Unbreakable Enterprise kernel-container security update

2022-11-1500:00:00

linux.oracle.com

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

JSON

[4.14.35-2047.519.2.1.el7]

xfs: trim IO to found COW extent limit (Eric Sandeen) [Orabug: 34765284]
xfs: don’t use delalloc extents for COW on files with extsize hints (Christoph Hellwig) [Orabug: 34765284]
[4.14.35-2047.519.2]
Revert ‘xfs: don’t use delalloc extents for COW on files with extsize hints’ (Saeed Mirzamohammadi) [Orabug: 34715947]
uapi: Fix linux/rds.h userspace compilation issues (Ka-Cheong Poon) [Orabug: 32392165] [Orabug: 34710962]
uapi: Fix linux/rds.h userspace compilation errors. (Vinson Lee) [Orabug: 34710962]
uapi: fix linux/rds.h userspace compilation error (Dmitry V. Levin) [Orabug: 34710962]
uapi: fix linux/rds.h userspace compilation errors (Dmitry V. Levin) [Orabug: 34710962]
EDAC: Drop duplicated array of strings for memory type names (Jane Chu) [Orabug: 34645040]
xfs: don’t ever put nlink > 0 inodes on the unlinked list (Darrick J. Wong) [Orabug: 34431355]
[4.14.35-2047.519.1]
uek: kabi: update kABI files for new symbol (Saeed Mirzamohammadi) [Orabug: 34595585]
EDAC/mce_amd: Do not load edac_mce_amd module on guests (Smita Koralahalli) [Orabug: 34484269]
[4.14.35-2047.519.0]
media: em28xx: initialize refcount before kref_get (Dongliang Mu) [Orabug: 34619521] {CVE-2022-3239}
net: vlan: Avoid using BUG() in vlan_proto_idx() (Florian Fainelli) [Orabug: 34625406]
net/rds: Send congestion map updates only via path zero (Anand Khoje) [Orabug: 34578052]
rds: cong: Make rds_cong_wait an array to reduce lock contention (Hakon Bugge) [Orabug: 34574094]
rds: cong: Make rs_cong_notify and rs_cong_mask atomic64_t (Hakon Bugge) [Orabug: 34574094]
scsi: tcmu: track nl commands (Mike Christie) [Orabug: 32011411]
scsi: tcmu: remove useless code and clean up the code style. (Xiubo Li) [Orabug: 32011411]
Linux 4.14.295 (Greg Kroah-Hartman)
ext4: make directory inode spreading reflect flexbg size (Jan Kara)
Drivers: hv: Never allocate anything besides framebuffer from framebuffer memory region (Vitaly Kuznetsov)
s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup (Stefan Haberland)
serial: tegra: Use uart_xmit_advance(), fixes icount.tx accounting (Ilpo Jarvinen)
serial: Create uart_xmit_advance() (Ilpo Jarvinen)
net: sunhme: Fix packet reception for len < RX_COPY_THRESHOLD (Sean Anderson)
perf kcore_copy: Do not check /proc/modules is unchanged (Adrian Hunter)
can: gs_usb: gs_can_open(): fix race dev->can.state condition (Marc Kleine-Budde)
netfilter: ebtables: fix memory leak when blob is malformed (Florian Westphal)
of: mdio: Add of_node_put() when breaking out of for_each_xx (Liang He)
MIPS: lantiq: export clk_get_io() for lantiq_wdt.ko (Randy Dunlap)
net: team: Unsync device addresses on ndo_stop (Benjamin Poirier)
ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header (Lu Wei)
iavf: Fix cached head and tail value for iavf_get_tx_pending (Brett Creeley)
netfilter: nf_conntrack_irc: Tighten matching on DCC message (David Leadbeater)
netfilter: nf_conntrack_sip: fix ct_sip_walk_headers (Igor Ryzhov)
arm64: dts: rockchip: Remove ‘enable-active-low’ from rk3399-puma (Fabio Estevam)
mm/slub: fix to return errno if kmalloc() fails (Chao Yu)
ALSA: hda: add Intel 5 Series / 3400 PCI DID (Kai Vehmanen)
ALSA: hda/tegra: set depop delay for tegra (Mohan Kumar)
USB: serial: option: add Quectel RM520N (jerry meng)
USB: serial: option: add Quectel BG95 0x0203 composition (Carl Yin())
USB: core: Fix RST error in hub.c (Alan Stern)
wifi: mac80211: Fix UAF in ieee80211_scan_rx() (Siddh Raman Pant)
ALSA: hda/sigmatel: Fix unused variable warning for beep power change (Takashi Iwai)
video: fbdev: pxa3xx-gcu: Fix integer overflow in pxa3xx_gcu_write (Hyunwoo Kim)
mksysmap: Fix the mismatch of ‘L0’ symbols in System.map (Youling Tang)
MIPS: OCTEON: irq: Fix octeon_irq_force_ciu_mapping() (Alexander Sverdlin)
net: usb: qmi_wwan: add Quectel RM520N (jerry.meng)
ALSA: hda/sigmatel: Keep power up while beep is enabled (Takashi Iwai)
regulator: pfuze100: Fix the global-out-of-bounds access in pfuze100_regulator_probe() (Xiaolei Wang)
ASoC: nau8824: Fix semaphore unbalance at error paths (Takashi Iwai)
cifs: don’t send down the destination address to sendmsg for a SOCK_STREAM (Stefan Metzmacher)
parisc: ccio-dma: Add missing iounmap in error path in ccio_probe() (Yang Yingliang)
drm/meson: Correct OSD1 global alpha value (Stuart Menefy)
gpio: mpc8xxx: Fix support for IRQ_TYPE_LEVEL_LOW flow_type in mpc85xx (Pali Rohar)
of: fdt: fix off-by-one error in unflatten_dt_nodes() (Sergey Shtylyov)
Linux 4.14.294 (Greg Kroah-Hartman)
tracefs: Only clobber mode/uid/gid on remount if asked (Brian Norris)
platform/x86: acer-wmi: Acer Aspire One AOD270/Packard Bell Dot keymap fixes (Hans de Goede)
ieee802154: cc2520: add rc code in cc2520_tx() (Li Qiong)
tg3: Disable tg3 device on system reboot to avoid triggering AER (Kai-Heng Feng)
HID: ishtp-hid-clientHID: ishtp-hid-client: Fix comment typo (Jason Wang)
drm/msm/rd: Fix FIFO-full deadlock (Rob Clark)
mm: Fix TLB flush for not-first PFNMAP mappings in unmap_region() (Jann Horn)
Linux 4.14.293 (Greg Kroah-Hartman)
SUNRPC: use _bh spinlocking on ->transport_lock (NeilBrown)
MIPS: loongson32: ls1c: Fix hang during startup (Yang Ling)
USB: serial: ch341: fix disabled rx timer on older devices (Johan Hovold)
USB: serial: ch341: fix lost character on LCR updates (Johan Hovold)
usb: dwc3: fix PHY disable sequence (Johan Hovold)
sch_sfb: Also store skb len before calling child enqueue (Toke Hoiland-Jorgensen)
tcp: fix early ETIMEDOUT after spurious non-SACK RTO (Neal Cardwell)
ipv6: sr: fix out-of-bounds read when setting HMAC data. (David Lebrun)
tipc: fix shift wrapping bug in map_get() (Dan Carpenter)
sch_sfb: Don’t assume the skb is still around after enqueueing to child (Toke Hoiland-Jorgensen)
netfilter: nf_conntrack_irc: Fix forged IP logic (David Leadbeater)
netfilter: br_netfilter: Drop dst references before setting. (Harsh Modi)
driver core: Don’t probe devices after bus_type.match() probe deferral (Isaac J. Manjarres)
scsi: mpt3sas: Fix use-after-free warning (Sreekanth Reddy)
kprobes: Prohibit probes in gate area (Christian A. Ehrhardt)
ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface() (Dongxiang Ke)
ALSA: aloop: Fix random zeros in capture data when using jiffies timer (Pattara Teerapong)
ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc() (Tasos Sahanidis)
fbdev: chipsfb: Add missing pci_disable_device() in chipsfb_pci_init() (Yang Yingliang)
parisc: Add runtime check to prevent PA2.0 kernels on PA1.x machines (Helge Deller)
parisc: ccio-dma: Handle kmalloc failure in ccio_init_resources() (Li Qiong)
drm/radeon: add a force flush to delay work when radeon (Zhenneng Li)
drm/amdgpu: Check num_gfx_rings for gfx v9_0 rb setup. (Candice Li)
Revert ‘mm: kmemleak: take a full lowmem check in kmemleak_*_phys()’ (Yee Lee)
fs: only do a memory barrier for the first set_buffer_uptodate() (Linus Torvalds)
wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in il4965_rs_fill_link_cmd() (Stanislaw Gruszka)
efi: capsule-loader: Fix use-after-free in efi_capsule_write (Hyunwoo Kim)
ALSA: seq: Fix data-race at module auto-loading (Takashi Iwai)
ALSA: seq: oss: Fix data-race for max_midi_devs access (Takashi Iwai)
net: mac802154: Fix a condition in the receive path (Miquel Raynal)
wifi: mac80211: Don’t finalize CSA in IBSS mode if state is disconnected (Siddh Raman Pant)
usb: gadget: mass_storage: Fix cdrom data transfers on MAC-OS (Krishna Kurapati)
USB: core: Prevent nested device-reset calls (Alan Stern)
s390: fix nospec table alignments (Josh Poimboeuf)
s390/hugetlb: fix prepare_hugepage_range() check for 2 GB hugepages (Gerald Schaefer)
usb-storage: Add ignore-residue quirk for NXP PN7462AU (Witold Lipieta)
USB: cdc-acm: Add Icom PMR F3400 support (0c26:0020) (Thierry GUIBERT)
usb: dwc2: fix wrong order of phy_power_on and phy_init (Heiner Kallweit)
USB: serial: option: add support for Cinterion MV32-WA/WB RmNet mode (Slark Xiao)
USB: serial: option: add Quectel EM060K modem (Yonglin Tan)
USB: serial: option: add support for OPPO R11 diag port (Yan Xinyu)
USB: serial: cp210x: add Decagon UCA device id (Johan Hovold)
xhci: Add grace period after xHC start to prevent premature runtime suspend. (Mathias Nyman)
thunderbolt: Use the actual buffer in tb_async_error() (Mika Westerberg)
hwmon: (gpio-fan) Fix array out of bounds access (Armin Wolf)
Input: rk805-pwrkey - fix module autoloading (Peter Robinson)
drm/i915/reg: Fix spelling mistake ‘Unsupport’ -> ‘Unsupported’ (Colin Ian King)
binder: fix UAF of ref->proc caused by race condition (Carlos Llamas)
USB: serial: ftdi_sio: add Omron CS1W-CIF31 device id (Niek Nooijens)
vt: Clear selection before changing the font (Helge Deller)
staging: rtl8712: fix use after free bugs (Dan Carpenter)
serial: fsl_lpuart: RS485 RTS polariy is inverse (Shenwei Wang)
kcm: fix strp_init() order and cleanup (Cong Wang)
ethernet: rocker: fix sleep in atomic context bug in neigh_timer_handler (Duoming Zhou)
wifi: cfg80211: debugfs: fix return type in ht40allow_map_read() (Dan Carpenter)
platform/x86: pmc_atom: Fix SLP_TYPx bitfield mask (Andy Shevchenko)
drm/msm/dsi: Fix number of regulators for msm8996_dsi_cfg (Douglas Anderson)
bpf: Fix the off-by-two error in range markings (Maxim Mikityanskiy)
selftests/bpf: Fix test_align verifier log patterns (Stanislav Fomichev)
bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() (John Fastabend)
Linux 4.14.292 (Greg Kroah-Hartman)
net: neigh: don’t call kfree_skb() under spin_lock_irqsave() (Yang Yingliang)
kprobes: don’t call disarm_kprobe() for disabled kprobes (Kuniyuki Iwashima)
netfilter: conntrack: NF_CONNTRACK_PROCFS should no longer default to y (Geert Uytterhoeven)
s390/hypfs: avoid error message under KVM (Juergen Gross)
neigh: fix possible DoS due to net iface start/stop loop (Denis V. Lunev)
mm/rmap: Fix anon_vma->degree ambiguity leading to double-reuse (Jann Horn)
ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead (Yang Jihong)
fbdev: fb_pm2fb: Avoid potential divide by zero error (Letu Ren)
HID: hidraw: fix memory leak in hidraw_release() (Karthik Alapati)
media: pvrusb2: fix memory leak in pvr_probe (Dongliang Mu)
Bluetooth: L2CAP: Fix build errors in some archs (Luiz Augusto von Dentz)
kbuild: Fix include path in scripts/Makefile.modpost (Jing Leng)
x86/bugs: Add ‘unknown’ reporting for MMIO Stale Data (Pawan Gupta)
x86/cpu: Add Tiger Lake to Intel family (Gayatri Kammela)
s390/mm: do not trigger write fault when vma does not allow VM_WRITE (Gerald Schaefer)
arm64: map FDT as RW for early_init_dt_scan() (Hsin-Yi Wang)
mm: Force TLB flush for PFNMAP mappings before unlink_file_vma() (Jann Horn)
md: call __md_stop_writes in md_stop (Guoqing Jiang)
mm/hugetlb: fix hugetlb not supporting softdirty tracking (David Hildenbrand)
asm-generic: sections: refactor memory_intersects (Quanyang Wang)
loop: Check for overflow while configuring loop (Siddh Raman Pant)
btrfs: check if root is readonly while setting security xattr (Goldwyn Rodrigues)
ixgbe: stop resetting SYSTIME in ixgbe_ptp_start_cyclecounter (Jacob Keller)
net: Fix a data-race around sysctl_somaxconn. (Kuniyuki Iwashima)
net: Fix a data-race around netdev_budget_usecs. (Kuniyuki Iwashima)
net: Fix a data-race around netdev_budget. (Kuniyuki Iwashima)
net: Fix a data-race around sysctl_net_busy_read. (Kuniyuki Iwashima)
net: Fix a data-race around sysctl_net_busy_poll. (Kuniyuki Iwashima)
net: Fix a data-race around sysctl_tstamp_allow_data. (Kuniyuki Iwashima)
ratelimit: Fix data-races in ___ratelimit(). (Kuniyuki Iwashima)
net: Fix data-races around weight_p and dev_weight_[rt]x_bias. (Kuniyuki Iwashima)
netfilter: nft_payload: do not truncate csum_offset and csum_type (Pablo Neira Ayuso)
netfilter: nft_payload: report ERANGE for too long offset and length (Pablo Neira Ayuso)
net: ipvtap - add __init/__exit annotations to module init/exit funcs (Maciej zenczykowski)
bonding: 802.3ad: fix no transmission of LACPDUs (Jonathan Toppins)
rose: check NULL rose_loopback_neigh->loopback (Bernard Pidoux)
xfrm: fix refcount leak in __xfrm_policy_check() (Xin Xiong)
pinctrl: amd: Don’t save/restore interrupt status and wake status bits (Basavaraj Natikar)
parisc: Fix exception handler for fldw and fstw instructions (Helge Deller)
audit: fix potential double free on error path from fsnotify_add_inode_mark (Gaosheng Cui)
Linux 4.14.291 (Greg Kroah-Hartman)
MIPS: tlbex: Explicitly compare _PAGE_NO_EXEC against 0 (Nathan Chancellor)
video: fbdev: i740fb: Check the argument of i740_calc_vclk() (Zheyu Ma)
powerpc/64: Init jump labels before parse_early_param() (Zhouyi Zhou)
smb3: check xattr value length earlier (Steve French)
ALSA: timer: Use deferred fasync helper (Takashi Iwai)
ALSA: core: Add async signal helpers (Takashi Iwai)
mips: cavium-octeon: Fix missing of_node_put() in octeon2_usb_clocks_start (Liang He)
vfio: Clear the caps->buf to NULL after free (Schspa Shi)
tty: serial: Fix refcount leak bug in ucc_uart.c (Liang He)
ext4: avoid resizing to a partial cluster size (Kiselev, Oleg)
ext4: avoid remove directory when directory is corrupted (Ye Bin)
drivers:md:fix a potential use-after-free bug (Wentao_Liang)
cxl: Fix a memory leak in an error handling path (Christophe JAILLET)
gadgetfs: ep_io - wait until IRQ finishes (Jozef Martiniak)
clk: qcom: ipq8074: dont disable gcc_sleep_clk_src (Robert Marko)
usb: host: ohci-ppc-of: Fix refcount leak bug (Liang He)
irqchip/tegra: Fix overflow implicit truncation warnings (Sai Prakash Ranjan)
PCI: Add ACS quirk for Broadcom BCM5750x NICs (Pavan Chebbi)
drm/meson: Fix refcount bugs in meson_vpu_has_available_connectors() (Liang He)
btrfs: raid56: don’t trust any cached sector in __raid56_parity_recover() (Qu Wenruo)
btrfs: only write the sectors in the vertical stripe which has data stripes (Qu Wenruo)
kbuild: clear LDFLAGS in the top Makefile (Masahiro Yamada)
igb: Add lock to avoid data race (Lin Ma)
fec: Fix timer capture timing in fec_ptp_enable_pps() (Csokas Bence)
i40e: Fix to stop tx_timeout recovery if GLOBR fails (Alan Brady)
powerpc/pci: Fix get_phb_number() locking (Michael Ellerman)
netfilter: nf_tables: really skip inactive sets when allocating name (Pablo Neira Ayuso)
nios2: add force_successful_syscall_return() (Al Viro)
nios2: restarts apply only to the first sigframe we build… (Al Viro)
nios2: fix syscall restart checks (Al Viro)
nios2: traced syscall does need to check the syscall number (Al Viro)
nios2: don’t leave NULLs in sys_call_table[] (Al Viro)
nios2: page fault et.al. are not restartable syscalls… (Al Viro)
atm: idt77252: fix use-after-free bugs caused by tst_timer (Duoming Zhou)
xen/xenbus: fix return type in xenbus_file_read() (Dan Carpenter)
tools build: Switch to new openssl API for test-libcrypto (Roberto Sassu)
vsock: Set socket state back to SS_UNCONNECTED in vsock_connect_timeout() (Peilin Ye)
vsock: Fix memory leak in vsock_connect() (Peilin Ye)
geneve: do not use RT_TOS for IPv6 flowlabel (Matthias May)
ACPI: property: Return type of acpi_add_nondev_subnodes() should be bool (Sakari Ailus)
pinctrl: qcom: msm8916: Allow CAMSS GP clocks to be muxed (Nikita Travkin)
pinctrl: nomadik: Fix refcount leak in nmk_pinctrl_dt_subnode_to_map (Miaoqian Lin)
SUNRPC: Reinitialise the backchannel request buffers before reuse (Trond Myklebust)
NFSv4.1: RECLAIM_COMPLETE must handle EACCES (Zhang Xianwei)
apparmor: fix reference count leak in aa_pivotroot() (Xin Xiong)
apparmor: fix aa_label_asxprint return check (Tom Rix)
apparmor: Fix failed mount permission check error message (John Johansen)
apparmor: fix quiet_denied for file rules (John Johansen)
can: ems_usb: fix clang’s -Wunaligned-access warning (Marc Kleine-Budde)
btrfs: fix lost error handling when looking up extended ref on log replay (Filipe Manana)
ata: libata-eh: Add missing command name (Damien Le Moal)
ALSA: info: Fix llseek return value when using callback (Amadeusz Siawinski)
powerpc/ptdump: Fix display of RW pages on FSL_BOOK3E (Christophe Leroy)
net_sched: cls_route: disallow handle of 0 (Jamal Hadi Salim)
net/9p: Initialize the iounit field during fid creation (Tyler Hicks)
Bluetooth: L2CAP: Fix l2cap_global_chan_by_psm regression (Luiz Augusto von Dentz)
Revert ‘net: usb: ax88179_178a needs FLAG_SEND_ZLP’ (Jose Alonso)
scsi: sg: Allow waiting for commands to complete on removed device (Tony Battersby)
tcp: fix over estimation in sk_forced_mem_schedule() (Eric Dumazet)
btrfs: reject log replay if there is unsupported RO compat flag (Qu Wenruo)
dm raid: fix address sanitizer warning in raid_status (Mikulas Patocka)
dm raid: fix address sanitizer warning in raid_resume (Mikulas Patocka)
intel_th: pci: Add Meteor Lake-P support (Alexander Shishkin)
intel_th: pci: Add Raptor Lake-S PCH support (Alexander Shishkin)
intel_th: pci: Add Raptor Lake-S CPU support (Alexander Shishkin)
ext4: correct the misjudgment in ext4_iget_extra_inode (Baokun Li)
ext4: correct max_inline_xattr_value_size computing (Baokun Li)
ext4: fix extent status tree race in writeback error recovery path (Eric Whitney)
ext4: update s_overhead_clusters in the superblock during an on-line resize (Theodore Ts’o)
ext4: fix use-after-free in ext4_xattr_set_entry (Baokun Li)
ext4: make sure ext4_append() always allocates new block (Lukas Czerner)
ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h (Baokun Li)
spmi: trace: fix stack-out-of-bound access in SPMI tracing functions (David Collins)
x86/olpc: fix ‘logical not is only applied to the left hand side’ (Alexander Lobakin)
scsi: zfcp: Fix missing auto port scan and thus missing target ports (Steffen Maier)
video: fbdev: s3fb: Check the size of screen before memset_io() (Zheyu Ma)
video: fbdev: arkfb: Check the size of screen before memset_io() (Zheyu Ma)
video: fbdev: vt8623fb: Check the size of screen before memset_io() (Zheyu Ma)
tools/thermal: Fix possible path truncations (Florian Fainelli)
video: fbdev: arkfb: Fix a divide-by-zero bug in ark_set_pixclock() (Zheyu Ma)
x86/numa: Use cpumask_available instead of hardcoded NULL check (Siddh Raman Pant)
genelf: Use HAVE_LIBCRYPTO_SUPPORT, not the never defined HAVE_LIBCRYPTO (Arnaldo Carvalho de Melo)
powerpc/pci: Fix PHB numbering when using opal-phbid (Michael Ellerman)
kprobes: Forbid probing on trampoline and BPF code areas (Chen Zhongjin)
powerpc/cell/axon_msi: Fix refcount leak in setup_msi_msg_address (Miaoqian Lin)
powerpc/xive: Fix refcount leak in xive_get_max_prio (Miaoqian Lin)
powerpc/spufs: Fix refcount leak in spufs_init_isolated_loader (Miaoqian Lin)
powerpc/pci: Prefer PCI domain assignment via DT ‘linux,pci-domain’ and alias (Pali Rohar)
video: fbdev: sis: fix typos in SiS_GetModeID() (Rustam Subkhankulov)
video: fbdev: amba-clcd: Fix refcount leak bugs (Liang He)
s390/zcore: fix race when reading from hardware system area (Alexander Gordeev)
iommu/arm-smmu: qcom_iommu: Add of_node_put() when breaking out of loop (Liang He)
mfd: t7l66xb: Drop platform disable callback (Uwe Kleine-Konig)
kfifo: fix kfifo_to_user() return type (Dan Carpenter)
iommu/exynos: Handle failed IOMMU device registration properly (Sam Protsenko)
tty: n_gsm: fix DM command (Daniel Starke)
tty: n_gsm: fix wrong T1 retry count handling (Daniel Starke)
vfio/ccw: Do not change FSM state in subchannel event (Eric Farman)
remoteproc: qcom: wcnss: Fix handling of IRQs (Sireesh Kodali)
tty: n_gsm: fix race condition in gsmld_write() (Daniel Starke)
tty: n_gsm: fix packet re-transmission without open control channel (Daniel Starke)
tty: n_gsm: fix non flow control frames during mux flow off (Daniel Starke)
profiling: fix shift too large makes kernel panic (Chen Zhongjin)
ASoC: mediatek: mt8173-rt5650: Fix refcount leak in mt8173_rt5650_dev_probe (Miaoqian Lin)
ASoC: codecs: da7210: add check for i2c_add_driver (Jiasheng Jiang)
ASoC: mediatek: mt8173: Fix refcount leak in mt8173_rt5650_rt5676_dev_probe (Miaoqian Lin)
jbd2: fix assertion ‘jh->b_frozen_data == NULL’ failure when journal aborted (Zhihao Cheng)
ext4: recover csum seed of tmp_inode after migrating to extents (Li Lingfeng)
RDMA/rxe: Fix error unwind in rxe_create_qp() (Zhu Yanjun)
mm/mmap.c: fix missing call to vm_unacct_memory in mmap_region (Miaohe Lin)
platform/olpc: Fix uninitialized data in debugfs write (Dan Carpenter)
USB: serial: fix tty-port initialized comments (Johan Hovold)
mmc: cavium-thunderx: Add of_node_put() when breaking out of loop (Liang He)
mmc: cavium-octeon: Add of_node_put() when breaking out of loop (Liang He)
gpio: gpiolib-of: Fix refcount bugs in of_mm_gpiochip_add_data() (Liang He)
RDMA/hfi1: fix potential memory leak in setup_base_ctxt() (Jianglei Nie)
usb: gadget: udc: amd5536 depends on HAS_DMA (Randy Dunlap)
scsi: smartpqi: Fix DMA direction for RAID requests (Mahesh Rajashekhara)
mmc: sdhci-of-at91: fix set_uhs_signaling rewriting of MC1R (Eugen Hristev)
memstick/ms_block: Fix a memory leak (Christophe JAILLET)
memstick/ms_block: Fix some incorrect memory allocation (Christophe JAILLET)
mmc: sdhci-of-esdhc: Fix refcount leak in esdhc_signal_voltage_switch (Miaoqian Lin)
misc: rtsx: Fix an error handling path in rtsx_pci_probe() (Christophe JAILLET)
usb: ohci-nxp: Fix refcount leak in ohci_hcd_nxp_probe (Miaoqian Lin)
usb: host: Fix refcount leak in ehci_hcd_ppc_of_probe (Miaoqian Lin)
fpga: altera-pr-ip: fix unsigned comparison with less than zero (Marco Pagani)
mtd: st_spi_fsm: Add a clk_disable_unprepare() in .probe()'s error path (Uwe Kleine-Konig)
mtd: sm_ftl: Fix deadlock caused by cancel_work_sync in sm_release (Duoming Zhou)
mtd: maps: Fix refcount leak in ap_flash_init (Miaoqian Lin)
mtd: maps: Fix refcount leak in of_flash_probe_versatile (Miaoqian Lin)
dccp: put dccp_qpolicy_full() and dccp_qpolicy_push() in the same lock (Hangyu Hua)
net: rose: fix netdev reference changes (Eric Dumazet)
wifi: libertas: Fix possible refcount leak in if_usb_probe() (Hangyu Hua)
wifi: wil6210: debugfs: fix uninitialized variable use in wil_write_file_wmi() (Ammar Faizi)
i2c: mux-gpmux: Add of_node_put() when breaking out of loop (Liang He)
i2c: cadence: Support PEC for SMBus block read (Lars-Peter Clausen)
Bluetooth: hci_intel: Add check for platform_driver_register (Jiasheng Jiang)
can: pch_can: pch_can_error(): initialize errc before using it (Vincent Mailhol)
can: error: specify the values of data[5…7] of CAN error frames (Vincent Mailhol)
can: usb_8dev: do not report txerr and rxerr during bus-off (Vincent Mailhol)
can: sun4i_can: do not report txerr and rxerr during bus-off (Vincent Mailhol)
can: hi311x: do not report txerr and rxerr during bus-off (Vincent Mailhol)
can: sja1000: do not report txerr and rxerr during bus-off (Vincent Mailhol)
can: rcar_can: do not report txerr and rxerr during bus-off (Vincent Mailhol)
can: pch_can: do not report txerr and rxerr during bus-off (Vincent Mailhol)
wifi: p54: add missing parentheses in p54_flush() (Rustam Subkhankulov)
wifi: p54: Fix an error handling path in p54spi_probe() (Christophe JAILLET)
wifi: wil6210: debugfs: fix info leak in wil_write_file_wmi() (Dan Carpenter)
fs: check FMODE_LSEEK to control internal pipe splicing (Jason A. Donenfeld)
selftests: timers: clocksource-switch: fix passing errors from child (Wolfram Sang)
selftests: timers: valid-adjtimex: build fix for newer toolchains (Wolfram Sang)
tcp: make retransmitted SKB fit into the send window (Yonglong Li)
media: platform: mtk-mdp: Fix mdp_ipi_comm structure alignment (AngeloGioacchino Del Regno)
drm: bridge: sii8620: fix possible off-by-one (Hangyu Hua)
drm/mediatek: dpi: Remove output format of YUV (Bo-Chen Chen)
drm/rockchip: vop: Don’t crash for invalid duplicate_state() (Brian Norris)
drm/vc4: dsi: Correct DSI divider calculations (Dave Stevenson)
media: hdpvr: fix error value returns in hdpvr_read (Niels Dossche)
drm: bridge: adv7511: Add check for mipi_dsi_driver_register (Jiasheng Jiang)
wifi: iwlegacy: 4965: fix potential off-by-one overflow in il4965_rs_fill_link_cmd() (Alexey Kodanev)
ath9k: fix use-after-free in ath9k_hif_usb_rx_cb (Pavel Skripkin)
i2c: Fix a potential use after free (Xu Wang)
drm/mediatek: Add pull-down MIPI operation in mtk_dsi_poweroff function (Xinlei Lee)
drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers() (Alexey Kodanev)
dm: return early from dm_pr_call() if DM device is suspended (Mike Snitzer)
thermal/tools/tmon: Include pthread and time headers in tmon.h (Markus Mayer)
regulator: of: Fix refcount leak bug in of_get_regulation_constraints() (Liang He)
arm64: dts: qcom: msm8916: Fix typo in pronto remoteproc node (Sireesh Kodali)
ARM: dts: qcom: pm8841: add required thermal-sensor-cells (Krzysztof Kozlowski)
cpufreq: zynq: Fix refcount leak in zynq_get_revision (Miaoqian Lin)
soc: fsl: guts: machine variable might be unset (Michael Walle)
ARM: dts: ast2500-evb: fix board compatible (Krzysztof Kozlowski)
x86/pmem: Fix platform-device leak in error path (Johan Hovold)
ARM: bcm: Fix refcount leak in bcm_kona_smc_init (Miaoqian Lin)
ARM: findbit: fix overflowing offset (Russell King (Oracle))
selinux: Add boundary check in put_entry() (Xiu Jianfeng)
PM: hibernate: defer device probing when resuming from hibernation (Tetsuo Handa)
ACPI: LPSS: Fix missing check in register_device_clock() (huhai)
ACPI: PM: save NVS memory for Lenovo G40-45 (Manyi Li)
ARM: OMAP2+: display: Fix refcount leak bug (Liang He)
ARM: dts: imx6ul: fix qspi node compatible (Alexander Stein)
ARM: dts: imx6ul: add missing properties for sram (Alexander Stein)
ext2: Add more validity checks for inode counts (Jan Kara)
arm64: fix oops in concurrently setting insn_emulation sysctls (haibinzhang ()
arm64: Do not forget syscall when starting a new thread. (Francis Laniel)
netfilter: nf_tables: fix null deref due to zeroed list head (Florian Westphal)
USB: HCD: Fix URB giveback issue in tasklet function (Weitao Wang)
MIPS: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK (Huacai Chen)
powerpc/powernv: Avoid crashing if rng is NULL (Michael Ellerman)
powerpc/fsl-pci: Fix Class Code of PCIe Root Port (Pali Rohar)
PCI: Add defines for normal and subtractive PCI bridges (Pali Rohar)
ia64, processor: fix -Wincompatible-pointer-types in ia64_get_irr() (Alexander Lobakin)
md-raid10: fix KASAN warning (Mikulas Patocka)
fuse: limit nsec (Miklos Szeredi)
iio: light: isl29028: Fix the warning in isl29028_remove() (Zheyu Ma)
drm/amdgpu: Check BO’s requested pinning domains against its preferred_domains (Leo Li)
drm/nouveau: fix another off-by-one in nvbios_addr (Timur Tabi)
parisc: Fix device names in /proc/iomem (Helge Deller)
usbnet: Fix linkwatch use-after-free on disconnect (Lukas Wunner)
fs: Add missing umask strip in vfs_tmpfile (Yang Xu)
vfs: Check the truncate maximum size in inode_newsize_ok() (David Howells)
ALSA: hda/cirrus - support for iMac 12,1 model (Allen Ballway)
ALSA: hda/conexant: Add quirk for LENOVO 20149 Notebook model (Meng Tang)
KVM: x86: Set error code to segment selector on LLDT/LTR non-canonical #GP (Sean Christopherson)
KVM: x86: Mark TSS busy during LTR emulation after all fault checks (Sean Christopherson)
KVM: SVM: Don’t BUG if userspace injects an interrupt with GIF=0 (Maciej S. Szmigiero)
HID: wacom: Don’t register pad_input for touch switch (Ping Cheng)
add barriers to buffer_uptodate and set_buffer_uptodate (Mikulas Patocka)
ALSA: bcd2000: Fix a UAF bug on the error path of probing (Zheyu Ma)
x86: link vdso and boot with -z noexecstack --no-warn-rwx-segments (Nick Desaulniers)
Makefile: link with -z noexecstack --no-warn-rwx-segments (Nick Desaulniers)
macintosh/adb: fix oob read in do_adb_query() function (Ning Qiang)
ACPI: video: Shortening quirk list by identifying Clevo by board_name only (Werner Sembach)
ACPI: video: Force backlight native for some TongFang devices (Werner Sembach)
mt7601u: add USB device ID for some versions of XiaoDu WiFi Dongle. (Wei Mingzhi)
ARM: crypto: comment out gcc warning that breaks clang builds (Greg Kroah-Hartman)
netfilter: nf_queue: do not allow packet truncation below transport header offset (Florian Westphal)
net: sungem_phy: Add of_node_put() for reference returned by of_get_parent() (Liang He)
net: ping6: Fix memleak in ipv6_renew_options(). (Kuniyuki Iwashima)
scsi: ufs: host: Hold reference returned by of_parse_phandle() (Liang He)
s390/archrandom: prevent CPACF trng invocations in interrupt context (Harald Freudenberger)
ntfs: fix use-after-free in ntfs_ucsncmp() (ChenXiaoSong)
Bluetooth: L2CAP: Fix use-after-free caused by l2cap_chan_put (Luiz Augusto von Dentz)

OSVersionArchitecturePackageVersionFilename
oracle linux7srckernel-uek-container< 4.14.35-2047.519.2.1.el7kernel-uek-container-4.14.35-2047.519.2.1.el7.src.rpm
oracle linux7x86_64kernel-uek-container< 4.14.35-2047.519.2.1.el7kernel-uek-container-4.14.35-2047.519.2.1.el7.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
oracle linux	7	src	kernel-uek-container	< 4.14.35-2047.519.2.1.el7	kernel-uek-container-4.14.35-2047.519.2.1.el7.src.rpm
oracle linux	7	x86_64	kernel-uek-container	< 4.14.35-2047.519.2.1.el7	kernel-uek-container-4.14.35-2047.519.2.1.el7.x86_64.rpm