-
Fri Nov 18 2022 Alok Tiwari <alok.a.tiwari@oracle.com> [4.1.12-124.68.3.1.el7uek]
- fs/attr.c: handling case when inode does not attach with dentry structure (Alok Tiwari) [Orabug: 34733462] [Orabug: 34798221]
-
Fri Oct 28 2022 Alok Tiwari <alok.a.tiwari@oracle.com> [4.1.12-124.68.3.el7uek]
- Orabug: 34733462 (Alok Tiwari)
-
Tue Oct 18 2022 Alok Tiwari <alok.a.tiwari@oracle.com> [4.1.12-124.68.2.el7uek]
- ptp: fix the race between the release of ptp_clock and cdev (Vladis Dronov) [Orabug: 31350707] {CVE-2020-10690}
- ptp: Fix pass zero to ERR_PTR() in ptp_clock_register (YueHaibing) [Orabug: 31350707]
- chardev: add helper function to register char devs with a struct device (Logan Gunthorpe) [Orabug: 31350707]
- ptp: create "pins" together with the rest of attributes (Dmitry Torokhov) [Orabug: 31350707]
- ptp: use is_visible method to hide unused attributes (Dmitry Torokhov) [Orabug: 31350707]
- ptp: do not explicitly set drvdata in ptp_clock_register() (Dmitry Torokhov) [Orabug: 31350707]
- xfs: add agf freeblocks verify in xfs_agf_verify (Zheng Bin) [Orabug: 31350923] {CVE-2020-12655}
- netfilter: nf_queue: do not allow packet truncation below transport header offset (Florian Westphal) [Orabug: 34475433] {CVE-2022-36946}
- media: em28xx: initialize refcount before kref_get (Dongliang Mu) [Orabug: 34619522] {CVE-2022-3239}
-
Thu Oct 06 2022 Alok Tiwari <alok.a.tiwari@oracle.com> [4.1.12-124.68.1.el7uek]
- fs: Avoid premature clearing of capabilities (Jan Kara) [Orabug: 20429825] {CVE-2015-1350}
- fs: Give dentry to inode_change_ok() instead of inode (Jan Kara) [Orabug: 20429825] {CVE-2015-1350}
- nfsd: Disable NFSv2 timestamp workaround for NFSv3+ (Andreas Gruenbacher) [Orabug: 20429825] {CVE-2015-1350}
- fuse: Propagate dentry down to inode_change_ok() (Jan Kara) [Orabug: 20429825] {CVE-2015-1350}
- xfs: Propagate dentry down to inode_change_ok() (Jan Kara) [Orabug: 20429825] {CVE-2015-1350}
- media: v4l2-compat-ioctl32.c: refactor compat ioctl32 logic (Daniel Mentz) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: don't copy back the result for certain errors (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: drop pr_info for unknown buffer type (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: copy clip list in put_v4l2_window32 (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32: Copy v4l2_window->global_alpha (Daniel Mentz) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: make ctrl_is_pointer work for subdevs (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: fix ctrl_is_pointer (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: copy m.userptr in put_v4l2_plane32 (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: avoid sizeof(type) (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: move 'helper' functions to __get/put_v4l2_format32 (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: fix the indentation (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32.c: add missing VIDIOC_PREPARE_BUF (Hans Verkuil) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32: Fix timespec conversion (Daniel Mentz) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32: fix missing reserved field copy in put_v4l2_create32 (Tiffany Lin) [Orabug: 28036613] {CVE-2017-13166}
- media: v4l2-compat-ioctl32: fix missing length copy in put_v4l2_buffer32 (Tiffany Lin) [Orabug: 28036613] {CVE-2017-13166}
- mwifiex: Fix possible buffer overflows in mwifiex_ret_wmm_get_status() (Qing Xu) [Orabug: 31350517] {CVE-2020-12654}
- media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() (Dan Carpenter) [Orabug: 33488041] {CVE-2021-42739}
-
Tue Sep 20 2022 Alok Tiwari <alok.a.tiwari@oracle.com> [4.1.12-124.67.3.el7uek]
- media: imon: Fix null-ptr-deref in imon_probe (Arvind Yadav) [Orabug: 31225377] {CVE-2017-16537}
- fbcon: remove soft scrollback code (Linus Torvalds) [Orabug: 31914703] {CVE-2020-14390}
- inet: use bigger hash table for IP ID generation (Eric Dumazet) [Orabug: 33778986] {CVE-2021-45486}
- ipv4: speedup ip_idents_reserve() (Eric Dumazet) [Orabug: 33778986]
-
Thu Sep 15 2022 Alok Tiwari <alok.a.tiwari@oracle.com> [4.1.12-124.67.2.el7uek]
- media: v4l: ioctl: Fix memory leak in video_usercopy (Sakari Ailus) [Orabug: 32759975] {CVE-2021-30002}
- usbnet: silence an unnecessary warning (Oliver Neukum) [Orabug: 23589045]
- futex: Remove requirement for lock_page() in get_futex_key() (Mel Gorman) [Orabug: 29048998] {CVE-2018-9422}
- mwifiex: Fix skb_over_panic in mwifiex_usb_recv() (Zekun Shen) [Orabug: 33784271] {CVE-2021-43976}
- af_key: Do not call xfrm_probe_algs in parallel (Herbert Xu) [Orabug: 34566754] {CVE-2022-3028}
- ext4: fix kernel infoleak via ext4_extent_header (Anirudh Rayabharam) [Orabug: 34579226] {CVE-2022-0850}
- net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup (Jann Horn) [Orabug: 34594265] {CVE-2022-2964}
- net: usb: ax88179_178a: initialize local variables before use (Phillip Potter) [Orabug: 34594265]
- net: usb: ax88179_178a: fix packet alignment padding (Jeremy Kerr) [Orabug: 34594265]
- ax88179_178a: Check for supported Wake-on-LAN modes (Florian Fainelli) [Orabug: 34594265]
- Net Driver: Add Cypress GX3 VID=04b4 PID=3610. (Allan Chou) [Orabug: 34594265]
-
Tue Sep 06 2022 Alok Tiwari <alok.a.tiwari@oracle.com> [4.1.12-124.67.1.el7uek]
- KEYS: fix keyctl_set_reqkey_keyring() to not leak thread keyrings (Eric Biggers) [Orabug: 27902747] {CVE-2017-7472}
- KEYS: prevent creating a different user's keyrings (Eric Biggers) [Orabug: 29013653] {CVE-2017-18270}
- scsi: sg: add sg_remove_request in sg_write (Wu Bo) [Orabug: 31350699] {CVE-2020-12770}
- xfrm: xfrm_policy: fix a possible double xfrm_pols_put() in xfrm_bundle_lookup() (Hangyu Hua) [Orabug: 34503626] {CVE-2022-36879}
- ext4: verify dir block before splitting it (Jan Kara) [Orabug: 34555416] {CVE-2022-1184}
- dm verity: set DM_TARGET_IMMUTABLE feature flag (Sarthak Kukreti) [Orabug: 34555434] {CVE-2022-2503}
-
Tue Aug 23 2022 aloktiw <alok.a.tiwari@oracle.com> [4.1.12-124.66.3.el7uek]
- fuse: fix pipe buffer lifetime for direct_io (Miklos Szeredi) [Orabug: 33981149] {CVE-2022-1011}
- vt: drop old FONT ioctls (Jiri Slaby) [Orabug: 34408794] {CVE-2021-33656}
- video: of_display_timing.h: include errno.h (Hsin-Yi Wang) [Orabug: 34408910] {CVE-2021-33655}
- fbcon: Disallow setting font bigger than screen size (Helge Deller) [Orabug: 34408910] {CVE-2021-33655}
- scsi: target: Fix WRITE_SAME No Data Buffer crash (Mike Christie) [Orabug: 34419974] {CVE-2022-21546}
- scsi/eh: fix hang adding ehandler wakeups after decrementing host_busy (Gulam Mohamed) [Orabug: 33349684] [Orabug: 34492498]
-
Wed Aug 10 2022 aloktiw <alok.a.tiwari@oracle.com> [4.1.12-124.66.2.el7uek]
- mm: enforce min addr even if capable() in expand_downwards() (Jann Horn) [Orabug: 29501997] {CVE-2019-9213}
- ACPICA: Reference Counts: increase max to 0x4000 for large servers (Erik Schmauss)
- ipv4: tcp: send zero IPID in SYNACK messages (Eric Dumazet) [Orabug: 33917058] {CVE-2020-36516}
- ipv4: Cache net in ip_build_and_send_pkt and ip_queue_xmit (Eric W. Biederman) [Orabug: 33917058] {CVE-2020-36516}
- ipv4: igmp: guard against silly MTU values (Eric Dumazet) [Orabug: 33917058] {CVE-2020-36516}
- inet: constify ip_dont_fragment() arguments (Eric Dumazet) [Orabug: 33917058] {CVE-2020-36516}
- ip: constify ip_build_and_send_pkt() socket argument (Eric Dumazet) [Orabug: 33917058] {CVE-2020-36516}
- vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console (Eric Biggers) [Orabug: 34433461] {CVE-2020-36557}
- vt: vt_ioctl: fix race in VT_RESIZEX (Eric Dumazet) [Orabug: 34433476] {CVE-2020-36558}
- VT_RESIZEX: get rid of field-by-field copyin (Al Viro) [Orabug: 34433476]
- net_sched: cls_route: remove from list when handle is 0 (Thadeu Lima de Souza Cascardo) [Orabug: 34460939] [Orabug: 34484730] {CVE-2022-2588}
-
Tue Aug 02 2022 aloktiw <alok.a.tiwari@oracle.com> [4.1.12-124.66.1.el7uek]
- net: fix uninit-value in __hw_addr_add_ex() (Eric Dumazet) [Orabug: 34395887]
- mac80211: silence an uninitialized variable warning (Dan Carpenter) [Orabug: 34396283]