Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
89
security advisorymoderateFedoraFedora 38 FEDORA-2023-f122ea1b3e Moderate Level: NATS-Server Security Fix
Contains updates to address CVE-2022-{28357,41717}. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-f122ea1b3e 2023-10-04 15:50:14.488468 -------------------------------------------------------------------------------- Name : nats-server Product : Fedora 38 Version : 2.10.1 Release : 4.fc38 URL : https://github.com/nats-io/nats-server Summary : High-Performance server for NATS, the cloud native messaging system Description : A High Performance NATS Server written in Go and hosted by the Cloud Native Computing Foundation (CNCF). -------------------------------------------------------------------------------- Update Information: Contains updates to address CVE-2022-{28357,41717} -------------------------------------------------------------------------------- ChangeLog: * Tue Sep 26 2023 Mark E. Fuller - 2.10.1-4 - disable tests which intermittently fail due to timeout * Tue Sep 26 2023 Mark E. Fuller - 2.10.1-3 - rebuild for CVE-2022-{28357,41717} * Fri Sep 22 2023 Mark E. Fuller - 2.10.1-2 - apply -f to %gometa * Fri Sep 22 2023 Mark E. Fuller - 2.10.1-1 - v2.10.1, close rhbz#2239760 * Tue Sep 19 2023 Mark E. Fuller - 2.9.22-1 - update to v2.9.22, close rhbz#1939310 * Thu Jul 20 2023 Fedora Release Engineering - 2.1.9-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-f122ea1b3e' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Oct 04, 2023
Fedora
217
security advisorynetwork securitycritical updateOracle Linux: ELSA-2023-12355 Critical Update for Istio and Kubelet
The following updated rpms for Oracle Linux Cloud Native Environment 1.6 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Cloud Native Environment Security Advisory ELSA-2023-12355 https://linux.oracle.com/errata/ELSA-2023-12355.html The following updated rpms for Oracle Linux Cloud Native Environment 1.6 have been uploaded to the Unbreakable Linux Network: x86_64: istio-1.16.4-1.el7.x86_64.rpm istio-istioctl-1.16.4-1.el7.x86_64.rpm kubelet-1.25.7-2.el7.x86_64.rpm kubectl-1.25.7-2.el7.x86_64.rpm kubeadm-1.25.7-2.el7.x86_64.rpm olcnectl-1.6.1-8.el7.x86_64.rpm olcne-agent-1.6.1-8.el7.x86_64.rpm olcne-api-server-1.6.1-8.el7.x86_64.rpm olcne-utils-1.6.1-8.el7.x86_64.rpm olcne-nginx-1.6.1-8.el7.x86_64.rpm olcne-prometheus-chart-1.6.1-8.el7.x86_64.rpm olcne-grafana-chart-1.6.1-8.el7.x86_64.rpm olcne-istio-chart-1.6.1-8.el7.x86_64.rpm olcne-olm-chart-1.6.1-8.el7.x86_64.rpm olcne-gluster-chart-1.6.1-8.el7.x86_64.rpm olcne-oci-ccm-chart-1.6.1-8.el7.x86_64.rpm olcne-metallb-chart-1.6.1-8.el7.x86_64.rpm olcne-calico-chart-1.6.1-8.el7.x86_64.rpm olcne-multus-chart-1.6.1-8.el7.x86_64.rpm SRPMS: https://oss.oracle.com:443/ol7/SRPMS-updates//istio-1.16.4-1.el7.src.rpm https://oss.oracle.com:443/ol7/SRPMS-updates//kubernetes-1.25.7-2.el7.src.rpm https://oss.oracle.com:443/ol7/SRPMS-updates//olcne-1.6.1-8.el7.src.rpm Related CVEs: CVE-2022-27487 CVE-2022-27488 CVE-2022-27491 CVE-2022-27492 CVE-2022-27493 CVE-2022-27496 Description of changes: istio [1.16.4-1] - Added Oracle specific files for 1.16.4-1 kubernetes [1.25.7-2] - libct/cg: add misc controller to v1 drivers (upstream runc patch) olcne [1.6.1-8] - Update Istio config to include 1.15.7 to support upgrade from 1.5.x to 1.6.x [1.6.1-7] - Bugfix:Append a slash in oci-instance-metada query url [1.6.1-6] - Fixed helm installation in OLCNE upgrade [1.6.1-5] - Deprecate oci-private-key in favour of oci-private-key-file - Updated olcne_version argument in olcnectl provision to support [1.6.1-4] - Update Istio version to 1.16.4 to addressCVE's - CVE-2022-27496 - CVE-2022-27488 - CVE-2022-27493 - CVE-2022-27492 - CVE-2022-27491 - CVE-2022-27487 [1.6.1-3] - Resolved the issue to install multiple network cards using multus [1.6.1-2] - Update kubelet for upstream runc misc cgroups patch [1.6.1-1] - Fix the bug olcnectl provision fails if ol8_developer does not exist _______________________________________________ El-errata mailing list
May 26, 2023
•Critical
Oracle
217
security advisorysoftware updatecritical updateOracle Linux Cloud Native ELSA-2022-9362 Critical: Addressing Risks
The following updated rpms for Oracle Linux Cloud Native Environment 1.4 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Cloud Native Environment Security Advisory ELSA-2022-9362 https://linux.oracle.com/errata/ELSA-2022-9362.html The following updated rpms for Oracle Linux Cloud Native Environment 1.4 have been uploaded to the Unbreakable Linux Network: x86_64: olcnectl-1.4.3-1.el8.x86_64.rpm olcne-agent-1.4.3-1.el8.x86_64.rpm olcne-api-server-1.4.3-1.el8.x86_64.rpm olcne-utils-1.4.3-1.el8.x86_64.rpm olcne-nginx-1.4.3-1.el8.x86_64.rpm olcne-prometheus-chart-1.4.3-1.el8.x86_64.rpm olcne-grafana-chart-1.4.3-1.el8.x86_64.rpm olcne-istio-chart-1.4.3-1.el8.x86_64.rpm olcne-olm-chart-1.4.3-1.el8.x86_64.rpm olcne-gluster-chart-1.4.3-1.el8.x86_64.rpm olcne-oci-csi-chart-1.4.3-1.el8.x86_64.rpm istio-1.12.6-1.el8.x86_64.rpm istio-istioctl-1.12.6-1.el8.x86_64.rpm istio-1.13.2-1.el8.x86_64.rpm istio-istioctl-1.13.2-1.el8.x86_64.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates/olcne-1.4.3-1.el8.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/istio-1.12.6-1.el8.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates/istio-1.13.2-1.el8.src.rpm container_images: container-registry.oracle.com/olcne/pilot:1.12.6 container-registry.oracle.com/olcne/proxyv2:1.12.6 container-registry.oracle.com/olcne/pilot:1.13.2 container-registry.oracle.com/olcne/proxyv2:1.13.2 container-registry.oracle.com/olcne/grafana:v7.5.15 Related CVEs: CVE-2022-24726 CVE-2022-24921 Description of changes: olcne [1.4.3-1] - Update Istio to 1.13.2 istio [1.12.6-1] - Addresses CVE-2022-24726, CVE-2022-24921 istio [1.13.2-1] - Added Oracle specific files for 1.13.2-1 container-registry.oracle.com/olcne/pilot:1.12.6 - CVE-2022-24726, CVE-2022-24921 container-registry.oracle.com/olcne/proxyv2:1.12.6 - CVE-2022-24726, CVE-2022-24921 container-registry.oracle.com/olcne/pilot:1.13.2 - CVE-2022-24726, CVE-2022-24921 container-registry.oracle.com/olcne/proxyv2:1.13.2 - CVE-2022-24726,CVE-2022-24921 container-registry.oracle.com/olcne/grafana:v7.5.15 - CVE-2022-24726, CVE-2022-24921 _______________________________________________ El-errata mailing list
May 09, 2022
•Critical
Oracle
217
security advisorysecurity issueupdateOracle Linux Cloud Native 1.1 ELSA-2022-9314 Critical: Kernel Security Fix
The following updated rpms for Oracle Linux Cloud Native Environment 1.1 have been uploaded to the Unbreakable Linux Network . Oracle Linux Cloud Native Environment Security Advisory ELSA-2022-9314 https://linux.oracle.com/errata/ELSA-2022-9314.html The following updated rpms for Oracle Linux Cloud Native Environment 1.1 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-container-4.14.35-2047.512.6.el7.x86_64.rpm SRPMS: https://oss.oracle.com:443/ol7/SRPMS-updates/kernel-uek-container-4.14.35-2047.512.6.el7.src.rpm Related CVEs: CVE-2020-36516 CVE-2021-20317 CVE-2021-26401 CVE-2021-4002 CVE-2021-4149 CVE-2022-0330 CVE-2022-0435 CVE-2022-0492 CVE-2022-0617 CVE-2022-0847 CVE-2022-1016 CVE-2022-22942 CVE-2022-24448 CVE-2022-26966 Description of changes: [4.14.35-2047.512.6.el7] - Revert "rds/ib: recover rds connection from stuck rx path" (Rohit Nair) [Orabug: 34039271] [4.14.35-2047.512.5.el7] - netfilter: nf_tables: initialize registers in nft_do_chain() (Pablo Neira Ayuso) [Orabug: 34012925] {CVE-2022-1016} - rds: Fix incorrect initialization order (Håkon Bugge) [Orabug: 33923372] - btrfs: unlock newly allocated extent buffer after error (Qu Wenruo) [Orabug: 33997138] {CVE-2021-4149} - sr9700: sanity check for packet length (Oliver Neukum) [Orabug: 33962706] {CVE-2022-26966} [4.14.35-2047.512.4.el7] - Linux 4.14.265 (Greg Kroah-Hartman) - ext4: fix error handling in ext4_restore_inline_data() (Ritesh Harjani) - EDAC/xgene: Fix deferred probing (Sergey Shtylyov) - EDAC/altera: Fix deferred probing (Sergey Shtylyov) - rtc: cmos: Evaluate century appropriate (Riwen Lu) - selftests: futex: Use variable MAKE instead of make (Muhammad Usama Anjum) - nfsd: nfsd4_setclientid_confirm mistakenly expires confirmed client. (Dai Ngo) - scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe (John Meneghini) - ASoC: fsl: Add missing error handling in pcm030_fabric_probe (Miaoqian Lin) - drm/i915/overlay: Prevent divide by zero bugsin scaling (Dan Carpenter) - net: macsec: Verify that send_sci is on when setting Tx sci explicitly (Lior Nahmanson) - net: ieee802154: Return meaningful error codes from the netlink helpers (Miquel Raynal) - net: ieee802154: ca8210: Stop leaking skb's (Miquel Raynal) - spi: meson-spicc: add IRQ check in meson_spicc_probe (Miaoqian Lin) - spi: mediatek: Avoid NULL pointer crash in interrupt (Benjamin Gaignard) - spi: bcm-qspi: check for valid cs before applying chip select (Kamal Dasu) - iommu/amd: Fix loop timeout issue in iommu_ga_log_enable() (Joerg Roedel) - iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() (Guoqing Jiang) - RDMA/mlx4: Don't continue event handler after memory allocation failure (Leon Romanovsky) - block: bio-integrity: Advance seed correctly for larger interval sizes (Martin K. Petersen) - drm/nouveau: fix off by one in BIOS boundary checking (Nick Lopez) - ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx() (Mark Brown) - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx() (Mark Brown) - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() (Mark Brown) - audit: improve audit queue handling when "audit=1" on cmdline (Paul Moore) - af_packet: fix data-race in packet_setsockopt / packet_setsockopt (Eric Dumazet) - rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() (Eric Dumazet) - net: amd-xgbe: Fix skb data length underflow (Shyam Sundar S K) - net: amd-xgbe: ensure to reset the tx_timer_active flag (Raju Rangoju) - ipheth: fix EOVERFLOW in ipheth_rcvbulk_callback (Georgi Valkov) - netfilter: nat: limit port clash resolution attempts (Florian Westphal) - netfilter: nat: remove l4 protocol port rovers (Florian Westphal) - bpf: fix truncated jump targets on heavy expansions (Daniel Borkmann) - ipv4: raw: lock the socket in raw_bind() (Eric Dumazet) - yam: fix a memory leak in yam_siocdevprivate() (Hangyu Hua) - ibmvnic: don't spin in tasklet (Sukadev Bhattiprolu) - drm/msm/dsi: invalid parametercheck in msm_dsi_phy_enable (José Expósito) - drm/msm: Fix wrong size calculation (Xianting Tian) - net-procfs: show net devices bound packet types (Jianguo Wu) - NFSv4: nfs_atomic_open() can race when looking up a non-regular file (Trond Myklebust) - hwmon: (lm90) Reduce maximum conversion rate for G781 (Guenter Roeck) - ping: fix the sk_bound_dev_if match in ping_lookup (Xin Long) - net: fix information leakage in /proc/net/ptype (Saeed Mirzamohammadi) - ipv6_tunnel: Rate limit warning messages (Ido Schimmel) - scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() (John Meneghini) - rpmsg: char: Fix race between the release of rpmsg_eptdev and cdev (Matthias Kaehlcke) - rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev (Sujit Kautkar) - i40e: fix unsigned stat widths (Joe Damato) - i40e: Increase delay to 1 s after global EMP reset (Jedrzej Jagielski) - lkdtm: Fix content of section containing lkdtm_rodata_do_nothing() (Christophe Leroy) - powerpc/32: Fix boot failure with GCC latent entropy plugin (Christophe Leroy) - net: sfp: ignore disabled SFP node (Marek Behún) - usb: typec: tcpm: Do not disconnect while receiving VBUS off (Badhri Jagan Sridharan) - USB: core: Fix hang in usb_kill_urb by adding memory barriers (Alan Stern) - usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS (Pavankumar Kondeti) - usb: common: ulpi: Fix crash in ulpi_match() (Jon Hunter) - usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge (Alan Stern) - tty: Add support for Brainboxes UC cards. (Cameron Williams) - tty: n_gsm: fix SW flow control encoding/handling (daniel.starke@siemens.com) - serial: stm32: fix software flow control transfer (Valentin Caron) - netfilter: nft_payload: do not update layer 4 checksum when mangling fragments (Pablo Neira Ayuso) - PM: wakeup: simplify the output logic of pm_show_wakelocks() (Greg Kroah-Hartman) - scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP devices (Steffen Maier) -s390/hypfs: include z/VM guests with access control group set (Vasily Gorbik) - Bluetooth: refactor malicious adv data check (Brian Gix) - Linux 4.14.264 (Greg Kroah-Hartman) - can: bcm: fix UAF of bcm op (Ziyang Xuan) - Linux 4.14.263 (Greg Kroah-Hartman) - gianfar: fix jumbo packets+napi+rx overrun crash (Michael Braun) - gianfar: simplify FCS handling and fix memory leak (Andy Spencer) - drm/ttm/nouveau: don't call tt destroy callback on alloc failure. (Dave Airlie) - mips,s390,sh,sparc: gup: Work around the "COW can break either way" issue (Ben Hutchings) - lib82596: Fix IRQ check in sni_82596_probe (Miaoqian Lin) - scripts/dtc: dtx_diff: remove broken example from help text (Matthias Schiffer) - bcmgenet: add WOL IRQ check (Sergey Shtylyov) - net_sched: restore "mpu xxx" handling (Kevin Bracey) - dmaengine: at_xdmac: Fix at_xdmac_lld struct definition (Tudor Ambarus) - dmaengine: at_xdmac: Fix lld view setting (Tudor Ambarus) - dmaengine: at_xdmac: Print debug message after realeasing the lock (Tudor Ambarus) - dmaengine: at_xdmac: Don't start transactions at tx_submit level (Tudor Ambarus) - libcxgb: Don't accidentally set RTO_ONLINK in cxgb_find_route() (Guillaume Nault) - netns: add schedule point in ops_exit_list() (Eric Dumazet) - net: axienet: fix number of TX ring slots for available check (Robert Hancock) - net: axienet: Wait for PhyRstCmplt after core reset (Robert Hancock) - af_unix: annote lockless accesses to unix_tot_inflight & gc_in_progress (Eric Dumazet) - parisc: pdc_stable: Fix memory leak in pdcs_register_pathentries (Miaoqian Lin) - net/fsl: xgmac_mdio: Fix incorrect iounmap when removing module (Tobias Waldekranz) - powerpc/fsl/dts: Enable WA for erratum A-009885 on fman3l MDIO buses (Tobias Waldekranz) - powerpc/cell: Fix clang -Wimplicit-fallthrough warning (Anders Roxell) - RDMA/rxe: Fix a typo in opcode name (Chengguang Xu) - RDMA/hns: Modify the mapping attribute of doorbell to device (Yixing Liu) - Documentation: refer to config RANDOMIZE_BASE forkernel address-space randomization (Lukas Bulwahn) - firmware: Update Kconfig help text for Google firmware (Ben Hutchings) - drm/radeon: fix error handling in radeon_driver_open_kms (Christian König) - crypto: stm32/crc32 - Fix kernel BUG triggered in probe() (Marek Vasut) - ext4: don't use the orphan list when migrating an inode (Theodore Ts'o) - ext4: Fix BUG_ON in ext4_bread when write quota data (Ye Bin) - ext4: set csum seed in tmp inode while migrating to extents (Luís Henriques) - ext4: make sure quota gets properly shutdown on error (Jan Kara) - iwlwifi: mvm: Increase the scan timeout guard to 30 seconds (Ilan Peer) - cputime, cpuacct: Include guest time in user time in cpuacct.stat (Andrey Ryabinin) - serial: Fix incorrect rs485 polarity on uart open (Lukas Wunner) - ubifs: Error path in ubifs_remount_rw() seems to wrongly free write buffers (Petr Cvachoucek) - power: bq25890: Enable continuous conversion for ADC at charging (Yauhen Kharuzhy) - ASoC: mediatek: mt8173: fix device_node leak (Tzung-Bi Shih) - scsi: sr: Don't use GFP_DMA (Christoph Hellwig) - MIPS: Octeon: Fix build errors using clang (Tianjia Zhang) - i2c: designware-pci: Fix to change data types of hcnt and lcnt parameters (Lakshmi Sowjanya D) - MIPS: OCTEON: add put_device() after of_find_device_by_node() (Ye Guojin) - ALSA: seq: Set upper limit of processed events (Takashi Iwai) - w1: Misuse of get_user()/put_user() reported by sparse (Christophe Leroy) - i2c: mpc: Correct I2C reset procedure (Joakim Tjernlund) - powerpc/smp: Move setup_profiling_timer() under CONFIG_PROFILING (Michael Ellerman) - i2c: i801: Don't silently correct invalid transfer size (Heiner Kallweit) - powerpc/watchdog: Fix missed watchdog reset due to memory ordering race (Nicholas Piggin) - powerpc/btext: add missing of_node_put (Julia Lawall) - powerpc/cell: add missing of_node_put (Julia Lawall) - powerpc/powernv: add missing of_node_put (Julia Lawall) - powerpc/6xx: add missing of_node_put (Julia Lawall) - parisc: Avoid callingfaulthandler_disabled() twice (John David Anglin) - serial: core: Keep mctrl register state and cached copy in sync (Lukas Wunner) - serial: pl010: Drop CR register reset on set_termios (Lukas Wunner) - net: phy: marvell: configure RGMII delays for 88E1118 (Russell King (Oracle)) - dm space map common: add bounds check to sm_ll_lookup_bitmap() (Joe Thornber) - dm btree: add a defensive bounds check to insert_at() (Joe Thornber) - mac80211: allow non-standard VHT MCS-10/11 (Ping-Ke Shih) - net: mdio: Demote probed message to debug print (Florian Fainelli) - btrfs: remove BUG_ON(!eie) in find_parent_nodes (Josef Bacik) - btrfs: remove BUG_ON() in find_parent_nodes() (Josef Bacik) - ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5 (Kirill A. Shutemov) - ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R() (Rafael J. Wysocki) - ACPICA: Utilities: Avoid deleting the same object twice in a row (Rafael J. Wysocki) - ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions (Mark Langsdorf) - jffs2: GC deadlock reading a page that is used in jffs2_write_begin() (Kyeong Yoo) - um: registers: Rename function names to avoid conflicts and build problems (Randy Dunlap) - iwlwifi: remove module loading failure message (Johannes Berg) - iwlwifi: fix leaks/bad data after failed firmware load (Johannes Berg) - ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream (Zekun Shen) - usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0 (Kai-Heng Feng) - arm64: tegra: Adjust length of CCPLEX cluster MMIO region (Thierry Reding) - mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO (Ulf Hansson) - media: saa7146: hexium_gemini: Fix a NULL pointer dereference in hexium_attach() (Zhou Qingyang) - media: igorplugusb: receiver overflow should be reported (Sean Young) - bpf: Do not WARN in bpf_warn_invalid_xdp_action() (Paolo Abeni) - net: bonding: debug: avoid printing debug logs when bond is not notifying peers (Suresh Kumar) - ath10k: Fix tx hanging(Sebastian Gottschall) - iwlwifi: mvm: synchronize with FW after multicast commands (Johannes Berg) - media: m920x: don't use stack on USB reads (Mauro Carvalho Chehab) - media: saa7146: hexium_orion: Fix a NULL pointer dereference in hexium_attach() (Zhou Qingyang) - media: uvcvideo: Increase UVC_CTRL_CONTROL_TIMEOUT to 5 seconds. (James Hilliard) - floppy: Add max size check for user space request (Xiongwei Song) - usb: uhci: add aspeed ast2600 uhci support (Neal Liu) - mwifiex: Fix skb_over_panic in mwifiex_usb_recv() (Zekun Shen) - HSI: core: Fix return freed object in hsi_new_client (Chengfeng Ye) - gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use (Hans de Goede) - drm/bridge: megachips: Ensure both bridges are probed before registration (Martyn Welch) - mlxsw: pci: Add shutdown method in PCI driver (Danielle Ratson) - media: b2c2: Add missing check in flexcop_pci_isr: (Zheyu Ma) - HID: apple: Do not reset quirks when the Fn key is not found (José Expósito) - usb: gadget: f_fs: Use stream_open() for endpoint files (Pavankumar Kondeti) - drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR (Ben Skeggs) - ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply (Zekun Shen) - fs: dlm: filter user dlm messages for kernel locks (Alexander Aring) - Bluetooth: Fix debugfs entry leak in hci_register_dev() (Wei Yongjun) - RDMA/cxgb4: Set queue pair state when being queried (Kamal Heib) - mips: bcm63xx: add support for clk_set_parent() (Randy Dunlap) - mips: lantiq: add support for clk_set_parent() (Randy Dunlap) - misc: lattice-ecp3-config: Fix task hung when firmware load failed (Wei Yongjun) - ASoC: samsung: idma: Check of ioremap return value (Jiasheng Jiang) - iommu/iova: Fix race between FQ timeout and teardown (Xiongfeng Wang) - dmaengine: pxa/mmp: stop referencing config-> slave_id (Arnd Bergmann) - RDMA/core: Let ib_find_gid() continue search even after empty entry (Avihai Horon) - scsi: ufs: Fix race conditions related to driverdata (Bart Van Assche) - char/mwave: Adjust io port register size (Kees Cook) - ALSA: oss: fix compile error when OSS_DEBUG is enabled (Bixuan Cui) - powerpc/prom_init: Fix improper check of prom_getprop() (Peiwei Hu) - RDMA/hns: Validate the pkey index (Kamal Heib) - ALSA: hda: Add missing rwsem around snd_ctl_remove() calls (Takashi Iwai) - ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls (Takashi Iwai) - ALSA: jack: Add missing rwsem around snd_ctl_remove() calls (Takashi Iwai) - ext4: avoid trim error on fs with small groups (Jan Kara) - net: mcs7830: handle usb read errors properly (Pavel Skripkin) - pcmcia: fix setting of kthread task states (Dominik Brodowski) - can: xilinx_can: xcan_probe(): check for error irq (Jiasheng Jiang) - can: softing: softing_startstop(): fix set but not used variable warning (Marc Kleine-Budde) - tpm: add request_locality before write TPM_INT_ENABLE (Chen Jun) - spi: spi-meson-spifc: Add missing pm_runtime_disable() in meson_spifc_probe (Miaoqian Lin) - fsl/fman: Check for null pointer after calling devm_ioremap (Jiasheng Jiang) - ppp: ensure minimum packet size in ppp_write() (Eric Dumazet) - pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in nonstatic_find_mem_region() (Zhou Qingyang) - pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in __nonstatic_find_io_region() (Zhou Qingyang) - x86/mce/inject: Avoid out-of-bounds write when setting flags (Zhang Zixun) - usb: ftdi-elan: fix memory leak on device disconnect (Wei Yongjun) - media: msi001: fix possible null-ptr-deref in msi001_probe() (Wang Hai) - media: dw2102: Fix use after free (Anton Vasilyev) - sched/rt: Try to restart rt period timer when rt runtime exceeded (Li Hua) - media: si2157: Fix "warm" tuner state detection (Robert Schlabbach) - media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach() (Zhou Qingyang) - media: dib8000: Fix a memleak in dib8000_init() (Zhou Qingyang) - floppy: Fix hang in watchdog when disk is ejected (Tasos Sahanidis) - serial:amba-pl011: do not request memory region twice (Lino Sanfilippo) - drm/radeon/radeon_kms: Fix a NULL pointer dereference in radeon_driver_open_kms() (Zhou Qingyang) - drm/amdgpu: Fix a NULL pointer dereference in amdgpu_connector_lcd_native_mode() (Zhou Qingyang) - arm64: dts: qcom: msm8916: fix MMC controller aliases (Dmitry Baryshkov) - netfilter: bridge: add support for pppoe filtering (Florian Westphal) - media: mtk-vcodec: call v4l2_m2m_ctx_release first when file is released (Dafna Hirschfeld) - tty: serial: atmel: Call dma_async_issue_pending() (Tudor Ambarus) - tty: serial: atmel: Check return code of dmaengine_submit() (Tudor Ambarus) - crypto: qce - fix uaf on qce_ahash_register_one (Chengfeng Ye) - media: dmxdev: fix UAF when dvb_register_device() fails (Wang Hai) - Bluetooth: stop proccessing malicious adv data (Pavel Skripkin) - media: em28xx: fix memory leak in em28xx_init_dev (Dongliang Mu) - wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND (Bryan O'Donoghue) - clk: bcm-2835: Remove rounding up the dividers (Maxime Ripard) - clk: bcm-2835: Pick the closest clock rate (Maxime Ripard) - Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails (Wang Hai) - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller (Yifeng Li) - shmem: fix a race between shmem_unused_huge_shrink and shmem_evict_inode (Gang Li) - can: softing_cs: softingcs_probe(): fix memleak on registration failure (Johan Hovold) - media: stk1160: fix control-message timeouts (Johan Hovold) - media: pvrusb2: fix control-message timeouts (Johan Hovold) - media: redrat3: fix control-message timeouts (Johan Hovold) - media: dib0700: fix undefined behavior in tuner shutdown (Michael Kuron) - media: s2255: fix control-message timeouts (Johan Hovold) - media: cpia2: fix control-message timeouts (Johan Hovold) - media: em28xx: fix control-message timeouts (Johan Hovold) - media: mceusb: fix control-message timeouts (Johan Hovold) - media: flexcop-usb: fix control-messagetimeouts (Johan Hovold) - rtc: cmos: take rtc_lock while reading from CMOS (Mateusz Jończyk) - nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed bind() (Krzysztof Kozlowski) - HID: wacom: Avoid using stale array indicies to read contact count (Jason Gerecke) - HID: wacom: Ignore the confidence flag when a touch is removed (Jason Gerecke) - HID: uhid: Fix worker destroying device without any protection (Jann Horn) - Bluetooth: fix init and cleanup of sco_conn.timeout_work (Desmond Cheong Zhi Xi) - Bluetooth: schedule SCO timeouts with delayed_work (Desmond Cheong Zhi Xi) - rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with interrupts enabled (Larry Finger) - media: uvcvideo: fix division by zero at stream start (Johan Hovold) - orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc() (Christophe JAILLET) - drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk() (Nathan Chancellor) - staging: wlan-ng: Avoid bitwise vs logical OR warning in hfa384x_usb_throttlefn() (Nathan Chancellor) - random: fix data race on crng init time (Eric Biggers) - random: fix data race on crng_node_pool (Eric Biggers) - can: gs_usb: gs_can_start_xmit(): zero-initialize hf-> {flags,reserved} (Brian Silverman) - can: gs_usb: fix use of uninitialized variable, detach device on reception of invalid USB data (Marc Kleine-Budde) - mfd: intel-lpss: Fix too early PM enablement in the ACPI -> probe() (Andy Shevchenko) - USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status (Alan Stern) - USB: core: Fix bug in resuming hub's handling of wakeup requests (Alan Stern) - Bluetooth: bfusb: fix division by zero in send path (Johan Hovold) - Linux 4.14.262 (Greg Kroah-Hartman) - mISDN: change function names to avoid conflicts (wolfgang huang) - net: udp: fix alignment problem in udp4_seq_show() (yangxingwu) - ip6_vti: initialize __ip6_tnl_parm struct in vti6_siocdevprivate (William Zhao) - scsi: libiscsi: Fix UAF iniscsi_conn_get_param()/iscsi_conn_teardown() (Lixiaokeng) - ipv6: Do cleanup if attribute validation fails in multipath route (David Ahern) - ipv6: Continue processing multipath route even if gateway attribute is invalid (David Ahern) - phonet: refcount leak in pep_sock_accep (Hangyu Hua) - rndis_host: support Hytera digital radios (Thomas Toye) - power: reset: ltc2952: Fix use of floating point literals (Nathan Chancellor) - sch_qfq: prevent shift-out-of-bounds in qfq_init_qdisc (Eric Dumazet) - ipv6: Check attribute length for RTA_GATEWAY when deleting multipath route (David Ahern) - ipv6: Check attribute length for RTA_GATEWAY in multipath route (David Ahern) - i40e: Fix incorrect netdev's real number of RX/TX queues (Jedrzej Jagielski) - i40e: fix use-after-free in i40e_sync_filters_subtask() (Di Zhu) - mac80211: initialize variable have_higher_than_11mbit (Tom Rix) - RDMA/core: Don't infoleak GRH fields (Leon Romanovsky) - ieee802154: atusb: fix uninit value in atusb_set_extended_addr (Pavel Skripkin) - virtio_pci: Support surprise removal of virtio pci device (Parav Pandit) - tracing: Tag trace_percpu_buffer as a percpu pointer (Naveen N. Rao) - tracing: Fix check for trace_percpu_buffer validity in get_trace_buf() (Naveen N. Rao) - Bluetooth: btusb: Apply QCA Rome patches for some ATH3012 models (Takashi Iwai) [4.14.35-2047.512.3.el7] - lib/timerqueue: Rely on rbtree semantics for next timer (Davidlohr Bueso) [Orabug: 33406086] {CVE-2021-20317} - rds/ib: Resize CQ if send-/recv-ring-size are changed (Hans Westgaard Ry) [Orabug: 33940520] - uek-rpm: remove uek-rpm/ol8 (John Donnelly) [Orabug: 33665655] - uek-rpm: Enable config CONFIG_SCSI_MQ_DEFAULT (Saeed Mirzamohammadi) [Orabug: 33973455] - sched: restore the sliding search window for select_idle_cpu() (Libo Chen) [Orabug: 33965297] - NFSv4: Handle case where the lookup of a directory fails (Trond Myklebust) [Orabug: 33958155] {CVE-2022-24448} - Linux 4.14.261 (Greg Kroah-Hartman) - sctp: use call_rcu to free endpoint(Xin Long) - net: fix use-after-free in tw_timer_handler (Muchun Song) - Input: spaceball - fix parsing of movement data packets (Leo L. Schwab) - Input: appletouch - initialize work before device registration (Pavel Skripkin) - binder: fix async_free_space accounting for empty parcels (Todd Kjos) - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear. (Vincent Pelletier) - xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set. (Mathias Nyman) - uapi: fix linux/nfc.h userspace compilation errors (Dmitry V. Levin) - nfc: uapi: use kernel size_t to fix user-space builds (Krzysztof Kozlowski) - fsl/fman: Fix missing put_device() call in fman_port_probe (Miaoqian Lin) - NFC: st21nfca: Fix memory leak in device probe and remove (Wei Yongjun) - net: usb: pegasus: Do not drop long Ethernet frames (Matthias-Christian Ott) - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() (Dan Carpenter) - selinux: initialize proto variable in selinux_ip_postroute_compat() (Tom Rix) - recordmcount.pl: fix typo in s390 mcount regex (Heiko Carstens) - platform/x86: apple-gmux: use resource_size() with res (Wang Qing) - HID: asus: Add depends on USB_HID to HID_ASUS Kconfig option (Hans de Goede) - Linux 4.14.260 (Greg Kroah-Hartman) - phonet/pep: refuse to enable an unbound pipe (Rémi Denis-Courmont) - hamradio: improve the incomplete fix to avoid NPD (Lin Ma) - hamradio: defer ax25 kfree after unregister_netdev (Lin Ma) - ax25: NPD bug when detaching AX25 device (Lin Ma) - hwmon: (lm90) Do not report 'busy' status bit as alarm (Guenter Roeck) - KVM: VMX: Fix stale docs for kvm-intel.emulate_invalid_guest_state (Sean Christopherson) - usb: gadget: u_ether: fix race in setting MAC address in setup phase (Marian Postevca) - f2fs: fix to do sanity check on last xattr entry in __f2fs_setxattr() (Chao Yu) - ARM: 9169/1: entry: fix Thumb2 bug in iWMMXt exception handling (Ard Biesheuvel) - pinctrl: stm32: consider the GPIO offset to expose all the GPIO lines (Fabien Dessenne) -x86/pkey: Fix undefined behaviour with PKRU_WD_BIT (Andrew Cooper) - Input: atmel_mxt_ts - fix double free in mxt_read_info_block (José Expósito) - ALSA: drivers: opl3: Fix incorrect use of vp-> state (Colin Ian King) - ALSA: jack: Check the return value of kstrdup() (Xiaoke Wang) - hwmon: (lm90) Fix usage of CONFIG2 register in detect function (Guenter Roeck) - sfc: falcon: Check null pointer of rx_queue-> page_ring (Jiasheng Jiang) - drivers: net: smc911x: Check for error irq (Jiasheng Jiang) - fjes: Check for error irq (Jiasheng Jiang) - bonding: fix ad_actor_system option setting to default (Fernando Fernandez Mancera) - net: skip virtio_net_hdr_set_proto if protocol already set (Willem de Bruijn) - qlcnic: potential dereference null pointer of rx_queue-> page_ring (Jiasheng Jiang) - spi: change clk_disable_unprepare to clk_unprepare (Dongliang Mu) - HID: holtek: fix mouse probing (Benjamin Tissoires) - can: kvaser_usb: get CAN clock frequency from device (Jimmy Assarsson) - net: usb: lan78xx: add Allied Telesis AT29M2-AF (Greg Jesionowski) - x86/speculation: Add knob for eibrs_retpoline_enabled (Patrick Colp) [Orabug: 33937656] {CVE-2021-26401} - x86/speculation: Extend our code to properly support eibrs+lfence and eibrs+retpoline (Patrick Colp) [Orabug: 33937656] {CVE-2021-26401} - x86/speculation: Update link to AMD speculation whitepaper (Kim Phillips) [Orabug: 33937656] {CVE-2021-26401} - x86/speculation: Use generic retpoline by default on AMD (Kim Phillips) [Orabug: 33937656] {CVE-2021-26401} - x86/speculation: Include unprivileged eBPF status in Spectre v2 mitigation reporting (Josh Poimboeuf) [Orabug: 33937656] {CVE-2021-26401} - Documentation/hw-vuln: Update spectre doc (Peter Zijlstra) [Orabug: 33937656] {CVE-2021-26401} - x86/speculation: Add eIBRS + Retpoline options (Peter Zijlstra) [Orabug: 33937656] {CVE-2021-26401} - x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE (Peter Zijlstra (Intel)) [Orabug: 33937656] {CVE-2021-26401} -x86/speculation: Merge one test in spectre_v2_user_select_mitigation() (Borislav Petkov) [Orabug: 33937656] {CVE-2021-26401} - x86/speculation: Update ALTERNATIVEs to (more closely) match upstream (Patrick Colp) [Orabug: 33937656] {CVE-2021-26401} - x86/speculation: Fix bug in retpoline mode on AMD with `spectre_v2=none` (Patrick Colp) [Orabug: 33937656] {CVE-2021-26401} - ACPICA: Enable sleep button on ACPI legacy wake (Anchal Agarwal) [Orabug: 33925502] - ipv4: tcp: send zero IPID in SYNACK messages (Eric Dumazet) [Orabug: 33917057] {CVE-2020-36516} - ipv4: avoid using shared IP generator for connected sockets (Eric Dumazet) [Orabug: 33917057] {CVE-2020-36516} - lib/iov_iter: initialize "flags" in new pipe_buffer (Max Kellermann) [Orabug: 33910800] {CVE-2022-0847} - x86/speculation: The choice of retpoline mode is sometimes ignored (Patrick Colp) [Orabug: 33890092] - udf: Restore i_lenAlloc when inode expansion fails (Jan Kara) [Orabug: 33870267] {CVE-2022-0617} - udf: Fix NULL ptr deref when converting from inline format (Jan Kara) [Orabug: 33870267] {CVE-2022-0617} - scsi: libiscsi: Hold back_lock when calling iscsi_complete_task (Gulam Mohamed) [Orabug: 33851182] - drm/vmwgfx: Fix stale file descriptors on failed usercopy (Mathias Krause) [Orabug: 33840433] {CVE-2022-22942} - drm/i915: Flush TLBs before releasing backing store (Tvrtko Ursulin) [Orabug: 33835811] {CVE-2022-0330} - proc/vmcore: fix clearing user buffer by properly using clear_user() (David Hildenbrand) [Orabug: 33832650] - rds/ib: recover rds connection from stuck rx path (Nagappan Ramasamy Palaniappan) [Orabug: 33820767] - rds: ib: Make selection of completion_vector QoS aware (Håkon Bugge) [Orabug: 33819408] - Enable CONFIG_DM_DUST and nano for UEK5 (Gulam Mohamed) [Orabug: 33653698] - dm dust: use dust block size for badblocklist index (Bryan Gurney) [Orabug: 33653698] - dm dust: Make dm_dust_init and dm_dust_exit static (YueHaibing) [Orabug: 33653698] - dm dust: remove redundant unsignedcomparison to less than zero (Colin Ian King) [Orabug: 33653698] - dm: add dust target (Bryan Gurney) [Orabug: 33653698] - hugetlbfs: flush TLBs correctly after huge_pmd_unshare (Nadav Amit) [Orabug: 33617219] {CVE-2021-4002} - rds/ib: recover rds connection from stuck tx path (Nagappan Ramasamy Palaniappan) [Orabug: 33820747] - uek-rpm: Add missing symbols to kabi_lockedlist (Stephen Brennan) [Orabug: 33871558] [4.14.35-2047.512.1.el7] - Revert "stable: clamp SUBLEVEL in 4.14" (Alan Maguire) [Orabug: 33861950] - tipc: improve size validations for received domain records (Jon Maloy) [Orabug: 33850803] {CVE-2022-0435} - cgroup-v1: Require capabilities to set release_agent (Eric W. Biederman) [Orabug: 33825688] {CVE-2022-0492} - blk-stat: delete useless code (Shaohua Li) [Orabug: 33772945] - DMA/rxe: Update default value of RXE_MAX_PDN (Rao Shoaib) [Orabug: 33676598] [4.14.35-2047.512.0.el7] - bpf: Disallow unprivileged bpf by default (Pawan Gupta) [Orabug: 33734682] - bpf: Add kconfig knob for disabling unpriv bpf by default (Daniel Borkmann) [Orabug: 33734682] - RDMA/rxe: Use correct sizing on buffers holding page DMA addresses (Shiraz Saleem) [Orabug: 33676942] - hwmon: (k10temp) Add support for Zen3 CPUs (Rahul Rohit) [Orabug: 33782835] - arm64, mm, efi: Account for GICv3 LPI tables in static memblock reserve table (Ard Biesheuvel) [Orabug: 33787546] - uek-rpm: Pensando: Enable Elba EDAC (Dave Kleikamp) [Orabug: 33831294] - dsc-drivers: update for 1.15.9-C-64 (Dave Kleikamp) [Orabug: 33831294] - drivers/hwmon: Adding support LTC3888 (David Clear) [Orabug: 33831294] - drivers/edac: Add Elba EDAC support (David Clear) [Orabug: 33831294] - arm64/configs: Remove CONFIG_PENSANDO_SOC_CAPMEM_HUGEPAGE (David Clear) [Orabug: 33831294] - drivers/soc/pensando: Add reset cause driver (David Clear) [Orabug: 33831294] - net/rds: Fix memory leak in __rds_conn_create() on alloc_ordered_workqueue fail (Freddy Carrillo) [Orabug: 33811475] - x86/smpboot: checkcpu_initialized_mask first after returning from schedule() (Dongli Zhang) [Orabug: 33544127] - Linux 4.14.259 (Greg Kroah-Hartman) - xen/console: harden hvc_xen against event channel storms (Juergen Gross) - Input: touchscreen - avoid bitwise vs logical OR warning (Nathan Chancellor) - ARM: 8800/1: use choice for kernel unwinders (Stefan Agner) - mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO (Nathan Chancellor) - ARM: 8805/2: remove unneeded naked function usage (Nicolas Pitre) - net: lan78xx: Avoid unnecessary self assignment (Nathan Chancellor) - fuse: annotate lock in fuse_reverse_inval_entry() (Miklos Szeredi) - ARM: dts: imx6ull-pinfunc: Fix CSI_DATA07__ESAI_TX0 pad name (Fabio Estevam) - firmware: arm_scpi: Fix string overflow in SCPI genpd driver (Sudeep Holla) - net: systemport: Add global locking for descriptor lifecycle (Florian Fainelli) - libata: if T_LENGTH is zero, dma direction should be DMA_NONE (George Kennedy) - timekeeping: Really make sure wall_to_monotonic isn't positive (Yu Liao) - USB: serial: option: add Telit FN990 compositions (Daniele Palmas) - PCI/MSI: Mask MSI-X vectors only on success (Stefan Roese) - PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error (Thomas Gleixner) - USB: gadget: bRequestType is a bitfield, not a enum (Greg Kroah-Hartman) - sit: do not call ipip6_dev_free() from sit_init_net() (Eric Dumazet) - net/packet: rx_owner_map depends on pg_vec (Willem de Bruijn) - ixgbe: set X550 MDIO speed before talking to PHY (Cyril Novikov) - igbvf: fix double free in `igbvf_probe` (Letu Ren) - soc/tegra: fuse: Fix bitwise vs. logical OR warning (Nathan Chancellor) - dmaengine: st_fdma: fix MODULE_ALIAS (Alyssa Ross) - ARM: socfpga: dts: fix qspi node compatible (Dinh Nguyen) - x86/sme: Explicitly map new EFI memmap table as encrypted (Tom Lendacky) - nfsd: fix use-after-free due to delegation race (J. Bruce Fields) - audit: improve robustness of the audit queue handling (Paul Moore) - dm btree remove: fix use after free inrebalance_children() (Joe Thornber) - recordmcount.pl: look for jgnop instruction as well as bcrl on s390 (Jerome Marchand) - mac80211: send ADDBA requests using the tid/queue of the aggregation session (Felix Fietkau) - hwmon: (dell-smm) Fix warning on /proc/i8k creation error (Armin Wolf) - bpf: fix panic due to oob in bpf_prog_test_run_skb (Daniel Borkmann) - tracing: Fix a kmemleak false positive in tracing_map (Chen Jun) - net: netlink: af_netlink: Prevent empty skb by adding a check on len. (Harshit Mogalapalli) - i2c: rk3x: Handle a spurious start completion interrupt flag (Ondrej Jirman) - parisc/agp: Annotate parisc agp init functions with __init (Helge Deller) - net/mlx4_en: Update reported link modes for 1/10G (Erik Ekman) - drm/msm/dsi: set default num_data_lanes (Philip Chen) - nfc: fix segfault in nfc_genl_dump_devices_done (Tadeusz Struk) - Linux 4.14.258 (Greg Kroah-Hartman) - irqchip: nvic: Fix offset for Interrupt Priority Offsets (Vladimir Murzin) - irqchip/irq-gic-v3-its.c: Force synchronisation when issuing INVALL (Wudi Wang) - irqchip/armada-370-xp: Fix support for Multi-MSI interrupts (Pali Rohár) - irqchip/armada-370-xp: Fix return value of armada_370_xp_msi_alloc() (Pali Rohár) - iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove (Yang Yingliang) - iio: adc: axp20x_adc: fix charging current reporting on AXP22x (Evgeny Boger) - iio: dln2: Check return value of devm_iio_trigger_register() (Lars-Peter Clausen) - iio: dln2-adc: Fix lockdep complaint (Noralf Trønnes) - iio: itg3200: Call iio_trigger_notify_done() on error (Lars-Peter Clausen) - iio: kxsd9: Don't return error code in trigger handler (Lars-Peter Clausen) - iio: ltr501: Don't return error code in trigger handler (Lars-Peter Clausen) - iio: mma8452: Fix trigger reference couting (Lars-Peter Clausen) - iio: stk3310: Don't return error code in interrupt handler (Lars-Peter Clausen) - iio: trigger: stm32-timer: fix MODULE_ALIAS (Alyssa Ross) - iio: trigger: Fix reference counting(Lars-Peter Clausen) - usb: core: config: using bit mask instead of individual bits (Pavel Hofman) - xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime suspending (Kai-Heng Feng) - usb: core: config: fix validation of wMaxPacketValue entries (Pavel Hofman) - USB: gadget: zero allocate endpoint 0 buffers (Greg Kroah-Hartman) - USB: gadget: detect too-big endpoint 0 requests (Greg Kroah-Hartman) - net/qla3xxx: fix an error code in ql_adapter_up() (Dan Carpenter) - net, neigh: clear whole pneigh_entry at alloc time (Eric Dumazet) - net: fec: only clear interrupt of handling queue in fec_enet_rx_queue() (Joakim Zhang) - net: altera: set a couple error code in probe() (Dan Carpenter) - net: cdc_ncm: Allow for dwNtbOutMaxSize to be unset or zero (Lee Jones) - qede: validate non LSO skb length (Manish Chopra) - block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2) (Davidlohr Bueso) - signalfd: use wake_up_pollfree() (Eric Biggers) - binder: use wake_up_pollfree() (Eric Biggers) - wait: add wake_up_pollfree() (Eric Biggers) - libata: add horkage for ASMedia 1092 (Hannes Reinecke) - can: m_can: Disable and ignore ELO interrupt (Brian Silverman) - can: pch_can: pch_can_rx_normal: fix use after free (Vincent Mailhol) - tracefs: Have new files inherit the ownership of their parent (Steven Rostedt (VMware)) - ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*() (Takashi Iwai) - ALSA: pcm: oss: Limit the period size to 16MB (Takashi Iwai) - ALSA: pcm: oss: Fix negative period/buffer sizes (Takashi Iwai) - ALSA: ctl: Fix copy of updated id with element read/write (Alan Young) - mm: bdi: initialize bdi_min_ratio when bdi is unregistered (Manjong Lee) - IB/hfi1: Correct guard on eager buffer deallocation (Mike Marciniszyn) - seg6: fix the iif in the IPv6 socket control block (Andrea Mayer) - nfp: Fix memory leak in nfp_cpp_area_cache_add() (Jianglei Nie) - bpf: Fix the off-by-two error in range markings (Maxim Mikityanskiy) - nfc: fix potential NULL pointer deref innfc_genl_dump_ses_done (Krzysztof Kozlowski) - can: sja1000: fix use after free in ems_pcmcia_add_card() (Dan Carpenter) - HID: check for valid USB device for many HID drivers (Greg Kroah-Hartman) - HID: wacom: fix problems when device is not a valid USB device (Greg Kroah-Hartman) - HID: add USB_HID dependancy on some USB HID drivers (Greg Kroah-Hartman) - HID: add USB_HID dependancy to hid-chicony (Greg Kroah-Hartman) - HID: add USB_HID dependancy to hid-prodikeys (Greg Kroah-Hartman) - HID: add hid_is_usb() function to make it simpler for USB detection (Greg Kroah-Hartman) - Linux 4.14.257 (Greg Kroah-Hartman) {CVE-2021-38199} - parisc: Mark cr16 CPU clocksource unstable on all SMP machines (Helge Deller) - serial: core: fix transmit-buffer reset and memleak (Johan Hovold) - serial: pl011: Add ACPI SBSA UART match id (Pierre Gondois) - tty: serial: msm_serial: Deactivate RX DMA for polling support (Sven Eckelmann) - x86/64/mm: Map all kernel memory into trampoline_pgd (Joerg Roedel) - usb: typec: tcpm: Wait in SNK_DEBOUNCED until disconnect (Badhri Jagan Sridharan) - xhci: Fix commad ring abort, write all 64 bits to CRCR register. (Mathias Nyman) - vgacon: Propagate console boot parameters before calling `vc_resize' (Maciej W. Rozycki) - parisc: Fix "make install" on newer debian releases (Helge Deller) - parisc: Fix KBUILD_IMAGE for self-extracting kernel (Helge Deller) - net/smc: Keep smc_close_final rc during active close (Tony Lu) - net/rds: correct socket tunable error in rds_tcp_tune() (William Kucharski) - net: usb: lan78xx: lan78xx_phy_init(): use PHY_POLL instead of "0" if no IRQ is available (Sven Schuchmann) - net/mlx4_en: Fix an use-after-free bug in mlx4_en_try_alloc_resources() (Zhou Qingyang) - siphash: use _unaligned version by default (Arnd Bergmann) - net: mpls: Fix notifications when deleting a device (Benjamin Poirier) - net: qlogic: qlcnic: Fix a NULL pointer dereference in qlcnic_83xx_add_rings() (Zhou Qingyang) - natsemi: xtensa: fix section mismatch warnings(Randy Dunlap) - sata_fsl: fix warning in remove_proc_entry when rmmod sata_fsl (Baokun Li) - sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl (Baokun Li) - kprobes: Limit max data_size of the kretprobe instances (Masami Hiramatsu) - vrf: Reset IPCB/IP6CB when processing outbound pkts in vrf dev xmit (Stephen Suryaputra) - perf hist: Fix memory leak of a perf_hpp_fmt (Ian Rogers) - net: ethernet: dec: tulip: de4x5: fix possible array overflows in type3_infoblock() (Teng Qi) - net: tulip: de4x5: fix the problem that the array 'lp-> phy[8]' may be out of bound (zhangyue) - ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() (Teng Qi) - scsi: iscsi: Unblock session then wake up error handler (Mike Christie) - thermal: core: Reset previous low and high trip during thermal zone init (Manaf Meethalavalappu Pallikunhi) - btrfs: check-integrity: fix a warning on write caching disabled disk (Wang Yugui) - s390/setup: avoid using memblock_enforce_memory_limit (Vasily Gorbik) - platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3 deep (Slark Xiao) - net: return correct error code (liuguoqiang) - NFSv42: Fix pagecache invalidation after COPY/CLONE (Benjamin Coddington) - ipc: WARN if trying to remove ipc object which is absent (Alexander Mikhalitsyn) - shm: extend forced shm destroy to support objects from several IPC nses (Alexander Mikhalitsyn) - tty: hvc: replace BUG_ON() with negative return value (Juergen Gross) - xen: sync include/xen/interface/io/ring.h with Xen's newest version (Juergen Gross) - fuse: release pipe buf after last use (Miklos Szeredi) - NFC: add NCI_UNREG flag to eliminate the race (Lin Ma) - arm64: dts: marvell: armada-37xx: Set pcie_reset_pin to gpio function (Marek Behún) - arm64: dts: marvell: armada-37xx: declare PCIe reset pin (Miquel Raynal) - pinctrl: armada-37xx: Correct PWM pins definitions (Marek Behún) - pinctrl: armada-37xx: add missing pin: PCIe1 Wakeup (Gregory CLEMENT) - pinctrl:armada-37xx: Correct mpp definitions (Marek Behún) - PCI: aardvark: Fix checking for link up via LTSSM state (Pali Rohár) - PCI: aardvark: Fix link training (Pali Rohár) - PCI: aardvark: Fix PCIe Max Payload Size setting (Pali Rohár) - PCI: aardvark: Configure PCIe resources from 'ranges' DT property (Pali Rohár) - PCI: aardvark: Remove PCIe outbound window configuration (Evan Wang) - PCI: aardvark: Update comment about disabling link training (Pali Rohár) - PCI: aardvark: Move PCIe reset card code to advk_pcie_train_link() (Pali Rohár) - PCI: aardvark: Fix compilation on s390 (Pali Rohár) - PCI: aardvark: Don't touch PCIe registers if no card connected (Pali Rohár) - PCI: aardvark: Introduce an advk_pcie_valid_device() helper (Thomas Petazzoni) - PCI: aardvark: Indicate error in 'val' when config read fails (Pali Rohár) - PCI: aardvark: Replace custom macros by standard linux/pci_regs.h macros (Pali Rohár) - PCI: aardvark: Issue PERST via GPIO (Pali Rohár) - PCI: aardvark: Improve link training (Marek Behún) - PCI: aardvark: Train link immediately after enabling training (Pali Rohár) - PCI: aardvark: Wait for endpoint to be ready before training link (Remi Pommarel) - PCI: aardvark: Fix a leaked reference by adding missing of_node_put() (Wen Yang) - PCI: aardvark: Fix I/O space page leak (Sergei Shtylyov) - s390/mm: validate VMA in PGSTE manipulation functions (David Hildenbrand) - tracing: Check pid filtering when creating events (Steven Rostedt (VMware)) - vhost/vsock: fix incorrect used length reported to the guest (Stefano Garzarella) - net/smc: Don't call clcsock shutdown twice when smc shutdown (Tony Lu) - MIPS: use 3-level pgtable for 64KB page size on MIPS_VA_BITS_48 (Huang Pei) - tcp_cubic: fix spurious Hystart ACK train detections for not-cwnd-limited flows (Eric Dumazet) - net/smc: Ensure the active closing peer first closes clcsock (Tony Lu) - ipv6: fix typos in __ip6_finish_output() (Eric Dumazet) - drm/vc4: fix error code in vc4_create_object() (DanCarpenter) - scsi: mpt3sas: Fix kernel panic during drive powercycle test (Sreekanth Reddy) - ARM: socfpga: Fix crash with CONFIG_FORTIRY_SOURCE (Takashi Iwai) - NFSv42: Don't fail clone() unless the OP_CLONE operation failed (Trond Myklebust) - net: ieee802154: handle iftypes as u32 (Alexander Aring) - ASoC: topology: Add missing rwsem around snd_ctl_remove() calls (Takashi Iwai) - ARM: dts: BCM5301X: Add interrupt properties to GPIO node (Florian Fainelli) - ARM: dts: BCM5301X: Fix I2C controller interrupt (Florian Fainelli) - netfilter: ipvs: Fix reuse connection if RS weight is 0 (yangxingwu) - tracing: Fix pid filtering when triggers are attached (Steven Rostedt (VMware)) - xen: detect uninitialized xenbus in xenbus_init (Stefano Stabellini) - xen: don't continue xenstore initialization in case of errors (Stefano Stabellini) - fuse: fix page stealing (Miklos Szeredi) - staging: rtl8192e: Fix use after free in _rtl92e_pci_disconnect() (Dan Carpenter) - HID: wacom: Use "Confidence" flag to prevent reporting invalid contacts (Jason Gerecke) - media: cec: copy sequence field for the reply (Hans Verkuil) - ALSA: ctxfi: Fix out-of-range access (Takashi Iwai) - usb: hub: Fix locking issues with address0_mutex (Mathias Nyman) - usb: hub: Fix usb enumeration issue due to address0 race (Mathias Nyman) - USB: serial: option: add Fibocom FM101-GL variants (Mingjie Zhang) - USB: serial: option: add Telit LE910S1 0x9200 composition (Daniele Palmas) . Oracle Linux Cloud Native Environment Security Bulletin introduces critical enhancements and rpm revisions aimed at bolstering security measures.. Oracle Linux Cloud Native, Security Advisory, Kernel Update, Oracle Security Fixes. . Severity: Critical. LinuxSecurity.com Team
Apr 25, 2022
•Critical
Oracle
98
security advisoryRed Hataccess controlRed Hat OpenShift GitOps: RHSA-2022:1041-01 Important Fix Security Issue
An update is now available for Red Hat OpenShift GitOps 1.4 OpenShift GitOps v1.4.4 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat OpenShift GitOps security update Advisory ID: RHSA-2022:1041-01 Product: Red Hat OpenShift GitOps Advisory URL: https://access.redhat.com/errata/RHSA-2022:1041 Issue date: 2022-03-23 CVE Names: CVE-2021-3999 CVE-2021-23177 CVE-2021-31566 CVE-2021-45960 CVE-2021-46143 CVE-2022-0261 CVE-2022-0318 CVE-2022-0359 CVE-2022-0361 CVE-2022-0392 CVE-2022-0413 CVE-2022-1025 CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827 CVE-2022-23218 CVE-2022-23219 CVE-2022-23308 CVE-2022-23852 CVE-2022-24407 CVE-2022-24730 CVE-2022-24731 CVE-2022-25235 CVE-2022-25236 CVE-2022-25315 ==================================================================== 1. Summary: An update is now available for Red Hat OpenShift GitOps 1.4 OpenShift GitOps v1.4.4 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Description: Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Security Fix(es): * Openshift-Gitops: Improper access control allows admin privilege escalation (CVE-2022-1025) * argocd: path traversal and improper access control allows leaking out-of-bound files (CVE-2022-24730) *argocd: path traversal allows leaking out-of-bound files (CVE-2022-24731) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 3. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 4. Bugs fixed (https://bugzilla.redhat.com/): 2062751 - CVE-2022-24730 argocd: path traversal and improper access control allows leaking out-of-bound files 2062755 - CVE-2022-24731 argocd: path traversal allows leaking out-of-bound files 2064682 - CVE-2022-1025 Openshift-Gitops: Improper access control allows admin privilege escalation 5.References: https://access.redhat.com/security/cve/CVE-2021-3999 https://access.redhat.com/security/cve/CVE-2021-23177 https://access.redhat.com/security/cve/CVE-2021-31566 https://access.redhat.com/security/cve/CVE-2021-45960 https://access.redhat.com/security/cve/CVE-2021-46143 https://access.redhat.com/security/cve/CVE-2022-0261 https://access.redhat.com/security/cve/CVE-2022-0318 https://access.redhat.com/security/cve/CVE-2022-0359 https://access.redhat.com/security/cve/CVE-2022-0361 https://access.redhat.com/security/cve/CVE-2022-0392 https://access.redhat.com/security/cve/CVE-2022-0413 https://access.redhat.com/security/cve/CVE-2022-1025 https://access.redhat.com/security/cve/CVE-2022-22822 https://access.redhat.com/security/cve/CVE-2022-22823 https://access.redhat.com/security/cve/CVE-2022-22824 https://access.redhat.com/security/cve/CVE-2022-22825 https://access.redhat.com/security/cve/CVE-2022-22826 https://access.redhat.com/security/cve/CVE-2022-22827 https://access.redhat.com/security/cve/CVE-2022-23218 https://access.redhat.com/security/cve/CVE-2022-23219 https://access.redhat.com/security/cve/CVE-2022-23308 https://access.redhat.com/security/cve/CVE-2022-23852 https://access.redhat.com/security/cve/CVE-2022-24407 https://access.redhat.com/security/cve/CVE-2022-24730 https://access.redhat.com/security/cve/CVE-2022-24731 https://access.redhat.com/security/cve/CVE-2022-25235 https://access.redhat.com/security/cve/CVE-2022-25236 https://access.redhat.com/security/cve/CVE-2022-25315 https://access.redhat.com/security/updates/classification#important 6. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYjvl4NzjgjWX9erEAQjRzBAAgYdSY5r2cBqlMi2SWv6YDaQe4/tZUGbH RsaRaP5+Vg6dMxWwBBzrGkniQa/ObxM4isQZTxbI6hgt8hqhFNQSCfqUV9k7l/40 +PCQoYtMG+KXeOic0+iwQb4qLYPpcchGU/FrFqJLbLIz4UeZjZ4Aols2J4iHqcDS vhJiChwGAUUsjv45be7Got2iO2OYH/umt7R+92/6swUnIsoH2LBsJhiE1QoeCuL3 4cmy2AveprvmTqBDqBsfzNKhn3mSHoXFwaXBO3vNN2nUojso75/HVh8JiKrxDq9N YfSAwyS0V2zS+ZNr84RCi3RcIpnjwBeBU9jK/hS6Oa22p92qUeqD7XZWBU9dLihh coCApn9Uc5vCR0RwcEyEBkhrtyrAv4o35QZ9vNDEDw2QWblxM4dVRiZKEUmcVORR VCkozbbEEkQKF2uzExr4QhSlm//qvUt6ODFeIVRS2QQcSBby7hHTGFvIzxaqlrJy jz8UhYIwNyNnzkLkyszGRC9rfJ6ke8RdZtxUB+IpYvi0CO9NnIWn7v1f6Rv1s4Il 8P1BMPf+utbEwBniyMWEWG5fll3/a2LCwbPuO1oKKt91TGNpL3sKHYGbPpam4tks qAxULk8B8sBQ5hXJ16BtWMXmfpr+Ax5/16AcWF89UdCxAW5TJ4g+RIH7KnO0va1v jd/bgNGigkE=NMT0 -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Mar 23, 2022
•Important
Red Hat
217
security advisorykernel updatesecurity patchOracle Linux Cloud Native: ELSA-2021-9458 Important Security Update
The following updated rpms for Oracle Linux Cloud Native Environment 1.1 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Cloud Native Environment Security Advisory ELSA-2021-9458 https://linux.oracle.com/errata/ELSA-2021-9458.html The following updated rpms for Oracle Linux Cloud Native Environment 1.1 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-container-4.14.35-2047.507.7.5.el7.x86_64.rpm SRPMS: https://oss.oracle.com:443/ol7/SRPMS-updates/kernel-uek-container-4.14.35-2047.507.7.5.el7.src.rpm Related CVEs: CVE-2020-36322 CVE-2021-3564 CVE-2021-3573 CVE-2021-3655 CVE-2021-3679 CVE-2021-38160 CVE-2021-40490 Description of changes: [4.14.35-2047.507.7.5.el7] - Bluetooth: defer cleanup of resources in hci_unregister_dev() (Tetsuo Handa) [Orabug: 33369947] {CVE-2021-3573} - Bluetooth: use correct lock to prevent UAF of hdev object (Lin Ma) [Orabug: 33369947] - Bluetooth: fix the erroneous flush_work() order (Lin Ma) [Orabug: 33369947] {CVE-2021-3564} - ext4: fix race writing to an inline_data file while its xattrs are changing (Theodore Ts'o) [Orabug: 33369956] {CVE-2021-40490} - fuse: fix bad inode (Miklos Szeredi) [Orabug: 33369955] {CVE-2020-36322} - tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop. (Haoran Luo) [Orabug: 33369954] {CVE-2021-3679} - virtio_console: Assure used length from device is limited (Xie Yongji) [Orabug: 33369953] {CVE-2021-38160} - sctp: validate from_addr_param return (Marcelo Ricardo Leitner) [Orabug: 33369952] {CVE-2021-3655} _______________________________________________ El-errata mailing list
Sep 22, 2021
•Important
Oracle
217
security advisorykernel updatesecurity patchOracle Linux ELSA-2021-9453 Critical KVM Updates and Security Fix
The following updated rpms for Oracle Linux Cloud Native Environment 1.0 have been uploaded to the Unbreakable Linux Network . Oracle Linux Cloud Native Environment Security Advisory ELSA-2021-9453 https://linux.oracle.com/errata/ELSA-2021-9453.html The following updated rpms for Oracle Linux Cloud Native Environment 1.0 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-container-4.14.35-2047.507.7.4.el7.x86_64.rpm SRPMS: https://oss.oracle.com:443/ol7/SRPMS-updates/kernel-uek-container-4.14.35-2047.507.7.4.el7.src.rpm Related CVEs: CVE-2020-24586 CVE-2020-24587 CVE-2020-24588 CVE-2020-26147 CVE-2021-22543 CVE-2021-23134 CVE-2021-34693 CVE-2021-3609 CVE-2021-3612 CVE-2021-3653 CVE-2021-3656 Description of changes: [4.14.35-2047.507.7.4.el7] - KVM: x86: Check kvm_rebooting in kvm_spurious_fault() (Sean Christopherson) [Orabug: 33362693] [4.14.35-2047.507.7.3.el7] - arm64: Reserve elfcorehdr before scanning reserved memory from device tree (Dave Kleikamp) [Orabug: 33354710] [4.14.35-2047.507.7.2.el7] - net: geneve: modify IP header check in geneve6_xmit_skb and geneve_xmit_skb (Phillip Potter) [Orabug: 33337449] - ip: Manual backport of pskb_inet_may_pull() (Håkon Bugge) [Orabug: 33337449] - Revert "Revert "net: geneve: check skb is large enough for IPv4/IPv6 header"" (Håkon Bugge) [Orabug: 33337449] [4.14.35-2047.507.7.1.el7] - RDMA/cma: Revert INIT-INIT patch (Mike Marciniszyn) [Orabug: 33306519] - Revert "net: geneve: check skb is large enough for IPv4/IPv6 header" (Somasundaram Krishnasamy) [Orabug: 33323390] [4.14.35-2047.507.7.el7] - xen-acpi-processor: fix coordination type mismatch (Elena Ufimtseva) [Orabug: 33296813] - Revert "mm: memcontrol: eliminate raw access to stat and event counters" (Ritika Srivastava) [Orabug: 33254727] - Revert "mm: memcontrol: implement lruvec stat functions on top of each other" (Ritika Srivastava) [Orabug: 33254727] - KVM: do not allow mapping valid butnon-reference-counted pages (Nicholas Piggin) [Orabug: 33054089] {CVE-2021-22543} - ocfs2: issue zeroout to EOF blocks (Junxiao Bi) [Orabug: 32974988] - ocfs2: fix zero out valid data (Junxiao Bi) [Orabug: 32974988] [4.14.35-2047.507.6.el7] - xen-netback: do not kfree_skb() when irq is disabled (Dongli Zhang) [Orabug: 33277336] - rds: ib: Set SEND_SIGNALED on the last WR posted (Håkon Bugge) [Orabug: 33253068] - uek-rpm: update kABI lists for new symbols (Saeed Mirzamohammadi) [Orabug: 33246581] - scsi: lpfc: Fix crash due to port reset racing vs adapter error handling (James Smart) [Orabug: 33213341] - xfs: don't drain buffer lru on freeze and read-only remount (Brian Foster) [Orabug: 33141334] - xfs: rename xfs_wait_buftarg() to xfs_buftarg_drain() (Brian Foster) [Orabug: 33141334] - Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl (Alexander Larkin) [Orabug: 33114988] {CVE-2021-3612} - rds: fix statistics counters and check for memory leak (Hans Westgaard Ry) [Orabug: 31372381] - dsc-drivers: update for 1.15.9-C-32 (Shannon Nelson) [Orabug: 33281086] - dts/pensando: creating reserved dma memory pool for mnet devices (Neel Patel) [Orabug: 33281086] - pcie: rm pcie register access message (#256) (Brad Smith) [Orabug: 33281086] - drivers: updates for 1.15.9-C-28 (Shannon Nelson) [Orabug: 33281086] [4.14.35-2047.507.5.el7] - rds_rdma: add missing rds_ib_cm_handle_connect tracepoint (Alan Maguire) [Orabug: 33243560] - KVM: SVM: use vmsave/vmload for saving/restoring additional host state (Michael Roth) [Orabug: 33225761] - KVM: SVM: Use asm goto to handle unexpected #UD on SVM instructions (Sean Christopherson) [Orabug: 33225761] - kvm: svm/avic: Do not send AVIC doorbell to self (Suthikulpanit, Suravee) [Orabug: 33225761] - svm/avic: Fix invalidate logical APIC id entry (Suthikulpanit, Suravee) [Orabug: 33225761] - svm: Fix improper check when deactivate AVIC (Suthikulpanit, Suravee) [Orabug: 33225761] - svm: Fix AVIC DFR and LDR handling(Suthikulpanit, Suravee) [Orabug: 33225761] - scsi: qla2xxx: Add heartbeat check (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Use list_move_tail() instead of list_del()/list_add_tail() (Baokun Li) [Orabug: 33116624] - scsi: qla2xxx: Remove duplicate declarations (Shaokun Zhang) [Orabug: 33116624] - scsi: qla2xxx: Log PCI address in qla_nvme_unregister_remote_port() (Daniel Wagner) [Orabug: 33116624] - scsi: qla2xxx: Remove redundant assignment to rval (Jiapeng Chong) [Orabug: 33116624] - scsi: qla2xxx: Prevent PRLI in target mode (Anastasia Kovaleva) [Orabug: 33116624] - scsi: qla2xxx: Add marginal path handling support (Bikash Hazarika) [Orabug: 33116624] - scsi: qla2xxx: Reserve extra IRQ vectors (Roman Bolshakov) [Orabug: 33116624] - scsi: qla2xxx: Reuse existing error handling path (Christophe JAILLET) [Orabug: 33116624] - scsi: qla2xxx: Remove unneeded if-null-free check (Qiheng Lin) [Orabug: 33116624] - scsi: qla2xxx: Update version to 10.02.00.106-k (Nilesh Javali) [Orabug: 33116624] - scsi: qla2xxx: Update default AER debug mask (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Fix mailbox recovery during PCIe error (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Fix crash in PCIe error handling (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Fix RISC RESET completion polling (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Fix crash in qla2xxx_mqueuecommand() (Arun Easi) [Orabug: 33116624] - scsi: qla2xxx: Consolidate zio threshold setting for both FCP & NVMe (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Add H:C:T info in the log message for fc ports (Arun Easi) [Orabug: 33116624] - scsi: qla2xxx: Fix IOPS drop seen in some adapters (Arun Easi) [Orabug: 33116624] - scsi: qla2xxx: Check kzalloc() return value (Bart Van Assche) [Orabug: 33116624] - scsi: qla2xxx: Simplify qla8044_minidump_process_control() (Bart Van Assche) [Orabug: 33116624] - scsi: qla2xxx: Suppress Coverity complaints about dseg_r* (Bart Van Assche) [Orabug: 33116624] - scsi:qla2xxx: Constify struct qla_tgt_func_tmpl (Bart Van Assche) [Orabug: 33116624] - scsi: qla2xxx: Use dma_pool_zalloc() (Wang Qing) [Orabug: 33116624] - scsi: qla2xxx: Fix a couple of misdocumented functions (Lee Jones) [Orabug: 33116624] - scsi: qla2xxx: Fix incorrectly named function qla8044_check_temp() (Lee Jones) [Orabug: 33116624] - scsi: qla2xxx: Fix a couple of misnamed functions (Lee Jones) [Orabug: 33116624] - scsi: qla2xxx: Fix some incorrect formatting/spelling issues (Lee Jones) [Orabug: 33116624] - scsi: qla2xxx: Replace __qla2x00_marker()'s missing underscores (Lee Jones) [Orabug: 33116624] - scsi: qla2xxx: Simplify if statement (Jiapeng Chong) [Orabug: 33116624] - scsi: qla2xxx: Simplify the calculation of variables (Jiapeng Zhong) [Orabug: 33116624] - scsi: qla2xxx: Fix some memory corruption (Dan Carpenter) [Orabug: 33116624] - scsi: qla2xxx: Remove redundant NULL check (Yang Li) [Orabug: 33116624] - scsi: qla2xxx: Remove unnecessary NULL check (Dan Carpenter) [Orabug: 33116624] - scsi: qla2xxx: Assign boolean values to a bool variable (Jiapeng Zhong) [Orabug: 33116624] - scsi: qla2xxx: fc_remote_port_chkready() returns a SCSI result value (Hannes Reinecke) [Orabug: 33116624] - scsi: qla2xxx: Fix description for parameter ql2xenforce_iocb_limit (Enzo Matsumiya) [Orabug: 33116624] - scsi: qla2xxx: Update version to 10.02.00.105-k (Nilesh Javali) [Orabug: 33116624] - scsi: qla2xxx: Enable NVMe CONF (BIT_7) when enabling SLER (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Fix mailbox Ch erroneous error (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Wait for ABTS response on I/O timeouts for NVMe (Bikash Hazarika) [Orabug: 33116624] - scsi: qla2xxx: Move some messages from debug to normal log level (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Add error counters to debugfs node (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Implementation to get and manage host, target stats and initiator port (Saurav Kashyap) [Orabug: 33116624] -scsi: qla2xxx: Update version to 10.02.00.104-k (Nilesh Javali) [Orabug: 33116624] - scsi: qla2xxx: Fix device loss on 4G and older HBAs (Arun Easi) [Orabug: 33116624] - scsi: qla2xxx: If fcport is undergoing deletion complete I/O with retry (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Fix the call trace for flush workqueue (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Fix flash update in 28XX adapters on big endian machines (Arun Easi) [Orabug: 33116624] - scsi: qla2xxx: Handle aborts correctly for port undergoing deletion (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Fix N2N and NVMe connect retry failure (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Fix FW initialization error on big endian machines (Arun Easi) [Orabug: 33116624] - scsi: qla2xxx: Fix compilation issue in PPC systems (Arun Easi) [Orabug: 33116624] - scsi: qla2xxx: Don't check for fw_started while posting NVMe command (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Tear down session if FW say it is down (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Limit interrupt vectors to number of CPUs (Quinn Tran) [Orabug: 33116624] - scsi: qla2xxx: Change post del message from debug level to log level (Saurav Kashyap) [Orabug: 33116624] - scsi: qla2xxx: Remove trailing semicolon in macro definition (Tom Rix) [Orabug: 33116624] - scsi: qla2xxx: Remove in_interrupt() from qla83xx-specific code (Ahmed S. Darwish) [Orabug: 33116624] - scsi: target: tcm_qla2xxx: Remove BUG_ON(in_interrupt()) (Ahmed S. Darwish) [Orabug: 33116624] - scsi: qla2xxx: Remove in_interrupt() from qla82xx-specific code (Ahmed S. Darwish) [Orabug: 33116624] - scsi: Remove unneeded break statements (Tom Rix) [Orabug: 33116624] - scsi: scsi_transport_fc: Add store capability to rport port_state in sysfs (Muneendra Kumar) [Orabug: 33116624] - scsi: scsi_transport_fc: Add a new rport state FC_PORTSTATE_MARGINAL (Muneendra Kumar) [Orabug: 33116624] - scsi: core: No retries on abort success (Muneendra Kumar) [Orabug:33116624] - scsi: core: Add a new error code DID_TRANSPORT_MARGINAL in scsi.h (Muneendra Kumar) [Orabug: 33116624] [4.14.35-2047.507.4.el7] - drivers: updated for 1.15.9.26 (Shannon Nelson) [Orabug: 33235357] - XFS: code enhancement to help debug (Wengang Wang) [Orabug: 33186644] - KVM: nSVM: always intercept VMLOAD/VMSAVE when nested (Maxim Levitsky) [Orabug: 33234941] {CVE-2021-3656} - KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (Maxim Levitsky) [Orabug: 33234967] {CVE-2021-3653} [4.14.35-2047.507.3.el7] - drivers: updates for 1.15.9.21 (Shannon Nelson) [Orabug: 33220300] - Revert "rds/ib: reap tx completions during connection shutdown" (Manjunath Patil) [Orabug: 33220435] - Revert "rds/ib: handle posted ACK during connection shutdown" (Manjunath Patil) [Orabug: 33220435] - Revert "rds/ib: recover rds connection from interrupt loss scenario" (Manjunath Patil) [Orabug: 33220435] - Revert "rds/ib: move rds_ib_clear_irq_miss() to .h file" (Manjunath Patil) [Orabug: 33220435] - NFS: Don't call generic_error_remove_page() while holding locks (Trond Myklebust) [Orabug: 33213898] - ip6_gre: proper dev_{hold|put} in ndo_[un]init methods (aloktiw) [Orabug: 33179252] - ifb: fix packets checksum (Jon Maxwell) [Orabug: 33145562] - Linux 4.14.239 (Greg Kroah-Hartman) - xen/events: reset active flag for lateeoi events later (Juergen Gross) - kthread: prevent deadlock when kthread_mod_delayed_work() races with kthread_cancel_delayed_work_sync() (Petr Mladek) - kthread_worker: split code for canceling the delayed work timer (Petr Mladek) - kfifo: DECLARE_KIFO_PTR(fifo, u64) does not work on arm 32 bit (Sean Young) - drm/nouveau: fix dma_address check for CPU/GPU sync (Christian König) - scsi: sr: Return appropriate error code when disk is ejected (ManYi Li) - mm/thp: another PVMW_SYNC fix in page_vma_mapped_walk() (Hugh Dickins) - mm/thp: fix page_vma_mapped_walk() if THP mapped by ptes (Hugh Dickins) - mm: page_vma_mapped_walk(): get vma_address_end() earlier(Hugh Dickins) - mm: page_vma_mapped_walk(): use goto instead of while (1) (Hugh Dickins) - mm: page_vma_mapped_walk(): add a level of indentation (Hugh Dickins) - mm: page_vma_mapped_walk(): crossing page table boundary (Hugh Dickins) - mm: page_vma_mapped_walk(): prettify PVMW_MIGRATION block (Hugh Dickins) - mm: page_vma_mapped_walk(): use pmde for *pvmw-> pmd (Hugh Dickins) - mm: page_vma_mapped_walk(): settle PageHuge on entry (Hugh Dickins) - mm: page_vma_mapped_walk(): use page for pvmw-> page (Hugh Dickins) - mm: thp: replace DEBUG_VM BUG with VM_WARN when unmap fails for split (Yang Shi) - mm/thp: fix page_address_in_vma() on file THP tails (Jue Wang) - mm/thp: fix vma_address() if virtual address below file offset (Hugh Dickins) - mm/thp: try_to_unmap() use TTU_SYNC for safe splitting (Hugh Dickins) - mm/rmap: use page_not_mapped in try_to_unmap() (Miaohe Lin) - mm/rmap: remove unneeded semicolon in page_not_mapped() (Miaohe Lin) - mm: add VM_WARN_ON_ONCE_PAGE() macro (Alex Shi) - include/linux/mmdebug.h: make VM_WARN* non-rvals (Michal Hocko) [4.14.35-2047.507.2.el7] - uek-rpm: mark /etc/ld.so.conf.d/ files as %config (Stephen Brennan) [Orabug: 33186981] - rds: Congestion tracepoints should be enabled by default (Greg Jumper) [Orabug: 33145670] - Linux 4.14.238 (Sasha Levin) - i2c: robotfuzz-osif: fix control-request directions (Johan Hovold) - nilfs2: fix memory leak in nilfs_sysfs_delete_device_group (Pavel Skripkin) - pinctrl: stm32: fix the reported number of GPIO lines per bank (Fabien Dessenne) - net: ll_temac: Avoid ndo_start_xmit returning NETDEV_TX_BUSY (Esben Haabendal) - net: qed: Fix memcpy() overflow of qed_dcbx_params() (Kees Cook) - r8169: Avoid memcpy() over-reading of ETH_SS_STATS (Kees Cook) - sh_eth: Avoid memcpy() over-reading of ETH_SS_STATS (Kees Cook) - r8152: Avoid memcpy() over-reading of ETH_SS_STATS (Kees Cook) - net/packet: annotate accesses to po-> ifindex (Eric Dumazet) - net/packet: annotate accesses to po-> bind (Eric Dumazet) - net:caif: fix memory leak in ldisc_open (Pavel Skripkin) - inet: annotate date races around sk-> sk_txhash (Eric Dumazet) - ping: Check return value of function 'ping_queue_rcv_skb' (Zheng Yongjun) - mac80211: drop multicast fragments (Johannes Berg) - cfg80211: call cfg80211_leave_ocb when switching away from OCB (Du Cheng) - mac80211: remove warning in ieee80211_get_sband() (Johannes Berg) - Revert "PCI: PM: Do not read power state in pci_enable_device_flags()" (Rafael J. Wysocki) - arm64: perf: Disable PMU while processing counter overflows (Suzuki K Poulose) - MIPS: generic: Update node names to avoid unit addresses (Nathan Chancellor) - Makefile: Move -Wno-unused-but-set-variable out of GCC only block (Nathan Chancellor) - ARM: 9081/1: fix gcc-10 thumb2-kernel regression (Arnd Bergmann) - drm/radeon: wait for moving fence after pinning (Christian König) - drm/nouveau: wait for moving fence after pinning v2 (Christian König) - x86/fpu: Reset state for all signal restore failures (Thomas Gleixner) - unfuck sysfs_mount() (Al Viro) - kernfs: deal with kernfs_fill_super() failures (Al Viro) - usb: dwc3: core: fix kernel panic when do reboot (Peter Chen) - inet: use bigger hash table for IP ID generation (Eric Dumazet) - can: bcm/raw/isotp: use per module netdevice notifier (Tetsuo Handa) - net: fec_ptp: add clock rate zero check (Fugang Duan) - mm/slub.c: include swab.h (Andrew Morton) - net: bridge: fix vlan tunnel dst refcnt when egressing (Nikolay Aleksandrov) - net: bridge: fix vlan tunnel dst null pointer dereference (Nikolay Aleksandrov) - dmaengine: pl330: fix wrong usage of spinlock flags in dma_cyclc (Bumyong Lee) - ARCv2: save ABI registers across signal handling (Vineet Gupta) - PCI: Work around Huawei Intelligent NIC VF FLR erratum (Chiqijun) - PCI: Add ACS quirk for Broadcom BCM57414 NIC (Sriharsha Basavapatna) - PCI: Mark some NVIDIA GPUs to avoid bus reset (Shanker Donthineni) - PCI: Mark TI C667X to avoid bus reset (Antti Järvinen) - tracing: Do no incrementtrace_clock_global() by one (Steven Rostedt (VMware)) - tracing: Do not stop recording comms if the trace file is being read (Steven Rostedt (VMware)) - tracing: Do not stop recording cmdlines when tracing is off (Steven Rostedt (VMware)) - usb: core: hub: Disable autosuspend for Cypress CY7C65632 (Andrew Lunn) - can: mcba_usb: fix memory leak in mcba_usb (Pavel Skripkin) - hwmon: (scpi-hwmon) shows the negative temperature properly (Riwen Lu) - radeon: use memcpy_to/fromio for UVD fw upload (Chen Li) - net: ethernet: fix potential use-after-free in ec_bhf_remove (Pavel Skripkin) - icmp: don't send out ICMP messages with a source address of 0.0.0.0 (Toke Høiland-Jørgensen) - net: cdc_eem: fix tx fixup skb leak (Linyu Yuan) - net: hamradio: fix memory leak in mkiss_close (Pavel Skripkin) - be2net: Fix an error handling path in 'be_probe()' (Christophe JAILLET) - net/af_unix: fix a data-race in unix_dgram_sendmsg / unix_release_sock (Eric Dumazet) - net: ipv4: fix memory leak in ip_mc_add1_src (Chengyang Fan) - net: usb: fix possible use-after-free in smsc75xx_bind (Dongliang Mu) - net: cdc_ncm: switch to eth%d interface naming (Maciej Żenczykowski) - netxen_nic: Fix an error handling path in 'netxen_nic_probe()' (Christophe JAILLET) - qlcnic: Fix an error handling path in 'qlcnic_probe()' (Christophe JAILLET) - net: stmmac: dwmac1000: Fix extended MAC address registers definition (Jisheng Zhang) - alx: Fix an error handling path in 'alx_probe()' (Christophe JAILLET) - netfilter: synproxy: Fix out of bounds when parsing TCP options (Maxim Mikityanskiy) - rtnetlink: Fix regression in bridge VLAN configuration (Ido Schimmel) - udp: fix race between close() and udp_abort() (Paolo Abeni) - net: rds: fix memory leak in rds_recvmsg (Pavel Skripkin) - net: ipv4: fix memory leak in netlbl_cipsov4_add_std (Nanyong Sun) - batman-adv: Avoid WARN_ON timing related checks (Sven Eckelmann) - mm/memory-failure: make sure wait for page writeback in memory_failure (yangerkun) - dmaengine: stedma40:add missing iounmap() on error in d40_probe() (Yang Yingliang) - dmaengine: QCOM_HIDMA_MGMT depends on HAS_IOMEM (Randy Dunlap) - dmaengine: ALTERA_MSGDMA depends on HAS_IOMEM (Randy Dunlap) - fib: Return the correct errno code (Zheng Yongjun) - net: Return the correct errno code (Zheng Yongjun) - net/x25: Return the correct errno code (Zheng Yongjun) - rtnetlink: Fix missing error code in rtnl_bridge_notify() (Jiapeng Chong) - net: ipconfig: Don't override command-line hostnames or domains (Josh Triplett) - nvme-loop: check for NVME_LOOP_Q_LIVE in nvme_loop_destroy_admin_queue() (Hannes Reinecke) - nvme-loop: clear NVME_LOOP_Q_LIVE when nvme_loop_configure_admin_queue() fails (Hannes Reinecke) - nvme-loop: reset queue count to 1 in nvme_loop_destroy_io_queues() (Hannes Reinecke) - ethernet: myri10ge: Fix missing error code in myri10ge_probe() (Jiapeng Chong) - scsi: target: core: Fix warning on realtime kernels (Maurizio Lombardi) - gfs2: Fix use-after-free in gfs2_glock_shrink_scan (Hillf Danton) - HID: gt683r: add missing MODULE_DEVICE_TABLE (Bixuan Cui) - ARM: OMAP2+: Fix build warning when mmc_omap is not built (Yongqiang Liu) - HID: usbhid: fix info leak in hid_submit_ctrl (Anirudh Rayabharam) - HID: Add BUS_VIRTUAL to hid_connect logging (Mark Bolhuis) - HID: hid-sensor-hub: Return error for hid_set_field() failure (Srinivas Pandruvada) - net: ieee802154: fix null deref in parse dev addr (Dan Robertson) - Linux 4.14.237 (Greg Kroah-Hartman) - proc: only require mm_struct for writing (Linus Torvalds) - tracing: Correct the length check which causes memory corruption (Liangyan) - ftrace: Do not blindly read the ip address in ftrace_bug() (Steven Rostedt (VMware)) - scsi: core: Only put parent device if host state differs from SHOST_CREATED (Ming Lei) - scsi: core: Put .shost_dev in failure path if host state changes to RUNNING (Ming Lei) - scsi: core: Fix error handling of scsi_host_alloc() (Ming Lei) - NFS: Fix use-after-free in nfs4_init_client() (Anna Schumaker) - kvm: fixprevious commit for 32-bit builds (Paolo Bonzini) - perf session: Correct buffer copying when peeking events (Leo Yan) - NFS: Fix a potential NULL dereference in nfs_get_client() (Dan Carpenter) - perf: Fix data race between pin_count increment/decrement (Marco Elver) - regulator: max77620: Use device_set_of_node_from_dev() (Dmitry Osipenko) - regulator: core: resolve supply for boot-on/always-on regulators (Dmitry Baryshkov) - usb: fix various gadget panics on 10gbps cabling (Maciej Żenczykowski) - usb: fix various gadgets null ptr deref on 10gbps cabling. (Maciej Żenczykowski) - usb: gadget: eem: fix wrong eem header operation (Linyu Yuan) - USB: serial: quatech2: fix control-request directions (Johan Hovold) - USB: serial: omninet: add device id for Zyxel Omni 56K Plus (Alexandre GRIVEAUX) - USB: serial: ftdi_sio: add NovaTech OrionMX product ID (George McCollister) - usb: gadget: f_fs: Ensure io_completion_wq is idle during unbind (Wesley Cheng) - usb: typec: ucsi: Clear PPM capability data in ucsi_init() error path (Mayank Rana) - usb: dwc3: ep0: fix NULL pointer exception (Marian-Cristian Rotariu) - USB: f_ncm: ncm_bitrate (speed) is unsigned (Maciej Żenczykowski) - cgroup1: don't allow '\n' in renaming (Alexander Kuznetsov) - btrfs: return value from btrfs_mark_extent_written() in case of error (Ritesh Harjani) - staging: rtl8723bs: Fix uninitialized variables (Wenli Looi) - kvm: avoid speculation-based attacks from out-of-range memslot accesses (Paolo Bonzini) - drm: Lock pointer access in drm_master_release() (Desmond Cheong Zhi Xi) - drm: Fix use-after-free read in drm_getunique() (Desmond Cheong Zhi Xi) - i2c: mpc: implement erratum A-004447 workaround (Chris Packham) - i2c: mpc: Make use of i2c_recover_bus() (Chris Packham) - powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P1010 i2c controllers (Chris Packham) - powerpc/fsl: set fsl,i2c-erratum-a004447 flag for P2041 i2c controllers (Chris Packham) - bnx2x: Fix missing error code in bnx2x_iov_init_one() (JiapengChong) - MIPS: Fix kernel hang under FUNCTION_GRAPH_TRACER and PREEMPT_TRACER (Tiezhu Yang) - net: appletalk: cops: Fix data race in cops_probe1 (Saubhik Mukherjee) - net: macb: ensure the device is available before accessing GEMGXL control registers (Zong Li) - scsi: target: qla2xxx: Wait for stop_phase1 at WWN removal (Dmitry Bogdanov) - scsi: vmw_pvscsi: Set correct residual data length (Matt Wang) - net/qla3xxx: fix schedule while atomic in ql_sem_spinlock (Zheyu Ma) - wq: handle VM suspension in stall detection (Sergey Senozhatsky) - cgroup: disable controllers at parse time (Shakeel Butt) - net: mdiobus: get rid of a BUG_ON() (Dan Carpenter) - netlink: disable IRQs for netlink_lock_table() (Johannes Berg) - bonding: init notify_work earlier to avoid uninitialized use (Johannes Berg) - isdn: mISDN: netjet: Fix crash in nj_probe: (Zheyu Ma) - ASoC: sti-sas: add missing MODULE_DEVICE_TABLE (Zou Wei) - net/nfc/rawsock.c: fix a permission check bug (Jeimon) - proc: Track /proc/$pid/attr/ opener mm_struct (Kees Cook) - rds/ib: quarantine STALE mr before dereg (Manjunath Patil) [Orabug: 33150437] - rds/ib: avoid dereg of mr in frwr_clean (Manjunath Patil) [Orabug: 33150414] - rds/ib: update mr incarnation after forming inv wr (Manjunath Patil) [Orabug: 33177350] - can: bcm: delay release of struct bcm_op after synchronize_rcu() (Thadeu Lima de Souza Cascardo) [Orabug: 33114648] {CVE-2021-3609} [4.14.35-2047.507.1.el7] - can: bcm: fix infoleak in struct bcm_msg_head (Norbert Slusarek) [Orabug: 33030700] {CVE-2021-34693} - Linux 4.14.236 (Greg Kroah-Hartman) - xen-pciback: redo VF placement in the virtual topology (Jan Beulich) - sched/fair: Optimize select_idle_cpu (Cheng Jian) - KVM: SVM: Truncate GPR value for DR and CR accesses in !64-bit mode (Sean Christopherson) - bpf: No need to simulate speculative domain for immediates (Daniel Borkmann) - bpf: Fix mask direction swap upon off reg sign change (Daniel Borkmann) - bpf: Wrap aux data inside bpf_sanitize_info container(Daniel Borkmann) - bpf: Fix leakage of uninitialized bpf stack under speculation (Daniel Borkmann) - selftests/bpf: make 'dubious pointer arithmetic' test useful (Alexei Starovoitov) - selftests/bpf: fix test_align (Alexei Starovoitov) - bpf/verifier: disallow pointer subtraction (Alexei Starovoitov) - bpf: Update selftests to reflect new error states (Daniel Borkmann) - bpf: Tighten speculative pointer arithmetic mask (Daniel Borkmann) - bpf: Move sanitize_val_alu out of op switch (Daniel Borkmann) - bpf: Refactor and streamline bounds check into helper (Daniel Borkmann) - bpf: Improve verifier error messages for users (Daniel Borkmann) - bpf: Rework ptr_limit into alu_limit and add common error path (Daniel Borkmann) - bpf: Ensure off_reg has no mixed signed bounds for all types (Daniel Borkmann) - bpf: Move off_reg into sanitize_ptr_alu (Daniel Borkmann) - bpf, selftests: Fix up some test_verifier cases for unprivileged (Piotr Krysiuk) - mm, hugetlb: fix simple resv_huge_pages underflow on UFFDIO_COPY (Mina Almasry) - btrfs: fixup error handling in fixup_inode_link_counts (Josef Bacik) - btrfs: fix error handling in btrfs_del_csums (Josef Bacik) - nfc: fix NULL ptr dereference in llcp_sock_getname() after failed connect (Krzysztof Kozlowski) - ocfs2: fix data corruption by fallocate (Junxiao Bi) - pid: take a reference when initializing `cad_pid` (Mark Rutland) - ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed (Ye Bin) - ALSA: timer: Fix master timer notification (Takashi Iwai) - net: caif: fix memory leak in cfusbl_device_notify (Pavel Skripkin) - net: caif: fix memory leak in caif_device_notify (Pavel Skripkin) - net: caif: add proper error handling (Pavel Skripkin) - net: caif: added cfserl_release function (Pavel Skripkin) - ieee802154: fix error return code in ieee802154_llsec_getparams() (Wei Yongjun) - ieee802154: fix error return code in ieee802154_add_iface() (Zhen Lei) - netfilter: nfnetlink_cthelper: hit EBUSY on updates if size mismatches (PabloNeira Ayuso) - HID: i2c-hid: fix format string mismatch (Arnd Bergmann) - HID: pidff: fix error return code in hid_pidff_init() (Zhen Lei) - ipvs: ignore IP_VS_SVC_F_HASHED flag when adding service (Julian Anastasov) - vfio/platform: fix module_put call in error flow (Max Gurtovoy) - vfio/pci: zap_vma_ptes() needs MMU (Randy Dunlap) - vfio/pci: Fix error return code in vfio_ecap_init() (Zhen Lei) - efi: cper: fix snprintf() use in cper_dimm_err_location() (Rasmus Villemoes) - efi: Allow EFI_MEMORY_XP and EFI_MEMORY_RO both to be cleared (Heiner Kallweit) - net: usb: cdc_ncm: don't spew notifications (Grant Grundler) - Linux 4.14.235 (Greg Kroah-Hartman) - usb: core: reduce power-on-good delay time of root hub (Chunfeng Yun) - drivers/net/ethernet: clean up unused assignments (Jesse Brandeburg) - hugetlbfs: hugetlb_fault_mutex_hash() cleanup (Mike Kravetz) - MIPS: ralink: export rt_sysc_membase for rt2880_wdt.c (Randy Dunlap) - MIPS: alchemy: xxs1500: add gpio-au1000.h header file (Randy Dunlap) - sch_dsmark: fix a NULL deref in qdisc_reset() (Taehee Yoo) - ipv6: record frag_max_size in atomic fragments in input path (Francesco Ruggeri) - scsi: libsas: Use _safe() loop in sas_resume_port() (Dan Carpenter) - ixgbe: fix large MTU request from VF (Jesse Brandeburg) - bpf: Set mac_len in bpf_skb_change_head (Jussi Maki) - ASoC: cs35l33: fix an error code in probe() (Dan Carpenter) - staging: emxx_udc: fix loop in _nbu2ss_nuke() (Dan Carpenter) - mld: fix panic in mld_newpack() (Taehee Yoo) - net: bnx2: Fix error return code in bnx2_init_board() (Zhen Lei) - net: mdio: octeon: Fix some double free issues (Christophe JAILLET) - net: mdio: thunder: Fix a double free issue in the .remove function (Christophe JAILLET) - net: netcp: Fix an error message (Christophe JAILLET) - drm/amdgpu: Fix a use-after-free (xinhui pan) - SMB3: incorrect file id in requests compounded with open (Steve French) - platform/x86: intel_punit_ipc: Append MODULE_DEVICE_TABLE for ACPI (Andy Shevchenko) -platform/x86: hp-wireless: add AMD's hardware id to the supported list (Shyam Sundar S K) - btrfs: do not BUG_ON in link_to_fixup_dir (Josef Bacik) - openrisc: Define memory barrier mb (Peter Zijlstra) - scsi: BusLogic: Fix 64-bit system enumeration error for Buslogic (Matt Wang) - media: gspca: properly check for errors in po1030_probe() (Greg Kroah-Hartman) - media: dvb: Add check on sp8870_readreg return (Alaa Emad) - libertas: register sysfs groups properly (Greg Kroah-Hartman) - dmaengine: qcom_hidma: comment platform_driver_register call (Phillip Potter) - isdn: mISDNinfineon: check/cleanup ioremap failure correctly in setup_io (Phillip Potter) - char: hpet: add checks after calling ioremap (Tom Seewald) - net: caif: remove BUG_ON(dev == NULL) in caif_xmit (Du Cheng) - net: fujitsu: fix potential null-ptr-deref (Anirudh Rayabharam) - serial: max310x: unregister uart driver in case of failure and abort (Atul Gopinathan) - platform/x86: hp_accel: Avoid invoking _INI to speed up resume (Kai-Heng Feng) - perf jevents: Fix getting maximum number of fds (Felix Fietkau) - i2c: i801: Don't generate an interrupt on bus reset (Jean Delvare) - i2c: s3c2410: fix possible NULL pointer deref on read message after write (Krzysztof Kozlowski) - tipc: skb_linearize the head skb when reassembling msgs (Xin Long) - Revert "net:tipc: Fix a double free in tipc_sk_mcast_rcv" (Hoang Le) - drm/meson: fix shutdown crash when component not probed (Neil Armstrong) - NFSv4: Fix v4.0/v4.1 SEEK_DATA return -ENOTSUPP when set NFS_V4_2 config (Zhang Xiaoxu) - NFS: Don't corrupt the value of pg_bytes_written in nfs_do_recoalesce() (Trond Myklebust) - NFS: fix an incorrect limit in filelayout_decode_layout() (Dan Carpenter) - Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails (Thadeu Lima de Souza Cascardo) - net: usb: fix memory leak in smsc75xx_bind (Pavel Skripkin) - usb: gadget: udc: renesas_usb3: Fix a race in usb3_start_pipen() (Yoshihiro Shimoda) - USB: serial: pl2303: add device id for ADLINKND-6530 GC (Zolton Jheng) - USB: serial: ftdi_sio: add IDs for IDS GmbH Products (Dominik Andreas Schorpp) - USB: serial: option: add Telit LE910-S1 compositions 0x7010, 0x7011 (Daniele Palmas) - USB: serial: ti_usb_3410_5052: add startech.com device id (Sean MacLennan) - serial: rp2: use 'request_firmware' instead of 'request_firmware_nowait' (Zheyu Ma) - serial: sh-sci: Fix off-by-one error in FIFO threshold register setting (Geert Uytterhoeven) - USB: trancevibrator: fix control-request direction (Johan Hovold) - iio: adc: ad7793: Add missing error code in ad7793_setup() (YueHaibing) - staging: iio: cdc: ad7746: avoid overwrite of num_channels (Lucas Stankus) - mei: request autosuspend after sending rx flow control (Alexander Usyskin) - thunderbolt: dma_port: Fix NVM read buffer bounds and offset issue (Mathias Nyman) - misc/uss720: fix memory leak in uss720_probe (Dongliang Mu) - kgdb: fix gcc-11 warnings harder (Greg Kroah-Hartman) - dm snapshot: properly fix a crash when an origin has no snapshots (Mikulas Patocka) - ath10k: Validate first subframe of A-MSDU before processing the list (Sriram R) - mac80211: extend protection against mixed key and fragment cache attacks (Wen Gong) {CVE-2020-24586} {CVE-2020-24587} - mac80211: do not accept/forward invalid EAPOL frames (Johannes Berg) - mac80211: prevent attacks on TKIP/WEP as well (Johannes Berg) - mac80211: check defrag PN against current frame (Johannes Berg) - mac80211: add fragment cache to sta_info (Johannes Berg) - mac80211: drop A-MSDUs on old ciphers (Johannes Berg) {CVE-2020-24588} - cfg80211: mitigate A-MSDU aggregation attacks (Mathy Vanhoef) {CVE-2020-24588} - mac80211: properly handle A-MSDUs that start with an RFC 1042 header (Mathy Vanhoef) - mac80211: prevent mixed key and fragment cache attacks (Mathy Vanhoef) {CVE-2020-24586} {CVE-2020-24587} - mac80211: assure all fragments are encrypted (Mathy Vanhoef) {CVE-2020-26147} - net: hso: fix control-request directions (Johan Hovold) - proc: Check/proc/$pid/attr/ writes against file opener (Kees Cook) - perf intel-pt: Fix transaction abort handling (Adrian Hunter) - perf intel-pt: Fix sample instruction bytes (Adrian Hunter) - iommu/vt-d: Fix sysfs leak in alloc_iommu() (Rolf Eike Beer) - NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return() (Anna Schumaker) - NFC: nci: fix memory leak in nci_allocate_device (Dongliang Mu) - usb: dwc3: gadget: Enable suspend events (Jack Pham) - scripts: switch explicitly to Python 3 (Andy Shevchenko) - tweewide: Fix most Shebang lines (Finn Behrens) - A/A Bonding: dev_hold/put() the delayed GARP work handler's netdev in rdmaip (Sharath Srinivasan) [Orabug: 33161269] - Revert "capmem: Mark the pages as non-readonly+dirty." (Dave Kleikamp) [Orabug: 33155665] - ionic: clean interrupt before enabling queue to avoid credit race (Shannon Nelson) [Orabug: 33155665] - scsi: core: Retry I/O for Notify (Enable Spinup) Required error (Quat Le) [Orabug: 33165871] - Revert "x86/reboot: Force all cpus to exit VMX root if VMX is supported" (Somasundaram Krishnasamy) [Orabug: 33156450] [4.14.35-2047.507.0.el7] - rds: ib: Increase entropy of RDMA IOVAs (Håkon Bugge) [Orabug: 33104574] - Linux 4.14.234 (Greg Kroah-Hartman) - Bluetooth: SMP: Fail if remote and local public keys are identical (Luiz Augusto von Dentz) - video: hgafb: correctly handle card detect failure during probe (Anirudh Rayabharam) - tty: vt: always invoke vc-> vc_sw-> con_resize callback (Tetsuo Handa) - vt: Fix character height handling with VT_RESIZEX (Maciej W. Rozycki) - vgacon: Record video mode changes with VT_RESIZEX (Maciej W. Rozycki) - video: hgafb: fix potential NULL pointer dereference (Igor Matheus Andrade Torrente) - qlcnic: Add null check after calling netdev_alloc_skb (Tom Seewald) - leds: lp5523: check return value of lp5xx_read and jump to cleanup code (Phillip Potter) - net: rtlwifi: properly check for alloc_workqueue() failure (Greg Kroah-Hartman) - net: stmicro: handle clk_prepare() failureduring init (Anirudh Rayabharam) - ethernet: sun: niu: fix missing checks of niu_pci_eeprom_read() (Du Cheng) - Revert "niu: fix missing checks of niu_pci_eeprom_read" (Greg Kroah-Hartman) - Revert "qlcnic: Avoid potential NULL pointer dereference" (Greg Kroah-Hartman) - Revert "rtlwifi: fix a potential NULL pointer dereference" (Greg Kroah-Hartman) - Revert "media: rcar_drif: fix a memory disclosure" (Greg Kroah-Hartman) - cdrom: gdrom: initialize global variable at init time (Greg Kroah-Hartman) - cdrom: gdrom: deallocate struct gdrom_unit fields in remove_gdrom (Atul Gopinathan) - Revert "gdrom: fix a memory leak bug" (Greg Kroah-Hartman) - Revert "ecryptfs: replace BUG_ON with error handling code" (Greg Kroah-Hartman) - Revert "video: imsttfb: fix potential NULL pointer dereferences" (Greg Kroah-Hartman) - Revert "hwmon: (lm80) fix a missing check of bus read in lm80 probe" (Greg Kroah-Hartman) - Revert "leds: lp5523: fix a missing check of return value of lp55xx_read" (Greg Kroah-Hartman) - Revert "net: stmicro: fix a missing check of clk_prepare" (Greg Kroah-Hartman) - Revert "video: hgafb: fix potential NULL pointer dereference" (Greg Kroah-Hartman) - dm snapshot: fix crash with transient storage and zero chunk size (Mikulas Patocka) - xen-pciback: reconfigure also from backend watch handler (Jan Beulich) - rapidio: handle create_workqueue() failure (Anirudh Rayabharam) - Revert "rapidio: fix a NULL pointer dereference when create_workqueue() fails" (Greg Kroah-Hartman) - ALSA: hda/realtek: reset eapd coeff to default value for alc287 (Hui Wang) - Revert "ALSA: sb8: add a check for request_region" (Greg Kroah-Hartman) - ALSA: bebob/oxfw: fix Kconfig entry for Mackie d.2 Pro (Takashi Sakamoto) - ALSA: usb-audio: Validate MS endpoint descriptors (Takashi Iwai) - ALSA: line6: Fix racy initialization of LINE6 MIDI (Takashi Iwai) - cifs: fix memory leak in smb2_copychunk_range (Ronnie Sahlberg) - ptrace: make ptrace() fail if the tracee changed its pid unexpectedly (Oleg Nesterov) -scsi: qla2xxx: Fix error return code in qla82xx_write_flash_dword() (Zhen Lei) - RDMA/rxe: Clear all QP fields if creation failed (Leon Romanovsky) - openrisc: Fix a memory leak (Christophe JAILLET) - Linux 4.14.233 (Greg Kroah-Hartman) - ipv6: remove extra dev_hold() for fallback tunnels (Eric Dumazet) - xhci: Do not use GFP_KERNEL in (potentially) atomic context (Christophe JAILLET) - ip6_tunnel: sit: proper dev_{hold|put} in ndo_[un]init methods (Eric Dumazet) - sit: proper dev_{hold|put} in ndo_[un]init methods (Eric Dumazet) - serial: 8250: fix potential deadlock in rs485-mode (Tomas Melin) - lib: stackdepot: turn depot_lock spinlock to raw_spinlock (Zqiang) - block: reexpand iov_iter after read/write (yangerkun) - ALSA: hda: generic: change the DAC ctl name for LO+SPK or LO+HP (Hui Wang) - gpiolib: acpi: Add quirk to ignore EC wakeups on Dell Venue 10 Pro 5055 (Hans de Goede) - ceph: fix fscache invalidation (Jeff Layton) - um: Mark all kernel symbols as local (Johannes Berg) - Input: silead - add workaround for x86 BIOS-es which bring the chip up in a stuck state (Hans de Goede) - Input: elants_i2c - do not bind to i2c-hid compatible ACPI instantiated devices (Hans de Goede) - ACPI / hotplug / PCI: Fix reference count leak in enable_slot() (Feilong Lin) - ARM: 9066/1: ftrace: pause/unpause function graph tracer in cpu_suspend() (louis.wang) - PCI: thunder: Fix compile testing (Arnd Bergmann) - isdn: capi: fix mismatched prototypes (Arnd Bergmann) - cxgb4: Fix the -Wmisleading-indentation warning (Kaixu Xia) - usb: sl811-hcd: improve misleading indentation (Arnd Bergmann) - kgdb: fix gcc-11 warning on indentation (Arnd Bergmann) - x86/msr: Fix wr/rdmsr_safe_regs_on_cpu() prototypes (Arnd Bergmann) - clk: exynos7: Mark aclk_fsys1_200 as critical (Paweł Chmiel) - netfilter: conntrack: Make global sysctls readonly in non-init netns (Jonathon Reinhart) - kobject_uevent: remove warning in init_uevent_argv() (Greg Kroah-Hartman) - thermal/core/fair share: Lock the thermal zone whilelooping over instances (Lukasz Luba) - MIPS: Avoid handcoded DIVU in `__div64_32' altogether (Maciej W. Rozycki) - MIPS: Avoid DIVU in `__div64_32' is result would be zero (Maciej W. Rozycki) - MIPS: Reinstate platform `__div64_32' handler (Maciej W. Rozycki) - FDDI: defxx: Make MMIO the configuration default except for EISA (Maciej W. Rozycki) - KVM: x86: Cancel pvclock_gtod_work on module removal (Thomas Gleixner) - iio: tsl2583: Fix division by a zero lux_val (Colin Ian King) - iio: gyro: mpu3050: Fix reported temperature value (Dmitry Osipenko) - usb: core: hub: fix race condition about TRSMRCY of resume (Chunfeng Yun) - usb: dwc2: Fix gadget DMA unmap direction (Phil Elwell) - usb: xhci: Increase timeout for HC halt (Maximilian Luz) - usb: dwc3: omap: improve extcon initialization (Marcel Hamer) - blk-mq: Swap two calls in blk_mq_exit_queue() (Bart Van Assche) - ACPI: scan: Fix a memory leak in an error handling path (Christophe JAILLET) - usb: fotg210-hcd: Fix an error message (Christophe JAILLET) - iio: proximity: pulsedlight: Fix rumtime PM imbalance on error (Dinghao Liu) - drm/radeon/dpm: Disable sclk switching on Oland when two 4K 60Hz monitors are connected (Kai-Heng Feng) - userfaultfd: release page in error path to avoid BUG_ON (Axel Rasmussen) - squashfs: fix divide error in calculate_skip() (Phillip Lougher) - powerpc/64s: Fix crashes when toggling entry flush barrier (Michael Ellerman) - powerpc/64s: Fix crashes when toggling stf barrier (Michael Ellerman) - ARC: entry: fix off-by-one error in syscall number validation (Vineet Gupta) - netfilter: nftables: avoid overflows in nft_hash_buckets() (Eric Dumazet) - kernel: kexec_file: fix error return code of kexec_calculate_store_digests() (Jia-Ju Bai) - net: fix nla_strcmp to handle more then one trailing null character (Maciej Żenczykowski) - ksm: fix potential missing rmap_item for stable_node (Miaohe Lin) - mm/hugeltb: handle the error case in hugetlb_fix_reserve_counts() (Miaohe Lin) - khugepaged: fix wrong resultvalue for trace_mm_collapse_huge_page_isolate() (Miaohe Lin) - drm/radeon: Fix off-by-one power_state index heap overwrite (Kees Cook) - sctp: fix a SCTP_MIB_CURRESTAB leak in sctp_sf_do_dupcook_b (Xin Long) - rtc: ds1307: Fix wday settings for rx8130 (Nobuhiro Iwamatsu) - NFSv4.2 fix handling of sr_eof in SEEK's reply (Olga Kornievskaia) - pNFS/flexfiles: fix incorrect size check in decode_nfs_fh() (Nikola Livic) - NFS: Deal correctly with attribute generation counter overflow (Trond Myklebust) - NFSv4.2: Always flush out writes in nfs42_proc_fallocate() (Trond Myklebust) - rpmsg: qcom_glink_native: fix error return code of qcom_glink_rx_data() (Jia-Ju Bai) - ARM: 9064/1: hw_breakpoint: Do not directly check the event's overflow_handler hook (Zhen Lei) - PCI: Release OF node in pci_scan_device()'s error path (Dmitry Baryshkov) - f2fs: fix a redundant call to f2fs_balance_fs if an error occurs (Colin Ian King) - ASoC: rt286: Make RT286_SET_GPIO_* readable and writable (David Ward) - net: ethernet: mtk_eth_soc: fix RX VLAN offload (Felix Fietkau) - powerpc/iommu: Annotate nested lock for lockdep (Alexey Kardashevskiy) - wl3501_cs: Fix out-of-bounds warnings in wl3501_mgmt_join (Gustavo A. R. Silva) - wl3501_cs: Fix out-of-bounds warnings in wl3501_send_pkt (Gustavo A. R. Silva) - powerpc/pseries: Stop calling printk in rtas_stop_self() (Michael Ellerman) - samples/bpf: Fix broken tracex1 due to kprobe argument change (Yaqi Chen) - ASoC: rt286: Generalize support for ALC3263 codec (David Ward) - powerpc/smp: Set numa node before updating mask (Srikar Dronamraju) - sctp: Fix out-of-bounds warning in sctp_process_asconf_param() (Gustavo A. R. Silva) - kconfig: nconf: stop endless search loops (Mihai Moldovan) - selftests: Set CC to clang in lib.mk if LLVM is set (Yonghong Song) - cuse: prevent clone (Miklos Szeredi) - pinctrl: samsung: use 'int' for register masks in Exynos (Krzysztof Kozlowski) - mac80211: clear the beacon's CRC after channel switch (Emmanuel Grumbach) - ip6_vti: properdev_{hold|put} in ndo_[un]init methods (Eric Dumazet) - Bluetooth: check for zapped sk before connecting (Archie Pusaka) - Bluetooth: initialize skb_queue_head at l2cap_chan_create() (Tetsuo Handa) - Bluetooth: Set CONF_NOT_COMPLETE as l2cap_chan default (Archie Pusaka) - ALSA: rme9652: don't disable if not enabled (Tong Zhang) - ALSA: hdspm: don't disable if not enabled (Tong Zhang) - ALSA: hdsp: don't disable if not enabled (Tong Zhang) - net: stmmac: Set FIFO sizes for ipq806x (Jonathan McDowell) - tipc: convert dest node's address to network order (Hoang Le) - fs: dlm: fix debugfs dump (Alexander Aring) - tpm: fix error return code in tpm2_get_cc_attrs_tbl() (Zhen Lei) - Revert "fdt: Properly handle "no-map" field in the memory region" (Quentin Perret) - Revert "of/fdt: Make sure no-map does not remove already reserved regions" (Quentin Perret) - smp: Fix smp_call_function_single_async prototype (Arnd Bergmann) - kfifo: fix ternary sign extension bugs (Dan Carpenter) - net:nfc:digital: Fix a double free in digital_tg_recv_dep_req (Lv Yunlong) - net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send (Lv Yunlong) - powerpc/52xx: Fix an invalid ASM expression ('addi' used instead of 'add') (Christophe Leroy) - ath9k: Fix error check in ath9k_hw_read_revisions() for PCI devices (Toke Høiland-Jørgensen) - net: davinci_emac: Fix incorrect masking of tx and rx error channel (Colin Ian King) - RDMA/i40iw: Fix error unwinding when i40iw_hmc_sd_one fails (Sindhu Devale) - vsock/vmci: log once the failed queue pair allocation (Stefano Garzarella) - mwl8k: Fix a double Free in mwl8k_probe_hw (Lv Yunlong) - i2c: sh7760: fix IRQ error path (Sergey Shtylyov) - rtlwifi: 8821ae: upgrade PHY and RF parameters (Ping-Ke Shih) - powerpc/pseries: extract host bridge from pci_bus prior to bus removal (Tyrel Datwyler) - MIPS: pci-legacy: stop using of_pci_range_to_resource (Ilya Lipnitskiy) - i2c: sh7760: add IRQ check (Sergey Shtylyov) - i2c: jz4780: add IRQ check (Sergey Shtylyov) - i2c:emev2: add IRQ check (Sergey Shtylyov) - i2c: cadence: add IRQ check (Sergey Shtylyov) - net: thunderx: Fix unintentional sign extension issue (Colin Ian King) - IB/hfi1: Fix error return code in parse_platform_config() (Wang Wensheng) - mt7601u: fix always true expression (Colin Ian King) - mac80211: bail out if cipher schemes are invalid (Johannes Berg) - powerpc: iommu: fix build when neither PCI or IBMVIO is set (Randy Dunlap) - powerpc/perf: Fix PMU constraint check for EBB events (Athira Rajeev) - liquidio: Fix unintented sign extension of a left shift of a u16 (Colin Ian King) - ALSA: usb-audio: Add error checks for usb_driver_claim_interface() calls (Takashi Iwai) - nfc: pn533: prevent potential memory corruption (Dan Carpenter) - bug: Remove redundant condition check in report_bug (Andrew Scull) - ALSA: core: remove redundant spin_lock pair in snd_card_disconnect (Jia Zhou) - powerpc: Fix HAVE_HARDLOCKUP_DETECTOR_ARCH build configuration (Chen Huang) - powerpc/prom: Mark identical_pvr_fixup as __init (Nathan Chancellor) - net: lapbether: Prevent racing when checking whether the netif is running (Xie He) - perf symbols: Fix dso__fprintf_symbols_by_name() to return the number of printed chars (Arnaldo Carvalho de Melo) - HID: plantronics: Workaround for double volume key presses (Maxim Mikityanskiy) - x86/events/amd/iommu: Fix sysfs type mismatch (Nathan Chancellor) - HSI: core: fix resource leaks in hsi_add_client_from_dt() (Dan Carpenter) - mfd: stm32-timers: Avoid clearing auto reload register (Fabrice Gasnier) - scsi: sni_53c710: Add IRQ check (Sergey Shtylyov) - scsi: sun3x_esp: Add IRQ check (Sergey Shtylyov) - scsi: jazz_esp: Add IRQ check (Sergey Shtylyov) - clk: uniphier: Fix potential infinite loop (Colin Ian King) - vfio/mdev: Do not allow a mdev_type to have a NULL parent pointer (Jason Gunthorpe) - ata: libahci_platform: fix IRQ check (Sergey Shtylyov) - sata_mv: add IRQ checks (Sergey Shtylyov) - pata_ipx4xx_cf: fix IRQ check (Sergey Shtylyov) - pata_arasan_cf:fix IRQ check (Sergey Shtylyov) - x86/kprobes: Fix to check non boostable prefixes correctly (Masami Hiramatsu) - media: m88rs6000t: avoid potential out-of-bounds reads on arrays (Colin Ian King) - media: omap4iss: return error code when omap4iss_get() failed (Yang Yingliang) - media: vivid: fix assignment of dev-> fbuf_out_flags (Colin Ian King) - ttyprintk: Add TTY hangup callback. (Tetsuo Handa) - x86/platform/uv: Fix !KEXEC build failure (Ingo Molnar) - platform/x86: pmc_atom: Match all Beckhoff Automation baytrail boards with critclk_systems DMI table (Steffen Dirkwinkel) - firmware: qcom-scm: Fix QCOM_SCM configuration (He Ying) - tty: fix return value for unsupported ioctls (Johan Hovold) - tty: actually undefine superseded ASYNC flags (Johan Hovold) - USB: cdc-acm: fix unprivileged TIOCCSERIAL (Johan Hovold) - usb: gadget: r8a66597: Add missing null check on return from platform_get_resource (Colin Ian King) - crypto: qat - Fix a double free in adf_create_ring (Lv Yunlong) - ACPI: CPPC: Replace cppc_attr with kobj_attribute (Nathan Chancellor) - soc: qcom: mdt_loader: Detect truncated read of segments (Bjorn Andersson) - soc: qcom: mdt_loader: Validate that p_filesz < p_memsz (Bjorn Andersson) - spi: Fix use-after-free with devm_spi_alloc_* (William A. Kennington III) - staging: greybus: uart: fix unprivileged TIOCCSERIAL (Johan Hovold) - staging: rtl8192u: Fix potential infinite loop (Colin Ian King) - mtd: rawnand: gpmi: Fix a double free in gpmi_nand_init (Lv Yunlong) - USB: gadget: udc: fix wrong pointer passed to IS_ERR() and PTR_ERR() (Yang Yingliang) - crypto: qat - fix error path in adf_isr_resource_alloc() (Giovanni Cabiddu) - phy: marvell: ARMADA375_USBCLUSTER_PHY should not default to y, unconditionally (Geert Uytterhoeven) - bus: qcom: Put child node before return (Pan Bian) - mtd: require write permissions for locking and badblock ioctls (Michael Walle) - fotg210-udc: Complete OUT requests on short packets (Fabian Vogt) - fotg210-udc: Don't DMA more than the buffercan take (Fabian Vogt) - fotg210-udc: Mask GRP2 interrupts we don't handle (Fabian Vogt) - fotg210-udc: Remove a dubious condition leading to fotg210_done (Fabian Vogt) - fotg210-udc: Fix EP0 IN requests bigger than two packets (Fabian Vogt) - fotg210-udc: Fix DMA on EP0 for length > max packet size (Fabian Vogt) - crypto: qat - ADF_STATUS_PF_RUNNING should be set after adf_dev_init (Tong Zhang) - crypto: qat - don't release uninitialized resources (Tong Zhang) - usb: gadget: pch_udc: Check for DMA mapping error (Andy Shevchenko) - usb: gadget: pch_udc: Check if driver is present before calling -> setup() (Andy Shevchenko) - usb: gadget: pch_udc: Replace cpu_to_le32() by lower_32_bits() (Andy Shevchenko) - x86/microcode: Check for offline CPUs before requesting new microcode (Otavio Pontes) - usb: typec: tcpci: Check ROLE_CONTROL while interpreting CC_STATUS (Badhri Jagan Sridharan) - serial: stm32: fix tx_empty condition (Erwan Le Ray) - serial: stm32: fix incorrect characters on console (Erwan Le Ray) - ARM: dts: exynos: correct PMIC interrupt trigger level on Snow (Krzysztof Kozlowski) - ARM: dts: exynos: correct PMIC interrupt trigger level on SMDK5250 (Krzysztof Kozlowski) - ARM: dts: exynos: correct PMIC interrupt trigger level on Odroid X/U3 family (Krzysztof Kozlowski) - memory: gpmc: fix out of bounds read and dereference on gpmc_cs[] (Colin Ian King) - usb: gadget: pch_udc: Revert d3cb25a12138 completely (Andy Shevchenko) - KVM: s390: split kvm_s390_real_to_abs (Claudio Imbrenda) - KVM: s390: fix guarded storage control register handling (Heiko Carstens) - KVM: s390: split kvm_s390_logical_to_effective (Claudio Imbrenda) - x86/cpu: Initialize MSR_TSC_AUX if RDTSCP *or* RDPID is supported (Sean Christopherson) - ALSA: hda/realtek: Remove redundant entry for ALC861 Haier/Uniwill devices (Takashi Iwai) - ALSA: hda/realtek: Re-order ALC269 Lenovo quirk table entries (Takashi Iwai) - ALSA: hda/realtek: Re-order ALC269 Sony quirk table entries (Takashi Iwai) - ALSA: hda/realtek:Re-order ALC882 Sony quirk table entries (Takashi Iwai) - ALSA: hda/realtek: Re-order ALC882 Acer quirk table entries (Takashi Iwai) - drm/radeon: fix copy of uninitialized variable back to userspace (Colin Ian King) - cfg80211: scan: drop entry from hidden_list on overflow (Johannes Berg) - ipw2x00: potential buffer overflow in libipw_wx_set_encodeext() (Dan Carpenter) - md: md_open returns -EBUSY when entering racing area (Zhao Heming) - md: factor out a mddev_find_locked helper from mddev_find (Christoph Hellwig) - md: split mddev_find (Christoph Hellwig) - md-cluster: fix use-after-free issue when removing rdev (Heming Zhao) - tracing: Restructure trace_clock_global() to never block (Steven Rostedt (VMware)) - misc: vmw_vmci: explicitly initialize vmci_datagram payload (Tetsuo Handa) - misc: vmw_vmci: explicitly initialize vmci_notify_bm_set_msg struct (Tetsuo Handa) - misc: lis3lv02d: Fix false-positive WARN on various HP models (Hans de Goede) - FDDI: defxx: Bail out gracefully with unassigned PCI resource for CSR (Maciej W. Rozycki) - MIPS: pci-rt2880: fix slot 0 configuration (Ilya Lipnitskiy) - net/nfc: fix use-after-free llcp_sock_bind/connect (Or Cohen) {CVE-2021-23134} - modules: inherit TAINT_PROPRIETARY_MODULE (Christoph Hellwig) - modules: return licensing information from find_symbol (Christoph Hellwig) - modules: rename the licence field in struct symsearch to license (Christoph Hellwig) - modules: unexport __module_address (Christoph Hellwig) - modules: unexport __module_text_address (Christoph Hellwig) - modules: mark each_symbol_section static (Christoph Hellwig) - modules: mark find_symbol static (Christoph Hellwig) - modules: mark ref_module static (Christoph Hellwig) - dm rq: fix double free of blk_mq_tag_set in dev remove after table load fails (Benjamin Block) - dm space map common: fix division bug in sm_ll_find_free_block() (Joe Thornber) - dm persistent data: packed struct should have an aligned() attribute too (Joe Thornber) - tracing: Map all PIDs tocommand lines (Steven Rostedt (VMware)) - usb: dwc3: gadget: Fix START_TRANSFER link state check (Thinh Nguyen) - usb: gadget/function/f_fs string table fix for multiple languages (Dean Anderson) - usb: gadget: Fix double free of device descriptor pointers (Hemant Kumar) - usb: gadget: dummy_hcd: fix gpf in gadget_setup (Anirudh Rayabharam) - media: dvbdev: Fix memory leak in dvb_media_device_free() (Peilin Ye) - ext4: fix error code in ext4_commit_super (Fengnan Chang) - ext4: fix check to prevent false positive report of incorrect used inodes (Zhang Yi) - ftrace: Handle commands when closing set_ftrace_filter file (Steven Rostedt (VMware)) - posix-timers: Preserve return value in clock_adjtime32() (Chen Jun) - Revert 337f13046ff0 ("futex: Allow FUTEX_CLOCK_REALTIME with FUTEX_WAIT op") (Thomas Gleixner) - jffs2: check the validity of dstlen in jffs2_zlib_compress() (Yang Yang) - Fix misc new gcc warnings (Linus Torvalds) - security: commoncap: fix -Wstringop-overread warning (Arnd Bergmann) - intel_th: pci: Add Alder Lake-M support (Alexander Shishkin) - powerpc: fix EDEADLOCK redefinition error in uapi/asm/errno.h (Tony Ambardar) - powerpc/eeh: Fix EEH handling for hugepages in ioremap space. (Mahesh Salgaonkar) - jffs2: Fix kasan slab-out-of-bounds problem (lizhe) - NFSv4: Don't discard segments marked for return in _pnfs_return_layout() (Trond Myklebust) - ACPI: GTDT: Don't corrupt interrupt mappings on watchdow probe failure (Marc Zyngier) - openvswitch: fix stack OOB read while fragmenting IPv4 packets (Davide Caratti) - arm64/vdso: Discard .note.gnu.property sections in vDSO (Bill Wendling) - btrfs: fix race when picking most recent mod log operation for an old root (Filipe Manana) - ALSA: sb: Fix two use after free in snd_sb_qsound_build (Lv Yunlong) - ALSA: hda/conexant: Re-order CX5066 quirk table entries (Takashi Iwai) - ALSA: emu8000: Fix a use after free in snd_emu8000_create_mixer (Lv Yunlong) - scsi: libfc: Fix a format specifier (Bart Van Assche) - scsi: lpfc: Removeunsupported mbox PORT_CAPABILITIES logic (James Smart) - scsi: lpfc: Fix crash when a REG_RPI mailbox fails triggering a LOGO response (James Smart) - drm/amdgpu: fix NULL pointer dereference (Guchun Chen) - drm/msm/mdp5: Configure PP_SYNC_HEIGHT to double the vtotal (Marijn Suijten) - media: gscpa/stv06xx: fix memory leak (Hans Verkuil) - media: dvb-usb: fix memory leak in dvb_usb_adapter_init (Pavel Skripkin) - media: i2c: adv7842: fix possible use-after-free in adv7842_remove() (Yang Yingliang) - media: i2c: adv7511-v4l2: fix possible use-after-free in adv7511_remove() (Yang Yingliang) - media: adv7604: fix possible use-after-free in adv76xx_remove() (Yang Yingliang) - power: supply: s3c_adc_battery: fix possible use-after-free in s3c_adc_bat_remove() (Yang Yingliang) - power: supply: generic-adc-battery: fix possible use-after-free in gab_remove() (Yang Yingliang) - clk: socfpga: arria10: Fix memory leak of socfpga_clk on error return (Colin Ian King) - media: vivid: update EDID (Hans Verkuil) - media: em28xx: fix memory leak (Muhammad Usama Anjum) - scsi: scsi_dh_alua: Remove check for ASC 24h in alua_rtpg() (Ewan D. Milne) - scsi: qla2xxx: Always check the return value of qla24xx_get_isp_stats() (Bart Van Assche) - drm/amdgpu : Fix asic reset regression issue introduce by 8f211fe8ac7c4f (shaoyunl) - power: supply: Use IRQF_ONESHOT (dongjian) - media: gspca/sq905.c: fix uninitialized variable (Hans Verkuil) - media: media/saa7164: fix saa7164_encoder_register() memory leak bugs (Daniel Niv) - extcon: arizona: Fix some issues when HPDET IRQ fires after the jack has been unplugged (Hans de Goede) - power: supply: bq27xxx: fix power_avg for newer ICs (Matthias Schiffer) - media: ite-cir: check for receive overflow (Sean Young) - scsi: target: pscsi: Fix warning in pscsi_complete_cmd() (Chaitanya Kulkarni) - scsi: lpfc: Fix pt2pt connection does not recover after LOGO (James Smart) - scsi: lpfc: Fix incorrect dbde assignment when building target abts wqe (James Smart) - btrfs: convertlogic BUG_ON()'s in replace_path to ASSERT()'s (Josef Bacik) - phy: phy-twl4030-usb: Fix possible use-after-free in twl4030_usb_remove() (Yang Yingliang) - intel_th: Consistency and off-by-one fix (Pavel Machek) - spi: omap-100k: Fix reference leak to master (Wei Yongjun) - spi: dln2: Fix reference leak to master (Wei Yongjun) - perf/arm_pmu_platform: Fix error handling (Robin Murphy) - tee: optee: do not check memref size on return from Secure World (Jerome Forissier) - x86/build: Propagate $(CLANG_FLAGS) to $(REALMODE_FLAGS) (John Millikin) - PCI: PM: Do not read power state in pci_enable_device_flags() (Rafael J. Wysocki) - usb: xhci: Fix port minor revision (Thinh Nguyen) - usb: dwc3: gadget: Ignore EP queue requests during bus reset (Wesley Cheng) - usb: gadget: f_uac1: validate input parameters (Ruslan Bilovol) - usb: gadget: uvc: add bInterval checking for HS mode (Pawel Laszczak) - crypto: api - check for ERR pointers in crypto_destroy_tfm() (Ard Biesheuvel) - staging: wimax/i2400m: fix byte-order issue (karthik alapati) - fbdev: zero-fill colormap in fbcmap.c (Phillip Potter) - intel_th: pci: Add Rocket Lake CPU support (Alexander Shishkin) - btrfs: fix metadata extent leak after failure to create subvolume (Filipe Manana) - cifs: Return correct error code from smb2_get_enc_key (Paul Aurich) - mmc: core: Set read only for SD cards with permanent write protect bit (Seunghui Lee) - mmc: core: Do a power cycle when the CMD11 fails (DooHyun Hwang) - mmc: block: Update ext_csd.cache_ctrl if it was written (Avri Altman) - spi: spi-ti-qspi: Free DMA resources (Tudor Ambarus) - ecryptfs: fix kernel panic with null dev_name (Jeffrey Mitchell) - arm64: dts: mt8173: fix property typo of 'phys' in dsi node (Chunfeng Yun) - ACPI: custom_method: fix a possible memory leak (Mark Langsdorf) - ACPI: custom_method: fix potential use-after-free issue (Mark Langsdorf) - s390/disassembler: increase ebpf disasm buffer size (Vasily Gorbik) - platform/x86: thinkpad_acpi: Correct thermal sensorallocation (Mark Pearson) - USB: Add reset-resume quirk for WD19's Realtek Hub (Chris Chiu) - USB: Add LPM quirk for Lenovo ThinkPad USB-C Dock Gen2 Ethernet (Kai-Heng Feng) - ALSA: usb-audio: Add MIDI quirk for Vox ToneLab EX (Takashi Iwai) - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_gen2_enqueue_hcmd() (Jiri Kosina) - bpf: Fix masking negation logic upon negative dst register (Daniel Borkmann) - mips: Do not include hi and lo in clobber list for R6 (Romain Naour) - MIPS: cpu-features.h: Replace __mips_isa_rev with MIPS_ISA_REV (Matt Redfearn) - MIPS: Introduce isa-rev.h to define MIPS_ISA_REV (Matt Redfearn) - iwlwifi: Fix softirq/hardirq disabling in iwl_pcie_enqueue_hcmd() (Jiri Kosina) - net: usb: ax88179_178a: initialize local variables before use (Phillip Potter) - bpf: fix up selftests after backports were fixed (Frank van der Linden) - bpf: Fix backport of "bpf: restrict unknown scalars of mixed signed bounds for unprivileged" (Samuel Mendoza-Jonas) - usbip: vudc synchronize sysfs code paths (Shuah Khan) - Linux 4.14.232 (Greg Kroah-Hartman) - USB: CDC-ACM: fix poison/unpoison imbalance (Oliver Neukum) - net: hso: fix NULL-deref on disconnect regression (Johan Hovold) - x86/crash: Fix crash_setup_memmap_entries() out-of-bounds access (Mike Galbraith) - ia64: tools: remove duplicate definition of ia64_mf() on ia64 (John Paul Adrian Glaubitz) - ia64: fix discontig.c section mismatches (Randy Dunlap) - cavium/liquidio: Fix duplicate argument (Wan Jiabing) - xen-netback: Check for hotplug-status existence before watching (Michael Brown) - s390/entry: save the caller of psw_idle (Vasily Gorbik) - net: geneve: check skb is large enough for IPv4/IPv6 header (Phillip Potter) - ARM: dts: Fix swapped mmc order for omap3 (Tony Lindgren) - HID: wacom: Assign boolean values to a bool variable (Jiapeng Zhong) - HID: alps: fix error return code in alps_input_configured() (Jia-Ju Bai) - pinctrl: lewisburg: Update number of pins in community (Yuanyuan Zhong) - ext4: correct errorlabel in ext4_rename() (Zhang Yi) - net: hso: fix null-ptr-deref during tty device unregistration (Anirudh Rayabharam) - gup: document and work around "COW can break either way" issue (Linus Torvalds) - ARM: 9071/1: uprobes: Don't hook on thumb instructions (Fredrik Strupe) - ARM: footbridge: fix PCI interrupt mapping (Russell King) - ibmvnic: remove duplicate napi_schedule call in open function (Lijun Pan) - ibmvnic: remove duplicate napi_schedule call in do_reset function (Lijun Pan) - ibmvnic: avoid calling napi_disable() twice (Lijun Pan) - i40e: fix the panic when running bpf in xdpdrv mode (Jason Xing) - net: sit: Unregister catch-all devices (Hristo Venev) - netfilter: nft_limit: avoid possible divide error in nft_limit_init (Eric Dumazet) - netfilter: conntrack: do not print icmpv6 as unknown via /proc (Pablo Neira Ayuso) - scsi: libsas: Reset num_scatter if libata marks qc as NODATA (Jolly Shah) - arm64: fix inline asm in load_unaligned_zeropad() (Peter Collingbourne) - readdir: make sure to verify directory entry for legacy interfaces too (Linus Torvalds) - HID: wacom: set EV_KEY and EV_ABS only for non-HID_GENERIC type of devices (Ping Cheng) - Input: i8042 - fix Pegatron C15B ID entry (Arnd Bergmann) - mac80211: clear sta-> fast_rx when STA removed from 4-addr VLAN (Seevalamuthu Mariappan) - usbip: Fix incorrect double assignment to udc-> ud.tcp_rx (Colin Ian King) - pcnet32: Use pci_resource_len to validate PCI resource (Guenter Roeck) - net: ieee802154: forbid monitor for add llsec seclevel (Alexander Aring) - net: ieee802154: stop dump llsec seclevels for monitors (Alexander Aring) - net: ieee802154: forbid monitor for add llsec devkey (Alexander Aring) - net: ieee802154: stop dump llsec devkeys for monitors (Alexander Aring) - net: ieee802154: stop dump llsec devs for monitors (Alexander Aring) - net: ieee802154: stop dump llsec keys for monitors (Alexander Aring) - scsi: scsi_transport_srp: Don't block target in SRP_PORT_LOST state (Martin Wilck) - ASoC: fsl_esai: FixTDM slot setup for I2S mode (Alexander Shiyan) - ARM: keystone: fix integer overflow warning (Arnd Bergmann) - neighbour: Disregard DEAD dst in neigh_update (Tong Zhu) - arc: kernel: Return -EFAULT if copy_to_user() fails (Wang Qing) - ARM: dts: Fix moving mmc devices with aliases for omap4 & 5 (Tony Lindgren) - dmaengine: dw: Make it dependent to HAS_IOMEM (Andy Shevchenko) - Input: nspire-keypad - enable interrupts only when opened (Fabian Vogt) . Critical security patch released for Oracle Linux Cloud Infrastructure, targeting various exploits and kernel vulnerabilities.. Oracle Linux Security Advisory, Kernel Update, Cloud Native Security, Linux Kernel Vulnerability. . Severity: Critical. LinuxSecurity.com Team
Sep 21, 2021
•Critical
Oracle
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!