abbott - 5.0.14-300

- Linux v5.0.14

* Mon May 6 2019 Laura Abbott - 5.0.13-300

- Linux v5.0.13

* Sat May 4 2019 Laura Abbott - 5.0.12-300

- Linux v5.0.12

* Thu May 2 2019 Laura Abbott - 5.0.11-300

- Linux v5.0.11

* Tue Apr 30 2019 Laura Abbott - 5.0.10-300

- Linux v5.0.10

* Tue Apr 30 2019 Hans de Goede

- Fix wifi on various ideapad models not working (rhbz#1703338)

* Thu Apr 25 2019 Justin M. Forbes

- Fix CVE-2019-3900 (rhbz 1698757 1702940)

[ 1 ] Bug #1774933 - CVE-2019-19074 kernel: a memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c allows DoS

https://bugzilla.redhat.com/show_bug.cgi?id=1774933

[ 2 ] Bug #1774937 - CVE-2019-19073 kernel: Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel (DOS)

https://bugzilla.redhat.com/show_bug.cgi?id=1774937

[ 3 ] Bug #1774946 - CVE-2019-19072 kernel: A memory leak in the predicate_parse() function in kernel/trace/trace_events_filter.c allows for a DoS

https://bugzilla.redhat.com/show_bug.cgi?id=1774946

[ 4 ] Bug #1774949 - CVE-2019-19071 kernel: A memory leak in the rsi_send_beacon() function in drivers/net/wireless/rsi/rsi_91x_mgmt.c allows for a DoS

https://bugzilla.redhat.com/show_bug.cgi?id=1774949

[ 5 ] Bug #1774957 - CVE-2019-19070 kernel: A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c allows for a DoS

https://bugzilla.redhat.com/show_bug.cgi?id=1774957

[ 6 ] Bug #1774963 - CVE-2019-19068 kernel: A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c allows for a DoS

https://bugzilla.redhat.com/show_bug.cgi?id=1774963

[ 7 ] Bug #1774972 - CVE-2019-19043 kernel: dos in i40e_setup_macvlans() function in drivers/net/ethernet/intel/i40e/i40e_main.c

https://bugzilla.redhat.com/show_bug.cgi?id=1774972

[ 8 ] Bug #1774976 - CVE-2019-19066 kernel: A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/bfad_attr.c allows for a DoS

https://bugzilla.redhat.com/show_bug.cgi?id=1774976

[ 9 ] Bug #1774988 - CVE-2019-19046 kernel: dos in in the __ipmi_bmc_register() function in drivers/char/ipmi/ipmi_msghandler.c

https://bugzilla.redhat.com/show_bug.cgi?id=1774988

[ 10 ] Bug #1774998 - CVE-2019-19050 kernel: dos in crypto_reportstat() function in crypto/crypto_user_stat.c

https://bugzilla.redhat.com/show_bug.cgi?id=1774998

[ 11 ] Bug #1775021 - CVE-2019-19062 kernel: A memory leak in the crypto_report() function in crypto/crypto_user_base.c allows for a DoS

https://bugzilla.redhat.com/show_bug.cgi?id=1775021

[ 12 ] Bug #1775010 - CVE-2019-19064 kernel: A memory leak in the fsl_lpspi_probe() function in drivers/spi/spi-fsl-lpspi.c allows for a DoS

https://bugzilla.redhat.com/show_bug.cgi?id=1775010

[ 13 ] Bug #1775015 - CVE-2019-19063 kernel: Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c allow for a DoS

https://bugzilla.redhat.com/show_bug.cgi?id=1775015

[ 14 ] Bug #1775042 - CVE-2019-19059 kernel: Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function in drivers/net/wireless/intel/iwlwifi/pcie/ctxt-info-gen3.c allows for a DoS

https://bugzilla.redhat.com/show_bug.cgi?id=1775042

[ 15 ] Bug #1775047 - CVE-2019-19058 kernel: A memory leak in the alloc_sgtable() function in drivers/net/wireless/intel/iwlwifi/fw/dbg.c allows for a DoS

https://bugzilla.redhat.com/show_bug.cgi?id=1775047

[ 16 ] Bug #1775050 - CVE-2019-19057 kernel: Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows for a DoS

https://bugzilla.redhat.com/show_bug.cgi?id=1775050

[ 17 ] Bug #1775097 - CVE-2019-19056 kernel: A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drivers/net/wireless/marvell/mwifiex/pcie.c allows to cause DoS

https://bugzilla.redhat.com/show_bug.cgi?id=1775097

[ 18 ] Bug #1775074 - CVE-2019-19055 kernel: A memory leak in the nl80211_get_ftm_responder_stats() function innet/wireless/nl80211.c allows DoS

https://bugzilla.redhat.com/show_bug.cgi?id=1775074

[ 19 ] Bug #1775063 - CVE-2019-19054 kernel: A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c allows attackers to cause a DoS

https://bugzilla.redhat.com/show_bug.cgi?id=1775063

su -c 'dnf upgrade --advisory FEDORA-2019-021c968423' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/