kernel security, bug fix, and enhancement update


[3.10.0-1127.OL7] - Oracle Linux certificates (Alexey Petrenko) - Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com) - Update x509.genkey [Orabug: 24817676] [3.10.0-1127] - [fs] flexfiles: Dont tie up all the rpciod threads in resends (Benjamin Coddington) [1778963] [3.10.0-1126] - [scsi] scsi: qla2xxx: Fix unbound NVME response length (Himanshu Madhani) [1788669] [3.10.0-1125] - [fs] mark struct file that had write access grabbed by open() (Miklos Szeredi) [1679829] - [fs] fold __get_file_write_access() into its only caller (Miklos Szeredi) [1679829] - [powerpc] get rid of DEBUG_WRITECOUNT (Miklos Szeredi) [1679829] - [fs] dont bother with {get, put}_write_access() on non-regular files (Miklos Szeredi) [1679829] - [fs] gfs2: Use d_materialise_unique instead of d_splice_alias (2) (Andreas Grunbacher) [1784550] - [fs] gfs2: gfs2_create_inode(): dont bother with d_splice_alias() (Andreas Grunbacher) [1784550] - [fs] gfs2: bugger off early if O_CREAT open finds a directory (Andreas Grunbacher) [1784550] - [fs] libceph: fix PG split vs OSD (re)connect race (Ilya Dryomov) [1785656] - [scsi] Fix driver intialization failure for sli4 non nvme (Dick Kennedy) [1783899] - [netdrv] hv_netvsc: fix race that may miss tx queue wakeup (Mohammed Gamal) [1781322] [3.10.0-1124] - [s390] s390: wire up sys_renameat2 (Miklos Szeredi) [1773504] - [net] ipvs: do not use random local source address for tunnels (Xin Long) [1786676] - [misc] mei: me: add cannon point device ids for 4th device (Jerry Snitselaar) [1745139] - [misc] mei: me: add cannon point device ids (Jerry Snitselaar) [1745139] - [netdrv] bnxt_en: Support all variants of the 5750X chip family (Jonathan Toppins) [1789345] [3.10.0-1123] - [mm] mm: prevent get_user_pages() from overflowing page refcount (Aristeu Rozanski) [1705005] {CVE-2019-11487} - [mm] mm/hugetlb.c: __get_user_pages ignores certain follow_hugetlb_page errors (Aristeu Rozanski) [1705005] {CVE-2019-11487} - [fs] CIFS: avoid using MID 0xFFFF (Leif Sahlberg) [1771255] - [net] netfilter: xt_TRACE: add explicitly nf_logger_find_get call (Phil Sutter) [1774444] - [wireless] rtlwifi: Fix potential overflow on P2P code (Josef Oskera) [1775236] {CVE-2019-17666} [3.10.0-1122] - [drm] drm/amd/powerplay: use hardware fan control if no powerplay fan table (Lyude Paul) [1729286] - [nvme] nvme-fc: fix double-free scenarios on hw queues (Ewan Milne) [1731286] - [x86] kvm: vmx: use MSR_IA32_TSX_CTRL to hard-disable TSX on guest that lack it (Paolo Bonzini) [1779768] - [x86] kvm: vmx: implement MSR_IA32_TSX_CTRL disable RTM functionality (Paolo Bonzini) [1779768] {CVE-2019-19338} - [x86] kvm: x86: Mark expected switch fall-throughs (Paolo Bonzini) [1779768] {CVE-2019-19338} - [x86] kvm: x86: implement MSR_IA32_TSX_CTRL effect on CPUID (Paolo Bonzini) [1779768] {CVE-2019-19338} - [x86] kvm: x86: do not modify masked bits of shared MSRs (Paolo Bonzini) [1779768] {CVE-2019-19338} - [x86] kvm: x86: fix presentation of TSX feature in ARCH_CAPABILITIES (Paolo Bonzini) [1779768] {CVE-2019-19338} - [x86] kvm/x86: Export MDS_NO=0 to guests when TSX is enabled (Paolo Bonzini) [1779768] {CVE-2019-19338} - [s390] s390/qeth: ensure linear access to packet headers (Philipp Rudo) [1782927] - [s390] s390/qeth: guard against runt packets (Philipp Rudo) [1782927] - [s390] s390/qeth: consolidate skb allocation (Philipp Rudo) [1782927] - [s390] s390/qeth: clean up page frag creation (Philipp Rudo) [1782927] - [netdrv] i40e: Fix for persistent lldp support (Stefan Assmann) [1782689] [3.10.0-1121] - [platform] thinkpad_acpi: Dont yell on unsupported brightness interfaces (Lyude Paul) [1305619] - [platform] thinkpad-acpi: fix handle locate for video and query of _BCL (Lyude Paul) [1305619] - [s390] kernel: avoid cpu yield in SMT environment (Philipp Rudo) [1777876] - [scsi] scsi: qla2xxx: Fix incorrect SFUB length used for Secure Flash Update MB Cmd (Himanshu Madhani) [1783016] - [scsi] scsi: qla2xxx: Added support for MPI and PEP regions for ISP28XX (Himanshu Madhani) [1783016] - [scsi] scsi: qla2xxx: Correctly retrieve and interpret active flash region (Himanshu Madhani) [1783016] - [powerpc] KVM: PPC: Book3S HV: Flush link stack on guest exit to host kernel (Gustavo Duarte) [1777710] - [powerpc] powerpc/book3s64: Fix link stack flush on context switch (Gustavo Duarte) [1777710] - [powerpc] powerpc/64s: support nospectre_v2 cmdline option (Gustavo Duarte) [1777710] - [net] openvswitch: fix flow command message size (Paolo Abeni) [1776578] - [block] brd: re-enable __GFP_HIGHMEM in brd_insert_page() (Jeff Moyer) [1781298] - [block] brd: remove dax support (Jeff Moyer) [1781298] - [nvme] nvme: dont access the inlined bio after nvmet request is completed (Ming Lei) [1631120] - [fs] epoll: fix race between ep_poll_callback(POLLFREE) and ep_free()/ep_remove() (Miklos Szeredi) [1780128] - [nvme] nvme: fix NULL pointer dereference in nvme_init_subsystem (Ewan Milne) [1781316] - [nvme] nvme-fabrics: allow duplicate connections to the discovery controller (Ewan Milne) [1781316] - [scsi] scsi: bnx2fc: timeout calculation invalid for bnx2fc_eh_abort() (Nilesh Javali) [1772966] [3.10.0-1120] - [md] raid5: need to set STRIPE_HANDLE for batch head (Xiao Ni) [1774330] - [drm] drm/radeon: fix si_enable_smc_cac() failed issue (Dave Airlie) [1780026] - [block] block: dont change REQ_NR_BITS (Ming Lei) [1779712] [3.10.0-1119] - [x86] mm: serialize against gup_fast in pmdp_splitting_flush() (Vitaly Kuznetsov) [1674266] - [vhost] vsock: split packets to send using multiple buffers (Stefano Garzarella) [1777349] - [md] md/raid10: prevent access of uninitialized resync_pages offset (Nigel Croxon) [1767935] - [x86] perf/x86: Modify error message in virtualized environment (Michael Petlan) [1759758] - [fs] cifs: Fix infinite loop when using hard mount option (Dave Wysochanski) [1770404] - [wireless] mwifiex: Fix heap overflow in mmwifiex_process_tdls_action_frame() (Stanislaw Gruszka) [1776157] {CVE-2019-14901} [3.10.0-1118] - [net] ipv6: support more tunnel interfaces for EUI64 link-local generation (Guillaume Nault) [1770686] - [net] netfilter: masquerade: dont flush all conntracks if only one address deleted on device (Patrick Talbert) [1771396] - [net] netfilter: conntrack: resched in nf_ct_iterate_cleanup (Patrick Talbert) [1771396] - [net] ipvs: fix buffer overflow with sync daemon and service (Davide Caratti) [1725440] - [net] ipvs: fix rtnl_lock lockups caused by start_sync_thread (Davide Caratti) [1725440] - [net] ipvs: Pass ipvs not net to make_receive_sock (Davide Caratti) [1725440] - [net] ipvs: Pass ipvs not net to make_send_sock (Davide Caratti) [1725440] - [net] ipvs: Pass ipvs not net to start_sync_thread (Davide Caratti) [1725440] - [net] ipvs: Pass ipvs not net to ip_vs_genl_new_daemon (Davide Caratti) [1725440] - [net] ipvs: add sync_maxlen parameter for the sync daemon (Davide Caratti) [1725440] - [net] ipvs: call rtnl_lock early (Davide Caratti) [1725440] - [net] netfilter: dont use mutex_lock_interruptible() (Davide Caratti) [1725440] - [net] ipvs: fix memory leak in ip_vs_ctl.c (Davide Caratti) [1725440] - [wireless] mwifiex: fix possible heap overflow in mwifiex_process_country_ie() (Stanislaw Gruszka) [1776206] - [scsi] Revert 'qla2xxx: Mark NVMe/FC initiator mode usage as technology preview' (Ewan Milne) [1642968] [3.10.0-1117] - [x86] x86/speculation: Remove unneeded STIBP code (Waiman Long) [1766540] {CVE-2019-11135} - [x86] x86/speculation: Fix redundant MDS mitigation message (Waiman Long) [1766540] {CVE-2019-11135} - [documentation] x86/speculation: Fix incorrect MDS/TAA mitigation status (Waiman Long) [1766540] {CVE-2019-11135} - [x86] x86/speculation/taa: Fix printing of TAA_MSG_SMT on IBRS_ALL CPUs (Waiman Long) [1766540] {CVE-2019-11135} - [x86] x86/tsx: Add config options to set tsx=on|off|auto (Waiman Long) [1766540] {CVE-2019-11135} - [documentation] x86/speculation/taa: Add documentation for TSX Async Abort (Waiman Long) [1766540] {CVE-2019-11135} - [x86] x86/tsx: Add 'auto' option to the tsx= cmdline parameter (Waiman Long) [1766540] {CVE-2019-11135} - [base] x86/speculation/taa: Add sysfs reporting for TSX Async Abort (Waiman Long) [1766540] {CVE-2019-11135} - [x86] x86/speculation/taa: Add mitigation for TSX Async Abort (Waiman Long) [1766540] {CVE-2019-11135} - [x86] x86/cpu: Add a 'tsx=' cmdline option with TSX disabled by default (Waiman Long) [1766540] {CVE-2019-11135} - [x86] x86/cpu: Add a helper function x86_read_arch_cap_msr() (Waiman Long) [1766540] {CVE-2019-11135} - [x86] x86/msr: Add the IA32_TSX_CTRL MSR (Waiman Long) [1766540] {CVE-2019-11135} - [documentation] documentation: Add ITLB_MULTIHIT documentation (Paolo Bonzini) [1690343] {CVE-2018-12207} - [x86] kvm: x86: mmu: Recovery of shattered NX large pages (Paolo Bonzini) [1690343] {CVE-2018-12207} - [virt] kvm: Add helper function for creating VM worker threads (Paolo Bonzini) [1690343] {CVE-2018-12207} - [x86] kvm: mmu: ITLB_MULTIHIT mitigation (Paolo Bonzini) [1690343] {CVE-2018-12207} - [kernel] cpu/speculation: Uninline and export CPU mitigations helpers (Paolo Bonzini) [1690343] {CVE-2018-12207} - [x86] cpu: Add Tremont to the cpu vulnerability whitelist (Paolo Bonzini) [1690343] {CVE-2018-12207} - [x86] Add ITLB_MULTIHIT bug infrastructure (Paolo Bonzini) [1690343] {CVE-2018-12207} - [x86] kvm: vmx, svm: always run with EFER.NXE=1 when shadow paging is active (Paolo Bonzini) [1690343] {CVE-2018-12207} - [x86] kvm: x86: add tracepoints around __direct_map and FNAME(fetch) (Paolo Bonzini) [1690343] {CVE-2018-12207} - [x86] kvm: x86: change kvm_mmu_page_get_gfn BUG_ON to WARN_ON (Paolo Bonzini) [1690343] {CVE-2018-12207} - [x86] kvm: x86: remove now unneeded hugepage gfn adjustment (Paolo Bonzini) [1690343] {CVE-2018-12207} - [x86] kvm: x86: make FNAME(fetch) and __direct_map more similar (Paolo Bonzini) [1690343] {CVE-2018-12207} - [x86] kvm: mmu: Do not release the page inside mmu_set_spte() (Paolo Bonzini) [1690343] {CVE-2018-12207} - [x86] kvm: x86: mmu: Remove unused parameter of __direct_map() (Paolo Bonzini) [1690343] {CVE-2018-12207} - [virt] kvm: Convert kvm_lock to a mutex (Paolo Bonzini) [1690343] {CVE-2018-12207} - [x86] kvm: mmu: drop vcpu param in gpte_access (Paolo Bonzini) [1690343] {CVE-2018-12207} - [virt] kvm: x86, powerpc: do not allow clearing largepages debugfs entry (Paolo Bonzini) [1690343] {CVE-2018-12207} [3.10.0-1116] - [netdrv] net/mlx5: Fix auto group size calculation (Alaa Hleihel) [1769309] - [mm] x86/io: add interface to reserve io memtype for a resource range. (v1.1) (Dave Airlie) [1739623] - [sound] alsa: emux: Fix potential Spectre v1 vulnerabilities (Jaroslav Kysela) [1672561] - [s390] s390/smt: Fix s390 SMT reporting (Josh Poimboeuf) [1764184] - [mm] mm: swap: clean up swap readahead (Rafael Aquini) [1725396] - [mm] mm: do_swap_page: clean up parameter list passing a pointer to struct vm_fault (Rafael Aquini) [1725396] - [mm] mm: __handle_mm_fault: introduce explicit barrier after orig_pte dereference (Rafael Aquini) [1725396] - [fs] cachefiles: Fix page leak in cachefiles_read_backing_file while vmscan is active (David Howells) [1765975] [3.10.0-1115] - [scsi] Fix stack tarce when lpfc driver is unloaded (Dick Kennedy) [1774744] - [scsi] qla2xxx: Update driver version (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Fix partial flash write of MBI (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Fix device connect issues in P2P configuration (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Fix a NULL pointer dereference (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Fix double scsi_done for abort path (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Make qla2x00_abort_srb() again decrease the sp reference count (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Fix driver unload hang (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Fix SRB leak on switch command timeout (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Fix premature timer expiration (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Uninline qla2x00_init_timer() (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Do command completion on abort timeout (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Retry PLOGI on FC-NVMe PRLI failure (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Add error handling for PLOGI ELS passthrough (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Inline the qla2x00_fcport_event_handler() function (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Dual FCP-NVMe target port support (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Use tabs instead of spaces for indentation (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Fix N2N link up fail (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Fix N2N link reset (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Fix a race condition between aborting and completing a SCSI command (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Introduce the function qla2xxx_init_sp() (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Really fix qla2xxx_eh_abort() (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Make qla24xx_async_abort_cmd() static (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Reduce the number of forward declarations (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Remove a superfluous forward declaration (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Fix stuck login session (Himanshu Madhani) [1731581] - [scsi] scsi: qla2xxx: Fix panic from use after free in qla2x00_async_tm_cmd (Himanshu Madhani) [1731581] - [media] cx24116: fix a buffer overflow when checking userspace params (Jarod Wilson) [1737279] {CVE-2015-9289} - [scsi] qedf: Initialize rport while creation of vport (Nilesh Javali) [1760746] - [fs] Fix the locking in dcache_readdir() and friends (Ondrej Mosnacek) [1510603] - [fs] much milder d_walk() race (Ondrej Mosnacek) [1510603] - [fs] libfs.c: new helper - next_positive() (Ondrej Mosnacek) [1510603] - [fs] dcache_{readdir, dir_lseek}(): dont bother with nested ->d_lock (Ondrej Mosnacek) [1510603] - [security] selinuxfs: dont open-code d_genocide() (Ondrej Mosnacek) [1510603] - [fs] fs/dcache: Enable automatic reclaim of excess negative dentries (Waiman Long) [1489573] - [fs] fs/dcache: Add sysctl parameter negative-dentry-limit as a soft limit on negative dentries (Waiman Long) [1489573] - [fs] fs/dcache: Move percpu count updates out of dcache_lru_lock (Waiman Long) [1489573] - [fs] fs/dcache: Dont set DCACHE_REFERENCED on dentries when first put into LRU (Waiman Long) [1489573] [3.10.0-1114] - [kernel] sched/numa: Fix a possible divide-by-zero (Vladis Dronov) [1765959] - [x86] x86/boot/64: Round memory hole size up to next PMD page (Frank Ramsay) [1773762] - [x86] x86/boot/64: Make level2_kernel_pgt pages invalid outside kernel area (Frank Ramsay) [1773762] - [kernel] seccomp: Fix tracer exit notifications during fatal signals (Vladis Dronov) [1770484] - [x86] x86/ptrace: run seccomp after ptrace (Vladis Dronov) [1770484] - [fs] cifs: Fix retry mid list corruption on reconnects (Dave Wysochanski) [1614201] - [fs] cifs: add a warning if we try to to dequeue a deleted mid (Dave Wysochanski) [1614201] - [fs] cifs: Fix use after free of a mid_q_entry (Dave Wysochanski) [1614201] - [fs] Dont log confusing message on reconnect by default (Dave Wysochanski) [1614201] - [fs] ceph: mark Fw cap dirty after splice write (Zheng Yan) [1710751] - [fs] cifs: Force reval dentry if LOOKUP_REVAL flag is set (Dave Wysochanski) [1771657] - [fs] cifs: Force revalidate inode when dentry is stale (Dave Wysochanski) [1771657] - [fs] cifs: Gracefully handle QueryInfo errors during open (Dave Wysochanski) [1771657] [3.10.0-1113] - [drm] drm/i915/cmdparser: Fix jump whitelist clearing (Dave Airlie) [1756883] {CVE-2019-0155} - [drm] drm/i915: Lower RM timeout to avoid DSI hard hangs (Dave Airlie) [1756816] {CVE-2019-0154} - [drm] drm/i915/gen8+: Add RC6 CTX corruption WA (Dave Airlie) [1756816] {CVE-2019-0154} - [drm] drm/i915/cmdparser: Ignore Length operands during command matching (Dave Airlie) [1756883] {CVE-2019-0155} - [drm] drm/i915/cmdparser: Add support for backward jumps (Dave Airlie) [1756883] {CVE-2019-0155} - [drm] drm/i915/cmdparser: Use explicit goto for error paths (Dave Airlie) [1756883] {CVE-2019-0155} - [drm] drm/i915: Add gen9 BCS cmdparsing (Dave Airlie) [1756883] {CVE-2019-0155} - [drm] drm/i915: Allow parsing of unsized batches (Dave Airlie) [1756883] {CVE-2019-0155} - [drm] drm/i915: Support ro ppgtt mapped cmdparser shadow buffers (Dave Airlie) [1756883] {CVE-2019-0155} - [drm] drm/i915: Add support for mandatory cmdparsing (Dave Airlie) [1756883] {CVE-2019-0155} - [drm] drm/i915: Remove Master tables from cmdparser (Dave Airlie) [1756883] {CVE-2019-0155} - [drm] drm/i915: Disable Secure Batches for gen6+ (Dave Airlie) [1756883] {CVE-2019-0155} - [drm] drm/i915: Rename gen7 cmdparser tables (Dave Airlie) [1756883] {CVE-2019-0155} - [fs] Fix error code in nfs_lookup_verify_inode() (Benjamin Coddington) [1761957] - [scsi] scsi: qla2xxx: Initialized mailbox to prevent driver load failure (Himanshu Madhani) [1770307] - [powerpc] powerpc/ptrace: run seccomp after ptrace (Vladis Dronov) [1760294] - [s390] s390/ptrace: run seccomp after ptrace (Vladis Dronov) [1760294] - [s390] s390/seccomp: fix error return for filtered system calls (Vladis Dronov) [1760294] - [netdrv] bnxt_en: flow_offload: offload tunnel decap rules via indirect callbacks (Davide Caratti) [1717422] - [x86] cpuidle-haltpoll: vcpu hotplug support (Marcelo Tosatti) [1771849] - [x86] kvm: x86: skip populating logical dest map if apic is not sw enabled (Bandan Das) [1738496] - [x86] kvm: x86: remove unnecessary recalculate_apic_map (Bandan Das) [1738496] - [scsi] scsi: bnx2fc: Handle scope bits when array returns BUSY or TSF (Nilesh Javali) [1750577] - [scsi] scsi: bnx2fc: remove set but not used variables 'task', 'port', 'orig_task' (Nilesh Javali) [1750577] - [scsi] scsi: bnx2fc: remove set but not used variables 'lport', 'host' (Nilesh Javali) [1750577] - [scsi] scsi: bnx2fc: remove set but not used variable 'fh' (Nilesh Javali) [1750577] - [scsi] scsi: qedi: Remove WARN_ON from clear task context (Nilesh Javali) [1461697] - [scsi] scsi: qedi: Remove WARN_ON for untracked cleanup (Nilesh Javali) [1461697] [3.10.0-1112] - [scsi] scsi: mpt3sas: change allocation option (Tomas Henzl) [1763796] - [md] md: improve handling of bio with REQ_PREFLUSH in md_flush_request() (Xiao Ni) [1752061] - [kvm] KVM: x86: switch KVMCLOCK base to monotonic raw clock (Marcelo Tosatti) [1760668] - [net] mac80211: Reject malformed SSID elements (Stanislaw Gruszka) [1748266] - [net] cfg80211: wext: avoid copying malformed SSIDs (Stanislaw Gruszka) [1748266] - [wireless] iwlwifi: pcie: change qu with jf devices to use qu configuration (Stanislaw Gruszka) [1748266] - [net] mac80211: fix txq null pointer dereference (Stanislaw Gruszka) [1748266] - [net] nl80211: fix null pointer dereference (Stanislaw Gruszka) [1748266] - [net] cfg80211: initialize on-stack chandefs (Stanislaw Gruszka) [1748266] - [net] cfg80211: validate SSID/MBSSID element ordering assumption (Stanislaw Gruszka) [1748266] - [net] nl80211: validate beacon head (Stanislaw Gruszka) [1748266] - [net] mac80211: keep BHs disabled while calling drv_tx_wake_queue() (Stanislaw Gruszka) [1748266] - [net] cfg80211: Purge frame registrations on iftype change (Stanislaw Gruszka) [1748266] - [wireless] rtw88: pci: Use DMA sync instead of remapping in RX ISR (Stanislaw Gruszka) [1748266] - [wireless] rtw88: pci: Rearrange the memory usage for skb in RX ISR (Stanislaw Gruszka) [1748266] - [wireless] iwlwifi: fw: dont send GEO_TX_POWER_LIMIT command to FW version 36 (Stanislaw Gruszka) [1748266] - [net] nl80211: Fix possible Spectre-v1 for CQM RSSI thresholds (Stanislaw Gruszka) [1748266] - [net] mac80211: Do not send Layer 2 Update frame before authorization (Stanislaw Gruszka) [1748266] - [wireless] iwlwifi: assign directly to iwl_trans->cfg in QuZ detection (Stanislaw Gruszka) [1748266] - [wireless] mwifiex: Fix three heap overflow at parsing element in cfg80211_ap_settings (Stanislaw Gruszka) [1748266] - [net] mac80211: Correctly set noencrypt for PAE frames (Stanislaw Gruszka) [1748266] - [net] mac80211: Dont memset RXCB prior to PAE intercept (Stanislaw Gruszka) [1748266] - [wireless] iwlwifi: pcie: handle switching killer Qu B0 NICs to C0 (Stanislaw Gruszka) [1748266] - [net] Revert 'cfg80211: fix processing world regdomain when non modular' (Stanislaw Gruszka) [1748266] - [net] mac80211: fix possible sta leak (Stanislaw Gruszka) [1748266] - [wireless] iwlwifi: pcie: fix recognition of QuZ devices (Stanislaw Gruszka) [1748266] - [wireless] iwlwifi: pcie: dont switch FW to qnj when ax201 is detected (Stanislaw Gruszka) [1748266] - [wireless] iwlwifi: pcie: fix the byte count table format for 22560 devices (Stanislaw Gruszka) [1748266] - [wireless] iwlwifi: mvm: Allow multicast data frames only when associated (Stanislaw Gruszka) [1748266] - [netdrv] i40e: initialize ITRN registers with correct values (Stefan Assmann) [1630307] - [net] tuntap: synchronize through tfiles array instead of tun->numqueues (Eugenio Perez) [1713616] - [net] tuntap: fix use after free during release (Eugenio Perez) [1713616] - [net] tun: fix use after free for ptr_array (Eugenio Perez) [1713616] - [net] tun/tap: sanitize TUNSETSNDBUF input (Eugenio Perez) [1713616] - [block] block: Dont merge requests if integrity flags differ (Ming Lei) [1767605] - [block] blk-mq: insert rq with DONTPREP to hctx dispatch list when requeue (Ming Lei) [1767605] - [x86] x86/atomic: Fix smp_mb__{before,after}_atomic() (Prarit Bhargava) [1769569] - [netdrv] qede: fix NULL pointer deref in __qede_remove() (Manish Chopra) [1766574] - [fs] xfs: only trace buffer items if they exist (Brian Foster) [1768722] - [nvme] nvme: make fabrics command run on a separate request queue (David Milburn) [1769900] - [nvme] nvme: Restart request timers in resetting state (David Milburn) [1769900] - [nvme] nvme-rdma: fix possible use-after-free in connect timeout (David Milburn) [1769900] - [netdrv] i40e: enable X710 support (Stefan Assmann) [1764987] [3.10.0-1111] - [md] md: support for queue flag QUEUE_FLAG_NO_SG_MERGE (Nigel Croxon) [1767472] - [net] ipv4: Return -ENETUNREACH if we cant create route but saddr is valid (Stefano Brivio) [1633140] - [net] ipv6: Rewind hlist offset on interrupted /proc/net/if_inet6 read (Stefano Brivio) [1753480] - [net] revert '[net] ipv6: Display all addresses in output of /proc/net/if_inet6' (Stefano Brivio) [1753480] - [net] sock: fix lockdep annotation in release_sock (Paolo Abeni) [1753150] - [mm] mm-vmstat-reduce-zone-lock-holding-time-by-proc-pagetypeinfo-fix (Waiman Long) [1757943] - [mm] mm, vmstat: reduce zone->lock holding time by /proc/pagetypeinfo (Waiman Long) [1757943] - [mm] mm, vmstat: hide /proc/pagetypeinfo from normal users (Waiman Long) [1757943] [3.10.0-1110] - [nvme] nvme-pci: Fix controller freeze wait disabling (David Milburn) [1766279] - [net] mac80211: fix kfree() on stack memory in ieee80211_crypto_aes_gmac_decrypt() (Stanislaw Gruszka) [1764510] - [md] dm rq: fix handling underlying queue busy (Ming Lei) [1767482] [3.10.0-1109] - [netdrv] net/mlx5e: Initialize on stack link modes bitmap (Alaa Hleihel) [1764272] - [netdrv] net/mlx5e: Fix ethtool self test: link speed (Alaa Hleihel) [1764272] - [netdrv] net/mlx5e: ethtool, Avoid setting speed to 56GBASE when autoneg off (Alaa Hleihel) [1764272] - [fs] xfs: end sync buffer I/O properly on shutdown error (Brian Foster) [1750602] - [fs] xfs: kill __xfs_buf_submit_common() (Brian Foster) [1750602] - [fs] xfs: combinesync buffer submission apis (Brian Foster) [1750602] - [fs] xfs: lobotomise xfs_trans_read_buf_map() (Brian Foster) [1750602] - [fs] cifs: Fix use after free of file info structures (Dave Wysochanski) [1757872] - [fs] vfs: Fix EOVERFLOW testing in put_compat_statfs64 (Eric Sandeen) [1758001] - [mm] mm, compaction: avoid isolating pinned pages (Rafael Aquini) [1344862] - [scsi] scsi: smartpqi: change TMF timeout from 60 to 30 seconds (Don Brace) [1709620] - [scsi] scsi: smartpqi: fix LUN reset when fw bkgnd thread is hung (Don Brace) [1709620] - [scsi] scsi: smartpqi: add inquiry timeouts (Don Brace) [1709620] - [scsi] scsi: smartpqi: increase LUN reset timeout (Don Brace) [1709620] - [firmware] x86, efi: never relocate kernel below lowest acceptable address (Kairui Song) [1732737] - [powerpc] powerpc: dump kernel log before carrying out fadump or kdump (Desnes Augusto Nunes do Rosario) [1750250] - [s390] s390/cpumsf: Check for CPU Measurement sampling (Philipp Rudo) [1765124] - [s390] scsi: zfcp: fix reaction on bit error threshold notification (Philipp Rudo) [1765123] - [mm] s390/mm: Fix swiotlb for protected virtualization (Philipp Rudo) [1765122] [3.10.0-1108] - [powerpc] powerpc/pseries: Remove confusing warning message (Gustavo Duarte) [1748306] - [powerpc] powerpc/pseries: Call H_BLOCK_REMOVE when supported (Gustavo Duarte) [1748306] - [powerpc] powerpc/pseries: Read TLB Block Invalidate Characteristics (Gustavo Duarte) [1748306] - [scsi] hpsa: update driver version (Joseph Szczypek) [1761978] - [scsi] scsi: hpsa: add missing hunks in reset-patch (Joseph Szczypek) [1761978] - [tty] TTY: serial_core, add ->install (Kenneth Yin) [1443152] - [scsi] scsi: core: Avoid that SCSI device removal through sysfs triggers a deadlock (Ewan Milne) [1734685] - [fs] scsi: sysfs: Introduce sysfs_{un, }break_active_protection() (Ewan Milne) [1734685] [3.10.0-1107] - [x86] x86/kdump: Reserve extra memory when SME or SEV is active (Kairui Song) [1724887] - [block] block: fix blk_recount_segments (Ming Lei) [1762459] - [nvme] nvme-pci: Fix a race in controller removal (Gopal Tiwari) [1761998] - [char] hpet: Fix output of hpet_mmap kernel parameter (Prarit Bhargava) [1764790] - [tools] perf tools: Apply new CPU topology sysfs attributes (Jiri Olsa) [1640900] - [tools] perf header: Rename 'sibling cores' to 'sibling sockets' (Jiri Olsa) [1640900] - [tools] perf stat: Support per-die aggregation (Jiri Olsa) [1640900] - [tools] perf stat: Support 'percore' event qualifier (Jiri Olsa) [1640900] - [tools] perf stat: Factor out aggregate counts printing (Jiri Olsa) [1640900] - [tools] perf tools: Add a 'percore' event qualifier (Jiri Olsa) [1640900] - [tools] perf header: Add die information in CPU topology (Jiri Olsa) [1640900] - [tools] perf cpumap: Retrieve die id information (Jiri Olsa) [1640900] - [tools] perf tools: Use sysfs__mountpoint() when reading cpu topology (Jiri Olsa) [1640900] - [tools] perf tools: Add numa_topology object (Jiri Olsa) [1640900] - [tools] perf header: Fix wrong node write in NUMA_TOPOLOGY feature (Jiri Olsa) [1640900] - [tools] perf tools: Add cpu_topology object (Jiri Olsa) [1640900] - [tools] perf header: Remove unused 'cpu_nr' field from 'struct cpu_topo' (Jiri Olsa) [1640900] - [acpi] ACPICA: Increase total number of possible Owner IDs (Frank Ramsay) [1756339] - [fs] SMB3: retry on STATUS_INSUFFICIENT_RESOURCES instead of failing write (Leif Sahlberg) [1764567] - [netdrv] mark the intel igc driver as tech preview (David Arcari) [1721615] - [netdrv] igc: Clean up unused shadow_vfta pointer (David Arcari) [1721615] - [netdrv] igc: Add Rx checksum support (David Arcari) [1721615] - [netdrv] igc: Add set_rx_mode support (David Arcari) [1721615] - [netdrv] igc: Add SCTP CRC checksumming functionality (David Arcari) [1721615] - [netdrv] igc: Add tx_csum offload functionality (David Arcari) [1721615] - [netdrv] igc: Remove unneeded PCI bus defines (David Arcari) [1721615] - [netdrv] igc: Add NVM checksum validation (David Arcari) [1721615] - [netdrv] igc: Remove useless forward declaration (David Arcari) [1721615] - [netdrv] ethernet: Delete unnecessary checks before the macro call 'dev_kfree_skb' (David Arcari) [1721615] - [netdrv] igc: Add more SKUs for i225 device (David Arcari) [1721615] - [netdrv] igc: Update the MAC reset flow (David Arcari) [1721615] - [netdrv] igc: Remove the unused field from a device specification structure (David Arcari) [1721615] - [netdrv] igc: Remove the polarity field from a PHY information structure (David Arcari) [1721615] - [netdrv] igc: Prefer pcie_capability_read_word() (David Arcari) [1721615] - [netdrv] igc: Cleanup the redundant code (David Arcari) [1721615] - [netdrv] igc: Add flow control support (David Arcari) [1721615] - [netdrv] igc: Remove the obsolete workaround (David Arcari) [1721615] - [netdrv] igc: Clean up unused pointers (David Arcari) [1721615] - [netdrv] igc: Fix double definitions (David Arcari) [1721615] - [netdrv] igb/igc: warn when fatal read failure happens (David Arcari) [1721615] - [netdrv] Revert 'mark the intel igc driver as tech preview' (David Arcari) [1721615] - [md] dm: Use kzalloc for all structs with embedded biosets/mempools (Mike Snitzer) [1766389] [3.10.0-1106] - [net] sysfs: Fix mem leak in netdev_register_kobject (Stefano Brivio) [1752690] {CVE-2019-15916} - [fs] revert [fs] cifs: use cifsInodeInfo->open_file_lock while iterating to avoid a panic (Dave Wysochanski) [1757872] - [fs] revert [fs] cifs: add spinlock for the openFileList to cifsInodeInfo (Dave Wysochanski) [1757872] - [fs] revert [fs] cifs: add more spinlocks to pretect against races (Dave Wysochanski) [1757872] - [fs] fix inode leaks on d_splice_alias() failure exits (Miklos Szeredi) [1749390] - [mm] percpu: remove spurious lock dependency between percpu and sched (Vladis Dronov) [1744633] - [mm] percpu: stop printing kernel addresses (Vladis Dronov) [1744633] - [mm] percpu: use chunk scan_hint to skip some scanning (Vladis Dronov) [1744633] - [mm] percpu: convert chunk hints to be based on pcpu_block_md (Vladis Dronov) [1744633] - [mm] percpu: make pcpu_block_md generic (Vladis Dronov) [1744633] - [mm] percpu: use block scan_hint to only scan forward (Vladis Dronov) [1744633] - [mm] percpu: remember largest area skipped during allocation (Vladis Dronov) [1744633] - [mm] percpu: add block level scan_hint (Vladis Dronov) [1744633] - [mm] percpu: set PCPU_BITMAP_BLOCK_SIZE to PAGE_SIZE (Vladis Dronov) [1744633] - [mm] percpu: relegate chunks unusable when failing small allocations (Vladis Dronov) [1744633] - [mm] percpu: manage chunks based on contig_bits instead of free_bytes (Vladis Dronov) [1744633] - [mm] percpu: introduce helper to determine if two regions overlap (Vladis Dronov) [1744633] - [mm] percpu: do not search past bitmap when allocating an area (Vladis Dronov) [1744633] - [mm] percpu: update free path with correct new free region (Vladis Dronov) [1744633] - [mm] mm/percpu: add checks for the return value of memblock_alloc*() (Vladis Dronov) [1744633] - [mm] percpu: km: no need to consider pcpu_group_offsets (Vladis Dronov) [1744633] - [mm] percpu: use nr_groups as check condition (Vladis Dronov) [1744633] - [mm] percpu: stop leaking bitmap metadata blocks (Vladis Dronov) [1744633] - [fs] /proc/meminfo: add percpu populated pages count (Vladis Dronov) [1744633] - [mm] mm: Allow to kill tasks doing pcpu_alloc() and waiting for pcpu_balance_workfn() (Vladis Dronov) [1744633] - [mm] percpu: include linux/sched.h for cond_resched() (Vladis Dronov) [1744633] - [mm] percpu: add a schedule point in pcpu_balance_workfn() (Vladis Dronov) [1744633] - [mm] percpu: fix iteration to prevent skipping over block (Vladis Dronov) [1744633] - [mm] percpu: fix starting offset for chunk statistics traversal (Vladis Dronov) [1744633] - [mm] percpu: update header to contain bitmap allocator explanation (Vladis Dronov) [1744633] - [mm] percpu: update pcpu_find_block_fit to use an iterator (Vladis Dronov) [1744633] - [mm] percpu: use metadata blocks to update the chunk contig hint (Vladis Dronov) [1744633] - [mm] percpu: update free path to take advantage of contig hints (Vladis Dronov) [1744633] - [mm] percpu: update alloc path to only scan if contig hints are broken (Vladis Dronov) [1744633] - [mm] percpu: keep track of the best offset for contig hints (Vladis Dronov) [1744633] - [mm] percpu: skip chunks if the alloc does not fit in the contig hint (Vladis Dronov) [1744633] - [mm] percpu: add first_bit to keep track of the first free in the bitmap (Vladis Dronov) [1744633] - [mm] percpu: introduce bitmap metadata blocks (Vladis Dronov) [1744633] - [mm] percpu: replace area map allocator with bitmap (Vladis Dronov) [1744633] - [mm] percpu: generalize bitmap (un)populated iterators (Vladis Dronov) [1744633] - [mm] percpu: increase minimum percpu allocation size and align first regions (Vladis Dronov) [1744633] - [mm] percpu: introduce nr_empty_pop_pages to help empty page accounting (Vladis Dronov) [1744633] - [mm] percpu: change the number of pages marked in the first_chunk pop bitmap (Vladis Dronov) [1744633] - [mm] percpu: combine percpu address checks (Vladis Dronov) [1744633] - [mm] percpu: modify base_addr to be region specific (Vladis Dronov) [1744633] - [mm] percpu: setup_first_chunk rename schunk/dchunk to chunk (Vladis Dronov) [1744633] - [mm] percpu: end chunk area maps page aligned for the populated bitmap (Vladis Dronov) [1744633] - [mm] percpu: unify allocation of schunk and dchunk (Vladis Dronov) [1744633] - [mm] percpu: setup_first_chunk remove dyn_size and consolidate logic (Vladis Dronov) [1744633] - [mm] percpu: remove has_reserved from pcpu_chunk (Vladis Dronov) [1744633] - [mm] percpu: introduce start_offset to pcpu_chunk (Vladis Dronov) [1744633] - [mm] percpu: setup_first_chunk enforce dynamic region must exist (Vladis Dronov) [1744633] - [mm] percpu: update the header comment and pcpu_build_alloc_info comments (Vladis Dronov) [1744633] - [mm] percpu: expose pcpu_nr_empty_pop_pages in pcpu_stats (Vladis Dronov) [1744633] - [mm] percpu: change the format for percpu_stats output (Vladis Dronov) [1744633] - [mm] percpu: pcpu-stats change void buffer to int buffer (Vladis Dronov) [1744633] - [mm] percpu: fix static checker warnings in pcpu_destroy_chunk (Vladis Dronov) [1744633] - [mm] percpu: fix early calls for spinlock in pcpu_stats (Vladis Dronov) [1744633] - [mm] percpu: resolve err may not be initialized in pcpu_alloc (Vladis Dronov) [1744633] - [mm] percpu: add tracepoint support for percpu memory (Vladis Dronov) [1744633] - [mm] percpu: expose statistics about percpu memory via debugfs (Vladis Dronov) [1744633] - [mm] percpu: migrate percpu data structures to internal header (Vladis Dronov) [1744633] - [mm] percpu: add missing lockdep_assert_held to func pcpu_free_area (Vladis Dronov) [1744633] - [mm] percpu: ensure the requested alignment is power of two (Vladis Dronov) [1744633] - [mm] tree wide: use kvfree() than conditional kfree()/vfree() (Vladis Dronov) [1744633] - [mm] mm/percpu: use offset_in_page macro (Vladis Dronov) [1744633] - [mm] percpu: clean up of schunk->mapassignment in pcpu_setup_first_chunk (Vladis Dronov) [1744633] - [mm] mm/percpu.c: fix panic triggered by BUG_ON() falsely (Vladis Dronov) [1744633] - [mm] mm/percpu.c: fix potential memory leakage for pcpu_embed_first_chunk() (Vladis Dronov) [1744633] - [mm] mm/percpu.c: correct max_distance calculation for pcpu_embed_first_chunk() (Vladis Dronov) [1744633] - [mm] mm: percpu: use pr_fmt to prefix output (Vladis Dronov) [1744633] (Vladis Dronov) [1744633] - [mm] mm: coalesce split strings (Vladis Dronov) [1744633] - [mm] mm: convert pr_warning to pr_warn (Vladis Dronov) [1744633] - [mm] percpu: use *pbto print bitmaps including cpumasks and nodemasks (Vladis Dronov) [1744633] - [mm] percpu: off by one in BUG_ON() (Vladis Dronov) [1744633] - [mm] mm/percpu.c: use memblock apis for early memory allocations (Vladis Dronov) [1744633] - [mm] percpu: use VMALLOC_TOTAL instead of VMALLOC_END - VMALLOC_START (Vladis Dronov) [1744633] - [mm] percpu: fix bootmem error handling in pcpu_page_first_chunk() (Vladis Dronov) [1744633] [3.10.0-1105] - [nvme] nvme: Treat discovery subsystems as unique subsystems (Ewan Milne) [1731579] - [scsi] scsi: core: Log SCSI command age with errors (Ewan Milne) [1751716] - [security] selinux: fix context string corruption in convert_context() (Ondrej Mosnacek) [1759803] - [usb] xhci: Prevent deadlock when xhci adapter breaks during init (Torez Smith) [1710090] - [scsi] scsi: core: add new RDAC LENOVO/DE_Series device (Ewan Milne) [1699439] - [wireless] Correct strange error in Makefiles for building modules in separate directories (Neil Horman) [1753927] - [md] dm snapshot: rework COW throttling to fix deadlock (Mike Snitzer) [1758603] - [md] dm snapshot: introduce account_start_copy() and account_end_copy() (Mike Snitzer) [1758603] - [drm] i915: Stop reconfiguring our shmemfs mountpoint (Vladis Dronov) [1759980] - [kernel] perf/core: Fix perf_event_open() vs. execve() race (Jiri Olsa) [1701620] {CVE-2019-3901} [3.10.0-1104] - [md] raid5: dont set STRIPE_HANDLE to stripe which is in batch list (Nigel Croxon) [1631765 1750287] - [kernel] alarmtimer: Use EOPNOTSUPP instead of ENOTSUPP (Vladis Dronov) [1760639] - [kernel] alarmtimer: Remove unused but set variable (Vladis Dronov) [1760639] - [x86] efi/x86: do not clean dummy variable in kexec path (Bhupesh Sharma) [1707669] - [cpuidle] cpuidle-haltpoll: return -ENODEV on modinit failure (Marcelo Tosatti) [1756843] - [x86] perf/x86/amd: Change/fix NMI latency mitigation to use a timestamp (David Arcari) [1730884] - [infiniband] RDMA/bnxt_re: Fix stack-out-of-bounds in bnxt_qplib_rcfw_send_message (Selvin Xavier) [1629037] - [infiniband] RDMA/bnxt_re: Increase depth of control path command queue (Selvin Xavier) [1629037] - [x86] x86/efi/pti: In __load_cr3(), EFI PGD has no shadow (Lenny Szubowicz) [1750767] - [char] hpet: Fix missing '=' character in the __setup() code of hpet_mmap_enable (Prarit Bhargava) [1660800]

Affected Package

OS OS Version Package Name Package Version
oracle linux 7 kernel 3.10.0-1127.el7
oracle linux 7 bpftool 3.10.0-1127.el7
oracle linux 7 kernel 3.10.0-1127.el7
oracle linux 7 kernel-abi-whitelists 3.10.0-1127.el7
oracle linux 7 kernel-debug 3.10.0-1127.el7
oracle linux 7 kernel-debug-devel 3.10.0-1127.el7
oracle linux 7 kernel-devel 3.10.0-1127.el7
oracle linux 7 kernel-doc 3.10.0-1127.el7
oracle linux 7 kernel-headers 3.10.0-1127.el7
oracle linux 7 kernel-tools 3.10.0-1127.el7
oracle linux 7 kernel-tools-libs 3.10.0-1127.el7
oracle linux 7 kernel-tools-libs-devel 3.10.0-1127.el7
oracle linux 7 perf 3.10.0-1127.el7
oracle linux 7 python-perf 3.10.0-1127.el7