Oracle Linux Security Advisory ELSA-2023-12910

https://linux.oracle.com/errata/ELSA-2023-12910.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-container-5.4.17-2136.324.5.3.el7.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.324.5.3.el7.x86_64.rpm



SRPMS:
https://oss.oracle.com:443/ol7/SRPMS-updates//kernel-uek-container-5.4.17-2136.324.5.3.el7.src.rpm

Related CVEs:

CVE-2023-5090
CVE-2023-42753
CVE-2023-20569
CVE-2023-22024
CVE-2023-20588




Description of changes:

[5.4.17-2136.324.5.3.el7]
- Revert "jbd2: Fix wrongly judgement for buffer head removing while doing
  checkpoint" (Sherry Yang)  [Orabug: 35896102]

[5.4.17-2136.324.5.2.el7]
- fix breakage in do_rmdir() (Al Viro)  [Orabug: 35885837]

[5.4.17-2136.324.5.1.el7]
- x86: KVM: SVM: always update the x2avic msr interception (Maxim Levitsky)
  [Orabug: 35857366]  {CVE-2023-5090}

[5.4.17-2136.324.5.el7]
- netfilter: nfnetlink_osf: avoid OOB read (Wander Lairson Costa)
- dlm: fix plock lookup when using multiple lockspaces (Alexander Aring)
- x86/speculation: Mark all Skylake CPUs as vulnerable to GDS (Dave Hansen)
- Revert "IB/isert: Fix incorrect release of isert connection" (Leon Romanovsky)
- ALSA: ac97: Fix possible error value of *rac97 (Su Hui)
- pinctrl: amd: Don't show Invalid config param errors (Mario Limonciello)
- netfilter: xt_sctp: validate the flag_info count (Wander Lairson Costa)
- netfilter: xt_u32: validate user space input (Wander Lairson Costa)
- netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c (Kyle Zeng)  [Orabug: 35824287]  {CVE-2023-42753}

[5.4.17-2136.324.4.el7]
- kernfs: fix missing kernfs_iattr_rwsem locking (Ian Kent)  [Orabug: 35796771]
- x86/microcode: Stop reprobing mitigations after late microcode load (Boris Ostrovsky)  [Orabug: 35818857]  {CVE-2023-20569}
- objtool/x86: Fix SRSO mess (Peter Zijlstra)  [Orabug: 35818857]  {CVE-2023-20569}
- x86/srso: Correct the mitigation status when SMT is disabled (Borislav Petkov (AMD))  [Orabug: 35818857]  {CVE-2023-20569}
- objtool/x86: Fixup frame-pointer vs rethunk (Peter Zijlstra)  [Orabug: 35818857]  {CVE-2023-20569}
- x86/srso: Disable the mitigation on unaffected configurations (Borislav Petkov (AMD))  [Orabug: 35818857]  {CVE-2023-20569}
- x86/retpoline: Don't clobber RFLAGS during srso_safe_ret() (Sean Christopherson)  [Orabug: 35818857]  {CVE-2023-20569}
- x86/srso: Explain the untraining sequences a bit more (Borislav Petkov (AMD))  [Orabug: 35818857]  {CVE-2023-20569}
- x86/cpu: Cleanup the untrain mess (Peter Zijlstra)  [Orabug: 35818857]  {CVE-2023-20569}
- x86/cpu: Rename srso_(.*)_alias to srso_alias_\1 (Peter Zijlstra)  [Orabug: 35818857]  {CVE-2023-20569}
- x86/cpu: Rename original retbleed methods (Peter Zijlstra)  [Orabug: 35818857]  {CVE-2023-20569}
- x86/cpu: Clean up SRSO return thunk mess (Peter Zijlstra)  [Orabug: 35818857]  {CVE-2023-20569}
- x86/alternative: Make custom return thunk unconditional (Peter Zijlstra)  [Orabug: 35818857]  {CVE-2023-20569}
- x86/cpu: Fix up srso_safe_ret() and __x86_return_thunk() (Peter Zijlstra)  [Orabug: 35818857]  {CVE-2023-20569}
- x86/cpu: Fix __x86_return_thunk symbol type (Peter Zijlstra)  [Orabug: 35818857]  {CVE-2023-20569}
- x86/srso: Fix build breakage with the LLVM linker (Nick Desaulniers)  [Orabug: 35818857]  {CVE-2023-20569}
- x86/srso: Tie SBPB bit setting to microcode patch detection (Borislav Petkov (AMD))  [Orabug: 35818857]  {CVE-2023-20569}
- x86/srso: Fix return thunks in generated code (Josh Poimboeuf)  [Orabug: 35818857]  {CVE-2023-20569}
- x86/srso: Add IBPB on VMEXIT (Borislav Petkov (AMD))  [Orabug: 35818857]  {CVE-2023-20569}
- x86/srso: Add SRSO_NO support (Borislav Petkov (AMD))  [Orabug: 35818857]  {CVE-2023-20569}
- x86/srso: Add IBPB_BRTYPE support (Borislav Petkov (AMD))  [Orabug: 35818857]  {CVE-2023-20569}
- x86/srso: Add a Speculative RAS Overflow mitigation (Borislav Petkov (AMD))  [Orabug: 35818857]  {CVE-2023-20569}
- scsi: megaraid_sas: Fix deadlock on firmware crashdump (Junxiao Bi)  [Orabug: 35819593]
- rds: Fix lack of reentrancy for connection reset with dst addr zero (HÃ¥kon Bugge)  [Orabug: 35819522]  {CVE-2023-22024}

[5.4.17-2136.324.3.el7]
- uek-rpm: aarch64: enable ACPI_AGDI (Mihai Carabas)  [Orabug: 34833165]
- arm64: sdei: abort running SDEI handlers during crash (D Scott Phillips)  [Orabug: 34833165]
- ACPI: AGDI: Fix missing prototype warning for acpi_agdi_init() (Ilkka Koskinen)  [Orabug: 34833165]
- ACPI: AGDI: Add driver for Arm Generic Diagnostic Dump and Reset device (Ilkka Koskinen)  [Orabug: 34833165]
- ACPI: tables: Add AGDI to the list of known table signatures (Ilkka Koskinen)  [Orabug: 34833165]
- ACPICA: iASL: Add suppport for AGDI table (Ilkka Koskinen)  [Orabug: 34833165]
- ACPI: APEI: explicit init of HEST and GHES in apci_init() (Shuai Xue)  [Orabug: 34833165]
- x86/CPU/AMD: Fix the DIV(0) initial fix attempt (Borislav Petkov (AMD))  [Orabug: 35776936]  {CVE-2023-20588}
- x86/CPU/AMD: Do not leak quotient data after a division by 0 (Borislav Petkov (AMD))  [Orabug: 35776936]  {CVE-2023-20588}
- uek-rpm: Pensando: enable PENSANDO_SOC_BSM_ENABLE in the config (Dave Kleikamp)  [Orabug: 35787554]

[5.4.17-2136.324.2.el7]
- LTS tag: v5.4.256 (Sherry Yang)
- Revert "MIPS: Alchemy: fix dbdma2" (Greg Kroah-Hartman)
- powerpc/pmac/smp: Drop unnecessary volatile qualifier (YueHaibing)
- powerpc/pmac/smp: Avoid unused-variable warnings (Ilie Halip)
- LTS tag: v5.4.255 (Sherry Yang)
- dma-buf/sw_sync: Avoid recursive lock during fence signal (Rob Clark)
- pinctrl: renesas: rza2: Add lock around pinctrl_generic{{add,remove}_group,{add,remove}_function} (Biju Das)
- clk: Fix undefined reference to clk_rate_exclusive_{get,put}' (Biju Das)
- scsi: core: raid_class: Remove raid_component_add() (Zhu Wang)
- scsi: snic: Fix double free in snic_tgt_create() (Zhu Wang)
- irqchip/mips-gic: Don't touch vl_map if a local interrupt is not routable (Jiaxun Yang)
- Documentation/sysctl: document page_lock_unfairness (Joel Savitz)
- ALSA: pcm: Check for null pointer of pointer substream before dereferencing it (Colin Ian King)
- interconnect: Do not skip aggregation for disabled paths (Georgi Djakov)
- Revert "ALSA: pcm: Use SG-buffer only when direct DMA is available" (Takashi Iwai)
- ALSA: pcm: Fix build error on m68k and others (Takashi Iwai)
- rtnetlink: Reject negative ifindexes in RTM_NEWLINK (Ido Schimmel)
- x86/fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4 (Feng Tang)
- drm/display/dp: Fix the DP DSC Receiver cap size (Ankit Nautiyal)
- PCI: acpiphp: Use pci_assign_unassigned_bridge_resources() only for non-root bus (Igor Mammedov)
- media: vcodec: Fix potential array out-of-bounds in encoder queue_setup (Wei Chen)
- radix tree: remove unused variable (Arnd Bergmann)
- lib/clz_ctz.c: Fix __clzdi2() and __ctzdi2() for 32-bit kernels (Helge Deller)
- batman-adv: Hold rtnl lock during MTU update via netlink (Sven Eckelmann)
- batman-adv: Fix batadv_v_ogm_aggr_send memory leak (Remi Pommarel)
- batman-adv: Fix TT global entry leak when client roamed back (Remi Pommarel)
- batman-adv: Do not get eth header before batadv_check_management_packet (Remi Pommarel)
- batman-adv: Don't increase MTU when set by user (Sven Eckelmann)
- batman-adv: Trigger events for auto adjusted MTU (Sven Eckelmann)
- nfsd: Fix race to FREE_STATEID and cl_revoked (Benjamin Coddington)
- clk: Fix slab-out-of-bounds error in devm_clk_release() (Andrey Skvortsov)
- NFSv4: Fix dropped lock for racing OPEN and delegation return (Benjamin Coddington)
- ibmveth: Use dcbf rather than dcbfl (Michael Ellerman)
- bonding: fix macvlan over alb bond support (Hangbin Liu)
- net: remove bond_slave_has_mac_rcu() (Jakub Kicinski)
- net/sched: fix a qdisc modification with ambiguous command request (Jamal Hadi Salim)
- igb: Avoid starting unnecessary workqueues (Alessio Igor Bogani)
- net: validate veth and vxcan peer ifindexes (Jakub Kicinski)
- net: bcmgenet: Fix return value check for fixed_phy_register() (Ruan Jinjie)
- net: bgmac: Fix return value check for fixed_phy_register() (Ruan Jinjie)
- ipvlan: Fix a reference count leak warning in ipvlan_ns_exit() (Lu Wei)
- dccp: annotate data-races in dccp_poll() (Eric Dumazet)
- sock: annotate data-races around prot->memory_pressure (Eric Dumazet)
- octeontx2-af: SDP: fix receive link config (Hariprasad Kelam)
- tracing: Fix memleak due to race between current_tracer and trace (Zheng Yejian)
- drm/amd/display: check TG is non-null before checking if enabled (Taimur Hassan)
- drm/amd/display: do not wait for mpc idle if tg is disabled (Josip Pavic)
- ASoC: fsl_sai: Disable bit clock with transmitter (Matus Gajdos)
- ASoC: fsl_sai: Add new added registers and new bit definition (Shengjiu Wang)
- ASoC: fsl_sai: Refine enable/disable TE/RE sequence in trigger() (Shengjiu Wang)
- regmap: Account for register length in SMBus I/O limits (Mark Brown)
- ALSA: pcm: Fix potential data race at PCM memory allocation helpers (Takashi Iwai)
- ALSA: pcm: Set per-card upper limit of PCM buffer allocations (Takashi Iwai)
- dm integrity: reduce vmalloc space footprint on 32-bit architectures (Mikulas Patocka)
- dm integrity: increase RECALC_SECTORS to improve recalculate speed (Mikulas Patocka)
- fbdev: fix potential OOB read in fast_imageblit() (Zhang Shurong)
- fbdev: Fix sys_imageblit() for arbitrary image widths (Thomas Zimmermann)
- fbdev: Improve performance of sys_imageblit() (Thomas Zimmermann)
- MIPS: cpu-features: Use boot_cpu_type for CPU type based features (Jiaxun Yang)
- MIPS: cpu-features: Enable octeon_cache by cpu_type (Jiaxun Yang)
- fs: dlm: fix mismatch of plock results from userspace (Alexander Aring)
- fs: dlm: use dlm_plock_info for do_unlock_close (Alexander Aring)
- fs: dlm: change plock interrupted message to debug again (Alexander Aring)
- fs: dlm: add pid to debug log (Alexander Aring)
- dlm: replace usage of found with dedicated list iterator variable (Jakob Koschel)
- dlm: improve plock logging if interrupted (Alexander Aring)
- PCI: acpiphp: Reassign resources on bridge if necessary (Igor Mammedov)
- net: phy: broadcom: stub c45 read/write for 54810 (Justin Chen)
- mmc: f-sdh30: fix order of function calls in sdhci_f_sdh30_remove (Yangtao Li)
- net: xfrm: Amend XFRMA_SEC_CTX nla_policy structure (Lin Ma)
- net: fix the RTO timer retransmitting skb every 1ms if linear option is enabled (Jason Xing)
- virtio-net: set queues after driver_ok (Jason Wang)
- af_unix: Fix null-ptr-deref in unix_stream_sendpage(). (Kuniyuki Iwashima)
- netfilter: set default timeout to 3 secs for sctp shutdown send and recv state (Xin Long)
- mmc: block: Fix in_flight[issue_type] value error (Yibin Ding)
- mmc: wbsd: fix double mmc_free_host() in wbsd_init() (Yang Yingliang)
- cifs: Release folio lock on fscache read hit. (Russell Harmon via samba-technical)
- ALSA: usb-audio: Add support for Mythware XA001AU capture and playback interfaces. (dengxiang)
- serial: 8250: Fix oops for port->pm on uart_change_pm() (Tony Lindgren)
- ASoC: meson: axg-tdm-formatter: fix channel slot allocation (Jerome Brunet)
- ASoC: rt5665: add missed regulator_bulk_disable (Zhang Shurong)
- ARM: dts: imx: Set default tuning step for imx6sx usdhc (Xiaolei Wang)
- ARM: dts: imx: Set default tuning step for imx7d usdhc (Xiaolei Wang)
- ARM: dts: imx: Adjust dma-apbh node name (Stefan Wahren)
- ARM: dts: imx7s: Drop dma-apb interrupt-names (Marek Vasut)
- bus: ti-sysc: Flush posted write on enable before reset (Tony Lindgren)
- bus: ti-sysc: Improve reset to work with modules with no sysconfig (Tony Lindgren)
- net: do not allow gso_size to be set to GSO_BY_FRAGS (Eric Dumazet)
- sock: Fix misuse of sk_under_memory_pressure() (Abel Wu)
- net: dsa: mv88e6xxx: Wait for EEPROM done before HW reset (Alfred Lee)
- i40e: fix misleading debug logs (Andrii Staikov)
- team: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves (Ziyang Xuan)
- netfilter: nft_dynset: disallow object maps (Pablo Neira Ayuso)
- ipvs: fix racy memcpy in proc_do_sync_threshold (Sishuai Gong)
- selftests: mirror_gre_changes: Tighten up the TTL test match (Petr Machata)
- xfrm: add NULL check in xfrm_update_ae_params (Lin Ma)   {CVE-2023-3772}
- ip_vti: fix potential slab-use-after-free in decode_session6 (Zhengchao Shao)
- ip6_vti: fix slab-use-after-free in decode_session6 (Zhengchao Shao)
- xfrm: fix slab-use-after-free in decode_session6 (Zhengchao Shao)
- xfrm: interface: rename xfrm_interface.c to xfrm_interface_core.c (Eyal Birger)
- net: af_key: fix sadb_x_filter validation (Lin Ma)
- net: xfrm: Fix xfrm_address_filter OOB read (Lin Ma)
- btrfs: fix BUG_ON condition in btrfs_cancel_balance (xiaoshoukui)
- tty: serial: fsl_lpuart: Clear the error flags by writing 1 for lpuart32 platforms (Sherry Sun)
- powerpc/rtas_flash: allow user copy to flash block cache objects (Nathan Lynch)
- fbdev: mmp: fix value check in mmphw_probe() (Yuanjun Gong)
- i2c: bcm-iproc: Fix bcm_iproc_i2c_isr deadlock issue (Chengfeng Ye)
- virtio-mmio: don't break lifecycle of vm_dev (Wolfram Sang)
- virtio-mmio: Use to_virtio_mmio_device() to simply code (Tang Bin)
- virtio-mmio: convert to devm_platform_ioremap_resource (Yangtao Li)
- nfsd: Remove incorrect check in nfsd4_validate_stateid (Trond Myklebust)
- nfsd4: kill warnings on testing stateids with mismatched clientids (J. Bruce Fields)
- net/ncsi: Fix gma flag setting after response (Vijay Khemka)
- tracing/probes: Fix to update dynamic data counter if fetcharg uses it (Masami Hiramatsu (Google))
- tracing/probes: Have process_fetch_insn() take a void * instead of pt_regs (Steven Rostedt (VMware))
- leds: trigger: netdev: Recheck NETDEV_LED_MODE_LINKUP on dev rename (Christian Marangi)
- mmc: sunxi: fix deferred probing (Sergey Shtylyov)
- mmc: bcm2835: fix deferred probing (Sergey Shtylyov)
- USB: dwc3: qcom: fix NULL-deref on suspend (Johan Hovold)
- usb: dwc3: qcom: Add helper functions to enable,disable wake irqs (Sandeep Maheswaram)
- interconnect: Add helpers for enabling/disabling a path (Georgi Djakov)
- interconnect: Move internal structs into a separate file (Georgi Djakov)
- irqchip/mips-gic: Use raw spinlock for gic_lock (Jiaxun Yang)
- irqchip/mips-gic: Get rid of the reliance on irq_cpu_online() (Marc Zyngier)
- ALSA: hda: Fix unhandled register update during auto-suspend period (Takashi Iwai)
- PM: runtime: Add pm_runtime_get_if_active() (Sakari Ailus)
- PM-runtime: add tracepoints for usage_count changes (Michał Mirosław)
- iio: addac: stx104: Fix race condition when converting analog-to-digital (William Breathitt Gray)
- iio: addac: stx104: Fix race condition for stx104_write_raw() (William Breathitt Gray)
- iio: stx104: Move to addac subdirectory (William Breathitt Gray)
- iio: adc: stx104: Implement and utilize register structures (William Breathitt Gray)
- iio: adc: stx104: Utilize iomap interface (William Breathitt Gray)
- iio: add addac subdirectory (Cosmin Tanislav)
- IMA: allow/fix UML builds (Randy Dunlap)
- powerpc/kasan: Disable KCOV in KASAN code (Benjamin Gray)
- ALSA: hda: fix a possible null-pointer dereference due to data race in snd_hdac_regmap_sync() (Tuo Li)
- ALSA: hda/realtek: Add quirks for Unis H3C Desktop B760 & Q760 (dengxiang)
- drm/amdgpu: Fix potential fence use-after-free v2 (shanzhulig)
- pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db() (Armin Wolf)
- gfs2: Fix possible data races in gfs2_show_options() (Tuo Li)
- usb: chipidea: imx: don't request QoS for imx8ulp (Xu Yang)
- media: platform: mediatek: vpu: fix NULL ptr dereference (Hans Verkuil)
- media: v4l2-mem2mem: add lock to protect parameter num_rdy (Yunfei Dong)
- FS: JFS: Check for read-only mounted filesystem in txBegin (Immad Mir)
- FS: JFS: Fix null-ptr-deref Read in txBegin (Immad Mir)
- MIPS: dec: prom: Address -Warray-bounds warning (Gustavo A. R. Silva)
- fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev (Yogesh)
- udf: Fix uninitialized array access for some pathnames (Jan Kara)
- ovl: check type and offset of struct vfsmount in ovl_entry (Christian Brauner)
- HID: add quirk for 03f0:464a HP Elite Presenter Mouse (Marco Morandini)
- quota: fix warning in dqgrab() (Ye Bin)
- quota: Properly disable quotas when add_dquot_ref() fails (Jan Kara)
- ALSA: emu10k1: roll up loops in DSP setup code for Audigy (Oswald Buddenhagen)
- drm/radeon: Fix integer overflow in radeon_cs_parser_init (hackyzh002)
- macsec: use DEV_STATS_INC() (Eric Dumazet)
- macsec: Fix traffic counters/statistics (Clayton Yager)
- selftests: forwarding: tc_flower: Relax success criterion (Ido Schimmel)
- mmc: sdhci-f-sdh30: Replace with sdhci_pltfm (Kunihiko Hayashi)
- mmc: sdhci_f_sdh30: convert to devm_platform_ioremap_resource (Yangtao Li)
- LTS tag: v5.4.254 (Sherry Yang)
- sch_netem: fix issues in netem_change() vs get_dist_table() (Eric Dumazet)
- alpha: remove __init annotation from exported page_is_ram() (Masahiro Yamada)
- scsi: core: Fix possible memory leak if device_add() fails (Zhu Wang)
- scsi: snic: Fix possible memory leak if device_add() fails (Zhu Wang)
- scsi: 53c700: Check that command slot is not NULL (Alexandra Diupina)
- scsi: storvsc: Fix handling of virtual Fibre Channel timeouts (Michael Kelley)
- scsi: core: Fix legacy /proc parsing buffer overflow (Tony Battersby)
- netfilter: nf_tables: report use refcount overflow (Pablo Neira Ayuso)
- nvme-rdma: fix potential unbalanced freeze & unfreeze (Ming Lei)
- nvme-tcp: fix potential unbalanced freeze & unfreeze (Ming Lei)
- btrfs: set cache_block_group_error if we find an error (Josef Bacik)
- btrfs: don't stop integrity writeback too early (Christoph Hellwig)
- ibmvnic: Handle DMA unmapping of login buffs in release functions (Nick Child)
- net/mlx5: Allow 0 for total host VFs (Daniel Jurgens)
- dmaengine: mcf-edma: Fix a potential un-allocated memory access (Christophe JAILLET)
- wifi: cfg80211: fix sband iftype data lookup for AP_VLAN (Felix Fietkau)
- IB/hfi1: Fix possible panic during hotplug remove (Douglas Miller)
- drivers: net: prevent tun_build_skb() to exceed the packet size limit (Andrew Kanner)
- dccp: fix data-race around dp->dccps_mss_cache (Eric Dumazet)
- bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves (Ziyang Xuan)
- net/packet: annotate data-races around tp->status (Eric Dumazet)
- mISDN: Update parameter type of dsp_cmx_send() (Nathan Chancellor)
- selftests/rseq: Fix build with undefined __weak (Mark Brown)
- drm/nouveau/disp: Revert a NULL check inside nouveau_connector_get_modes (Karol Herbst)
- x86: Move gds_ucode_mitigated() declaration to header (Arnd Bergmann)
- x86/mm: Fix VDSO and VVAR placement on 5-level paging machines (Kirill A. Shutemov)
- x86/cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405 (Cristian Ciocaltea)
- usb: common: usb-conn-gpio: Prevent bailing out if initial role is none (Prashanth K)
- usb: dwc3: Properly handle processing of pending events (Elson Roy Serrao)
- usb-storage: alauda: Fix uninit-value in alauda_check_media() (Alan Stern)
- binder: fix memory leak in binder_init() (Qi Zheng)
- iio: cros_ec: Fix the allocation size for cros_ec_command (Yiyuan Guo)
- nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput (Ryusuke Konishi)
- radix tree test suite: fix incorrect allocation size for pthreads (Colin Ian King)
- drm/nouveau/gr: enable memory loads on helper invocation on all channels (Karol Herbst)
- dmaengine: pl330: Return DMA_PAUSED when transaction is paused (Ilpo Järvinen)
- ipv6: adjust ndisc_is_useropt() to also return true for PIO (Maciej Żenczykowski)
- mmc: moxart: read scr register without changing byte order (Sergei Antonov)
- LTS tag: v5.4.253 (Sherry Yang)
- Revert "driver core: Annotate dev_err_probe() with __must_check" (Greg Kroah-Hartman)
- drivers: core: fix kernel-doc markup for dev_err_probe() (Mauro Carvalho Chehab)
- driver code: print symbolic error code (Michał Mirosław)
- ARM: dts: nxp/imx6sll: fix wrong property name in usbphy node (Xu Yang)
- ARM: dts: imx6sll: fixup of operating points (Andreas Kemnade)
- ARM: dts: imx: add usb alias (Peng Fan)
- ARM: dts: imx: Align L2 cache-controller nodename with dtschema (Krzysztof Kozlowski)
- ARM: dts: imx6sll: Make ssi node name same as other platforms (Shengjiu Wang)
- arm64: dts: stratix10: fix incorrect I2C property for SCL signal (Dinh Nguyen)
- ceph: defer stopping mdsc delayed_work (Xiubo Li)
- ceph: use kill_anon_super helper (Jeff Layton)
- ceph: show tasks waiting on caps in debugfs caps file (Jeff Layton)
- PM: sleep: wakeirq: fix wake irq arming (Johan Hovold)
- PM / wakeirq: support enabling wake-up irq after runtime_suspend called (Chunfeng Yun)
- selftests/rseq: Play nice with binaries statically linked against glibc 2.35+ (Sean Christopherson)
- selftests/rseq: check if libc rseq support is registered (Michael Jeanson)
- powerpc/mm/altmap: Fix altmap boundary check (Aneesh Kumar K.V)
- mtd: rawnand: omap_elm: Fix incorrect type in assignment (Roger Quadros)
- test_firmware: return ENOMEM instead of ENOSPC on failed memory allocation (Mirsad Goran Todorovac)
- test_firmware: prevent race conditions by a correct implementation of locking (Mirsad Goran Todorovac)
- ext2: Drop fragment support (Jan Kara)
- fs: Protect reconfiguration of sb read-write from racing writes (Jan Kara)
- net: usbnet: Fix WARNING in usbnet_start_xmit/usb_submit_urb (Alan Stern)
- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb (Sungwoo Kim)
- fs/sysv: Null check to prevent null-ptr-deref bug (Prince Kumar Maurya)
- net: tap_open(): set sk_uid from current_fsuid() (Laszlo Ersek)   {CVE-2023-1076}
- net: tun_chr_open(): set sk_uid from current_fsuid() (Laszlo Ersek)   {CVE-2023-1076}
- mtd: rawnand: meson: fix OOB available bytes for ECC (Arseniy Krasnov)
- mtd: spinand: toshiba: Fix ecc_get_status (Olivier Maignial)
- USB: zaurus: Add ID for A-300/B-500/C-700 (Ross Maynard)
- libceph: fix potential hang in ceph_osdc_notify() (Ilya Dryomov)
- scsi: zfcp: Defer fc_rport blocking until after ADISC response (Steffen Maier)
- tcp_metrics: fix data-race in tcpm_suck_dst() vs fastopen (Eric Dumazet)
- tcp_metrics: annotate data-races around tm->tcpm_net (Eric Dumazet)
- tcp_metrics: annotate data-races around tm->tcpm_vals[] (Eric Dumazet)
- tcp_metrics: annotate data-races around tm->tcpm_lock (Eric Dumazet)
- tcp_metrics: annotate data-races around tm->tcpm_stamp (Eric Dumazet)
- tcp_metrics: fix addr_same() helper (Eric Dumazet)
- ip6mr: Fix skb_under_panic in ip6mr_cache_report() (Yue Haibing)
- net: dcb: choose correct policy to parse DCB_ATTR_BCN (Lin Ma)
- net: ll_temac: fix error checking of irq_of_parse_and_map() (Dan Carpenter)
- net: ll_temac: Switch to use dev_err_probe() helper (Yang Yingliang)
- driver core: add device probe log helper (Andrzej Hajda)
- bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire (Tomas Glozar)
- net/sched: cls_route: No longer copy tcf_result on update to avoid use-after-free (valis)
- net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free (valis)
- net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free (valis)
- net: add missing data-race annotation for sk_ll_usec (Eric Dumazet)
- net: add missing data-race annotations around sk->sk_peek_off (Eric Dumazet)
- net: add missing READ_ONCE(sk->sk_rcvbuf) annotation (Eric Dumazet)
- net: add missing READ_ONCE(sk->sk_sndbuf) annotation (Eric Dumazet)
- net: add missing READ_ONCE(sk->sk_rcvlowat) annotation (Eric Dumazet)
- net: annotate data-races around sk->sk_max_pacing_rate (Eric Dumazet)
- mISDN: hfcpci: Fix potential deadlock on &hc->lock (Chengfeng Ye)
- net: sched: cls_u32: Fix match key mis-addressing (Jamal Hadi Salim)
- perf test uprobe_from_different_cu: Skip if there is no gcc (Georg Müller)
- rtnetlink: let rtnl_bridge_setlink checks IFLA_BRIDGE_MODE length (Lin Ma)
- net/mlx5e: fix return value check in mlx5e_ipsec_remove_trailer() (Yuanjun Gong)
- net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx (Zhengchao Shao)
- KVM: s390: fix sthyi error handling (Heiko Carstens)
- word-at-a-time: use the same return type for has_zero regardless of endianness (ndesaulniers@google.com)
- loop: Select I/O scheduler 'none' from inside add_disk() (Bart Van Assche)
- perf: Fix function pointer case (Peter Zijlstra)
- arm64: Fix bit-shifting UB in the MIDR_CPU_MODEL() macro (D Scott Phillips)
- ASoC: cs42l51: fix driver to properly autoload with automatic module loading (Thomas Petazzoni)
- net/sched: sch_qfq: account for stab overhead in qfq_enqueue (Pedro Tammela)   {CVE-2023-31436}
- btrfs: fix race between quota disable and quota assign ioctls (Filipe Manana)
- btrfs: qgroup: return ENOTCONN instead of EINVAL when quotas are not enabled (Marcos Paulo de Souza)
- btrfs: qgroup: remove one-time use variables for quota_root checks (Marcos Paulo de Souza)
- cpufreq: intel_pstate: Drop ACPI _PSS states table patching (Rafael J. Wysocki)
- ACPI: processor: perflib: Avoid updating frequency QoS unnecessarily (Rafael J. Wysocki)
- ACPI: processor: perflib: Use the "no limit" frequency QoS (Rafael J. Wysocki)
- dm cache policy smq: ensure IO doesn't prevent cleaner policy progress (Joe Thornber)
- ASoC: wm8904: Fill the cache for WM8904_ADC_TEST_0 register (Mark Brown)
- s390/dasd: fix hanging device after quiesce/resume (Stefan Haberland)
- virtio-net: fix race between set queues and probe (Jason Wang)
- btrfs: check if the transaction was aborted at btrfs_wait_for_commit() (Filipe Manana)
- irq-bcm6345-l1: Do not assume a fixed block to cpu mapping (Jonas Gorski)
- tpm_tis: Explicitly check for error code (Alexander Steffen)
- btrfs: check for commit error at btrfs_attach_transaction_barrier() (Filipe Manana)
- hwmon: (nct7802) Fix for temp6 (PECI1) processed even if PECI1 disabled (Gilles Buloz)
- staging: ks7010: potential buffer overflow in ks_wlan_set_encode_ext() (Zhang Shurong)
- Documentation: security-bugs.rst: clarify CVE handling (Greg Kroah-Hartman)
- Documentation: security-bugs.rst: update preferences when dealing with the linux-distros group (Greg Kroah-Hartman)
- Revert "usb: xhci: tegra: Fix error check" (Dan Carpenter)
- usb: xhci-mtk: set the dma max_seg_size (Ricardo Ribalda)
- USB: quirks: add quirk for Focusrite Scarlett (Łukasz Bartosik)
- usb: ohci-at91: Fix the unhandle interrupt when resume (Guiting Shen)
- usb: dwc3: don't reset device side if dwc3 was configured as host-only (Jisheng Zhang)
- usb: dwc3: pci: skip BYT GPIO lookup table for hardwired phy (Gratian Crisan)
- Revert "usb: dwc3: core: Enable AutoRetry feature in the controller" (Jakub Vanek)
- can: gs_usb: gs_can_close(): add missing set of CAN state to CAN_STATE_STOPPED (Marc Kleine-Budde)
- USB: serial: simple: sort driver entries (Johan Hovold)
- USB: serial: simple: add Kaufmann RKS+CAN VCP (Oliver Neukum)
- USB: serial: option: add Quectel EC200A module support (Mohsen Tahmasebi)
- USB: serial: option: support Quectel EM060K_128 (Jerry Meng)
- serial: sifive: Fix sifive_serial_console_setup() section (Samuel Holland)
- serial: 8250_dw: Preserve original value of DLF register (Ruihong Luo)
- tracing: Fix warning in trace_buffered_event_disable() (Zheng Yejian)
- ring-buffer: Fix wrong stat of cpu_buffer->read (Zheng Yejian)
- ata: pata_ns87415: mark ns87560_tf_read static (Arnd Bergmann)
- dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths (Yu Kuai)
- block: Fix a source code comment in include/uapi/linux/blkzoned.h (Bart Van Assche)
- ASoC: fsl_spdif: Silence output on stop (Matus Gajdos)
- drm/msm: Fix IS_ERR_OR_NULL() vs NULL check in a5xx_submit_in_rb() (Gaosheng Cui)
- drm/msm/adreno: Fix snapshot BINDLESS_DATA size (Rob Clark)
- drm/msm/dpu: drop enum dpu_core_perf_data_bus_id (Dmitry Baryshkov)
- RDMA/mlx4: Make check for invalid flags stricter (Dan Carpenter)
- benet: fix return value check in be_lancer_xmit_workarounds() (Yuanjun Gong)
- net/sched: mqprio: Add length check for TCA_MQPRIO_{MAX/MIN}_RATE64 (Lin Ma)
- net/sched: mqprio: add extack to mqprio_parse_nlattr() (Vladimir Oltean)
- net/sched: mqprio: refactor nlattr parsing to a separate function (Vladimir Oltean)
- platform/x86: msi-laptop: Fix rfkill out-of-sync on MSI Wind U100 (Maxim Mikityanskiy)
- team: reset team's flags when down link is P2P device (Hangbin Liu)
- bonding: reset bond's flags when down link is P2P device (Hangbin Liu)
- tcp: Reduce chance of collisions in inet6_hashfn(). (Stewart Smith)
- ipv6 addrconf: fix bug where deleting a mngtmpaddr can create a new temporary address (Maciej Żenczykowski)
- ethernet: atheros: fix return value check in atl1e_tso_csum() (Yuanjun Gong)
- phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe() (Harshit Mogalapalli)
- vxlan: calculate correct header length for GPE (Jiri Benc)
- i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir() (Wang Ming)
- ext4: fix to check return value of freeze_bdev() in ext4_shutdown() (Chao Yu)
- keys: Fix linking a duplicate key to a keyring's assoc_array (Petr Pavlu)
- uapi: General notification queue definitions (David Howells)
- scsi: qla2xxx: Array index may go out of bound (Nilesh Javali)
- pwm: meson: fix handling of period/duty if greater than UINT_MAX (Heiner Kallweit)
- pwm: meson: Simplify duplicated per-channel tracking (Uwe Kleine-König)
- pwm: meson: Remove redundant assignment to variable fin_freq (Colin Ian King)
- ftrace: Fix possible warning on checking all pages used in ftrace_process_locs() (Zheng Yejian)
- ftrace: Store the order of pages allocated in ftrace_page (Linus Torvalds)
- ftrace: Check if pages were allocated before calling free_pages() (Steven Rostedt (VMware))
- ftrace: Add information on number of page groups allocated (Steven Rostedt (VMware))
- fs: dlm: interrupt posix locks only when process is killed (Alexander Aring)
- dlm: rearrange async condition return (Alexander Aring)
- dlm: cleanup plock_op vs plock_xop (Alexander Aring)
- PCI/ASPM: Avoid link retraining race (Ilpo Järvinen)
- PCI/ASPM: Factor out pcie_wait_for_retrain() (Ilpo Järvinen)
- PCI/ASPM: Return 0 or -ETIMEDOUT from pcie_retrain_link() (Bjorn Helgaas)
- ext4: Fix reusing stale buffer heads from last failed mounting (Zhihao Cheng)
- ext4: rename journal_dev to s_journal_dev inside ext4_sb_info (Chunguang Xu)
- btrfs: fix extent buffer leak after tree mod log failure at split_node() (Filipe Manana)
- btrfs: fix race between quota disable and relocation (Filipe Manana)
- btrfs: qgroup: catch reserved space leaks at unmount time (Qu Wenruo)
- bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent (Zheng Wang)
- bcache: remove 'int n' from parameter list of bch_bucket_alloc_set() (Coly Li)
- gpio: tps68470: Make tps68470_gpio_output() always set the initial value (Hans de Goede)
- jbd2: Fix wrongly judgement for buffer head removing while doing checkpoint (Zhihao Cheng)
- jbd2: recheck chechpointing non-dirty buffer (Zhang Yi)
- jbd2: remove redundant buffer io error checks (Zhang Yi)
- jbd2: fix kernel-doc markups (Mauro Carvalho Chehab)
- jbd2: fix incorrect code style (Xianting Tian)
- LTS tag: v5.4.252 (Sherry Yang)
- x86: fix backwards merge of GDS/SRSO bit (Greg Kroah-Hartman)
- xen/netback: Fix buffer overrun triggered by unusual packet (Ross Lagerwall)   {CVE-2023-34319}
- x86/cpu, kvm: Add support for CPUID_80000021_EAX (Kim Phillips)
- x86/cpufeatures: Assign dedicated feature word for CPUID_0x8000001F[EAX] (Sean Christopherson)
- x86/cpu: Add VM page flush MSR availablility as a CPUID feature (Tom Lendacky)
- x86/cpufeatures: Add SEV-ES CPU feature (Tom Lendacky)
- x86/mm: fix poking_init() for Xen PV guests (Juergen Gross)

[5.4.17-2136.324.1.el7]
- io_uring: add support for registering ring file descriptors (Jens Axboe)  [Orabug: 35485491]
- mm,shmem,thp: limit shmem THP allocations to requested zones (Rik van Riel)  [Orabug: 35655117]
- mm,thp,shm: limit gfp mask to no more than specified (Rik van Riel)  [Orabug: 35655117]
- mm,thp,shmem: limit shmem THP alloc gfp_mask (Rik van Riel)  [Orabug: 35655117]
- uek-rpm: Removing pre scriptlet to not allow firmware downgrade (Samasth Norway Ananda)  [Orabug: 35741866]
- rds: Remove gratuitous include of time.h from rds.h (Mark Haywood)  [Orabug: 35742761]
- RDMA/mlx5: Fix mlx5_ib_get_hw_stats when used for device (Shay Drory)  [Orabug: 35750824]
- smp: Reduce NMI traffic from CSD waiters to CSD destination (Imran Khan)  [Orabug: 35752501]
- smp: Reduce logging due to dump_stack of CSD waiters (Imran Khan)  [Orabug: 35752501]


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata