Unbreakable Enterprise kernel security update

[4.14.35-2047.530.5.1]

• Revert ‘rtnetlink: Reject negative ifindexes in RTM_NEWLINK’ (Saeed Mirzamohammadi) [Orabug: 35896831]
  [4.14.35-2047.530.5]
• netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c (Kyle Zeng) [Orabug: 35824288] {CVE-2023-42753}
• netfilter: xt_u32: validate user space input (Wander Lairson Costa)
• netfilter: xt_sctp: validate the flag_info count (Wander Lairson Costa)
  [4.14.35-2047.530.4]
• rds: Fix lack of reentrancy for connection reset with dst addr zero (Hakon Bugge) [Orabug: 35819110] {CVE-2023-22024}
• kernfs: fix missing kernfs_iattr_rwsem locking (Ian Kent) [Orabug: 35796772]
• uek-rpm: Removing pre scriptlet to not allow firmware downgrade (Samasth Norway Ananda) [Orabug: 35756463]
• scsi: megaraid_sas: Fix deadlock on firmware crashdump (Junxiao Bi) [Orabug: 35702793]
  [4.14.35-2047.530.3]
• Add the new PCI Device IDs to support new generation of AMD 19h processors. (Partha Sarathi Satapathy) [Orabug: 35773822]
• hwmon: (k10temp) Add support for AMD Family 19h Models 10h-1Fh and A0h-AFh (Babu Moger) [Orabug: 35773822]
  [4.14.35-2047.530.2]
• LTS version: v4.14.325 (Saeed Mirzamohammadi)
• Revert ‘ARM: ep93xx: fix missing-prototype warnings’ (Greg Kroah-Hartman)
• Revert ‘MIPS: Alchemy: fix dbdma2’ (Greg Kroah-Hartman)
• LTS version: v4.14.324 (Saeed Mirzamohammadi)
• dma-buf/sw_sync: Avoid recursive lock during fence signal (Rob Clark)
• scsi: core: raid_class: Remove raid_component_add() (Zhu Wang)
• scsi: snic: Fix double free in snic_tgt_create() (Zhu Wang)
• rtnetlink: Reject negative ifindexes in RTM_NEWLINK (Ido Schimmel)
• x86/fpu: Set X86_FEATURE_OSXSAVE feature after enabling OSXSAVE in CR4 (Feng Tang)
• media: vcodec: Fix potential array out-of-bounds in encoder queue_setup (Wei Chen)
• lib/clz_ctz.c: Fix __clzdi2() and __ctzdi2() for 32-bit kernels (Helge Deller)
• batman-adv: Fix batadv_v_ogm_aggr_send memory leak (Remi Pommarel)
• batman-adv: Fix TT global entry leak when client roamed back (Remi Pommarel)
• batman-adv: Do not get eth header before batadv_check_management_packet (Remi Pommarel)
• batman-adv: Trigger events for auto adjusted MTU (Sven Eckelmann)
• ibmveth: Use dcbf rather than dcbfl (Michael Ellerman)
• ipvs: fix racy memcpy in proc_do_sync_threshold (Sishuai Gong)
• ipvs: Improve robustness to the ipvs sysctl (Junwei Hu)
• igb: Avoid starting unnecessary workqueues (Alessio Igor Bogani)
• sock: annotate data-races around prot->memory_pressure (Eric Dumazet)
• tracing: Fix memleak due to race between current_tracer and trace (Zheng Yejian)
• net: phy: broadcom: stub c45 read/write for 54810 (Justin Chen)
• net: xfrm: Amend XFRMA_SEC_CTX nla_policy structure (Lin Ma)
• net: fix the RTO timer retransmitting skb every 1ms if linear option is enabled (Jason Xing)
• af_unix: Fix null-ptr-deref in unix_stream_sendpage(). (Kuniyuki Iwashima)
• ASoC: rt5665: add missed regulator_bulk_disable (Zhang Shurong)
• netfilter: set default timeout to 3 secs for sctp shutdown send and recv state (Xin Long)
• test_firmware: prevent race conditions by a correct implementation of locking (Mirsad Goran Todorovac)
• binder: fix memory leak in binder_init() (Qi Zheng)
• serial: 8250: Fix oops for port->pm on uart_change_pm() (Tony Lindgren)
• mmc: wbsd: fix double mmc_free_host() in wbsd_init() (Yang Yingliang)
• cifs: Release folio lock on fscache read hit. (Russell Harmon via samba-technical)
• ALSA: usb-audio: Add support for Mythware XA001AU capture and playback interfaces. (dengxiang)
• net: do not allow gso_size to be set to GSO_BY_FRAGS (Eric Dumazet)
• sock: Fix misuse of sk_under_memory_pressure() (Abel Wu)
• i40e: fix misleading debug logs (Andrii Staikov)
• team: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves (Ziyang Xuan)
• netfilter: nft_dynset: disallow object maps (Pablo Neira Ayuso)
• xfrm: add NULL check in xfrm_update_ae_params (Lin Ma)
• ip_vti: fix potential slab-use-after-free in decode_session6 (Zhengchao Shao)
• ip6_vti: fix slab-use-after-free in decode_session6 (Zhengchao Shao)
• net: af_key: fix sadb_x_filter validation (Lin Ma)
• net: xfrm: Fix xfrm_address_filter OOB read (Lin Ma)
• fbdev: mmp: fix value check in mmphw_probe() (Yuanjun Gong)
• drm/amdgpu: Fix potential fence use-after-free v2 (shanzhulig)
• Bluetooth: L2CAP: Fix use-after-free (Zhengping Jiang)
• pcmcia: rsrc_nonstatic: Fix memory leak in nonstatic_release_resource_db() (Armin Wolf)
• gfs2: Fix possible data races in gfs2_show_options() (Tuo Li)
• media: platform: mediatek: vpu: fix NULL ptr dereference (Hans Verkuil)
• media: v4l2-mem2mem: add lock to protect parameter num_rdy (Yunfei Dong)
• FS: JFS: Check for read-only mounted filesystem in txBegin (Immad Mir)
• FS: JFS: Fix null-ptr-deref Read in txBegin (Immad Mir)
• MIPS: dec: prom: Address -Warray-bounds warning (Gustavo A. R. Silva)
• fs: jfs: Fix UBSAN: array-index-out-of-bounds in dbAllocDmapLev (Yogesh)
• udf: Fix uninitialized array access for some pathnames (Jan Kara)
• quota: fix warning in dqgrab() (Ye Bin)
• quota: Properly disable quotas when add_dquot_ref() fails (Jan Kara)
• ALSA: emu10k1: roll up loops in DSP setup code for Audigy (Oswald Buddenhagen)
• drm/radeon: Fix integer overflow in radeon_cs_parser_init (hackyzh002)
• lib/mpi: Eliminate unused umul_ppmm definitions for MIPS (Nathan Chancellor)
• LTS version: v4.14.323 (Saeed Mirzamohammadi)
• alpha: remove __init annotation from exported page_is_ram() (Masahiro Yamada)
• scsi: core: Fix possible memory leak if device_add() fails (Zhu Wang)
• scsi: snic: Fix possible memory leak if device_add() fails (Zhu Wang)
• scsi: 53c700: Check that command slot is not NULL (Alexandra Diupina)
• scsi: storvsc: Fix handling of virtual Fibre Channel timeouts (Michael Kelley)
• scsi: core: Fix legacy /proc parsing buffer overflow (Tony Battersby)
• netfilter: nf_tables: report use refcount overflow (Pablo Neira Ayuso)
• btrfs: don’t stop integrity writeback too early (Christoph Hellwig)
• IB/hfi1: Fix possible panic during hotplug remove (Douglas Miller)
• drivers: net: prevent tun_build_skb() to exceed the packet size limit (Andrew Kanner)
• dccp: fix data-race around dp->dccps_mss_cache (Eric Dumazet)
• bonding: Fix incorrect deletion of ETH_P_8021AD protocol vid from slaves (Ziyang Xuan)
• net/packet: annotate data-races around tp->status (Eric Dumazet)
• drm/nouveau/disp: Revert a NULL check inside nouveau_connector_get_modes (Karol Herbst)
• x86/mm: Fix VDSO and VVAR placement on 5-level paging machines (Kirill A. Shutemov)
• usb: dwc3: Properly handle processing of pending events (Elson Roy Serrao)
• usb-storage: alauda: Fix uninit-value in alauda_check_media() (Alan Stern)
• iio: cros_ec: Fix the allocation size for cros_ec_command (Yiyuan Guo)
• test_firmware: return ENOMEM instead of ENOSPC on failed memory allocation (Mirsad Goran Todorovac)
• nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput (Ryusuke Konishi)
• radix tree test suite: fix incorrect allocation size for pthreads (Colin Ian King)
• dmaengine: pl330: Return DMA_PAUSED when transaction is paused (Ilpo Jarvinen)
• ipv6: adjust ndisc_is_useropt() to also return true for PIO (Maciej Zenczykowski)
• mmc: moxart: read scr register without changing byte order (Sergei Antonov)
• sparc: fix up arch_cpu_finalize_init() build breakage. (Greg Kroah-Hartman)
  [4.14.35-2047.530.1]
• rds: Remove gratuitous include of time.h from rds.h (Mark Haywood) [Orabug: 35742762]
• smp: Reduce NMI traffic from CSD waiters to CSD destination (Imran Khan) [Orabug: 35236407]
• smp: Reduce logging due to dump_stack of CSD waiters (Imran Khan) [Orabug: 35236407]