Unbreakable Enterprise kernel-container security update

2022-06-1400:00:00

linux.oracle.com

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON

5.4.17-2136.308.7.el7
uek-rpm: Update OL7/8 Secureboot certificate and shim versions (Sherry Yang) [Orabug: 34248329]
[5.4.17-2136.308.6]
mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection (Johannes Berg)
arm: remove CONFIG_ARCH_HAS_HOLES_MEMORYMODEL (Mike Rapoport)
x86/cpu: Load microcode during restore_processor_state() (Borislav Petkov)
net/smc: Fix sock leak when release after smc_shutdown() (Tony Lu)
dmaengine: Revert ‘dmaengine: shdma: Fix runtime PM imbalance on error’ (Vinod Koul)
scsi: qla2xxx: Fix warning for missing error code (Nilesh Javali)
media: Revert ‘media: em28xx: add missing em28xx_close_extension’ (Pavel Skripkin)
regulator: qcom_smd: fix for_each_child.cocci warnings (kernel test robot)
Revert ‘Input: clear BTN_RIGHT/MIDDLE on buttonpads’ (Jose Exposito)
f2fs: fix to unlock page correctly in error path of is_alive() (Chao Yu)
perf: Fix sys_perf_event_open() race against self (Peter Zijlstra) [Orabug: 34211086] {CVE-2022-1729}
debug: Lock down kgdb (Stephen Brennan) [Orabug: 34211075] {CVE-2022-21499}
io_uring: always use original task when preparing req identity (Jens Axboe) [Orabug: 34211070] {CVE-2022-1786}
ALSA: pcm: Fix races among concurrent prealloc proc writes (Takashi Iwai) [Orabug: 34007905] {CVE-2022-1048}
ALSA: pcm: Fix races among concurrent prepare and hw_params/hw_free calls (Takashi Iwai) [Orabug: 34007905] {CVE-2022-1048}
ALSA: pcm: Fix races among concurrent read/write and buffer changes (Takashi Iwai) [Orabug: 34007905] {CVE-2022-1048}
ALSA: pcm: Fix races among concurrent hw_params and hw_free calls (Takashi Iwai) [Orabug: 34007905] {CVE-2022-1048}
KVM: x86: avoid calling x86 emulator without a decoded instruction (Sean Christopherson) [Orabug: 34205799] {CVE-2022-1852} {CVE-2022-1852}
[5.4.17-2136.308.5]
vfio/type1: misalignment sanity check broken when mapping dma (Anthony Yznaga) [Orabug: 34124949]
uek-rpm: configs: enable 9P_FS for x86_64 (Todd Vierling) [Orabug: 34146030]
[5.4.17-2136.308.4]
bpf: parse BTF with linkage set for functions (Alan Maguire) [Orabug: 34068157]
selftests/bpf: remove BPF skeleton-based tests that got pulled in via backports (Alan Maguire) [Orabug: 34068157]
uek-rpm: default for COMMON_CLK_MARVELL_OTX2 should be ‘n’ (Henry Willard) [Orabug: 34138118]
[5.4.17-2136.308.3]
xfs: only bother with sync_filesystem during readonly remount (Darrick J. Wong) [Orabug: 34085023]
vfs: make sync_filesystem return errors from ->sync_fs (Darrick J. Wong) [Orabug: 34085023]
xfs: reject crazy array sizes being fed to XFS_IOC_GETBMAP* (Darrick J. Wong) [Orabug: 34085023]
xfs: prevent UAF in xfs_log_item_in_current_chkpt (Darrick J. Wong) [Orabug: 34085023]
xfs: prevent a WARN_ONCE() in xfs_ioc_attr_list() (Dan Carpenter) [Orabug: 34085023]
xfs: check sb_meta_uuid for dabuf buffer recovery (Dave Chinner) [Orabug: 34085023]
xfs: only run COW extent recovery when there are no live extents (Darrick J. Wong) [Orabug: 34085023]
x86/platform/uv: Log gap hole end size (Mike Travis) [Orabug: 34100339]
x86/platform/uv: Update TSC sync state for UV5 (Mike Travis) [Orabug: 34100339]
x86/platform/uv: Update NMI Handler for UV5 (Mike Travis) [Orabug: 34100339]
perf/x86/intel/uncore: Fix the build on !CONFIG_PHYS_ADDR_T_64BIT (Ingo Molnar) [Orabug: 34100339]
perf/x86/intel/uncore: Make uncore_discovery clean for 64 bit addresses (Steve Wahl) [Orabug: 34100339]
net/rds: Delayed DR_SOCK_CANCEL (Gerd Rausch) [Orabug: 34105318]
mlx4_core: calculate log_num_mtt based on total system memory (Wei Lin Guay) [Orabug: 34111386]
xen/x86: Add interface for querying amount of host memory (Boris Ostrovsky) [Orabug: 34111386]
staging: mmal-vchiq: Reset buffers_with_vpu on port_enable (Dave Stevenson) [Orabug: 34125311]
af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register (Haimin Zhang) [Orabug: 34135343] {CVE-2022-1353}
clocksource: Avoid accidental unstable marking of clocksources (Waiman Long) [Orabug: 34145210]
clocksource: Reduce clocksource-skew threshold (Paul E. McKenney) [Orabug: 34145210]
Revert ‘rds/ib: recover rds connection from stuck tx path’ (Nagappan Ramasamy Palaniappan) [Orabug: 34152863]
Revert ‘rds/ib: reap tx completions during connection shutdown’ (Nagappan Ramasamy Palaniappan) [Orabug: 34152863]
Revert ‘rds/ib: handle posted ACK during connection shutdown’ (Nagappan Ramasamy Palaniappan) [Orabug: 34152863]
[5.4.17-2136.308.2]
KVM: arm64: Check arm64_get_bp_hardening_data() didn’t return NULL (James Morse)
LTS tag: v5.4.188 (Sherry Yang)
llc: only change llc->dev when bind() succeeds (Eric Dumazet)
nds32: fix access_ok() checks in get/put_user (Arnd Bergmann)
tpm: use try_get_ops() in tpm-space.c (James Bottomley)
mac80211: fix potential double free on mesh join (Linus Lussing)
rcu: Don’t deboost before reporting expedited quiescent state (Paul E. McKenney)
crypto: qat - disable registration of algorithms (Giovanni Cabiddu)
ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU (Werner Sembach)
ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3 (Maximilian Luz)
ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board (Mark Cilissen)
ALSA: hda/realtek: Add quirk for ASUS GA402 (Jason Zheng)
ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671 (huangwenhui)
ALSA: oss: Fix PCM OSS buffer allocation overflow (Takashi Iwai)
ASoC: sti: Fix deadlock via snd_pcm_stop_xrun() call (Takashi Iwai)
drivers: net: xgene: Fix regression in CRC stripping (Stephane Graber)
ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec (Giacomo Guiduzzi)
ALSA: cmipci: Restore aux vol on suspend/resume (Jonathan Teh)
ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB (Lars-Peter Clausen)
ALSA: pcm: Add stream lock during PCM reset ioctl operations (Takashi Iwai)
llc: fix netdevice reference leaks in llc_ui_bind() (Eric Dumazet)
thermal: int340x: fix memory leak in int3400_notify() (Chuansheng Liu)
staging: fbtft: fb_st7789v: reset display before initialization (Oliver Graute)
tpm: Fix error handling in async work (Tadeusz Struk)
net: ipv6: fix skb_over_panic in __ip6_append_data (Tadeusz Struk)
nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION (Jordy Zomer)
nfsd: Containerise filecache laundrette (Trond Myklebust)
nfsd: cleanup nfsd_file_lru_dispose() (Trond Myklebust)
LTS tag: v5.4.187 (Sherry Yang)
Revert ‘selftests/bpf: Add test for bpf_timer overwriting crash’ (Greg Kroah-Hartman)
perf symbols: Fix symbol size calculation condition (Michael Petlan)
Input: aiptek - properly check endpoint type (Pavel Skripkin)
usb: usbtmc: Fix bug in pipe direction for control transfers (Alan Stern)
usb: gadget: Fix use-after-free bug by not setting udc->dev.driver (Alan Stern)
usb: gadget: rndis: prevent integer overflow in rndis_set_response() (Dan Carpenter)
arm64: fix clang warning about TRAMP_VALIAS (Arnd Bergmann)
net: dsa: Add missing of_node_put() in dsa_port_parse_of (Miaoqian Lin)
net: handle ARPHRD_PIMREG in dev_is_mac_header_xmit() (Nicolas Dichtel)
drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings (Marek Vasut)
hv_netvsc: Add check for kvmalloc_array (Jiasheng Jiang)
atm: eni: Add check for dma_map_single (Jiasheng Jiang)
net/packet: fix slab-out-of-bounds access in packet_recvmsg() (Eric Dumazet)
net: phy: marvell: Fix invalid comparison in the resume and suspend functions (Kurt Cancemi)
efi: fix return value of __setup handlers (Randy Dunlap)
ocfs2: fix crash when initialize filecheck kobj fails (Joseph Qi)
crypto: qcom-rng - ensure buffer for generate is completely filled (Brian Masney)
LTS tag: v5.4.186 (Sherry Yang)
fixup for ‘arm64 entry: Add macro for reading symbol address from the trampoline’ (James Morse)
kselftest/vm: fix tests build with old libc (Chengming Zhou)
sfc: extend the locking on mcdi->seqno (Niels Dossche)
tcp: make tcp_read_sock() more robust (Eric Dumazet)
nl80211: Update bss channel on channel switch for P2P_CLIENT (Sreeramya Soratkal)
drm/vrr: Set VRR capable prop only if it is attached to connector (Manasi Navare)
iwlwifi: don’t advertise TWT support (Golan Ben Ami)
atm: firestream: check the return value of ioremap() in fs_init() (Jia-Ju Bai)
can: rcar_canfd: rcar_canfd_channel_probe(): register the CAN device when fully ready (Lad Prabhakar)
ARM: 9178/1: fix unmet dependency on BITREVERSE for HAVE_ARCH_BITREVERSE (Julian Braha)
MIPS: smp: fill in sibling and core maps earlier (Alexander Lobakin)
mac80211: refuse aggregations sessions before authorized (Johannes Berg)
ARM: dts: rockchip: fix a typo on rk3288 crypto-controller (Corentin Labbe)
ARM: dts: rockchip: reorder rk322x hmdi clocks (Sascha Hauer)
arm64: dts: agilex: use the compatible ‘intel,socfpga-agilex-hsotg’ (Dinh Nguyen)
arm64: dts: rockchip: reorder rk3399 hdmi clocks (Sascha Hauer)
arm64: dts: rockchip: fix rk3399-puma eMMC HS400 signal integrity (Jakob Unterwurzacher)
xfrm: Fix xfrm migrate issues when address family changes (Yan Yan)
xfrm: Check if_id in xfrm_migrate (Yan Yan)
sctp: fix the processing for INIT chunk (Xin Long)
Revert ‘xfrm: state and policy should fail if XFRMA_IF_ID 0’ (Kai Lueke)
LTS tag: v5.4.185 (Sherry Yang)
ext4: add check to prevent attempting to resize an fs with sparse_super2 (Josh Triplett)
ARM: fix Thumb2 regression with Spectre BHB (Russell King (Oracle))
virtio: acknowledge all features before access (Michael S. Tsirkin)
virtio: unexport virtio_finalize_features (Michael S. Tsirkin)
arm64: dts: marvell: armada-37xx: Remap IO space to bus address 0x0 (Pali Rohar)
riscv: Fix auipc+jalr relocation range checks (Emil Renner Berthing)
mmc: meson: Fix usage of meson_mmc_post_req() (Rong Chen)
net: macb: Fix lost RX packet wakeup race in NAPI receive (Robert Hancock)
staging: gdm724x: fix use after free in gdm_lte_rx() (Dan Carpenter)
fuse: fix pipe buffer lifetime for direct_io (Miklos Szeredi)
ARM: Spectre-BHB: provide empty stub for non-config (Randy Dunlap)
selftests/memfd: clean up mapping in mfd_fail_write (Mike Kravetz)
selftest/vm: fix map_fixed_noreplace test failure (Aneesh Kumar K.V)
tracing: Ensure trace buffer is at least 4096 bytes large (Sven Schnelle)
ipv6: prevent a possible race condition with lifetimes (Niels Dossche)
Revert ‘xen-netback: Check for hotplug-status existence before watching’ (Marek Marczykowski-Gorecki)
Revert ‘xen-netback: remove ‘hotplug-status’ once it has served its purpose’ (Marek Marczykowski-Gorecki)
net-sysfs: add check for netdevice being present to speed_show (suresh kumar)
selftests/bpf: Add test for bpf_timer overwriting crash (Kumar Kartikeya Dwivedi)
net: bcmgenet: Don’t claim WOL when its not available (Jeremy Linton)
sctp: fix kernel-infoleak for SCTP sockets (Eric Dumazet)
net: phy: DP83822: clear MISR2 register to disable interrupts (Clement Leger)
gianfar: ethtool: Fix refcount leak in gfar_get_ts_info (Miaoqian Lin)
gpio: ts4900: Do not set DAT and OE together (Mark Featherston)
selftests: pmtu.sh: Kill tcpdump processes launched by subshell. (Guillaume Nault)
NFC: port100: fix use-after-free in port100_send_complete (Pavel Skripkin)
net/mlx5: Fix a race on command flush flow (Moshe Shemesh)
net/mlx5: Fix size field in bufferx_reg struct (Mohammad Kabat)
ax25: Fix NULL pointer dereference in ax25_kill_by_device (Duoming Zhou)
net: ethernet: lpc_eth: Handle error for clk_enable (Jiasheng Jiang)
net: ethernet: ti: cpts: Handle error for clk_enable (Jiasheng Jiang)
ethernet: Fix error handling in xemaclite_of_probe (Miaoqian Lin)
ARM: dts: aspeed: Fix AST2600 quad spi group (Joel Stanley)
drm/sun4i: mixer: Fix P010 and P210 format numbers (Jernej Skrabec)
qed: return status of qed_iov_get_link (Tom Rix)
net: qlogic: check the return value of dma_alloc_coherent() in qed_vf_hw_prepare() (Jia-Ju Bai)
virtio-blk: Don’t use MAX_DISCARD_SEGMENTS if max_discard_seg is zero (Xie Yongji)
arm64: dts: armada-3720-turris-mox: Add missing ethernet0 alias (Pali Rohar)
clk: qcom: gdsc: Add support to update GDSC transition delay (Taniya Das)
LTS tag: v5.4.184 (Sherry Yang)
Revert ‘ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE’ (Greg Kroah-Hartman)
xen/netfront: react properly to failing gnttab_end_foreign_access_ref() (Juergen Gross) {CVE-2022-23042}
xen/gnttab: fix gnttab_end_foreign_access() without page specified (Juergen Gross) {CVE-2022-23041}
xen/pvcalls: use alloc/free_pages_exact() (Juergen Gross) {CVE-2022-23041}
xen/9p: use alloc/free_pages_exact() (Juergen Gross) {CVE-2022-23041}
xen: remove gnttab_query_foreign_access() (Juergen Gross)
xen/gntalloc: don’t use gnttab_query_foreign_access() (Juergen Gross) {CVE-2022-23039}
xen/scsifront: don’t use gnttab_query_foreign_access() for mapped status (Juergen Gross) {CVE-2022-23038}
xen/netfront: don’t use gnttab_query_foreign_access() for mapped status (Juergen Gross) {CVE-2022-23037}
xen/blkfront: don’t use gnttab_query_foreign_access() for mapped status (Juergen Gross) {CVE-2022-23036}
xen/grant-table: add gnttab_try_end_foreign_access() (Juergen Gross) {CVE-2022-23036} {CVE-2022-23038}
xen/xenbus: don’t let xenbus_grant_ring() remove grants in error case (Juergen Gross) {CVE-2022-23040}
ARM: fix build warning in proc-v7-bugs.c (Russell King (Oracle))
ARM: Do not use NOCROSSREFS directive with ld.lld (Nathan Chancellor)
ARM: fix co-processor register typo (Russell King (Oracle))
ARM: fix build error when BPF_SYSCALL is disabled (Emmanuel Gil Peyrot)
ARM: include unprivileged BPF status in Spectre V2 reporting (Russell King (Oracle))
ARM: Spectre-BHB workaround (Russell King (Oracle))
ARM: use LOADADDR() to get load address of sections (Russell King (Oracle))
ARM: early traps initialisation (Russell King (Oracle))
ARM: report Spectre v2 status through sysfs (Russell King (Oracle))
arm/arm64: smccc/psci: add arm_smccc_1_1_get_conduit() (Mark Rutland)
arm/arm64: Provide a wrapper for SMCCC 1.1 calls (Steven Price)
x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT (Josh Poimboeuf)
x86/speculation: Warn about Spectre v2 LFENCE mitigation (Josh Poimboeuf)
LTS tag: v5.4.183 (Sherry Yang)
hamradio: fix macro redefine warning (Huang Pei)
net: dcb: disable softirqs in dcbnl_flush_dev() (Vladimir Oltean)
Revert ‘xfrm: xfrm_state_mtu should return at least 1280 for ipv6’ (Jiri Bohac)
btrfs: add missing run of delayed items after unlink during log replay (Filipe Manana)
btrfs: qgroup: fix deadlock between rescan worker and remove qgroup (Sidong Yang)
btrfs: fix lost prealloc extents beyond eof after full fsync (Filipe Manana)
tracing: Fix return value of __setup handlers (Randy Dunlap)
tracing/histogram: Fix sorting on old ‘cpu’ value (Steven Rostedt (Google))
HID: add mapping for KEY_ALL_APPLICATIONS (William Mahon)
HID: add mapping for KEY_DICTATE (William Mahon)
Input: elan_i2c - fix regulator enable count imbalance after suspend/resume (Hans de Goede)
Input: elan_i2c - move regulator_[en|dis]able() out of elan_[en|dis]able_power() (Hans de Goede)
nl80211: Handle nla_memdup failures in handle_nan_filter (Jiasheng Jiang)
net: chelsio: cxgb3: check the return value of pci_find_capability() (Jia-Ju Bai)
soc: fsl: qe: Check of ioremap return value (Jiasheng Jiang)
memfd: fix F_SEAL_WRITE after shmem huge page allocated (Hugh Dickins)
ibmvnic: free reset-work-item when flushing (Sukadev Bhattiprolu)
igc: igc_write_phy_reg_gpy: drop premature return (Sasha Neftin)
ARM: 9182/1: mmu: fix returns from early_param() and __setup() functions (Randy Dunlap)
ARM: Fix kgdb breakpoint for Thumb2 (Russell King (Oracle))
igc: igc_read_phy_reg_gpy: drop premature return (Corinna Vinschen)
arm64: dts: rockchip: Switch RK3399-Gru DP to SPDIF output (Brian Norris)
can: gs_usb: change active_channels’s type from atomic_t to u8 (Vincent Mailhol)
ASoC: cs4265: Fix the duplicated control name (Fabio Estevam)
firmware: arm_scmi: Remove space in MODULE_ALIAS name (Alyssa Ross)
efivars: Respect ‘block’ flag in efivar_entry_set_safe() (Jann Horn)
ixgbe: xsk: change !netif_carrier_ok() handling in ixgbe_xmit_zc() (Maciej Fijalkowski)
net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe() (Zheyu Ma)
net: sxgbe: fix return value of __setup handler (Randy Dunlap)
iavf: Fix missing check for running netdev (Slawomir Laba)
net: stmmac: fix return value of __setup handler (Randy Dunlap)
mac80211: fix forwarded mesh frames AC & queue selection (Nicolas Escande)
ia64: ensure proper NUMA distance and possible map initialization (Valentin Schneider)
sched/topology: Fix sched_domain_topology_level alloc in sched_init_numa() (Dietmar Eggemann)
sched/topology: Make sched_init_numa() use a set for the deduplicating sort (Valentin Schneider)
xen/netfront: destroy queues before real_num_tx_queues is zeroed (Marek Marczykowski-Gorecki)
block: Fix fsync always failed if once failed (Ye Bin)
net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error cause by server (D. Wythe)
net/smc: fix unexpected SMC_CLC_DECL_ERR_REGRMB error generated by client (D. Wythe)
net: dcb: flush lingering app table entries for unregistered devices (Vladimir Oltean)
batman-adv: Don’t expect inter-netns unique iflink indices (Sven Eckelmann)
batman-adv: Request iflink once in batadv_get_real_netdevice (Sven Eckelmann)
batman-adv: Request iflink once in batadv-on-batadv check (Sven Eckelmann)
netfilter: nf_queue: fix possible use-after-free (Florian Westphal)
netfilter: nf_queue: don’t assume sk is full socket (Florian Westphal)
xfrm: enforce validity of offload input flags (Leon Romanovsky)
xfrm: fix the if_id check in changelink (Antony Antony)
netfilter: fix use-after-free in __nf_register_net_hook() (Eric Dumazet)
xfrm: fix MTU regression (Jiri Bohac)
ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min (Marek Vasut)
ALSA: intel_hdmi: Fix reference to PCM buffer address (Zhen Ni)
ata: pata_hpt37x: fix PCI clock detection (Sergey Shtylyov)
usb: gadget: clear related members when goto fail (Hangyu Hua)
usb: gadget: don’t release an existing dev->buf (Hangyu Hua)
net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 (Daniele Palmas)
i2c: qup: allow COMPILE_TEST (Wolfram Sang)
i2c: cadence: allow COMPILE_TEST (Wolfram Sang)
dmaengine: shdma: Fix runtime PM imbalance on error (Yongzhi Liu)
cifs: fix double free race when mount fails in cifs_get_root() (Ronnie Sahlberg)
Input: clear BTN_RIGHT/MIDDLE on buttonpads (Jose Exposito)
ASoC: rt5682: do not block workqueue if card is unbound (Kai Vehmanen)
ASoC: rt5668: do not block workqueue if card is unbound (Kai Vehmanen)
i2c: bcm2835: Avoid clock stretching timeouts (Eric Anholt)
mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work (JaeMan Park)
mac80211_hwsim: report NOACK frames in tx_status (Benjamin Beichler)
LTS tag: v5.4.182 (Sherry Yang)
fget: clarify and improve __fget_files() implementation (Linus Torvalds)
memblock: use kfree() to release kmalloced memblock regions (Miaohe Lin)
Revert ‘drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR’ (Karol Herbst)
gpio: tegra186: Fix chip_data type confusion (Marc Zyngier)
tty: n_gsm: fix NULL pointer access due to DLCI release ([email protected])
tty: n_gsm: fix proper link termination after failed open ([email protected])
tty: n_gsm: fix encoding of control signal octet bit DV ([email protected])
xhci: Prevent futile URB re-submissions due to incorrect return value. (Hongyu Xie)
xhci: re-initialize the HC during resume if HCE was set (Puma Hsu)
usb: dwc3: gadget: Let the interrupt handler disable bottom halves. (Sebastian Andrzej Siewior)
usb: dwc3: pci: Fix Bay Trail phy GPIO mappings (Hans de Goede)
USB: serial: option: add Telit LE910R1 compositions (Daniele Palmas)
USB: serial: option: add support for DW5829e (Slark Xiao)
tracefs: Set the group ownership in apply_options() not parse_options() (Steven Rostedt (Google))
USB: gadget: validate endpoint index for xilinx udc (Szymon Heidrich)
usb: gadget: rndis: add spinlock for rndis response list (Daehwan Jung)
Revert ‘USB: serial: ch341: add new Product ID for CH341A’ (Dmytro Bagrii)
ata: pata_hpt37x: disable primary channel on HPT371 (Sergey Shtylyov)
iio: Fix error handling for PM (Miaoqian Lin)
iio: adc: ad7124: fix mask used for setting AIN_BUFP & AIN_BUFM bits (Cosmin Tanislav)
iio: adc: men_z188_adc: Fix a resource leak in an error handling path (Christophe JAILLET)
tracing: Have traceon and traceoff trigger honor the instance (Steven Rostedt (Google))
RDMA/ib_srp: Fix a deadlock (Bart Van Assche)
configfs: fix a race in configfs_{,un}register_subsystem() (ChenXiaoSong)
spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op() (Zhou Qingyang)
net/mlx5: Fix wrong limitation of metadata match on ecpf (Ariel Levkovich)
net/mlx5: Fix possible deadlock on rule deletion (Maor Gottlieb)
netfilter: nf_tables: fix memory leak during stateful obj update (Florian Westphal)
nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac() (Christophe JAILLET)
net: Force inlining of checksum functions in net/checksum.h (Christophe Leroy)
net: ll_temac: check the return value of devm_kmalloc() (Xiaoke Wang)
net/mlx5e: Fix wrong return value on ioctl EEPROM query failure (Gal Pressman)
drm/edid: Always set RGB444 (Maxime Ripard)
openvswitch: Fix setting ipv6 fields causing hw csum failure (Paul Blakey)
gso: do not skip outer ip header in case of ipip and net_failover (Tao Liu)
tipc: Fix end of loop tests for list_for_each_entry() (Dan Carpenter)
net: __pskb_pull_tail() & pskb_carve_frag_list() drop_monitor friends (Eric Dumazet)
bpf: Do not try bpf_msg_push_data with len 0 (Felix Maurer)
perf data: Fix double free in perf_session__delete() (Alexey Bayduraev)
ping: remove pr_err from ping_lookup (Xin Long)
lan743x: fix deadlock in lan743x_phy_link_status_change() (Heiner Kallweit)
optee: use driver internal tee_context for some rpc (Jens Wiklander)
tee: export teedev_open() and teedev_close_context() (Jens Wiklander)
x86/fpu: Correct pkru/xstate inconsistency (Brian Geffon)
USB: zaurus: support another broken Zaurus (Oliver Neukum)
drm/amdgpu: disable MMHUB PG for Picasso (Evan Quan)
parisc/unaligned: Fix ldw() and stw() unalignment handlers (Helge Deller)
parisc/unaligned: Fix fldd and fstd unaligned handlers on 32-bit kernel (Helge Deller)
vhost/vsock: don’t check owner in vhost_vsock_stop() while releasing (Stefano Garzarella)
clk: jz4725b: fix mmc0 clock gating (Siarhei Volkau)
cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug (Zhang Qiao)
LTS tag: v5.4.181 (Sherry Yang)
kconfig: fix failing to generate auto.conf (Jing Leng)
net: macb: Align the dma and coherent dma masks (Marc St-Amand)
net: usb: qmi_wwan: Add support for Dell DW5829e (Slark Xiao)
tracing: Fix tp_printk option related with tp_printk_stop_on_boot (JaeSang Yoo)
drm/rockchip: dw_hdmi: Do not leave clock enabled in error case (Sascha Hauer)
ata: libata-core: Disable TRIM on M88V29 (Zoltan Boszormenyi)
kconfig: let ‘shell’ return enough output for deep path names (Brenda Streiff)
arm64: dts: meson-g12: drop BL32 region from SEI510/SEI610 (Christian Hewitt)
arm64: dts: meson-g12: add ATF BL32 reserved-memory region (Christian Hewitt)
arm64: dts: meson-gx: add ATF BL32 reserved-memory region (Christian Hewitt)
netfilter: conntrack: don’t refresh sctp entries in closed state (Florian Westphal)
irqchip/sifive-plic: Add missing thead,c900-plic match string (Guo Ren)
ARM: OMAP2+: adjust the location of put_device() call in omapdss_init_of (Ye Guojin)
ARM: OMAP2+: hwmod: Add of_node_put() before break (Wan Jiabing)
KVM: x86/pmu: Use AMD64_RAW_EVENT_MASK for PERF_TYPE_RAW (Jim Mattson)
Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj (Miaoqian Lin)
i2c: brcmstb: fix support for DSL and CM variants (Rafal Milecki)
copy_process(): Move fd_install() out of sighand->siglock critical section (Waiman Long)
dmaengine: sh: rcar-dmac: Check for error num after setting mask (Jiasheng Jiang)
net: sched: limit TC_ACT_REPEAT loops (Eric Dumazet)
EDAC: Fix calculation of returned address and next offset in edac_align_ptr() (Eliav Farber)
scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop (James Smart)
mtd: rawnand: brcmnand: Fixed incorrect sub-page ECC status (david regan)
mtd: rawnand: qcom: Fix clock sequencing in qcom_nandc_probe() (Bryan O’Donoghue)
NFS: Do not report writeback errors in nfs_getattr() (Trond Myklebust)
NFS: LOOKUP_DIRECTORY is also ok with symlinks (Trond Myklebust)
block/wbt: fix negative inflight counter when remove scsi device (Laibin Qiu)
mtd: rawnand: gpmi: don’t leak PM reference in error path (Christian Eggers)
powerpc/lib/sstep: fix ‘ptesync’ build error (Anders Roxell)
ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_range() (Mark Brown)
ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw() (Mark Brown)
ALSA: hda: Fix missing codec probe on Shenker Dock 15 (Takashi Iwai)
ALSA: hda: Fix regression on forced probe mask option (Takashi Iwai)
libsubcmd: Fix use-after-free for realloc(…, 0) (Kees Cook)
bonding: fix data-races around agg_select_timer (Eric Dumazet)
drop_monitor: fix data-race in dropmon_net_event / trace_napi_poll_hit (Eric Dumazet)
bonding: force carrier update when releasing slave (Zhang Changzhong)
ping: fix the dif and sdif check in ping_lookup (Xin Long)
net: ieee802154: ca8210: Fix lifs/sifs periods (Miquel Raynal)
net: dsa: lan9303: fix reset on probe (Mans Rullgard)
netfilter: nft_synproxy: unregister hooks on init error path (Pablo Neira Ayuso)
iwlwifi: pcie: gen2: fix locking when ‘HW not ready’ (Johannes Berg)
iwlwifi: pcie: fix locking when ‘HW not ready’ (Johannes Berg)
mmc: block: fix read single on recovery logic (Christian Lohle)
vsock: remove vsock from connected table when connect is interrupted by a signal (Seth Forshee)
dmaengine: at_xdmac: Start transfer for cyclic channels in issue_pending (Tudor Ambarus)
taskstats: Cleanup the use of task->exit_code (Eric W. Biederman)
ext4: prevent partial update of the extent blocks (Zhang Yi)
ext4: check for inconsistent extents between index and leaf block (Zhang Yi)
ext4: check for out-of-order index extents in ext4_valid_extent_entries() (Zhang Yi)
drm/radeon: Fix backlight control on iMac 12,1 (Nicholas Bishop)
iwlwifi: fix use-after-free (Johannes Berg)
arm64: module/ftrace: intialize PLT at load time (Mark Rutland)
arm64: module: rework special section handling (Mark Rutland)
module/ftrace: handle patchable-function-entry (Mark Rutland)
ftrace: add ftrace_init_nop() (Mark Rutland)
Revert ‘module, async: async_synchronize_full() on module init iff async is used’ (Igor Pylypiv)
drm/amdgpu: fix logic inversion in check (Christian Konig)
nvme-rdma: fix possible use-after-free in transport error_recovery work (Sagi Grimberg)
nvme-tcp: fix possible use-after-free in transport error_recovery work (Sagi Grimberg)
nvme: fix a possible use-after-free in controller reset during load (Sagi Grimberg)
quota: make dquot_quota_sync return errors from ->sync_fs (Darrick J. Wong)
vfs: make freeze_super abort when sync_filesystem returns error (Darrick J. Wong)
ax25: improve the incomplete fix to avoid UAF and NPD bugs (Duoming Zhou)
selftests/zram: Adapt the situation that /dev/zram0 is being used (Yang Xu)
selftests/zram01.sh: Fix compression ratio calculation (Yang Xu)
selftests/zram: Skip max_comp_streams interface on newer kernel (Yang Xu)
net: ieee802154: at86rf230: Stop leaking skb’s (Miquel Raynal)
selftests: rtc: Increase test timeout so that all tests run (Nicolas F. R. A. Prado)
platform/x86: ISST: Fix possible circular locking dependency detected (Srinivas Pandruvada)
btrfs: send: in case of IO error log it (Davis Mosans)
parisc: Fix sglist access in ccio-dma.c (John David Anglin)
parisc: Fix data TLB miss in sba_unmap_sg (John David Anglin)
parisc: Drop __init from map_pages declaration (John David Anglin)
serial: parisc: GSC: fix build when IOSAPIC is not set (Randy Dunlap)
Revert ‘svm: Add warning message for AVIC IPI invalid target’ (Sean Christopherson)
HID:Add support for UGTABLET WP5540 (Sergio Costas)
Makefile.extrawarn: Move -Wunaligned-access to W=1 (Nathan Chancellor)
LTS tag: v5.4.180 (Sherry Yang)
ACPI: PM: s2idle: Cancel wakeup before dispatching EC GPE (Rafael J. Wysocki)
perf: Fix list corruption in perf_cgroup_switch() (Song Liu)
scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled (James Smart)
hwmon: (dell-smm) Speed up setting of fan speed (Armin Wolf)
seccomp: Invalidate seccomp mode to catch death failures (Kees Cook)
USB: serial: cp210x: add CPI Bulk Coin Recycler id (Johan Hovold)
USB: serial: cp210x: add NCR Retail IO box id (Johan Hovold)
USB: serial: ch341: add support for GW Instek USB2.0-Serial devices (Stephan Brunner)
USB: serial: option: add ZTE MF286D modem (Pawel Dembicki)
USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320 (Cameron Williams)
usb: gadget: f_uac2: Define specific wTerminalType (Pavel Hofman)
usb: gadget: rndis: check size of RNDIS_MSG_SET command (Greg Kroah-Hartman)
USB: gadget: validate interface OS descriptor requests (Szymon Heidrich)
usb: gadget: udc: renesas_usb3: Fix host to USB_ROLE_NONE transition (Adam Ford)
usb: dwc3: gadget: Prevent core from processing stale TRBs (Udipto Goswami)
usb: ulpi: Call of_node_put correctly (Sean Anderson)
usb: ulpi: Move of_node_put to ulpi_dev_release (Sean Anderson)
net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup (Jann Horn)
eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX (Jonas Malaco)
n_tty: wake up poll(POLLRDNORM) on receiving data (TATSUKAWA KOSUKE
vt_ioctl: add array_index_nospec to VT_ACTIVATE (Jakob Koschel)
vt_ioctl: fix array_index_nospec in vt_setactivate (Jakob Koschel)
net: amd-xgbe: disable interrupts during pci removal (Raju Rangoju)
tipc: rate limit warning for received illegal binding update (Jon Maloy)
net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE (Joel Stanley)
veth: fix races around rq->rx_notify_masked (Eric Dumazet)
net: fix a memleak when uncloning an skb dst and its metadata (Antoine Tenart)
net: do not keep the dst cache when uncloning an skb dst and its metadata (Antoine Tenart)
nfp: flower: fix ida_idx not being released (Louis Peens)

OSVersionArchitecturePackageVersionFilename
oracle linux7srckernel-uek-container< 5.4.17-2136.308.7.el7kernel-uek-container-5.4.17-2136.308.7.el7.src.rpm
oracle linux7x86_64kernel-uek-container< 5.4.17-2136.308.7.el7kernel-uek-container-5.4.17-2136.308.7.el7.x86_64.rpm
oracle linux7x86_64kernel-uek-container-debug< 5.4.17-2136.308.7.el7kernel-uek-container-debug-5.4.17-2136.308.7.el7.x86_64.rpm
oracle linux8srckernel-uek-container< 5.4.17-2136.308.7.el8kernel-uek-container-5.4.17-2136.308.7.el8.src.rpm
oracle linux8x86_64kernel-uek-container< 5.4.17-2136.308.7.el8kernel-uek-container-5.4.17-2136.308.7.el8.x86_64.rpm
oracle linux8x86_64kernel-uek-container-debug< 5.4.17-2136.308.7.el8kernel-uek-container-debug-5.4.17-2136.308.7.el8.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
oracle linux	7	src	kernel-uek-container	< 5.4.17-2136.308.7.el7	kernel-uek-container-5.4.17-2136.308.7.el7.src.rpm
oracle linux	7	x86_64	kernel-uek-container	< 5.4.17-2136.308.7.el7	kernel-uek-container-5.4.17-2136.308.7.el7.x86_64.rpm
oracle linux	7	x86_64	kernel-uek-container-debug	< 5.4.17-2136.308.7.el7	kernel-uek-container-debug-5.4.17-2136.308.7.el7.x86_64.rpm
oracle linux	8	src	kernel-uek-container	< 5.4.17-2136.308.7.el8	kernel-uek-container-5.4.17-2136.308.7.el8.src.rpm
oracle linux	8	x86_64	kernel-uek-container	< 5.4.17-2136.308.7.el8	kernel-uek-container-5.4.17-2136.308.7.el8.x86_64.rpm
oracle linux	8	x86_64	kernel-uek-container-debug	< 5.4.17-2136.308.7.el8	kernel-uek-container-debug-5.4.17-2136.308.7.el8.x86_64.rpm