Lucene search

HistoryJul 21, 2021 - 12:00 a.m.

kernel security and bug fix update


0.002 Low





  • Update Oracle Linux certificates (Ilya Okomin)
  • Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)([email protected])
  • Update x509.genkey [Orabug: 24817676]
  • Conflict with shim-ia32 and shim-x64 <= 15-2.0.9
  • Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin)
  • seq_file: Disallow extremely large seq buffer allocations (Ian Kent) [1975251]
  • cipso,calipso: resolve a number of problems with the DOI refcounts (Antoine Tenart) [1967720]
  • net: ethernet: mlx4: Fix memory allocation in mlx4_buddy_init() (Alaa Hleihel) [1962406]
  • sched/debug: Fix cgroup_path[] serialization (Waiman Long) [1912221]
  • sched/debug: Reset watchdog on all CPUs while processing sysrq-t (Waiman Long) [1912221]
  • vt: vt_ioctl: fix use-after-free in vt_in_use() (Vladis Dronov) [1872778]
  • vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console (Vladis Dronov) [1872778]
  • vt: ioctl, switch VT_IS_IN_USE and VT_BUSY to inlines (Vladis Dronov) [1872778]
  • vt: selection, introduce vc_is_sel (Vladis Dronov) [1872778]
  • redhat: genspec: generate changelog entries since last release (Augusto Caringi)
  • CI: Merge configuration (Veronika Kabatova)
  • [pci/aer] Work around use-after-free in pcie_do_fatal_recovery() (Al Stone) [1933663]
  • [pci/aer] do not invoke error recovery with non-fatal errors (Al Stone) [1933663]
  • futex: remove lockdep_assert_held() in pi_state_update_owner() (Donghai Qiao) [1965495]
  • video: hyperv_fb: Add ratelimit on error message (Mohammed Gamal) [1957803]
  • Drivers: hv: vmbus: Increase wait time for VMbus unload (Mohammed Gamal) [1957803]
  • Drivers: hv: vmbus: Initialize unload_event statically (Mohammed Gamal) [1957803]
  • blk-mq: always allow reserved allocation in hctx_may_queue (Ming Lei) [1926825]
  • s390/pci: fix out of bounds access during irq setup (Philipp Rudo) [1917943]
  • s390/pci: improve irq number check for msix (Philipp Rudo) [1917943]
  • CI: Disable result checking for realtime check (Veronika Kabatova)
  • CI: Explicitly disable result checking for private CI (Veronika Kabatova)
  • CI: Rename variable (Veronika Kabatova)
  • mm: memcontrol: switch to rcu protection in drain_all_stock() (Waiman Long) [1957719]
  • sctp: Don’t add the shutdown timer if its already been added (Xin Long) [1953052]
  • media: xirlink_cit: add missing descriptor sanity checks (Mark Langsdorf) [1826877] {CVE-2020-11668}
  • Bluetooth: verify AMP hci_chan before amp_destroy (Gopal Tiwari) [1962532] {CVE-2021-33034}
  • net: ipv4: route: Fix sending IGMP messages with link address (Hangbin Liu) [1958339]
  • hv_netvsc: remove ndo_poll_controller (Mohammed Gamal) [1953075]
  • Fix double free in nvme_trans_log_temperature (Gopal Tiwari) [1946793]
  • rcu: Call touch_nmi_watchdog() while printing stall warnings (Artem Savkov) [1924688]
  • sched/fair: Use RCU accessors consistently for ->numa_group (Rafael Aquini) [1915635] {CVE-2019-20934}
  • sched/fair: Don’t free p->numa_faults with concurrent readers (Rafael Aquini) [1915635] {CVE-2019-20934}
  • sched/numa: Simplify task_numa_compare() (Rafael Aquini) [1915635] {CVE-2019-20934}
  • sched/numa: Fix task_numa_free() lockdep splat (Rafael Aquini) [1915635] {CVE-2019-20934}
  • sched/numa: Move task_numa_free() to __put_task_struct() (Rafael Aquini) [1915635] {CVE-2019-20934}
  • [s390] s390/dasd: fix diag 0x250 inline assembly (Philipp Rudo) [1910395]
  • vsock/vmci: log once the failed queue pair allocation (Stefano Garzarella) [1892237]
  • VMCI: Stop log spew when qp allocation isn’t possible (Stefano Garzarella) [1892237]