-
Sun May 24 2020 Jack Vogel <jack.vogel@oracle.com> [5.4.17-2011.3.2.1.el7uek]
- x86/speculation: Add Ivy Bridge to affected list (Josh Poimboeuf) [Orabug: 31352779] {CVE-2020-0543}
- x86/speculation: Add SRBDS vulnerability and mitigation documentation (Mark Gross) [Orabug: 31352779] {CVE-2020-0543}
- x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Mark Gross) [Orabug: 31352779] {CVE-2020-0543}
- x86/cpu: Add 'table' argument to cpu_matches() (Mark Gross) [Orabug: 31352779] {CVE-2020-0543}
- x86/cpu: Add a steppings field to struct x86_cpu_id (Mark Gross) [Orabug: 31352779] {CVE-2020-0543}
- x86/speculation/spectre_v2: Exclude Zhaoxin CPUs from SPECTRE_V2 (Tony W Wang-oc) [Orabug: 31352779] {CVE-2020-0543}
-
Sat May 23 2020 Jack Vogel <jack.vogel@oracle.com> [5.4.17-2011.3.2.el7uek]
- USB: core: Fix free-while-in-use bug in the USB S-Glibrary (Alan Stern) [Orabug: 31350962] {CVE-2020-12464}
- mt76: fix array overflow on receiving too many fragments for a packet (Felix Fietkau) [Orabug: 31350952] {CVE-2020-12465}
- mwifiex: Fix possible buffer overflows in mwifiex_cmd_append_vsie_tlv() (Qing Xu) [Orabug: 31350929] {CVE-2020-12653}
- block, bfq: fix use-after-free in bfq_idle_slice_timer_body (Zhiqiang Liu) [Orabug: 31350910] {CVE-2020-12657}
- xsk: Add missing check on user supplied headroom size (Magnus Karlsson) [Orabug: 31350732] {CVE-2020-12659}
- mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() (Qing Xu) [Orabug: 31350513] {CVE-2020-12654}
- xen/manage: enable C_A_D to force reboot (Dongli Zhang) [Orabug: 31387411]
- KVM: x86: Fixes posted interrupt check for IRQs delivery modes (Suravee Suthikulpanit) [Orabug: 31316437]
- Revert "Revert "nvme_fc: add module to ops template to allow module references"" (James Smart) [Orabug: 31377552]
- uek-rpm: Move grub boot menu update to posttrans stage. (Somasundaram Krishnasamy) [Orabug: 31358097]
- KVM: SVM: Fix potential memory leak in svm_cpu_init() (Miaohe Lin) [Orabug: 31350455] {CVE-2020-12768}
-
Mon May 18 2020 Jack Vogel <jack.vogel@oracle.com> [5.4.17-2011.3.1.el7uek]
- intel_idle: Use ACPI _CST for processor models without C-state tables (Rafael J. Wysocki) [Orabug: 31332120]
- ACPI: processor: Export acpi_processor_evaluate_cst() (Rafael J. Wysocki) [Orabug: 31332120]
- ACPI: processor: Clean up acpi_processor_evaluate_cst() (Rafael J. Wysocki) [Orabug: 31332120]
- ACPI: processor: Introduce acpi_processor_evaluate_cst() (Rafael J. Wysocki) [Orabug: 31332120]
- ACPI: processor: Export function to claim _CST control (Rafael J. Wysocki) [Orabug: 31332120]
- rds: ib: Fix dysfunctional long address resolve timeout (Håkon Bugge) [Orabug: 31302704]
- KVM: x86: Revert "KVM: X86: Fix fpu state crash in kvm guest" (Sean Christopherson) [Orabug: 31333676]
- KVM: x86: Ensure guest's FPU state is loaded when accessing for emulation (Sean Christopherson) [Orabug: 31333676]
- KVM: x86: Handle TIF_NEED_FPU_LOAD in kvm_{load,put}_guest_fpu() (Sean Christopherson) [Orabug: 31333676]
- net: dsa: Do not leave DSA master with NULL netdev_ops (Florian Fainelli) [Orabug: 30456791]
- Revert "dsa: disable module unloading for ARM64" (Allen Pais) [Orabug: 30456791]
-
Sun May 10 2020 Jack Vogel <jack.vogel@oracle.com> [5.4.17-2011.3.0.el7uek]
- NFSv4.0: nfs4_do_fsinfo() should not do implicit lease renewals (Robert Milkowski) [Orabug: 31304406]
- NFSv4: try lease recovery on NFS4ERR_EXPIRED (Robert Milkowski) [Orabug: 31304406]
- btrfs: Don't submit any btree write bio if the fs has errors (Qu Wenruo) [Orabug: 31265336] {CVE-2019-19377} {CVE-2019-19377}
-
Sun May 03 2020 Jack Vogel <jack.vogel@oracle.com> [5.4.17-2011.2.2.el7uek]
- scsi: qla2xxx: Move free of fcport out of interrupt context (Joe Carnuccio) [Orabug: 31225231]
- xfs: move inode flush to the sync workqueue (Darrick J. Wong) [Orabug: 31132665]
- arm64: Kconfig: Enable NODES_SPAN_OTHER_NODES config for NUMA (Hoan Tran) [Orabug: 31049202]
- scsi: bnx2fc: timeout calculation invalid for bnx2fc_eh_abort() (Laurence Oberman) [Orabug: 31207643]
- jbd2: disable CONFIG_JBD2_DEBUG (Junxiao Bi) [Orabug: 31264694]
-
Sun Apr 26 2020 Jack Vogel <jack.vogel@oracle.com> [5.4.17-2011.2.1.el7uek]
- x86/mce: Restart the system when LMCE UE error occurs (Thomas Tai) [Orabug: 31218859]
- media: xirlink_cit: add missing descriptor sanity checks (Johan Hovold) [Orabug: 31213764] {CVE-2020-11668}
- media: ov519: add missing endpoint sanity checks (Johan Hovold) [Orabug: 31213755] {CVE-2020-11608}
- x86/microcode/AMD: Increase microcode PATCH_MAX_SIZE (John Allen) [Orabug: 31213533]
- media: stv06xx: add missing descriptor sanity checks (Johan Hovold) [Orabug: 31200576] {CVE-2020-11609}
- rds: Fix use-after-free in rds_ib_free_caches (Hans Westgaard Ry) [Orabug: 31200768]
- net/rds: Fix MR reference counting problem (Ka-Cheong Poon) [Orabug: 31130194]
- net/rds: Replace struct rds_mr's r_refcount with struct kref (Ka-Cheong Poon) [Orabug: 31130194]
- ctf: discard CTF from the vDSO (Nick Alcock) [Orabug: 31194036]
-
Sun Apr 19 2020 Jack Vogel <jack.vogel@oracle.com> [5.4.17-2011.2.0.el7uek]
- RDMA/rxe: Enhance Soft Roce to support Oracle proprietary shared PD extension (Rao Shoaib) [Orabug: 31094525]
- mm: Avoid creating virtual address aliases in brk()/mmap()/mremap() (Catalin Marinas) [Orabug: 31053313] {CVE-2020-9391}
- rds: Add debugfs for inc/frag cache statistics (Hans Westgaard Ry) [Orabug: 31137997]
- rds: Add inc/frag cache statistics (Hans Westgaard Ry) [Orabug: 31137997]
- rds: Control the CPU (de)allocating fragments (Hans Westgaard Ry) [Orabug: 31137997]
- rds: Change caching strategy for receive buffers (Hans Westgaard Ry) [Orabug: 31137997]
- rds: Add lockfree stack routines (Hans Westgaard Ry) [Orabug: 31137997]
- net_sched: fix an OOB access in cls_tcindex (Cong Wang) [Orabug: 30871138]
- vgacon: Fix a UAF in vgacon_invert_region (Zhang Xiaoxu) [Orabug: 31143943] {CVE-2020-8649} {CVE-2020-8647} {CVE-2020-8647} {CVE-2020-8649} {CVE-2020-8647}
-
Sat Apr 11 2020 Jack Vogel <jack.vogel@oracle.com> [5.4.17-2011.1.1.el7uek]
- slcan: Don't transmit uninitialized stack data in padding (Richard Palethorpe) [Orabug: 31136750] {CVE-2020-11494}
- blktrace: Protect q->blk_trace with RCU (Jan Kara) [Orabug: 31123573] {CVE-2019-19768}
- KVM: x86: clear stale x86_emulate_ctxt->intercept value (Vitaly Kuznetsov) [Orabug: 31118688]
- perf/x86/amd: Add support for Large Increment per Cycle Events (Kim Phillips) [Orabug: 31104924]
- perf/x86/amd: Constrain Large Increment per Cycle events (Kim Phillips) [Orabug: 31104924]
- kvm/svm: PKU not currently supported (John Allen) [Orabug: 31104924]
- KVM: SVM: Override default MMIO mask if memory encryption is enabled (Tom Lendacky) [Orabug: 31104924]
- EDAC/amd64: Drop some family checks for newer systems (Yazen Ghannam) [Orabug: 31104924]
- x86/amd_nb: Add Family 19h PCI IDs (Yazen Ghannam) [Orabug: 31104924]
- EDAC/mce_amd: Always load on SMCA systems (Yazen Ghannam) [Orabug: 31104924]
- x86/MCE/AMD, EDAC/mce_amd: Add new Load Store unit McaType (Yazen Ghannam) [Orabug: 31104924]
- EDAC/amd64: Add family ops for Family 19h Models 00h-0Fh (Yazen Ghannam) [Orabug: 31104924]
- EDAC/amd64: Check for memory before fully initializing an instance (Yazen Ghannam) [Orabug: 31104924]
- EDAC/amd64: Use cached data when checking for ECC (Yazen Ghannam) [Orabug: 31104924]
- EDAC/amd64: Save max number of controllers to family type (Yazen Ghannam) [Orabug: 31104924]
- EDAC/amd64: Gather hardware information early (Yazen Ghannam) [Orabug: 31104924]
- EDAC/amd64: Make struct amd64_family_type global (Yazen Ghannam) [Orabug: 31104924]
- floppy: check FDC index for errors before assigning it (Linus Torvalds) [Orabug: 31067510] {CVE-2020-9383}
- KVM: SVM: Guard against DEACTIVATE when performing WBINVD/DF_FLUSH (Tom Lendacky) [Orabug: 31012269]
- KVM: SVM: Serialize access to the SEV ASID bitmap (Tom Lendacky) [Orabug: 31012269]
- iommu/vt-d: Allow devices with RMRRs to use identity domain (Lu Baolu) [Orabug: 31127400]
-
Sun Apr 05 2020 Jack Vogel <jack.vogel@oracle.com> [5.4.17-2011.1.0.el7uek]
- vhost: Check docket sk_family instead of call getname (Eugenio Pérez) [Orabug: 31085989] {CVE-2020-10942}
- selftests/net: add definition for SOL_DCCP to fix compilation errors for old libc (Alan Maguire) [Orabug: 31078892]
- kernel: cpu.c: fix print typo about SMT status (Mihai Carabas) [Orabug: 31053334]
- nfs: optimise readdir cache page invalidation (Dai Ngo) [Orabug: 31044292]
- NFS: Directory page cache pages need to be locked when read (Trond Myklebust) [Orabug: 31044292]
- rds: transport module should be auto loaded when transport is set (Rao Shoaib) [Orabug: 31032126]
- efi: Fix a race and a buffer overflow while reading efivars via sysfs (Vladis Dronov) [Orabug: 31020408]
- net: Support GRO/GSO fraglist chaining. (Steffen Klassert) [Orabug: 30670829]
- net: Add fraglist GRO/GSO feature flags (Steffen Klassert) [Orabug: 30670829]
- udp: Support UDP fraglist GRO/GSO. (Steffen Klassert) [Orabug: 30670829]
- net: remove the check argument from __skb_gro_checksum_convert (Li RongQing) [Orabug: 30670829]
- Revert "nvme_fc: add module to ops template to allow module references" (John Donnelly) [Orabug: 31119387]
- ext4: add cond_resched() to ext4_protect_reserved_inode (Shijie Luo) [Orabug: 31067112] {CVE-2020-8992}
- dsa: disable module unloading for ARM64 (Allen Pais) [Orabug: 30456791]
- bpf: Undo incorrect __reg_bound_offset32 handling (Daniel Borkmann) [Orabug: 31127385] {CVE-2020-8835}
- bpf: Fix tnum constraints for 32-bit comparisons (Jann Horn) [Orabug: 31127385] {CVE-2020-8835}
-
Mon Mar 16 2020 Jack Vogel <jack.vogel@oracle.com> [5.4.17-2011.0.7.el7uek]
- uek-rpm: Add installonlypkgs option to allow install of multiple versions (Somasundaram Krishnasamy) [Orabug: 31030642]