Oracle7: ELSA-2024-12611: kernel Important Security Advisory Updates
Summary
[4.14.35-2047.540.4.1.el7uek] - Revert "selftests/kcmp: Make the test output consistent and clear" (Samasth Norway Ananda) [Orabug: 37029311] [4.14.35-2047.540.4.el7uek] - kdb: Use the passed prompt in kdb_position_cursor() (Douglas Anderson) - ipvs: Avoid unnecessary calls to skb_is_gso_sctp (Ismael Luceno) - printk: add kthread for long-running print (Stephen Brennan) [Orabug: 36208661] [4.14.35-2047.540.3.el7uek] - MIPS: Octeon: Add PCIe link status check (Dave Kleikamp) [Orabug: 36952386] {CVE-2024-40968} [4.14.35-2047.540.2.el7uek] - fsnotify: clear PARENT_WATCHED flags lazily (Amir Goldstein) [Orabug: 36922242] - cifs: fix panic in smb2_reconnect (Ronnie Sahlberg) [Orabug: 36314494] - cifs: convert cifs_put_smb_ses from static to global (Dai Ngo) [Orabug: 36314494] - net: relax socket state check at accept time. (Paolo Abeni) [Orabug: 36768890] {CVE-2024-36484} [4.14.35-2047.540.1.el7uek] - x86/cpu: Avoid cpuinfo-induced IPI pileups (Paul E. McKenney) [Orabug: 35773812] - LTS version v4.14.349 (Yifei Liu) - x86/kvm: Disable all PV features on crash (Vitaly Kuznetsov) - x86/kvm: Disable kvmclock on all CPUs on shutdown (Vitaly Kuznetsov) - x86/kvm: Teardown PV features on boot CPU as well (Vitaly Kuznetsov) - nfs: fix undefined behavior in nfs_block_bits() (Sergey Shtylyov) - ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() (Baokun Li) [Orabug: 36774600] {CVE-2024-39276} - sparc: move struct termio to asm/termios.h (Mike Gilbert) - kdb: Use format-specifiers rather than memset() for padding in kdb_read() (Daniel Thompson) - kdb: Merge identical case statements in kdb_read() (Daniel Thompson) - kdb: Fix console handling when editing and tab-completing commands (Daniel Thompson) - kdb: Use format-strings rather than '- kdb: Fix buffer overflow during tab-complete (Daniel Thompson) [Orabug: 36809289] {CVE-2024-39480} - sparc64: Fix number of online CPUs (Sam Ravnborg) - intel_th: pci: Add Meteor Lake-S CPU support (Alexander Shishkin) - net/9p: fix uninit-value in p9_client_rpc() (Nikita Zhandarovich) [Orabug: 36774613] {CVE-2024-39301} - KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode (Marc Zyngier) - netfilter: nft_dynset: relax superfluous check on set updates (Pablo Neira Ayuso) - netfilter: nft_dynset: report EOPNOTSUPP on missing set feature (Pablo Neira Ayuso) - netfilter: nf_tables: don't skip expired elements during walk (Pablo Neira Ayuso) - netfilter: nf_tables: drop map element references from preparation phase (Pablo Neira Ayuso) - netfilter: nf_tables: pass ctx to nf_tables_expr_destroy() (Pablo Neira Ayuso) - netfilter: nftables: rename set element data activation/deactivation functions (Pablo Neira Ayuso) - netfilter: nf_tables: pass context to nft_set_destroy() (Pablo Neira Ayuso) - netfilter: nf_tables: fix set double-free in abort path (Pablo Neira Ayuso) - netfilter: nf_tables: add nft_set_is_anonymous() helper (Pablo Neira Ayuso) - fbdev: savage: Handle err return when savagefb_check_var failed (Cai Xinchen) [Orabug: 36809265] {CVE-2024-39475} - media: v4l2-core: hold videodev_lock until dev reg, finishes (Hans Verkuil) - media: mxl5xx: Move xpt structures off stack (Nathan Chancellor) - arm64: dts: hi3798cv200: fix the size of GICR (Yang Xiwen) - arm64: tegra: Correct Tegra132 I2C alias (Krzysztof Kozlowski) - ata: pata_legacy: make legacy_exit() work again (Sergey Shtylyov) - neighbour: fix unaligned access to pneigh_entry (Qingfang DENG) - nilfs2: fix use-after-free of timer for log writer thread (Ryusuke Konishi) [Orabug: 36753565] {CVE-2024-38583} - fs/nilfs2: convert timers to use timer_setup() (Kees Cook) - mmc: core: Do not force a retune before RPMB switch (Jorge Ramirez-Ortiz) - binder: fix max_thread type inconsistency (Carlos Llamas) - ALSA: timer: Set lower bound of start tick time (Takashi Iwai) [Orabug: 36753730] {CVE-2024-38618} - ALSA: timer: Simplify timer hw resolution calls (Takashi Iwai) - ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound (Yue Haibing) [Orabug: 36763552] {CVE-2024-33621} - ipvlan: add ipvlan_route_v6_outbound() helper (Eric Dumazet) [Orabug: 36940543] {CVE-2023-52796} - ipvlan: properly track tx_errors (Eric Dumazet) - net: add DEV_STATS_READ() helper (Eric Dumazet) - kconfig: fix comparison to constant symbols, 'm', 'n' (Masahiro Yamada) - net:fec: Add fec_enet_deinit() (Xiaolei Wang) - net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (Parthiban Veerasooran) - smsc95xx: use usbnet->driver_priv (Andre Edich) - smsc95xx: remove redundant function arguments (Andre Edich) - enic: Validate length of nl attributes in enic_set_vf_port (Roded Zats) [Orabug: 36763837] {CVE-2024-38659} - dma-buf/sw-sync: don't enable IRQ from sync_print_obj() (Tetsuo Handa) [Orabug: 36763846] {CVE-2024-38780} - net/mlx5e: Use rx_missed_errors instead of rx_dropped for reporting buffer exhaustion (Carolina Jubran) - nvmet: fix ns enable/disable possible hang (Sagi Grimberg) - spi: Don't mark message DMA mapped when no transfer in it is (Andy Shevchenko) - netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() (Eric Dumazet) [Orabug: 36763571] {CVE-2024-36286} - net: fec: avoid lock evasion when reading pps_enable (Wei Fang) - net: fec: remove redundant variable 'inc' (Colin Ian King) - virtio: delete vq in vp_find_vqs_msix() when request_irq() fails (Jiri Pirko) [Orabug: 36763588] {CVE-2024-37353} - arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (Jiangfeng Xiao) [Orabug: 36825259] {CVE-2024-39488} - openvswitch: Set the skbuff pkt_type for proper pmtud support. (Aaron Conole) - tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). (Kuniyuki Iwashima) [Orabug: 36763592] {CVE-2024-37356} - params: lift param_set_uint_minmax to common code (Sagi Grimberg) - ipv6: sr: fix memleak in seg6_hmac_init_algo (Hangbin Liu) [Orabug: 36825263] {CVE-2024-39489} - x86/kconfig: Select ARCH_WANT_FRAME_POINTERS again when UNWINDER_FRAME_POINTER=y (Masahiro Yamada) - null_blk: Fix the WARNING: modpost: missing MODULE_DESCRIPTION() (Zhu Yanjun) - media: cec: cec-api: add locking in cec_release() (Hans Verkuil) - um: Fix the -Wmissing-prototypes warning for __switch_mm (Tiwei Bie) - powerpc/pseries: Add failure related checks for h_get_mpp and h_get_ppp (Shrikanth Hegde) - media: stk1160: fix bounds checking in stk1160_copy_video() (Dan Carpenter) [Orabug: 36763603] {CVE-2024-38621} - um: Add winch to winch_handlers before registering winch IRQ (Roberto Sassu) [Orabug: 36768584] {CVE-2024-39292} - um: Fix return value in ubd_init() (Duoming Zhou) - Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation (Fenglin Wu) - Input: ims-pcu - fix printf string overflow (Arnd Bergmann) - libsubcmd: Fix parse-options memory leak (Ian Rogers) - f2fs: add error prints for debugging mount failure (Sahitya Tummala) - extcon: max8997: select IRQ_DOMAIN instead of depending on it (Randy Dunlap) - ppdev: Add an error check in register_device (Huai-Yuan Liu) [Orabug: 36678065] {CVE-2024-36015} - stm class: Fix a double free in stm_register_device() (Dan Carpenter) [Orabug: 36763764] {CVE-2024-38627} - usb: gadget: u_audio: Clear uac pointer when freed. (Chris Wulff) - greybus: arche-ctrl: move device table to its right location (Arnd Bergmann) - serial: max3100: Fix bitwise types (Andy Shevchenko) - serial: max3100: Update uart_driver_registered on driver removal (Andy Shevchenko) [Orabug: 36763815] {CVE-2024-38633} - serial: max3100: Lock port->lock when calling uart_handle_cts_change() (Andy Shevchenko) [Orabug: 36763820] {CVE-2024-38634} - firmware: dmi-id: add a release callback function (Arnd Bergmann) - dmaengine: idma64: Add check for dma_set_max_seg_size (Chen Ni) - greybus: lights: check return of get_channel_from_mode (Rui Miguel Silva) [Orabug: 36763833] {CVE-2024-38637} - sched/fair: Allow disabling sched_balance_newidle with sched_relax_domain_level (Vitalii Bursov) - sched/topology: Don't set SD_BALANCE_WAKE on cpuset domain relax (Valentin Schneider) - af_packet: do not call packet_read_pending() from tpacket_destruct_skb() (Eric Dumazet) - netrom: fix possible dead-lock in nr_rt_ioctl() (Eric Dumazet) [Orabug: 36753582] {CVE-2024-38589} - RDMA/IPoIB: Fix format truncation compilation errors (Leon Romanovsky) - RDMA/ipoib: Fix use of sizeof() (Kamal Heib) - selftests/kcmp: remove unused open mode (Edward Liaw) - selftests/kcmp: Make the test output consistent and clear (Gautam Menghani) - ext4: avoid excessive credit estimate in ext4_tmpfile() (Jan Kara) - x86/insn: Fix PUSH instruction in x86 instruction decoder opcode map (Adrian Hunter) - ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (Steven Rostedt) - fbdev: sh7760fb: allow modular build (Randy Dunlap) - media: radio-shark2: Avoid led_names truncations (Ricardo Ribalda) - media: ngene: Add dvb_ca_en50221_init return value check (Aleksandr Burakov) - powerpc/fsl-soc: hide unused const variable (Arnd Bergmann) - drm/mediatek: Add 0 size check to mtk_drm_gem_obj (Justin Green) [Orabug: 36753415] {CVE-2024-38549} - fbdev: shmobile: fix snprintf truncation (Arnd Bergmann) - mtd: rawnand: hynix: fixed typo (Maxim Korotkov) - ipv6: sr: fix invalid unregister error path (Hangbin Liu) [Orabug: 36753711] {CVE-2024-38612} - ipv6: sr: fix incorrect unregister order (Hangbin Liu) - ipv6: sr: add missing seg6_local_exit (Hangbin Liu) - net: openvswitch: fix overwriting ct original tuple for ICMPv6 (Ilya Maximets) [Orabug: 36753463] {CVE-2024-38558} - net: usb: smsc95xx: stop lying about skb->truesize (Eric Dumazet) - af_unix: Fix data races in unix_release_sock/unix_stream_sendmsg (Breno Leitao) [Orabug: 36753600] {CVE-2024-38596} - m68k: mac: Fix reboot hang on Mac IIci (Finn Thain) - m68k/mac: Use '030 reset method on SE/30 (Finn Thain) - m68k: Fix spinlock race in kernel thread creation (Michael Schmitz) [Orabug: 36753715] {CVE-2024-38613} - net: usb: sr9700: stop lying about skb->truesize (Eric Dumazet) - wifi: mwl8k: initialize cmd->addr[] properly (Dan Carpenter) - scsi: qedf: Ensure the copied buf is NUL terminated (Bui Quang Minh) [Orabug: 36753468] {CVE-2024-38559} - scsi: bfa: Ensure the copied buf is NUL terminated (Bui Quang Minh) [Orabug: 36753473] {CVE-2024-38560} - Revert "sh: Handle calling csum_partial with misaligned data" (Guenter Roeck) - sh: kprobes: Merge arch_copy_kprobe() into arch_prepare_kprobe() (Geert Uytterhoeven) - wifi: ar5523: enable proper endpoint verification (Nikita Zhandarovich) [Orabug: 36753486] {CVE-2024-38565} - wifi: carl9170: add a proper sanity check for endpoints (Nikita Zhandarovich) [Orabug: 36753509] {CVE-2024-38567} - macintosh/via-macii: Fix "BUG: sleeping function called from invalid context" (Finn Thain) - macintosh/via-macii, macintosh/adb-iop: Clean up whitespace (Finn Thain) - m68k/mac: Add mutual exclusion for IOP interrupt polling (Finn Thain) - macintosh/via-macii: Remove BUG_ON assertions (Finn Thain) - wifi: ath10k: Fix an error code problem in ath10k_dbg_sta_write_peer_debug_trigger() (Su Hui) - scsi: hpsa: Fix allocation size for Scsi_Host private data (Yuri Karpov) - scsi: libsas: Fix the failure of adding phy with zero-address to port (Xingui Yang) - ACPI: disable -Wstringop-truncation (Arnd Bergmann) - irqchip/alpine-msi: Fix off-by-one in allocation error path (Zenghui Yu) - scsi: ufs: core: Perform read back after disabling UIC_COMMAND_COMPL (Andrew Halaney) - scsi: ufs: core: Perform read back after disabling interrupts (Andrew Halaney) - scsi: ufs: qcom: Perform read back after writing reset bit (Andrew Halaney) - wifi: ath10k: poll service ready message before failing (Baochen Qiang) - nfsd: drop st_mutex before calling move_to_close_lru() (NeilBrown) - null_blk: Fix missing mutex_destroy() at module removal (Zhu Yanjun) - jffs2: prevent xattr node from overflowing the eraseblock (Ilya Denisyev) [Orabug: 36753652] {CVE-2024-38599} - crypto: ccp - drop platform ifdef checks (Arnd Bergmann) - parisc: add missing export of __cmpxchg_u8() (Al Viro) - nilfs2: fix out-of-range warning (Arnd Bergmann) - ecryptfs: Fix buffer size for tag 66 packet (Brian Kubisiak) [Orabug: 36753537] {CVE-2024-38578} - firmware: raspberrypi: Use correct device for DMA mappings (Laurent Pinchart) - crypto: bcm - Fix pointer arithmetic (Aleksandr Mishin) [Orabug: 36753542] {CVE-2024-38579} - ASoC: da7219-aad: fix usage of device_get_named_child_node() (Pierre-Louis Bossart) - ASoC: dt-bindings: rt5645: add cbj sleeve gpio property (Derek Fang) - ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (Derek Fang) - net: usb: qmi_wwan: add Telit FN920C04 compositions (Daniele Palmas) - wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class (Igor Artemiev) - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (Daniel Starke) [Orabug: 36678069] {CVE-2024-36016} - nilfs2: fix potential hang in nilfs_detach_log_writer() (Ryusuke Konishi) [Orabug: 36753558] {CVE-2024-38582} - nilfs2: fix unexpected freezing of nilfs_segctor_sync() (Ryusuke Konishi) - ring-buffer: Fix a race between readers and resize checks (Petr Pavlu) [Orabug: 36753662] {CVE-2024-38601}
SRPMs
http://oss.oracle.com/ol7/SRPMS-updates//kernel-uek-4.14.35-2047.540.4.1.el7uek.src.rpm
x86_64
kernel-uek-4.14.35-2047.540.4.1.el7uek.x86_64.rpm kernel-uek-debug-4.14.35-2047.540.4.1.el7uek.x86_64.rpm kernel-uek-debug-devel-4.14.35-2047.540.4.1.el7uek.x86_64.rpm kernel-uek-devel-4.14.35-2047.540.4.1.el7uek.x86_64.rpm kernel-uek-tools-4.14.35-2047.540.4.1.el7uek.x86_64.rpm kernel-uek-doc-4.14.35-2047.540.4.1.el7uek.noarch.rpm
aarch64
i386
