Lucene search

K
oraclelinuxOracleLinuxELSA-2021-9052
HistoryFeb 16, 2021 - 12:00 a.m.

Unbreakable Enterprise kernel security update

2021-02-1600:00:00
linux.oracle.com
135

8.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

[4.14.35-2047.500.9.1]

  • xen-blkback: fix error handling in xen_blkbk_map() (Jan Beulich) [Orabug: 32492110] {CVE-2021-26930}
  • xen-scsiback: dont ‘handle’ error by BUG() (Jan Beulich) [Orabug: 32492102] {CVE-2021-26931}
  • xen-netback: dont ‘handle’ error by BUG() (Jan Beulich) [Orabug: 32492102] {CVE-2021-26931}
  • xen-blkback: dont ‘handle’ error by BUG() (Jan Beulich) [Orabug: 32492102] {CVE-2021-26931}
  • Xen/gntdev: correct error checking in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932}
  • Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932}
  • Xen/x86: also check kernel mapping in set_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932}
  • Xen/x86: dont bail early from clear_foreign_p2m_mapping() (Jan Beulich) [Orabug: 32492094] {CVE-2021-26932}
    [4.14.35-2047.500.9]
  • Revert ‘rds: Deregister all FRWR mr with free_mr’ (aru kolappan) [Orabug: 32426612]
  • A/A Bonding: Add synchronized bundle failback (Gerd Rausch) [Orabug: 31175013]
  • net/rds: Incorrect RDS protocol version fall back (Ka-Cheong Poon) [Orabug: 32376163]
  • net/rds: Missing RDS/RDMA private data in response to connection request (Ka-Cheong Poon) [Orabug: 32388407]
    [4.14.35-2047.500.8]
  • uek-rpm: update kABI lists for new symbol (Dan Duval) [Orabug: 32341032]
  • net/rds: Fix gfp_t parameter (Hans Westgaard Ry) [Orabug: 32372161]
  • A/A Bonding: Fix a one-byte-off kmalloc (Hakon Bugge) [Orabug: 32380826]
  • x86/process: Mark cpu inactive before offlining (Mridula Shastry) [Orabug: 32245078]
  • A/A Bonding: Introduce selective interface name inclusion (Hakon Bugge) [Orabug: 32350976]
  • net/mlx5: Use a single MSIX vector for all control EQs in VFs (Ariel Levkovich) [Orabug: 32368440]
  • net/mlx5: Fix available EQs FW used to reserve (Denis Drozdov) [Orabug: 32368440]
  • net/mlx5: Use max_num_eqs for calculation of required MSIX vectors (Denis Drozdov) [Orabug: 32368440]
  • net/mlx5: Expose DEVX specification (Yishai Hadas) [Orabug: 32368440]
  • target: fix XCOPY NAA identifier lookup (David Disseldorp) [Orabug: 32248037] {CVE-2020-28374}
    [4.14.35-2047.500.7]
  • partitions/efi: Enable no warning option for the GPT warnings related to alternative header (Saeed Mirzamohammadi) [Orabug: 32047319]
  • xenbus/xenbus_backend: Disallow pending watch messages (SeongJae Park) [Orabug: 32253411] {CVE-2020-29568}
  • xen/xenbus: Count pending messages for each watch (SeongJae Park) [Orabug: 32253411] {CVE-2020-29568}
  • xen/xenbus/xen_bus_type: Support will_handle watch callback (SeongJae Park) [Orabug: 32253411] {CVE-2020-29568}
  • xen/xenbus: Add ‘will_handle’ callback support in xenbus_watch_path() (SeongJae Park) [Orabug: 32253411] {CVE-2020-29568}
  • xen/xenbus: Allow watches discard events before queueing (SeongJae Park) [Orabug: 32253411] {CVE-2020-29568}
  • xen-blkback: set ring->xenblkd to NULL after kthread_stop() (Pawel Wieczorkiewicz) [Orabug: 32260255] {CVE-2020-29569}
  • lockd: dont use interval-based rebinding over TCP (Calum Mackay) [Orabug: 32337717]
  • mwifiex: Fix possible buffer overflows in mwifiex_cmd_802_11_ad_hoc_start (Zhang Xiaohui) [Orabug: 32349205] {CVE-2020-36158}
  • add license checking to kABI checker (Dan Duval) [Orabug: 32355208]
    [4.14.35-2047.500.6]
  • net/rds: Only yield with a valid ‘i_connecting_ts’ timestamp (Gerd Rausch) [Orabug: 31030774]
  • net/rds: Only increment rdma_resolve_route timeout on error (Gerd Rausch) [Orabug: 31030774]
  • net/rds: Dont block workqueues ‘cma_wq’ and ‘cm.wq’ (Gerd Rausch) [Orabug: 31030774]
  • net/rds: Dont drop neighbor loopback connection (Gerd Rausch) [Orabug: 31030774]
  • net/rds: Take the GID offset into account for IB devices (Gerd Rausch) [Orabug: 31030774]
  • net/rds: Leave the neighbor cache alone (Gerd Rausch) [Orabug: 31030774]
  • net/rds: Give each connection its own workqueue (Gerd Rausch) [Orabug: 31030774]
  • net/rds: Disassociate ic and cm_id before rdma_destroy_id (Gerd Rausch) [Orabug: 31030774]
  • Revert ‘rds: ib: Implement proper cm_id compare’ (Gerd Rausch) [Orabug: 31030774]
  • net/rds: Add a rdma_cm watchdog timer (Gerd Rausch) [Orabug: 31030774]
  • Revert ‘RDS: IB: fix panic with handlers running post teardown’ (Gerd Rausch) [Orabug: 31030774]
  • net/rds: Release all resources allocated by ‘rds_ib_setup_qp’ (Gerd Rausch) [Orabug: 31030774]
  • net/rds: Change the ‘rds_aux_wq’ workqueue to loose order (Gerd Rausch) [Orabug: 31030774]
  • net/rds: Dont sleep inside worker threads (Gerd Rausch) [Orabug: 31030774]
  • net/rds: Fix a few race conditions (Gerd Rausch) [Orabug: 31030774]
  • net/rds: Execute ‘rdma_destroy_id’ in the background (Gerd Rausch) [Orabug: 31030774]
  • net/rds: Delay reconnects from passive side by 3 seconds (Gerd Rausch) [Orabug: 31030774]
  • net/rds: Drop connections when peers perform failover (Gerd Rausch) [Orabug: 31030774]
  • net/rds: Yield to incoming connection requests (Gerd Rausch) [Orabug: 31030774]
  • net/rds: Remove stale comments about random backoff (Gerd Rausch) [Orabug: 31030774]
    [4.14.35-2047.500.5]
  • KVM: x86: clflushopt should be treated as a no-op by emulation (David Edmondson) [Orabug: 32251912]
  • tty: Fix ->session locking (Jann Horn) [Orabug: 32266679] {CVE-2020-29660}
  • tty: Fix ->pgrp locking in tiocspgrp() (Jann Horn) [Orabug: 32266679] {CVE-2020-29660}
    [4.14.35-2047.500.4]
  • bnxt_en: Release PCI regions when DMA mask setup fails during probe. (Michael Chan) [Orabug: 32223677]
  • bnxt_en: fix error return code in bnxt_init_board() (Zhang Changzhong) [Orabug: 32223677]
  • bnxt_en: fix error return code in bnxt_init_one() (Zhang Changzhong) [Orabug: 32223677]
  • bnxt_en: Fix counter overflow logic. (Michael Chan) [Orabug: 32223677]
  • bnxt_en: read EEPROM A2h address using page 0 (Edwin Peer) [Orabug: 32223677]
  • bnxt_en: Re-write PCI BARs after PCI fatal error. (Vasundhara Volam) [Orabug: 32223677]
  • bnxt_en: Set driver default message level. (Michael Chan) [Orabug: 32223677]
  • bnxt_en: Enable online self tests for multi-host/NPAR mode. (Vasundhara Volam) [Orabug: 32223677]
  • bnxt_en: Eliminate unnecessary RX resets. (Michael Chan) [Orabug: 32223677]
  • bnxt_en: Reduce unnecessary message log during RX errors. (Michael Chan) [Orabug: 32223677]
  • bnxt_en: Add a software counter for RX ring reset. (Michael Chan) [Orabug: 32223677]
  • bnxt_en: Implement RX ring reset in response to buffer errors. (Michael Chan) [Orabug: 32223677]
  • bnxt_en: Refactor bnxt_init_one_rx_ring(). (Michael Chan) [Orabug: 32223677]
  • bnxt_en: Refactor bnxt_free_rx_skbs(). (Michael Chan) [Orabug: 32223677]
  • bnxt_en: Update firmware interface spec to 1.10.1.68. (Vasundhara Volam) [Orabug: 32223677]
  • bnxt_en: Improve preset max value for ethtool -l. (Michael Chan) [Orabug: 32223677]
  • bnxt_en: Handle ethernet link being disabled by firmware. (Michael Chan) [Orabug: 32223677]
  • bnxt_en: add basic infrastructure to support PAM4 link speeds (Edwin Peer) [Orabug: 32223677]
  • bnxt_en: refactor bnxt_get_fw_speed() (Edwin Peer) [Orabug: 32223677]
  • bnxt_en: refactor code to limit speed advertising (Edwin Peer) [Orabug: 32223677]
  • bnxt_en: Update firmware interface spec to 1.10.1.65. (Michael Chan) [Orabug: 32223677]
  • bnxt_en: Fix wrong flag value passed to HWRM_PORT_QSTATS_EXT fw call. (Michael Chan) [Orabug: 32223677]
  • bnxt_en: Fix HWRM_FUNC_QSTATS_EXT firmware call. (Michael Chan) [Orabug: 32223677]
  • bnxt_en: Return -EOPNOTSUPP for ETHTOOL_GREGS on VFs. (Vasundhara Volam) [Orabug: 32223677]
  • bnxt_en: return proper error codes in bnxt_show_temp (Edwin Peer) [Orabug: 32223677]
  • bnxt_en: Setup default RSS map in all scenarios. (Michael Chan) [Orabug: 32223677]
  • bnxt_en: init RSS table for Minimal-Static VF reservation (Edwin Peer) [Orabug: 32223677]
  • bnxt_en: fix HWRM error when querying VF temperature (Edwin Peer) [Orabug: 32223677]
  • bnxt_en: Fix ethtool -S statitics with XDP or TCs enabled. (Michael Chan) [Orabug: 32223677]
  • bnxt_en: Dont query FW when netif_running() is false. (Pavan Chebbi) [Orabug: 32223677]
  • bnxt_en: Add support for ‘ethtool -d’ (Vasundhara Volam) [Orabug: 32223677]
  • bnxt_en: Switch over to use the 64-bit software accumulated counters. (Michael Chan) [Orabug: 32223677]
  • bnxt_en: Accumulate all counters. (Michael Chan) [Orabug: 32223677]
  • bnxt_en: Retrieve hardware masks for port counters. (Michael Chan) [Orabug: 32223677]
  • bnxt_en: Retrieve hardware counter masks from firmware if available. (Michael Chan) [Orabug: 32223677]
  • bnxt_en: Allocate additional memory for all statistics blocks. (Michael Chan) [Orabug: 32223677]
  • bnxt_en: Refactor statistics code and structures. (Michael Chan) [Orabug: 32223677]
  • bnxt_en: Use macros to define port statistics size and offset. (Michael Chan) [Orabug: 32223677]
  • bnxt_en: Update firmware interface to 1.10.1.54. (Michael Chan) [Orabug: 32223677]
  • bnxt_en: Remove PCIe non-counters from ethtool statistics (Vasundhara Volam) [Orabug: 32223677]
  • net: bnxt: don’t complain if TC flower can’t be supported (Jakub Kicinski) [Orabug: 32223677]
  • bnxt_en: Fix completion ring sizing with TPA enabled. (Michael Chan) [Orabug: 32223677]
  • bnxt_en: Init ethtool link settings after reading updated PHY configuration. (Vasundhara Volam) [Orabug: 32223677]
  • perf/core: Fix race in the perf_mmap_close() function (Jiri Olsa) [Orabug: 32233354] {CVE-2020-14351}
  • vhost scsi: fix lun reset completion handling (Mike Christie) [Orabug: 32201608]
  • vhost scsi: Add support for LUN resets. (Mike Christie) [Orabug: 32201608]
  • vhost/scsi: Use copy_to_iter() to send control queue response (Bijan Mottahedeh) [Orabug: 32201608]
  • vhost scsi: add lun parser helper (Mike Christie) [Orabug: 32201608]
  • vhost scsi: fix cmd completion race (Mike Christie) [Orabug: 32201608]
  • vhost scsi: alloc cmds per vq instead of session (Mike Christie) [Orabug: 32201608]
  • vhost: add helper to check if a vq has been setup (Mike Christie) [Orabug: 32201608]
  • scsi: sd: Allow user to configure command retries (Mike Christie) [Orabug: 32201608]
  • scsi: core: Add limitless cmd retry support (Mike Christie) [Orabug: 32201608]
  • dm crypt: Allow unaligned bio buffer lengths for skcipher devices (Sudhakar Panneerselvam) [Orabug: 32210458]
  • intel_idle: Customize IceLake server support (Chen Yu) [Orabug: 32219015]
  • qla2xxx: Add missing module version banner (John Donnelly) [Orabug: 32244934]
  • scsi: mpt3sas: Update driver version to 36.100.00.00 (Suganath Prabu S) [Orabug: 32223781]
  • scsi: mpt3sas: Handle trigger page after firmware update (Suganath Prabu S) [Orabug: 32223781]
  • scsi: mpt3sas: Add persistent MPI trigger page (Suganath Prabu S) [Orabug: 32223781]
  • scsi: mpt3sas: Add persistent SCSI sense trigger page (Suganath Prabu S) [Orabug: 32223781]
  • scsi: mpt3sas: Add persistent Event trigger page (Suganath Prabu S) [Orabug: 32223781]
  • scsi: mpt3sas: Add persistent Master trigger page (Suganath Prabu S) [Orabug: 32223781]
  • scsi: mpt3sas: Add persistent trigger pages support (Suganath Prabu S) [Orabug: 32223781]
  • scsi: mpt3sas: Sync time periodically between driver and firmware (Suganath Prabu S) [Orabug: 32223781]
  • scsi: mpt3sas: Bump driver version to 35.101.00.00 (Sreekanth Reddy) [Orabug: 32223781]
  • scsi: mpt3sas: Add module parameter multipath_on_hba (Sreekanth Reddy) [Orabug: 32223781]
  • scsi: mpt3sas: Handle vSES vphy object during HBA reset (Sreekanth Reddy) [Orabug: 32223781]
  • scsi: mpt3sas: Add bypass_dirty_port_flag parameter (Sreekanth Reddy) [Orabug: 32223781]
  • scsi: mpt3sas: Handling HBA vSES device (Sreekanth Reddy) [Orabug: 32223781]
  • scsi: mpt3sas: Set valid PhysicalPort in SMPPassThrough (Sreekanth Reddy) [Orabug: 32223781]
  • scsi: mpt3sas: Update hba_port objects after host reset (Sreekanth Reddy) [Orabug: 32223781]
  • scsi: mpt3sas: Get sas_device objects using devices rphy (Sreekanth Reddy) [Orabug: 32223781]
  • scsi: mpt3sas: Rename transport_del_phy_from_an_existing_port() (Sreekanth Reddy) [Orabug: 32223781]
  • scsi: mpt3sas: Get device objects using sas_address & portID (Sreekanth Reddy) [Orabug: 32223781]
  • scsi: mpt3sas: Update hba_ports sas_address & phy_mask (Sreekanth Reddy) [Orabug: 32223781]
  • scsi: mpt3sas: Rearrange _scsih_mark_responding_sas_device() (Sreekanth Reddy) [Orabug: 32223781]
  • scsi: mpt3sas: Allocate memory for hba_port objects (Sreekanth Reddy) [Orabug: 32223781]
  • scsi: mpt3sas: Define hba_port structure (Sreekanth Reddy) [Orabug: 32223781]
  • scsi: mpt3sas: Fix ioctl timeout (Suganath Prabu S) [Orabug: 32223781]
  • scsi: mpt3sas: A small correction in _base_process_reply_queue (Tomas Henzl) [Orabug: 32223781]
  • scsi: mpt3sas: Fix sync irqs (Tomas Henzl) [Orabug: 32223781]
  • scsi: mpt3sas: Detect tampered Aero and Sea adapters (Sreekanth Reddy) [Orabug: 32223781]
  • scsi: mpt3sas: Dont call disable_irq from IRQ poll handler (Tomas Henzl) [Orabug: 32223781]
  • scsi: mpt3sas: Remove pci-dma-compat wrapper API (Suraj Upadhyay) [Orabug: 32223781]
  • scsi: mpt3sas: Remove superfluous memset() (Li Heng) [Orabug: 32223781]
  • scsi: mpt3sas: Update driver version to 35.100.00.00 (Suganath Prabu S) [Orabug: 32223781]
  • scsi: mpt3sas: Postprocessing of target and LUN reset (Suganath Prabu S) [Orabug: 32223781]
  • scsi: mpt3sas: Add functions to check if any cmd is outstanding on Target and LUN (Suganath Prabu S) [Orabug: 32223781]
  • scsi: mpt3sas: Rename and export interrupt mask/unmask functions (Suganath Prabu S) [Orabug: 32223781]
  • scsi: mpt3sas: Cancel the running work during host reset (Suganath Prabu S) [Orabug: 32223781]
  • scsi: mpt3sas: Dump system registers for debugging (Suganath Prabu S) [Orabug: 32223781]
  • scsi: mpt3sas: Memset config_cmds.reply buffer with zeros (Suganath Prabu S) [Orabug: 32223781]
  • scsi: mpt3sas: Fix kdoc comments format (Damien Le Moal) [Orabug: 32223781]
  • scsi: mpt3sas: Fix set but unused variable (Damien Le Moal) [Orabug: 32223781]
  • scsi: mpt3sas: Fix error returns in BRM_status_show (Johannes Thumshirn) [Orabug: 32223781]
  • scsi: mpt3sas: Fix unlock imbalance (Damien Le Moal) [Orabug: 32223781]
  • scsi: mpt3sas: Fix spelling mistake (Flavio Suligoi) [Orabug: 32223781]
    [4.14.35-2047.500.3]
  • hv_netvsc: make recording RSS hash depend on feature flag (Stephen Hemminger) [Orabug: 32173883]
  • hv_netvsc: record hardware hash in skb (Stephen Hemminger) [Orabug: 32173883]
  • ocfs2: initialize ip_next_orphan (Wengang Wang) [Orabug: 32177802]
  • scsi: qla2xxx: Update version to 10.02.00.103-k (Nilesh Javali) [Orabug: 32213922]
  • qla2xxx: back port upstream patch (Quinn Tran) [Orabug: 32213922]
  • scsi: scsi_transport_fc: Add FPIN fc event codes (James Smart) [Orabug: 32213922]
  • scsi: scsi_transport_fc: refactor event posting routines (James Smart) [Orabug: 32213922]
  • Revert ‘scsi: qla2xxx: Disable T10-DIF feature with FC-NVMe during probe’ (Quinn Tran) [Orabug: 32213922]
  • Revert ‘scsi: qla2xxx: Fix crash on qla2x00_mailbox_command’ (Saurav Kashyap) [Orabug: 32213922]
  • scsi: qla2xxx: Check if FW supports MQ before enabling (Saurav Kashyap) [Orabug: 32213922]
  • scsi: qla2xxx: Allow ql2xextended_error_logging special value 1 to be set anytime (Arun Easi) [Orabug: 32213922]
  • scsi: qla2xxx: Reduce noisy debug message (Quinn Tran) [Orabug: 32213922]
  • scsi: qla2xxx: Reduce duplicate code in reporting speed (Quinn Tran) [Orabug: 32213922]
  • scsi: qla2xxx: Indicate correct supported speeds for Mezz card (Quinn Tran) [Orabug: 32213922]
  • scsi: qla2xxx: Flush I/O on zone disable (Quinn Tran) [Orabug: 32213922]
  • scsi: qla2xxx: Flush all sessions on zone disable (Quinn Tran) [Orabug: 32213922]
  • scsi: qla2xxx: remove incorrect sparse #ifdef (Linus Torvalds) [Orabug: 32213922]
  • scsi: qla2xxx: Return EBUSY on fcport deletion (Daniel Wagner) [Orabug: 32213922]
  • scsi: qla2xxx: Fix return of uninitialized value in rval (Colin Ian King) [Orabug: 32213922]
  • scsi: qla2xxx: Initialize variable in qla8044_poll_reg() (Tom Rix) [Orabug: 32213922]
  • scsi: qla2xxx: Do not consume srb greedily (Daniel Wagner) [Orabug: 32213922]
  • scsi: qla2xxx: Use constant when it is known (Pavel Machek (CIP)) [Orabug: 32213922]
  • scsi: qla2xxx: Fix null pointer access during disconnect from subsystem (Quinn Tran) [Orabug: 32213922]
  • scsi: qla2xxx: Fix inconsistent format argument type in qla_dbg.c (Ye Bin) [Orabug: 32213922]
  • scsi: qla2xxx: Fix inconsistent format argument type in qla_os.c (Ye Bin) [Orabug: 32213922]
  • scsi: qla2xxx: Fix inconsistent format argument type in tcm_qla2xxx.c (Ye Bin) [Orabug: 32213922]
  • scsi: qla2xxx: Fix point-to-point (N2N) device discovery issue (Arun Easi) [Orabug: 32213922]
  • scsi: qla2xxx: Fix crash on session cleanup with unload (Quinn Tran) [Orabug: 32213922]
  • scsi: qla2xxx: Fix reset of MPI firmware (Arun Easi) [Orabug: 32213922]
  • scsi: qla2xxx: Fix MPI reset needed message (Arun Easi) [Orabug: 32213922]
  • scsi: qla2xxx: Fix buffer-buffer credit extraction error (Quinn Tran) [Orabug: 32213922]
  • scsi: qla2xxx: Fix WARN_ON in qla_nvme_register_hba (Arun Easi) [Orabug: 32213922]
  • scsi: qla2xxx: Correct the check for sscanf() return value (Saurav Kashyap) [Orabug: 32213922]
  • scsi: qla2xxx: Update version to 10.02.00.102-k (Nilesh Javali) [Orabug: 32213922]
  • scsi: qla2xxx: Add SLER and PI control support (Saurav Kashyap) [Orabug: 32213922]
  • scsi: qla2xxx: Add IOCB resource tracking (Quinn Tran) [Orabug: 32213922]
  • scsi: qla2xxx: Add rport fields in debugfs (Arun Easi) [Orabug: 32213922]
  • scsi: qla2xxx: Make tgt_port_database available in initiator mode (Arun Easi) [Orabug: 32213922]
  • scsi: qla2xxx: Fix I/O errors during LIP reset tests (Arun Easi) [Orabug: 32213922]
  • scsi: qla2xxx: Performance tweak (Quinn Tran) [Orabug: 32213922]
  • scsi: qla2xxx: Fix memory size truncation (Quinn Tran) [Orabug: 32213922]
  • scsi: qla2xxx: Honor status qualifier in FCP_RSP per spec (Arun Easi) [Orabug: 32213922]
  • scsi: qla2xxx: Allow dev_loss_tmo setting for FC-NVMe devices (Arun Easi) [Orabug: 32213922]
  • scsi: qla2xxx: Setup debugfs entries for remote ports (Arun Easi) [Orabug: 32213922]
  • scsi: qla2xxx: Fix I/O failures during remote port toggle testing (Arun Easi) [Orabug: 32213922]
  • scsi: qla2xxx: Remove unneeded variable ‘rval’ (Jason Yan) [Orabug: 32213922]
  • scsi: qla2xxx: Handle incorrect entry_type entries (Daniel Wagner) [Orabug: 32213922]
  • scsi: qla2xxx: Log calling function name in qla2x00_get_sp_from_handle() (Daniel Wagner) [Orabug: 32213922]
  • scsi: qla2xxx: Simplify return value logic in qla2x00_get_sp_from_handle() (Daniel Wagner) [Orabug: 32213922]
  • scsi: qla2xxx: Warn if done() or free() are called on an already freed srb (Daniel Wagner) [Orabug: 32213922]
  • scsi: qla2xxx: Fix the return value (Xianting Tian) [Orabug: 32213922]
  • scsi: qla2xxx: Fix wrong return value in qla_nvme_register_hba() (Tianjia Zhang) [Orabug: 32213922]
  • scsi: qla2xxx: Fix wrong return value in qlt_chk_unresolv_exchg() (Tianjia Zhang) [Orabug: 32213922]
  • scsi: qla2xxx: Remove redundant variable initialization (Tianjia Zhang) [Orabug: 32213922]
  • scsi: qla2xxx: Fix the size used in a ‘dma_free_coherent()’ call (Christophe JAILLET) [Orabug: 32213922]
  • scsi: qla2xxx: Remove pci-dma-compat wrapper API (Suraj Upadhyay) [Orabug: 32213922]
  • scsi: qla2xxx: Remove superfluous memset() (Li Heng) [Orabug: 32213922]
  • scsi: qla2xxx: Fix regression on sparc64 (Rene Rebe) [Orabug: 32213922]
  • scsi: qla2xxx: Use MBX_TOV_SECONDS for mailbox command timeout values (Enzo Matsumiya) [Orabug: 32213922]
  • scsi: qla2xxx: Address a set of sparse warnings (Shyam Sundar) [Orabug: 32213922]
  • scsi: qla2xxx: SAN congestion management implementation (Shyam Sundar) [Orabug: 32213922]
  • scsi: qla2xxx: Change in PUREX to handle FPIN ELS requests (Shyam Sundar) [Orabug: 32213922]
  • scsi: qla2xxx: Introduce a function for computing the debug message prefix (Bart Van Assche) [Orabug: 32213922]
  • scsi: qla2xxx: Make qla2x00_restart_isp() easier to read (Bart Van Assche) [Orabug: 32213922]
  • scsi: qla2xxx: Fix a Coverity complaint in qla2100_fw_dump() (Bart Van Assche) [Orabug: 32213922]
  • scsi: qla2xxx: Make __qla2x00_alloc_iocbs() initialize 32 bits of request_t.handle (Bart Van Assche) [Orabug: 32213922]
  • scsi: qla2xxx: Remove a superfluous cast (Bart Van Assche) [Orabug: 32213922]
  • scsi: qla2xxx: Initialize ‘n’ before using it (Bart Van Assche) [Orabug: 32213922]
  • scsi: qla2xxx: Make qla82xx_flash_wait_write_finish() easier to read (Bart Van Assche) [Orabug: 32213922]
  • scsi: qla2xxx: Remove the __packed annotation from struct fcp_hdr and fcp_hdr_le (Bart Van Assche) [Orabug: 32213922]
  • scsi: qla2xxx: Check the size of struct fcp_hdr at compile time (Bart Van Assche) [Orabug: 32213922]
  • scsi: fc: Update Descriptor definition and add RDF and Link Integrity FPINs (James Smart) [Orabug: 32213922]
  • scsi: fc: add FPIN ELS definition (James Smart) [Orabug: 32213922]
  • staging: rts5208: rename SG_END macro (Arnd Bergmann) [Orabug: 32218536]
  • misc: rtsx: rename SG_END macro (Arnd Bergmann) [Orabug: 32218536]
  • ACPI: NFIT: Add runtime firmware activate support (Dan Williams) [Orabug: 32224144]
  • PM, libnvdimm: Add runtime firmware activation support (Dan Williams) [Orabug: 32224144]
  • libnvdimm: Convert to DEVICE_ATTR_ADMIN_RO() (Dan Williams) [Orabug: 32224144]
  • driver-core: Introduce DEVICE_ATTR_ADMIN_{RO,RW} (Dan Williams) [Orabug: 32224144]
  • tools/testing/nvdimm: Emulate firmware activation commands (Dan Williams) [Orabug: 32224144]
  • tools/testing/nvdimm: Prepare nfit_ctl_test() for ND_CMD_CALL emulation (Dan Williams) [Orabug: 32224144]
  • tools/testing/nvdimm: Add command debug messages (Dan Williams) [Orabug: 32224144]
  • tools/testing/nvdimm: Cleanup dimm index passing (Dan Williams) [Orabug: 32224144]
  • ACPI: NFIT: Define runtime firmware activation commands (Dan Williams) [Orabug: 32224144]
  • ACPI: NFIT: Move bus_dsm_mask out of generic nvdimm_bus_descriptor (Dan Williams) [Orabug: 32224144]
  • libnvdimm: Validate command family indices (Dan Williams) [Orabug: 32224144]
  • PM: hibernate: Incorporate concurrency handling (Domenico Andreoli) [Orabug: 32224144]
  • libnvdimm: Move nvdimm_bus_attribute_group to device_type (Dan Williams) [Orabug: 32224144]
  • libnvdimm/of_pmem: Provide a unique name for bus provider (Aneesh Kumar K.V) [Orabug: 32224144]
  • libnvdimm: Move nvdimm_attribute_group to device_type (Dan Williams) [Orabug: 32224144]
  • libnvdimm: Move nd_mapping_attribute_group to device_type (Dan Williams) [Orabug: 32224144]
  • libnvdimm: Move nd_region_attribute_group to device_type (Dan Williams) [Orabug: 32224144]
  • libnvdimm: Move nd_numa_attribute_group to device_type (Dan Williams) [Orabug: 32224144]
  • libnvdimm: Move nd_device_attribute_group to device_type (Dan Williams) [Orabug: 32224144]
  • libnvdimm: Move region attribute group definition (Dan Williams) [Orabug: 32224144]
  • libnvdimm/region: Rewrite _probe_success() to _advance_seeds() (Dan Williams) [Orabug: 32224144]
  • libnvdimm: Move attribute groups to device type (Dan Williams) [Orabug: 32224144]
  • acpi/nfit: improve bounds checking for ‘func’ (Dan Carpenter) [Orabug: 32224144]
  • ACPI/nfit: delete the function to_acpi_nfit_desc (Xiaochun Lee) [Orabug: 32224144]
    [4.14.35-2047.500.2]
  • lockdown: make lockdown mode available in securityfs (Alan Maguire) [Orabug: 32176137]
  • uek-rpm: Dont build emb2 kernel for mips (Dave Kleikamp) [Orabug: 32176895]
  • xen/events: block rogue events for some time (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673}
  • xen/events: defer eoi in case of excessive number of events (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673}
  • xen/events: use a common cpu hotplug hook for event channels (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673}
  • xen/events: switch user event channels to lateeoi model (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673}
  • xen/pciback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673}
  • xen/pvcallsback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673}
  • xen/scsiback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673}
  • xen/netback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673}
  • xen/blkback: use lateeoi irq binding (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673}
  • xen/events: add a new ‘late EOI’ evtchn framework (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673}
  • xen/events: fix race in evtchn_fifo_unmask() (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673}
  • xen/events: add a proper barrier to 2-level uevent unmasking (Juergen Gross) [Orabug: 32177537] {CVE-2020-27673}
  • page_frag: Recover from memory pressure (Dongli Zhang) [Orabug: 32177989]
  • RDMA/umem: Move to allocate SG table from pages (Maor Gottlieb) [Orabug: 32195765]
  • lib/scatterlist: Add support in dynamic allocation of SG table from pages (Maor Gottlieb) [Orabug: 32195765]
  • lib/scatterlist: Add SG_CHAIN and SG_END macros for LSB encodings (Anshuman Khandual) [Orabug: 32195765]
  • lib/scatterlist: Avoid potential scatterlist entry overflow (Tvrtko Ursulin) [Orabug: 32195765]
  • lib/scatterlist: Fix offset type in sg_alloc_table_from_pages (Tvrtko Ursulin) [Orabug: 32195765]
  • rds: fix out-of-tree build broken by tracepoints (Alan Maguire) [Orabug: 32185345]
  • xen/events: avoid removing an event channel while handling it (Juergen Gross) [Orabug: 32177547]
    [4.14.35-2047.500.1]
  • perf/core: Fix a memory leak in perf_event_parse_addr_filter() (kiyin( )) [Orabug: 32131174] {CVE-2020-25704}
  • perf/core: Fix bad use of igrab() (Song Liu) [Orabug: 32131174] {CVE-2020-25704}
  • IB/mlx4: Add support for REJ due to timeout (Hakon Bugge) [Orabug: 32136897]
  • IB/mlx4: Separate tunnel and wire bufs parameters (Hakon Bugge) [Orabug: 32136897]
  • IB/mlx4: Add support for MRA (Hakon Bugge) [Orabug: 32136897]
  • IB/mlx4: Add and improve logging (Hakon Bugge) [Orabug: 32136897]
  • xen/gntdev: fix up blockable calls to mn_invl_range_start (Michal Hocko) [Orabug: 32139243]
  • uek-rpm: Enable Intel Speed Select Technology interface support (Somasundaram Krishnasamy) [Orabug: 32047440]
  • platform/x86: ISST: Add new PCI device ids (Srinivas Pandruvada) [Orabug: 32047440]
  • platform/x86: ISST: Increase timeout (Srinivas Pandruvada) [Orabug: 32047440]
  • platform/x86: ISST: Fix wrong unregister type (Srinivas Pandruvada) [Orabug: 32047440]
  • platform/x86: ISST: Allow additional core-power mailbox commands (Srinivas Pandruvada) [Orabug: 32047440]
  • platform/x86: ISST: Allow additional TRL MSRs (Srinivas Pandruvada) [Orabug: 32047440]
  • platform/x86: ISST: Use dev_get_drvdata (Chuhong Yuan) [Orabug: 32047440]
  • platform/x86: ISST: Restore state on resume (Srinivas Pandruvada) [Orabug: 32047440]
  • platform/x86: ISST: Add Intel Speed Select PUNIT MSR interface (Srinivas Pandruvada) [Orabug: 32047440]
  • platform/x86: ISST: Add Intel Speed Select mailbox interface via MSRs (Srinivas Pandruvada) [Orabug: 32047440]
  • platform/x86: ISST: Add Intel Speed Select mailbox interface via PCI (Srinivas Pandruvada) [Orabug: 32047440]
  • platform/x86: ISST: Add Intel Speed Select mmio interface (Srinivas Pandruvada) [Orabug: 32047440]
  • platform/x86: ISST: Add IOCTL to Translate Linux logical CPU to PUNIT CPU number (Srinivas Pandruvada) [Orabug: 32047440]
  • platform/x86: ISST: Store per CPU information (Srinivas Pandruvada) [Orabug: 32047440]
  • platform/x86: ISST: Add common API to register and handle ioctls (Srinivas Pandruvada) [Orabug: 32047440]
    [4.14.35-2046]
  • lockdown: By default run in integrity mode. (Konrad Rzeszutek Wilk) [Orabug: 32131560]
  • kernel: add panic_on_taint (Rafael Aquini) [Orabug: 32138009]
  • Revert ‘pci: hardcode enumeration’ (Dave Aldridge) [Orabug: 32152281]
  • hv_utils: drain the timesync packets on onchannelcallback (Vineeth Pillai) [Orabug: 32152143]
  • hv_utils: return error if host timesysnc update is stale (Vineeth Pillai) [Orabug: 32152143]
  • Revert ‘iomap: Fix pipe page leakage during splicing’ (George Kennedy) [Orabug: 30848187]
  • x86/cpu/intel: enable X86_FEATURE_NT_GOOD on Intel Icelakx (Ankur Arora) [Orabug: 32080078]
  • x86/cpu/amd: enable X86_FEATURE_NT_GOOD on AMD Zen (Ankur Arora) [Orabug: 32080078]
  • x86/cpu/intel: enable X86_FEATURE_NT_GOOD on Intel Broadwellx (Ankur Arora) [Orabug: 32080078]
  • mm, clear_huge_page: use clear_page_uncached() for gigantic pages (Ankur Arora) [Orabug: 32080078]
  • x86/clear_page: add clear_page_uncached() (Ankur Arora) [Orabug: 32080078]
  • x86/asm: add clear_page_nt() (Ankur Arora) [Orabug: 32080078]
  • perf bench: add memset_movnti() (Ankur Arora) [Orabug: 32080078]
  • x86/asm: add memset_movnti() (Ankur Arora) [Orabug: 32080078]
  • x86/cpuid: add X86_FEATURE_NT_GOOD (Ankur Arora) [Orabug: 32080078]
  • Linux 4.14.206 (Greg Kroah-Hartman)
  • powercap: restrict energy meter to root access (Len Brown)
  • Linux 4.14.205 (Greg Kroah-Hartman) [Orabug: 32041544]
  • arm64: dts: marvell: espressobin: add ethernet alias (Tomasz Maciej Nowak)
  • PM: runtime: Resume the device earlier in __device_release_driver() (Rafael J. Wysocki)
  • Revert ‘ARC: entry: fix potential EFA clobber when TIF_SYSCALL_TRACE’ (Vineet Gupta)
  • ARC: stack unwinding: avoid indefinite looping (Vineet Gupta)
  • usb: mtu3: fix panic in mtu3_gadget_stop() (Macpaul Lin)
  • USB: Add NO_LPM quirk for Kingston flash drive (Alan Stern)
  • USB: serial: option: add Telit FN980 composition 0x1055 (Daniele Palmas)
  • USB: serial: option: add LE910Cx compositions 0x1203, 0x1230, 0x1231 (Daniele Palmas)
  • USB: serial: option: add Quectel EC200T module support (Ziyi Cao)
  • USB: serial: cyberjack: fix write-URB completion race (Johan Hovold)
  • serial: txx9: add missing platform_driver_unregister() on error in serial_txx9_init (Qinglang Miao)
  • serial: 8250_mtk: Fix uart_get_baud_rate warning (Claire Chang)
  • fork: fix copy_process(CLONE_PARENT) race with the exiting ->real_parent (Eddy Wu)
  • vt: Disable KD_FONT_OP_COPY (Daniel Vetter)
  • ACPI: NFIT: Fix comparison to ‘-ENXIO’ (Zhang Qilong)
  • drm/vc4: drv: Add error handding for bind (Hoegeun Kwon)
  • vsock: use ns_capable_noaudit() on socket create (Jeff Vander Stoep)
  • scsi: core: Dont start concurrent async scan on same host (Ming Lei)
  • blk-cgroup: Pre-allocate tree node on blkg_conf_prep (Gabriel Krisman Bertazi)
  • blk-cgroup: Fix memleak on error path (Gabriel Krisman Bertazi)
  • of: Fix reserved-memory overlap detection (Vincent Whitchurch)
  • x86/kexec: Use up-to-dated screen_info copy to fill boot params (Kairui Song)
  • ARM: dts: sun4i-a10: fix cpu_alert temperature (Clement Peron)
  • futex: Handle transient ‘ownerless’ rtmutex state correctly (Mike Galbraith)
  • tracing: Fix out of bounds write in get_trace_buf (Qiujun Huang)
  • ftrace: Handle tracing when switching between context (Steven Rostedt (VMware))
  • ftrace: Fix recursion check for NMI test (Steven Rostedt (VMware))
  • gfs2: Wake up when sd_glock_disposal becomes zero (Alexander Aring)
  • mm: always have io_remap_pfn_range() set pgprot_decrypted() (Jason Gunthorpe)
  • kthread_worker: prevent queuing delayed work from timer_fn when it is being canceled (Zqiang)
  • lib/crc32test: remove extra local_irq_disable/enable (Vasily Gorbik)
  • ALSA: usb-audio: Add implicit feedback quirk for Qu-16 (Geoffrey D. Bennett)
  • Fonts: Replace discarded const qualifier (Lee Jones)
  • blktrace: fix debugfs use after free (Luis Chamberlain) {CVE-2019-19770}
  • Blktrace: bail out early if block debugfs is not configured (Liu Bo)
  • sfp: Fix error handing in sfp_probe() (YueHaibing)
  • sctp: Fix COMM_LOST/CANT_STR_ASSOC err reporting on big-endian platforms (Petr Malat)
  • net: usb: qmi_wwan: add Telit LE910Cx 0x1230 composition (Daniele Palmas)
  • gianfar: Account for Tx PTP timestamp in the skb headroom (Claudiu Manoil)
  • gianfar: Replace skb_realloc_headroom with skb_cow_head for PTP (Claudiu Manoil)
  • tipc: fix use-after-free in tipc_bcast_get_mode (Hoang Huu Le)
  • drm/i915: Break up error capture compression loops with cond_resched() (Chris Wilson)
  • Linux 4.14.204 (Greg Kroah-Hartman)
  • staging: comedi: cb_pcidas: Allow 2-channel commands for AO subdevice (Ian Abbott)
  • KVM: arm64: Fix AArch32 handling of DBGD{CCINT,SCRext} and DBGVCR (Marc Zyngier)
  • device property: Dont clear secondary pointer for shared primary firmware node (Andy Shevchenko)
  • device property: Keep secondary firmware node secondary by type (Andy Shevchenko)
  • ARM: s3c24xx: fix missing system reset (Krzysztof Kozlowski)
  • ARM: samsung: fix PM debug build with DEBUG_LL but !MMU (Krzysztof Kozlowski)
  • arm: dts: mt7623: add missing pause for switchport (Frank Wunderlich)
  • hil/parisc: Disable HIL driver when it gets stuck (Helge Deller)
  • cachefiles: Handle readpage error correctly (Matthew Wilcox (Oracle))
  • arm64: berlin: Select DW_APB_TIMER_OF (Jisheng Zhang)
  • tty: make FONTX ioctl use the tty pointer they were actually passed (Linus Torvalds)
  • rtc: rx8010: dont modify the global rtc ops (Bartosz Golaszewski)
  • drm/ttm: fix eviction valuable range check. (Dave Airlie)
  • ext4: fix invalid inode checksum (Luo Meng)
  • ext4: fix error handling code in add_new_gdb (Dinghao Liu)
  • ext4: fix leaking sysfs kobject after failed mount (Eric Biggers)
  • vringh: fix __vringh_iov() when riov and wiov are different (Stefano Garzarella)
  • ring-buffer: Return 0 on success from ring_buffer_resize() (Qiujun Huang)
  • 9P: Cast to loff_t before multiplying (Matthew Wilcox (Oracle))
  • libceph: clear con->out_msg on Policy::stateful_server faults (Ilya Dryomov)
  • ceph: promote to unsigned long long before shifting (Matthew Wilcox (Oracle))
  • drm/amdgpu: dont map BO in reserved region (Madhav Chauhan)
  • ia64: fix build error with !COREDUMP (Krzysztof Kozlowski)
  • ubi: check kthread_should_stop() after the setting of task state (Zhihao Cheng)
  • perf python scripting: Fix printable strings in python3 scripts (Jiri Olsa)
  • ubifs: dent: Fix some potential memory leaks while iterating entries (Zhihao Cheng)
  • NFSD: Add missing NFSv2 .pc_func methods (Chuck Lever)
  • NFSv4.2: support EXCHGID4_FLAG_SUPP_FENCE_OPS 4.2 EXCHANGE_ID flag (Olga Kornievskaia)
  • powerpc/powernv/elog: Fix race while processing OPAL error log event. (Mahesh Salgaonkar)
  • powerpc: Warn about use of smt_snooze_delay (Joel Stanley)
  • powerpc/rtas: Restrict RTAS requests from userspace (Andrew Donnellan)
  • s390/stp: add locking to sysfs functions (Sven Schnelle)
  • iio:gyro:itg3200: Fix timestamp alignment and prevent data leak. (Jonathan Cameron)
  • iio:adc:ti-adc12138 Fix alignment issue with timestamp (Jonathan Cameron)
  • iio:adc:ti-adc0832 Fix alignment issue with timestamp (Jonathan Cameron)
  • iio:light:si1145: Fix timestamp alignment and prevent data leak. (Jonathan Cameron)
  • dmaengine: dma-jz4780: Fix race in jz4780_dma_tx_status (Paul Cercueil)
  • vt: keyboard, extend func_buf_lock to readers (Jiri Slaby) {CVE-2020-25656}
  • vt: keyboard, simplify vt_kdgkbsent (Jiri Slaby)
  • drm/i915: Force VTd workarounds when running as a guest OS (Chris Wilson)
  • usb: host: fsl-mph-dr-of: check return of dma_set_mask() (Ran Wang)
  • usb: cdc-acm: fix cooldown mechanism (Jerome Brunet)
  • usb: dwc3: core: dont trigger runtime pm when remove driver (Li Jun)
  • usb: dwc3: core: add phy cleanup for probe error handling (Li Jun)
  • usb: dwc3: ep0: Fix ZLP for OUT ep0 requests (Thinh Nguyen)
  • btrfs: fix use-after-free on readahead extent after failure to create it (Filipe Manana)
  • btrfs: cleanup cow block on error (Josef Bacik)
  • btrfs: use kvzalloc() to allocate clone_roots in btrfs_ioctl_send() (Denis Efremov)
  • btrfs: send, recompute reference path after orphanization of a directory (Filipe Manana)
  • btrfs: reschedule if necessary when logging directory items (Filipe Manana)
  • scsi: mptfusion: Fix null pointer dereferences in mptscsih_remove() (Helge Deller)
  • w1: mxc_w1: Fix timeout resolution problem leading to bus error (Martin Fuzzey)
  • acpi-cpufreq: Honor _PSD table setting on new AMD CPUs (Wei Huang)
  • ACPI: debug: dont allow debugging when ACPI is disabled (Jamie Iles)
  • ACPI: video: use ACPI backlight for HP 635 Notebook (Alex Hung)
  • ACPI / extlog: Check for RDMSR failure (Ben Hutchings)
  • NFS: fix nfs_path in case of a rename retry (Ashish Sangwan)
  • fs: Dont invalidate page buffers in block_write_full_page() (Jan Kara)
  • leds: bcm6328, bcm6358: use devres LED registering function (Marek Behun)
  • perf/x86/amd/ibs: Fix raw sample data accumulation (Kim Phillips)
  • perf/x86/amd/ibs: Dont include randomized bits in get_ibs_op_count() (Kim Phillips)
  • md/raid5: fix oops during stripe resizing (Song Liu)
  • nvme-rdma: fix crash when connect rejected (Chao Leng)
  • sgl_alloc_order: fix memory leak (Douglas Gilbert)
  • nbd: make the config put is called before the notifying the waiter (Xiubo Li)
  • ARM: dts: s5pv210: remove dedicated ‘audio-subsystem’ node (Krzysztof Kozlowski)
  • ARM: dts: s5pv210: move PMU node out of clock controller (Krzysztof Kozlowski)
  • ARM: dts: s5pv210: remove DMA controller bus node name to fix dtschema warnings (Krzysztof Kozlowski)
  • memory: emif: Remove bogus debugfs error handling (Dan Carpenter)
  • arm64: dts: renesas: ulcb: add full-pwr-cycle-in-suspend into eMMC nodes (Yoshihiro Shimoda)
  • gfs2: add validation checks for size of superblock (Anant Thazhemadam)
  • ext4: Detect already used quota file early (Jan Kara)
  • drivers: watchdog: rdc321x_wdt: Fix race condition bugs (Madhuparna Bhowmik)
  • net: 9p: initialize sun_server.sun_path to have addrs value only when addr is valid (Anant Thazhemadam)
  • clk: ti: clockdomain: fix static checker warning (Tero Kristo)
  • bnxt_en: Log unknown link speed appropriately. (Michael Chan)
  • md/bitmap: md_bitmap_get_counter returns wrong blocks (Zhao Heming)
  • power: supply: test_power: add missing newlines when printing parameters by sysfs (Xiongfeng Wang)
  • bus/fsl_mc: Do not rely on caller to provide non NULL mc_io (Diana Craciun)
  • drivers/net/wan/hdlc_fr: Correctly handle special skb->protocol values (Xie He)
  • ACPI: Add out of bounds and numa_off protections to pxm_to_node() (Jonathan Cameron)
  • arm64/mm: return cpu_all_mask when node is NUMA_NO_NODE (Zhengyuan Liu)
  • uio: free uio id after uio file node is freed (Lang Dai)
  • USB: adutux: fix debugging (Oliver Neukum)
  • cpufreq: sti-cpufreq: add stih418 support (Alain Volmat)
  • kgdb: Make ‘kgdbcon’ work properly with ‘kgdb_earlycon’ (Douglas Anderson)
  • printk: reduce LOG_BUF_SHIFT range for H8300 (John Ogness)
  • drm/bridge/synopsys: dsi: add support for non-continuous HS clock (Antonio Borneo)
  • mmc: via-sdmmc: Fix data race bug (Madhuparna Bhowmik)
  • media: tw5864: check status of tw5864_frameinterval_get (Tom Rix)
  • usb: typec: tcpm: During PR_SWAP, source caps should be sent only after tSwapSourceStart (Badhri Jagan Sridharan)
  • media: platform: Improve queue set up flow for bug fixing (Xia Jiang)
  • media: videodev2.h: RGB BT2020 and HSV are always full range (Hans Verkuil)
  • drm/brige/megachips: Add checking if ge_b850v3_lvds_init() is working correctly (Nadezda Lutovinova)
  • ath10k: fix VHT NSS calculation when STBC is enabled (Sathishkumar Muruganandam)
  • ath10k: start recovery process when payload length exceeds max htc length for sdio (Wen Gong)
  • video: fbdev: pvr2fb: initialize variables (Tom Rix)
  • xfs: fix realtime bitmap/summary file truncation when growing rt volume (Darrick J. Wong)
  • ARM: 8997/2: hw_breakpoint: Handle inexact watchpoint addresses (Douglas Anderson)
  • um: change sigio_spinlock to a mutex (Johannes Berg)
  • f2fs: fix to check segment boundary during SIT page readahead (Chao Yu)
  • f2fs: add trace exit in exception path (Zhang Qilong)
  • sparc64: remove mm_cpumask clearing to fix kthread_use_mm race (Nicholas Piggin)
  • powerpc: select ARCH_WANT_IRQS_OFF_ACTIVATE_MM (Nicholas Piggin)
  • powerpc/powernv/smp: Fix spurious DBG() warning (Oliver O Halloran)
  • futex: Fix incorrect should_fail_futex() handling (Mateusz Nosek)
  • mlxsw: core: Fix use-after-free in mlxsw_emad_trans_finish() (Amit Cohen)
  • x86/unwind/orc: Fix inactive tasks with stack pointer in %sp on GCC 10 compiled kernels (Jiri Slaby)
  • fscrypt: return -EXDEV for incompatible rename or link into encrypted dir (Eric Biggers)
  • ata: sata_rcar: Fix DMA boundary mask (Geert Uytterhoeven)
  • mtd: lpddr: Fix bad logic in print_drs_error (Gustavo A. R. Silva)
  • p54: avoid accessing the data mapped to streaming DMA (Jia-Ju Bai)
  • fuse: fix page dereference after free (Miklos Szeredi)
  • x86/xen: disable Firmware First mode for correctable memory errors (Juergen Gross)
  • arch/x86/amd/ibs: Fix re-arming IBS Fetch (Kim Phillips)
  • tipc: fix memory leak caused by tipc_buf_append() (Tung Nguyen)
  • ravb: Fix bit fields checking in ravb_hwtstamp_get() (Andrew Gabbasov)
  • gtp: fix an use-before-init in gtp_newlink() (Masahiro Fujiwara)
  • efivarfs: Replace invalid slashes with exclamation marks in dentries. (Michael Schaller)
  • arm64: link with -z norelro regardless of CONFIG_RELOCATABLE (Nick Desaulniers)
  • scripts/setlocalversion: make git describe output more reliable (Rasmus Villemoes)
  • Btrfs: fix selftests failure due to uninitialized i_mode in test inodes (Filipe Manana) [Orabug: 31864725] {CVE-2019-19816}
  • btrfs: fix return value mixup in btrfs_get_extent (Pavel Machek) [Orabug: 31864725] {CVE-2019-19816}
  • btrfs: inode: Verify inode mode to avoid NULL pointer dereference (Qu Wenruo) [Orabug: 31864725] {CVE-2019-19816}
  • hv_netvsc: Set probe mode to sync (Haiyang Zhang) [Orabug: 32120118]

8.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

Related for ELSA-2021-9052