[ELSA-2023-12339] Unbreakable Enterprise kernel security update
[5.15.0-101.103.2.1]
- Revert 'attr: use consistent sgid stripping checks' (Sherry Yang) [Orabug: 35346968]
- Revert 'iommu: Force iommu shutdown on panic' (Boris Ostrovsky) [Orabug: 35346963]
[5.15.0-101.103.2]
- uek-rpm: mod-extra: Remove mt7921e.ko from extras list (Harshit Mogalapalli) [Orabug: 34999685]
- crypto: allow ECDH and ECDSA algorithms in FIPS (Saeed Mirzamohammadi) [Orabug: 35230211]
- uek-rpm: make CRYPTO_ECDSA builtin (Saeed Mirzamohammadi) [Orabug: 35230211]
- KVM: arm64: PMU: Align chained counter implementation with architecture pseudocode (Marc Zyngier) [Orabug: 35243389]
- net/mlx5: Fix memory leak in error flow of port set buffer (Maher Sanalla) [Orabug: 35246355]
- net/mlx5e: Update shared buffer along with device buffer changes (Maher Sanalla) [Orabug: 35246355]
- net/mlx5e: Add API to query/modify SBPR and SBCM registers (Maher Sanalla) [Orabug: 35246355]
- net/mlx5: Expose shared buffer registers bits and structs (Maher Sanalla) [Orabug: 35246355]
- PCI: Work around Intel I210 ROM BAR overlap defect (Bjorn Helgaas) [Orabug: 35250975]
- net/rds: Adding TCP stats for TCP keepalive timeout (Nagappan Ramasamy Palaniappan) [Orabug: 35254377]
- rds: slight code cleanup of RDS checksum code (William Kucharski) [Orabug: 35262486]
- x86/acpi/boot: Correct acpi_is_processor_usable() check (Eric DeVolder) [Orabug: 35274587]
- x86/ACPI/boot: Use FADT version to check support for online capable (Mario Limonciello) [Orabug: 35274587]
- x86/acpi/boot: Do not register processors that cannot be onlined for x2APIC (Kishon Vijay Abraham I) [Orabug: 35274587]
- x86/ACPI: Don't add CPUs that are not online capable (Mario Limonciello) [Orabug: 35274587]
- ACPICA: Add support for MADT online enabled bit (Mario Limonciello) [Orabug: 35274587]
- net/rds: use appropriate reason while dropping a connection (Praveen Kumar Kannoju) [Orabug: 35278121]
- KVM: nVMX: add missing consistency checks for CR0 and CR4 (Paolo Bonzini) [Orabug: 35278210] {CVE-2023-30456}
- Revert 'scsi: megaraid_sas: Skip syncing the RAID map on older controllers' (Sherry Yang) [Orabug: 35285941]
[5.15.0-101.103.1]
- Revert 'Revert 'x86: link vdso and boot with -z noexecstack --no-warn-rwx-segments'' (Tom Saeger)
- Revert 'Revert 'Makefile: link with -z noexecstack --no-warn-rwx-segments'' (Tom Saeger)
- LTS version: v5.15.103 (Jack Vogel)
- Makefile: use -gdwarf-{4|5} for assembler for DEBUG_INFO_DWARF{4|5} (Nick Desaulniers)
- KVM: VMX: Fix crash due to uninitialized current_vmcs (Alexandru Matei)
- KVM: VMX: Introduce vmx_msr_bitmap_l01_changed() helper (Vitaly Kuznetsov)
- KVM: nVMX: Don't use Enlightened MSR Bitmap for L3 (Vitaly Kuznetsov)
- fs: hold writers when changing mount's idmapping (Christian Brauner)
- UML: define RUNTIME_DISCARD_EXIT (Masahiro Yamada)
- xfs: remove xfs_setattr_time() declaration (Gaosheng Cui)
- KVM: fix memoryleak in kvm_init() (Miaohe Lin)
- tools bpftool: Fix compilation error with new binutils (Andres Freund)
- tools bpf_jit_disasm: Fix compilation error with new binutils (Andres Freund)
- tools perf: Fix compilation error with new binutils (Andres Freund)
- tools include: add dis-asm-compat.h to handle version differences (Andres Freund)
- tools build: Add feature test for init_disassemble_info API changes (Andres Freund)
- sh: define RUNTIME_DISCARD_EXIT (Tom Saeger)
- s390: define RUNTIME_DISCARD_EXIT to fix link error with GNU ld < 2.36 (Masahiro Yamada)
- powerpc/vmlinux.lds: Don't discard .rela* for relocatable builds (Michael Ellerman)
- powerpc/vmlinux.lds: Define RUNTIME_DISCARD_EXIT (Michael Ellerman)
- arch: fix broken BuildID for arm64 and riscv (Masahiro Yamada)
- ext4: block range must be validated before use in ext4_mb_clear_bb() (Lukas Czerner)
- ext4: add strict range checks while freeing blocks (Ritesh Harjani)
- ext4: add ext4_sb_block_valid() refactored out of ext4_inode_block_valid() (Ritesh Harjani)
- ext4: refactor ext4_free_blocks() to pull out ext4_mb_clear_bb() (Ritesh Harjani)
- filelocks: use mount idmapping for setlease permission check (Seth Forshee)
- media: rc: gpio-ir-recv: add remove function (Li Jun)
- media: ov5640: Fix analogue gain control (Paul Elder)
- scripts: handle BrokenPipeError for python scripts (Masahiro Yamada)
- PCI: Add SolidRun vendor ID (Alvaro Karsz)
- macintosh: windfarm: Use unsigned type for 1-bit bitfields (Nathan Chancellor)
- alpha: fix R_ALPHA_LITERAL reloc for large modules (Edward Humes)
- powerpc/kcsan: Exclude udelay to prevent recursive instrumentation (Rohan McLure)
- powerpc/iommu: fix memory leak with using debugfs_lookup() (Greg Kroah-Hartman)
- MIPS: Fix a compilation issue (xurui)
- fs: use consistent setgid checks in is_sxid() (Christian Brauner)
- attr: use consistent sgid stripping checks (Christian Brauner)
- attr: add setattr_should_drop_sgid() (Christian Brauner)
- fs: move should_remove_suid() (Christian Brauner)
- attr: add in_group_or_capable() (Christian Brauner)
- fs: move S_ISGID stripping into the vfs_*() helpers (Yang Xu)
- fs: add mode_strip_sgid() helper (Yang Xu)
- xfs: set prealloc flag in xfs_alloc_file_space() (Dave Chinner)
- xfs: fallocate() should call file_modified() (Dave Chinner)
- xfs: remove XFS_PREALLOC_SYNC (Dave Chinner)
- xfs: use setattr_copy to set vfs inode attributes (Darrick J. Wong)
- tpm/eventlog: Don't abort tpm_read_log on faulty ACPI address (Morten Linderud)
- watch_queue: fix IOC_WATCH_QUEUE_SET_SIZE alloc error paths (David Disseldorp)
- staging: rtl8723bs: Fix key-store index handling (Hans de Goede)
- staging: rtl8723bs: fix placement of braces (Hannes Braun)
- Staging: rtl8723bs: Placing opening { braces in previous line (Jagath Jog J)
- staging: rtl8723bs: clean up comparsions to NULL (Michael Straube)
- iommu/amd: Add a length limitation for the ivrs_acpihid command-line parameter (Gavrilov Ilia)
- iommu/amd: Fix ill-formed ivrs_ioapic, ivrs_hpet and ivrs_acpihid options (Kim Phillips)
- iommu/amd: Add PCI segment support for ivrs_[ioapic/hpet/acpihid] commands (Suravee Suthikulpanit)
- nbd: use the correct block_device in nbd_bdev_reset (Christoph Hellwig)
- irqdomain: Fix mapping-creation race (Johan Hovold)
- ext4: Fix deadlock during directory rename (Jan Kara)
- RISC-V: Don't check text_mutex during stop_machine (Conor Dooley)
- s390/ftrace: remove dead code (Heiko Carstens)
- riscv: Use READ_ONCE_NOCHECK in imprecise unwinding stack mode (Alexandre Ghiti)
- af_unix: fix struct pid leaks in OOB support (Eric Dumazet)
- af_unix: Remove unnecessary brackets around CONFIG_AF_UNIX_OOB. (Kuniyuki Iwashima)
- net: dsa: mt7530: permit port 5 to work without port 6 on MT7621 SoC (Vladimir Oltean)
- SUNRPC: Fix a server shutdown leak (Benjamin Coddington)
- octeontx2-af: Unlock contexts in the queue context cache in case of fault detection (Suman Ghosh)
- net/smc: fix fallback failed while sendmsg with fastopen (D. Wythe)
- platform: x86: MLX_PLATFORM: select REGMAP instead of depending on it (Randy Dunlap)
- netfilter: conntrack: adopt safer max chain length (Eric Dumazet)
- scsi: megaraid_sas: Update max supported LD IDs to 240 (Chandrakanth Patil)
- net: ethernet: mtk_eth_soc: fix RX data corruption issue (Daniel Golle)
- net: phy: smsc: fix link up detection in forced irq mode (Heiner Kallweit)
- net: phy: smsc: Cache interrupt mask (Lukas Wunner)
- btf: fix resolving BTF_KIND_VAR after ARRAY, STRUCT, UNION, PTR (Lorenz Bauer)
- netfilter: tproxy: fix deadlock due to missing BH disable (Florian Westphal)
- netfilter: ctnetlink: revert to dumping mark regardless of event type (Ivan Delalande)
- bnxt_en: Avoid order-5 memory allocation for TPA data (Michael Chan)
- net: phylib: get rid of unnecessary locking (Russell King (Oracle))
- net: stmmac: add to set device wake up flag when stmmac init phy (Rongguang Wei)
- drm/msm/dpu: fix len of sc7180 ctl blocks (Dmitry Baryshkov)
- bpf, sockmap: Fix an infinite loop error when len is 0 in tcp_bpf_recvmsg_parser() (Liu Jian)
- ice: copy last block omitted in ice_get_module_eeprom() (Petr Oros)
- net: caif: Fix use-after-free in cfusbl_device_notify() (Shigeru Yoshida)
- net: lan78xx: fix accessing the LAN7800's internal phy specific registers from the MAC driver (Yuiko Oshino)
- perf stat: Fix counting when initial delay configured (Changbin Du)
- selftests: nft_nat: ensuring the listening side is up before starting the client (Hangbin Liu)
- ila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping() (Eric Dumazet)
- powerpc: dts: t1040rdb: fix compatible string for Rev A boards (Vladimir Oltean)
- nfc: fdp: add null check of devm_kmalloc_array in fdp_nci_i2c_read_device_properties (Kang Chen)
- bgmac: fix initial chip reset to support BCM5358 (Rafal Milecki)
- drm/msm/a5xx: fix context faults during ring switch (Dmitry Baryshkov)
- drm/msm/a5xx: fix the emptyness check in the preempt code (Dmitry Baryshkov)
- drm/msm/a5xx: fix highest bank bit for a530 (Dmitry Baryshkov)
- drm/msm/a5xx: fix setting of the CP_PREEMPT_ENABLE_LOCAL register (Dmitry Baryshkov)
- drm/msm: Fix potential invalid ptr free (Rob Clark)
- drm/nouveau/kms/nv50: fix nv50_wndw_new_ prototype (Jiri Slaby (SUSE))
- drm/nouveau/kms/nv50-: remove unused functions (Ben Skeggs)
- ext4: Fix possible corruption when moving a directory (Jan Kara)
- regulator: core: Use ktime_get_boottime() to determine how long a regulator was off (Matthias Kaehlcke)
- regulator: core: Fix off-on-delay-us for always-on/boot-on regulators (Christian Kohlschutter)
- regulator: Flag uncontrollable regulators as always_on (Mark Brown)
- scsi: core: Remove the /proc/scsi/ directory earlier (Bart Van Assche)
- riscv: Add header include guards to insn.h (Liao Chang)
- riscv: Avoid enabling interrupts in die() (Mattias Nissler)
- RISC-V: Avoid dereferening NULL regs in die() (Palmer Dabbelt)
- arm64: efi: Make efi_rt_lock a raw_spinlock (Pierre Gondois)
- brd: mark as nowait compatible (Jens Axboe)
- block/brd: add error handling support for add_disk() (Luis Chamberlain)
- iommu/vt-d: Fix PASID directory pointer coherency (Jacob Pan)
- irqdomain: Refactor __irq_domain_alloc_irqs() (Johan Hovold)
- f2fs: retry to update the inode page given data corruption (Jaegeuk Kim)
- f2fs: do not bother checkpoint by f2fs_get_node_info (Jaegeuk Kim)
- f2fs: avoid down_write on nat_tree_lock during checkpoint (Jaegeuk Kim)
- udf: Fix off-by-one error when discarding preallocation (Jan Kara)
- fs: dlm: start midcomms before scand (Alexander Aring)
- fs: dlm: add midcomms init/start functions (Alexander Aring)
- fs: dlm: fix log of lowcomms vs midcomms (Alexander Aring)
- KVM: SVM: Process ICR on AVIC IPI delivery failure due to invalid target (Sean Christopherson)
- KVM: SVM: Don't rewrite guest ICR on AVIC IPI virtualization failure (Sean Christopherson)
- KVM: Register /dev/kvm as the very last thing during initialization (Sean Christopherson)
- KVM: Pre-allocate cpumasks for kvm_make_all_cpus_request_except() (Vitaly Kuznetsov)
- KVM: Optimize kvm_make_vcpus_request_mask() a bit (Vitaly Kuznetsov)
- nfc: change order inside nfc_se_io error path (Fedor Pchelkin)
- ext4: zero i_disksize when initializing the bootloader inode (Zhihao Cheng)
- ext4: fix WARNING in ext4_update_inline_data (Ye Bin)
- ext4: move where set the MAY_INLINE_DATA flag is set (Ye Bin)
- ext4: fix another off-by-one fsmap error on 1k block filesystems (Darrick J. Wong)
- ext4: fix RENAME_WHITEOUT handling for inline directories (Eric Whitney)
- ext4: fix cgroup writeback accounting with fs-layer encryption (Eric Biggers)
- staging: rtl8723bs: Pass correct parameters to cfg80211_get_bss() (Hans de Goede)
- drm/connector: print max_requested_bpc in state debugfs (Harry Wentland)
- drm/amdgpu: fix error checking in amdgpu_read_mm_registers for soc15 (Alex Deucher)
- x86/CPU/AMD: Disable XSAVES on AMD family 0x17 (Andrew Cooper)
- fork: allow CLONE_NEWTIME in clone3 flags (Tobias Klauser)
- perf inject: Fix --buildid-all not to eat up MMAP2 (Namhyung Kim)
- btrfs: fix percent calculation for bg reclaim message (Johannes Thumshirn)
- LTS version: v5.15.102 (Jack Vogel)
- staging: rtl8192e: Remove call_usermodehelper starting RadioPower.sh (Philipp Hortmann)
- staging: rtl8192e: Remove function ..dm_check_ac_dc_power calling a script (Philipp Hortmann)
- wifi: cfg80211: Partial revert 'wifi: cfg80211: Fix use after free for wext' (Hector Martin)
- LTS version: v5.15.101 (Jack Vogel)
- Revert 'drm/i915: Don't use BAR mappings for ring buffers with LLC' (Greg Kroah-Hartman)
- LTS version: v5.15.100 (Jack Vogel)
- usb: gadget: uvc: fix missing mutex_unlock() if kstrtou8() fails (Yang Yingliang)
- malidp: Fix NULL vs IS_ERR() checking (Miaoqian Lin)
- scsi: mpt3sas: Remove usage of dma_get_required_mask() API (Sreekanth Reddy)
- scsi: mpt3sas: re-do lost mpt3sas DMA mask fix (Sreekanth Reddy)
- scsi: mpt3sas: Don't change DMA mask while reallocating pools (Sreekanth Reddy)
- Revert 'scsi: mpt3sas: Fix return value check of dma_get_required_mask()' (Salvatore Bonaccorso)
- drm/virtio: Fix error code in virtio_gpu_object_shmem_init() (Harshit Mogalapalli)
- media: uvcvideo: Fix race condition with usb_kill_urb (Ricardo Ribalda)
- Bluetooth: hci_sock: purge socket queues in the destruct() callback (Nguyen Dinh Phi)
- drm/display/dp_mst: Fix down message handling after a packet reception error (Imre Deak)
- drm/display/dp_mst: Fix down/up message handling after sink disconnect (Imre Deak)
- x86/resctl: fix scheduler confusion with 'current' (Linus Torvalds)
- net: tls: avoid hanging tasks on the tx_lock (Jakub Kicinski)
- soundwire: cadence: Drain the RX FIFO after an IO timeout (Richard Fitzgerald)
- soundwire: cadence: Remove wasted space in response_buf (Richard Fitzgerald)
- phy: rockchip-typec: Fix unsigned comparison with less than zero (Jiapeng Chong)
- PCI: Add ACS quirk for Wangxun NICs (Mengyuan Lou)
- PCI: loongson: Add more devices that need MRRS quirk (Huacai Chen)
- kernel/fail_function: fix memory leak with using debugfs_lookup() (Greg Kroah-Hartman)
- drivers: base: dd: fix memory leak with using debugfs_lookup() (Greg Kroah-Hartman)
- drivers: base: component: fix memory leak with using debugfs_lookup() (Greg Kroah-Hartman)
- misc: vmw_balloon: fix memory leak with using debugfs_lookup() (Greg Kroah-Hartman)
- tty: pcn_uart: fix memory leak with using debugfs_lookup() (Greg Kroah-Hartman)
- PCI: Take other bus devices into account when distributing resources (Mika Westerberg)
- PCI: Align extra resources for hotplug bridges properly (Mika Westerberg)
- usb: gadget: uvc: Make bSourceID read/write (Daniel Scally)
- usb: uvc: Enumerate valid values for color matching (Daniel Scally)
- USB: ene_usb6250: Allocate enough memory for full object (Kees Cook)
- usb: host: xhci: mvebu: Iterate over array indexes instead of using pointer math (Kees Cook)
- USB: gadget: pxa27x_udc: fix memory leak with using debugfs_lookup() (Greg Kroah-Hartman)
- USB: gadget: pxa25x_udc: fix memory leak with using debugfs_lookup() (Greg Kroah-Hartman)
- USB: gadget: lpc32xx_udc: fix memory leak with using debugfs_lookup() (Greg Kroah-Hartman)
- USB: gadget: bcm63xx_udc: fix memory leak with using debugfs_lookup() (Greg Kroah-Hartman)
- USB: gadget: gr_udc: fix memory leak with using debugfs_lookup() (Greg Kroah-Hartman)
- USB: isp1362: fix memory leak with using debugfs_lookup() (Greg Kroah-Hartman)
- USB: isp116x: fix memory leak with using debugfs_lookup() (Greg Kroah-Hartman)
- USB: fotg210: fix memory leak with using debugfs_lookup() (Greg Kroah-Hartman)
- USB: sl811: fix memory leak with using debugfs_lookup() (Greg Kroah-Hartman)
- USB: uhci: fix memory leak with using debugfs_lookup() (Greg Kroah-Hartman)
- USB: chipidea: fix memory leak with using debugfs_lookup() (Greg Kroah-Hartman)
- USB: dwc3: fix memory leak with using debugfs_lookup() (Greg Kroah-Hartman)
- PCI: loongson: Prevent LS7A MRRS increases (Huacai Chen)
- soundwire: bus_type: Avoid lockdep assert in sdw_drv_probe() (Richard Fitzgerald)
- iio: accel: mma9551_core: Prevent uninitialized variable in mma9551_read_config_word() (Harshit Mogalapalli)
- iio: accel: mma9551_core: Prevent uninitialized variable in mma9551_read_status_word() (Harshit Mogalapalli)
- tools/iio/iio_utils:fix memory leak (Yulong Zhang)
- mei: bus-fixup:upon error print return values of send and receive (Alexander Usyskin)
- serial: sc16is7xx: setup GPIO controller later in probe (Isaac True)
- tty: serial: fsl_lpuart: disable the CTS when send break signal (Sherry Sun)
- tty: fix out-of-bounds access in tty_driver_lookup_tty() (Sven Schnelle)
- staging: emxx_udc: Add checks for dma_alloc_coherent() (Yuan Can)
- USB: fix memory leak with using debugfs_lookup() (Greg Kroah-Hartman)
- media: uvcvideo: Silence memcpy() run-time false positive warnings (Kees Cook)
- media: uvcvideo: Quirk for autosuspend in Logitech B910 and C910 (Ricardo Ribalda)
- media: uvcvideo: Handle errors from calls to usb_string (Guenter Roeck)
- media: uvcvideo: Handle cameras with invalid descriptors (Ricardo Ribalda)
- media: uvcvideo: Remove format descriptions (Laurent Pinchart)
- iommu/amd: Fix error handling for pdev_pri_ats_enable() (Vasant Hegde)
- IB/hfi1: Update RMT size calculation (Dean Luick)
- mfd: arizona: Use pm_runtime_resume_and_get() to prevent refcnt leak (Liang He)
- bootconfig: Increase max nodes of bootconfig from 1024 to 8192 for DCC support (Souradeep Chowdhury)
- firmware/efi sysfb_efi: Add quirk for Lenovo IdeaPad Duet 3 (Darrell Kavanagh)
- kernel/printk/index.c: fix memory leak with using debugfs_lookup() (Greg Kroah-Hartman)
- tracing: Add NULL checks for buffer in ring_buffer_free_read_page() (Jia-Ju Bai)
- thermal: intel: BXT_PMIC: select REGMAP instead of depending on it (Randy Dunlap)
- thermal: intel: quark_dts: fix error pointer dereference (Dan Carpenter)
- ASoC: mediatek: mt8195: add missing initialization (Trevor Wu)
- ASoC: zl38060 add gpiolib dependency (Arnd Bergmann)
- ASoC: zl38060: Remove spurious gpiolib select (Mark Brown)
- ASoC: adau7118: don't disable regulators on device unbind (Nuno Sa)
- loop: loop_set_status_from_info() check before assignment (Zhong Jinghua)
- rtc: allow rtc_read_alarm without read_alarm callback (Alexandre Belloni)
- scsi: ipr: Work around fortify-string warning (Arnd Bergmann)
- genirq: Add and use an irq_data_update_affinity helper (Samuel Holland)
- genirq: Refactor accessors to use irq_data_get_affinity_mask (Samuel Holland)
- rtc: sun6i: Always export the internal oscillator (Samuel Holland)
- vc_screen: modify vcs_size() handling in vcs_read() (George Kennedy)
- tcp: tcp_check_req() can be called from process context (Eric Dumazet)
- ARM: dts: spear320-hmi: correct STMPE GPIO compatible (Krzysztof Kozlowski)
- net/sched: act_sample: fix action bind logic (Pedro Tammela)
- net/sched: act_mpls: fix action bind logic (Pedro Tammela)
- net/sched: act_pedit: fix action bind logic (Pedro Tammela)
- net/sched: transition act_pedit to rcu and percpu stats (Pedro Tammela)
- nfc: fix memory leak of se_io context in nfc_genl_se_io (Fedor Pchelkin)
- net/mlx5: Geneve, Fix handling of Geneve object id as error code (Maor Dickman)
- net/mlx5e: Verify flow_source cap before using it (Roi Dayan)
- 9p/rdma: unmap receive dma buffer in rdma_request()/post_recv() (Zhengchao Shao)
- 9p/xen: fix connection sequence (Juergen Gross)
- 9p/xen: fix version parsing (Juergen Gross)
- net: fix __dev_kfree_skb_any() vs drop monitor (Eric Dumazet)
- octeontx2-pf: Use correct struct reference in test condition (Deepak R Varma)
- sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop (Xin Long)
- ipv6: Add lwtunnel encap size of all siblings in nexthop calculation (Lu Wei)
- netfilter: x_tables: fix percpu counter block leak on error path when creating new netns (Pavel Tikhomirov)
- netfilter: ebtables: fix table blob use-after-free (Florian Westphal)
- netfilter: ctnetlink: fix possible refcount leak in ctnetlink_create_conntrack() (Hangyu Hua)
- watchdog: sbsa_wdog: Make sure the timeout programming is within the limits (George Cherian)
- watchdog: pcwd_usb: Fix attempting to access uninitialized memory (Li Hua)
- watchdog: Fix kmemleak in watchdog_cdev_register (Chen Jun)
- watchdog: at91sam9_wdt: use devm_request_irq to avoid missing free_irq() in error path (ruanjinjie)
- um: virt-pci: properly remove PCI device from bus (Benjamin Berg)
- um: virtio_uml: move device breaking into workqueue (Benjamin Berg)
- um: virtio_uml: mark device as unregistered when breaking it (Benjamin Berg)
- um: virtio_uml: free command if adding to virtqueue failed (Benjamin Berg)
- x86: um: vdso: Add '%rcx' and '%r11' to the syscall clobber list (Ammar Faizi)
- netfilter: nf_tables: allow to fetch set elements when table has an owner (Pablo Neira Ayuso)
- ext4: use ext4_fc_tl_mem in fast-commit replay path (Eric Biggers)
- f2fs: fix to avoid potential memory corruption in __update_iostat_latency() (Yangtao Li)
- ubi: ubi_wl_put_peb: Fix infinite loop when wear-leveling work failed (Zhihao Cheng)
- ubi: Fix UAF wear-leveling entry in eraseblk_count_seq_show() (Zhihao Cheng)
- ubi: fastmap: Fix missed fm_anchor PEB in wear-leveling after disabling fastmap (Zhihao Cheng)
- ubifs: ubifs_writepage: Mark page dirty after writing inode failed (Zhihao Cheng)
- ubifs: dirty_cow_znode: Fix memleak in error handling path (Zhihao Cheng)
- ubifs: Re-statistic cleaned znode count if commit failed (Zhihao Cheng)
- ubi: Fix possible null-ptr-deref in ubi_free_volume() (Yang Yingliang)
- ubifs: Fix memory leak in alloc_wbufs() (Li Zetao)
- ubi: Fix unreferenced object reported by kmemleak in ubi_resize_volume() (Li Zetao)
- ubi: Fix use-after-free when volume resizing failed (Li Zetao)
- ubifs: Reserve one leb for each journal head while doing budget (Zhihao Cheng)
- ubifs: do_rename: Fix wrong space budget when target inode's nlink > 1 (Zhihao Cheng)
- ubifs: Fix wrong dirty space budget for dirty inode (Zhihao Cheng)
- ubifs: Rectify space budget for ubifs_xrename() (Zhihao Cheng)
- ubifs: Rectify space budget for ubifs_symlink() if symlink is encrypted (Zhihao Cheng)
- ubifs: Fix build errors as symbol undefined (Li Hua)
- ubi: ensure that VID header offset + VID header size <= alloc, size (George Kennedy)
- um: vector: Fix memory leak in vector_config (Xiang Yang)
- f2fs: allow set compression option of files without blocks (Yangtao Li)
- fs: f2fs: initialize fsdata in pagecache_write() (Alexander Potapenko)
- f2fs: use memcpy_{to,from}_page() where possible (Eric Biggers)
- pwm: stm32-lp: fix the check on arr and cmp registers update (Fabrice Gasnier)
- pwm: sifive: Always let the first pwm_apply_state succeed (Emil Renner Berthing)
- pwm: sifive: Reduce time the controller lock is held (Uwe Kleine-Konig)
- objtool: Fix memory leak in create_static_call_sections() (Miaoqian Lin)
- fs/jfs: fix shift exponent db_agl2size negative (Liu Shixin via Jfs-discussion)
- auxdisplay: hd44780: Fix potential memory leak in hd44780_remove() (Jianglei Nie)
- LTS version: v5.15.99 (Jack Vogel)
- kbuild: Port silent mode detection to future gnu make. (Dmitry Goncharov)
- wifi: ath9k: use proper statements in conditionals (Arnd Bergmann)
- arm64: dts: qcom: ipq8074: fix Gen2 PCIe QMP PHY (Robert Marko)
- iommu/vt-d: Fix an unbalanced rcu_read_lock/rcu_read_unlock() (Christophe JAILLET)
- media: uvcvideo: Fix memory leak of object map on error exit path (Colin Ian King)
- qede: avoid uninitialized entries in coal_entry array (Michal Schmidt)
- perf intel-pt: pkt-decoder: Add CFE and EVD packets (Adrian Hunter)
- drm/edid: fix AVI infoframe aspect ratio handling (Jani Nikula)
- drm/i915: Don't use BAR mappings for ring buffers with LLC (John Harrison)
- drm/radeon: Fix eDP for single-display iMac11,2 (Mark Hawrylak)
- drm/i915/quirks: Add inverted backlight quirk for HP 14-r206nv (Mavroudis Chatzilaridis)
- vfio/type1: restore locked_vm (Steve Sistare)
- vfio/type1: track locked_vm per dma (Steve Sistare)
- vfio/type1: prevent underflow of locked_vm via exec() (Steve Sistare)
- iommu/vt-d: Avoid superfluous IOTLB tracking in lazy mode (Jacob Pan)
- PCI: Avoid FLR for AMD FCH AHCI adapters (Damien Le Moal)
- PCI: hotplug: Allow marking devices as disconnected during bind/unbind (Lukas Wunner)
- PCI/PM: Observe reset delay irrespective of bridge_d3 (Lukas Wunner)
- MIPS: DTS: CI20: fix otg power gpio (H. Nikolaus Schaller)
- riscv: ftrace: Reduce the detour code size to half (Guo Ren)
- riscv: ftrace: Remove wasted nops for !RISCV_ISA_C (Guo Ren)
- riscv, mm: Perform BPF exhandler fixup on page fault (Bjorn Topel)
- riscv: jump_label: Fixup unaligned arch_static_branch function (Andy Chiu)
- riscv: mm: fix regression due to update_mmu_cache change (Sergey Matyukevich)
- RISC-V: add a spin_shadow_stack declaration (Conor Dooley)
- scsi: ses: Fix slab-out-of-bounds in ses_intf_remove() (Tomas Henzl)
- scsi: ses: Fix possible desc_ptr out-of-bounds accesses (Tomas Henzl)
- scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses (Tomas Henzl)
- scsi: ses: Fix slab-out-of-bounds in ses_enclosure_data_process() (Tomas Henzl)
- scsi: ses: Don't attach if enclosure has no components (James Bottomley)
- tools/bootconfig: fix single & used for logical condition (Antonio Alvarez Feijoo)
- ring-buffer: Handle race between rb_move_tail and rb_check_pages (Mukesh Ojha)
- ktest.pl: Add RUN_TIMEOUT option with default unlimited (Steven Rostedt)
- ktest.pl: Fix missing 'end_monitor' when machine check fails (Steven Rostedt)
- ktest.pl: Give back console on CtrtC on monitor (Steven Rostedt)
- mm/thp: check and bail out if page in deferred queue already (Yin Fengwei)
- mm: memcontrol: deprecate charge moving (Johannes Weiner)
- docs: gdbmacros: print newest record (John Ogness)
- remoteproc/mtk_scp: Move clk ops outside send_lock (Chen-Yu Tsai)
- media: ipu3-cio2: Fix PM runtime usage_count in driver unbind (Sakari Ailus)
- mips: fix syscall_get_nr (Elvira Khabirova)
- dax/kmem: Fix leak of memory-hotplug resources (Dan Williams)
- alpha: fix FEN fault handling (Al Viro)
- ceph: update the time stamps and try to drop the suid/sgid (Xiubo Li)
- rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails (Ilya Dryomov)
- fuse: add inode/permission checks to fileattr_get/fileattr_set (Alexander Mikhalitsyn)
- ARM: dts: exynos: correct TMU phandle in Odroid HC1 (Krzysztof Kozlowski)
- ARM: dts: exynos: correct TMU phandle in Odroid XU (Krzysztof Kozlowski)
- ARM: dts: exynos: correct TMU phandle in Exynos5250 (Krzysztof Kozlowski)
- ARM: dts: exynos: correct TMU phandle in Odroid XU3 family (Krzysztof Kozlowski)
- ARM: dts: exynos: correct TMU phandle in Exynos4 (Krzysztof Kozlowski)
- ARM: dts: exynos: correct TMU phandle in Exynos4210 (Krzysztof Kozlowski)
- ARM: dts: qcom: sdx55: Add Qcom SMMU-500 as the fallback for IOMMU node (Manivannan Sadhasivam)
- dm flakey: fix a bug with 32-bit highmem systems (Mikulas Patocka)
- dm flakey: don't corrupt the zero page (Mikulas Patocka)
- dm flakey: fix logic when corrupting a bio (Mikulas Patocka)
- thermal: intel: powerclamp: Fix cur_state for multi package system (Srinivas Pandruvada)
- qede: fix interrupt coalescing configuration (Manish Chopra)
- wifi: cfg80211: Fix use after free for wext (Alexander Wetzel)
- wifi: ath11k: allow system suspend to survive ath11k (Len Brown)
- wifi: rtl8xxxu: Use a longer retry limit of 48 (Bitterblue Smith)
- dm: add cond_resched() to dm_wq_work() (Pingfan Liu)
- dm: send just one event on resize, not two (Mikulas Patocka)
- mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type (Louis Rannou)
- mtd: spi-nor: spansion: Consider reserved bits in CFR5 register (Tudor Ambarus)
- mtd: spi-nor: sfdp: Fix index value for SCCR dwords (Takahiro Kuwano)
- ext4: refuse to create ea block when umounted (Jun Nie)
- ext4: optimize ea_inode block expansion (Jun Nie)
- jbd2: fix data missing when reusing bh which is ready to be checkpointed (Zhihao Cheng)
- ALSA: hda/realtek: Add quirk for HP EliteDesk 800 G6 Tower PC (Lukasz Stelmach)
- ALSA: ice1712: Do not left ice->gpio_mutex locked in aureon_add_controls() (Dmitry Fomin)
- io_uring/poll: allow some retries for poll triggering spuriously (Jens Axboe)
- io_uring: remove MSG_NOSIGNAL from recvmsg (David Lamparter)
- io_uring/rsrc: disallow multi-source reg buffers (Pavel Begunkov)
- ID
- ELSA-2023-12339
- Severity
- important
- URL
- https://linux.oracle.com/errata/ELSA-2023-12339.html
- Published
-
2023-05-09T00:00:00
(16 months ago) - Modified
-
2023-05-09T00:00:00
(16 months ago) - Rights
- Copyright 2023 Oracle, Inc.
- Other Advisories
-
-
ALAS-2024-1942
-
ALAS2-2024-2581
-
ALSA-2023:7077
-
ELSA-2023-12394
-
ELSA-2023-12412
-
ELSA-2023-12413
-
ELSA-2023-6583
-
ELSA-2023-7077
-
RHSA-2023:6901
-
RHSA-2023:7077
-
SSA:2023-172-02
-
SUSE-SU-2023:2500-1
-
SUSE-SU-2023:2646-1
-
SUSE-SU-2023:2653-1
-
SUSE-SU-2023:2782-1
-
SUSE-SU-2023:2809-1
-
SUSE-SU-2023:2871-1
-
USN-6033-1
-
USN-6123-1
-
USN-6124-1
-
USN-6127-1
-
USN-6130-1
-
USN-6131-1
-
USN-6132-1
-
USN-6135-1
-
USN-6149-1
-
USN-6150-1
-
USN-6162-1
-
USN-6175-1
-
USN-6186-1
-
USN-6222-1
-
USN-6256-1
-
USN-6699-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2023-12339 |
|
|
| CVE | CVE-2023-30456 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-9 | oraclelinux |
 kernel-uek
|
< 5.15.0-101.103.2.1.el9uek | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek?distro=oraclelinux-8 | oraclelinux |
kernel-uek
|
< 5.15.0-101.103.2.1.el8uek | oraclelinux-8 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-modules?distro=oraclelinux-9 | oraclelinux |
kernel-uek-modules
|
< 5.15.0-101.103.2.1.el9uek | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-modules?distro=oraclelinux-8 | oraclelinux |
kernel-uek-modules
|
< 5.15.0-101.103.2.1.el8uek | oraclelinux-8 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-modules-extra?distro=oraclelinux-9 | oraclelinux |
kernel-uek-modules-extra
|
< 5.15.0-101.103.2.1.el9uek | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-modules-extra?distro=oraclelinux-8 | oraclelinux |
kernel-uek-modules-extra
|
< 5.15.0-101.103.2.1.el8uek | oraclelinux-8 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-9 | oraclelinux |
kernel-uek-doc
|
< 5.15.0-101.103.2.1.el9uek | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-doc?distro=oraclelinux-8 | oraclelinux |
kernel-uek-doc
|
< 5.15.0-101.103.2.1.el8uek | oraclelinux-8 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-9 | oraclelinux |
kernel-uek-devel
|
< 5.15.0-101.103.2.1.el9uek | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-devel?distro=oraclelinux-8 | oraclelinux |
kernel-uek-devel
|
< 5.15.0-101.103.2.1.el8uek | oraclelinux-8 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-9 | oraclelinux |
kernel-uek-debug
|
< 5.15.0-101.103.2.1.el9uek | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug?distro=oraclelinux-8 | oraclelinux |
kernel-uek-debug
|
< 5.15.0-101.103.2.1.el8uek | oraclelinux-8 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-modules?distro=oraclelinux-9 | oraclelinux |
kernel-uek-debug-modules
|
< 5.15.0-101.103.2.1.el9uek | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-modules?distro=oraclelinux-8 | oraclelinux |
kernel-uek-debug-modules
|
< 5.15.0-101.103.2.1.el8uek | oraclelinux-8 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-modules-extra?distro=oraclelinux-9 | oraclelinux |
kernel-uek-debug-modules-extra
|
< 5.15.0-101.103.2.1.el9uek | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-modules-extra?distro=oraclelinux-8 | oraclelinux |
kernel-uek-debug-modules-extra
|
< 5.15.0-101.103.2.1.el8uek | oraclelinux-8 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-9 | oraclelinux |
kernel-uek-debug-devel
|
< 5.15.0-101.103.2.1.el9uek | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-devel?distro=oraclelinux-8 | oraclelinux |
kernel-uek-debug-devel
|
< 5.15.0-101.103.2.1.el8uek | oraclelinux-8 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-core?distro=oraclelinux-9 | oraclelinux |
kernel-uek-debug-core
|
< 5.15.0-101.103.2.1.el9uek | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-debug-core?distro=oraclelinux-8 | oraclelinux |
kernel-uek-debug-core
|
< 5.15.0-101.103.2.1.el8uek | oraclelinux-8 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-core?distro=oraclelinux-9 | oraclelinux |
kernel-uek-core
|
< 5.15.0-101.103.2.1.el9uek | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-core?distro=oraclelinux-8 | oraclelinux |
kernel-uek-core
|
< 5.15.0-101.103.2.1.el8uek | oraclelinux-8 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-container?distro=oraclelinux-8 | oraclelinux |
kernel-uek-container
|
< 5.15.0-101.103.2.1.el8uek | oraclelinux-8 | ||
| Affected | pkg:rpm/oraclelinux/kernel-uek-container-debug?distro=oraclelinux-8 | oraclelinux |
kernel-uek-container-debug
|
< 5.15.0-101.103.2.1.el8uek | oraclelinux-8 | ||
| Affected | pkg:rpm/oraclelinux/bpftool?distro=oraclelinux-9 | oraclelinux |
bpftool
|
< 5.15.0-101.103.2.1.el9uek | oraclelinux-9 | ||
| Affected | pkg:rpm/oraclelinux/bpftool?distro=oraclelinux-8 | oraclelinux |
bpftool
|
< 5.15.0-101.103.2.1.el8uek | oraclelinux-8 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |