-
Sat Mar 14 2020 Somasundaram Krishnasamy <somasundaram.krishnasamy@oracle.com> [4.14.35-1902.12.0.el7uek]
- xenbus: req->err should be updated before req->state (Dongli Zhang) [Orabug: 31009596]
- xenbus: req->body should be updated before req->state (Dongli Zhang) [Orabug: 31009596]
- nvme: fix possible deadlock when nvme_update_formats fails (Sagi Grimberg) [Orabug: 31002558]
- xen: bypass the timer_irq_works() check for HVM (Dongli Zhang) [Orabug: 30998549]
- xfs: Fix deadlock between AGI and AGF with RENAME_WHITEOUT (kaixuxia) [Orabug: 30788181]
- rds: Cancel pending connections on connection request (Dag Moxnes) [Orabug: 30915241]
- drivers/nvme: provide a module parameter for setting number of I/O queues (Shan Hai) [Orabug: 30453714]
-
Tue Mar 10 2020 Somasundaram Krishnasamy <somasundaram.krishnasamy@oracle.com> [4.14.35-1902.11.3.el7uek]
- xfs: do async inactivation only when fs freezed (Junxiao Bi) [Orabug: 31013775]
-
Wed Mar 04 2020 Somasundaram Krishnasamy <somasundaram.krishnasamy@oracle.com> [4.14.35-1902.11.2.el7uek]
- ib/core: Cancel fmr delayed_worker when in shutdown phase of reboot system (Hans Westgaard Ry) [Orabug: 30967501]
- Revert "printk: Default console logging level should be set to 4" (Cesar Roque) [Orabug: 30833249]
- cgroup: psi: fix memory leak when freeing a cgroup work function (Tom Hromatka) [Orabug: 30903264]
-
Fri Feb 21 2020 Somasundaram Krishnasamy <somasundaram.krishnasamy@oracle.com> [4.14.35-1902.11.1.el7uek]
- xfs: fix deadlock between shrinker and fs freeze (Junxiao Bi) [Orabug: 30657780]
- xfs: increase the default parallelism levels of pwork clients (Darrick J. Wong) [Orabug: 30657780]
- xfs: decide if inode needs inactivation (Darrick J. Wong) [Orabug: 30657780]
- xfs: refactor the predicate part of xfs_free_eofblocks (Darrick J. Wong) [Orabug: 30657780]
- mwifiex: fix unbalanced locking in mwifiex_process_country_ie() (Brian Norris) [Orabug: 30781858] {CVE-2019-14895}
- mwifiex: fix possible heap overflow in mwifiex_process_country_ie() (Ganapathi Bhat) [Orabug: 30781858] {CVE-2019-14895} {CVE-2019-14895}
- ipmi_ssif: avoid registering duplicate ssif interface (Kamlakant Patel) [Orabug: 30916684]
- ipmi: Fix NULL pointer dereference in ssif_probe (Gustavo A. R. Silva) [Orabug: 30916684]
- uio: Fix an Oops on load (Dan Carpenter) [Orabug: 30897832]
- drm/i915: Fix use-after-free when destroying GEM context (Tyler Hicks) [Orabug: 30860457] {CVE-2020-7053}
- xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT (Darrick J. Wong) [Orabug: 30788113]
- slub: extend slub debug to handle multiple slabs (Aaron Tomlin) [Orabug: 30903135]
- RAS/CEC: Fix binary search function (Borislav Petkov) [Orabug: 30897849]
- CIFS: fix POSIX lock leak and invalid ptr deref (Aurelien Aptel) [Orabug: 30809456]
- rds: Avoid flushing MRs in rds_rdma_drop_keys (aru kolappan) [Orabug: 30681066]
-
Fri Feb 14 2020 Somasundaram Krishnasamy <somasundaram.krishnasamy@oracle.com> [4.14.35-1902.11.0.el7uek]
- rds: Avoid qp overflow when posting invalidate/register mr with frwr (Hans Westgaard Ry) [Orabug: 30888677]
- rds: Use bitmap to designate dropped connections (Håkon Bugge) [Orabug: 30852643]
- rds: prevent use-after-free of rds conn in rds_send_drop_to() (Sharath Srinivasan) [Orabug: 30865079]
- media: b2c2-flexcop-usb: add sanity checking (Oliver Neukum) [Orabug: 30864532] {CVE-2019-15291}
- KVM: vmx: use MSR_IA32_TSX_CTRL to hard-disable TSX on guest that lack it (Paolo Bonzini) [Orabug: 30846856]
- KVM: vmx: implement MSR_IA32_TSX_CTRL disable RTM functionality (Paolo Bonzini) [Orabug: 30846856]
- KVM: x86: implement MSR_IA32_TSX_CTRL effect on CPUID (Paolo Bonzini) [Orabug: 30846856]
- KVM: x86: do not modify masked bits of shared MSRs (Paolo Bonzini) [Orabug: 30846856]
- KVM: x86: fix presentation of TSX feature in ARCH_CAPABILITIES (Paolo Bonzini) [Orabug: 30846856]
- xen/ovmapi: whitelist more caches (Boris Ostrovsky) [Orabug: 30837856]
- mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame() (qize wang) [Orabug: 30819438] {CVE-2019-14901}
- drm/i915/gen9: Clear residual context state on context switch (Akeem G Abodunrin) [Orabug: 30773852] {CVE-2019-14615} {CVE-2019-14615}
- rds: unlock rs_snd_lock before calling rhashtable_insert_fast (aru kolappan) [Orabug: 30734590]
-
Thu Feb 06 2020 Somasundaram Krishnasamy <somasundaram.krishnasamy@oracle.com> [4.14.35-1902.10.8.el7uek]
- KVM: nVMX: Check IO instruction VM-exit conditions (Oliver Upton) [Orabug: 30847136] {CVE-2020-2732}
- KVM: nVMX: Refactor IO bitmap checks into helper function (Oliver Upton) [Orabug: 30847136] {CVE-2020-2732}
- KVM: nVMX: Don't emulate instructions in guest mode (Paolo Bonzini) [Orabug: 30847136] {CVE-2020-2732}
-
Fri Jan 31 2020 Somasundaram Krishnasamy <somasundaram.krishnasamy@oracle.com> [4.14.35-1902.10.7.el7uek]
- rtlwifi: Fix potential overflow on P2P code (Laura Abbott) [Orabug: 30807747] {CVE-2019-17666}
- rds: fix an infoleak in rds_inc_info_copy (Kangjie Lu) [Orabug: 30770961] {CVE-2016-5244}
- KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID (CVE-2019-19332) (Paolo Bonzini) [Orabug: 30658694] {CVE-2019-19332}
-
Sun Jan 26 2020 Somasundaram Krishnasamy <somasundaram.krishnasamy@oracle.com> [4.14.35-1902.10.6.el7uek]
- IB/mlx4: Fix use after free in RDMA CM disconnect code path (Manjunath Patil)
- RDMA/cma: Relax device check in cma_match_net_dev() (Håkon Bugge) [Orabug: 30809126]
- IB/mlx4: Fix leak in id_map_find_del (Håkon Bugge) [Orabug: 30805810]
- net: IP6 defrag: use rbtrees in nf_conntrack_reasm.c (Peter Oskolkov) [Orabug: 30787503]
- net: IP6 defrag: use rbtrees for IPv6 defrag (Peter Oskolkov) [Orabug: 30787503]
- ipv6: remove dependency of nf_defrag_ipv6 on ipv6 module (Florian Westphal) [Orabug: 30787503]
- net: IP defrag: encapsulate rbtree defrag code into callable functions (Peter Oskolkov) [Orabug: 30787503]
- ipv6: frags: fix a lockdep false positive (Eric Dumazet) [Orabug: 30787503]
-
Fri Jan 24 2020 Somasundaram Krishnasamy <somasundaram.krishnasamy@oracle.com> [4.14.35-1902.10.5.el7uek]
- drm/i915/cmdparser: Fix jump whitelist clearing (Ben Hutchings) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915/gen8+: Add RC6 CTX corruption WA (Imre Deak) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Lower RM timeout to avoid DSI hard hangs (Uma Shankar) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915/cmdparser: Ignore Length operands during command matching (Jon Bloomfield) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915/cmdparser: Add support for backward jumps (Jon Bloomfield) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915/cmdparser: Use explicit goto for error paths (Jon Bloomfield) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Add gen9 BCS cmdparsing (Jon Bloomfield) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Allow parsing of unsized batches (Jon Bloomfield) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Support ro ppgtt mapped cmdparser shadow buffers (Jon Bloomfield) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Add support for mandatory cmdparsing (Jon Bloomfield) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Remove Master tables from cmdparser (Jon Bloomfield) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Disable Secure Batches for gen6+ (Jon Bloomfield) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Rename gen7 cmdparser tables (Jon Bloomfield) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Move engine->needs_cmd_parser to engine->flags (Tvrtko Ursulin) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Don't use GPU relocations prior to cmdparser stalls (Chris Wilson) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Silence smatch for cmdparser (Chris Wilson) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915/cmdparser: Do not check past the cmd length. (Michal Srb) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915/cmdparser: Check reg_table_count before derefencing. (Michal Srb) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915: Prevent writing into a read-only object via a GGTT mmap (Chris Wilson) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915/gtt: Disable read-only support under GVT (Chris Wilson) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915/gtt: Read-only pages for insert_entries on bdw+ (Vivi, Rodrigo) [Orabug: 30656819] {CVE-2019-0154}
- drm/i915/gtt: Add read only pages to gen8_pte_encode (Jon Bloomfield) [Orabug: 30656819] {CVE-2019-0154}
- blk-wbt: Avoid lock contention and thundering herd issue in wbt_wait (Anchal Agarwal) [Orabug: 30681025]
- x86: microcode: propagate return value to siblings (Mihai Carabas) [Orabug: 30557081]
- x86/bugs: TSX not disabled at late loading (Mihai Carabas) [Orabug: 30557081]
- x86/bugs: missed initconst cpu_vuln_whitelist used at late loading (Mihai Carabas) [Orabug: 30659681]
- mwifiex: Fix mem leak in mwifiex_tm_cmd (YueHaibing) [Orabug: 30732918] {CVE-2019-20095}
- fs/proc/proc_sysctl.c: fix NULL pointer dereference in put_links (YueHaibing) [Orabug: 30732937] {CVE-2019-20054}
- fjes: Handle workqueue allocation failure (Will Deacon) [Orabug: 30771875] {CVE-2019-16231}
-
Fri Jan 17 2020 Somasundaram Krishnasamy <somasundaram.krishnasamy@oracle.com> [4.14.35-1902.10.4.el7uek]
- kvm: Don't reference vcpu->arch.st in arch-independent code (Boris Ostrovsky) [Orabug: 30489861]
- kvm: fix compile on s390 part 2 (Christian Borntraeger) [Orabug: 30489861]
- kvm: fix compilation on s390 (Paolo Bonzini) [Orabug: 30489861]
- kvm: fix compilation on aarch64 (Paolo Bonzini) [Orabug: 30489861]