Lucene search

K
oraclelinuxOracleLinuxELSA-2019-4685
HistoryJun 17, 2019 - 12:00 a.m.

Unbreakable Enterprise kernel security update

2019-06-1700:00:00
linux.oracle.com
387

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%

[4.14.35-1902.2.0]

  • mm: account managed pages to correct zone during deferred page init (Daniel Jordan) [Orabug: 29914836]
    [4.14.35-1902.1.5]
  • CVE numbers for build v4.14.35-1902.1.3 and fixup (Jack Vogel) [Orabug: 29890784] [Orabug: 29884301] [Orabug: 29884301] {CVE-2019-11477} {CVE-2019-11478} {CVE-2019-11479}
    [4.14.35-1902.1.4]
  • tcp: fix fack_count accounting on tcp_shift_skb_data() (Joao Martins) [Orabug: 29890784]
  • tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (Eric Dumazet) [Orabug: 29886594]
    [4.14.35-1902.1.3]
  • tcp: add tcp_min_snd_mss sysctl (Eric Dumazet) [Orabug: 29884301]
  • tcp: tcp_fragment() should apply sane memory limits (Eric Dumazet) [Orabug: 29884301]
  • tcp: limit payload size of sacked skbs (Eric Dumazet) [Orabug: 29884301]
    [4.14.35-1902.1.2]
  • libnvdimm/of_pmem: Fix platform_no_drv_owner.cocci warnings (YueHaibing) [Orabug: 29827576]
  • libnvdimm, pfn: Fix over-trim in trim_pfn_device() (Wei Yang) [Orabug: 29827576]
  • libnvdimm/btt: Fix LBA masking during ‘free list’ population (Vishal Verma) [Orabug: 29827576]
  • libnvdimm/btt: Remove unnecessary code in btt_freelist_init (Vishal Verma) [Orabug: 29827576]
  • acpi/nfit: Update NFIT flags error message (Toshi Kani) [Orabug: 29827576]
  • libnvdimm/namespace: Clean up holder_class_store() (Dan Williams) [Orabug: 29827576]
  • libnvdimm/pfn: Remove dax_label_reserve (Dan Williams) [Orabug: 29827576]
  • dax: Check the end of the block-device capacity with dax_direct_access() (Dan Williams) [Orabug: 29827576]
  • nfit/ars: Avoid stale ARS results (Dan Williams) [Orabug: 29827576]
  • nfit/ars: Allow root to busy-poll the ARS state machine (Dan Williams) [Orabug: 29827576]
  • nfit/ars: Introduce scrub_flags (Dan Williams) [Orabug: 29827576]
  • nfit/ars: Remove ars_start_flags (Dan Williams) [Orabug: 29827576]
  • nfit/ars: Attempt short-ARS even in the no_init_ars case (Dan Williams) [Orabug: 29827576]
  • nfit/ars: Attempt a short-ARS whenever the ARS state is idle at boot (Dan Williams) [Orabug: 29827576]
  • acpi/nfit: Require opt-in for read-only label configurations (Dan Williams) [Orabug: 29827576]
  • libnvdimm/pmem: Honor force_raw for legacy pmem regions (Dan Williams) [Orabug: 29827576]
  • libnvdimm/pfn: Account for PAGE_SIZE > info-block-size in nd_pfn_init() (Dan Williams) [Orabug: 29827576]
  • libnvdimm/dimm: Add a no-BLK quirk based on NVDIMM family (Dan Williams) [Orabug: 29827576]
  • nfit: Fix nfit_intel_shutdown_status() command submission (Dan Williams) [Orabug: 29827576]
  • libnvdimm/label: Clear ‘updating’ flag after label-set update (Dan Williams) [Orabug: 29827576]
  • nfit: Add Hyper-V NVDIMM DSM command set to white list (Dexuan Cui) [Orabug: 29827576]
  • hugetlbfs: boot failure if gigantic pages allocated on command line (Mike Kravetz) [Orabug: 29811544]
  • Revert ‘net_failover: delay taking over primary device to accommodate udevd renaming’ (Si-Wei Liu) [Orabug: 29707254]
  • failover: allow name change on IFF_UP slave interfaces (Si-Wei Liu) [Orabug: 29707254]
  • xfs: add lazytime mount option (Darrick J. Wong) [Orabug: 29609388]
  • iversion: make inode_cmp_iversion{+raw} return bool instead of s64 (Jeff Layton) [Orabug: 29609388]
  • xfs: implement the lazytime mount option (Christoph Hellwig) [Orabug: 29609388]
  • fs: dont clear I_DIRTY_TIME before calling mark_inode_dirty_sync (Christoph Hellwig) [Orabug: 29609388]
  • fs: handle inode->i_version more efficiently (Jeff Layton) [Orabug: 29609388]
  • btrfs: only dirty the inode in btrfs_update_time if something was changed (Jeff Layton) [Orabug: 29609388]
  • xfs: avoid setting XFS_ILOG_CORE if i_version doesnt need incrementing (Jeff Layton) [Orabug: 29609388]
  • fs: only set S_VERSION when updating times if necessary (Jeff Layton) [Orabug: 29609388]
  • IMA: switch IMA over to new i_version API (Jeff Layton) [Orabug: 29609388]
  • xfs: convert to new i_version API (Jeff Layton) [Orabug: 29609388]
  • ufs: use new i_version API (Jeff Layton) [Orabug: 29609388]
  • ocfs2: convert to new i_version API (Jeff Layton) [Orabug: 29609388]
  • nfsd: convert to new i_version API (Jeff Layton) [Orabug: 29609388]
  • nfs: convert to new i_version API (Jeff Layton) [Orabug: 29609388]
  • ext4: convert to new i_version API (Jeff Layton) [Orabug: 29609388]
  • ext2: convert to new i_version API (Jeff Layton) [Orabug: 29609388]
  • exofs: switch to new i_version API (Jeff Layton) [Orabug: 29609388]
  • btrfs: convert to new i_version API (Jeff Layton) [Orabug: 29609388]
  • afs: convert to new i_version API (Jeff Layton) [Orabug: 29609388]
  • affs: convert to new i_version API (Jeff Layton) [Orabug: 29609388]
  • fat: convert to new i_version API (Jeff Layton) [Orabug: 29609388]
  • fs: dont take the i_lock in inode_inc_iversion (Jeff Layton) [Orabug: 29609388]
  • fs: new API for handling inode->i_version (Jeff Layton) [Orabug: 29609388]
  • orangefs: remove initialization of i_version (Jeff Layton) [Orabug: 29609388]
  • nilfs2: remove inode->i_version initialization (Jeff Layton) [Orabug: 29609388]
  • jfs: remove increment of i_version counter (Jeff Layton) [Orabug: 29609388]
  • hpfs: dont bother with the i_version counter or f_version (Jeff Layton) [Orabug: 29609388]
  • f2fs: dont bother with inode->i_version (Jeff Layton) [Orabug: 29609388]
  • ceph: remove the bump of i_version (Jeff Layton) [Orabug: 29609388]
  • ecryptfs: remove unnecessary i_version bump (Jeff Layton) [Orabug: 29609388]
  • EDAC: Drop per-memory controller buses (Borislav Petkov) [Orabug: 29721320]
  • EDAC: Dont add devices under /sys/bus/edac (Tony Luck) [Orabug: 29721320]
  • EDAC: Raise the maximum number of memory controllers (Justin Ernst) [Orabug: 29721320]
  • EDAC, skx_edac: Handle systems with segmented PCI busses (Tony Luck) [Orabug: 29721320]
  • block: delete part_round_stats and switch to less precise counting (Mikulas Patocka) [Orabug: 29223046]
  • dm: simplify start of block stats accounting for bio-based (Mike Snitzer) [Orabug: 29223046]
    [4.14.35-1902.1.1]
  • ovl: hash non-dir by lower inode for fsnotify (Amir Goldstein) [Orabug: 29634764]
  • ocfs2: fix ocfs2 read inode data panic in ocfs2_iget (Shuning Zhang) [Orabug: 29811589]
  • x86/speculation/mds: Check for the right microcode before setting mitigation (Kanth Ghatraju) [Orabug: 29797116]
  • x86/speculation/mds: Add ‘mitigations=’ support for MDS (Josh Poimboeuf) [Orabug: 29791045]
  • net: rds: force to destroy connection if t_sock is NULL in rds_tcp_kill_sock(). (Mao Wenan) [Orabug: 29802783] {CVE-2019-11815}
  • Bluetooth: hidp: fix buffer overflow (Young Xiao) [Orabug: 29786769] {CVE-2011-1079} {CVE-2019-11884}
  • scsi: megaraid_sas: return error when create DMA pool failed (Jason Yan) [Orabug: 29783169] {CVE-2019-11810}
  • scsi: libsas: fix a race condition when smp task timeout (Jason Yan) [Orabug: 29783151] {CVE-2018-20836}
  • libnvdimm/pmem: fix a possible OOB access when read and write pmem (Li RongQing) [Orabug: 29791818]
  • libnvdimm/namespace: Fix a potential NULL pointer dereference (Kangjie Lu) [Orabug: 29791818]
  • tools/testing/nvdimm: Retain security state after overwrite (Dave Jiang) [Orabug: 29791818]
  • libnvdimm/security, acpi/nfit: unify zero-key for all security commands (Dave Jiang) [Orabug: 29791818]
  • libnvdimm/security: provide fix for secure-erase to use zero-key (Dave Jiang) [Orabug: 29791818]
  • acpi/nfit: Always dump _DSM output payload (Dan Williams) [Orabug: 29791818]
  • nfit: acpi_nfit_ctl(): Check out_obj->type in the right place (Dexuan Cui) [Orabug: 29791818]
    [4.14.35-1902.1.0]
  • Delay IP migration for failback by 10s for NETDEV_CHANGE event (Sudhakar Dindukurti) [Orabug: 29761379]
  • Add more debug messages in Resilient RDMAIP (Sudhakar Dindukurti) [Orabug: 29744760]
  • RoCE:KVM guest: failover doesnt work if an interface isnt configured (Sudhakar Dindukurti) [Orabug: 29744721]
  • rds: Introduce a pool of worker threads for connection management (Hakon Bugge) [Orabug: 29629985]
  • rds: Use rds_conn_path cp_wq when applicable (Hakon Bugge) [Orabug: 29629985]
  • rds: ib: Implement proper cm_id compare (Hakon Bugge) [Orabug: 29629985]
  • Revert ‘net/rds: prevent RDS connections using stale ARP entries’ (Hakon Bugge) [Orabug: 29629985]
  • rds: ib: Flush ARP cache when needed (Hakon Bugge) [Orabug: 29629985]
  • rds: Add simple heuristics to determine connect delay (Hakon Bugge) [Orabug: 29629985]
  • rds: Fix one-sided connect (Hakon Bugge) [Orabug: 29629985]
  • rds: Consolidate and align ftrace related to connection management (Hakon Bugge) [Orabug: 29629985]
  • rdmaip: Fix gratuitous ARP storm (Hakon Bugge) [Orabug: 29629985]
  • IB/mlx4: Increase the timeout for CM cache (Hakon Bugge) [Orabug: 29629985]
  • rds: ib: Use a delay when reconnecting to the very same IP address (Hakon Bugge) [Orabug: 29629985]
  • hugetlbfs: dont retry when pool page allocations start to fail (Mike Kravetz) [Orabug: 29778831]
  • bnxt_en: Reset device on RX buffer errors. (Michael Chan) [Orabug: 29651239]
  • scsi: flip the default on use_clustering (Christoph Hellwig) [Orabug: 29411921]
  • scsi: qla2xxx: Update driver version to 10.00.00.13-k (Himanshu Madhani) [Orabug: 29411921]
  • scsi: qla2xxx: Use complete switch scan for RSCN events (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Restore FAWWPN of Physical Port only for loop down (Sawan Chandak) [Orabug: 29411921]
  • scsi: qla2xxx: Prevent memory leak for CT req/rsp allocation (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix SRB allocation flag to avoid sleeping in IRQ context (Giridhar Malavali) [Orabug: 29411921]
  • scsi: qla2xxx: allow session delete to finish before create. (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: fix fcport null pointer access. (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: flush IO on chip reset or sess delete (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix session cleanup hang (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Change default ZIO threshold. (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Add pci function reset support. (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix N2N target discovery with Local loop (Himanshu Madhani) [Orabug: 29411921]
  • scsi: qla2xxx: Add new FC-NVMe enable BIT to enable FC-NVMe feature (Giridhar Malavali) [Orabug: 29411921]
  • scsi: qla2xxx: no need to check return value of debugfs_create functions (Greg Kroah-Hartman) [Orabug: 29411921]
  • scsi: qla2xxx: Add protection mask module parameters (Martin K. Petersen) [Orabug: 29411921]
  • scsi: qla2xxx: deadlock by configfs_depend_item (Anatoliy Glagolev) [Orabug: 29411921]
  • scsi: qla2xxx: Update driver version to 10.00.00.12-k (Himanshu Madhani) [Orabug: 29411921]
  • scsi: qla2xxx: Fix for FC-NVMe discovery for NPIV port (Giridhar Malavali) [Orabug: 29411921]
  • scsi: qla2xxx: Enable FC-NVME on NPIV ports (Anil Gurumurthy) [Orabug: 29411921]
  • Revert ‘scsi: qla2xxx: Fix NVMe Target discovery’ (Himanshu Madhani) [Orabug: 29411921]
  • scsi: qla2xxx: Timeouts occur on surprise removal of QLogic adapter (Bill Kuzeja) [Orabug: 29411921]
  • scsi: qla2xxx: Initialize port speed to avoid setting lower speed (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix a typo in MODULE_PARM_DESC (Masanari Iida) [Orabug: 29411921]
  • scsi: qla2xxx: Remove two arguments from qlafx00_error_entry() (Bart Van Assche) [Orabug: 29411921]
  • scsi: qla2xxx: Make sure that qlafx00_ioctl_iosb_entry() initializes ‘res’ (Bart Van Assche) [Orabug: 29411921]
  • scsi: qla2xxx: Remove a set-but-not-used variable (Bart Van Assche) [Orabug: 29411921]
  • scsi: qla2xxx: Make qla2x00_sysfs_write_nvram() easier to analyze (Bart Van Assche) [Orabug: 29411921]
  • scsi: qla2xxx: Declare local functions ‘static’ (Bart Van Assche) [Orabug: 29411921]
  • scsi: qla2xxx: Improve several kernel-doc headers (Bart Van Assche) [Orabug: 29411921]
  • scsi: qla2xxx: Modify fall-through annotations (Bart Van Assche) [Orabug: 29411921]
  • scsi: qla2xxx: fully convert to the generic DMA API (Christoph Hellwig) [Orabug: 29411921]
  • scsi: qla2xxx: Simplify conditional check (Nathan Chancellor) [Orabug: 29411921]
  • scsi: qla2xxx: Remove unnecessary self assignment (Nathan Chancellor) [Orabug: 29411921]
  • PCI/AER: Remove pci_cleanup_aer_uncorrect_error_status() calls (Oza Pawandeep) [Orabug: 29411921]
  • scsi: qla2xxx: Return switch command on a timeout (Himanshu Madhani) [Orabug: 29411921]
  • scsi: qla2xxx: Move log messages before issuing command to firmware (Giridhar Malavali) [Orabug: 29411921]
  • scsi: qla2xxx: Fix for double free of SRB structure (Giridhar Malavali) [Orabug: 29411921]
  • scsi: qla2xxx: Fix recursive mailbox timeout (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix driver hang when FC-NVMe LUNs are configured (Himanshu Madhani) [Orabug: 29411921]
  • scsi: qla2xxx: Fix re-using LoopID when handle is in use (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix duplicate switch database entries (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix NVMe Target discovery (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix NVMe session hang on unload (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: dont allow negative thresholds (Dan Carpenter) [Orabug: 29411921]
  • scsi: qla2xxx: Fix comment in MODULE_PARM_DESC in qla2xxx (Masanari Iida) [Orabug: 29411921]
  • scsi: qla2xxx: Remove set but not used variable ‘ptr_dma’ (YueHaibing) [Orabug: 29411921]
  • scsi: qla2xxx: fix typo ‘CT-PASSTRHU’ -> ‘CT-PASSTHRU’ (Colin Ian King) [Orabug: 29411921]
  • scsi: qla2xxx: Fix an endian bug in fcpcmd_is_corrupted() (Dan Carpenter) [Orabug: 29411921]
  • scsi: qla2xxx: Update driver version to 10.00.00.11-k (Himanshu Madhani) [Orabug: 29411921]
  • scsi: qla2xxx: Fix double increment of switch scan retry count (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix duplicate switchs Nport ID entries (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Remove stale debug trace message from tcm_qla2xxx (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix premature command free (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Reject bsg request if chip is down. (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: shutdown chip if reset fail (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix stuck session in PLOGI state (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix early srb free on abort (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix race condition for resource cleanup (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix dropped srb resource. (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix port speed display on chip reset (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Check for Register disconnect (Sawan Chandak) [Orabug: 29411921]
  • scsi: qla2xxx: Increase abort timeout value (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Allow FC-NVMe underrun to be handled by transport (Darren Trapp) [Orabug: 29411921]
  • scsi: qla2xxx: Update driver version to 10.00.00.10-k (Himanshu Madhani) [Orabug: 29411921]
  • scsi: qla2xxx: Move ABTS code behind qpair (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Remove stale ADISC_DONE event (Himanshu Madhani) [Orabug: 29411921]
  • scsi: qla2xxx: Fix Remote port registration (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Remove ASYNC GIDPN switch command (Himanshu Madhani) [Orabug: 29411921]
  • scsi: qla2xxx: Reduce holding sess_lock to prevent CPU lock-up (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Move {get|rel}_sp to base_qpair struct (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Add support for ZIO6 interrupt threshold (John Donnelly) [Orabug: 29411921]
  • scsi: qla2xxx: Fix out of order Termination and ABTS response (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Add logic to detect ABTS hang and response completion (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Add appropriate debug info for invalid RX_ID (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix deadlock between ATIO and HW lock (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Serialize mailbox request (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Update driver to version 10.00.00.09-k (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Terminate Plogi/PRLI if WWN is 0 (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Defer chip reset until target mode is enabled (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix iIDMA error (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Remove all rports if fabric scan retry fails (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Force fw cleanup on ADISC error (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Turn off IOCB timeout timer on IOCB completion (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Decrement login retry count for only plogi (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Move rport registration out of internal work_list (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Remove redundant check for fcport deletion (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Update rscn_rcvd field to more meaningful scan_needed (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Use correct qpair for ABTS/CMD (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix incorrect port speed being set for FC adapters (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix process response queue for ISP26XX and above (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix issue reported by static checker for qla2x00_els_dcmd2_sp_done() (Quinn Tran) [Orabug: 29411921]
  • qla2xxx: Update driver version to 10.00.00.08-k (Himanshu Madhani) [Orabug: 29411921]
  • scsi: qla2xxx: Migrate NVME N2N handling into state machine (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Save frame payload size from ICB (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix stalled relogin (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix race between switch cmd completion and timeout (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix Management Server NPort handle reservation logic (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Flush mailbox commands on chip reset (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix unintended Logout (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix session state stuck in Get Port DB (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix redundant fc_rport registration (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Silent erroneous message (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Prevent sysfs access when chip is down (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Add longer window for chip reset (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix login retry count (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix N2N link re-connect (Quinn Tran) [Orabug: 29411921]
  • qla2xxx: Cleanup for N2N code (Himanshu Madhani) [Orabug: 29411921]
  • qla2xxx: Fix driver unload by shutting down chip (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix inconsistent DMA mem alloc/free (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: remove irq save in qla2x00_poll() (Sebastian Andrzej Siewior) [Orabug: 29411921]
  • scsi: qla2xxx: Spinlock recursion in qla_target (Mikhail Malygin) [Orabug: 29411921]
  • scsi: qla2xxx: Fix crash on qla2x00_mailbox_command (Rodrigo R. Galvao) [Orabug: 29411921]
  • scsi: qla2xxx: remove the unused tcm_qla2xxx_cmd_wq (Andrei Vagin) [Orabug: 29411921]
  • scsi: qla2xxx: Fix TMF and Multi-Queue config (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Prevent relogin loop by removing stale code ([email protected]) [Orabug: 29411921]
  • scsi: qla2xxx: Remove stale debug value for login_retry flag (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Use predefined get_datalen_for_atio() inline function (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix Inquiry command being dropped in Target mode (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Move GPSC and GFPNID out of session management (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Reduce redundant ADISC command for RSCNs (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Delete session for nport id change (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix Rport and session state getting out of sync (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: Fix sending ADISC command for login (Quinn Tran) [Orabug: 29411921]
  • scsi: qla2xxx: fx00 copypaste typo (Meelis Roos) [Orabug: 29411921]
  • scsi: qla2xxx: fix error message on
  • bpf: update skb->protocol in bpf_skb_net_grow (Willem de Bruijn) [Orabug: 29766891]
  • bpf: reserve flags in bpf_skb_net_shrink (Willem de Bruijn) [Orabug: 29766891]
  • bpf: fix whitespace for ENCAP_L2 defines in bpf.h (Alan Maguire) [Orabug: 29766891]
  • bpf: sync bpf.h to tools/ for BPF_F_ADJ_ROOM_ENCAP_L2 (Alan Maguire) [Orabug: 29766891]
  • bpf: add layer 2 encap support to bpf_skb_adjust_room (Alan Maguire) [Orabug: 29766891]
  • bpf: silence uninitialized var warning in bpf_skb_net_grow (Willem de Bruijn) [Orabug: 29766891]
  • bpf: Sync bpf.h to tools (Willem de Bruijn) [Orabug: 29766891]
  • bpf: add bpf_skb_adjust_room encap flags (Willem de Bruijn) [Orabug: 29766891]
  • bpf: add bpf_skb_adjust_room flag BPF_F_ADJ_ROOM_FIXED_GSO (Willem de Bruijn) [Orabug: 29766891]
  • bpf: add bpf_skb_adjust_room mode BPF_ADJ_ROOM_MAC (Willem de Bruijn) [Orabug: 29766891]
  • bpf: in bpf_skb_adjust_room avoid copy in tx fast path (Willem de Bruijn) [Orabug: 29766891]
  • bpf: only test gso type on gso packets (Willem de Bruijn) [Orabug: 29766891]
  • bpf: only adjust gso_size on bytestream protocols (Willem de Bruijn) [Orabug: 29766891]
  • bpf: fix bpf_skb_adjust_net/bpf_skb_proto_xlat to deal with gso sctp skbs (Daniel Axtens) [Orabug: 29766891]
  • docs: segmentation-offloads.txt: add SCTP info (Daniel Axtens) [Orabug: 29766891]
  • KVM: VMX: Nop emulation of MSR_IA32_POWER_CTL (Liran Alon) [Orabug: 29772364]
  • scsi: target: iscsi: Use bin2hex instead of a re-implementation (Vincent Pelletier) [Orabug: 29778873] {CVE-2018-14633}
  • scsi: target: iscsi: Use hex2bin instead of a re-implementation (Vincent Pelletier) [Orabug: 29778873] {CVE-2018-14633} {CVE-2018-14633}
  • vxlan: test dev->flags & IFF_UP before accessing vxlan->dev->dev_addr (Venkat Venkatsubra) [Orabug: 29785102]
  • vxlan: test dev->flags & IFF_UP before calling gro_cells_receive() (Venkat Venkatsubra) [Orabug: 29785102]

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.974 High

EPSS

Percentile

99.9%