Fedora 32 5.11.10 Critical: Kernel Buffer Overflow Notification

The kernel meta package

The 5.11.10 stable kernel update contains a "quick revert" of some 5.11.9

commits that caused noisy warnings to show up in the kernel log of some systems.

---- The 5.11.9 stable update contains a number of important fixes across the

tree. ---- The 5.11.8 stable kernel update contains a number of important

fixes across the tree.

* Thu Mar 25 2021 Justin M. Forbes [5.11.10-12]

- drm/i915/tgl/psr: Disable PSR on Tigerlake for now (Lyude Paul)

- Fedora: Turn off the SND_INTEL_BYT_PREFER_SOF option (Hans de Goede)

- ASoC: intel: atom: Stop advertising non working S24LE support (Hans de Goede)

- fix up RHEL config (Justin M. Forbes)

* Wed Mar 24 2021 Justin M. Forbes [5.11.9-11]

- KVM: PPC: Book3S HV: Save and restore FSCR in the P9 path (Fabiano Rosas)

- drm/nouveau/kms/nve4-nv108: Don't advertise 256x256 cursor support yet (Lyude Paul)

- platform/x86: intel-vbtn: Stop reporting SW_DOCK events (Hans de Goede)

- platform/x86: dell-wmi-sysman: Cleanup create_attributes_level_sysfs_files() (Hans de Goede)

- platform/x86: dell-wmi-sysman: Make sysman_init() return -ENODEV of the interfaces are not found (Hans de Goede)

- platform/x86: dell-wmi-sysman: Cleanup sysman_init() error-exit handling (Hans de Goede)

- platform/x86: dell-wmi-sysman: Fix release_attributes_data() getting called twice on init_bios_attributes() failure (Hans de Goede)

- platform/x86: dell-wmi-sysman: Make it safe to call exit_foo_attributes() multiple times (Hans de Goede)

- platform/x86: dell-wmi-sysman: Fix possible NULL pointer deref on exit (Hans de Goede)

- platform/x86: dell-wmi-sysman: Fix crash caused by calling kset_unregister twice (Hans de Goede)

- platform/x86: thinkpad_acpi: Disable DYTC CQL mode around switching to balanced mode (Hans de Goede)

- platform/x86: thinkpad_acpi: Allow the FnLock LED to change state (Esteve Varela Colominas)

- platform/x86: thinkpad_acpi: check dytc version for lapmode sysfs (Mark Pearson)

- platform/x86: intel-hid: Support Lenovo ThinkPad X1 Tablet Gen 2 (Alban Bedel)

* Sun Mar 21 2021 Justin M. Forbes [5.11.8-10]

- This is a released kernel branch (Justin M. Forbes)

[ 1 ] Bug #1940623 - CVE-2020-27171 kernel: Integer underflow when restricting speculative pointer arithmetic

https://bugzilla.redhat.com/show_bug.cgi?id=1940623

[ 2 ] Bug #1940627 - CVE-2020-27170 kernel: Speculation on pointer arithmetic against bpf_context pointer

https://bugzilla.redhat.com/show_bug.cgi?id=1940627

[ 3 ] Bug #1941769 - CVE-2021-28951 kernel: DoS because of deadlock in fs/io_uring.c

https://bugzilla.redhat.com/show_bug.cgi?id=1941769

[ 4 ] Bug #1941774 - CVE-2021-28952 kernel: buffer overflow in sound/soc/qcom/sdm845.c when an unexpected port ID number is encountered

https://bugzilla.redhat.com/show_bug.cgi?id=1941774

[ 5 ] Bug #1941781 - CVE-2021-28972 kernel: Buffer overflow in hotplug/rpadlpar_sysfs.c

https://bugzilla.redhat.com/show_bug.cgi?id=1941781

[ 6 ] Bug #1941784 - CVE-2021-28971 kernel: System crash in intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c

https://bugzilla.redhat.com/show_bug.cgi?id=1941784

[ 7 ] Bug #1941804 - CVE-2021-28964 kernel: race condition in get_old_root function in fs/btrfs/ctree.c because of a lack of locking on an extent buffer before a cloning operation

https://bugzilla.redhat.com/show_bug.cgi?id=1941804

su -c 'dnf upgrade --advisory FEDORA-2021-9503fffad9' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure