Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 8 articles for you...
217
security advisoryprivilege escalationimportantOracle Linux 8 ELSA-2026-11521 Sudo Important Privilege Escalation
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-11521 http://linux.oracle.com/errata/ELSA-2026-11521.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: sudo-1.9.5p2-1.0.1.el8_10.5.x86_64.rpm aarch64: sudo-1.9.5p2-1.0.1.el8_10.5.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/sudo-1.9.5p2-1.0.1.el8_10.5.src.rpm Related CVEs: CVE-2026-35535 Description of changes: [1.9.5p2-1.0.1.el8_10.5] - Fixes sudo -s unclosed sessions when use_pty option used [Orabug: 36952911] [1.9.5p2-1.5] RHEL 8.10.0.Z ERRATUM - CVE-2026-35535 - Privilege escalation due to failure in privilege drop calls Resolves: RHEL-166060 [1.9.5p2-1.3] RHEL 8.10.0.Z ERRATUM - sudo passes SHELL environment variable twice to the shell being executed [rhel-8] Resolves: RHEL-127360 [1.9.5p2-1.2] RHEL 8.10.0.Z ERRATUM - Reintroduce cmnd_no_wait Resolves: RHEL-51956 - Missing separator in the log Resolves: RHEL-71913 [1.9.5p2-1.1] RHEL 8.10.0.Z ERRATUM - CVE-2025-32462 sudo: LPE via host option Resolves: RHEL-100014 _______________________________________________ El-errata mailing list
Apr 30, 2026
•Important
Oracle
172
security advisorycriticalUbuntuUbuntu 16.04 & 14.04: Linux Kernel Critical Security Update USN-7930-1
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-7930-1 December 15, 2025 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-kvm: Linux kernel for cloud environments - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - Hardware monitoring drivers; - InfiniBand drivers; - MTD block device drivers; - Network drivers; - DesignWare USB3 driver; - Ceph distributed file system; - Network file system (NFS) server daemon; - NILFS2 file system; - File systems infrastructure; - Tracing infrastructure; - Appletalk network protocol; - IPv6 networking; - Netfilter; (CVE-2021-47146, CVE-2021-47269, CVE-2021-47385, CVE-2021-47634, CVE-2022-49026, CVE-2024-49935, CVE-2024-50067, CVE-2024-50095, CVE-2024-50179, CVE-2024-53112, CVE-2024-53217, CVE-2025-21715, CVE-2025-21722, CVE-2025-21811, CVE-2025-21855, CVE-2025-38666, CVE-2025-39964, CVE-2025-40018) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS linux-image-4.4.0-1151-kvm 4.4.0-1151.162 Available with Ubuntu Pro linux-image-4.4.0-1188-aws 4.4.0-1188.203 Available with Ubuntu Pro linux-image-4.4.0-276-generic 4.4.0-276.310 Available with Ubuntu Pro linux-image-4.4.0-276-lowlatency 4.4.0-276.310 Available with Ubuntu Pro linux-image-aws 4.4.0.1188.192 Available with Ubuntu Pro linux-image-generic 4.4.0.276.282 Available with Ubuntu Pro linux-image-generic-lts-xenial 4.4.0.276.282 Available with Ubuntu Pro linux-image-kvm 4.4.0.1151.148 Available with Ubuntu Pro linux-image-lowlatency 4.4.0.276.282 Available with Ubuntu Pro linux-image-lowlatency-lts-xenial 4.4.0.276.282 Available with Ubuntu Pro linux-image-virtual 4.4.0.276.282 Available with Ubuntu Pro linux-image-virtual-lts-xenial 4.4.0.276.282 Available with Ubuntu Pro Ubuntu 14.04 LTS linux-image-4.4.0-1150-aws 4.4.0-1150.156 Available with Ubuntu Pro linux-image-4.4.0-276-generic 4.4.0-276.310~14.04.1 Available with Ubuntu Pro linux-image-4.4.0-276-lowlatency 4.4.0-276.310~14.04.1 Available with Ubuntu Pro linux-image-aws 4.4.0.1150.147 Available with Ubuntu Pro linux-image-generic-lts-xenial 4.4.0.276.310~14.04.1 Available with Ubuntu Pro linux-image-lowlatency-lts-xenial 4.4.0.276.310~14.04.1 Available with Ubuntu Pro linux-image-virtual-lts-xenial 4.4.0.276.310~14.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernelupdates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7930-1 CVE-2021-47146, CVE-2021-47269, CVE-2021-47385, CVE-2021-47634, CVE-2022-49026, CVE-2024-49935, CVE-2024-50067, CVE-2024-50095, CVE-2024-50179, CVE-2024-53112, CVE-2024-53217, CVE-2025-21715, CVE-2025-21722, CVE-2025-21811, CVE-2025-21855, CVE-2025-38666, CVE-2025-39964, CVE-2025-40018 . Critical security issues fixed in Ubuntu Linux kernel. Update recommended for immediate protection against exploits.. ubuntu kernel security, linux kernel update, ubuntu vulnerabilities. . Severity: Critical. LinuxSecurity.com Team
Dec 15, 2025
•Critical
Ubuntu
172
security advisorycriticalUbuntuUbuntu 24.04: Linux-realtime Critical Kernel Update Vulnerable 2025:0012
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-7791-2 October 02, 2025 linux-realtime-6.14 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-realtime-6.14: Linux kernel for Real-time systems Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Packet sockets; - Network traffic control; - VMware vSockets driver; - XFRM subsystem; (CVE-2025-38477, CVE-2025-38617, CVE-2025-38500, CVE-2025-38618) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS linux-image-6.14.0-1013-realtime 6.14.0-1013.13~24.04.1 Available with Ubuntu Pro linux-image-realtime-6.14 6.14.0-1013.13~24.04.1 Available with Ubuntu Pro linux-image-realtime-hwe-24.04 6.14.0-1013.13~24.04.1 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7791-2 https://ubuntu.com/security/notices/USN-7791-1 CVE-2025-38477, CVE-2025-38500,CVE-2025-38617, CVE-2025-38618 Package Information: . Critical security issues have been fixed in Ubuntu's Linux kernel, requiring immediate updates for system safety.. Ubuntu Security, Linux Kernel, System Updates, Real-time Linux, Security Issues. . Severity: Critical. LinuxSecurity.com Team
Oct 02, 2025
•Critical
Ubuntu
172
security advisorycriticalUbuntuUbuntu 16.04 LTS: Linux Kernel Critical Security Issues USN-7684-1
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-7684-1 July 31, 2025 linux, linux-aws, linux-kvm vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-kvm: Linux kernel for cloud environments Details: Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - SCSI subsystem; - TTY drivers; - Ext4 file system; - Bluetooth subsystem; - USB sound devices; (CVE-2023-52975, CVE-2024-53239, CVE-2024-49883, CVE-2024-50073, CVE-2024-49950) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS linux-image-4.4.0-1147-kvm 4.4.0-1147.158 Available with Ubuntu Pro linux-image-4.4.0-1184-aws 4.4.0-1184.199 Available with Ubuntu Pro linux-image-4.4.0-271-generic 4.4.0-271.305 Available with Ubuntu Pro linux-image-4.4.0-271-lowlatency 4.4.0-271.305 Available with Ubuntu Pro linux-image-aws 4.4.0.1184.188 Available with Ubuntu Pro linux-image-generic 4.4.0.271.277 Available with Ubuntu Pro linux-image-generic-lts-xenial 4.4.0.271.277 Available with Ubuntu Pro linux-image-kvm 4.4.0.1147.144 Available with Ubuntu Pro linux-image-lowlatency 4.4.0.271.277 Available with Ubuntu Pro linux-image-lowlatency-lts-xenial 4.4.0.271.277 Available with Ubuntu Pro linux-image-virtual 4.4.0.271.277 Available with Ubuntu Pro linux-image-virtual-lts-xenial 4.4.0.271.277 Available with Ubuntu Pro After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7684-1 CVE-2023-52975, CVE-2024-49883, CVE-2024-49950, CVE-2024-50073, CVE-2024-53239 . Recent modifications to the Ubuntu Linux kernel tackle various security flaws to improve overall system stability.. Ubuntu Kernel Security, Linux Updates, System Compromise, AWS Linux Security, Linux Kernel Vulnerabilities. . Severity: Critical. LinuxSecurity.com Team
Jul 31, 2025
•Critical
Ubuntu
217
security advisorybuffer overflowcriticalOracle Linux 8 ELSA-2024-12782: Critical Kernel Updates and Fixes
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-12782 http://linux.oracle.com/errata/ELSA-2024-12782.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-container-5.4.17-2136.336.5.1.el8uek.x86_64.rpm kernel-uek-container-debug-5.4.17-2136.336.5.1.el8uek.x86_64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.4.17-2136.336.5.1.el8uek.src.rpm Related CVEs: CVE-2024-46738 CVE-2024-43882 CVE-2024-42259 CVE-2024-41042 CVE-2024-27397 CVE-2024-44948 CVE-2024-43890 CVE-2024-43893 CVE-2024-44968 CVE-2024-44960 CVE-2024-43883 CVE-2024-44954 CVE-2024-43894 CVE-2024-44969 CVE-2024-43908 CVE-2024-43914 CVE-2024-43861 CVE-2024-44935 CVE-2024-44965 CVE-2024-42265 CVE-2024-42271 CVE-2024-43867 CVE-2024-43860 CVE-2024-42290 CVE-2024-43871 CVE-2024-42301 CVE-2024-42131 CVE-2024-42276 CVE-2024-42280 CVE-2024-42281 CVE-2024-42283 CVE-2024-42284 CVE-2024-43856 CVE-2024-43858 CVE-2024-42295 CVE-2024-42285 CVE-2024-42286 CVE-2024-42287 CVE-2024-42288 CVE-2024-42289 CVE-2024-42292 CVE-2024-42297 CVE-2024-42304 CVE-2024-42305 CVE-2024-42306 CVE-2024-42308 CVE-2024-42309 CVE-2024-42310 CVE-2024-42311 CVE-2024-42313 CVE-2024-44944 CVE-2024-43829 CVE-2024-43830 CVE-2024-43839 CVE-2024-43841 CVE-2024-43879 CVE-2024-43880 CVE-2024-43846 CVE-2024-41090 CVE-2024-41091 CVE-2024-41020 CVE-2024-41012 CVE-2024-41017 CVE-2024-41015 CVE-2024-41059 CVE-2024-41063 CVE-2024-41064 CVE-2024-41065 CVE-2024-41068 CVE-2024-41070 CVE-2024-41072 CVE-2024-41081 Description of changes: [5.4.17-2136.336.5.1.el8uek] - vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (Haoran Zhang) [Orabug: 37138988] [5.4.17-2136.336.5.el8uek] - uek-rpm: Add skx_edac_common.ko to nano_modules (Sherry Yang) [Orabug: 37030127] - EDAC, i10nm: make skx_common.o a separate module (Arnd Bergmann) [Orabug: 37030127] - uek-rpm: Integrating the container build in UEK6 (Jack Vogel) [Orabug: 37021061] - i40e: Change user notification of non-SFP module in i40e_get_module_info() (Andrii Staikov) [Orabug: 36988197] - xsigo: Use NAPI in UD/TX flows for xve (Alok Tiwari) [Orabug: 35180168] - xsigo: remove incorrect spin_unlock_irqrestore call in vhba_queuecommand (Alok Tiwari) [Orabug: 35180168] - xsigo: Fix slab-out-of-bounds in vhba_create (Alok Tiwari) [Orabug: 35180168] - xsigo: Fix memory free issue in dma mapping (Alok Tiwari) [Orabug: 35180168] - xsigo: Fix use-after-free n xsvbha for srb *sp (Alok Tiwari) [Orabug: 35180168] - xsigo: Fix mtu setting issue in xve netdev (Alok Tiwari) [Orabug: 35180168] - xsigo: Add struct ib_mad_send_buf to recv_handler (Alok Tiwari) [Orabug: 35180168] - xsigo: Remove tx_outstanding variable from xve xmit (Alok Tiwari) [Orabug: 35180168] - xsigo: Add extack argument to dev_change_flags() (Alok Tiwari) [Orabug: 35180168] - xsigo: Remove compare_data while calling ib_cm_listen() (Alok Tiwari) [Orabug: 35180168] - xsigo: Ignore the return value of "ib_destroy_cq" (Alok Tiwari) [Orabug: 35180168] - xsigo: Remove sif_verbs header (Alok Tiwari) [Orabug: 35180168] - xsigo: Replace setup_timer with the timer_setup (Alok Tiwari) [Orabug: 35180168] - xsigo: Use ib_ud_wr for xve_dev_priv instread of ib_send_wr (Alok Tiwari) [Orabug: 35180168] - xsigo: Remove return from register event handler (Alok Tiwari) [Orabug: 35180168] - xsigo: Add client_data for struct ib_client remove() (Alok Tiwari) [Orabug: 35180168] - xsigo: Replace dev-> trans_start update with helper netif_trans_update (Alok Tiwari) [Orabug: 35180168] - xsigo: Remove usage of net_device last_rx member from xsigo (Alok Tiwari) [Orabug: 35180168] - xsigo: Replace skb_frag page with bv_page in xve (Alok Tiwari) [Orabug: 35180168] - xsigo: Use sg_next() to get the next sg instead of SG_NEXT (Alok Tiwari) [Orabug: 35180168] - xsigo: Rename ib_init_ah_from_path to ib_init_ah_attr_from_path (Alok Tiwari) [Orabug: 35180168] - xsigo: remove pointer dereference for ib_fmr_pool_map_phys (AlokTiwari) [Orabug: 35180168] - xsigo: ib_fmr_pool_map_phys does not need rargs (Alok Tiwari) [Orabug: 35180168] - xsigo: Remove ib_sg_dma_address() and ib_sg_dma_len() (Alok Tiwari) [Orabug: 35180168] - xsigo: Fix compiling error from xsvbha module (Alok Tiwari) [Orabug: 35180168] - xsigo: Remove sg_copy_buffer from vhba_align (Alok Tiwari) [Orabug: 35180168] - xsigo: Xve, replace .get_settings with ksettings() (Alok Tiwari) [Orabug: 35180168] - xsigo: Remove LRO code from xve module (Alok Tiwari) [Orabug: 35180168] - xsigo: Xsvnic, replace .get_settings with ksettings() (Alok Tiwari) [Orabug: 35180168] - xsigo: Remove LRO code from xsvnic module (Alok Tiwari) [Orabug: 35180168] - xsigo: Change port number from u8 to u32 (Alok Tiwari) [Orabug: 35180168] - xsigo: Use frag-> bv_offset in place of page_offset (Alok Tiwari) [Orabug: 35180168] - xsigo: Rename skb_frag_t size to bv_len (Alok Tiwari) [Orabug: 35180168] - xsigo: Fix compiling error due to Constify of ib_cm_event (Alok Tiwari) [Orabug: 35180168] - xsigo: Add the $(srctree)/ prefix to xsigo Makefile (Alok Tiwari) [Orabug: 35180168] - xsigo: Assign IB_MGMT_BASE_VERSION for ib_create_send_mad (Alok Tiwari) [Orabug: 35180168] - xsigo: Assign rdma_ctxs and port_num for struct ib_qp_init_attr (Alok Tiwari) [Orabug: 35180168] - xsigo: Use struct ib_cq_init_attr for ib_create_cq() (Alok Tiwari) [Orabug: 35180168] - xsigo: Replace max_sge with max_send_sge for xscore_create_qp (Alok Tiwari) [Orabug: 35180168] - xsigo: Remove ib_get_dma_mr and ib_dereg_mr (Alok Tiwari) [Orabug: 35180168] - xsigo: Replace ib_query_device with callback "ops.query_device" (Alok Tiwari) [Orabug: 35180168] - xsigo: Replace ib_query_gid with rdma_query_gid (Alok Tiwari) [Orabug: 35180168] - xsigo: Replace ib_modify_cq with rdma_set_cq_moderation (Alok Tiwari) [Orabug: 35180168] - xsigo: Assign path record type rec_type for sa_path_rec (Alok Tiwari) [Orabug: 35180168] - xsigo: Rename ib_sa_path_rec to sa_path_rec (Alok Tiwari) [Orabug: 35180168] - xsigo: Use structib_ud_wr ud_wr instead of ib_send_wr (Alok Tiwari) [Orabug: 35180168] - xsigo: Replace struct ib_ah_attr with struct rdma_ah_attr (Alok Tiwari) [Orabug: 35180168] - xsigo: Rename ib_create_ah and ib_destroy_ah (Alok Tiwari) [Orabug: 35180168] - xsigo: Assign const argument for ib_post_send/recv() (Alok Tiwari) [Orabug: 35180168] - uek-rpm: add xsigo module in ol7 and ol8 config file (Alok Tiwari) [Orabug: 35180168] - Revert "RDMA/core/sa_query: Remove unused function" (Alok Tiwari) [Orabug: 35180168] - xve: arm ud tx cq to generate completion interrupts (Ajaykumar Hotchandani) [Orabug: 28267050] [Orabug: 35180168] - xscore: add dma address check (Zhu Yanjun) [Orabug: 27074085] [Orabug: 35180168] - xsigo: PCA 2.3.1 Compute Node panics in xve_create_arp+430 (Pradeep Gopanapalli) [Orabug: 26474000] [Orabug: 35180168] - xsigo: UEK4-master:poor performance discovering 256 FC LUNs w/4 paths per LUN (Pradeep Gopanapalli) [Orabug: 26199177] [Orabug: 35180168] - xsigo: Compute node crash on FC failover (Pradeep Gopanapalli) [Orabug: 25981973] [Orabug: 35180168] - xsigo: Fix spinlock release in case of error (Pradeep Gopanapalli) [Orabug: 25779803] [Orabug: 35180168] - xsigo: Optimize xsvnic module parameters for UEK4 (Pradeep Gopanapalli) [Orabug: 25779865] [Orabug: 35180168] - xsigo: Fix crash in accessing xve proc l2 entries (Pradeep Gopanapalli) [Orabug: 25165085] [Orabug: 35180168] - xsigo: Fix race in freeing aged Forwarding table entry (Pradeep Gopanapalli) [Orabug: 25129729] [Orabug: 35180168] - xsigo: Schedule while uninterruptible (Pradeep Gopanapalli) [Orabug: 25097469] [Orabug: 35180168] - xsigo: supported SGE's for LSO QP (Pradeep Gopanapalli) [Orabug: 25029868] [Orabug: 35180168] - xsigo: Hardening driver in handling remote QP failures (Pradeep Gopanapalli) [Orabug: 24929076] [Orabug: 35180168] - xsigo: send nack codes (Pradeep Gopanapalli) [Orabug: 24442792] [Orabug: 35180168] - xsigo: xve driver has excessive messages (Pradeep Gopanapalli) [Orabug: 24758335] [Orabug: 35180168] - xsigo:hard LOCKUP in freeing paths (Pradeep Gopanapalli) [Orabug: 24669507] [Orabug: 35180168] - xsigo: Crash in xscore_port_num (Pradeep Gopanapalli) [Orabug: 24760465] [Orabug: 35180168] - xsigo: Resize uVNIC/PVI CQ size (Pradeep Gopanapalli) [Orabug: 24765034] [Orabug: 35180168] - xsigo: Optimizing Transmit completions (Pradeep Gopanapalli) [Orabug: 24928865] [Orabug: 35180168] - xsigo: Implementing Jumbo MTU support (Pradeep Gopanapalli) [Orabug: 24928804] [Orabug: 35180168] - xsigo: EoiB QP support (Pradeep Gopanapalli) [Orabug: 24508359] [Orabug: 35180168] - xsigo: Send Heart Beat Lost Operational state (Pradeep Gopanapalli) [Orabug: 23032392] [Orabug: 35180168] - xsigo: SKB Frag cleanup (Pradeep Gopanapalli) [Orabug: 23514725] [Orabug: 35180168] - xsigo: Tx_tail goes outof bound (Pradeep Gopanapalli) [Orabug: 23514725] [Orabug: 35180168] - xsigo: Fixed Path locking issues (Pradeep Gopanapalli) [Orabug: 23514725] [Orabug: 35180168] - Fixed vnic issue after saturn reset (Pradeep Gopanapalli) [Orabug: 22862488] [Orabug: 35180168] - uvnic issues (Pradeep Gopanapalli) [Orabug: 22862488] [Orabug: 35180168] - Fixed wrongly checked return type Added Debug print (Pradeep Gopanapalli) [Orabug: 22862488] [Orabug: 35180168] - Integrate Uvnic functionality into uek-4.1 Revision 8008 (Pradeep Gopanapalli) [Orabug: 35180168] - 1) S_IRWXU causing kernel soft crash changing to 0644 (Pradeep Gopanapalli) [Orabug: 35180168] - 1) Support vnic for EDR based platform(uVnic) 2) Supported Types now Type 0 (Pradeep Gopanapalli) [Orabug: 35180168] - Add Oracle virtual Networking Drivers for uek4 kernel (Pradeep Gopanapalli) [Orabug: 35180168] [5.4.17-2136.336.4.el8uek] - igb: Fix not clearing TimeSync interrupts for 82580 (Daiwei Li) - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (David Fernandez Gonzalez) [Orabug: 37037205] {CVE-2024-46738} - x86/speculation: Basic IBRS is enabled with AMD Automatic IBRS (Alexandre Chartre) [Orabug: 37044540] [5.4.17-2136.336.3.el8uek] - CompilerAttributes: Add __uninitialized macro (Heiko Carstens) - filelock: Correct the filelock owner in fcntl_setlk/fcntl_setlk64 (Long Li) - ALSA: timer: Relax start tick time check for slave timer elements (Takashi Iwai) - ALSA: hda/realtek: Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (Parsa Poorshikhian) - LTS tag: v5.4.282 (Sherry Yang) - media: Revert "media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()" (Sean Young) - ARM: dts: imx6qdl-kontron-samx6i: fix phy-mode (Michael Walle) - nvme/pci: Add APST quirk for Lenovo N60z laptop (WangYuli) - exec: Fix ToCToU between perm check and set-uid/gid usage (Kees Cook) [Orabug: 36984017] {CVE-2024-43882} - media: uvcvideo: Use entity get_cur in uvc_ctrl_set (Yunke Cao) - arm64: cpufeature: Fix the visibility of compat hwcaps (Amit Daniel Kachhap) - drm/i915/gem: Fix Virtual Memory mapping boundaries calculation (Andi Shyti) [Orabug: 36953969] {CVE-2024-42259} - netfilter: nf_tables: prefer nft_chain_validate (Florian Westphal) [Orabug: 36896846] {CVE-2024-41042} - netfilter: nf_tables: use timestamp to check for set element timeout (Pablo Neira Ayuso) [Orabug: 36630432] {CVE-2024-27397} - netfilter: nf_tables: set element extended ACK reporting support (Pablo Neira Ayuso) - kbuild: Fix '-S -c' in x86 stack protector scripts (Nathan Chancellor) - Fix gcc 4.9 build issue in 5.4.y (Jari Ruusu) - drm/mgag200: Set DDC timeout in milliseconds (Thomas Zimmermann) - drm/bridge: analogix_dp: properly handle zero sized AUX transactions (Lucas Stach) - x86/mtrr: Check if fixed MTRRs exist before saving them (Andi Kleen) [Orabug: 37028936] {CVE-2024-44948} - tracing: Fix overflow in get_free_elt() (Tze-nan Wu) [Orabug: 36992998] {CVE-2024-43890} - power: supply: axp288_charger: Round constant_charge_voltage writes down (Hans de Goede) - power: supply: axp288_charger: Fix constant_charge_voltage writes (Hans de Goede) - genirq/irqdesc: Honor caller provided affinity in alloc_desc() (Shay Drory) - serial: core: check uartclk for zeroto avoid divide by zero (George Kennedy) [Orabug: 36993009] {CVE-2024-43893} - scsi: mpt3sas: Avoid IOMMU page faults on REPORT ZONES (Damien Le Moal) - ntp: Safeguard against time_constant overflow (Justin Stitt) - ntp: Clamp maxerror and esterror to operating range (Justin Stitt) - tick/broadcast: Move per CPU pointer access into the atomic section (Thomas Gleixner) [Orabug: 37036032] {CVE-2024-44968} - scsi: ufs: core: Fix hba-> last_dme_cmd_tstamp timestamp updating logic (Vamshi Gajjela) - usb: gadget: core: Check for unset descriptor (Chris Wulff) [Orabug: 37028988] {CVE-2024-44960} - USB: serial: debug: do not echo input by default (Marek Marczykowski-Górecki) - usb: vhci-hcd: Do not drop references before new references are gained (Oliver Neukum) [Orabug: 36992971] {CVE-2024-43883} - ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (Takashi Iwai) - ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (Steven 'Steve' Kendall) - ALSA: line6: Fix racy access to midibuf (Takashi Iwai) [Orabug: 37028957] {CVE-2024-44954} - drm/client: fix null pointer dereference in drm_client_modeset_probe (Ma Ke) [Orabug: 36993014] {CVE-2024-43894} - spi: spi-fsl-lpspi: Fix scldiv calculation (Stefan Wahren) - spi: fsl-lpspi: remove unneeded array (Oleksandr Suvorov) - bpf: kprobe: remove unused declaring of bpf_kprobe_override (Menglong Dong) - i2c: smbus: Send alert notifications to all devices if source not found (Guenter Roeck) - i2c: smbus: Improve handling of stuck alerts (Guenter Roeck) - i2c: smbus: Don't filter out duplicate alerts (Corey Minyard) - arm64: errata: Expand speculative SSBS workaround (again) (Mark Rutland) - arm64: cputype: Add Cortex-A725 definitions (Mark Rutland) - arm64: cputype: Add Cortex-X1C definitions (Mark Rutland) - arm64: errata: Expand speculative SSBS workaround (Mark Rutland) - arm64: errata: Unify speculative SSBS errata logic (Mark Rutland) - arm64: cputype: Add Cortex-X925 definitions (Mark Rutland) - arm64: cputype: Add Cortex-A720definitions (Mark Rutland) - arm64: cputype: Add Cortex-X3 definitions (Mark Rutland) - arm64: errata: Add workaround for Arm errata 3194386 and 3312417 (Mark Rutland) - arm64: cputype: Add Neoverse-V3 definitions (Mark Rutland) - arm64: cputype: Add Cortex-X4 definitions (Mark Rutland) - arm64: Add Neoverse-V2 part (Besar Wicaksono) - arm64: cpufeature: Force HWCAP to be based on the sysreg visible to user-space (James Morse) - ext4: fix wrong unit use in ext4_mb_find_by_goal (Kemeng Shi) - SUNRPC: Fix a race to wake a sync task (Benjamin Coddington) - s390/sclp: Prevent release of buffer in I/O (Peter Oberparleiter) [Orabug: 37029020] {CVE-2024-44969} - jbd2: avoid memleak in jbd2_journal_write_metadata_buffer (Kemeng Shi) - media: uvcvideo: Fix the bandwdith quirk on USB 3.x (Michal Pecio) - media: uvcvideo: Ignore empty TS packets (Ricardo Ribalda) - drm/amdgpu: Fix the null pointer dereference to ras_manager (Ma Jun) [Orabug: 36993084] {CVE-2024-43908} - btrfs: fix bitmap leak when loading free space cache on duplicate entry (Filipe Manana) - wifi: nl80211: don't give key data to userspace (Johannes Berg) - udf: prevent integer overflow in udf_bitmap_free_blocks() (Roman Smirnov) - PCI: Add Edimax Vendor ID to pci_ids.h (FUJITA Tomonori) - selftests/bpf: Fix send_signal test with nested CONFIG_PARAVIRT (Yonghong Song) - ACPI: SBS: manage alarm sysfs attribute through psy core (Thomas WeiÃschuh) - ACPI: battery: create alarm sysfs attribute atomically (Thomas WeiÃschuh) - clocksource/drivers/sh_cmt: Address race condition for clock events (Niklas Söderlund) - md/raid5: avoid BUG_ON() while continue reshape after reassembling (Yu Kuai) [Orabug: 36993127] {CVE-2024-43914} - net: fec: Stop PPS on driver remove (Csókás, Bence) - Bluetooth: l2cap: always unlock channel in l2cap_conless_channel() (Dmitry Antipov) - net: linkwatch: use system_unbound_wq (Eric Dumazet) - net: usb: qmi_wwan: fix memory leak for not ip packets (Daniele Palmas) [Orabug: 36983959] {CVE-2024-43861} -sctp: Fix null-ptr-deref in reuseport_add_sock(). (Kuniyuki Iwashima) [Orabug: 36993147] {CVE-2024-44935} - sctp: move hlist_node and hashent out of sctp_ep_common (Xin Long) - x86/mm: Fix pti_clone_pgtable() alignment assumption (Peter Zijlstra) [Orabug: 37029012] {CVE-2024-44965} - irqchip/mbigen: Fix mbigen node address layout (Yipeng Zou) - genirq: Allow irq_chip registration functions to take a const irq_chip (Marc Zyngier) - netfilter: ipset: Add list flush to cancel_gc (Alexander Maltsev) - net: usb: sr9700: fix uninitialized variable use in sr_mdio_read (Ma Ke) - ALSA: usb-audio: Correct surround channels in UAC1 channel map (Takashi Iwai) - protect the fetch of -> fd[fd] in do_dup2() from mispredictions (Al Viro) [Orabug: 36963808] {CVE-2024-42265} - HID: wacom: Modify pen IDs (Tatsunosuke Tobita) - ipv6: fix ndisc_is_useropt() handling for PIO (Maciej Å»enczykowski) - net/mlx5e: Add a check for the return value from mlx5_port_set_eth_ptys (Shahar Shitrit) - net/iucv: fix use after free in iucv_sock_close() (Alexandra Winter) [Orabug: 36964006] {CVE-2024-42271} - drm/vmwgfx: Fix overlay when using Screen Targets (Ian Forbes) - drm/nouveau: prime: fix refcount underflow (Danilo Krummrich) [Orabug: 36983979] {CVE-2024-43867} - remoteproc: imx_rproc: Skip over memory region when node value is NULL (Aleksandr Mishin) [Orabug: 36964537] {CVE-2024-43860} - remoteproc: imx_rproc: Fix ignoring mapping vdev regions (Dong Aisheng) - remoteproc: imx_rproc: ignore mapping vdev regions (Peng Fan) - irqchip/imx-irqsteer: Handle runtime power management correctly (Shenwei Wang) [Orabug: 36964085] {CVE-2024-42290} - irqchip/imx-irqsteer: Add runtime PM support (Lucas Stach) - irqchip/imx-irqsteer: Constify irq_chip struct (Lucas Stach) - genirq: Allow the PM device to originate from irq domain (Marc Zyngier) - devres: Fix memory leakage caused by driver API devm_free_percpu() (Zijun Hu) [Orabug: 36983991] {CVE-2024-43871} - driver core: Cast to (void *) with __force for __percpu pointer (AndyShevchenko) - dev/parport: fix the array out-of-bounds risk (tuhaowen) [Orabug: 36964223] {CVE-2024-42301} - parport: Standardize use of printmode (Joe Perches) to pr_ ( (Joe Perches) - PCI: rockchip: Use GPIOD_OUT_LOW flag while requesting ep_gpio (Manivannan Sadhasivam) - PCI: rockchip: Make 'ep-gpios' DT property optional (Chen-Yu Tsai) - mm: avoid overflows in dirty throttling logic (Jan Kara) [Orabug: 36897803] {CVE-2024-42131} - nvme-pci: add missing condition check for existence of mapped data (Leon Romanovsky) [Orabug: 36964022] {CVE-2024-42276} - ASoC: Intel: use soc_intel_is_byt_cr() only when IOSF_MBI is reachable (Pierre-Louis Bossart) - ASoC: Intel: Move soc_intel_is_foo() helpers to a generic header (Hans de Goede) - ASoC: Intel: Convert to new X86 CPU match macros (Thomas Gleixner) - powerpc: fix a file leak in kvm_vcpu_ioctl_enable_cap() (Al Viro) - apparmor: Fix null pointer deref when receiving skb during sock creation (Xiao Liang) - mISDN: Fix a use after free in hfcmulti_tx() (Dan Carpenter) [Orabug: 36964032] {CVE-2024-42280} - bpf: Fix a segment issue when downgrading gso_size (Fred Li) [Orabug: 36964038] {CVE-2024-42281} - net: nexthop: Initialize all fields in dumped nexthops (Petr Machata) [Orabug: 36964044] {CVE-2024-42283} - tipc: Return non-zero value from tipc_udp_addr2str() on error (Shigeru Yoshida) [Orabug: 36964047] {CVE-2024-42284} - net: bonding: correctly annotate RCU in bond_should_notify_peers() (Johannes Berg) - ipv4: Fix incorrect source address in Record Route option (Ido Schimmel) - MIPS: SMP-CPS: Fix address for GCR_ACCESS register for CM3 and later (Gregory CLEMENT) - dma: fix call order in dmam_free_coherent (Lance Richardson) [Orabug: 36964523] {CVE-2024-43856} - libbpf: Fix no-args func prototype BTF dumping syntax (Andrii Nakryiko) - um: time-travel: fix time-travel-start option (Johannes Berg) - jfs: Fix array-index-out-of-bounds in diFree (Jeongjun Park) [Orabug: 36964530] {CVE-2024-43858} - kdb: address -Wformat-security warnings (Arnd Bergmann) - nilfs2: handle inconsistent state in nilfs_btnode_create_block() (Ryusuke Konishi) [Orabug: 36964203] {CVE-2024-42295} - Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x13d3:0x3591 (WangYuli) - Bluetooth: btusb: Add RTL8852BE device 0489:e125 to device tables (Hilda Wu) - rbd: don't assume RBD_LOCK_STATE_LOCKED for exclusive mappings (Ilya Dryomov) - rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (Ilya Dryomov) - drm/panfrost: Mark simple_ondemand governor as softdep (Dragan Simic) - rbd: don't assume rbd_is_lock_owner() for exclusive mappings (Ilya Dryomov) - selftests/sigaltstack: Fix ppc64 GCC build (Michael Ellerman) - RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (Bart Van Assche) [Orabug: 36964054] {CVE-2024-42285} - platform: mips: cpu_hwmon: Disable driver on unsupported hardware (Jiaxun Yang) - watchdog/perf: properly initialize the turbo mode timestamp and rearm counter (Thomas Gleixner) - rtc: isl1208: Fix return value of nvmem callbacks (Joy Chakraborty) - perf/x86/intel/pt: Fix a topa_entry base address calculation (Adrian Hunter) - perf/x86/intel/pt: Fix topa_entry base length (Marco Cavenati) - scsi: qla2xxx: validate nvme_local_port correctly (Nilesh Javali) [Orabug: 36964059] {CVE-2024-42286} - scsi: qla2xxx: Complete command early within lock (Shreyas Deodhar) [Orabug: 36964065] {CVE-2024-42287} - scsi: qla2xxx: Fix for possible memory corruption (Shreyas Deodhar) [Orabug: 36964070] {CVE-2024-42288} - scsi: qla2xxx: During vport delete send async logout explicitly (Manish Rangankar) [Orabug: 36964080] {CVE-2024-42289} - rtc: cmos: Fix return value of nvmem callbacks (Joy Chakraborty) - kobject_uevent: Fix OOB access within zap_modalias_env() (Zijun Hu) [Orabug: 36964092] {CVE-2024-42292} - decompress_bunzip2: fix rare decompression failure (Ross Lagerwall) - ubi: eba: properly rollback inside self_check_eba (Fedor Pchelkin) - clk: davinci: da8xx-cfgchip: Initialize clk_init_data before use (Bastien Curutchet) - f2fs: fix to don't dirty inode forreadonly filesystem (Chao Yu) [Orabug: 36964213] {CVE-2024-42297} - scsi: qla2xxx: Return ENOBUFS if sg_cnt is more than one for ELS cmds (Saurav Kashyap) - binder: fix hang of unregistered readers (Carlos Llamas) - PCI: hv: Return zero, not garbage, when reading PCI_INTERRUPT_PIN (Wei Liu) - hwrng: amd - Convert PCIBIOS_* return codes to errnos (Ilpo Järvinen) - tools/memory-model: Fix bug in lock.cat (Alan Stern) - leds: ss4200: Convert PCIBIOS_* return codes to errnos (Ilpo Järvinen) - wifi: mwifiex: Fix interface type change (Rafael Beims) - ext4: make sure the first directory block is not a hole (Baokun Li) [Orabug: 36964232] {CVE-2024-42304} - ext4: check dot and dotdot of dx_root before making dir indexed (Baokun Li) [Orabug: 36964237] {CVE-2024-42305} - m68k: amiga: Turn off Warp1260 interrupts during boot (Paolo Pisati) - udf: Avoid using corrupted block bitmap buffer (Jan Kara) [Orabug: 36964242] {CVE-2024-42306} - drm/amd/display: Check for NULL pointer (Sung Joon Kim) [Orabug: 36964247] {CVE-2024-42308} - drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes (Ma Ke) [Orabug: 36964253] {CVE-2024-42309} - drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes (Ma Ke) [Orabug: 36964260] {CVE-2024-42310} - hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (Chao Yu) [Orabug: 36964265] {CVE-2024-42311} - media: venus: fix use after free in vdec_close (Dikshita Agarwal) [Orabug: 36964275] {CVE-2024-42313} - char: tpm: Fix possible memory leak in tpm_bios_measurements_open() (Joe Hattori) - ipv6: take care of scope when choosing the src addr (Nicolas Dichtel) - af_packet: Handle outgoing VLAN packets without hardware offloading (Chengen Du) - net: netconsole: Disable target before netpoll cleanup (Breno Leitao) - tick/broadcast: Make takeover of broadcast hrtimer reliable (Yu Liao) - rtc: interface: Add RTC offset to alarm after fix-up (Csókás, Bence) - nilfs2: avoid undefined behavior in nilfs_cnt32_ge macro (Ryusuke Konishi) -fs/nilfs2: remove some unused macros to tame gcc (Alex Shi) - pinctrl: freescale: mxs: Fix refcount of child (Peng Fan) - netfilter: ctnetlink: use helper function to calculate expect ID (Pablo Neira Ayuso) [Orabug: 37013755] {CVE-2024-44944} - bnxt_re: Fix imm_data endianness (Jack Wang) - macintosh/therm_windtunnel: fix module unload. (Nick Bowler) - powerpc/xmon: Fix disassembly CPU feature checks (Michael Ellerman) - Input: elan_i2c - do not leave interrupt disabled on suspend failure (Dmitry Torokhov) - RDMA/device: Return error earlier if port in not valid (Leon Romanovsky) - mtd: make mtd_test.c a separate module (Arnd Bergmann) - ASoC: max98088: Check for clk_prepare_enable() error (Chen Ni) - RDMA/rxe: Don't set BTH_ACK_MASK for UC or UD QPs (Honggang LI) - RDMA/mlx4: Fix truncated output warning in alias_GUID.c (Leon Romanovsky) - RDMA/mlx4: Fix truncated output warning in mad.c (Leon Romanovsky) - Input: qt1050 - handle CHIP_ID reading error (Andrei Lalaev) - PCI: Fix resource double counting on remove & rescan (Ilpo Järvinen) - SUNRPC: Fixup gss_status tracepoint error output (Benjamin Coddington) - sparc64: Fix incorrect function signature and add prototype for prom_cif_init (Andreas Larsson) - ext4: avoid writing unitialized memory to disk in EA inodes (Jan Kara) - SUNRPC: avoid soft lockup when transmitting UDP to reachable server. (NeilBrown) - mfd: omap-usb-tll: Use struct_size to allocate tll (Javier Carrasco) - drm/qxl: Add check for drm_cvt_mode (Chen Ni) [Orabug: 36964456] {CVE-2024-43829} - drm/etnaviv: fix DMA direction handling for cached RW buffers (Lucas Stach) - perf report: Fix condition in sort__sym_cmp() (Namhyung Kim) - leds: trigger: Unregister sysfs attributes before calling deactivate() (Hans de Goede) [Orabug: 36964459] {CVE-2024-43830} - media: renesas: vsp1: Store RPF partition configuration per RPF instance (Laurent Pinchart) - media: renesas: vsp1: Fix _irqsave and _irq mix (Laurent Pinchart) - media: uvcvideo: Override default flags (DanielSchaefer) - media: uvcvideo: Allow entity-defined get_info and get_cur (Ricardo Ribalda) - saa7134: Unchecked i2c_transfer function result fixed (Aleksandr Burakov) - media: imon: Fix race getting ictx-> lock (Ricardo Ribalda) - media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control() (Zheng Yejian) - USB: move snd_usb_pipe_sanity_check into the USB core (Greg Kroah-Hartman) - selftests: forwarding: devlink_lib: Wait for udev events after reloading (Amit Cohen) - bna: adjust 'name' buf size of bna_tcb and bna_ccb structures (Alexey Kodanev) [Orabug: 36964480] {CVE-2024-43839} - wifi: virt_wifi: don't use strlen() in const context (Johannes Berg) - gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (Gaosheng Cui) - wifi: virt_wifi: avoid reporting connection success with wrong SSID (En-Wei Wu) [Orabug: 36964487] {CVE-2024-43841} - qed: Improve the stack space of filter_config() (Shai Malin) - perf: Prevent passing zero nr_pages to rb_alloc_aux() (Adrian Hunter) - perf: Fix perf_aux_size() for greater-than 32-bit size (Adrian Hunter) - perf/x86/intel/pt: Fix pt_topa_entry_for_page() address calculation (Adrian Hunter) - netfilter: nf_tables: rise cap on SELinux secmark context (Pablo Neira Ayuso) - net: fec: Fix FEC_ECR_EN1588 being cleared on link-down (Csókás, Bence) - net: fec: Refactor: #define magic constants (Csókás Bence) - wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (Baochen Qiang) [Orabug: 36984010] {CVE-2024-43879} - wifi: cfg80211: fix typo in cfg80211_calculate_bitrate_he() (Baochen Qiang) - mlxsw: spectrum_acl_erp: Fix object nesting warning (Ido Schimmel) [Orabug: 36984013] {CVE-2024-43880} - lib: objagg: Fix general protection fault (Ido Schimmel) [Orabug: 36964495] {CVE-2024-43846} - selftests/bpf: Check length of recv in test_sockmap (Geliang Tang) - net/smc: set rmb's SG_MAX_SINGLE_ALLOC limitation only when CONFIG_ARCH_NO_SG_CHAIN is defined (Guangguan Wang) - net/smc: Allow SMC-D 1MB DMBallocations (Stefan Raspl) - wifi: brcmsmac: LCN PHY code is used for BCM4313 2G-only device (Samasth Norway Ananda) - firmware: turris-mox-rwtm: Initialize completion before mailbox (Marek Behún) - firmware: turris-mox-rwtm: Fix checking return value of wait_for_completion_timeout() (Marek Behún) - m68k: cmpxchg: Fix return value for default case in __arch_xchg() (Thorsten Blum) - x86/xen: Convert comma to semicolon (Chen Ni) - m68k: atari: Fix TT bootup freeze / unexpected (SCU) interrupt messages (Eero Tamminen) - arm64: dts: amlogic: gx: correct hdmi clocks (Jerome Brunet) - arm64: dts: mediatek: mt7622: fix "emmc" pinctrl mux (RafaÅ MiÅecki) - ARM: dts: imx6qdl-kontron-samx6i: fix PCIe reset polarity (Michael Walle) - ARM: dts: imx6qdl-kontron-samx6i: fix board reset (Michael Walle) - ARM: dts: imx6qdl-kontron-samx6i: fix PHY reset (Michael Walle) - ARM: dts: imx6qdl-kontron-samx6i: move phy reset into phy-node (Marco Felsch) - arm64: dts: rockchip: Increase VOP clk rate on RK3328 (Jonas Karlman) - arm64: dts: qcom: msm8996: specify UFS core_clk frequencies (Dmitry Baryshkov) - arm64: dts: qcom: sdm845: add power-domain to UFS PHY (Dmitry Baryshkov) - hwmon: (max6697) Fix swapped temp{1,8} critical alarms (Guenter Roeck) - hwmon: (max6697) Fix underflow when writing limit attributes (Guenter Roeck) - pwm: stm32: Always do lazy disabling (Uwe Kleine-König) - hwmon: (adt7475) Fix default duty on fan is disabled (Wayne Tung) - x86/platform/iosf_mbi: Convert PCIBIOS_* return codes to errnos (Ilpo Järvinen) - x86/pci/xen: Fix PCIBIOS_* return code handling (Ilpo Järvinen) - x86/pci/intel_mid_pci: Fix PCIBIOS_* return code handling (Ilpo Järvinen) - x86/of: Return consistent error type from x86_of_pci_irq_enable() (Ilpo Järvinen) - hfsplus: fix to avoid false alarm of circular locking (Chao Yu) - platform/chrome: cros_ec_debugfs: fix wrong EC message version (Tzung-Bi Shih) - LTS tag: v5.4.281 (Sherry Yang) - tap: add missing verification for short frame(Si-Wei Liu) [Orabug: 36660755] {CVE-2024-41090} - tun: add missing verification for short frame (Dongli Zhang) [Orabug: 36660755] {CVE-2024-41091} - filelock: Fix fcntl/close race recovery compat path (Jann Horn) [Orabug: 36896789] {CVE-2024-41020} {CVE-2024-41012} - ALSA: hda/realtek: Enable headset mic on Positivo SU C1400 (Edson Juliano Drosdeck) - jfs: don't walk off the end of ealist (lei lu) [Orabug: 36891667] {CVE-2024-41017} - ocfs2: add bounds checking to ocfs2_check_dir_entry() (lei lu) [Orabug: 36891655] {CVE-2024-41015} - ACPI: processor_idle: Fix invalid comparison with insertion sort for latency (Kuan-Wei Chiu) - ARM: 9324/1: fix get_user() broken with veneer (Masahiro Yamada) - hfsplus: fix uninit-value in copy_name (Edward Adam Davis) [Orabug: 36896969] {CVE-2024-41059} - selftests/vDSO: fix clang build errors and warnings (John Hubbard) - spi: imx: Don't expect DMA for i.MX{25,35,50,51,53} cspi devices (Uwe Kleine-König) - fs: better handle deep ancestor chains in is_subdir() (Christian Brauner) - Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (Tetsuo Handa) [Orabug: 36896994] {CVE-2024-41063} - scsi: libsas: Fix exp-attached device scan after probe failure scanned in again after probe failed (Xingui Yang) - powerpc/eeh: avoid possible crash when edev-> pdev changes (Ganesh Goudar) [Orabug: 36897003] {CVE-2024-41064} - powerpc/pseries: Whitelist dtl slub object for copying to userspace (Anjali K) [Orabug: 36897009] {CVE-2024-41065} - net: mac802154: Fix racy device stats updates by DEV_STATS_INC() and DEV_STATS_ADD() (Yunshui Jiang) - net: usb: qmi_wwan: add Telit FN912 compositions (Daniele Palmas) - ALSA: dmaengine_pcm: terminate dmaengine before synchronize (Shengjiu Wang) - s390/sclp: Fix sclp_init() cleanup on failure (Heiko Carstens) [Orabug: 36897032] {CVE-2024-41068} - can: kvaser_usb: fix return value for hif_usb_send_regout (Chen Ni) - ASoC: ti: omap-hdmi: Fix too long driver name (Primoz Fiser) - ASoC: ti: davinci-mcasp: Set min period size usingFIFO config (Jai Luthra) - bytcr_rt5640 : inverse jack detect for Archos 101 cesium (Thomas GENTY) - Input: elantech - fix touchpad state on resume for Lenovo N24 (Jonathan Denose) - mips: fix compat_sys_lseek syscall (Arnd Bergmann) - ALSA: hda/realtek: Add more codec ID to no shutup pins list (Kailang Yang) - KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (Michael Ellerman) [Orabug: 36897048] {CVE-2024-41070} - wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (Dmitry Antipov) [Orabug: 36897312] {CVE-2024-41072} - mei: demote client disconnect warning on suspend to debug (Alexander Usyskin) - fs/file: fix the check in find_next_fd() (Yuntao Wang) - kconfig: remove wrong expr_trans_bool() (Masahiro Yamada) - kconfig: gconf: give a proper initial state to the Save button (Masahiro Yamada) - ila: block BH in ila_output() (Eric Dumazet) [Orabug: 36897360] {CVE-2024-41081} - Input: silead - Always support 10 fingers (Hans de Goede) - wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan() (Dmitry Antipov) - wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata (Nicolas Escande) - ACPI: EC: Avoid returning AE_OK on errors in address space handler (Armin Wolf) - ACPI: EC: Abort address space access upon error (Armin Wolf) - scsi: qedf: Set qed_slowpath_params to zero before use (Saurav Kashyap) - filelock: Remove locks reliably when fcntl/close race is detected (Jann Horn) [Orabug: 36874758] {CVE-2024-41012} {CVE-2024-41020} - gcc-plugins: Rename last_stmt() for GCC 14+ (Kees Cook) [5.4.17-2136.336.2.el8uek] - mm: Only enable HVO under UEK6 for Exadata system (Jane Chu) [Orabug: 36990830] - mm: delete redundent old PageCompound() macro (Jane Chu) [Orabug: 36990830] [5.4.17-2136.336.1.el8uek] - mm/hwpoison: put page in already hwpoisoned case with MF_COUNT_INCREASED (Naoya Horiguchi) [Orabug: 36947110] - mm/memory-failure: send SIGBUS in the event of thp split fail (Jane Chu) [Orabug: 36947110] - mm/memory-failure: move hwpoison_filter() higherup (Jane Chu) [Orabug: 36947110] - mm/memory-failure: improve memory failure action_result messages (Jane Chu) [Orabug: 36947110] - mm/madvise: add MF_ACTION_REQUIRED to madvise(MADV_HWPOISON) (Jane Chu) [Orabug: 36947110] - mm/memory-failure: try to send SIGBUS even if unmap failed (Jane Chu) [Orabug: 36947110] - mm: memory-failure: cleanup try_to_split_thp_page() (Kefeng Wang) [Orabug: 36947110] - mm,hwpoison: introduce MF_MSG_UNSPLIT_THP (Naoya Horiguchi) [Orabug: 36947110] - KVM/x86: Do not clear SIPI while in SMM (Boris Ostrovsky) [Orabug: 36401960] _______________________________________________ El-errata mailing list
Oct 15, 2024
•Critical
Oracle
217
security advisorycriticalsystem patchOracle Linux 7 ELSA-2024-12779 critical: kernel security fixes
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-12779 http://linux.oracle.com/errata/ELSA-2024-12779.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: kernel-uek-4.14.35-2047.541.4.1.el7uek.x86_64.rpm kernel-uek-debug-4.14.35-2047.541.4.1.el7uek.x86_64.rpm kernel-uek-debug-devel-4.14.35-2047.541.4.1.el7uek.x86_64.rpm kernel-uek-devel-4.14.35-2047.541.4.1.el7uek.x86_64.rpm kernel-uek-tools-4.14.35-2047.541.4.1.el7uek.x86_64.rpm kernel-uek-doc-4.14.35-2047.541.4.1.el7uek.noarch.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates//kernel-uek-4.14.35-2047.541.4.1.el7uek.src.rpm Related CVEs: CVE-2022-3566 CVE-2022-3567 CVE-2023-52803 CVE-2024-36894 CVE-2024-36905 CVE-2024-37078 CVE-2024-38619 CVE-2024-39469 CVE-2024-39487 CVE-2024-39499 CVE-2024-39501 CVE-2024-39509 CVE-2024-40901 CVE-2024-40902 CVE-2024-40904 CVE-2024-40912 CVE-2024-40932 CVE-2024-40941 CVE-2024-40942 CVE-2024-40943 CVE-2024-40959 CVE-2024-40974 CVE-2024-40978 CVE-2024-40981 CVE-2024-40987 CVE-2024-40988 CVE-2024-41006 CVE-2024-41034 CVE-2024-41035 CVE-2024-41044 CVE-2024-41046 CVE-2024-41089 CVE-2024-41095 CVE-2024-41097 CVE-2024-42070 CVE-2024-42084 CVE-2024-42089 CVE-2024-42090 CVE-2024-42094 CVE-2024-42096 CVE-2024-42097 CVE-2024-42101 CVE-2024-42104 CVE-2024-42105 CVE-2024-42106 CVE-2024-42115 CVE-2024-42143 CVE-2024-42145 CVE-2024-42148 CVE-2024-42153 CVE-2024-42154 CVE-2024-42157 CVE-2024-42223 CVE-2024-42224 CVE-2024-42232 CVE-2024-42236 CVE-2024-44952 CVE-2024-46738 Description of changes: [4.14.35-2047.541.4.1.el7uek] - vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (Haoran Zhang) [Orabug: 37137499] [4.14.35-2047.541.4.el7uek] - selftests: make order checking verbose in msg_zerocopy selftest (Zijian Zhang) [Orabug: 37063821] - selftests: fix OOM in msg_zerocopy selftest (Zijian Zhang) [Orabug: 37063821] - Revert "selftests/net: reap zerocopy completionspassed up as ancillary data." (Harshit Mogalapalli) [Orabug: 37063821] - Revert "selftests: fix OOM in msg_zerocopy selftest" (Harshit Mogalapalli) [Orabug: 37063821] - Revert "selftests: make order checking verbose in msg_zerocopy selftest" (Harshit Mogalapalli) [Orabug: 37063821] [4.14.35-2047.541.3.el7uek] - ALSA: timer: Relax start tick time check for slave timer elements (Takashi Iwai) - driver core: Fix uevent_show() vs driver detach race (Dan Williams) [Orabug: 37029154] {CVE-2024-44952} - VMCI: Fix use-after-free when removing resource in vmci_resource_remove() (David Fernandez Gonzalez) [Orabug: 37037206] {CVE-2024-46738} [4.14.35-2047.541.2.el7uek] - Revert "selftests/mm: conform test to TAP format output" (Samasth Norway Ananda) [Orabug: 36997529] - Revert "selftests/kcmp: Make the test output consistent and clear" (Samasth Norway Ananda) [Orabug: 36997529] [4.14.35-2047.541.1.el7uek] - LTS version v4.14.351 (Yifei Liu) - i2c: rcar: bring hardware to known state when probing (Wolfram Sang) - nilfs2: fix kernel bug on rename operation of broken directory (Ryusuke Konishi) [Orabug: 36896822] {CVE-2024-41034} - tcp: use signed arithmetic in tcp_rtx_probe0_timed_out() (Eric Dumazet) - libceph: fix race between delayed_work() and ceph_monc_stop() (Ilya Dryomov) [Orabug: 36930130] {CVE-2024-42232} - hpet: Support 32-bit userspace (He Zhe) - USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (Alan Stern) [Orabug: 36896827] {CVE-2024-41035} - usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() (Lee Jones) [Orabug: 36930140] {CVE-2024-42236} - USB: Add USB_QUIRK_NO_SET_INTF quirk for START BP-850k (WangYuli) - USB: serial: option: add Rolling RW350-GL variants (Vanillan Wang) - USB: serial: option: add Netprisma LCUK54 series modules (Mank Wang) - USB: serial: option: add support for Foxconn T99W651 (Slark Xiao) - USB: serial: option: add Fibocom FM350-GL (Bjørn Mork) - USB: serial: option: add Telit FN912 rmnet compositions (Daniele Palmas) - USB: serial: option: add Telit generic core-dump composition (Daniele Palmas) - ARM: davinci: Convert comma to semicolon (Chen Ni) - ppp: reject claimed-as-LCP but actually malformed packets (Dmitry Antipov) [Orabug: 36896857] {CVE-2024-41044} - net: ethernet: lantiq_etop: fix double free in detach (Aleksander Jan Bajkowski) [Orabug: 36896864] {CVE-2024-41046} - net: lantiq_etop: add blank line after declaration (Aleksander Jan Bajkowski) - tcp: fix incorrect undo caused by DSACK of TLP retransmit (Neal Cardwell) - nilfs2: fix incorrect inode allocation from reserved inodes (Ryusuke Konishi) - i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr (Piotr Wojtaszczyk) [Orabug: 36897910] {CVE-2024-42153} - i2c/busses: Convert timers to use timer_setup() (Kees Cook) - i2c: pnx: move header into the driver (Wolfram Sang) - media: dw2102: fix a potential buffer overflow (Mauro Carvalho Chehab) - bnx2x: Fix multiple UBSAN array-index-out-of-bounds (Ghadi Elie Rahme) [Orabug: 36897887] {CVE-2024-42148} - drm/amdgpu/atomfirmware: silence UBSAN warning (Alex Deucher) - drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes (Ma Ke) [Orabug: 36897641] {CVE-2024-42101} - fsnotify: Do not generate events for O_PATH file descriptors (Jan Kara) - Bluetooth: Fix incorrect pointer arithmatic in ext_adv_report_evt (Jaganath Kanakkassery) - mm: optimize the redundant loop of mm_update_owner_next() (Jinliang Zheng) - nilfs2: add missing check for inode numbers on directory entries (Ryusuke Konishi) [Orabug: 36897653] {CVE-2024-42104} - nilfs2: fix inode number range checks (Ryusuke Konishi) [Orabug: 36897659] {CVE-2024-42105} - inet_diag: Initialize pad field in struct inet_diag_req_v2 (Shigeru Yoshida) [Orabug: 36897667] {CVE-2024-42106} - selftests: make order checking verbose in msg_zerocopy selftest (Zijian Zhang) - selftests: fix OOM in msg_zerocopy selftest (Zijian Zhang) - selftests/net: reap zerocopy completions passed up as ancillary data. (Sowmini Varadhan) -bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (Sam Sun) [Orabug: 36825249] {CVE-2024-39487} - tcp_metrics: validate source addr length (Jakub Kicinski) [Orabug: 36897917] {CVE-2024-42154} - UPSTREAM: tcp: fix DSACK undo in fast recovery to call tcp_try_to_open() (Neal Cardwell) - s390/pkey: Wipe sensitive data on failure (Holger Dengler) [Orabug: 36897935] {CVE-2024-42157} - jffs2: Fix potential illegal address access in jffs2_free_inode (Wang Yong) [Orabug: 36897698] {CVE-2024-42115} - powerpc/xmon: Check cpu id in commands "c#", "dp#" and "dx#" (Greg Kurz) - orangefs: fix out-of-bounds fsid access (Mike Marshall) [Orabug: 36897838] {CVE-2024-42143} - powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n (Michael Ellerman) - i2c: i801: Annotate apanel_addr as __ro_after_init (Heiner Kallweit) - media: dvb-frontends: tda10048: Fix integer overflow (Ricardo Ribalda) [Orabug: 36897977] {CVE-2024-42223} - media: s2255: Use refcount_t instead of atomic_t for num_channels (Ricardo Ribalda) - media: dvb-frontends: tda18271c2dd: Remove casting during div (Ricardo Ribalda) - net: dsa: mv88e6xxx: Correct check for empty list (Simon Horman) [Orabug: 36897983] {CVE-2024-42224} - Input: ff-core - prefer struct_size over open coded arithmetic (Erick Archer) - firmware: dmi: Stop decoding on broken entry (Jean Delvare) - sctp: prefer struct_size over open coded arithmetic (Erick Archer) - media: dw2102: Don't translate i2c read into write (Michael Bunk) - IB/core: Implement a limit on UMAD receive List (Michael Guralnik) [Orabug: 36897848] {CVE-2024-42145} - media: dvb-usb: dib0700_devices: Add missing release_firmware() (Ricardo Ribalda) - media: dvb: as102-fe: Fix as10x_register_addr packing (Ricardo Ribalda) - LTS version v4.14.350 (Yifei Liu) - SUNRPC: Fix RPC client cleaned up the freed pipefs dentries (felix) [Orabug: 36940548] {CVE-2023-52803} - arm64: dts: rockchip: Add sound-dai-cells for RK3368 (Alex Bee) - tcp: Fix data races around icsk-> icsk_af_ops. (KuniyukiIwashima) [Orabug: 34719867] {CVE-2022-3566} - ipv6: Fix data races around sk-> sk_prot. (Kuniyuki Iwashima) [Orabug: 34719907] {CVE-2022-3567} - ipv6: annotate some data-races around sk-> sk_prot (Eric Dumazet) - pwm: stm32: Refuse too small period requests (Uwe Kleine-König) - ftruncate: pass a signed offset (Arnd Bergmann) [Orabug: 36897559] {CVE-2024-42084} - batman-adv: Don't accept TT entries for out-of-spec VIDs (Vegard Nossum) - batman-adv: include gfp.h for GFP_* defines (Sven Eckelmann) - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes (Ma Ke) [Orabug: 36897381] {CVE-2024-41089} - drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes (Ma Ke) [Orabug: 36897446] {CVE-2024-41095} - hexagon: fix fadvise64_64 calling conventions (Arnd Bergmann) - tty: mcf: MCF54418 has 10 UARTS (Jean-Michel Hautbois) - usb: atm: cxacru: fix endpoint checking in cxacru_bind() (Nikita Zhandarovich) [Orabug: 36897452] {CVE-2024-41097} - usb: musb: da8xx: fix a resource leak in probe() (Dan Carpenter) - usb: gadget: printer: SS+ support (Oliver Neukum) - net: usb: ax88179_178a: improve link status logs (Jose Ignacio Tornos Martinez) - iio: adc: ad7266: Fix variable checking bug (Fernando Yang) - mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos (Ilpo Järvinen) - x86: stop playing stack games in profile_pc() (Linus Torvalds) [Orabug: 36897617] {CVE-2024-42096} - i2c: ocores: set IACK bit after core is enabled (Grygorii Tertychnyi) - i2c: ocores: stop transfer on timeout (Federico Vaga) - nvme: fixup comment for nvme RDMA Provider Type (Hannes Reinecke) - soc: ti: wkup_m3_ipc: Send NULL dummy message instead of pointer message (Andrew Davis) - media: dvbdev: Initialize sbuf (Ricardo Ribalda) - ALSA: emux: improve patch ioctl data validation (Oswald Buddenhagen) [Orabug: 36897626] {CVE-2024-42097} - net/iucv: Avoid explicit cpumask var allocation on stack (Dawei Li) [Orabug: 36897609] {CVE-2024-42094} - netfilter: nf_tables: fully validate NFT_DATA_VALUEon store to data registers (Pablo Neira Ayuso) [Orabug: 36897501] {CVE-2024-42070} - ASoC: fsl-asoc-card: set priv-> pdev before using it (Elinor Montmasson) [Orabug: 36897579] {CVE-2024-42089} - drm/amdgpu: fix UBSAN warning in kv_dpm.c (Alex Deucher) [Orabug: 36835993] {CVE-2024-40987} - pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set (Huang-Huang Bao) - pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins (Huang-Huang Bao) - pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins (Huang-Huang Bao) - pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (Hagar Hemdan) [Orabug: 36897587] {CVE-2024-42090} - usb: xhci: do not perform Soft Retry for some xHCI hosts (Stanislaw Gruszka) - xhci: Set correct transferred length for cancelled bulk transfers (Mathias Nyman) - xhci: Use soft retry to recover faster from transaction errors (Mathias Nyman) - usb: xhci: Remove ep_trb from xhci_cleanup_halted_endpoint() (Lu Baolu) - scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory (Breno Leitao) [Orabug: 36835697] {CVE-2024-40901} - scsi: mpt3sas: Gracefully handle online firmware update (Suganath Prabu) logging macros (Joe Perches) - iio: dac: ad5592r: fix temperature channel scaling value (Marc Ferland) - iio: dac: ad5592r: un-indent code-block for scale read (Alexandru Ardelean) - iio: dac: ad5592r-base: Replace indio_dev-> mlock with own device lock (Sergiu Cuciurean) - x86/amd_nb: Check for invalid SMN reads (Yazen Ghannam) - PCI: Add PCI_ERROR_RESPONSE and related definitions (Naveen Naidu) - ARM: dts: samsung: smdk4412: fix keypad no-autorepeat (Krzysztof Kozlowski) - ARM: dts: samsung: exynos4412-origen: fix keypad no-autorepeat (Krzysztof Kozlowski) - ARM: dts: samsung: smdkv310: fix keypad no-autorepeat (Krzysztof Kozlowski) - gcov: add support for GCC 14 (Peter Oberparleiter) - drm/radeon: fix UBSAN warning in kv_dpm.c (Alex Deucher) [Orabug: 36835998] {CVE-2024-40988} - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel isfine." (Raju Rangoju) - dmaengine: ioatdma: Fix missing kmem_cache_destroy() (Nikita Shubin) - regulator: core: Fix modpost error "regulator_get_regmap" undefined (Biju Das) - net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (Oliver Neukum) - virtio_net: checksum offloading handling fix (Heng Qi) - xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (Eric Dumazet) [Orabug: 36835853] {CVE-2024-40959} - netrom: Fix a memory leak in nr_heartbeat_expiry() (Gavrilov Ilia) [Orabug: 36836088] {CVE-2024-41006} - cipso: fix total option length computation (Ondrej Mosnacek) - MIPS: Routerboard 532: Fix vendor retry check code (Ilpo Järvinen) - udf: udftime: prevent overflow in udf_disk_stamp_to_time() (Roman Smirnov) - udf: Simplify calls to udf_disk_stamp_to_time (Deepa Dinamani) - udf: Sanitize nanoseconds for time stamps (Jan Kara) - usb: misc: uss720: check for incompatible versions of the Belkin F5U002 (Alex Henrie) - powerpc/io: Avoid clang null pointer arithmetic warnings (Michael Ellerman) - powerpc/pseries: Enforce hcall result buffer validity and size (Nathan Lynch) [Orabug: 36835927] {CVE-2024-40974} - scsi: qedi: Fix crash while reading debugfs attribute (Manish Rangankar) [Orabug: 36835948] {CVE-2024-40978} - batman-adv: bypass empty buckets in batadv_purge_orig_ref() (Eric Dumazet) [Orabug: 36835967] {CVE-2024-40981} - rcutorture: Fix rcu_torture_one_read() pipe_count overflow comment (Paul E. McKenney) - usb-storage: alauda: Check whether the media is initialized (Shichao Lai) [Orabug: 36753735] {CVE-2024-38619} - hugetlb_encode.h: fix undefined behaviour (34 sk_shutdown in sk_diag_fill(). (Kuniyuki Iwashima) - af_unix: Use skb_queue_len_lockless() in sk_diag_show_rqlen(). (Kuniyuki Iwashima) - af_unix: Use unix_recvq_full_lockless() in unix_stream_connect(). (Kuniyuki Iwashima) - af_unix: Annotate data-race of net-> unx.sysctl_max_dgram_qlen. (Kuniyuki Iwashima) - af_unix: Annotate data-races around sk-> sk_state in UNIX_DIAG. (Kuniyuki Iwashima) -af_unix: Annotate data-races around sk-> sk_state in sendmsg() and recvmsg(). (Kuniyuki Iwashima) - af_unix: Annotate data-races around sk-> sk_state in unix_write_space() and poll(). (Kuniyuki Iwashima) - af_unix: Fix data races around sk-> sk_shutdown. (Kuniyuki Iwashima) - af_unix: Annotate data-race of sk-> sk_state in unix_inq_len(). (Kuniyuki Iwashima) - af_unix: Fix a data-race in unix_dgram_peer_wake_me(). (Kuniyuki Iwashima) - af_unix: ensure POLLOUT on remote close() for connected dgram socket (Jason Baron) - ptp: Fix error message on failed pin verification (Karol Kolacinski) - tcp: count CLOSE-WAIT sockets for TCP_MIB_CURRESTAB (Jason Xing) - ipv6: sr: block BH in seg6_output_core() and seg6_input_core() (Eric Dumazet) - wifi: iwlwifi: mvm: don't read past the mfuart notifcation (Emmanuel Grumbach) [Orabug: 36835809] {CVE-2024-40941} - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (Remi Pommarel) [Orabug: 36835736] {CVE-2024-40912} - wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects (Nicolas Escande) [Orabug: 36835813] {CVE-2024-40942} - tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets (Eric Dumazet) [Orabug: 36683297] {CVE-2024-36905} - Revert "tcp: remove redundant check on tskb" (Vegard Nossum) - Revert "tcp: defer shutdown(SEND_SHUTDOWN) for TCP_SYN_RECV sockets" (Vegard Nossum) - Revert "scsi: target: Fix SELinux error when systemd-modules loads the target module" (Vegard Nossum) _______________________________________________ El-errata mailing list
Oct 15, 2024
•Critical
Oracle
172
security advisorydenial of serviceUbuntuUbuntu 22.04 LTS: 7007-1 Moderate: Kernel Denial Of Service Issues
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-7007-1 September 13, 2024 linux, linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-nvidia, linux-oracle, linux-raspi vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-gke: Linux kernel for Google Container Engine (GKE) systems - linux-gkeop: Linux kernel for Google Container Engine (GKE) systems - linux-ibm: Linux kernel for IBM cloud systems - linux-intel-iotg: Linux kernel for Intel IoT platforms - linux-kvm: Linux kernel for cloud environments - linux-nvidia: Linux kernel for NVIDIA systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi: Linux kernel for Raspberry Pi systems - linux-aws-5.15: Linux kernel for Amazon Web Services (AWS) systems - linux-gcp-5.15: Linux kernel for Google Cloud Platform (GCP) systems - linux-gkeop-5.15: Linux kernel for Google Container Engine (GKE) systems - linux-hwe-5.15: Linux hardware enablement (HWE) kernel - linux-intel-iotg-5.15: Linux kernel for Intel IoT platforms Details: Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2024-23848) Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. Alocal attacker could possibly use this to cause a denial of service. (CVE-2024-25741) It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service (system crash). (CVE-2024-40902) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - Accessibility subsystem; - ACPI drivers; - Serial ATA and Parallel ATA drivers; - Drivers core; - Bluetooth drivers; - Character device driver; - CPU frequency scaling framework; - Hardware crypto device drivers; - Buffer Sharing and Synchronization framework; - DMA engine subsystem; - FPGA Framework; - GPIO subsystem; - GPU drivers; - Greybus drivers; - HID subsystem; - HW tracing; - I2C subsystem; - IIO subsystem; - InfiniBand drivers; - Input Device (Mouse) drivers; - Macintosh device drivers; - Multiple devices driver; - Media drivers; - VMware VMCI Driver; - Network drivers; - Near Field Communication (NFC) drivers; - NVME drivers; - Pin controllers subsystem; - PTP clock framework; - S/390 drivers; - SCSI drivers; - SoundWire subsystem; - Greybus lights staging drivers; - Media staging drivers; - Thermal drivers; - TTY drivers; - USB subsystem; - DesignWare USB3 driver; - Framebuffer layer; - ACRN Hypervisor Service Module driver; - eCrypt file system; - File systems infrastructure; - Ext4 file system; - F2FS file system; - JFFS2 file system; - JFS file system; - NILFS2 file system; - NTFS3 file system; - SMB network file system; - IOMMU subsystem; - Memory management; - Netfilter; - BPF subsystem; - Kernel debuggerinfrastructure; - DMA mapping infrastructure; - IRQ subsystem; - Tracing infrastructure; - 9P file system network protocol; - B.A.T.M.A.N. meshing protocol; - CAN network layer; - Ceph Core library; - Networking core; - IPv4 networking; - IPv6 networking; - IUCV driver; - MAC80211 subsystem; - Multipath TCP; - NET/ROM layer; - NFC subsystem; - Open vSwitch; - Network traffic control; - TIPC protocol; - TLS protocol; - Unix domain sockets; - Wireless networking; - XFRM subsystem; - ALSA framework; - SoC Audio for Freescale CPUs drivers; - Kirkwood ASoC drivers; (CVE-2024-40961, CVE-2024-38597, CVE-2024-39468, CVE-2024-36978, CVE-2024-42161, CVE-2024-38573, CVE-2024-40905, CVE-2024-42094, CVE-2024-36894, CVE-2024-40914, CVE-2024-40956, CVE-2024-42106, CVE-2024-38610, CVE-2024-39506, CVE-2024-42098, CVE-2024-42232, CVE-2024-38590, CVE-2024-39488, CVE-2024-42127, CVE-2024-41006, CVE-2024-42131, CVE-2024-41005, CVE-2024-40963, CVE-2024-38559, CVE-2024-42130, CVE-2024-37078, CVE-2024-42082, CVE-2024-40984, CVE-2024-38560, CVE-2024-42090, CVE-2024-33621, CVE-2024-40974, CVE-2024-42115, CVE-2024-40971, CVE-2024-40943, CVE-2024-38627, CVE-2024-38548, CVE-2024-40934, CVE-2024-38579, CVE-2024-38558, CVE-2024-39495, CVE-2023-52884, CVE-2024-42225, CVE-2024-38659, CVE-2024-40927, CVE-2024-40967, CVE-2024-38624, CVE-2024-38583, CVE-2024-41047, CVE-2024-38623, CVE-2024-39509, CVE-2024-36971, CVE-2024-42120, CVE-2024-38589, CVE-2024-36270, CVE-2024-42105, CVE-2024-36032, CVE-2024-42101, CVE-2024-40908, CVE-2024-42089, CVE-2024-39482, CVE-2024-38662, CVE-2024-41007, CVE-2024-38635, CVE-2023-52887, CVE-2024-40912, CVE-2024-41027, CVE-2024-38598, CVE-2024-38381, CVE-2024-39503, CVE-2024-39301, CVE-2024-40988, CVE-2024-41000, CVE-2024-39507, CVE-2024-35247, CVE-2024-39277, CVE-2024-42229, CVE-2024-42085, CVE-2024-35927, CVE-2024-42224, CVE-2024-38567, CVE-2024-42097, CVE-2024-41049, CVE-2024-39466, CVE-2024-40957, CVE-2024-40978, CVE-2024-42093, CVE-2024-40937, CVE-2024-41034,CVE-2024-41048, CVE-2024-39471, CVE-2024-39502, CVE-2024-38555, CVE-2024-40970, CVE-2024-36972, CVE-2024-40995, CVE-2024-42154, CVE-2024-40916, CVE-2024-39505, CVE-2024-39475, CVE-2024-38599, CVE-2024-38596, CVE-2024-39493, CVE-2024-42124, CVE-2024-38549, CVE-2024-42084, CVE-2024-40942, CVE-2024-42077, CVE-2024-42152, CVE-2024-40904, CVE-2024-31076, CVE-2024-40960, CVE-2024-41035, CVE-2024-40945, CVE-2024-38605, CVE-2024-42140, CVE-2024-41041, CVE-2024-36014, CVE-2024-38612, CVE-2024-41092, CVE-2024-38546, CVE-2024-40902, CVE-2024-42068, CVE-2024-42121, CVE-2024-42236, CVE-2024-34777, CVE-2024-39467, CVE-2024-42087, CVE-2024-39501, CVE-2024-40980, CVE-2024-38550, CVE-2024-42223, CVE-2024-38607, CVE-2024-42247, CVE-2024-41046, CVE-2024-42080, CVE-2024-40901, CVE-2024-38571, CVE-2024-39480, CVE-2024-42070, CVE-2024-41093, CVE-2024-42148, CVE-2024-38601, CVE-2024-39500, CVE-2024-41097, CVE-2024-38565, CVE-2024-38661, CVE-2024-38615, CVE-2024-41040, CVE-2024-34027, CVE-2024-37356, CVE-2024-42157, CVE-2024-40941, CVE-2024-38634, CVE-2024-41004, CVE-2024-38780, CVE-2024-38552, CVE-2024-39276, CVE-2024-38618, CVE-2024-38588, CVE-2024-42086, CVE-2024-41087, CVE-2024-38582, CVE-2024-40932, CVE-2024-39489, CVE-2024-40968, CVE-2024-42119, CVE-2024-42137, CVE-2024-40929, CVE-2024-38591, CVE-2024-36489, CVE-2022-48772, CVE-2024-42153, CVE-2024-40959, CVE-2024-40987, CVE-2024-36015, CVE-2024-41044, CVE-2024-41002, CVE-2024-42109, CVE-2024-38587, CVE-2024-36286, CVE-2024-41055, CVE-2024-39469, CVE-2024-39487, CVE-2024-38580, CVE-2024-38619, CVE-2024-38613, CVE-2024-42145, CVE-2024-41095, CVE-2024-40958, CVE-2024-40911, CVE-2024-42102, CVE-2024-33847, CVE-2024-36974, CVE-2024-40994, CVE-2024-38633, CVE-2024-40981, CVE-2024-40983, CVE-2024-42096, CVE-2024-42104, CVE-2024-42092, CVE-2024-40954, CVE-2024-38637, CVE-2024-42240, CVE-2024-38621, CVE-2024-38578, CVE-2024-38547, CVE-2024-39490, CVE-2024-42076, CVE-2024-42244, CVE-2024-39499, CVE-2024-38586, CVE-2024-41089, CVE-2024-40976, CVE-2024-42095,CVE-2024-40931, CVE-2024-40990) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS linux-image-5.15.0-1052-gkeop 5.15.0-1052.59 linux-image-5.15.0-1062-ibm 5.15.0-1062.65 linux-image-5.15.0-1062-raspi 5.15.0-1062.65 linux-image-5.15.0-1064-intel-iotg 5.15.0-1064.70 linux-image-5.15.0-1064-nvidia 5.15.0-1064.65 linux-image-5.15.0-1064-nvidia-lowlatency 5.15.0-1064.65 linux-image-5.15.0-1066-gke 5.15.0-1066.72 linux-image-5.15.0-1066-kvm 5.15.0-1066.71 linux-image-5.15.0-1067-oracle 5.15.0-1067.73 linux-image-5.15.0-1068-gcp 5.15.0-1068.76 linux-image-5.15.0-1069-aws 5.15.0-1069.75 linux-image-5.15.0-121-generic 5.15.0-121.131 linux-image-5.15.0-121-generic-64k 5.15.0-121.131 linux-image-5.15.0-121-generic-lpae 5.15.0-121.131 linux-image-aws-lts-22.04 5.15.0.1069.69 linux-image-gcp-lts-22.04 5.15.0.1068.64 linux-image-generic 5.15.0.121.121 linux-image-generic-64k 5.15.0.121.121 linux-image-generic-lpae 5.15.0.121.121 linux-image-gke 5.15.0.1066.65 linux-image-gke-5.15 5.15.0.1066.65 linux-image-gkeop 5.15.0.1052.51 linux-image-gkeop-5.15 5.15.0.1052.51 linux-image-ibm 5.15.0.1062.58 linux-image-intel-iotg 5.15.0.1064.64 linux-image-kvm 5.15.0.1066.62 linux-image-nvidia 5.15.0.1064.64 linux-image-nvidia-lowlatency 5.15.0.1064.64 linux-image-oracle-lts-22.04 5.15.0.1067.63 linux-image-raspi 5.15.0.1062.60 linux-image-raspi-nolpae 5.15.0.1062.60 linux-image-virtual 5.15.0.121.121 Ubuntu 20.04 LTS linux-image-5.15.0-1052-gkeop 5.15.0-1052.59~20.04.1 linux-image-5.15.0-1064-intel-iotg 5.15.0-1064.70~20.04.1+1 linux-image-5.15.0-1068-gcp 5.15.0-1068.76~20.04.1 linux-image-5.15.0-1069-aws 5.15.0-1069.75~20.04.1 linux-image-5.15.0-121-generic 5.15.0-121.131~20.04.1 linux-image-5.15.0-121-generic-64k 5.15.0-121.131~20.04.1 linux-image-5.15.0-121-generic-lpae 5.15.0-121.131~20.04.1 linux-image-aws 5.15.0.1069.75~20.04.1 linux-image-gcp 5.15.0.1068.76~20.04.1 linux-image-generic-64k-hwe-20.04 5.15.0.121.131~20.04.1 linux-image-generic-hwe-20.04 5.15.0.121.131~20.04.1 linux-image-generic-lpae-hwe-20.04 5.15.0.121.131~20.04.1 linux-image-gkeop-5.15 5.15.0.1052.59~20.04.1 linux-image-intel 5.15.0.1064.70~20.04.1 linux-image-intel-iotg 5.15.0.1064.70~20.04.1 linux-image-oem-20.04 5.15.0.121.131~20.04.1 linux-image-oem-20.04b 5.15.0.121.131~20.04.1 linux-image-oem-20.04c 5.15.0.121.131~20.04.1 linux-image-oem-20.04d 5.15.0.121.131~20.04.1 linux-image-virtual-hwe-20.04 5.15.0.121.131~20.04.1 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-7007-1 CVE-2022-48772, CVE-2023-52884, CVE-2023-52887, CVE-2024-23848, CVE-2024-25741, CVE-2024-31076, CVE-2024-33621, CVE-2024-33847, CVE-2024-34027, CVE-2024-34777, CVE-2024-35247, CVE-2024-35927, CVE-2024-36014, CVE-2024-36015, CVE-2024-36032, CVE-2024-36270, CVE-2024-36286, CVE-2024-36489, CVE-2024-36894, CVE-2024-36971, CVE-2024-36972, CVE-2024-36974, CVE-2024-36978, CVE-2024-37078, CVE-2024-37356, CVE-2024-38381, CVE-2024-38546, CVE-2024-38547, CVE-2024-38548, CVE-2024-38549, CVE-2024-38550, CVE-2024-38552, CVE-2024-38555, CVE-2024-38558,CVE-2024-38559, CVE-2024-38560, CVE-2024-38565, CVE-2024-38567, CVE-2024-38571, CVE-2024-38573, CVE-2024-38578, CVE-2024-38579, CVE-2024-38580, CVE-2024-38582, CVE-2024-38583, CVE-2024-38586, CVE-2024-38587, CVE-2024-38588, CVE-2024-38589, CVE-2024-38590, CVE-2024-38591, CVE-2024-38596, CVE-2024-38597, CVE-2024-38598, CVE-2024-38599, CVE-2024-38601, CVE-2024-38605, CVE-2024-38607, CVE-2024-38610, CVE-2024-38612, CVE-2024-38613, CVE-2024-38615, CVE-2024-38618, CVE-2024-38619, CVE-2024-38621, CVE-2024-38623, CVE-2024-38624, CVE-2024-38627, CVE-2024-38633, CVE-2024-38634, CVE-2024-38635, CVE-2024-38637, CVE-2024-38659, CVE-2024-38661, CVE-2024-38662, CVE-2024-38780, CVE-2024-39276, CVE-2024-39277, CVE-2024-39301, CVE-2024-39466, CVE-2024-39467, CVE-2024-39468, CVE-2024-39469, CVE-2024-39471, CVE-2024-39475, CVE-2024-39480, CVE-2024-39482, CVE-2024-39487, CVE-2024-39488, CVE-2024-39489, CVE-2024-39490, CVE-2024-39493, CVE-2024-39495, CVE-2024-39499, CVE-2024-39500, CVE-2024-39501, CVE-2024-39502, CVE-2024-39503, CVE-2024-39505, CVE-2024-39506, CVE-2024-39507, CVE-2024-39509, CVE-2024-40901, CVE-2024-40902, CVE-2024-40904, CVE-2024-40905, CVE-2024-40908, CVE-2024-40911, CVE-2024-40912, CVE-2024-40914, CVE-2024-40916, CVE-2024-40927, CVE-2024-40929, CVE-2024-40931, CVE-2024-40932, CVE-2024-40934, CVE-2024-40937, CVE-2024-40941, CVE-2024-40942, CVE-2024-40943, CVE-2024-40945, CVE-2024-40954, CVE-2024-40956, CVE-2024-40957, CVE-2024-40958, CVE-2024-40959, CVE-2024-40960, CVE-2024-40961, CVE-2024-40963, CVE-2024-40967, CVE-2024-40968, CVE-2024-40970, CVE-2024-40971, CVE-2024-40974, CVE-2024-40976, CVE-2024-40978, CVE-2024-40980, CVE-2024-40981, CVE-2024-40983, CVE-2024-40984, CVE-2024-40987, CVE-2024-40988, CVE-2024-40990, CVE-2024-40994, CVE-2024-40995, CVE-2024-41000, CVE-2024-41002, CVE-2024-41004, CVE-2024-41005, CVE-2024-41006, CVE-2024-41007, CVE-2024-41027, CVE-2024-41034, CVE-2024-41035, CVE-2024-41040, CVE-2024-41041, CVE-2024-41044, CVE-2024-41046,CVE-2024-41047, CVE-2024-41048, CVE-2024-41049, CVE-2024-41055, CVE-2024-41087, CVE-2024-41089, CVE-2024-41092, CVE-2024-41093, CVE-2024-41095, CVE-2024-41097, CVE-2024-42068, CVE-2024-42070, CVE-2024-42076, CVE-2024-42077, CVE-2024-42080, CVE-2024-42082, CVE-2024-42084, CVE-2024-42085, CVE-2024-42086, CVE-2024-42087, CVE-2024-42089, CVE-2024-42090, CVE-2024-42092, CVE-2024-42093, CVE-2024-42094, CVE-2024-42095, CVE-2024-42096, CVE-2024-42097, CVE-2024-42098, CVE-2024-42101, CVE-2024-42102, CVE-2024-42104, CVE-2024-42105, CVE-2024-42106, CVE-2024-42109, CVE-2024-42115, CVE-2024-42119, CVE-2024-42120, CVE-2024-42121, CVE-2024-42124, CVE-2024-42127, CVE-2024-42130, CVE-2024-42131, CVE-2024-42137, CVE-2024-42140, CVE-2024-42145, CVE-2024-42148, CVE-2024-42152, CVE-2024-42153, CVE-2024-42154, CVE-2024-42157, CVE-2024-42161, CVE-2024-42223, CVE-2024-42224, CVE-2024-42225, CVE-2024-42229, CVE-2024-42232, CVE-2024-42236, CVE-2024-42240, CVE-2024-42244, CVE-2024-42247 Package Information: https://launchpad.net/ubuntu/+source/linux/5.15.0-121.131 https://launchpad.net/ubuntu/+source/linux-aws/5.15.0-1069.75 https://launchpad.net/ubuntu/+source/linux-gcp/5.15.0-1068.76 https://launchpad.net/ubuntu/+source/linux-gke/5.15.0-1066.72 https://launchpad.net/ubuntu/+source/linux-gkeop/5.15.0-1052.59 https://launchpad.net/ubuntu/+source/linux-ibm/5.15.0-1062.65 https://launchpad.net/ubuntu/+source/linux-intel-iotg/5.15.0-1064.70 https://launchpad.net/ubuntu/+source/linux-kvm/5.15.0-1066.71 https://launchpad.net/ubuntu/+source/linux-nvidia/5.15.0-1064.65 https://launchpad.net/ubuntu/+source/linux-oracle/5.15.0-1067.73 https://launchpad.net/ubuntu/+source/linux-raspi/5.15.0-1062.65 https://launchpad.net/ubuntu/+source/linux-aws-5.15/5.15.0-1069.75~20.04.1 https://launchpad.net/ubuntu/+source/linux-gcp-5.15/5.15.0-1068.76~20.04.1 https://launchpad.net/ubuntu/+source/linux-gkeop-5.15/5.15.0-1052.59~20.04.1 https://launchpad.net/ubuntu/+source/linux-hwe-5.15/5.15.0-121.131~20.04.1 https://launchpad.net/ubuntu/+source/linux-intel-iotg-5.15/5.15.0-1064.70~20.04.1 . Several critical patches released for Ubuntu targeting significant vulnerabilities in the Linux kernel. Make sure to update immediately.. kernel security updates, Ubuntu vulnerabilities, Linux system updates. . LinuxSecurity.com Team
Sep 13, 2024
Ubuntu
100
security advisorycritical patchSUSESUSE: 2023:4735-1 critical: Linux Kernel security updates
* bsc#1084909 * bsc#1176950 * bsc#1190208 * bsc#1203496 * bsc#1205462 . # Security update for the Linux Kernel Announcement ID: SUSE-SU-2023:4735-1 Rating: important References: * bsc#1084909 * bsc#1176950 * bsc#1190208 * bsc#1203496 * bsc#1205462 * bsc#1208787 * bsc#1210780 * bsc#1214037 * bsc#1214285 * bsc#1214408 * bsc#1214764 * bsc#1216031 * bsc#1216058 * bsc#1216259 * bsc#1216584 * bsc#1216759 * bsc#1216965 * bsc#1216976 * bsc#1217036 * bsc#1217087 * bsc#1217206 * bsc#1217519 * bsc#1217525 * bsc#1217603 * bsc#1217604 * bsc#1217607 * jsc#PED-3184 * jsc#PED-5021 Cross-References: * CVE-2023-0461 * CVE-2023-31083 * CVE-2023-39197 * CVE-2023-39198 * CVE-2023-45863 * CVE-2023-45871 * CVE-2023-5717 CVSS scores: * CVE-2023-0461 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-0461 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-31083 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-31083 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-39197 ( SUSE ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N * CVE-2023-39198 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2023-39198 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-45863 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-45863 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-45871 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45871 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5717 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-5717 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Real Time 12 SP5 * SUSE Linux Enterprise Server 12 SP5 An update that solves seven vulnerabilities, contains two features and has 19 security fixes can now be installed. ##Description: The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-0461: Fixed use-after-free in icsk_ulp_data (bsc#1208787). * CVE-2023-39197: Fixed a out-of-bounds read in nf_conntrack_dccp_packet() (bsc#1216976). * CVE-2023-45863: Fixed a out-of-bounds write in fill_kobj_path() (bsc#1216058). * CVE-2023-5717: Fixed a heap out-of-bounds write vulnerability in the Performance Events component (bsc#1216584). * CVE-2023-45871: Fixed an issue in the IGB driver, where the buffer size may not be adequate for frames larger than the MTU (bsc#1216259). * CVE-2023-39198: Fixed a race condition leading to use-after-free in qxl_mode_dumb_create() (bsc#1216965). * CVE-2023-31083: Fixed race condition in hci_uart_tty_ioctl (bsc#1210780). The following non-security bugs were fixed: * cpu/SMT: Allow enabling partial SMT states via sysfs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). * cpu/SMT: Create topology_smt_thread_allowed() (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). * cpu/SMT: Move SMT prototypes into cpu_smt.h (bsc#1214408). * cpu/SMT: Move smt/control simple exit cases earlier (bsc#1214408). * cpu/SMT: Remove topology_smt_supported() (bsc#1214408). * cpu/SMT: Store the current/max number of threads (bsc#1214408). * cpu/hotplug: Create SMT sysfs interface for all arches (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). * dm-raid: remove useless checking in raid_message() (git-fixes). * l2tp: fix refcount leakage on PPPoL2TP sockets (git-fixes). * l2tp: fix {pppol2tp, l2tp_dfs}_seq_stop() in case of seq_file overflow (git- fixes). * md/bitmap: always wake up md_thread in timeout_store (git-fixes). * md/bitmap: factor out a helper to set timeout (git-fixes). * md/raid10: Do not add spare disk when recovery fails (git-fixes). * md/raid10: check slab-out-of-bounds in md_bitmap_get_counter (git-fixes). * md/raid10: clean up md_add_new_disk() (git-fixes). * md/raid10: fix io loss whilereplacement replace rdev (git-fixes). * md/raid10: fix leak of 'r10bio-> remaining' for recovery (git-fixes). * md/raid10: fix memleak for 'conf-> bio_split' (git-fixes). * md/raid10: fix memleak of md thread (git-fixes). * md/raid10: fix null-ptr-deref in raid10_sync_request (git-fixes). * md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request (git- fixes). * md/raid10: fix overflow of md/safe_mode_delay (git-fixes). * md/raid10: fix wrong setting of max_corr_read_errors (git-fixes). * md/raid10: improve code of mrdev in raid10_sync_request (git-fixes). * md/raid10: prevent soft lockup while flush writes (git-fixes). * md/raid10: prioritize adding disk to 'removed' mirror (git-fixes). * md: Flush workqueue md_rdev_misc_wq in md_alloc() (git-fixes). * md: add new workqueue for delete rdev (git-fixes). * md: avoid signed overflow in slot_store() (git-fixes). * md: do not return existing mddevs from mddev_find_or_alloc (git-fixes). * md: factor out a mddev_alloc_unit helper from mddev_find (git-fixes). * md: fix data corruption for raid456 when reshape restart while grow up (git- fixes). * md: fix deadlock causing by sysfs_notify (git-fixes). * md: fix incorrect declaration about claim_rdev in md_import_device (git- fixes). * md: flush md_rdev_misc_wq for HOT_ADD_DISK case (git-fixes). * md: get sysfs entry after redundancy attr group create (git-fixes). * md: refactor mddev_find_or_alloc (git-fixes). * md: remove lock_bdev / unlock_bdev (git-fixes). * mm, memcg: add mem_cgroup_disabled checks in vmpressure and swap-related functions (bsc#1190208 (MM functional and performance backports) bsc#1216759). * net-memcg: Fix scope of sockmem pressure indicators (bsc#1216759). * net: mana: Configure hwc timeout from hardware (bsc#1214037). * net: mana: Fix MANA VF unload when hardware is unresponsive (bsc#1214764). * powerpc/pseries: Honour current SMT state when DLPAR onlining CPUs (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). * powerpc/pseries: Initialise CPU hotplugcallbacks earlier (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). * powerpc: Add HOTPLUG_SMT support (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588). Update config files. * ring-buffer: Avoid softlockup in ring_buffer_resize() (git-fixes). * s390/cio: unregister device when the only path is gone (git-fixes bsc#1217607). * s390/cmma: fix detection of DAT pages (LTC#203996 bsc#1217087). * s390/cmma: fix handling of swapper_pg_dir and invalid_pg_dir (LTC#203996 bsc#1217087). * s390/cmma: fix initial kernel address space page table walk (LTC#203996 bsc#1217087). * s390/crashdump: fix TOD programmable field size (git-fixes bsc#1217206). * s390/dasd: protect device queue against concurrent access (git-fixes bsc#1217519). * s390/dasd: use correct number of retries for ERP requests (git-fixes bsc#1217604). * s390/mm: add missing arch_set_page_dat() call to gmap allocations (LTC#203996 bsc#1217087). * s390/mm: add missing arch_set_page_dat() call to vmem_crst_alloc() (LTC#203996 bsc#1217087). * s390/ptrace: fix PTRACE_GET_LAST_BREAK error handling (git-fixes bsc#1217603). * scsi: qla2xxx: Fix double free of dsd_list during driver load (git-fixes). * scsi: qla2xxx: Use FIELD_GET() to extract PCIe capability fields (git- fixes). * tracing: Increase PERF_MAX_TRACE_SIZE to handle Sentinel1 and docker together (bsc#1216031). * usb-storage: fix deadlock when a scsi command timeouts more than once (git- fixes). * usb: serial: option: add Quectel RM500U-CN modem (git-fixes). * usb: serial: option: add Telit FE990 compositions (git-fixes). * usb: serial: option: add UNISOC vendor and TOZED LT70C product (git-fixes). * usb: typec: tcpm: Fix altmode re-registration causes sysfs create fail (git- fixes). * xfs: fix units conversion error in xfs_bmap_del_extent_delay (git-fixes). * xfs: make sure maxlen is still congruent with prod when rounding down (git- fixes). * xfs: reserve data and rt quota at the same time (bsc#1203496). ## Special Instructions and Notes: * Please reboot the systemafter installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Real Time 12 SP5 zypper in -t patch SUSE-SLE-RT-12-SP5-2023-4735=1 ## Package List: * SUSE Linux Enterprise Real Time 12 SP5 (x86_64) * dlm-kmp-rt-debuginfo-4.12.14-10.154.1 * cluster-md-kmp-rt-4.12.14-10.154.1 * gfs2-kmp-rt-debuginfo-4.12.14-10.154.1 * kernel-rt-base-debuginfo-4.12.14-10.154.1 * cluster-md-kmp-rt-debuginfo-4.12.14-10.154.1 * kernel-rt-debugsource-4.12.14-10.154.1 * kernel-rt_debug-debuginfo-4.12.14-10.154.1 * dlm-kmp-rt-4.12.14-10.154.1 * kernel-rt_debug-devel-debuginfo-4.12.14-10.154.1 * kernel-syms-rt-4.12.14-10.154.1 * ocfs2-kmp-rt-4.12.14-10.154.1 * ocfs2-kmp-rt-debuginfo-4.12.14-10.154.1 * kernel-rt-base-4.12.14-10.154.1 * kernel-rt-devel-debuginfo-4.12.14-10.154.1 * kernel-rt_debug-devel-4.12.14-10.154.1 * gfs2-kmp-rt-4.12.14-10.154.1 * kernel-rt_debug-debugsource-4.12.14-10.154.1 * kernel-rt-devel-4.12.14-10.154.1 * kernel-rt-debuginfo-4.12.14-10.154.1 * SUSE Linux Enterprise Real Time 12 SP5 (noarch) * kernel-devel-rt-4.12.14-10.154.1 * kernel-source-rt-4.12.14-10.154.1 * SUSE Linux Enterprise Real Time 12 SP5 (nosrc x86_64) * kernel-rt-4.12.14-10.154.1 * kernel-rt_debug-4.12.14-10.154.1 ## References: * https://www.suse.com/security/cve/CVE-2023-0461.html * https://www.suse.com/security/cve/CVE-2023-31083.html * https://www.suse.com/security/cve/CVE-2023-39197.html * https://www.suse.com/security/cve/CVE-2023-39198.html * https://www.suse.com/security/cve/CVE-2023-45863.html * https://www.suse.com/security/cve/CVE-2023-45871.html * https://www.suse.com/security/cve/CVE-2023-5717.html * https://bugzilla.suse.com/show_bug.cgi?id=1084909 * https://bugzilla.suse.com/show_bug.cgi?id=1176950 * https://bugzilla.suse.com/show_bug.cgi?id=1190208 * https://bugzilla.suse.com/show_bug.cgi?id=1203496 * https://bugzilla.suse.com/show_bug.cgi?id=1205462 * https://bugzilla.suse.com/show_bug.cgi?id=1208787 * https://bugzilla.suse.com/show_bug.cgi?id=1210780 * https://bugzilla.suse.com/show_bug.cgi?id=1214037 * https://bugzilla.suse.com/show_bug.cgi?id=1214285 * https://bugzilla.suse.com/show_bug.cgi?id=1214408 * https://bugzilla.suse.com/show_bug.cgi?id=1214764 * https://bugzilla.suse.com/show_bug.cgi?id=1216031 * https://bugzilla.suse.com/show_bug.cgi?id=1216058 * https://bugzilla.suse.com/show_bug.cgi?id=1216259 * https://bugzilla.suse.com/show_bug.cgi?id=1216584 * https://bugzilla.suse.com/show_bug.cgi?id=1216759 * https://bugzilla.suse.com/show_bug.cgi?id=1216965 * https://bugzilla.suse.com/show_bug.cgi?id=1216976 * https://bugzilla.suse.com/show_bug.cgi?id=1217036 * https://bugzilla.suse.com/show_bug.cgi?id=1217087 * https://bugzilla.suse.com/show_bug.cgi?id=1217206 * https://bugzilla.suse.com/show_bug.cgi?id=1217519 * https://bugzilla.suse.com/show_bug.cgi?id=1217525 * https://bugzilla.suse.com/show_bug.cgi?id=1217603 * https://bugzilla.suse.com/show_bug.cgi?id=1217604 * https://bugzilla.suse.com/show_bug.cgi?id=1217607 * * . Critical Linux Kernel security updates to fix multiple vulnerabilities. Install essential patches for system protection.. SUSE Linux, Kernel Security Fixes, Security Updates. . Severity: Important. LinuxSecurity.com Team
Dec 14, 2023
•Important
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!