Description
kernel is vulnerable to denial of service. The vulnerability exists in `route4_change` in the `net/sched/cls_route.c` filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem.
Affected Software
Related
{"id": "VERACODE:37434", "vendorId": null, "type": "veracode", "bulletinFamily": "software", "title": "Denial Of Service (DoS)", "description": "kernel is vulnerable to denial of service. The vulnerability exists in `route4_change` in the `net/sched/cls_route.c` filter implementation in the Linux kernel. This flaw allows a local user to crash the system and possibly lead to a local privilege escalation problem.\n", "published": "2022-10-07T05:17:07", "modified": "2022-10-07T13:32:24", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-37434/summary", "reporter": "Veracode Vulnerability Database", "references": [], "cvelist": ["CVE-2022-2588"], "immutableFields": [], "lastseen": "2022-10-24T12:36:44", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS-2022-1636", "ALAS2-2022-1838", "ALAS2-2022-1852"]}, {"type": "debian", "idList": ["DEBIAN:DLA-3102-1:8DD52", "DEBIAN:DLA-3131-1:083C4", "DEBIAN:DSA-5207-1:0D465"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2022-2588"]}, {"type": "f5", "idList": ["F5:K32615023"]}, {"type": "fedora", "idList": ["FEDORA:791D3304C27B", "FEDORA:A4846305797B"]}, {"type": "githubexploit", "idList": ["027DC021-9759-5152-B253-BB124AAF3689", "9E1C498D-25A3-57B2-A391-764CDA0E674F"]}, {"type": "mageia", "idList": ["MGASA-2022-0305", "MGASA-2022-0308"]}, {"type": "nessus", "idList": ["AL2022_ALAS2022-2022-150.NASL", "AL2_ALAS-2022-1838.NASL", "AL2_ALAS-2022-1852.NASL", "AL2_ALASKERNEL-5_10-2022-020.NASL", "AL2_ALASKERNEL-5_15-2022-008.NASL", "AL2_ALASKERNEL-5_4-2022-035.NASL", "AL2_ALASKERNEL-5_4-2022-036.NASL", "ALA_ALAS-2022-1636.NASL", "DEBIAN_DLA-3102.NASL", "DEBIAN_DLA-3131.NASL", "DEBIAN_DSA-5207.NASL", "EULEROS_SA-2022-2441.NASL", "EULEROS_SA-2022-2466.NASL", "ORACLELINUX_ELSA-2022-9689.NASL", "ORACLELINUX_ELSA-2022-9690.NASL", "ORACLELINUX_ELSA-2022-9691.NASL", "ORACLELINUX_ELSA-2022-9692.NASL", "ORACLELINUX_ELSA-2022-9693.NASL", "ORACLELINUX_ELSA-2022-9694.NASL", "ORACLELINUX_ELSA-2022-9699.NASL", "ORACLELINUX_ELSA-2022-9709.NASL", "ORACLELINUX_ELSA-2022-9710.NASL", "ORACLELINUX_ELSA-2022-9761.NASL", "ORACLELINUX_ELSA-2022-9787.NASL", "ORACLELINUX_ELSA-2022-9788.NASL", "ORACLELINUX_ELSA-2022-9827.NASL", "ORACLELINUX_ELSA-2022-9830.NASL", "ORACLEVM_OVMSA-2022-0022.NASL", "ORACLEVM_OVMSA-2022-0024.NASL", "REDHAT-RHSA-2022-6551.NASL", "REDHAT-RHSA-2022-6872.NASL", "REDHAT-RHSA-2022-6875.NASL", "REDHAT-RHSA-2022-6978.NASL", "REDHAT-RHSA-2022-6983.NASL", "REDHAT-RHSA-2022-6991.NASL", "SLACKWARE_SSA_2022-237-02.NASL", "SUSE_SU-2022-3263-1.NASL", "SUSE_SU-2022-3264-1.NASL", "SUSE_SU-2022-3265-1.NASL", "SUSE_SU-2022-3274-1.NASL", "SUSE_SU-2022-3282-1.NASL", "SUSE_SU-2022-3288-1.NASL", "SUSE_SU-2022-3291-1.NASL", "SUSE_SU-2022-3293-1.NASL", "SUSE_SU-2022-3294-1.NASL", "SUSE_SU-2022-3408-1.NASL", "SUSE_SU-2022-3422-1.NASL", "SUSE_SU-2022-3450-1.NASL", "SUSE_SU-2022-3609-1.NASL", "UBUNTU_USN-5557-1.NASL", "UBUNTU_USN-5560-1.NASL", "UBUNTU_USN-5560-2.NASL", "UBUNTU_USN-5562-1.NASL", "UBUNTU_USN-5564-1.NASL", "UBUNTU_USN-5565-1.NASL", "UBUNTU_USN-5566-1.NASL", "UBUNTU_USN-5567-1.NASL", "UBUNTU_USN-5582-1.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2022-9689", "ELSA-2022-9690", "ELSA-2022-9691", "ELSA-2022-9692", "ELSA-2022-9693", "ELSA-2022-9694", "ELSA-2022-9699", "ELSA-2022-9709", "ELSA-2022-9710", "ELSA-2022-9761", "ELSA-2022-9787", "ELSA-2022-9788", "ELSA-2022-9827", "ELSA-2022-9830"]}, {"type": "osv", "idList": ["OSV:DLA-3102-1", "OSV:DLA-3131-1", "OSV:DSA-5207-1"]}, {"type": "photon", "idList": ["PHSA-2022-0226", "PHSA-2022-0433", "PHSA-2022-0506"]}, {"type": "redhat", "idList": ["RHSA-2022:6551", "RHSA-2022:6872", "RHSA-2022:6875", "RHSA-2022:6978", "RHSA-2022:6983", "RHSA-2022:6991"]}, {"type": "redhatcve", "idList": ["RH:CVE-2022-2588"]}, {"type": "slackware", "idList": ["SSA-2022-237-02"]}, {"type": "suse", "idList": ["SUSE-SU-2022:3264-1", "SUSE-SU-2022:3288-1", "SUSE-SU-2022:3293-1", "SUSE-SU-2022:3408-1", "SUSE-SU-2022:3609-1"]}, {"type": "thn", "idList": ["THN:7653AAD966BDC7D71A9D1981CA662AC3"]}, {"type": "ubuntu", "idList": ["LSN-0089-1", "USN-5557-1", "USN-5560-1", "USN-5560-2", "USN-5562-1", "USN-5564-1", "USN-5565-1", "USN-5566-1", "USN-5567-1", "USN-5582-1", "USN-5588-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2022-2588"]}, {"type": "zdi", "idList": ["ZDI-22-1117"]}]}, "score": {"value": 4.0, "vector": "NONE"}, "vulnersScore": 4.0}, "_state": {"dependencies": 1666615033, "score": 1666615039, "affected_software_major_version": 1666695388}, "_internal": {"score_hash": "4ff28ae6b3662f329dee2bfee7947b23"}, "affectedSoftware": [{"version": "3.18.34__20.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1160.45.1.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1062.18.1.el7", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__80.el8", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.24.2.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "4.9.206__36.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.220__37.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__862.2.3.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.11.1.bgq.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.165__35.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__431.56.1.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__193.1.2.el8_2", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1062.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__504.1.3.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.9.1.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__193.23.1.el8_2", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.12.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__514.21.2.el7", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__305.10.2.el8_4", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__131.4.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.24.3.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__431.20.3.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.30.2.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__642.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1160.71.1.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1062.1.1.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__131.6.1.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.241__37.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1160.76.1.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__71.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__693.33.1.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__229.11.1.ael7b", "operator": "eq", "name": "kernel"}, {"version": "3.18.21__16.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__305.25.1.el8_4", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.61.1.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__80.7.1.el8_0", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.29.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__642.15.1.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__365.el8", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__279.19.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__957.10.1.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.23.2.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.165__35.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.29.2.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.184__35.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__573.1.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1160.42.2.el7", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__193.14.2.el8_2", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.18.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.11.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1160.59.1.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__71.24.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.28.1.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.11.1.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__338.el8", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__352.el8s", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__80.11.2.el8_0", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__131.17.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.18.21__17.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__408.el8", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__573.22.1.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__147.6.el8", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__220.7.1.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__144.el8", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__504.16.2.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__229.4.2.ael7b", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.24.2.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__236.el8", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.48.1.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__177.el8", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__71.29.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.28.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__693.17.1.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__431.53.2.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__693.25.7.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__431.23.3.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__957.21.2.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__642.3.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1127.13.1.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__71.7.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.18.32__20.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__220.7.6.p7ih.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__957.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1062.9.1.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.29.1.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.22.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.18.2.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__642.6.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__693.21.1.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__693.11.1.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1160.66.1.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.2.1.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__504.8.2.bgq.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__431.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__348.7.1.el8_5", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__279.1.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.18.25__18.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.2.1.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.112__32.el7", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__394.el8", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__957.12.2.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__642.6.2.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.118.1.openstack.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__240.15.1.el8_3", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__211.el8", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__642.11.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__693.el7", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__80.11.1.el8_0", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__862.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__220.23.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__573.8.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__431.1.2.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.177__35.el7", "operator": "eq", "name": "kernel"}, {"version": "4.9.25__27.el7", "operator": "eq", "name": "kernel"}, {"version": "4.9.44__29.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.48__29.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1160.el7", "operator": "eq", "name": "kernel"}, {"version": "4.9.212__36.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.51.2.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__862.9.1.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__431.50.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__431.29.2.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__348.el8", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.22.1.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.9.1.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__642.4.2.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.86__30.el6", "operator": "eq", "name": "kernel"}, {"version": "3.18.25__19.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__696.18.7.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.63__29.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.13__22.el7", "operator": "eq", "name": "kernel"}, {"version": "3.18.21__17.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__957.1.3.el7", "operator": "eq", "name": "kernel"}, {"version": "3.18.30__20.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1160.41.1.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__573.26.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__220.7.4.p7ih.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__259.el8", "operator": "eq", "name": "kernel"}, {"version": "4.9.188__35.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__269.el8", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__696.20.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__431.5.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.17.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.123.4.openstack.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__957.21.3.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__693.5.2.el7", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__305.12.1.el8_4", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__240.el8", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__431.1.1.bgq.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.10.1.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "4.9.215__36.el7", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__147.3.1.el8_1", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__305.0.1.el8", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__504.30.6.p7ih.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.54__29.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1160.62.1.el7", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__348.2.1.el8_5", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__147.8.1.el8_1", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__373.el8", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__693.2.1.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.30.2.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__642.13.2.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__431.20.5.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__696.30.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__573.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.3.5.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1160.21.1.el7", "operator": "eq", "name": "kernel"}, {"version": "4.9.63__29.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__193.12.1.el8_2", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__514.16.1.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1160.31.1.el7", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__193.19.1.el8_2", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__383.el8", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.6.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__573.4.2.bgq.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.25.1.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__431.40.2.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.23.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.18.30__20.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.13__22.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.184__35.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.111.1.openstack.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__642.13.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.114.1.openstack.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__696.1.1.bgq.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.17.1.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "4.9.48__29.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.59.1.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__240.10.1.el8_3", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.14.2.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "3.18.25__18.el6", "operator": "eq", "name": "kernel"}, {"version": "3.18.34__20.el7", "operator": "eq", "name": "kernel"}, {"version": "4.9.230__37.el7", "operator": "eq", "name": "kernel"}, {"version": "3.18.41__20.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__229.14.1.ael7b", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__573.18.1.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.58__29.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.6.3.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__279.5.1.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.39__29.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.12.1.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__220.7.2.p7ih.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1062.12.1.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1127.19.1.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__696.23.1.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.199__35.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.27.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__220.7.7.p7ih.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.215__36.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.56.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1160.49.1.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__279.9.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__514.26.2.el7", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__80.4.2.el8_0", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__71.18.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__696.3.2.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__279.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__573.12.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__696.13.2.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__279.5.2.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.206__36.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__220.4.7.bgq.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__193.13.2.el8_2", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.35.1.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__693.11.6.el7", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__187.el8", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.14.2.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.3.5.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__71.14.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1160.11.1.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__220.13.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__131.12.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.18.44__20.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.6.3.p7ih.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__693.35.1.el7", "operator": "eq", "name": "kernel"}, {"version": "4.9.220__37.el6", "operator": "eq", "name": "kernel"}, {"version": "3.18.44__20.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.46.1.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__358.el8", "operator": "eq", "name": "kernel"}, {"version": "4.9.230__37.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__310.el8", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.46.2.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1160.36.2.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__862.11.6.el7", "operator": "eq", "name": "kernel"}, {"version": "4.9.34__29.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.6.2.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__696.10.2.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__220.17.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.18.32__20.el7", "operator": "eq", "name": "kernel"}, {"version": "4.9.31__27.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__229.1.2.ael7b", "operator": "eq", "name": "kernel"}, {"version": "4.9.221__37.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__693.25.4.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1062.7.1.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__862.14.4.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__229.7.2.ael7b", "operator": "eq", "name": "kernel"}, {"version": "5.12.19__1.hsx.el8", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1127.10.1.el7", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__151.el8", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.49.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__229.20.1.ael7b", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1160.2.2.el7", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__305.3.1.el8", "operator": "eq", "name": "kernel"}, {"version": "4.9.124__32.el7", "operator": "eq", "name": "kernel"}, {"version": "4.9.221__37.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__240.23.2.el8_3", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__957.27.2.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1160.6.1.el7", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__193.24.1.el8_2.dt1", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__80.7.2.el8_0", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__504.8.1.el6", "operator": "eq", "name": "kernel"}, {"version": "5.14.0__76.hs2.hsx.el8", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__257.el8", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__80.1.2.el8_0", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__220.4.2.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.25__27.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__573.3.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__431.37.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__957.12.1.el7", "operator": "eq", "name": "kernel"}, {"version": "4.9.199__35.el7", "operator": "eq", "name": "kernel"}, {"version": "3.18.25__19.el7", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__301.1.el8", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__696.6.3.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__693.1.1.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__862.3.2.el7", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__305.el8", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1160.25.1.el7", "operator": "eq", "name": "kernel"}, {"version": "4.9.86__30.el7", "operator": "eq", "name": "kernel"}, {"version": "4.9.23__26.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.0.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__693.2.2.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1062.4.3.el7", "operator": "eq", "name": "kernel"}, {"version": "4.9.39__29.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__696.10.1.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.124__32.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.33.1.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.10.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.33.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1062.4.2.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.18.2.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__331.el8", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__642.1.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__220.2.1.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__147.5.1.el8_1", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__147.20.1.el8_1", "operator": "eq", "name": "kernel"}, {"version": "3.18.41__20.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.75__29.el7", "operator": "eq", "name": "kernel"}, {"version": "4.9.112__32.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__279.11.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__279.14.1.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__277.el8", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__957.5.1.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.35.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__504.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__696.10.3.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__431.17.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.2.1.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__240.1.1.el8_3", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__193.6.3.el8_2", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1160.24.1.el7", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__147.el8", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.55.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__696.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__431.40.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__696.16.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1160.2.1.el7", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__147.0.3.el8_1", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__504.30.3.el6", "operator": "eq", "name": "kernel"}, {"version": "3.18.25__20.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__220.7.3.p7ih.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__305.7.1.el8_4", "operator": "eq", "name": "kernel"}, {"version": "4.9.188__35.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.15.3.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__573.7.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__71.18.2.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.127__32.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__696.28.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__693.25.2.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__220.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.14.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.25.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__131.0.15.el6", "operator": "eq", "name": "kernel"}, {"version": "3.18.21__16.el7", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1127.8.2.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__431.46.2.el6", "operator": "eq", "name": "kernel"}, {"version": "5.14.0__59.hs1.hsx.el8", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__227.el8", "operator": "eq", "name": "kernel"}, {"version": "5.12.4__1.hsx.el8", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__514.16.2.p7ih.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__279.2.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__431.11.2.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__693.5.2.p7ih.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.27.1.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1127.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.6.3.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.44__29.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__431.3.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1127.18.2.el7", "operator": "eq", "name": "kernel"}, {"version": "4.9.127__32.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__220.4.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__862.6.3.el7", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__168.el8", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__279.14.1.bgq.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.11.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1160.53.1.el7", "operator": "eq", "name": "kernel"}, {"version": "4.9.75__30.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__279.22.1.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.177__35.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.34__29.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.241__37.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.54__29.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__305.17.1.el8_4", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__305.19.1.el8_4", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__131.21.1.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__193.28.1.el8_2", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__131.2.1.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__193.10.el8", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.23.1.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.15.3.el6", "operator": "eq", "name": "kernel"}, {"version": "4.9.58__29.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.31.1.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__220.4.4.bgq.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1160.15.2.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__504.23.4.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__315.el8", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__504.12.2.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__696.1.1.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__504.3.3.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__326.el8", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1062.4.1.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__696.3.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__862.3.3.el7", "operator": "eq", "name": "kernel"}, {"version": "4.9.212__36.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__358.51.1.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__294.el8", "operator": "eq", "name": "kernel"}, {"version": "4.9.23__26.el6", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.29.2.el6.centos.plus", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__240.22.1.el8_3", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__754.31.1.el6", "operator": "eq", "name": "kernel"}, {"version": "3.10.0__1062.1.2.el7", "operator": "eq", "name": "kernel"}, {"version": "2.6.32__504.30.5.p7ih.el6", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__193.el8", "operator": "eq", "name": "kernel"}, {"version": "4.18.0__315.rt7.96.el8", "operator": "eq", "name": "kernel-rt"}, {"version": "4.18.0__394.rt7.179.el8", "operator": "eq", "name": "kernel-rt"}, {"version": "3.10.0__693.2.1.rt56.620.el7", "operator": "eq", "name": "kernel-rt"}, {"version": "4.18.0__338.rt7.119.el8", "operator": "eq", "name": "kernel-rt"}, {"version": "3.10.0__957.5.1.rt56.916.el7", "operator": "eq", "name": "kernel-rt"}, {"version": "4.18.0__259.rt7.24.el8", "operator": "eq", "name": "kernel-rt"}, {"version": "4.18.0__348.2.1.rt7.132.el8_5", "operator": "eq", "name": "kernel-rt"}, {"version": "4.18.0__331.rt7.112.el8", "operator": "eq", "name": "kernel-rt"}, {"version": "3.10.0__957.21.2.rt56.934.el7", "operator": "eq", "name": "kernel-rt"}, {"version": "3.10.0__957.12.2.rt56.929.el7", "operator": "eq", "name": "kernel-rt"}, {"version": "4.18.0__302.1.rt7.70.el8", "operator": "eq", "name": "kernel-rt"}, {"version": "4.18.0__383.rt7.168.el8", "operator": "eq", "name": "kernel-rt"}, {"version": "4.18.0__240.rt7.54.el8", "operator": "eq", "name": "kernel-rt"}, {"version": "3.10.0__957.10.1.rt56.921.el7", "operator": "eq", "name": "kernel-rt"}, {"version": "3.10.0__693.11.1.rt56.632.el7", "operator": "eq", "name": "kernel-rt"}, {"version": "3.10.0__957.21.3.rt56.935.el7", "operator": "eq", "name": "kernel-rt"}, {"version": "4.18.0__257.rt7.22.el8", "operator": "eq", "name": "kernel-rt"}, {"version": "4.18.0__193.24.1.rt13.74.el8_2.dt1", "operator": "eq", "name": "kernel-rt"}, {"version": "4.18.0__269.rt7.34.el8", "operator": "eq", "name": "kernel-rt"}, {"version": "3.10.0__514.2.2.rt56.424.el7", "operator": "eq", "name": "kernel-rt"}, {"version": "4.18.0__357.rt7.142.el8", "operator": "eq", "name": "kernel-rt"}, {"version": "3.10.0__1160.42.2.rt56.1182.el7", "operator": "eq", "name": "kernel-rt"}, {"version": "4.18.0__310.rt7.91.el8", "operator": "eq", "name": "kernel-rt"}, {"version": "3.10.0__514.6.1.rt56.429.el7", "operator": "eq", "name": "kernel-rt"}, {"version": "4.18.0__193.12.1.rt13.63.el8_2", "operator": "eq", "name": "kernel-rt"}, {"version": "3.10.0__693.2.2.rt56.623.el7", "operator": "eq", "name": "kernel-rt"}, {"version": "3.10.0__1127.rt56.1093.el7", "operator": "eq", "name": "kernel-rt"}, {"version": "4.18.0__348.rt7.130.el8", "operator": "eq", "name": "kernel-rt"}, {"version": "3.10.0__957.1.3.rt56.913.el7", "operator": "eq", "name": "kernel-rt"}, {"version": "4.18.0__294.rt7.61.el8", "operator": "eq", "name": "kernel-rt"}, {"version": "4.18.0__240.23.2.rt7.79.el8_3", "operator": "eq", "name": "kernel-rt"}, {"version": "3.10.0__1160.6.1.rt56.1139.el7", "operator": "eq", "name": "kernel-rt"}, {"version": "4.18.0__193.13.2.rt13.65.el8_2", "operator": "eq", "name": "kernel-rt"}, {"version": "4.18.0__277.rt7.42.el8", "operator": "eq", "name": "kernel-rt"}, {"version": "4.18.0__236.rt7.49.el8", "operator": "eq", "name": "kernel-rt"}]}
{"oraclelinux": [{"lastseen": "2022-08-09T20:40:51", "description": "[4.14.35-2047.516.1.1]\n- net_sched: cls_route: remove from list when handle is 0 (Thadeu Lima de Souza Cascardo) [Orabug: 34460938] {CVE-2022-2588}\n[4.14.35-2047.516.1]\n- KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast() (Vitaly Kuznetsov) [Orabug: 34323860] {CVE-2022-2153}\n- KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq (Vitaly Kuznetsov) [Orabug: 34323860] {CVE-2022-2153}\n- KVM: Add infrastructure and macro to mark VM as bugged (Sean Christopherson) [Orabug: 34323860] {CVE-2022-2153}\n- xfs: dont use delalloc extents for COW on files with extsize hints (Christoph Hellwig) [Orabug: 34180868]\n[4.14.35-2047.516.0]\n- scsi: mpt3sas: Remove scsi_dma_map() error messages (Sreekanth Reddy) [Orabug: 34328903] \n- uek: kabi: new protected symbols for USM in OL7 (Saeed Mirzamohammadi) [Orabug: 34233902] \n- vfio/type1: add ioctl to check for correct pin accounting (Anthony Yznaga) [Orabug: 32967885] \n- vfio/type1: track pages pinned by vfio across exec (Anthony Yznaga) [Orabug: 32967885] \n- mm: track driver pinned pages across exec (Anthony Yznaga) [Orabug: 32967885] \n- vfio/type1: Fix vfio_find_dma_valid return (Anthony Yznaga) [Orabug: 32967885] \n- vfio/type1: fix unmap all on ILP32 (Steve Sistare) [Orabug: 32967885] \n- vfio/type1: block on invalid vaddr (Steve Sistare) [Orabug: 32967885] \n- vfio/type1: implement notify callback (Steve Sistare) [Orabug: 32967885] \n- vfio: iommu driver notify callback (Steve Sistare) [Orabug: 32967885] \n- vfio/type1: implement interfaces to update vaddr (Steve Sistare) [Orabug: 32967885] \n- vfio/type1: massage unmap iteration (Steve Sistare) [Orabug: 32967885] \n- vfio: interfaces to update vaddr (Steve Sistare) [Orabug: 32967885] \n- vfio/type1: implement unmap all (Steve Sistare) [Orabug: 32967885] \n- vfio/type1: unmap cleanup (Steve Sistare) [Orabug: 32967885] \n- vfio: option to unmap all (Steve Sistare) [Orabug: 32967885] \n- Linux 4.14.284 (Greg Kroah-Hartman) \n- x86/speculation/mmio: Print SMT warning (Josh Poimboeuf) \n- x86/cpu: Add another Alder Lake CPU to the Intel family (Gayatri Kammela) \n- x86/cpu: Add Lakefield, Alder Lake and Rocket Lake models to the to Intel CPU family (Tony Luck) \n- x86/cpu: Add Comet Lake to the Intel CPU models header (Kan Liang) \n- x86/cpu: Add Cannonlake to Intel family (Rajneesh Bhardwaj) \n- x86/cpu: Add Jasper Lake to Intel family (Zhang Rui) \n- cpu/speculation: Add prototype for cpu_show_srbds() (Guenter Roeck) \n- x86/cpu: Add Elkhart Lake to Intel family (Gayatri Kammela) \n- Linux 4.14.283 (Greg Kroah-Hartman) \n- tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd (Eric Dumazet) \n- PCI: qcom: Fix unbalanced PHY init on probe errors (Johan Hovold) \n- mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N (Tokunori Ikegami) \n- mtd: cfi_cmdset_0002: Move and rename chip_check/chip_ready/chip_good_for_write (Tokunori Ikegami) \n- md/raid0: Ignore RAID0 layout if the second zone has only one device (Pascal Hambourg) \n- powerpc/32: Fix overread/overwrite of thread_struct via ptrace (Michael Ellerman) \n- Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag (Mathias Nyman) \n- ixgbe: fix unexpected VLAN Rx in promisc mode on VF (Olivier Matz) \n- ixgbe: fix bcast packets Rx on VF after promisc removal (Olivier Matz) \n- nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling (Martin Faltesek) \n- nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION (Martin Faltesek) \n- ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files (Sergey Shtylyov) \n- cifs: return errors during session setup during reconnects (Shyam Prasad N) \n- ALSA: hda/conexant - Fix loopback issue with CX20632 (huangwenhui) \n- vringh: Fix loop descriptors check in the indirect cases (Xie Yongji) \n- nodemask: Fix return values to be unsigned (Kees Cook) \n- nbd: fix io hung while disconnecting device (Yu Kuai) \n- nbd: fix race between nbd_alloc_config() and module removal (Yu Kuai) \n- nbd: call genl_unregister_family() first in nbd_cleanup() (Yu Kuai) \n- modpost: fix undefined behavior of is_arm_mapping_symbol() (Masahiro Yamada) \n- drm/radeon: fix a possible null pointer dereference (Gong Yuanjun) \n- Revert net: af_key: add check for pfkey_broadcast in function pfkey_process (Michal Kubecek) \n- md: protect md_unregister_thread from reentrancy (Guoqing Jiang) \n- kernfs: Separate kernfs_pr_cont_buf and rename_lock. (Hao Luo) \n- serial: msm_serial: disable interrupts in __msm_console_write() (John Ogness) \n- staging: rtl8712: fix uninit-value in r871xu_drv_init() (Wang Cheng) \n- clocksource/drivers/sp804: Avoid error on multiple instances (Andre Przywara) \n- extcon: Modify extcon device to be created after driver data is set (bumwoo lee) \n- misc: rtsx: set NULL intfdata when probe fails (Shuah Khan) \n- usb: dwc2: gadget: dont reset gadgets driver->bus (Marek Szyprowski) \n- USB: hcd-pci: Fully suspend across freeze/thaw cycle (Evan Green) \n- drivers: usb: host: Fix deadlock in oxu_bus_suspend() (Duoming Zhou) \n- drivers: tty: serial: Fix deadlock in sa1100_set_termios() (Duoming Zhou) \n- USB: host: isp116x: check return value after calling platform_get_resource() (Zhen Ni) \n- drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop() (Duoming Zhou) \n- tty: Fix a possible resource leak in icom_probe (Huang Guobin) \n- tty: synclink_gt: Fix null-pointer-dereference in slgt_clean() (Zheyu Ma) \n- lkdtm/usercopy: Expand size of out of frame object (Kees Cook) \n- iio: dummy: iio_simple_dummy: check the return value of kstrdup() (Xiaoke Wang) \n- drm: imx: fix compiler warning with gcc-12 (Linus Torvalds) \n- net: altera: Fix refcount leak in altera_tse_mdio_create (Miaoqian Lin) \n- net: ipv6: unexport __init-annotated seg6_hmac_init() (Masahiro Yamada) \n- net: xfrm: unexport __init-annotated xfrm4_protocol_init() (Masahiro Yamada) \n- net: mdio: unexport __init-annotated mdio_bus_init() (Masahiro Yamada) \n- SUNRPC: Fix the calculation of xdr->end in xdr_get_next_encode_buffer() (Chuck Lever) \n- net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure (Gal Pressman) \n- ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe (Miaoqian Lin) \n- xprtrdma: treat all calls not a bcall when bc_serv is NULL (Kinglong Mee) \n- video: fbdev: pxa3xx-gcu: release the resources correctly in pxa3xx_gcu_probe/remove() (Yang Yingliang) \n- m68knommu: fix undefined reference to _init_sp (Greg Ungerer) \n- m68knommu: set ZERO_PAGE() to the allocated zeroed page (Greg Ungerer) \n- i2c: cadence: Increase timeout per message if necessary (Lucas Tanure) \n- tracing: Avoid adding tracer option before update_tracer_options (Mark-PK Tsai) \n- tracing: Fix sleeping function called from invalid context on RT kernel (Jun Miao) \n- mips: cpc: Fix refcount leak in mips_cpc_default_phys_base (Gong Yuanjun) \n- perf c2c: Fix sorting in percent_rmt_hitm_cmp() (Leo Yan) \n- tcp: tcp_rtx_synack() can be called from process context (Eric Dumazet) \n- ubi: ubi_create_volume: Fix use-after-free when volume creation failed (Zhihao Cheng) \n- jffs2: fix memory leak in jffs2_do_fill_super (Baokun Li) \n- modpost: fix removing numeric suffixes (Alexander Lobakin) \n- net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register (Miaoqian Lin) \n- net: ethernet: mtk_eth_soc: out of bounds read in mtk_hwlro_get_fdir_entry() (Dan Carpenter) \n- clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski) \n- firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle (Miaoqian Lin) \n- serial: st-asc: Sanitize CSIZE and correct PARENB for CS7 (Ilpo Jarvinen) \n- serial: sh-sci: Dont allow CS5-6 (Ilpo Jarvinen) \n- serial: txx9: Dont allow CS5-6 (Ilpo Jarvinen) \n- serial: digicolor-usart: Dont allow CS5-6 (Ilpo Jarvinen) \n- serial: meson: acquire port->lock in startup() (John Ogness) \n- rtc: mt6397: check return value after calling platform_get_resource() (Yang Yingliang) \n- soc: rockchip: Fix refcount leak in rockchip_grf_init (Miaoqian Lin) \n- coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier (Guilherme G. Piccoli) \n- rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski) \n- pwm: lp3943: Fix duty calculation in case period was clamped (Uwe Kleine-Konig) \n- USB: storage: karma: fix rio_karma_init return (Lin Ma) \n- usb: usbip: add missing device lock on tweak configuration cmd (Niels Dossche) \n- usb: usbip: fix a refcount leak in stub_probe() (Hangyu Hua) \n- tty: goldfish: Use tty_port_destroy() to destroy port (Wang Weiyang) \n- staging: greybus: codecs: fix type confusion of list iterator variable (Jakob Koschel) \n- pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards (Randy Dunlap) \n- netfilter: nf_tables: disallow non-stateful expression in sets earlier (Pablo Neira Ayuso) \n- MIPS: IP27: Remove incorrect cpu_has_fpu override (Maciej W. Rozycki) \n- RDMA/rxe: Generate a completion for unsupported/invalid opcode (Xiao Yang) \n- phy: qcom-qmp: fix reset-controller leak on probe errors (Johan Hovold) \n- dt-bindings: gpio: altera: correct interrupt-cells (Dinh Nguyen) \n- docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0 (Akira Yokosawa) \n- phy: qcom-qmp: fix struct clk leak on probe errors (Johan Hovold) \n- arm64: dts: qcom: ipq8074: fix the sleep clock frequency (Kathiravan T) \n- gma500: fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- carl9170: tx: fix an incorrect use of list iterator (Xiaomeng Tong) \n- ASoC: rt5514: Fix event generation for DSP Voice Wake Up control (Mark Brown) \n- rtl818x: Prevent using not initialized queues (Alexander Wetzel) \n- hugetlb: fix huge_pmd_unshare address update (Mike Kravetz) \n- nodemask.h: fix compilation error with GCC12 (Christophe de Dinechin) \n- iommu/msm: Fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- um: Fix out-of-bounds read in LDT setup (Vincent Whitchurch) \n- um: chan_user: Fix winch_tramp() return value (Johannes Berg) \n- mac80211: upgrade passive scan to active scan on DFS channels after beacon rx (Felix Fietkau) \n- irqchip: irq-xtensa-mx: fix initial IRQ affinity (Max Filippov) \n- irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375, A38x, A39x (Pali Rohar) \n- RDMA/hfi1: Fix potential integer multiplication overflow errors (Dennis Dalessandro) \n- md: fix an incorrect NULL check in md_reload_sb (Xiaomeng Tong) \n- md: fix an incorrect NULL check in does_sb_need_changing (Xiaomeng Tong) \n- drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX (Brian Norris) \n- drm/nouveau/clk: Fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- drm/amdgpu/cs: make commands with 0 chunks illegal behaviour. (Dave Airlie) \n- scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled (Manivannan Sadhasivam) \n- scsi: dc395x: Fix a missing check on list iterator (Xiaomeng Tong) \n- ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock (Junxiao Bi via Ocfs2-devel) \n- dlm: fix missing lkb refcount handling (Alexander Aring) \n- dlm: fix plock invalid read (Alexander Aring) \n- ext4: avoid cycles in directory h-tree (Jan Kara) \n- ext4: verify dir block before splitting it (Jan Kara) \n- ext4: fix bug_on in ext4_writepages (Ye Bin) \n- ext4: fix use-after-free in ext4_rename_dir_prepare (Ye Bin) \n- fs-writeback: writeback_sb_inodes:Recalculate wrote according skipped pages (Zhihao Cheng) \n- iwlwifi: mvm: fix assert 1F04 upon reconfig (Emmanuel Grumbach) \n- wifi: mac80211: fix use-after-free in chanctx code (Johannes Berg) \n- perf jevents: Fix event syntax error caused by ExtSel (Zhengjun Xing) \n- perf c2c: Use stdio interface if slang is not supported (Leo Yan) \n- iommu/amd: Increase timeout waiting for GA log enablement (Joerg Roedel) \n- video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup (Miaoqian Lin) \n- iommu/mediatek: Add list_del in mtk_iommu_remove (Yong Wu) \n- mailbox: forward the hrtimer if not queued and under a lock (Bjorn Ardo) \n- powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup (Miaoqian Lin) \n- powerpc/perf: Fix the threshold compare group constraint for power9 (Kajol Jain) \n- Input: sparcspkr - fix refcount leak in bbc_beep_probe (Miaoqian Lin) \n- tty: fix deadlock caused by calling printk() under tty_port->lock (Qi Zheng) \n- powerpc/4xx/cpm: Fix return value of __setup() handler (Randy Dunlap) \n- powerpc/idle: Fix return value of __setup() handler (Randy Dunlap) \n- powerpc/8xx: export cpm_setbrg for modules (Randy Dunlap) \n- drivers/base/node.c: fix compaction sysfs file leak (Miaohe Lin) \n- pinctrl: mvebu: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski) \n- scsi: fcoe: Fix Wstringop-overflow warnings in fcoe_wwn_from_mac() (Gustavo A. R. Silva) \n- mfd: ipaq-micro: Fix error check return value of platform_get_irq() (Lv Ruyi) \n- ARM: dts: bcm2835-rpi-b: Fix GPIO line names (Stefan Wahren) \n- ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT (Phil Elwell) \n- soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc (Miaoqian Lin) \n- soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc (Miaoqian Lin) \n- rxrpc: Dont try to resend the request if were receiving the reply (David Howells) \n- rxrpc: Fix listen() setting the bar too high for the prealloc rings (David Howells) \n- ASoC: wm2000: fix missing clk_disable_unprepare() on error in wm2000_anc_transition() (Yang Yingliang) \n- sctp: read sk->sk_bound_dev_if once in sctp_rcv() (Eric Dumazet) \n- m68k: math-emu: Fix dependencies of math emulation support (Geert Uytterhoeven) \n- Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout (Ying Hsu) \n- media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init (Pavel Skripkin) \n- media: exynos4-is: Change clk_disable to clk_disable_unprepare (Miaoqian Lin) \n- media: st-delta: Fix PM disable depth imbalance in delta_probe (Miaoqian Lin) \n- regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt (Miaoqian Lin) \n- ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe (Miaoqian Lin) \n- media: uvcvideo: Fix missing check to determine if element is found in list (Xiaomeng Tong) \n- drm/msm: return an error pointer in msm_gem_prime_get_sg_table() (Dan Carpenter) \n- x86/mm: Cleanup the control_va_addr_alignment() __setup handler (Randy Dunlap) \n- irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski) \n- x86: Fix return value of __setup handlers (Randy Dunlap) \n- drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() (Yang Yingliang) \n- drm/msm/hdmi: check return value after calling platform_get_resource_byname() (Yang Yingliang) \n- drm/msm/dsi: fix error checks and return values for DSI xmit functions (Dmitry Baryshkov) \n- x86/pm: Fix false positive kmemleak report in msr_build_context() (Matthieu Baerts) \n- fsnotify: fix wrong lockdep annotations (Amir Goldstein) \n- inotify: show inotify mask flags in proc fdinfo (Amir Goldstein) \n- ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix (Dan Carpenter) \n- spi: img-spfi: Fix pm_runtime_get_sync() error checking (Zheng Yongjun) \n- HID: hid-led: fix maximum brightness for Dream Cheeky (Jonathan Teh) \n- efi: Add missing prototype for efi_capsule_setup_info (Jan Kiszka) \n- NFC: NULL out the dev->rfkill to prevent UAF (Lin Ma) \n- spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeout (Miaoqian Lin) \n- drm/mediatek: Fix mtk_cec_mask() (Miles Chen) \n- x86/delay: Fix the wrong asm constraint in delay_loop() (Ammar Faizi) \n- ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe (Miaoqian Lin) \n- ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe (Miaoqian Lin) \n- ath9k: fix ar9003_get_eepmisc (Wenli Looi) \n- drm: fix EDID struct for old ARM OABI format (Saeed Mirzamohammadi) \n- RDMA/hfi1: Prevent panic when SDMA is disabled (Douglas Miller) \n- macintosh/via-pmu: Fix build failure when CONFIG_INPUT is disabled (Finn Thain) \n- powerpc/xics: fix refcount leak in icp_opal_init() (Lv Ruyi) \n- tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate (Vasily Averin) \n- PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() (Yicong Yang) \n- ARM: hisi: Add missing of_node_put after of_find_compatible_node (Peng Wu) \n- ARM: dts: exynos: add atmel,24c128 fallback to Samsung EEPROM (Krzysztof Kozlowski) \n- ARM: versatile: Add missing of_node_put in dcscb_init (Peng Wu) \n- fat: add ratelimit to fat*_ent_bread() (OGAWA Hirofumi) \n- ARM: OMAP1: clock: Fix UART rate reporting algorithm (Janusz Krzysztofik) \n- fs: jfs: fix possible NULL pointer dereference in dbFree() (Zixuan Fu) \n- ARM: dts: ox820: align interrupt controller node name with dtschema (Krzysztof Kozlowski) \n- eth: tg3: silence the GCC 12 array-bounds warning (Jakub Kicinski) \n- rxrpc: Return an error to sendmsg if call failed (David Howells) \n- media: exynos4-is: Fix compile warning (Kwanghoon Son) \n- net: phy: micrel: Allow probing without .driver_data (Fabio Estevam) \n- ASoC: rt5645: Fix errorenous cleanup order (Lin Ma) \n- nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags (Smith, Kyle Miller (Nimble Kernel)) \n- openrisc: start CPU timer early in boot (Jason A. Donenfeld) \n- rtlwifi: Use pr_warn instead of WARN_ONCE (Dongliang Mu) \n- ipmi:ssif: Check for NULL msg when handling events and messages (Corey Minyard) \n- dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC (Mikulas Patocka) \n- s390/preempt: disable __preempt_count_add() optimization for PROFILE_ALL_BRANCHES (Heiko Carstens) \n- ASoC: dapm: Dont fold register value changes into notifications (Mark Brown) \n- ipv6: Dont send rs packets to the interface of ARPHRD_TUNNEL (jianghaoran) \n- drm/amd/pm: fix the compile warning (Evan Quan) \n- scsi: megaraid: Fix error check return value of register_chrdev() (Lv Ruyi) \n- media: cx25821: Fix the warning when removing the module (Zheyu Ma) \n- media: pci: cx23885: Fix the error handling in cx23885_initdev() (Zheyu Ma) \n- media: venus: hfi: avoid null dereference in deinit (Luca Weiss) \n- ath9k: fix QCA9561 PA bias level (Thibaut VARENE) \n- drm/amd/pm: fix double free in si_parse_power_table() (Keita Suzuki) \n- ALSA: jack: Access input_dev under mutex (Amadeusz Slawinski) \n- ACPICA: Avoid cache flush inside virtual machines (Kirill A. Shutemov) \n- ipw2x00: Fix potential NULL dereference in libipw_xmit() (Haowen Bai) \n- b43: Fix assigning negative value to unsigned variable (Haowen Bai) \n- b43legacy: Fix assigning negative value to unsigned variable (Haowen Bai) \n- mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue (Niels Dossche) \n- drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes (Liu Zixian) \n- btrfs: repair super block num_devices automatically (Qu Wenruo) \n- btrfs: add 0x prefix for unsupported optional features (Qu Wenruo) \n- ptrace: Reimplement PTRACE_KILL by always sending SIGKILL (Eric W. Biederman) \n- ptrace/xtensa: Replace PT_SINGLESTEP with TIF_SINGLESTEP (Eric W. Biederman) \n- USB: new quirk for Dell Gen 2 devices (Monish Kumar R) \n- USB: serial: option: add Quectel BG95 modem (Carl Yin) \n- binfmt_flat: do not stop relocating GOT entries prematurely on riscv (Niklas Cassel) \n- Linux 4.14.282 (Greg Kroah-Hartman) \n- bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes (Liu Jian) \n- NFSD: Fix possible sleep during nfsd4_release_lockowner() (Chuck Lever) \n- docs: submitting-patches: Fix crossref to The canonical patch format (Akira Yokosawa) \n- tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe() (Xiu Jianfeng) \n- dm verity: set DM_TARGET_IMMUTABLE feature flag (Sarthak Kukreti) \n- dm stats: add cond_resched when looping over entries (Mikulas Patocka) \n- dm crypt: make printing of the key constant-time (Mikulas Patocka) \n- dm integrity: fix error code in dm_integrity_ctr() (Dan Carpenter) \n- zsmalloc: fix races between asynchronous zspage free and page migration (Sultan Alsawaf) \n- netfilter: conntrack: re-fetch conntrack after insertion (Florian Westphal) \n- exec: Force single empty string when argv is empty (Kees Cook) \n- block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern (Haimin Zhang) \n- drm/i915: Fix -Wstringop-overflow warning in call to intel_read_wm_latency() (Gustavo A. R. Silva) \n- drivers: i2c: thunderx: Allow driver to work with ACPI defined TWSI controllers (Piyush Malgujar) \n- net: ftgmac100: Disable hardware checksum on AST2600 (Joel Stanley) \n- net: af_key: check encryption module availability consistency (Thomas Bartschies) \n- ACPI: sysfs: Fix BERT error region memory mapping (Lorenzo Pieralisi) \n- ACPI: sysfs: Make sparse happy about address space in use (Andy Shevchenko) \n- secure_seq: use the 64 bits of the siphash for port offset calculation (Willy Tarreau) \n- tcp: change source port randomizarion at connect() time (Eric Dumazet) \n- staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan() (Denis Efremov (Oracle)) \n- x86/pci/xen: Disable PCI/MSI[-X] masking for XEN_HVM guests (Thomas Gleixner) \n- Linux 4.14.281 (Greg Kroah-Hartman) \n- Reinstate some of swiotlb: rework fix info leak with DMA_FROM_DEVICE (Linus Torvalds) \n- swiotlb: fix info leak with DMA_FROM_DEVICE (Halil Pasic) \n- net: atlantic: verify hw_head_ lies within TX buffer ring (Grant Grundler) \n- net: stmmac: fix missing pci_disable_device() on error in stmmac_pci_probe() (Yang Yingliang) \n- ethernet: tulip: fix missing pci_disable_device() on error in tulip_init_one() (Yang Yingliang) \n- mac80211: fix rx reordering with non explicit / psmp ack policy (Felix Fietkau) \n- scsi: qla2xxx: Fix missed DMA unmap for aborted commands (Gleb Chesnokov) \n- perf bench numa: Address compiler error on s390 (Thomas Richter) \n- gpio: mvebu/pwm: Refuse requests with inverted polarity (Uwe Kleine-Konig) \n- gpio: gpio-vf610: do not touch other bits when set the target bit (Haibo Chen) \n- net: bridge: Clear offload_fwd_mark when passing frame up bridge interface. (Andrew Lunn) \n- igb: skip phy status check where unavailable (Kevin Mitchell) \n- ARM: 9197/1: spectre-bhb: fix loop8 sequence for Thumb2 (Ard Biesheuvel) \n- ARM: 9196/1: spectre-bhb: enable for Cortex-A15 (Ard Biesheuvel) \n- net: af_key: add check for pfkey_broadcast in function pfkey_process (Jiasheng Jiang) \n- NFC: nci: fix sleep in atomic context bugs caused by nci_skb_alloc (Duoming Zhou) \n- net/qla3xxx: Fix a test in ql_reset_work() (Christophe JAILLET) \n- clk: at91: generated: consider range when calculating best rate (Codrin Ciubotariu) \n- net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() (Zixuan Fu) \n- net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() (Zixuan Fu) \n- mmc: core: Default to generic_cmd6_time as timeout in __mmc_switch() (Ulf Hansson) \n- mmc: block: Use generic_cmd6_time when modifying INAND_CMD38_ARG_EXT_CSD (Ulf Hansson) \n- mmc: core: Specify timeouts for BKOPS and CACHE_FLUSH for eMMC (Ulf Hansson) \n- drm/dp/mst: fix a possible memory leak in fetch_monitor_name() (Hangyu Hua) \n- ALSA: wavefront: Proper check of get_user() error (Takashi Iwai) \n- ARM: 9191/1: arm/stacktrace, kasan: Silence KASAN warnings in unwind_frame() (linyujun) \n- drbd: remove usage of list iterator variable after loop (Jakob Koschel) \n- MIPS: lantiq: check the return value of kzalloc() (Xiaoke Wang) \n- Input: stmfts - fix reference leak in stmfts_input_open (Zheng Yongjun) \n- Input: add bounds checking to input_set_capability() (Jeff LaBundy) \n- um: Cleanup syscall_handler_t definition/cast, fix warning (David Gow)\n[4.14.35-2047.515.3]\n- uek-rpm: Enable Pensando EMMC reset controller (Thomas Tai) [Orabug: 34325721] \n- mfd: pensando_elbasr: Add Pensando Elba System Resource Chip (Brad Larson) [Orabug: 34325721] \n- dsc-drivers: update drivers for 1.15.9-C-65 (Shannon Nelson) [Orabug: 34325721]\n[4.14.35-2047.515.2]\n- net/rds: Delayed DR_SOCK_CANCEL (Gerd Rausch) [Orabug: 34105319]\n[4.14.35-2047.515.1]\n- sched/rt: Disable RT_RUNTIME_SHARE by default (Daniel Bristot de Oliveira) [Orabug: 34193333] \n- mstflint_access: Update driver code to v4.20.1-1 from Github (Qing Huang) [Orabug: 34286148]\n[4.14.35-2047.515.0]\n- net: ip: avoid OOM kills with large UDP sends over loopback (Venkat Venkatsubra) [Orabug: 34066209] \n- rdmaip: Flush ARP cache after address has been cleared (Gerd Rausch) [Orabug: 34285241] \n- rds: Include congested flag in rds_sock struct. (Rohit Nair) [Orabug: 34261492] \n- cpu/hotplug: Allow the CPU in CPU_UP_PREPARE state to be brought up again. (Longpeng(Mike)) [Orabug: 34234771] \n- x86/xen: Allow to retry if cpu_initialize_context() failed. (Boris Ostrovsky) [Orabug: 34234771] \n- floppy: use a statically allocated error counter (Willy Tarreau) [Orabug: 34218640] {CVE-2022-1652}\n- assoc_array: Fix BUG_ON during garbage collect (Stephen Brennan) [Orabug: 34162064] \n- exec, elf: fix reserve_va_range() sanity check (Anthony Yznaga) [Orabug: 32387887] \n- exec, elf: use already allocated notes data in reserve_va_range() (Anthony Yznaga) [Orabug: 32387887] \n- mm: madv_doexec_flag sysctl (Anthony Yznaga) [Orabug: 32387887] \n- mm: introduce MADV_DOEXEC (Anthony Yznaga) [Orabug: 32387887] \n- exec, elf: require opt-in for accepting preserved mem (Anthony Yznaga) [Orabug: 32387887] \n- mm: introduce VM_EXEC_KEEP (Anthony Yznaga) [Orabug: 32387887] \n- mm: fail exec if stack expansion will overlap another vma (Anthony Yznaga) [Orabug: 32387887] \n- mm: do not assume only the stack vma exists in setup_arg_pages() (Anthony Yznaga) [Orabug: 32387887] \n- ELF: when loading PIE binaries check for overlap with existing mappings (Anthony Yznaga) [Orabug: 32387887] \n- Linux 4.14.280 (Greg Kroah-Hartman) \n- tty/serial: digicolor: fix possible null-ptr-deref in digicolor_uart_probe() (Yang Yingliang) \n- ping: fix address binding wrt vrf (Nicolas Dichtel) \n- drm/vmwgfx: Initialize drm_mode_fb_cmd2 (Zack Rusin) \n- cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp() (Waiman Long) \n- USB: serial: option: add Fibocom MA510 modem (Sven Schwermer) \n- USB: serial: option: add Fibocom L610 modem (Sven Schwermer) \n- USB: serial: qcserial: add support for Sierra Wireless EM7590 (Ethan Yang) \n- USB: serial: pl2303: add device id for HP LM930 Display (Scott Chen) \n- usb: cdc-wdm: fix reading stuck on device close (Sergey Ryazanov) \n- tcp: resalt the secret every 10 seconds (Eric Dumazet) \n- ASoC: ops: Validate input values in snd_soc_put_volsw_range() (Mark Brown) \n- ASoC: max98090: Generate notifications on changes for custom control (Mark Brown) \n- ASoC: max98090: Reject invalid values in custom control put() (Mark Brown) \n- hwmon: (f71882fg) Fix negative temperature (Ji-Ze Hong (Peter Hong)) \n- net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe() (Taehee Yoo) \n- net/smc: non blocking recvmsg() return -EAGAIN when no data and signal_pending (Guangguan Wang) \n- s390/lcs: fix variable dereferenced before check (Alexandra Winter) \n- s390/ctcm: fix potential memory leak (Alexandra Winter) \n- s390/ctcm: fix variable dereferenced before check (Alexandra Winter) \n- hwmon: (ltq-cputemp) restrict it to SOC_XWAY (Randy Dunlap) \n- mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection (Johannes Berg) \n- netlink: do not reset transport header in netlink_recvmsg() (Eric Dumazet) \n- ipv4: drop dst in multicast routing path (Lokesh Dhoundiyal) \n- net: Fix features skip in for_each_netdev_feature() (Tariq Toukan) \n- batman-adv: Dont skb_split skbuffs with frag_list (Sven Eckelmann) \n- Linux 4.14.279 (Greg Kroah-Hartman) \n- VFS: Fix memory leak caused by concurrently mounting fs with subtype (ChenXiaoSong) \n- ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock (Takashi Iwai) \n- mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and __mcopy_atomic() (Muchun Song) \n- mm: hugetlb: fix missing cache flush in copy_huge_page_from_user() (Muchun Song) \n- mmc: rtsx: add 74 Clocks in power on flow (Ricky WU) \n- Bluetooth: Fix the creation of hdev->name (Itay Iellin) \n- can: grcan: only use the NAPI poll budget for RX (Andreas Larsson) \n- can: grcan: grcan_probe(): fix broken system id check for errata workaround needs (Andreas Larsson) \n- block: drbd: drbd_nl: Make conversion to enum drbd_ret_code explicit (Lee Jones) \n- MIPS: Use address-of operator on section symbols (Nathan Chancellor) \n- Linux 4.14.278 (Greg Kroah-Hartman) \n- PCI: aardvark: Fix reading MSI interrupt number (Pali Rohar) \n- PCI: aardvark: Clear all MSIs at setup (Pali Rohar) \n- dm: interlock pending dm_io and dm_wait_for_bios_completion (Mike Snitzer) \n- dm: fix mempool NULL pointer race when completing IO (Jiazi Li) \n- net: ipv6: ensure we call ipv6_mc_down() at most once (j.nixdorf@avm.de) \n- kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has architectural PMU (Sandipan Das) \n- net: igmp: respect RCU rules in ip_mc_source() and ip_mc_msfilter() (Eric Dumazet) \n- btrfs: always log symlinks in full mode (Filipe Manana) \n- smsc911x: allow using IRQ0 (Sergey Shtylyov) \n- net: emaclite: Add error handling for of_address_to_resource() (Shravya Kumbham) \n- hwmon: (adt7470) Fix warning on module removal (Armin Wolf) \n- NFC: netlink: fix sleep in atomic bug when firmware download timeout (Duoming Zhou) \n- nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs (Duoming Zhou) \n- nfc: replace improper check device_is_registered() in netlink related functions (Duoming Zhou) \n- can: grcan: use ofdev->dev when allocating DMA memory (Daniel Hellstrom) \n- can: grcan: grcan_close(): fix deadlock (Duoming Zhou) \n- ASoC: wm8958: Fix change notifications for DSP controls (Mark Brown) \n- firewire: core: extend card->lock in fw_core_handle_bus_reset (Niels Dossche) \n- firewire: remove check of list iterator against head past the loop body (Jakob Koschel) \n- firewire: fix potential uaf in outbound_phy_packet_callback() (Chengfeng Ye) \n- Revert SUNRPC: attempt AF_LOCAL connect on setup (Trond Myklebust) \n- ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes (Takashi Sakamoto) \n- parisc: Merge model and model name into one line in /proc/cpuinfo (Helge Deller) \n- MIPS: Fix CP0 counter erratum detection for R4k CPUs (Maciej W. Rozycki) \n- tty: n_gsm: fix incorrect UA handling (Daniel Starke) \n- tty: n_gsm: fix wrong command frame length field encoding (Daniel Starke) \n- tty: n_gsm: fix wrong command retry handling (Daniel Starke) \n- tty: n_gsm: fix missing explicit ldisc flush (Daniel Starke) \n- tty: n_gsm: fix insufficient txframe size (Daniel Starke) \n- tty: n_gsm: fix malformed counter for out of frame data (Daniel Starke) \n- tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2 (Daniel Starke) \n- drivers: net: hippi: Fix deadlock in rr_close() (Duoming Zhou) \n- cifs: destage any unwritten data to the server before calling copychunk_write (Ronnie Sahlberg) \n- x86: __memcpy_flushcache: fix wrong alignment if size > 2^32 (Mikulas Patocka) \n- ASoC: wm8731: Disable the regulator when probing fails (Zheyu Ma) \n- bnx2x: fix napi API usage sequence (Manish Chopra) \n- net: bcmgenet: hide status block before TX timestamping (Jonathan Lemon) \n- clk: sunxi: sun9i-mmc: check return value after calling platform_get_resource() (Yang Yingliang) \n- bus: sunxi-rsb: Fix the return value of sunxi_rsb_device_create() (Christophe JAILLET) \n- tcp: fix potential xmit stalls caused by TCP_NOTSENT_LOWAT (Eric Dumazet) \n- ip_gre: Make o_seqno start from 0 in native mode (Peilin Ye) \n- pinctrl: pistachio: fix use of irq_of_parse_and_map() (Lv Ruyi) \n- sctp: check asoc strreset_chunk in sctp_generate_reconf_event (Xin Long) \n- mtd: rawnand: Fix return value check of wait_for_completion_timeout (Miaoqian Lin) \n- ipvs: correctly print the memory size of ip_vs_conn_tab (Pengcheng Yang) \n- ARM: dts: Fix mmc order for omap3-gta04 (H. Nikolaus Schaller) \n- ARM: OMAP2+: Fix refcount leak in omap_gic_of_init (Miaoqian Lin) \n- phy: samsung: exynos5250-sata: fix missing device put in probe error paths (Krzysztof Kozlowski) \n- phy: samsung: Fix missing of_node_put() in exynos_sata_phy_probe (Miaoqian Lin) \n- ARM: dts: imx6qdl-apalis: Fix sgtl5000 detection issue (Fabio Estevam) \n- USB: Fix xhci event ring dequeue pointer ERDP update issue (Weitao Wang) \n- hex2bin: fix access beyond string end (Mikulas Patocka) \n- hex2bin: make the function hex_to_bin constant-time (Mikulas Patocka) \n- serial: 8250: Correct the clock for EndRun PTP/1588 PCIe device (Maciej W. Rozycki) \n- serial: 8250: Also set sticky MCR bits in console restoration (Maciej W. Rozycki) \n- usb: gadget: configfs: clear deactivation flag in configfs_composite_unbind() (Vijayavardhan Vennapusa) \n- usb: gadget: uvc: Fix crash when encoding data for usb request (Dan Vacura) \n- usb: misc: fix improper handling of refcount in uss720_probe() (Hangyu Hua) \n- iio: magnetometer: ak8975: Fix the error handling in ak8975_power_on() (Zheyu Ma) \n- iio: dac: ad5446: Fix read_raw not returning set value (Michael Hennerich) \n- iio: dac: ad5592r: Fix the missing return value. (Zizhuang Deng) \n- xhci: stop polling roothubs after shutdown (Henry Lin) \n- USB: serial: option: add Telit 0x1057, 0x1058, 0x1075 compositions (Daniele Palmas) \n- USB: serial: option: add support for Cinterion MV32-WA/MV32-WB (Slark Xiao) \n- USB: serial: cp210x: add PIDs for Kamstrup USB Meter Reader (Bruno Thomsen) \n- USB: serial: whiteheat: fix heap overflow in WHITEHEAT_GET_DTR_RTS (Kees Cook) \n- USB: quirks: add STRING quirk for VCOM device (Oliver Neukum) \n- USB: quirks: add a Realtek card reader (Oliver Neukum) \n- usb: mtu3: fix USB 3.0 dual-role-switch from device to host (Macpaul Lin) \n- lightnvm: disable the subsystem (Greg Kroah-Hartman) \n- net/sched: cls_u32: fix netns refcount changes in u32_change() (Eric Dumazet) \n- hamradio: remove needs_free_netdev to avoid UAF (Lin Ma) \n- hamradio: defer 6pack kfree after unregister_netdev (Lin Ma) \n- floppy: disable FDRAWCMD by default (Willy Tarreau) \n- Linux 4.14.277 (Greg Kroah-Hartman) \n- ax25: Fix UAF bugs in ax25 timers (Duoming Zhou) \n- ax25: Fix NULL pointer dereferences in ax25 timers (Duoming Zhou) \n- ax25: fix NPD bug in ax25_disconnect (Duoming Zhou) \n- ax25: fix UAF bug in ax25_send_control() (Duoming Zhou) \n- ax25: Fix refcount leaks caused by ax25_cb_del() (Duoming Zhou) \n- ax25: fix UAF bugs of net_device caused by rebinding operation (Duoming Zhou) \n- ax25: fix reference count leaks of ax25_dev (Duoming Zhou) \n- ax25: add refcount in ax25_dev to avoid UAF bugs (Duoming Zhou) \n- block/compat_ioctl: fix range check in BLKGETSIZE (Khazhismel Kumykov) \n- staging: ion: Prevent incorrect reference counting behavour (Lee Jones) \n- ext4: force overhead calculation if the s_overhead_cluster makes no sense (Theodore Tso) \n- ext4: fix overhead calculation to account for the reserved gdt blocks (Theodore Tso) \n- ext4: limit length to bitmap_maxbytes - blocksize in punch_hole (Tadeusz Struk) \n- ext4: fix symlink file size not match to file content (Ye Bin) \n- ARC: entry: fix syscall_trace_exit argument (Sergey Matyukevich) \n- e1000e: Fix possible overflow in LTR decoding (Sasha Neftin) \n- ASoC: soc-dapm: fix two incorrect uses of list iterator (Xiaomeng Tong) \n- openvswitch: fix OOB access in reserve_sfa_size() (Paolo Valerio) \n- powerpc/perf: Fix power9 event alternatives (Athira Rajeev) \n- dma: at_xdmac: fix a missing check on list iterator (Xiaomeng Tong) \n- ata: pata_marvell: Check the bmdma_addr beforing reading (Zheyu Ma) \n- stat: fix inconsistency between struct stat and struct compat_stat (Mikulas Patocka) \n- net: macb: Restart tx only if queue pointer is lagging (Tomas Melin) \n- drm/msm/mdp5: check the return of kzalloc() (Xiaoke Wang) \n- brcmfmac: sdio: Fix undefined behavior due to shift overflowing the constant (Borislav Petkov) \n- cifs: Check the IOCB_DIRECT flag, not O_DIRECT (David Howells) \n- vxlan: fix error return code in vxlan_fdb_append (Hongbin Wang) \n- ALSA: usb-audio: Fix undefined behavior due to shift overflowing the constant (Borislav Petkov) \n- platform/x86: samsung-laptop: Fix an unsigned comparison which can never be negative (Jiapeng Chong) \n- ARM: vexpress/spc: Avoid negative array index when !SMP (Kees Cook) \n- netlink: reset network and mac headers in netlink_dump() (Eric Dumazet) \n- net/packet: fix packet_sock xmit return value checking (Hangbin Liu) \n- dmaengine: imx-sdma: Fix error checking in sdma_event_remap (Miaoqian Lin) \n- tcp: Fix potential use-after-free due to double kfree() (Kuniyuki Iwashima) \n- tcp: fix race condition when creating child sockets from syncookies (Ricardo Dias) \n- ALSA: usb-audio: Clear MIDI port active flag after draining (Takashi Iwai) \n- gfs2: assign rgrp glock before compute_bitstructs (Bob Peterson) \n- can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path (Hangyu Hua) \n- tracing: Dump stacktrace trigger to the corresponding instance (Daniel Bristot de Oliveira) \n- tracing: Have traceon and traceoff trigger honor the instance (Steven Rostedt (Google)) \n- mm: page_alloc: fix building error on -Werror=array-compare (Xiongwei Song) \n- etherdevice: Adjust ether_addr* prototypes to silence -Wstringop-overead (Kees Cook)", "cvss3": {}, "published": "2022-08-09T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel-container security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-2588"], "modified": "2022-08-09T00:00:00", "id": "ELSA-2022-9699", "href": "http://linux.oracle.com/errata/ELSA-2022-9699.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-08-09T22:40:33", "description": "[5.4.17-2136.309.5.1]\n- net_sched: cls_route: remove from list when handle is 0 (Thadeu Lima de Souza\n Cascardo) [Orabug: 34460937] {CVE-2022-2588}", "cvss3": {}, "published": "2022-08-09T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel-container security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-2588"], "modified": "2022-08-09T00:00:00", "id": "ELSA-2022-9691", "href": "http://linux.oracle.com/errata/ELSA-2022-9691.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-08-09T22:40:36", "description": "[5.4.17-2136.309.5.1]\n- net_sched: cls_route: remove from list when handle is 0 (Thadeu Lima de Souza Cascardo) [Orabug: 34460937] {CVE-2022-2588}", "cvss3": {}, "published": "2022-08-09T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-2588"], "modified": "2022-08-09T00:00:00", "id": "ELSA-2022-9692", "href": "http://linux.oracle.com/errata/ELSA-2022-9692.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-08-09T20:40:45", "description": "[5.15.0-1.43.4.1]\n- net_sched: cls_route: remove from list when handle is 0 (Thadeu Lima de Souza Cascardo) [Orabug: 34460936] {CVE-2022-2588}\n[5.15.0-1.43.4]\n- Revert selftests/bpf: add tests verifying unprivileged bpf behaviour (Alan Maguire) [Orabug: 34399286] \n- Revert selftests/bpf: Add test for reg2btf_ids out of bounds access (Alan Maguire) [Orabug: 34399286]\n[5.15.0-1.43.3]\n- x86/alternative: The retpoline alternative is not applied (Alexandre Chartre) [Orabug: 34395937] \n- x86/ftrace: Do not copy ftrace_stub() in ftrace trampoline (Alexandre Chartre) [Orabug: 34395937]\n[5.15.0-100.43.0]\n- ocfs2: kill EBUSY from dlmfs_evict_inode (Junxiao Bi) [Orabug: 34364336] \n- ocfs2: dlmfs: dont clear USER_LOCK_ATTACHED when destroying lock (Junxiao Bi) [Orabug: 34364336] \n- ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock (Junxiao Bi via Ocfs2-devel) [Orabug: 34364336] \n- net/rds: Fix a NULL dereference in rds_tcp_accept_one() (Harshit Mogalapalli) [Orabug: 34366723] \n- lockdown: Fix kexec lockdown bypass with ima policy (Eric Snowberg) [Orabug: 34393053] {CVE-2022-21505}\n[5.15.0-1.43.1]\n- LTS version: v5.15.43 (Jack Vogel) \n- mptcp: Do TCP fallback on early DSS checksum failure (Mat Martineau) \n- LTS version: v5.15.42 (Jack Vogel) \n- afs: Fix afs_getattr() to refetch file status if callback break occurred (David Howells) \n- i2c: mt7621: fix missing clk_disable_unprepare() on error in mtk_i2c_probe() (Yang Yingliang) \n- mt76: mt7921e: fix possible probe failure after reboot (Sean Wang) \n- dt-bindings: pinctrl: aspeed-g6: remove FWQSPID group (Jae Hyun Yoo) \n- Input: ili210x - fix reset timing (Marek Vasut) \n- arm64: Enable repeat tlbi workaround on KRYO4XX gold CPUs (Shreyas K K) \n- net: atlantic: verify hw_head_ lies within TX buffer ring (Grant Grundler) \n- net: atlantic: add check for MAX_SKB_FRAGS (Grant Grundler) \n- net: atlantic: reduce scope of is_rsc_complete (Grant Grundler) \n- net: atlantic: fix frag[0] not initialized (Grant Grundler) \n- net: stmmac: fix missing pci_disable_device() on error in stmmac_pci_probe() (Yang Yingliang) \n- ethernet: tulip: fix missing pci_disable_device() on error in tulip_init_one() (Yang Yingliang) \n- nl80211: fix locking in nl80211_set_tx_bitrate_mask() (Johannes Berg) \n- net: fix wrong network header length (Lina Wang) \n- fbdev: Prevent possible use-after-free in fb_release() (Daniel Vetter) \n- Revert fbdev: Make fb_release() return -ENODEV if fbdev was unregistered (Javier Martinez Canillas) \n- selftests: add ping test with ping_group_range tuned (Nicolas Dichtel) \n- nl80211: validate S1G channel width (Kieran Frewen) \n- mac80211: fix rx reordering with non explicit / psmp ack policy (Felix Fietkau) \n- scsi: qla2xxx: Fix missed DMA unmap for aborted commands (Gleb Chesnokov) \n- scsi: scsi_dh_alua: Properly handle the ALUA transitioning state (Brian Bunker) \n- perf bench numa: Address compiler error on s390 (Thomas Richter) \n- perf regs x86: Fix arch__intr_reg_mask() for the hybrid platform (Kan Liang) \n- gpio: mvebu/pwm: Refuse requests with inverted polarity (Uwe Kleine-Konig) \n- gpio: gpio-vf610: do not touch other bits when set the target bit (Haibo Chen) \n- perf build: Fix check for btf__load_from_kernel_by_id() in libbpf (Arnaldo Carvalho de Melo) \n- scsi: ufs: core: Fix referencing invalid rsp field (Daejun Park) \n- riscv: dts: sifive: fu540-c000: align dma node name with dtschema (Krzysztof Kozlowski) \n- net: bridge: Clear offload_fwd_mark when passing frame up bridge interface. (Andrew Lunn) \n- netfilter: flowtable: move dst_check to packet path (Ritaro Takenaka) \n- netfilter: flowtable: pass flowtable to nf_flow_table_iterate() (Pablo Neira Ayuso) \n- netfilter: flowtable: fix TCP flow teardown (Pablo Neira Ayuso) \n- igb: skip phy status check where unavailable (Kevin Mitchell) \n- mptcp: fix checksum byte order (Paolo Abeni) \n- mptcp: reuse __mptcp_make_csum in validate_data_csum (Geliang Tang) \n- mptcp: change the parameter of __mptcp_make_csum (Geliang Tang) \n- ARM: 9197/1: spectre-bhb: fix loop8 sequence for Thumb2 (Ard Biesheuvel) \n- ARM: 9196/1: spectre-bhb: enable for Cortex-A15 (Ard Biesheuvel) \n- net: af_key: add check for pfkey_broadcast in function pfkey_process (Jiasheng Jiang) \n- net/mlx5e: Properly block LRO when XDP is enabled (Maxim Mikityanskiy) \n- net/mlx5: DR, Fix missing flow_source when creating multi-destination FW table (Maor Dickman) \n- NFC: nci: fix sleep in atomic context bugs caused by nci_skb_alloc (Duoming Zhou) \n- net/qla3xxx: Fix a test in ql_reset_work() (Christophe JAILLET) \n- clk: at91: generated: consider range when calculating best rate (Codrin Ciubotariu) \n- ice: Fix interrupt moderation settings getting cleared (Michal Wilczynski) \n- ice: move ice_container_type onto ice_ring_container (Maciej Fijalkowski) \n- ice: fix possible under reporting of ethtool Tx and Rx statistics (Paul Greenwalt) \n- ice: fix crash when writing timestamp on RX rings (Arkadiusz Kubalewski) \n- net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() (Zixuan Fu) \n- net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() (Zixuan Fu) \n- net: systemport: Fix an error handling path in bcm_sysport_probe() (Christophe JAILLET) \n- Revert PCI: aardvark: Rewrite IRQ code to chained IRQ handler (Pali Rohar) \n- netfilter: nft_flow_offload: fix offload with pppoe + vlan (Felix Fietkau) \n- net: fix dev_fill_forward_path with pppoe + bridge (Felix Fietkau) \n- netfilter: nft_flow_offload: skip dst neigh lookup for ppp devices (Felix Fietkau) \n- netfilter: flowtable: fix excessive hw offload attempts after failure (Felix Fietkau) \n- net/sched: act_pedit: sanitize shift argument before usage (Paolo Abeni) \n- xfrm: fix disable_policy flag use when arriving from different devices (Eyal Birger) \n- xfrm: rework default policy structure (Nicolas Dichtel) \n- net: macb: Increment rx bd head after allocating skb and buffer (Harini Katakam) \n- net: ipa: record proper RX transaction count (Alex Elder) \n- ALSA: hda - fix unused Realtek function when PM is not enabled (Randy Dunlap) \n- pinctrl: mediatek: mt8365: fix IES control pins (Mattijs Korpershoek) \n- ARM: dts: aspeed: Add video engine to g6 (Howard Chiu) \n- ARM: dts: aspeed: Add secure boot controller node (Joel Stanley) \n- ARM: dts: aspeed: Add ADC for AST2600 and enable for Rainier and Everest (Eddie James) \n- ARM: dts: aspeed-g6: fix SPI1/SPI2 quad pin group (Jae Hyun Yoo) \n- pinctrl: pinctrl-aspeed-g6: remove FWQSPID group in pinctrl (Jae Hyun Yoo) \n- ARM: dts: aspeed-g6: remove FWQSPID group in pinctrl dtsi (Jae Hyun Yoo) \n- dma-buf: ensure unique directory name for dmabuf stats (Charan Teja Kalla) \n- dma-buf: fix use of DMA_BUF_SET_NAME_{A,B} in userspace (Jerome Pouiller) \n- drm/dp/mst: fix a possible memory leak in fetch_monitor_name() (Hangyu Hua) \n- drm/i915/dmc: Add MMIO range restrictions (Anusha Srivatsa) \n- drm/amd: Dont reset dGPUs if the system is going to s2idle (Mario Limonciello) \n- libceph: fix potential use-after-free on linger ping and resends (Ilya Dryomov) \n- crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ (Ondrej Mosnacek) \n- arm64: mte: Ensure the cleared tags are visible before setting the PTE (Catalin Marinas) \n- arm64: paravirt: Use RCU read locks to guard stolen_time (Prakruthi Deepak Heragu) \n- KVM: x86/mmu: Update number of zapped pages even if page list is stable (Sean Christopherson) \n- Revert can: m_can: pci: use custom bit timings for Elkhart Lake (Jarkko Nikula) \n- PCI/PM: Avoid putting Elo i2 PCIe Ports in D3cold (Rafael J. Wysocki) \n- Fix double fget() in vhost_net_set_backend() (Al Viro) \n- selinux: fix bad cleanup on error in hashtab_duplicate() (Ondrej Mosnacek) \n- ALSA: hda/realtek: Add quirk for TongFang devices with pop noise (Werner Sembach) \n- ALSA: wavefront: Proper check of get_user() error (Takashi Iwai) \n- ALSA: usb-audio: Restore Rane SL-1 quirk (Takashi Iwai) \n- nilfs2: fix lockdep warnings during disk space reclamation (Ryusuke Konishi) \n- nilfs2: fix lockdep warnings in page operations for btree nodes (Ryusuke Konishi) \n- ARM: 9191/1: arm/stacktrace, kasan: Silence KASAN warnings in unwind_frame() (linyujun) \n- platform/chrome: cros_ec_debugfs: detach log reader wq from devm (Tzung-Bi Shih) \n- drbd: remove usage of list iterator variable after loop (Jakob Koschel) \n- MIPS: lantiq: check the return value of kzalloc() (Xiaoke Wang) \n- fs: fix an infinite loop in iomap_fiemap (Guo Xuenan) \n- rtc: mc146818-lib: Fix the AltCentury for AMD platforms (Mario Limonciello) \n- nvme-multipath: fix hang when disk goes live over reconnect (Anton Eidelman) \n- nvmet: use a private workqueue instead of the system workqueue (Sagi Grimberg) \n- tools/virtio: compile with -pthread (Michael S. Tsirkin) \n- vhost_vdpa: dont setup irq offloading when irq_num < 0 (Zhu Lingshan) \n- s390/pci: improve zpci_dev reference counting (Niklas Schnelle) \n- s390/traps: improve panic message for translation-specification exception (Heiko Carstens) \n- ALSA: hda/realtek: Enable headset mic on Lenovo P360 (Kai-Heng Feng) \n- crypto: x86/chacha20 - Avoid spurious jumps to other functions (Peter Zijlstra) \n- crypto: stm32 - fix reference leak in stm32_crc_remove (Zheng Yongjun) \n- rtc: sun6i: Fix time overflow handling (Andre Przywara) \n- gfs2: Disable page faults during lockless buffered reads (Andreas Gruenbacher) \n- nvme-pci: add quirks for Samsung X5 SSDs (Monish Kumar R) \n- Input: stmfts - fix reference leak in stmfts_input_open (Zheng Yongjun) \n- Input: add bounds checking to input_set_capability() (Jeff LaBundy) \n- um: Cleanup syscall_handler_t definition/cast, fix warning (David Gow) \n- rtc: pcf2127: fix bug when reading alarm registers (Hugo Villeneuve) \n- rtc: fix use-after-free on device removal (Vincent Whitchurch) \n- Revert drm/i915/opregion: check port number bounds for SWSCI display power state (Greg Thelen) \n- mm/kfence: reset PG_slab and memcg_data before freeing __kfence_pool (Hyeonggon Yoo) \n- Watchdog: sp5100_tco: Enable Family 17h+ CPUs (Terry Bowman) \n- Watchdog: sp5100_tco: Add initialization using EFCH MMIO (Terry Bowman) \n- Watchdog: sp5100_tco: Refactor MMIO base address initialization (Terry Bowman) \n- Watchdog: sp5100_tco: Move timer initialization into function (Terry Bowman) \n- i2c: piix4: Enable EFCH MMIO for Family 17h+ (Terry Bowman) \n- i2c: piix4: Add EFCH MMIO support for SMBus port select (Terry Bowman) \n- i2c: piix4: Add EFCH MMIO support to SMBus base address detect (Terry Bowman) \n- i2c: piix4: Add EFCH MMIO support to region request and release (Terry Bowman) \n- i2c: piix4: Move SMBus port selection into function (Terry Bowman) \n- i2c: piix4: Move SMBus controller base address detect into function (Terry Bowman) \n- i2c: piix4: Move port I/O region request/release code into functions (Terry Bowman) \n- i2c: piix4: Replace hardcoded memory map size with a #define (Terry Bowman) \n- kernel/resource: Introduce request_mem_region_muxed() (Terry Bowman) \n- io_uring: arm poll for non-nowait files (Pavel Begunkov) \n- usb: gadget: fix race when gadget driver register via ioctl (Schspa Shi) \n- LTS version: v5.15.41 (Jack Vogel) \n- usb: gadget: uvc: allow for application to cleanly shutdown (Dan Vacura) \n- usb: gadget: uvc: rename function to be more consistent (Michael Tretter) \n- ping: fix address binding wrt vrf (Nicolas Dichtel) \n- mm/hwpoison: use pr_err() instead of dump_page() in get_any_page() (Naoya Horiguchi) \n- dma-buf: call dma_buf_stats_setup after dmabuf is in valid list (Charan Teja Reddy) \n- Revert drm/amd/pm: keep the BACO feature enabled for suspend (Alex Deucher) \n- drm/vmwgfx: Initialize drm_mode_fb_cmd2 (Zack Rusin) \n- SUNRPC: Ensure that the gssproxy client can start in a connected state (Trond Myklebust) \n- net: phy: micrel: Pass .probe for KS8737 (Fabio Estevam) \n- net: phy: micrel: Do not use kszphy_suspend/resume for KSZ8061 (Fabio Estevam) \n- arm[64]/memremap: dont abuse pfn_valid() to ensure presence of linear map (Mike Rapoport) \n- cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp() (Waiman Long) \n- writeback: Avoid skipping inode writeback (Jing Xia) \n- net: phy: Fix race condition on link status change (Francesco Dolcini) \n- net: atlantic: always deep reset on pm op, fixing up my null deref regression (Manuel Ullmann) \n- i40e: i40e_main: fix a missing check on list iterator (Xiaomeng Tong) \n- drm/nouveau/tegra: Stop using iommu_present() (Robin Murphy) \n- drm/vmwgfx: Disable command buffers on svga3 without gbobjects (Zack Rusin) \n- mm/huge_memory: do not overkill when splitting huge_zero_page (Xu Yu) \n- Revert mm/memory-failure.c: skip huge_zero_page in memory_failure() (Xu Yu) \n- ceph: fix setting of xattrs on async created inodes (Jeff Layton) \n- serial: 8250_mtk: Fix register address for XON/XOFF character (AngeloGioacchino Del Regno) \n- serial: 8250_mtk: Fix UART_EFR register address (AngeloGioacchino Del Regno) \n- fsl_lpuart: Dont enable interrupts too early (Indan Zupancic) \n- slimbus: qcom: Fix IRQ check in qcom_slim_probe (Miaoqian Lin) \n- USB: serial: option: add Fibocom MA510 modem (Sven Schwermer) \n- USB: serial: option: add Fibocom L610 modem (Sven Schwermer) \n- USB: serial: qcserial: add support for Sierra Wireless EM7590 (Ethan Yang) \n- USB: serial: pl2303: add device id for HP LM930 Display (Scott Chen) \n- usb: typec: tcpci_mt6360: Update for BMC PHY setting (ChiYuan Huang) \n- usb: typec: tcpci: Dont skip cleanup in .remove() on error (Uwe Kleine-Konig) \n- usb: cdc-wdm: fix reading stuck on device close (Sergey Ryazanov) \n- tty: n_gsm: fix mux activation issues in gsm_config() (Daniel Starke) \n- tty: n_gsm: fix buffer over-read in gsm_dlci_data() (Daniel Starke) \n- tty/serial: digicolor: fix possible null-ptr-deref in digicolor_uart_probe() (Yang Yingliang) \n- x86/mm: Fix marking of unused sub-pmd ranges (Adrian-Ken Rueegsegger) \n- usb: xhci-mtk: fix fs isocs transfer error (Chunfeng Yun) \n- KVM: PPC: Book3S PR: Enable MSR_DR for switch_mmu_context() (Alexander Graf) \n- firmware_loader: use kernel credentials when reading firmware (Thiebaud Weksteen) \n- interconnect: Restore sync state by ignoring ipa-virt in provider count (Stephen Boyd) \n- tcp: drop the hash_32() part from the index calculation (Willy Tarreau) \n- tcp: increase source port perturb table to 2^16 (Willy Tarreau) \n- tcp: dynamically allocate the perturb table used by source ports (Willy Tarreau) \n- tcp: add small random increments to the source port (Willy Tarreau) \n- tcp: resalt the secret every 10 seconds (Eric Dumazet) \n- tcp: use different parts of the port_offset for index and offset (Willy Tarreau) \n- secure_seq: use the 64 bits of the siphash for port offset calculation (Willy Tarreau) \n- net: sfp: Add tx-fault workaround for Huawei MA5671A SFP ONT (Matthew Hagan) \n- net: emaclite: Dont advertise 1000BASE-T and do auto negotiation (Shravya Kumbham) \n- ASoC: SOF: Fix NULL pointer exception in sof_pci_probe callback (Ajit Kumar Pandey) \n- s390: disable -Warray-bounds (Sven Schnelle) \n- ASoC: ops: Validate input values in snd_soc_put_volsw_range() (Mark Brown) \n- ASoC: max98090: Generate notifications on changes for custom control (Mark Brown) \n- ASoC: max98090: Reject invalid values in custom control put() (Mark Brown) \n- iommu: arm-smmu: disable large page mappings for Nvidia arm-smmu (Ashish Mhetre) \n- RDMA/irdma: Fix deadlock in irdma_cleanup_cm_core() (Duoming Zhou) \n- hwmon: (f71882fg) Fix negative temperature (Ji-Ze Hong (Peter Hong)) \n- gfs2: Fix filesystem block deallocation for short writes (Andreas Gruenbacher) \n- drm/vmwgfx: Fix fencing on SVGAv3 (Zack Rusin) \n- tls: Fix context leak on tls_device_down (Maxim Mikityanskiy) \n- net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe() (Taehee Yoo) \n- net/smc: non blocking recvmsg() return -EAGAIN when no data and signal_pending (Guangguan Wang) \n- net: dsa: bcm_sf2: Fix Wake-on-LAN with mac_link_down() (Florian Fainelli) \n- drm/vc4: hdmi: Fix build error for implicit function declaration (Hui Tang) \n- net: bcmgenet: Check for Wake-on-LAN interrupt probe deferral (Florian Fainelli) \n- net: ethernet: mediatek: ppe: fix wrong size passed to memset() (Yang Yingliang) \n- net/sched: act_pedit: really ensure the skb is writable (Paolo Abeni) \n- s390/lcs: fix variable dereferenced before check (Alexandra Winter) \n- s390/ctcm: fix potential memory leak (Alexandra Winter) \n- s390/ctcm: fix variable dereferenced before check (Alexandra Winter) \n- virtio: fix virtio transitional ids (Shunsuke Mie) \n- arm64: vdso: fix makefile dependency on vdso.so (Joey Gouly) \n- selftests: vm: Makefile: rename TARGETS to VMTARGETS (Joel Savitz) \n- procfs: prevent unprivileged processes accessing fdinfo dir (Kalesh Singh) \n- hwmon: (ltq-cputemp) restrict it to SOC_XWAY (Randy Dunlap) \n- dim: initialize all struct fields (Jesse Brandeburg) \n- ionic: fix missing pci_release_regions() on error in ionic_probe() (Yang Yingliang) \n- nfs: fix broken handling of the softreval mount option (Dan Aloni) \n- mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection (Johannes Berg) \n- net: sfc: fix memory leak due to ptp channel (Taehee Yoo) \n- sfc: Use swap() instead of open coding it (Jiapeng Chong) \n- fbdev: efifb: Fix a use-after-free due early fb_info cleanup (Javier Martinez Canillas) \n- net: chelsio: cxgb4: Avoid potential negative array offset (Kees Cook) \n- netlink: do not reset transport header in netlink_recvmsg() (Eric Dumazet) \n- drm/nouveau: Fix a potential theorical leak in nouveau_get_backlight_name() (Christophe JAILLET) \n- ipv4: drop dst in multicast routing path (Lokesh Dhoundiyal) \n- ice: fix PTP stale Tx timestamps cleanup (Michal Michalik) \n- ice: Fix race during aux device (un)plugging (Ivan Vecera) \n- platform/surface: aggregator: Fix initialization order when compiling as builtin module (Maximilian Luz) \n- fbdev: vesafb: Cleanup fb_info in .fb_destroy rather than .remove (Javier Martinez Canillas) \n- fbdev: efifb: Cleanup fb_info in .fb_destroy rather than .remove (Javier Martinez Canillas) \n- fbdev: simplefb: Cleanup fb_info in .fb_destroy rather than .remove (Javier Martinez Canillas) \n- net: mscc: ocelot: avoid corrupting hardware counters when moving VCAP filters (Vladimir Oltean) \n- net: mscc: ocelot: restrict tc-trap actions to VCAP IS2 lookup 0 (Vladimir Oltean) \n- net: mscc: ocelot: fix VCAP IS2 filters matching on both lookups (Vladimir Oltean) \n- net: mscc: ocelot: fix last VCAP IS1/IS2 filter persisting in hardware when deleted (Vladimir Oltean) \n- net: Fix features skip in for_each_netdev_feature() (Tariq Toukan) \n- mac80211: Reset MBSSID parameters upon connection (Manikanta Pubbisetty) \n- hwmon: (tmp401) Add OF device ID table (Camel Guo) \n- iwlwifi: iwl-dbg: Use del_timer_sync() before freeing (Guenter Roeck) \n- batman-adv: Dont skb_split skbuffs with frag_list (Sven Eckelmann) \n- LTS version: v5.15.40 (Jack Vogel) \n- mm: fix invalid page pointer returned with FOLL_PIN gups (Peter Xu) \n- mm/mlock: fix potential imbalanced rlimit ucounts adjustment (Miaohe Lin) \n- mm/hwpoison: fix error page recovered but reported not recovered (Naoya Horiguchi) \n- mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and __mcopy_atomic() (Muchun Song) \n- mm: shmem: fix missing cache flush in shmem_mfill_atomic_pte() (Muchun Song) \n- mm: hugetlb: fix missing cache flush in copy_huge_page_from_user() (Muchun Song) \n- mm: fix missing cache flush for all tail pages of compound page (Muchun Song) \n- udf: Avoid using stale lengthOfImpUse (Jan Kara) \n- rfkill: uapi: fix RFKILL_IOCTL_MAX_SIZE ioctl request definition (Gleb Fotengauer-Malinovskiy) \n- Bluetooth: Fix the creation of hdev->name (Itay Iellin) \n- tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in perf bench mem memcpy (Arnaldo Carvalho de Melo) \n- kbuild: move objtool_args back to scripts/Makefile.build (Masahiro Yamada) \n- LTS version: v5.15.39 (Jack Vogel) \n- PCI: aardvark: Update comment about link going down after link-up (Marek Behun) \n- PCI: aardvark: Drop __maybe_unused from advk_pcie_disable_phy() (Marek Behun) \n- PCI: aardvark: Dont mask irq when mapping (Pali Rohar) \n- PCI: aardvark: Remove irq_mask_ack() callback for INTx interrupts (Pali Rohar) \n- PCI: aardvark: Use separate INTA interrupt for emulated root bridge (Pali Rohar) \n- PCI: aardvark: Fix support for PME requester on emulated bridge (Pali Rohar) \n- PCI: aardvark: Add support for PME interrupts (Pali Rohar) \n- PCI: aardvark: Optimize writing PCI_EXP_RTCTL_PMEIE and PCI_EXP_RTSTA_PME on emulated bridge (Pali Rohar) \n- PCI: aardvark: Add support for ERR interrupt on emulated bridge (Pali Rohar) \n- PCI: aardvark: Enable MSI-X support (Pali Rohar) \n- PCI: aardvark: Fix setting MSI address (Pali Rohar) \n- PCI: aardvark: Add support for masking MSI interrupts (Pali Rohar) \n- PCI: aardvark: Refactor unmasking summary MSI interrupt (Pali Rohar) \n- PCI: aardvark: Use dev_fwnode() instead of of_node_to_fwnode(dev->of_node) (Marek Behun) \n- PCI: aardvark: Make msi_domain_info structure a static driver structure (Marek Behun) \n- PCI: aardvark: Make MSI irq_chip structures static driver structures (Marek Behun) \n- PCI: aardvark: Check return value of generic_handle_domain_irq() when processing INTx IRQ (Pali Rohar) \n- PCI: aardvark: Rewrite IRQ code to chained IRQ handler (Pali Rohar) \n- PCI: aardvark: Replace custom PCIE_CORE_INT_* macros with PCI_INTERRUPT_* (Pali Rohar) \n- PCI: aardvark: Disable common PHY when unbinding driver (Pali Rohar) \n- PCI: aardvark: Disable link training when unbinding driver (Pali Rohar) \n- PCI: aardvark: Assert PERST# when unbinding driver (Pali Rohar) \n- PCI: aardvark: Fix memory leak in driver unbind (Pali Rohar) \n- PCI: aardvark: Mask all interrupts when unbinding driver (Pali Rohar) \n- PCI: aardvark: Disable bus mastering when unbinding driver (Pali Rohar) \n- PCI: aardvark: Comment actions in driver remove method (Pali Rohar) \n- PCI: aardvark: Clear all MSIs at setup (Pali Rohar) \n- PCI: aardvark: Add support for DEVCAP2, DEVCTL2, LNKCAP2 and LNKCTL2 registers on emulated bridge (Pali Rohar) \n- PCI: pci-bridge-emul: Add definitions for missing capabilities registers (Pali Rohar) \n- PCI: pci-bridge-emul: Add description for class_revision field (Pali Rohar) \n- rcu: Apply callbacks processing time limit only on softirq (Frederic Weisbecker) \n- rcu: Fix callbacks processing time limit retaining cond_resched() (Frederic Weisbecker) \n- Revert parisc: Mark sched_clock unstable only if clocks are not syncronized (Helge Deller) \n- mmc: rtsx: add 74 Clocks in power on flow (Ricky WU) \n- selftest/vm: verify remap destination address in mremap_test (Sidhartha Kumar) \n- selftest/vm: verify mmap addr in mremap_test (Sidhartha Kumar) \n- KVM: LAPIC: Enable timer posted-interrupt only when mwait/hlt is advertised (Wanpeng Li) \n- KVM: x86/mmu: avoid NULL-pointer dereference on page freeing bugs (Paolo Bonzini) \n- KVM: x86: Do not change ICR on write to APIC_SELF_IPI (Paolo Bonzini) \n- x86/kvm: Preserve BSP MSR_KVM_POLL_CONTROL across suspend/resume (Wanpeng Li) \n- KVM: selftests: Silence compiler warning in the kvm_page_table_test (Thomas Huth) \n- kvm: selftests: do not use bitfields larger than 32-bits for PTEs (Paolo Bonzini) \n- iommu/dart: Add missing module owner to ops structure (Hector Martin) \n- net/mlx5e: Lag, Dont skip fib events on current dst (Vlad Buslov) \n- net/mlx5e: Lag, Fix fib_info pointer assignment (Vlad Buslov) \n- net/mlx5e: Lag, Fix use-after-free in fib event handler (Vlad Buslov) \n- net/mlx5: Fix slab-out-of-bounds while reading resource dump menu (Aya Levin) \n- fbdev: Make fb_release() return -ENODEV if fbdev was unregistered (Javier Martinez Canillas) \n- kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has architectural PMU (Sandipan Das) \n- gpio: mvebu: drop pwm base assignment (Baruch Siach) \n- drm/amdgpu: Ensure HDA function is suspended before ASIC reset (Kai-Heng Feng) \n- drm/amdgpu: dont set s3 and s0ix at the same time (Mario Limonciello) \n- drm/amdgpu: explicitly check for s0ix when evicting resources (Mario Limonciello) \n- drm/amdgpu: unify BO evicting method in amdgpu_ttm (Nirmoy Das) \n- btrfs: always log symlinks in full mode (Filipe Manana) \n- btrfs: force v2 space cache usage for subpage mount (Qu Wenruo) \n- smsc911x: allow using IRQ0 (Sergey Shtylyov) \n- selftests: ocelot: tc_flower_chains: specify conform-exceed action for policer (Vladimir Oltean) \n- bnxt_en: Fix unnecessary dropping of RX packets (Michael Chan) \n- bnxt_en: Fix possible bnxt_open() failure caused by wrong RFS flag (Somnath Kotur) \n- selftests: mirror_gre_bridge_1q: Avoid changing PVID while interface is operational (Ido Schimmel) \n- rxrpc: Enable IPv6 checksums on transport socket (David Howells) \n- mld: respect RCU rules in ip6_mc_source() and ip6_mc_msfilter() (Eric Dumazet) \n- hinic: fix bug of wq out of bound access (Qiao Ma) \n- btrfs: do not BUG_ON() on failure to update inode when setting xattr (Filipe Manana) \n- drm/msm/dp: remove fail safe mode related code (Kuogee Hsieh) \n- selftests/net: so_txtime: usage(): fix documentation of default clock (Marc Kleine-Budde) \n- selftests/net: so_txtime: fix parsing of start time stamp on 32 bit systems (Marc Kleine-Budde) \n- net: emaclite: Add error handling for of_address_to_resource() (Shravya Kumbham) \n- net: igmp: respect RCU rules in ip_mc_source() and ip_mc_msfilter() (Eric Dumazet) \n- net: cpsw: add missing of_node_put() in cpsw_probe_dt() (Yang Yingliang) \n- net: mdio: Fix ENOMEM return value in BCM6368 mux bus controller (Niels Dossche) \n- net: stmmac: dwmac-sun8i: add missing of_node_put() in sun8i_dwmac_register_mdio_mux() (Yang Yingliang) \n- net: dsa: mt7530: add missing of_node_put() in mt7530_setup() (Yang Yingliang) \n- net: ethernet: mediatek: add missing of_node_put() in mtk_sgmii_init() (Yang Yingliang) \n- NFSv4: Dont invalidate inode attributes on delegation return (Trond Myklebust) \n- RDMA/irdma: Fix possible crash due to NULL netdev in notifier (Mustafa Ismail) \n- RDMA/irdma: Reduce iWARP QP destroy time (Shiraz Saleem) \n- RDMA/irdma: Flush iWARP QP if modified to ERR from RTR state (Tatyana Nikolova) \n- RDMA/siw: Fix a condition race issue in MPA request processing (Cheng Xu) \n- SUNRPC release the transport of a relocated task with an assigned transport (Olga Kornievskaia) \n- selftests/seccomp: Dont call read() on TTY from background pgrp (Jann Horn) \n- net/mlx5: Fix deadlock in sync reset flow (Moshe Shemesh) \n- net/mlx5: Avoid double clear or set of sync reset requested (Moshe Shemesh) \n- net/mlx5e: Fix the calling of update_buffer_lossy() API (Mark Zhang) \n- net/mlx5e: CT: Fix queued up restore put() executing after relevant ft release (Paul Blakey) \n- net/mlx5e: Dont match double-vlan packets if cvlan is not set (Vlad Buslov) \n- net/mlx5e: Fix trust state reset in reload (Moshe Tal) \n- iommu/dart: check return value after calling platform_get_resource() (Yang Yingliang) \n- iommu/vt-d: Drop stop marker messages (Lu Baolu) \n- ASoC: soc-ops: fix error handling (Pierre-Louis Bossart) \n- ASoC: dmaengine: Restore NULL prepare_slave_config() callback (Codrin Ciubotariu) \n- hwmon: (pmbus) disable PEC if not enabled (Adam Wujek) \n- hwmon: (adt7470) Fix warning on module removal (Armin Wolf) \n- gpio: pca953x: fix irq_stat not updated when irq is disabled (irq_mask not set) (Puyou Lu) \n- gpio: visconti: Fix fwnode of GPIO IRQ (Nobuhiro Iwamatsu) \n- NFC: netlink: fix sleep in atomic bug when firmware download timeout (Duoming Zhou) \n- nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs (Duoming Zhou) \n- nfc: replace improper check device_is_registered() in netlink related functions (Duoming Zhou) \n- can: grcan: only use the NAPI poll budget for RX (Andreas Larsson) \n- can: grcan: grcan_probe(): fix broken system id check for errata workaround needs (Andreas Larsson) \n- can: grcan: use ofdev->dev when allocating DMA memory (Daniel Hellstrom) \n- can: isotp: remove re-binding of bound socket (Oliver Hartkopp) \n- can: grcan: grcan_close(): fix deadlock (Duoming Zhou) \n- s390/dasd: Fix read inconsistency for ESE DASD devices (Jan Hoppner) \n- s390/dasd: Fix read for ESE with blksize < 4k (Jan Hoppner) \n- s390/dasd: prevent double format of tracks for ESE devices (Stefan Haberland) \n- s390/dasd: fix data corruption for ESE devices (Stefan Haberland) \n- ASoC: meson: Fix event generation for AUI CODEC mux (Mark Brown) \n- ASoC: meson: Fix event generation for G12A tohdmi mux (Mark Brown) \n- ASoC: meson: Fix event generation for AUI ACODEC mux (Mark Brown) \n- ASoC: wm8958: Fix change notifications for DSP controls (Mark Brown) \n- ASoC: da7219: Fix change notifications for tone generator frequency (Mark Brown) \n- genirq: Synchronize interrupt thread startup (Thomas Pfaff) \n- net: stmmac: disable Split Header (SPH) for Intel platforms (Tan Tee Min) \n- firewire: core: extend card->lock in fw_core_handle_bus_reset (Niels Dossche) \n- firewire: remove check of list iterator against head past the loop body (Jakob Koschel) \n- firewire: fix potential uaf in outbound_phy_packet_callback() (Chengfeng Ye) \n- timekeeping: Mark NMI safe time accessors as notrace (Kurt Kanzenbach) \n- Revert SUNRPC: attempt AF_LOCAL connect on setup (Trond Myklebust) \n- RISC-V: relocate DTB if its outside memory region (Nick Kossifidis) \n- drm/amdgpu: do not use passthrough mode in Xen dom0 (Marek Marczykowski-Gorecki) \n- drm/amd/display: Avoid reading audio pattern past AUDIO_CHANNELS_COUNT (Harry Wentland) \n- iommu/arm-smmu-v3: Fix size calculation in arm_smmu_mm_invalidate_range() (Nicolin Chen) \n- iommu/vt-d: Calculate mask for non-aligned flushes (David Stevens) \n- KVM: x86/svm: Account for family 17h event renumberings in amd_pmc_perf_hw_id (Kyle Huey) \n- x86/fpu: Prevent FPU state corruption (Thomas Gleixner) \n- gpiolib: of: fix bounds check for gpio-reserved-ranges (Andrei Lalaev) \n- mmc: core: Set HS clock speed before sending HS CMD13 (Brian Norris) \n- mmc: sunxi-mmc: Fix DMA descriptors allocated above 32 bits (Samuel Holland) \n- mmc: sdhci-msm: Reset GCC_SDCC_BCR register for SDHC (Shaik Sajida Bhanu) \n- ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes (Takashi Sakamoto) \n- ALSA: hda/realtek: Add quirk for Yoga Duet 7 13ITL6 speakers (Zihao Wang) \n- parisc: Merge model and model name into one line in /proc/cpuinfo (Helge Deller) \n- MIPS: Fix CP0 counter erratum detection for R4k CPUs (Maciej W. Rozycki) \n- LTS version: v5.15.38 (Jack Vogel) \n- powerpc/64: Add UADDR64 relocation support (Alexey Kardashevskiy) \n- objtool: Fix type of reloc::addend (Peter Zijlstra) \n- objtool: Fix code relocs vs weak symbols (Peter Zijlstra) \n- eeprom: at25: Use DMA safe buffers (Christophe Leroy) \n- perf symbol: Remove arch__symbols__fixup_end() (Namhyung Kim) \n- tty: n_gsm: fix software flow control handling (Daniel Starke) \n- tty: n_gsm: fix incorrect UA handling (Daniel Starke) \n- tty: n_gsm: fix reset fifo race condition (Daniel Starke) \n- tty: n_gsm: fix missing tty wakeup in convergence layer type 2 (Daniel Starke) \n- tty: n_gsm: fix wrong signal octets encoding in MSC (Daniel Starke) \n- tty: n_gsm: fix wrong command frame length field encoding (Daniel Starke) \n- tty: n_gsm: fix wrong command retry handling (Daniel Starke) \n- tty: n_gsm: fix missing explicit ldisc flush (Daniel Starke) \n- tty: n_gsm: fix wrong DLCI release order (Daniel Starke) \n- tty: n_gsm: fix insufficient txframe size (Daniel Starke) \n- netfilter: nft_socket: only do sk lookups when indev is available (Florian Westphal) \n- tty: n_gsm: fix malformed counter for out of frame data (Daniel Starke) \n- tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2 (Daniel Starke) \n- tty: n_gsm: fix mux cleanup after unregister tty device (Daniel Starke) \n- tty: n_gsm: fix decoupled mux resource (Daniel Starke) \n- tty: n_gsm: fix restart handling via CLD command (Daniel Starke) \n- perf symbol: Update symbols__fixup_end() (Namhyung Kim) \n- perf symbol: Pass is_kallsyms to symbols__fixup_end() (Namhyung Kim) \n- x86/cpu: Load microcode during restore_processor_state() (Borislav Petkov) \n- ARM: dts: imx8mm-venice-gw{71xx,72xx,73xx}: fix OTG controller OC mode (Tim Harvey) \n- ARM: dts: at91: sama7g5ek: enable pull-up on flexcom3 console lines (Eugen Hristev) \n- btrfs: fix leaked plug after failure syncing log on zoned filesystems (Filipe Manana) \n- thermal: int340x: Fix attr.show callback prototype (Kees Cook) \n- ACPI: processor: idle: Avoid falling back to C3 type C-states (Ville Syrjala) \n- net: ethernet: stmmac: fix write to sgmii_adapter_base (Dinh Nguyen) \n- drm/i915: Fix SEL_FETCH_PLANE_*(PIPE_B+) register addresses (Imre Deak) \n- drm/i915: Check EDID for HDR static metadata when choosing blc (Jouni Hogander) \n- netfilter: Update ip6_route_me_harder to consider L3 domain (Martin Willi) \n- mtd: rawnand: qcom: fix memory corruption that causes panic (Md Sadre Alam) \n- kasan: prevent cpu_quarantine corruption when CPU offline and cache shrink occur at same time (Zqiang) \n- zonefs: Clear inode information flags on inode creation (Damien Le Moal) \n- zonefs: Fix management of open zones (Damien Le Moal) \n- Revert ACPI: processor: idle: fix lockup regression on 32-bit ThinkPad T40 (Ville Syrjala) \n- selftest/vm: verify remap destination address in mremap_test (Sidhartha Kumar) \n- selftest/vm: verify mmap addr in mremap_test (Sidhartha Kumar) \n- powerpc/perf: Fix 32bit compile (Alexey Kardashevskiy) \n- drivers: net: hippi: Fix deadlock in rr_close() (Duoming Zhou) \n- cifs: destage any unwritten data to the server before calling copychunk_write (Ronnie Sahlberg) \n- x86: __memcpy_flushcache: fix wrong alignment if size > 2^32 (Mikulas Patocka) \n- bonding: do not discard lowest hash bit for non layer3+4 hashing (suresh kumar) \n- ksmbd: set fixed sector size to FS_SECTOR_SIZE_INFORMATION (Namjae Jeon) \n- ksmbd: increment reference count of parent fp (Namjae Jeon) \n- arch: xtensa: platforms: Fix deadlock in rs_close() (Duoming Zhou) \n- ext4: fix bug_on in start_this_handle during umount filesystem (Ye Bin) \n- ASoC: wm8731: Disable the regulator when probing fails (Zheyu Ma) \n- ASoC: Intel: soc-acpi: correct device endpoints for max98373 (Chao Song) \n- tcp: fix F-RTO may not work correctly when receiving DSACK (Pengcheng Yang) \n- Revert ibmvnic: Add ethtool private flag for driver-defined queue limits (Dany Madden) \n- ixgbe: ensure IPsec VF<->PF compatibility (Leon Romanovsky) \n- perf arm-spe: Fix addresses of synthesized SPE events (Timothy Hayes) \n- gfs2: No short reads or writes upon glock contention (Andreas Gruenbacher) \n- gfs2: Make sure not to return short direct writes (Andreas Gruenbacher) \n- gfs2: Minor retry logic cleanup (Andreas Gruenbacher) \n- gfs2: Prevent endless loops in gfs2_file_buffered_write (Andreas Gruenbacher) \n- net: fec: add missing of_node_put() in fec_enet_init_stop_mode() (Yang Yingliang) \n- bnx2x: fix napi API usage sequence (Manish Chopra) \n- tls: Skip tls_append_frag on zero copy size (Maxim Mikityanskiy) \n- drm/amd/display: Fix memory leak in dcn21_clock_source_create (Miaoqian Lin) \n- drm/amdkfd: Fix GWS queue count (David Yat Sin) \n- netfilter: conntrack: fix udp offload timeout sysctl (Volodymyr Mytnyk) \n- io_uring: check reserved fields for recv/recvmsg (Jens Axboe) \n- io_uring: check reserved fields for send/sendmsg (Jens Axboe) \n- net: dsa: lantiq_gswip: Dont set GSWIP_MII_CFG_RMII_CLK (Martin Blumenstingl) \n- drm/sun4i: Remove obsolete references to PHYS_OFFSET (Samuel Holland) \n- net: dsa: mv88e6xxx: Fix port_hidden_wait to account for port_base_addr (Nathan Rossi) \n- net: phy: marvell10g: fix return value on error (Baruch Siach) \n- net: bcmgenet: hide status block before TX timestamping (Jonathan Lemon) \n- cpufreq: qcom-cpufreq-hw: Clear dcvs interrupts (Vladimir Zapolskiy) \n- clk: sunxi: sun9i-mmc: check return value after calling platform_get_resource() (Yang Yingliang) \n- bus: sunxi-rsb: Fix the return value of sunxi_rsb_device_create() (Christophe JAILLET) \n- tcp: make sure treq->af_specific is initialized (Eric Dumazet) \n- tcp: fix potential xmit stalls caused by TCP_NOTSENT_LOWAT (Eric Dumazet) \n- ip_gre, ip6_gre: Fix race condition on o_seqno in collect_md mode (Peilin Ye) \n- ip6_gre: Make o_seqno start from 0 in native mode (Peilin Ye) \n- ip_gre: Make o_seqno start from 0 in native mode (Peilin Ye) \n- net/smc: sync err code when tcp connection was refused (liuyacan) \n- net: hns3: add return value for mailbox handling in PF (Jian Shen) \n- net: hns3: add validity check for message data length (Jian Shen) \n- net: hns3: modify the return code of hclge_get_ring_chain_from_mbx (Jie Wang) \n- net: hns3: clear inited state and stop client after failed to register netdev (Jian Shen) \n- cpufreq: fix memory leak in sun50i_cpufreq_nvmem_probe (Xiaobing Luo) \n- pinctrl: pistachio: fix use of irq_of_parse_and_map() (Lv Ruyi) \n- arm64: dts: imx8mn-ddr4-evk: Describe the 32.768 kHz PMIC clock (Fabio Estevam) \n- ARM: dts: imx6ull-colibri: fix vqmmc regulator (Max Krummenacher) \n- sctp: check asoc strreset_chunk in sctp_generate_reconf_event (Xin Long) \n- wireguard: device: check for metadata_dst with skb_valid_dst() (Nikolay Aleksandrov) \n- tcp: ensure to use the most recently sent skb when filling the rate sample (Pengcheng Yang) \n- pinctrl: stm32: Keep pinctrl block clock enabled when LEVEL IRQ requested (Marek Vasut) \n- tcp: md5: incorrect tcp_header_len for incoming connections (Francesco Ruggeri) \n- pinctrl: rockchip: fix RK3308 pinmux bits (Luca Ceresoli) \n- bpf, lwt: Fix crash when using bpf_skb_set_tunnel_key() from bpf_xmit lwt hook (Eyal Birger) \n- netfilter: nft_set_rbtree: overlap detection with element re-addition after deletion (Pablo Neira Ayuso) \n- net: dsa: Add missing of_node_put() in dsa_port_link_register_of (Miaoqian Lin) ", "cvss3": {}, "published": "2022-08-09T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel-container security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-2588"], "modified": "2022-08-09T00:00:00", "id": "ELSA-2022-9690", "href": "http://linux.oracle.com/errata/ELSA-2022-9690.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-08-09T20:40:46", "description": "[5.15.0-1.43.4.1]\n- net_sched: cls_route: remove from list when handle is 0 (Thadeu Lima de Souza Cascardo) [Orabug: 34460936] {CVE-2022-2588}\n[5.15.0-1.43.4]\n- Revert selftests/bpf: add tests verifying unprivileged bpf behaviour (Alan Maguire) [Orabug: 34399286] \n- Revert selftests/bpf: Add test for reg2btf_ids out of bounds access (Alan Maguire) [Orabug: 34399286]\n[5.15.0-1.43.3]\n- x86/alternative: The retpoline alternative is not applied (Alexandre Chartre) [Orabug: 34395937] \n- x86/ftrace: Do not copy ftrace_stub() in ftrace trampoline (Alexandre Chartre) [Orabug: 34395937]\n[5.15.0-100.43.0]\n- ocfs2: kill EBUSY from dlmfs_evict_inode (Junxiao Bi) [Orabug: 34364336] \n- ocfs2: dlmfs: dont clear USER_LOCK_ATTACHED when destroying lock (Junxiao Bi) [Orabug: 34364336] \n- ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock (Junxiao Bi via Ocfs2-devel) [Orabug: 34364336] \n- net/rds: Fix a NULL dereference in rds_tcp_accept_one() (Harshit Mogalapalli) [Orabug: 34366723] \n- lockdown: Fix kexec lockdown bypass with ima policy (Eric Snowberg) [Orabug: 34393053] {CVE-2022-21505}\n[5.15.0-1.43.1]\n- LTS version: v5.15.43 (Jack Vogel) \n- mptcp: Do TCP fallback on early DSS checksum failure (Mat Martineau) \n- LTS version: v5.15.42 (Jack Vogel) \n- afs: Fix afs_getattr() to refetch file status if callback break occurred (David Howells) \n- i2c: mt7621: fix missing clk_disable_unprepare() on error in mtk_i2c_probe() (Yang Yingliang) \n- mt76: mt7921e: fix possible probe failure after reboot (Sean Wang) \n- dt-bindings: pinctrl: aspeed-g6: remove FWQSPID group (Jae Hyun Yoo) \n- Input: ili210x - fix reset timing (Marek Vasut) \n- arm64: Enable repeat tlbi workaround on KRYO4XX gold CPUs (Shreyas K K) \n- net: atlantic: verify hw_head_ lies within TX buffer ring (Grant Grundler) \n- net: atlantic: add check for MAX_SKB_FRAGS (Grant Grundler) \n- net: atlantic: reduce scope of is_rsc_complete (Grant Grundler) \n- net: atlantic: fix frag[0] not initialized (Grant Grundler) \n- net: stmmac: fix missing pci_disable_device() on error in stmmac_pci_probe() (Yang Yingliang) \n- ethernet: tulip: fix missing pci_disable_device() on error in tulip_init_one() (Yang Yingliang) \n- nl80211: fix locking in nl80211_set_tx_bitrate_mask() (Johannes Berg) \n- net: fix wrong network header length (Lina Wang) \n- fbdev: Prevent possible use-after-free in fb_release() (Daniel Vetter) \n- Revert fbdev: Make fb_release() return -ENODEV if fbdev was unregistered (Javier Martinez Canillas) \n- selftests: add ping test with ping_group_range tuned (Nicolas Dichtel) \n- nl80211: validate S1G channel width (Kieran Frewen) \n- mac80211: fix rx reordering with non explicit / psmp ack policy (Felix Fietkau) \n- scsi: qla2xxx: Fix missed DMA unmap for aborted commands (Gleb Chesnokov) \n- scsi: scsi_dh_alua: Properly handle the ALUA transitioning state (Brian Bunker) \n- perf bench numa: Address compiler error on s390 (Thomas Richter) \n- perf regs x86: Fix arch__intr_reg_mask() for the hybrid platform (Kan Liang) \n- gpio: mvebu/pwm: Refuse requests with inverted polarity (Uwe Kleine-Konig) \n- gpio: gpio-vf610: do not touch other bits when set the target bit (Haibo Chen) \n- perf build: Fix check for btf__load_from_kernel_by_id() in libbpf (Arnaldo Carvalho de Melo) \n- scsi: ufs: core: Fix referencing invalid rsp field (Daejun Park) \n- riscv: dts: sifive: fu540-c000: align dma node name with dtschema (Krzysztof Kozlowski) \n- net: bridge: Clear offload_fwd_mark when passing frame up bridge interface. (Andrew Lunn) \n- netfilter: flowtable: move dst_check to packet path (Ritaro Takenaka) \n- netfilter: flowtable: pass flowtable to nf_flow_table_iterate() (Pablo Neira Ayuso) \n- netfilter: flowtable: fix TCP flow teardown (Pablo Neira Ayuso) \n- igb: skip phy status check where unavailable (Kevin Mitchell) \n- mptcp: fix checksum byte order (Paolo Abeni) \n- mptcp: reuse __mptcp_make_csum in validate_data_csum (Geliang Tang) \n- mptcp: change the parameter of __mptcp_make_csum (Geliang Tang) \n- ARM: 9197/1: spectre-bhb: fix loop8 sequence for Thumb2 (Ard Biesheuvel) \n- ARM: 9196/1: spectre-bhb: enable for Cortex-A15 (Ard Biesheuvel) \n- net: af_key: add check for pfkey_broadcast in function pfkey_process (Jiasheng Jiang) \n- net/mlx5e: Properly block LRO when XDP is enabled (Maxim Mikityanskiy) \n- net/mlx5: DR, Fix missing flow_source when creating multi-destination FW table (Maor Dickman) \n- NFC: nci: fix sleep in atomic context bugs caused by nci_skb_alloc (Duoming Zhou) \n- net/qla3xxx: Fix a test in ql_reset_work() (Christophe JAILLET) \n- clk: at91: generated: consider range when calculating best rate (Codrin Ciubotariu) \n- ice: Fix interrupt moderation settings getting cleared (Michal Wilczynski) \n- ice: move ice_container_type onto ice_ring_container (Maciej Fijalkowski) \n- ice: fix possible under reporting of ethtool Tx and Rx statistics (Paul Greenwalt) \n- ice: fix crash when writing timestamp on RX rings (Arkadiusz Kubalewski) \n- net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() (Zixuan Fu) \n- net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() (Zixuan Fu) \n- net: systemport: Fix an error handling path in bcm_sysport_probe() (Christophe JAILLET) \n- Revert PCI: aardvark: Rewrite IRQ code to chained IRQ handler (Pali Rohar) \n- netfilter: nft_flow_offload: fix offload with pppoe + vlan (Felix Fietkau) \n- net: fix dev_fill_forward_path with pppoe + bridge (Felix Fietkau) \n- netfilter: nft_flow_offload: skip dst neigh lookup for ppp devices (Felix Fietkau) \n- netfilter: flowtable: fix excessive hw offload attempts after failure (Felix Fietkau) \n- net/sched: act_pedit: sanitize shift argument before usage (Paolo Abeni) \n- xfrm: fix disable_policy flag use when arriving from different devices (Eyal Birger) \n- xfrm: rework default policy structure (Nicolas Dichtel) \n- net: macb: Increment rx bd head after allocating skb and buffer (Harini Katakam) \n- net: ipa: record proper RX transaction count (Alex Elder) \n- ALSA: hda - fix unused Realtek function when PM is not enabled (Randy Dunlap) \n- pinctrl: mediatek: mt8365: fix IES control pins (Mattijs Korpershoek) \n- ARM: dts: aspeed: Add video engine to g6 (Howard Chiu) \n- ARM: dts: aspeed: Add secure boot controller node (Joel Stanley) \n- ARM: dts: aspeed: Add ADC for AST2600 and enable for Rainier and Everest (Eddie James) \n- ARM: dts: aspeed-g6: fix SPI1/SPI2 quad pin group (Jae Hyun Yoo) \n- pinctrl: pinctrl-aspeed-g6: remove FWQSPID group in pinctrl (Jae Hyun Yoo) \n- ARM: dts: aspeed-g6: remove FWQSPID group in pinctrl dtsi (Jae Hyun Yoo) \n- dma-buf: ensure unique directory name for dmabuf stats (Charan Teja Kalla) \n- dma-buf: fix use of DMA_BUF_SET_NAME_{A,B} in userspace (Jerome Pouiller) \n- drm/dp/mst: fix a possible memory leak in fetch_monitor_name() (Hangyu Hua) \n- drm/i915/dmc: Add MMIO range restrictions (Anusha Srivatsa) \n- drm/amd: Dont reset dGPUs if the system is going to s2idle (Mario Limonciello) \n- libceph: fix potential use-after-free on linger ping and resends (Ilya Dryomov) \n- crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ (Ondrej Mosnacek) \n- arm64: mte: Ensure the cleared tags are visible before setting the PTE (Catalin Marinas) \n- arm64: paravirt: Use RCU read locks to guard stolen_time (Prakruthi Deepak Heragu) \n- KVM: x86/mmu: Update number of zapped pages even if page list is stable (Sean Christopherson) \n- Revert can: m_can: pci: use custom bit timings for Elkhart Lake (Jarkko Nikula) \n- PCI/PM: Avoid putting Elo i2 PCIe Ports in D3cold (Rafael J. Wysocki) \n- Fix double fget() in vhost_net_set_backend() (Al Viro) \n- selinux: fix bad cleanup on error in hashtab_duplicate() (Ondrej Mosnacek) \n- ALSA: hda/realtek: Add quirk for TongFang devices with pop noise (Werner Sembach) \n- ALSA: wavefront: Proper check of get_user() error (Takashi Iwai) \n- ALSA: usb-audio: Restore Rane SL-1 quirk (Takashi Iwai) \n- nilfs2: fix lockdep warnings during disk space reclamation (Ryusuke Konishi) \n- nilfs2: fix lockdep warnings in page operations for btree nodes (Ryusuke Konishi) \n- ARM: 9191/1: arm/stacktrace, kasan: Silence KASAN warnings in unwind_frame() (linyujun) \n- platform/chrome: cros_ec_debugfs: detach log reader wq from devm (Tzung-Bi Shih) \n- drbd: remove usage of list iterator variable after loop (Jakob Koschel) \n- MIPS: lantiq: check the return value of kzalloc() (Xiaoke Wang) \n- fs: fix an infinite loop in iomap_fiemap (Guo Xuenan) \n- rtc: mc146818-lib: Fix the AltCentury for AMD platforms (Mario Limonciello) \n- nvme-multipath: fix hang when disk goes live over reconnect (Anton Eidelman) \n- nvmet: use a private workqueue instead of the system workqueue (Sagi Grimberg) \n- tools/virtio: compile with -pthread (Michael S. Tsirkin) \n- vhost_vdpa: dont setup irq offloading when irq_num < 0 (Zhu Lingshan) \n- s390/pci: improve zpci_dev reference counting (Niklas Schnelle) \n- s390/traps: improve panic message for translation-specification exception (Heiko Carstens) \n- ALSA: hda/realtek: Enable headset mic on Lenovo P360 (Kai-Heng Feng) \n- crypto: x86/chacha20 - Avoid spurious jumps to other functions (Peter Zijlstra) \n- crypto: stm32 - fix reference leak in stm32_crc_remove (Zheng Yongjun) \n- rtc: sun6i: Fix time overflow handling (Andre Przywara) \n- gfs2: Disable page faults during lockless buffered reads (Andreas Gruenbacher) \n- nvme-pci: add quirks for Samsung X5 SSDs (Monish Kumar R) \n- Input: stmfts - fix reference leak in stmfts_input_open (Zheng Yongjun) \n- Input: add bounds checking to input_set_capability() (Jeff LaBundy) \n- um: Cleanup syscall_handler_t definition/cast, fix warning (David Gow) \n- rtc: pcf2127: fix bug when reading alarm registers (Hugo Villeneuve) \n- rtc: fix use-after-free on device removal (Vincent Whitchurch) \n- Revert drm/i915/opregion: check port number bounds for SWSCI display power state (Greg Thelen) \n- mm/kfence: reset PG_slab and memcg_data before freeing __kfence_pool (Hyeonggon Yoo) \n- Watchdog: sp5100_tco: Enable Family 17h+ CPUs (Terry Bowman) \n- Watchdog: sp5100_tco: Add initialization using EFCH MMIO (Terry Bowman) \n- Watchdog: sp5100_tco: Refactor MMIO base address initialization (Terry Bowman) \n- Watchdog: sp5100_tco: Move timer initialization into function (Terry Bowman) \n- i2c: piix4: Enable EFCH MMIO for Family 17h+ (Terry Bowman) \n- i2c: piix4: Add EFCH MMIO support for SMBus port select (Terry Bowman) \n- i2c: piix4: Add EFCH MMIO support to SMBus base address detect (Terry Bowman) \n- i2c: piix4: Add EFCH MMIO support to region request and release (Terry Bowman) \n- i2c: piix4: Move SMBus port selection into function (Terry Bowman) \n- i2c: piix4: Move SMBus controller base address detect into function (Terry Bowman) \n- i2c: piix4: Move port I/O region request/release code into functions (Terry Bowman) \n- i2c: piix4: Replace hardcoded memory map size with a #define (Terry Bowman) \n- kernel/resource: Introduce request_mem_region_muxed() (Terry Bowman) \n- io_uring: arm poll for non-nowait files (Pavel Begunkov) \n- usb: gadget: fix race when gadget driver register via ioctl (Schspa Shi) \n- LTS version: v5.15.41 (Jack Vogel) \n- usb: gadget: uvc: allow for application to cleanly shutdown (Dan Vacura) \n- usb: gadget: uvc: rename function to be more consistent (Michael Tretter) \n- ping: fix address binding wrt vrf (Nicolas Dichtel) \n- mm/hwpoison: use pr_err() instead of dump_page() in get_any_page() (Naoya Horiguchi) \n- dma-buf: call dma_buf_stats_setup after dmabuf is in valid list (Charan Teja Reddy) \n- Revert drm/amd/pm: keep the BACO feature enabled for suspend (Alex Deucher) \n- drm/vmwgfx: Initialize drm_mode_fb_cmd2 (Zack Rusin) \n- SUNRPC: Ensure that the gssproxy client can start in a connected state (Trond Myklebust) \n- net: phy: micrel: Pass .probe for KS8737 (Fabio Estevam) \n- net: phy: micrel: Do not use kszphy_suspend/resume for KSZ8061 (Fabio Estevam) \n- arm[64]/memremap: dont abuse pfn_valid() to ensure presence of linear map (Mike Rapoport) \n- cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp() (Waiman Long) \n- writeback: Avoid skipping inode writeback (Jing Xia) \n- net: phy: Fix race condition on link status change (Francesco Dolcini) \n- net: atlantic: always deep reset on pm op, fixing up my null deref regression (Manuel Ullmann) \n- i40e: i40e_main: fix a missing check on list iterator (Xiaomeng Tong) \n- drm/nouveau/tegra: Stop using iommu_present() (Robin Murphy) \n- drm/vmwgfx: Disable command buffers on svga3 without gbobjects (Zack Rusin) \n- mm/huge_memory: do not overkill when splitting huge_zero_page (Xu Yu) \n- Revert mm/memory-failure.c: skip huge_zero_page in memory_failure() (Xu Yu) \n- ceph: fix setting of xattrs on async created inodes (Jeff Layton) \n- serial: 8250_mtk: Fix register address for XON/XOFF character (AngeloGioacchino Del Regno) \n- serial: 8250_mtk: Fix UART_EFR register address (AngeloGioacchino Del Regno) \n- fsl_lpuart: Dont enable interrupts too early (Indan Zupancic) \n- slimbus: qcom: Fix IRQ check in qcom_slim_probe (Miaoqian Lin) \n- USB: serial: option: add Fibocom MA510 modem (Sven Schwermer) \n- USB: serial: option: add Fibocom L610 modem (Sven Schwermer) \n- USB: serial: qcserial: add support for Sierra Wireless EM7590 (Ethan Yang) \n- USB: serial: pl2303: add device id for HP LM930 Display (Scott Chen) \n- usb: typec: tcpci_mt6360: Update for BMC PHY setting (ChiYuan Huang) \n- usb: typec: tcpci: Dont skip cleanup in .remove() on error (Uwe Kleine-Konig) \n- usb: cdc-wdm: fix reading stuck on device close (Sergey Ryazanov) \n- tty: n_gsm: fix mux activation issues in gsm_config() (Daniel Starke) \n- tty: n_gsm: fix buffer over-read in gsm_dlci_data() (Daniel Starke) \n- tty/serial: digicolor: fix possible null-ptr-deref in digicolor_uart_probe() (Yang Yingliang) \n- x86/mm: Fix marking of unused sub-pmd ranges (Adrian-Ken Rueegsegger) \n- usb: xhci-mtk: fix fs isocs transfer error (Chunfeng Yun) \n- KVM: PPC: Book3S PR: Enable MSR_DR for switch_mmu_context() (Alexander Graf) \n- firmware_loader: use kernel credentials when reading firmware (Thiebaud Weksteen) \n- interconnect: Restore sync state by ignoring ipa-virt in provider count (Stephen Boyd) \n- tcp: drop the hash_32() part from the index calculation (Willy Tarreau) \n- tcp: increase source port perturb table to 2^16 (Willy Tarreau) \n- tcp: dynamically allocate the perturb table used by source ports (Willy Tarreau) \n- tcp: add small random increments to the source port (Willy Tarreau) \n- tcp: resalt the secret every 10 seconds (Eric Dumazet) \n- tcp: use different parts of the port_offset for index and offset (Willy Tarreau) \n- secure_seq: use the 64 bits of the siphash for port offset calculation (Willy Tarreau) \n- net: sfp: Add tx-fault workaround for Huawei MA5671A SFP ONT (Matthew Hagan) \n- net: emaclite: Dont advertise 1000BASE-T and do auto negotiation (Shravya Kumbham) \n- ASoC: SOF: Fix NULL pointer exception in sof_pci_probe callback (Ajit Kumar Pandey) \n- s390: disable -Warray-bounds (Sven Schnelle) \n- ASoC: ops: Validate input values in snd_soc_put_volsw_range() (Mark Brown) \n- ASoC: max98090: Generate notifications on changes for custom control (Mark Brown) \n- ASoC: max98090: Reject invalid values in custom control put() (Mark Brown) \n- iommu: arm-smmu: disable large page mappings for Nvidia arm-smmu (Ashish Mhetre) \n- RDMA/irdma: Fix deadlock in irdma_cleanup_cm_core() (Duoming Zhou) \n- hwmon: (f71882fg) Fix negative temperature (Ji-Ze Hong (Peter Hong)) \n- gfs2: Fix filesystem block deallocation for short writes (Andreas Gruenbacher) \n- drm/vmwgfx: Fix fencing on SVGAv3 (Zack Rusin) \n- tls: Fix context leak on tls_device_down (Maxim Mikityanskiy) \n- net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe() (Taehee Yoo) \n- net/smc: non blocking recvmsg() return -EAGAIN when no data and signal_pending (Guangguan Wang) \n- net: dsa: bcm_sf2: Fix Wake-on-LAN with mac_link_down() (Florian Fainelli) \n- drm/vc4: hdmi: Fix build error for implicit function declaration (Hui Tang) \n- net: bcmgenet: Check for Wake-on-LAN interrupt probe deferral (Florian Fainelli) \n- net: ethernet: mediatek: ppe: fix wrong size passed to memset() (Yang Yingliang) \n- net/sched: act_pedit: really ensure the skb is writable (Paolo Abeni) \n- s390/lcs: fix variable dereferenced before check (Alexandra Winter) \n- s390/ctcm: fix potential memory leak (Alexandra Winter) \n- s390/ctcm: fix variable dereferenced before check (Alexandra Winter) \n- virtio: fix virtio transitional ids (Shunsuke Mie) \n- arm64: vdso: fix makefile dependency on vdso.so (Joey Gouly) \n- selftests: vm: Makefile: rename TARGETS to VMTARGETS (Joel Savitz) \n- procfs: prevent unprivileged processes accessing fdinfo dir (Kalesh Singh) \n- hwmon: (ltq-cputemp) restrict it to SOC_XWAY (Randy Dunlap) \n- dim: initialize all struct fields (Jesse Brandeburg) \n- ionic: fix missing pci_release_regions() on error in ionic_probe() (Yang Yingliang) \n- nfs: fix broken handling of the softreval mount option (Dan Aloni) \n- mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection (Johannes Berg) \n- net: sfc: fix memory leak due to ptp channel (Taehee Yoo) \n- sfc: Use swap() instead of open coding it (Jiapeng Chong) \n- fbdev: efifb: Fix a use-after-free due early fb_info cleanup (Javier Martinez Canillas) \n- net: chelsio: cxgb4: Avoid potential negative array offset (Kees Cook) \n- netlink: do not reset transport header in netlink_recvmsg() (Eric Dumazet) \n- drm/nouveau: Fix a potential theorical leak in nouveau_get_backlight_name() (Christophe JAILLET) \n- ipv4: drop dst in multicast routing path (Lokesh Dhoundiyal) \n- ice: fix PTP stale Tx timestamps cleanup (Michal Michalik) \n- ice: Fix race during aux device (un)plugging (Ivan Vecera) \n- platform/surface: aggregator: Fix initialization order when compiling as builtin module (Maximilian Luz) \n- fbdev: vesafb: Cleanup fb_info in .fb_destroy rather than .remove (Javier Martinez Canillas) \n- fbdev: efifb: Cleanup fb_info in .fb_destroy rather than .remove (Javier Martinez Canillas) \n- fbdev: simplefb: Cleanup fb_info in .fb_destroy rather than .remove (Javier Martinez Canillas) \n- net: mscc: ocelot: avoid corrupting hardware counters when moving VCAP filters (Vladimir Oltean) \n- net: mscc: ocelot: restrict tc-trap actions to VCAP IS2 lookup 0 (Vladimir Oltean) \n- net: mscc: ocelot: fix VCAP IS2 filters matching on both lookups (Vladimir Oltean) \n- net: mscc: ocelot: fix last VCAP IS1/IS2 filter persisting in hardware when deleted (Vladimir Oltean) \n- net: Fix features skip in for_each_netdev_feature() (Tariq Toukan) \n- mac80211: Reset MBSSID parameters upon connection (Manikanta Pubbisetty) \n- hwmon: (tmp401) Add OF device ID table (Camel Guo) \n- iwlwifi: iwl-dbg: Use del_timer_sync() before freeing (Guenter Roeck) \n- batman-adv: Dont skb_split skbuffs with frag_list (Sven Eckelmann) \n- LTS version: v5.15.40 (Jack Vogel) \n- mm: fix invalid page pointer returned with FOLL_PIN gups (Peter Xu) \n- mm/mlock: fix potential imbalanced rlimit ucounts adjustment (Miaohe Lin) \n- mm/hwpoison: fix error page recovered but reported not recovered (Naoya Horiguchi) \n- mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and __mcopy_atomic() (Muchun Song) \n- mm: shmem: fix missing cache flush in shmem_mfill_atomic_pte() (Muchun Song) \n- mm: hugetlb: fix missing cache flush in copy_huge_page_from_user() (Muchun Song) \n- mm: fix missing cache flush for all tail pages of compound page (Muchun Song) \n- udf: Avoid using stale lengthOfImpUse (Jan Kara) \n- rfkill: uapi: fix RFKILL_IOCTL_MAX_SIZE ioctl request definition (Gleb Fotengauer-Malinovskiy) \n- Bluetooth: Fix the creation of hdev->name (Itay Iellin) \n- tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in perf bench mem memcpy (Arnaldo Carvalho de Melo) \n- kbuild: move objtool_args back to scripts/Makefile.build (Masahiro Yamada) \n- LTS version: v5.15.39 (Jack Vogel) \n- PCI: aardvark: Update comment about link going down after link-up (Marek Behun) \n- PCI: aardvark: Drop __maybe_unused from advk_pcie_disable_phy() (Marek Behun) \n- PCI: aardvark: Dont mask irq when mapping (Pali Rohar) \n- PCI: aardvark: Remove irq_mask_ack() callback for INTx interrupts (Pali Rohar) \n- PCI: aardvark: Use separate INTA interrupt for emulated root bridge (Pali Rohar) \n- PCI: aardvark: Fix support for PME requester on emulated bridge (Pali Rohar) \n- PCI: aardvark: Add support for PME interrupts (Pali Rohar) \n- PCI: aardvark: Optimize writing PCI_EXP_RTCTL_PMEIE and PCI_EXP_RTSTA_PME on emulated bridge (Pali Rohar) \n- PCI: aardvark: Add support for ERR interrupt on emulated bridge (Pali Rohar) \n- PCI: aardvark: Enable MSI-X support (Pali Rohar) \n- PCI: aardvark: Fix setting MSI address (Pali Rohar) \n- PCI: aardvark: Add support for masking MSI interrupts (Pali Rohar) \n- PCI: aardvark: Refactor unmasking summary MSI interrupt (Pali Rohar) \n- PCI: aardvark: Use dev_fwnode() instead of of_node_to_fwnode(dev->of_node) (Marek Behun) \n- PCI: aardvark: Make msi_domain_info structure a static driver structure (Marek Behun) \n- PCI: aardvark: Make MSI irq_chip structures static driver structures (Marek Behun) \n- PCI: aardvark: Check return value of generic_handle_domain_irq() when processing INTx IRQ (Pali Rohar) \n- PCI: aardvark: Rewrite IRQ code to chained IRQ handler (Pali Rohar) \n- PCI: aardvark: Replace custom PCIE_CORE_INT_* macros with PCI_INTERRUPT_* (Pali Rohar) \n- PCI: aardvark: Disable common PHY when unbinding driver (Pali Rohar) \n- PCI: aardvark: Disable link training when unbinding driver (Pali Rohar) \n- PCI: aardvark: Assert PERST# when unbinding driver (Pali Rohar) \n- PCI: aardvark: Fix memory leak in driver unbind (Pali Rohar) \n- PCI: aardvark: Mask all interrupts when unbinding driver (Pali Rohar) \n- PCI: aardvark: Disable bus mastering when unbinding driver (Pali Rohar) \n- PCI: aardvark: Comment actions in driver remove method (Pali Rohar) \n- PCI: aardvark: Clear all MSIs at setup (Pali Rohar) \n- PCI: aardvark: Add support for DEVCAP2, DEVCTL2, LNKCAP2 and LNKCTL2 registers on emulated bridge (Pali Rohar) \n- PCI: pci-bridge-emul: Add definitions for missing capabilities registers (Pali Rohar) \n- PCI: pci-bridge-emul: Add description for class_revision field (Pali Rohar) \n- rcu: Apply callbacks processing time limit only on softirq (Frederic Weisbecker) \n- rcu: Fix callbacks processing time limit retaining cond_resched() (Frederic Weisbecker) \n- Revert parisc: Mark sched_clock unstable only if clocks are not syncronized (Helge Deller) \n- mmc: rtsx: add 74 Clocks in power on flow (Ricky WU) \n- selftest/vm: verify remap destination address in mremap_test (Sidhartha Kumar) \n- selftest/vm: verify mmap addr in mremap_test (Sidhartha Kumar) \n- KVM: LAPIC: Enable timer posted-interrupt only when mwait/hlt is advertised (Wanpeng Li) \n- KVM: x86/mmu: avoid NULL-pointer dereference on page freeing bugs (Paolo Bonzini) \n- KVM: x86: Do not change ICR on write to APIC_SELF_IPI (Paolo Bonzini) \n- x86/kvm: Preserve BSP MSR_KVM_POLL_CONTROL across suspend/resume (Wanpeng Li) \n- KVM: selftests: Silence compiler warning in the kvm_page_table_test (Thomas Huth) \n- kvm: selftests: do not use bitfields larger than 32-bits for PTEs (Paolo Bonzini) \n- iommu/dart: Add missing module owner to ops structure (Hector Martin) \n- net/mlx5e: Lag, Dont skip fib events on current dst (Vlad Buslov) \n- net/mlx5e: Lag, Fix fib_info pointer assignment (Vlad Buslov) \n- net/mlx5e: Lag, Fix use-after-free in fib event handler (Vlad Buslov) \n- net/mlx5: Fix slab-out-of-bounds while reading resource dump menu (Aya Levin) \n- fbdev: Make fb_release() return -ENODEV if fbdev was unregistered (Javier Martinez Canillas) \n- kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has architectural PMU (Sandipan Das) \n- gpio: mvebu: drop pwm base assignment (Baruch Siach) \n- drm/amdgpu: Ensure HDA function is suspended before ASIC reset (Kai-Heng Feng) \n- drm/amdgpu: dont set s3 and s0ix at the same time (Mario Limonciello) \n- drm/amdgpu: explicitly check for s0ix when evicting resources (Mario Limonciello) \n- drm/amdgpu: unify BO evicting method in amdgpu_ttm (Nirmoy Das) \n- btrfs: always log symlinks in full mode (Filipe Manana) \n- btrfs: force v2 space cache usage for subpage mount (Qu Wenruo) \n- smsc911x: allow using IRQ0 (Sergey Shtylyov) \n- selftests: ocelot: tc_flower_chains: specify conform-exceed action for policer (Vladimir Oltean) \n- bnxt_en: Fix unnecessary dropping of RX packets (Michael Chan) \n- bnxt_en: Fix possible bnxt_open() failure caused by wrong RFS flag (Somnath Kotur) \n- selftests: mirror_gre_bridge_1q: Avoid changing PVID while interface is operational (Ido Schimmel) \n- rxrpc: Enable IPv6 checksums on transport socket (David Howells) \n- mld: respect RCU rules in ip6_mc_source() and ip6_mc_msfilter() (Eric Dumazet) \n- hinic: fix bug of wq out of bound access (Qiao Ma) \n- btrfs: do not BUG_ON() on failure to update inode when setting xattr (Filipe Manana) \n- drm/msm/dp: remove fail safe mode related code (Kuogee Hsieh) \n- selftests/net: so_txtime: usage(): fix documentation of default clock (Marc Kleine-Budde) \n- selftests/net: so_txtime: fix parsing of start time stamp on 32 bit systems (Marc Kleine-Budde) \n- net: emaclite: Add error handling for of_address_to_resource() (Shravya Kumbham) \n- net: igmp: respect RCU rules in ip_mc_source() and ip_mc_msfilter() (Eric Dumazet) \n- net: cpsw: add missing of_node_put() in cpsw_probe_dt() (Yang Yingliang) \n- net: mdio: Fix ENOMEM return value in BCM6368 mux bus controller (Niels Dossche) \n- net: stmmac: dwmac-sun8i: add missing of_node_put() in sun8i_dwmac_register_mdio_mux() (Yang Yingliang) \n- net: dsa: mt7530: add missing of_node_put() in mt7530_setup() (Yang Yingliang) \n- net: ethernet: mediatek: add missing of_node_put() in mtk_sgmii_init() (Yang Yingliang) \n- NFSv4: Dont invalidate inode attributes on delegation return (Trond Myklebust) \n- RDMA/irdma: Fix possible crash due to NULL netdev in notifier (Mustafa Ismail) \n- RDMA/irdma: Reduce iWARP QP destroy time (Shiraz Saleem) \n- RDMA/irdma: Flush iWARP QP if modified to ERR from RTR state (Tatyana Nikolova) \n- RDMA/siw: Fix a condition race issue in MPA request processing (Cheng Xu) \n- SUNRPC release the transport of a relocated task with an assigned transport (Olga Kornievskaia) \n- selftests/seccomp: Dont call read() on TTY from background pgrp (Jann Horn) \n- net/mlx5: Fix deadlock in sync reset flow (Moshe Shemesh) \n- net/mlx5: Avoid double clear or set of sync reset requested (Moshe Shemesh) \n- net/mlx5e: Fix the calling of update_buffer_lossy() API (Mark Zhang) \n- net/mlx5e: CT: Fix queued up restore put() executing after relevant ft release (Paul Blakey) \n- net/mlx5e: Dont match double-vlan packets if cvlan is not set (Vlad Buslov) \n- net/mlx5e: Fix trust state reset in reload (Moshe Tal) \n- iommu/dart: check return value after calling platform_get_resource() (Yang Yingliang) \n- iommu/vt-d: Drop stop marker messages (Lu Baolu) \n- ASoC: soc-ops: fix error handling (Pierre-Louis Bossart) \n- ASoC: dmaengine: Restore NULL prepare_slave_config() callback (Codrin Ciubotariu) \n- hwmon: (pmbus) disable PEC if not enabled (Adam Wujek) \n- hwmon: (adt7470) Fix warning on module removal (Armin Wolf) \n- gpio: pca953x: fix irq_stat not updated when irq is disabled (irq_mask not set) (Puyou Lu) \n- gpio: visconti: Fix fwnode of GPIO IRQ (Nobuhiro Iwamatsu) \n- NFC: netlink: fix sleep in atomic bug when firmware download timeout (Duoming Zhou) \n- nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs (Duoming Zhou) \n- nfc: replace improper check device_is_registered() in netlink related functions (Duoming Zhou) \n- can: grcan: only use the NAPI poll budget for RX (Andreas Larsson) \n- can: grcan: grcan_probe(): fix broken system id check for errata workaround needs (Andreas Larsson) \n- can: grcan: use ofdev->dev when allocating DMA memory (Daniel Hellstrom) \n- can: isotp: remove re-binding of bound socket (Oliver Hartkopp) \n- can: grcan: grcan_close(): fix deadlock (Duoming Zhou) \n- s390/dasd: Fix read inconsistency for ESE DASD devices (Jan Hoppner) \n- s390/dasd: Fix read for ESE with blksize < 4k (Jan Hoppner) \n- s390/dasd: prevent double format of tracks for ESE devices (Stefan Haberland) \n- s390/dasd: fix data corruption for ESE devices (Stefan Haberland) \n- ASoC: meson: Fix event generation for AUI CODEC mux (Mark Brown) \n- ASoC: meson: Fix event generation for G12A tohdmi mux (Mark Brown) \n- ASoC: meson: Fix event generation for AUI ACODEC mux (Mark Brown) \n- ASoC: wm8958: Fix change notifications for DSP controls (Mark Brown) \n- ASoC: da7219: Fix change notifications for tone generator frequency (Mark Brown) \n- genirq: Synchronize interrupt thread startup (Thomas Pfaff) \n- net: stmmac: disable Split Header (SPH) for Intel platforms (Tan Tee Min) \n- firewire: core: extend card->lock in fw_core_handle_bus_reset (Niels Dossche) \n- firewire: remove check of list iterator against head past the loop body (Jakob Koschel) \n- firewire: fix potential uaf in outbound_phy_packet_callback() (Chengfeng Ye) \n- timekeeping: Mark NMI safe time accessors as notrace (Kurt Kanzenbach) \n- Revert SUNRPC: attempt AF_LOCAL connect on setup (Trond Myklebust) \n- RISC-V: relocate DTB if its outside memory region (Nick Kossifidis) \n- drm/amdgpu: do not use passthrough mode in Xen dom0 (Marek Marczykowski-Gorecki) \n- drm/amd/display: Avoid reading audio pattern past AUDIO_CHANNELS_COUNT (Harry Wentland) \n- iommu/arm-smmu-v3: Fix size calculation in arm_smmu_mm_invalidate_range() (Nicolin Chen) \n- iommu/vt-d: Calculate mask for non-aligned flushes (David Stevens) \n- KVM: x86/svm: Account for family 17h event renumberings in amd_pmc_perf_hw_id (Kyle Huey) \n- x86/fpu: Prevent FPU state corruption (Thomas Gleixner) \n- gpiolib: of: fix bounds check for gpio-reserved-ranges (Andrei Lalaev) \n- mmc: core: Set HS clock speed before sending HS CMD13 (Brian Norris) \n- mmc: sunxi-mmc: Fix DMA descriptors allocated above 32 bits (Samuel Holland) \n- mmc: sdhci-msm: Reset GCC_SDCC_BCR register for SDHC (Shaik Sajida Bhanu) \n- ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes (Takashi Sakamoto) \n- ALSA: hda/realtek: Add quirk for Yoga Duet 7 13ITL6 speakers (Zihao Wang) \n- parisc: Merge model and model name into one line in /proc/cpuinfo (Helge Deller) \n- MIPS: Fix CP0 counter erratum detection for R4k CPUs (Maciej W. Rozycki) \n- LTS version: v5.15.38 (Jack Vogel) \n- powerpc/64: Add UADDR64 relocation support (Alexey Kardashevskiy) \n- objtool: Fix type of reloc::addend (Peter Zijlstra) \n- objtool: Fix code relocs vs weak symbols (Peter Zijlstra) \n- eeprom: at25: Use DMA safe buffers (Christophe Leroy) \n- perf symbol: Remove arch__symbols__fixup_end() (Namhyung Kim) \n- tty: n_gsm: fix software flow control handling (Daniel Starke) \n- tty: n_gsm: fix incorrect UA handling (Daniel Starke) \n- tty: n_gsm: fix reset fifo race condition (Daniel Starke) \n- tty: n_gsm: fix missing tty wakeup in convergence layer type 2 (Daniel Starke) \n- tty: n_gsm: fix wrong signal octets encoding in MSC (Daniel Starke) \n- tty: n_gsm: fix wrong command frame length field encoding (Daniel Starke) \n- tty: n_gsm: fix wrong command retry handling (Daniel Starke) \n- tty: n_gsm: fix missing explicit ldisc flush (Daniel Starke) \n- tty: n_gsm: fix wrong DLCI release order (Daniel Starke) \n- tty: n_gsm: fix insufficient txframe size (Daniel Starke) \n- netfilter: nft_socket: only do sk lookups when indev is available (Florian Westphal) \n- tty: n_gsm: fix malformed counter for out of frame data (Daniel Starke) \n- tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2 (Daniel Starke) \n- tty: n_gsm: fix mux cleanup after unregister tty device (Daniel Starke) \n- tty: n_gsm: fix decoupled mux resource (Daniel Starke) \n- tty: n_gsm: fix restart handling via CLD command (Daniel Starke) \n- perf symbol: Update symbols__fixup_end() (Namhyung Kim) \n- perf symbol: Pass is_kallsyms to symbols__fixup_end() (Namhyung Kim) \n- x86/cpu: Load microcode during restore_processor_state() (Borislav Petkov) \n- ARM: dts: imx8mm-venice-gw{71xx,72xx,73xx}: fix OTG controller OC mode (Tim Harvey) \n- ARM: dts: at91: sama7g5ek: enable pull-up on flexcom3 console lines (Eugen Hristev) \n- btrfs: fix leaked plug after failure syncing log on zoned filesystems (Filipe Manana) \n- thermal: int340x: Fix attr.show callback prototype (Kees Cook) \n- ACPI: processor: idle: Avoid falling back to C3 type C-states (Ville Syrjala) \n- net: ethernet: stmmac: fix write to sgmii_adapter_base (Dinh Nguyen) \n- drm/i915: Fix SEL_FETCH_PLANE_*(PIPE_B+) register addresses (Imre Deak) \n- drm/i915: Check EDID for HDR static metadata when choosing blc (Jouni Hogander) \n- netfilter: Update ip6_route_me_harder to consider L3 domain (Martin Willi) \n- mtd: rawnand: qcom: fix memory corruption that causes panic (Md Sadre Alam) \n- kasan: prevent cpu_quarantine corruption when CPU offline and cache shrink occur at same time (Zqiang) \n- zonefs: Clear inode information flags on inode creation (Damien Le Moal) \n- zonefs: Fix management of open zones (Damien Le Moal) \n- Revert ACPI: processor: idle: fix lockup regression on 32-bit ThinkPad T40 (Ville Syrjala) \n- selftest/vm: verify remap destination address in mremap_test (Sidhartha Kumar) \n- selftest/vm: verify mmap addr in mremap_test (Sidhartha Kumar) \n- powerpc/perf: Fix 32bit compile (Alexey Kardashevskiy) \n- drivers: net: hippi: Fix deadlock in rr_close() (Duoming Zhou) \n- cifs: destage any unwritten data to the server before calling copychunk_write (Ronnie Sahlberg) \n- x86: __memcpy_flushcache: fix wrong alignment if size > 2^32 (Mikulas Patocka) \n- bonding: do not discard lowest hash bit for non layer3+4 hashing (suresh kumar) \n- ksmbd: set fixed sector size to FS_SECTOR_SIZE_INFORMATION (Namjae Jeon) \n- ksmbd: increment reference count of parent fp (Namjae Jeon) \n- arch: xtensa: platforms: Fix deadlock in rs_close() (Duoming Zhou) \n- ext4: fix bug_on in start_this_handle during umount filesystem (Ye Bin) \n- ASoC: wm8731: Disable the regulator when probing fails (Zheyu Ma) \n- ASoC: Intel: soc-acpi: correct device endpoints for max98373 (Chao Song) \n- tcp: fix F-RTO may not work correctly when receiving DSACK (Pengcheng Yang) \n- Revert ibmvnic: Add ethtool private flag for driver-defined queue limits (Dany Madden) \n- ixgbe: ensure IPsec VF<->PF compatibility (Leon Romanovsky) \n- perf arm-spe: Fix addresses of synthesized SPE events (Timothy Hayes) \n- gfs2: No short reads or writes upon glock contention (Andreas Gruenbacher) \n- gfs2: Make sure not to return short direct writes (Andreas Gruenbacher) \n- gfs2: Minor retry logic cleanup (Andreas Gruenbacher) \n- gfs2: Prevent endless loops in gfs2_file_buffered_write (Andreas Gruenbacher) \n- net: fec: add missing of_node_put() in fec_enet_init_stop_mode() (Yang Yingliang) \n- bnx2x: fix napi API usage sequence (Manish Chopra) \n- tls: Skip tls_append_frag on zero copy size (Maxim Mikityanskiy) \n- drm/amd/display: Fix memory leak in dcn21_clock_source_create (Miaoqian Lin) \n- drm/amdkfd: Fix GWS queue count (David Yat Sin) \n- netfilter: conntrack: fix udp offload timeout sysctl (Volodymyr Mytnyk) \n- io_uring: check reserved fields for recv/recvmsg (Jens Axboe) \n- io_uring: check reserved fields for send/sendmsg (Jens Axboe) \n- net: dsa: lantiq_gswip: Dont set GSWIP_MII_CFG_RMII_CLK (Martin Blumenstingl) \n- drm/sun4i: Remove obsolete references to PHYS_OFFSET (Samuel Holland) \n- net: dsa: mv88e6xxx: Fix port_hidden_wait to account for port_base_addr (Nathan Rossi) \n- net: phy: marvell10g: fix return value on error (Baruch Siach) \n- net: bcmgenet: hide status block before TX timestamping (Jonathan Lemon) \n- cpufreq: qcom-cpufreq-hw: Clear dcvs interrupts (Vladimir Zapolskiy) \n- clk: sunxi: sun9i-mmc: check return value after calling platform_get_resource() (Yang Yingliang) \n- bus: sunxi-rsb: Fix the return value of sunxi_rsb_device_create() (Christophe JAILLET) \n- tcp: make sure treq->af_specific is initialized (Eric Dumazet) \n- tcp: fix potential xmit stalls caused by TCP_NOTSENT_LOWAT (Eric Dumazet) \n- ip_gre, ip6_gre: Fix race condition on o_seqno in collect_md mode (Peilin Ye) \n- ip6_gre: Make o_seqno start from 0 in native mode (Peilin Ye) \n- ip_gre: Make o_seqno start from 0 in native mode (Peilin Ye) \n- net/smc: sync err code when tcp connection was refused (liuyacan) \n- net: hns3: add return value for mailbox handling in PF (Jian Shen) \n- net: hns3: add validity check for message data length (Jian Shen) \n- net: hns3: modify the return code of hclge_get_ring_chain_from_mbx (Jie Wang) \n- net: hns3: clear inited state and stop client after failed to register netdev (Jian Shen) \n- cpufreq: fix memory leak in sun50i_cpufreq_nvmem_probe (Xiaobing Luo) \n- pinctrl: pistachio: fix use of irq_of_parse_and_map() (Lv Ruyi) \n- arm64: dts: imx8mn-ddr4-evk: Describe the 32.768 kHz PMIC clock (Fabio Estevam) \n- ARM: dts: imx6ull-colibri: fix vqmmc regulator (Max Krummenacher) \n- sctp: check asoc strreset_chunk in sctp_generate_reconf_event (Xin Long) \n- wireguard: device: check for metadata_dst with skb_valid_dst() (Nikolay Aleksandrov) \n- tcp: ensure to use the most recently sent skb when filling the rate sample (Pengcheng Yang) \n- pinctrl: stm32: Keep pinctrl block clock enabled when LEVEL IRQ requested (Marek Vasut) \n- tcp: md5: incorrect tcp_header_len for incoming connections (Francesco Ruggeri) \n- pinctrl: rockchip: fix RK3308 pinmux bits (Luca Ceresoli) \n- bpf, lwt: Fix crash when using bpf_skb_set_tunnel_key() from bpf_xmit lwt hook (Eyal Birger) \n- netfilter: nft_set_rbtree: overlap detection with element re-addition after deletion (Pablo Neira Ayuso) \n- net: dsa: Add missing of_node_put() in dsa_port_link_register_of (Miaoqian Lin) ", "cvss3": {}, "published": "2022-08-09T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-2588"], "modified": "2022-08-09T00:00:00", "id": "ELSA-2022-9689", "href": "http://linux.oracle.com/errata/ELSA-2022-9689.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-08-09T18:47:14", "description": "[4.14.35-2047.516.1.1]\n- net_sched: cls_route: remove from list when handle is 0 (Thadeu Lima de Souza Cascardo) [Orabug: 34460938] {CVE-2022-2588}\n[4.14.35-2047.516.1]\n- KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast() (Vitaly Kuznetsov) [Orabug: 34323860] {CVE-2022-2153}\n- KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq (Vitaly Kuznetsov) [Orabug: 34323860] {CVE-2022-2153}\n- KVM: Add infrastructure and macro to mark VM as bugged (Sean Christopherson) [Orabug: 34323860] {CVE-2022-2153}\n- xfs: dont use delalloc extents for COW on files with extsize hints (Christoph Hellwig) [Orabug: 34180868]\n[4.14.35-2047.516.0]\n- scsi: mpt3sas: Remove scsi_dma_map() error messages (Sreekanth Reddy) [Orabug: 34328903] \n- uek: kabi: new protected symbols for USM in OL7 (Saeed Mirzamohammadi) [Orabug: 34233902] \n- vfio/type1: add ioctl to check for correct pin accounting (Anthony Yznaga) [Orabug: 32967885] \n- vfio/type1: track pages pinned by vfio across exec (Anthony Yznaga) [Orabug: 32967885] \n- mm: track driver pinned pages across exec (Anthony Yznaga) [Orabug: 32967885] \n- vfio/type1: Fix vfio_find_dma_valid return (Anthony Yznaga) [Orabug: 32967885] \n- vfio/type1: fix unmap all on ILP32 (Steve Sistare) [Orabug: 32967885] \n- vfio/type1: block on invalid vaddr (Steve Sistare) [Orabug: 32967885] \n- vfio/type1: implement notify callback (Steve Sistare) [Orabug: 32967885] \n- vfio: iommu driver notify callback (Steve Sistare) [Orabug: 32967885] \n- vfio/type1: implement interfaces to update vaddr (Steve Sistare) [Orabug: 32967885] \n- vfio/type1: massage unmap iteration (Steve Sistare) [Orabug: 32967885] \n- vfio: interfaces to update vaddr (Steve Sistare) [Orabug: 32967885] \n- vfio/type1: implement unmap all (Steve Sistare) [Orabug: 32967885] \n- vfio/type1: unmap cleanup (Steve Sistare) [Orabug: 32967885] \n- vfio: option to unmap all (Steve Sistare) [Orabug: 32967885] \n- Linux 4.14.284 (Greg Kroah-Hartman) \n- x86/speculation/mmio: Print SMT warning (Josh Poimboeuf) \n- x86/cpu: Add another Alder Lake CPU to the Intel family (Gayatri Kammela) \n- x86/cpu: Add Lakefield, Alder Lake and Rocket Lake models to the to Intel CPU family (Tony Luck) \n- x86/cpu: Add Comet Lake to the Intel CPU models header (Kan Liang) \n- x86/cpu: Add Cannonlake to Intel family (Rajneesh Bhardwaj) \n- x86/cpu: Add Jasper Lake to Intel family (Zhang Rui) \n- cpu/speculation: Add prototype for cpu_show_srbds() (Guenter Roeck) \n- x86/cpu: Add Elkhart Lake to Intel family (Gayatri Kammela) \n- Linux 4.14.283 (Greg Kroah-Hartman) \n- tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd (Eric Dumazet) \n- PCI: qcom: Fix unbalanced PHY init on probe errors (Johan Hovold) \n- mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N (Tokunori Ikegami) \n- mtd: cfi_cmdset_0002: Move and rename chip_check/chip_ready/chip_good_for_write (Tokunori Ikegami) \n- md/raid0: Ignore RAID0 layout if the second zone has only one device (Pascal Hambourg) \n- powerpc/32: Fix overread/overwrite of thread_struct via ptrace (Michael Ellerman) \n- Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag (Mathias Nyman) \n- ixgbe: fix unexpected VLAN Rx in promisc mode on VF (Olivier Matz) \n- ixgbe: fix bcast packets Rx on VF after promisc removal (Olivier Matz) \n- nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling (Martin Faltesek) \n- nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION (Martin Faltesek) \n- ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files (Sergey Shtylyov) \n- cifs: return errors during session setup during reconnects (Shyam Prasad N) \n- ALSA: hda/conexant - Fix loopback issue with CX20632 (huangwenhui) \n- vringh: Fix loop descriptors check in the indirect cases (Xie Yongji) \n- nodemask: Fix return values to be unsigned (Kees Cook) \n- nbd: fix io hung while disconnecting device (Yu Kuai) \n- nbd: fix race between nbd_alloc_config() and module removal (Yu Kuai) \n- nbd: call genl_unregister_family() first in nbd_cleanup() (Yu Kuai) \n- modpost: fix undefined behavior of is_arm_mapping_symbol() (Masahiro Yamada) \n- drm/radeon: fix a possible null pointer dereference (Gong Yuanjun) \n- Revert net: af_key: add check for pfkey_broadcast in function pfkey_process (Michal Kubecek) \n- md: protect md_unregister_thread from reentrancy (Guoqing Jiang) \n- kernfs: Separate kernfs_pr_cont_buf and rename_lock. (Hao Luo) \n- serial: msm_serial: disable interrupts in __msm_console_write() (John Ogness) \n- staging: rtl8712: fix uninit-value in r871xu_drv_init() (Wang Cheng) \n- clocksource/drivers/sp804: Avoid error on multiple instances (Andre Przywara) \n- extcon: Modify extcon device to be created after driver data is set (bumwoo lee) \n- misc: rtsx: set NULL intfdata when probe fails (Shuah Khan) \n- usb: dwc2: gadget: dont reset gadgets driver->bus (Marek Szyprowski) \n- USB: hcd-pci: Fully suspend across freeze/thaw cycle (Evan Green) \n- drivers: usb: host: Fix deadlock in oxu_bus_suspend() (Duoming Zhou) \n- drivers: tty: serial: Fix deadlock in sa1100_set_termios() (Duoming Zhou) \n- USB: host: isp116x: check return value after calling platform_get_resource() (Zhen Ni) \n- drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop() (Duoming Zhou) \n- tty: Fix a possible resource leak in icom_probe (Huang Guobin) \n- tty: synclink_gt: Fix null-pointer-dereference in slgt_clean() (Zheyu Ma) \n- lkdtm/usercopy: Expand size of out of frame object (Kees Cook) \n- iio: dummy: iio_simple_dummy: check the return value of kstrdup() (Xiaoke Wang) \n- drm: imx: fix compiler warning with gcc-12 (Linus Torvalds) \n- net: altera: Fix refcount leak in altera_tse_mdio_create (Miaoqian Lin) \n- net: ipv6: unexport __init-annotated seg6_hmac_init() (Masahiro Yamada) \n- net: xfrm: unexport __init-annotated xfrm4_protocol_init() (Masahiro Yamada) \n- net: mdio: unexport __init-annotated mdio_bus_init() (Masahiro Yamada) \n- SUNRPC: Fix the calculation of xdr->end in xdr_get_next_encode_buffer() (Chuck Lever) \n- net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure (Gal Pressman) \n- ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe (Miaoqian Lin) \n- xprtrdma: treat all calls not a bcall when bc_serv is NULL (Kinglong Mee) \n- video: fbdev: pxa3xx-gcu: release the resources correctly in pxa3xx_gcu_probe/remove() (Yang Yingliang) \n- m68knommu: fix undefined reference to _init_sp (Greg Ungerer) \n- m68knommu: set ZERO_PAGE() to the allocated zeroed page (Greg Ungerer) \n- i2c: cadence: Increase timeout per message if necessary (Lucas Tanure) \n- tracing: Avoid adding tracer option before update_tracer_options (Mark-PK Tsai) \n- tracing: Fix sleeping function called from invalid context on RT kernel (Jun Miao) \n- mips: cpc: Fix refcount leak in mips_cpc_default_phys_base (Gong Yuanjun) \n- perf c2c: Fix sorting in percent_rmt_hitm_cmp() (Leo Yan) \n- tcp: tcp_rtx_synack() can be called from process context (Eric Dumazet) \n- ubi: ubi_create_volume: Fix use-after-free when volume creation failed (Zhihao Cheng) \n- jffs2: fix memory leak in jffs2_do_fill_super (Baokun Li) \n- modpost: fix removing numeric suffixes (Alexander Lobakin) \n- net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register (Miaoqian Lin) \n- net: ethernet: mtk_eth_soc: out of bounds read in mtk_hwlro_get_fdir_entry() (Dan Carpenter) \n- clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski) \n- firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle (Miaoqian Lin) \n- serial: st-asc: Sanitize CSIZE and correct PARENB for CS7 (Ilpo Jarvinen) \n- serial: sh-sci: Dont allow CS5-6 (Ilpo Jarvinen) \n- serial: txx9: Dont allow CS5-6 (Ilpo Jarvinen) \n- serial: digicolor-usart: Dont allow CS5-6 (Ilpo Jarvinen) \n- serial: meson: acquire port->lock in startup() (John Ogness) \n- rtc: mt6397: check return value after calling platform_get_resource() (Yang Yingliang) \n- soc: rockchip: Fix refcount leak in rockchip_grf_init (Miaoqian Lin) \n- coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier (Guilherme G. Piccoli) \n- rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski) \n- pwm: lp3943: Fix duty calculation in case period was clamped (Uwe Kleine-Konig) \n- USB: storage: karma: fix rio_karma_init return (Lin Ma) \n- usb: usbip: add missing device lock on tweak configuration cmd (Niels Dossche) \n- usb: usbip: fix a refcount leak in stub_probe() (Hangyu Hua) \n- tty: goldfish: Use tty_port_destroy() to destroy port (Wang Weiyang) \n- staging: greybus: codecs: fix type confusion of list iterator variable (Jakob Koschel) \n- pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards (Randy Dunlap) \n- netfilter: nf_tables: disallow non-stateful expression in sets earlier (Pablo Neira Ayuso) \n- MIPS: IP27: Remove incorrect cpu_has_fpu override (Maciej W. Rozycki) \n- RDMA/rxe: Generate a completion for unsupported/invalid opcode (Xiao Yang) \n- phy: qcom-qmp: fix reset-controller leak on probe errors (Johan Hovold) \n- dt-bindings: gpio: altera: correct interrupt-cells (Dinh Nguyen) \n- docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0 (Akira Yokosawa) \n- phy: qcom-qmp: fix struct clk leak on probe errors (Johan Hovold) \n- arm64: dts: qcom: ipq8074: fix the sleep clock frequency (Kathiravan T) \n- gma500: fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- carl9170: tx: fix an incorrect use of list iterator (Xiaomeng Tong) \n- ASoC: rt5514: Fix event generation for DSP Voice Wake Up control (Mark Brown) \n- rtl818x: Prevent using not initialized queues (Alexander Wetzel) \n- hugetlb: fix huge_pmd_unshare address update (Mike Kravetz) \n- nodemask.h: fix compilation error with GCC12 (Christophe de Dinechin) \n- iommu/msm: Fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- um: Fix out-of-bounds read in LDT setup (Vincent Whitchurch) \n- um: chan_user: Fix winch_tramp() return value (Johannes Berg) \n- mac80211: upgrade passive scan to active scan on DFS channels after beacon rx (Felix Fietkau) \n- irqchip: irq-xtensa-mx: fix initial IRQ affinity (Max Filippov) \n- irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375, A38x, A39x (Pali Rohar) \n- RDMA/hfi1: Fix potential integer multiplication overflow errors (Dennis Dalessandro) \n- md: fix an incorrect NULL check in md_reload_sb (Xiaomeng Tong) \n- md: fix an incorrect NULL check in does_sb_need_changing (Xiaomeng Tong) \n- drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX (Brian Norris) \n- drm/nouveau/clk: Fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- drm/amdgpu/cs: make commands with 0 chunks illegal behaviour. (Dave Airlie) \n- scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled (Manivannan Sadhasivam) \n- scsi: dc395x: Fix a missing check on list iterator (Xiaomeng Tong) \n- ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock (Junxiao Bi via Ocfs2-devel) \n- dlm: fix missing lkb refcount handling (Alexander Aring) \n- dlm: fix plock invalid read (Alexander Aring) \n- ext4: avoid cycles in directory h-tree (Jan Kara) \n- ext4: verify dir block before splitting it (Jan Kara) \n- ext4: fix bug_on in ext4_writepages (Ye Bin) \n- ext4: fix use-after-free in ext4_rename_dir_prepare (Ye Bin) \n- fs-writeback: writeback_sb_inodes:Recalculate wrote according skipped pages (Zhihao Cheng) \n- iwlwifi: mvm: fix assert 1F04 upon reconfig (Emmanuel Grumbach) \n- wifi: mac80211: fix use-after-free in chanctx code (Johannes Berg) \n- perf jevents: Fix event syntax error caused by ExtSel (Zhengjun Xing) \n- perf c2c: Use stdio interface if slang is not supported (Leo Yan) \n- iommu/amd: Increase timeout waiting for GA log enablement (Joerg Roedel) \n- video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup (Miaoqian Lin) \n- iommu/mediatek: Add list_del in mtk_iommu_remove (Yong Wu) \n- mailbox: forward the hrtimer if not queued and under a lock (Bjorn Ardo) \n- powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup (Miaoqian Lin) \n- powerpc/perf: Fix the threshold compare group constraint for power9 (Kajol Jain) \n- Input: sparcspkr - fix refcount leak in bbc_beep_probe (Miaoqian Lin) \n- tty: fix deadlock caused by calling printk() under tty_port->lock (Qi Zheng) \n- powerpc/4xx/cpm: Fix return value of __setup() handler (Randy Dunlap) \n- powerpc/idle: Fix return value of __setup() handler (Randy Dunlap) \n- powerpc/8xx: export cpm_setbrg for modules (Randy Dunlap) \n- drivers/base/node.c: fix compaction sysfs file leak (Miaohe Lin) \n- pinctrl: mvebu: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski) \n- scsi: fcoe: Fix Wstringop-overflow warnings in fcoe_wwn_from_mac() (Gustavo A. R. Silva) \n- mfd: ipaq-micro: Fix error check return value of platform_get_irq() (Lv Ruyi) \n- ARM: dts: bcm2835-rpi-b: Fix GPIO line names (Stefan Wahren) \n- ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT (Phil Elwell) \n- soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc (Miaoqian Lin) \n- soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc (Miaoqian Lin) \n- rxrpc: Dont try to resend the request if were receiving the reply (David Howells) \n- rxrpc: Fix listen() setting the bar too high for the prealloc rings (David Howells) \n- ASoC: wm2000: fix missing clk_disable_unprepare() on error in wm2000_anc_transition() (Yang Yingliang) \n- sctp: read sk->sk_bound_dev_if once in sctp_rcv() (Eric Dumazet) \n- m68k: math-emu: Fix dependencies of math emulation support (Geert Uytterhoeven) \n- Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout (Ying Hsu) \n- media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init (Pavel Skripkin) \n- media: exynos4-is: Change clk_disable to clk_disable_unprepare (Miaoqian Lin) \n- media: st-delta: Fix PM disable depth imbalance in delta_probe (Miaoqian Lin) \n- regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt (Miaoqian Lin) \n- ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe (Miaoqian Lin) \n- media: uvcvideo: Fix missing check to determine if element is found in list (Xiaomeng Tong) \n- drm/msm: return an error pointer in msm_gem_prime_get_sg_table() (Dan Carpenter) \n- x86/mm: Cleanup the control_va_addr_alignment() __setup handler (Randy Dunlap) \n- irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski) \n- x86: Fix return value of __setup handlers (Randy Dunlap) \n- drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() (Yang Yingliang) \n- drm/msm/hdmi: check return value after calling platform_get_resource_byname() (Yang Yingliang) \n- drm/msm/dsi: fix error checks and return values for DSI xmit functions (Dmitry Baryshkov) \n- x86/pm: Fix false positive kmemleak report in msr_build_context() (Matthieu Baerts) \n- fsnotify: fix wrong lockdep annotations (Amir Goldstein) \n- inotify: show inotify mask flags in proc fdinfo (Amir Goldstein) \n- ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix (Dan Carpenter) \n- spi: img-spfi: Fix pm_runtime_get_sync() error checking (Zheng Yongjun) \n- HID: hid-led: fix maximum brightness for Dream Cheeky (Jonathan Teh) \n- efi: Add missing prototype for efi_capsule_setup_info (Jan Kiszka) \n- NFC: NULL out the dev->rfkill to prevent UAF (Lin Ma) \n- spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeout (Miaoqian Lin) \n- drm/mediatek: Fix mtk_cec_mask() (Miles Chen) \n- x86/delay: Fix the wrong asm constraint in delay_loop() (Ammar Faizi) \n- ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe (Miaoqian Lin) \n- ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe (Miaoqian Lin) \n- ath9k: fix ar9003_get_eepmisc (Wenli Looi) \n- drm: fix EDID struct for old ARM OABI format (Saeed Mirzamohammadi) \n- RDMA/hfi1: Prevent panic when SDMA is disabled (Douglas Miller) \n- macintosh/via-pmu: Fix build failure when CONFIG_INPUT is disabled (Finn Thain) \n- powerpc/xics: fix refcount leak in icp_opal_init() (Lv Ruyi) \n- tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate (Vasily Averin) \n- PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() (Yicong Yang) \n- ARM: hisi: Add missing of_node_put after of_find_compatible_node (Peng Wu) \n- ARM: dts: exynos: add atmel,24c128 fallback to Samsung EEPROM (Krzysztof Kozlowski) \n- ARM: versatile: Add missing of_node_put in dcscb_init (Peng Wu) \n- fat: add ratelimit to fat*_ent_bread() (OGAWA Hirofumi) \n- ARM: OMAP1: clock: Fix UART rate reporting algorithm (Janusz Krzysztofik) \n- fs: jfs: fix possible NULL pointer dereference in dbFree() (Zixuan Fu) \n- ARM: dts: ox820: align interrupt controller node name with dtschema (Krzysztof Kozlowski) \n- eth: tg3: silence the GCC 12 array-bounds warning (Jakub Kicinski) \n- rxrpc: Return an error to sendmsg if call failed (David Howells) \n- media: exynos4-is: Fix compile warning (Kwanghoon Son) \n- net: phy: micrel: Allow probing without .driver_data (Fabio Estevam) \n- ASoC: rt5645: Fix errorenous cleanup order (Lin Ma) \n- nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags (Smith, Kyle Miller (Nimble Kernel)) \n- openrisc: start CPU timer early in boot (Jason A. Donenfeld) \n- rtlwifi: Use pr_warn instead of WARN_ONCE (Dongliang Mu) \n- ipmi:ssif: Check for NULL msg when handling events and messages (Corey Minyard) \n- dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC (Mikulas Patocka) \n- s390/preempt: disable __preempt_count_add() optimization for PROFILE_ALL_BRANCHES (Heiko Carstens) \n- ASoC: dapm: Dont fold register value changes into notifications (Mark Brown) \n- ipv6: Dont send rs packets to the interface of ARPHRD_TUNNEL (jianghaoran) \n- drm/amd/pm: fix the compile warning (Evan Quan) \n- scsi: megaraid: Fix error check return value of register_chrdev() (Lv Ruyi) \n- media: cx25821: Fix the warning when removing the module (Zheyu Ma) \n- media: pci: cx23885: Fix the error handling in cx23885_initdev() (Zheyu Ma) \n- media: venus: hfi: avoid null dereference in deinit (Luca Weiss) \n- ath9k: fix QCA9561 PA bias level (Thibaut VARENE) \n- drm/amd/pm: fix double free in si_parse_power_table() (Keita Suzuki) \n- ALSA: jack: Access input_dev under mutex (Amadeusz Slawinski) \n- ACPICA: Avoid cache flush inside virtual machines (Kirill A. Shutemov) \n- ipw2x00: Fix potential NULL dereference in libipw_xmit() (Haowen Bai) \n- b43: Fix assigning negative value to unsigned variable (Haowen Bai) \n- b43legacy: Fix assigning negative value to unsigned variable (Haowen Bai) \n- mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue (Niels Dossche) \n- drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes (Liu Zixian) \n- btrfs: repair super block num_devices automatically (Qu Wenruo) \n- btrfs: add 0x prefix for unsupported optional features (Qu Wenruo) \n- ptrace: Reimplement PTRACE_KILL by always sending SIGKILL (Eric W. Biederman) \n- ptrace/xtensa: Replace PT_SINGLESTEP with TIF_SINGLESTEP (Eric W. Biederman) \n- USB: new quirk for Dell Gen 2 devices (Monish Kumar R) \n- USB: serial: option: add Quectel BG95 modem (Carl Yin) \n- binfmt_flat: do not stop relocating GOT entries prematurely on riscv (Niklas Cassel) \n- Linux 4.14.282 (Greg Kroah-Hartman) \n- bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes (Liu Jian) \n- NFSD: Fix possible sleep during nfsd4_release_lockowner() (Chuck Lever) \n- docs: submitting-patches: Fix crossref to The canonical patch format (Akira Yokosawa) \n- tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe() (Xiu Jianfeng) \n- dm verity: set DM_TARGET_IMMUTABLE feature flag (Sarthak Kukreti) \n- dm stats: add cond_resched when looping over entries (Mikulas Patocka) \n- dm crypt: make printing of the key constant-time (Mikulas Patocka) \n- dm integrity: fix error code in dm_integrity_ctr() (Dan Carpenter) \n- zsmalloc: fix races between asynchronous zspage free and page migration (Sultan Alsawaf) \n- netfilter: conntrack: re-fetch conntrack after insertion (Florian Westphal) \n- exec: Force single empty string when argv is empty (Kees Cook) \n- block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern (Haimin Zhang) \n- drm/i915: Fix -Wstringop-overflow warning in call to intel_read_wm_latency() (Gustavo A. R. Silva) \n- drivers: i2c: thunderx: Allow driver to work with ACPI defined TWSI controllers (Piyush Malgujar) \n- net: ftgmac100: Disable hardware checksum on AST2600 (Joel Stanley) \n- net: af_key: check encryption module availability consistency (Thomas Bartschies) \n- ACPI: sysfs: Fix BERT error region memory mapping (Lorenzo Pieralisi) \n- ACPI: sysfs: Make sparse happy about address space in use (Andy Shevchenko) \n- secure_seq: use the 64 bits of the siphash for port offset calculation (Willy Tarreau) \n- tcp: change source port randomizarion at connect() time (Eric Dumazet) \n- staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan() (Denis Efremov (Oracle)) \n- x86/pci/xen: Disable PCI/MSI[-X] masking for XEN_HVM guests (Thomas Gleixner) \n- Linux 4.14.281 (Greg Kroah-Hartman) \n- Reinstate some of swiotlb: rework fix info leak with DMA_FROM_DEVICE (Linus Torvalds) \n- swiotlb: fix info leak with DMA_FROM_DEVICE (Halil Pasic) \n- net: atlantic: verify hw_head_ lies within TX buffer ring (Grant Grundler) \n- net: stmmac: fix missing pci_disable_device() on error in stmmac_pci_probe() (Yang Yingliang) \n- ethernet: tulip: fix missing pci_disable_device() on error in tulip_init_one() (Yang Yingliang) \n- mac80211: fix rx reordering with non explicit / psmp ack policy (Felix Fietkau) \n- scsi: qla2xxx: Fix missed DMA unmap for aborted commands (Gleb Chesnokov) \n- perf bench numa: Address compiler error on s390 (Thomas Richter) \n- gpio: mvebu/pwm: Refuse requests with inverted polarity (Uwe Kleine-Konig) \n- gpio: gpio-vf610: do not touch other bits when set the target bit (Haibo Chen) \n- net: bridge: Clear offload_fwd_mark when passing frame up bridge interface. (Andrew Lunn) \n- igb: skip phy status check where unavailable (Kevin Mitchell) \n- ARM: 9197/1: spectre-bhb: fix loop8 sequence for Thumb2 (Ard Biesheuvel) \n- ARM: 9196/1: spectre-bhb: enable for Cortex-A15 (Ard Biesheuvel) \n- net: af_key: add check for pfkey_broadcast in function pfkey_process (Jiasheng Jiang) \n- NFC: nci: fix sleep in atomic context bugs caused by nci_skb_alloc (Duoming Zhou) \n- net/qla3xxx: Fix a test in ql_reset_work() (Christophe JAILLET) \n- clk: at91: generated: consider range when calculating best rate (Codrin Ciubotariu) \n- net: vmxnet3: fix possible NULL pointer dereference in vmxnet3_rq_cleanup() (Zixuan Fu) \n- net: vmxnet3: fix possible use-after-free bugs in vmxnet3_rq_alloc_rx_buf() (Zixuan Fu) \n- mmc: core: Default to generic_cmd6_time as timeout in __mmc_switch() (Ulf Hansson) \n- mmc: block: Use generic_cmd6_time when modifying INAND_CMD38_ARG_EXT_CSD (Ulf Hansson) \n- mmc: core: Specify timeouts for BKOPS and CACHE_FLUSH for eMMC (Ulf Hansson) \n- drm/dp/mst: fix a possible memory leak in fetch_monitor_name() (Hangyu Hua) \n- ALSA: wavefront: Proper check of get_user() error (Takashi Iwai) \n- ARM: 9191/1: arm/stacktrace, kasan: Silence KASAN warnings in unwind_frame() (linyujun) \n- drbd: remove usage of list iterator variable after loop (Jakob Koschel) \n- MIPS: lantiq: check the return value of kzalloc() (Xiaoke Wang) \n- Input: stmfts - fix reference leak in stmfts_input_open (Zheng Yongjun) \n- Input: add bounds checking to input_set_capability() (Jeff LaBundy) \n- um: Cleanup syscall_handler_t definition/cast, fix warning (David Gow)\n[4.14.35-2047.515.3]\n- uek-rpm: Enable Pensando EMMC reset controller (Thomas Tai) [Orabug: 34325721] \n- mfd: pensando_elbasr: Add Pensando Elba System Resource Chip (Brad Larson) [Orabug: 34325721] \n- dsc-drivers: update drivers for 1.15.9-C-65 (Shannon Nelson) [Orabug: 34325721]\n[4.14.35-2047.515.2]\n- net/rds: Delayed DR_SOCK_CANCEL (Gerd Rausch) [Orabug: 34105319]\n[4.14.35-2047.515.1]\n- sched/rt: Disable RT_RUNTIME_SHARE by default (Daniel Bristot de Oliveira) [Orabug: 34193333] \n- mstflint_access: Update driver code to v4.20.1-1 from Github (Qing Huang) [Orabug: 34286148]\n[4.14.35-2047.515.0]\n- net: ip: avoid OOM kills with large UDP sends over loopback (Venkat Venkatsubra) [Orabug: 34066209] \n- rdmaip: Flush ARP cache after address has been cleared (Gerd Rausch) [Orabug: 34285241] \n- rds: Include congested flag in rds_sock struct. (Rohit Nair) [Orabug: 34261492] \n- cpu/hotplug: Allow the CPU in CPU_UP_PREPARE state to be brought up again. (Longpeng(Mike)) [Orabug: 34234771] \n- x86/xen: Allow to retry if cpu_initialize_context() failed. (Boris Ostrovsky) [Orabug: 34234771] \n- floppy: use a statically allocated error counter (Willy Tarreau) [Orabug: 34218640] {CVE-2022-1652}\n- assoc_array: Fix BUG_ON during garbage collect (Stephen Brennan) [Orabug: 34162064] \n- exec, elf: fix reserve_va_range() sanity check (Anthony Yznaga) [Orabug: 32387887] \n- exec, elf: use already allocated notes data in reserve_va_range() (Anthony Yznaga) [Orabug: 32387887] \n- mm: madv_doexec_flag sysctl (Anthony Yznaga) [Orabug: 32387887] \n- mm: introduce MADV_DOEXEC (Anthony Yznaga) [Orabug: 32387887] \n- exec, elf: require opt-in for accepting preserved mem (Anthony Yznaga) [Orabug: 32387887] \n- mm: introduce VM_EXEC_KEEP (Anthony Yznaga) [Orabug: 32387887] \n- mm: fail exec if stack expansion will overlap another vma (Anthony Yznaga) [Orabug: 32387887] \n- mm: do not assume only the stack vma exists in setup_arg_pages() (Anthony Yznaga) [Orabug: 32387887] \n- ELF: when loading PIE binaries check for overlap with existing mappings (Anthony Yznaga) [Orabug: 32387887] \n- Linux 4.14.280 (Greg Kroah-Hartman) \n- tty/serial: digicolor: fix possible null-ptr-deref in digicolor_uart_probe() (Yang Yingliang) \n- ping: fix address binding wrt vrf (Nicolas Dichtel) \n- drm/vmwgfx: Initialize drm_mode_fb_cmd2 (Zack Rusin) \n- cgroup/cpuset: Remove cpus_allowed/mems_allowed setup in cpuset_init_smp() (Waiman Long) \n- USB: serial: option: add Fibocom MA510 modem (Sven Schwermer) \n- USB: serial: option: add Fibocom L610 modem (Sven Schwermer) \n- USB: serial: qcserial: add support for Sierra Wireless EM7590 (Ethan Yang) \n- USB: serial: pl2303: add device id for HP LM930 Display (Scott Chen) \n- usb: cdc-wdm: fix reading stuck on device close (Sergey Ryazanov) \n- tcp: resalt the secret every 10 seconds (Eric Dumazet) \n- ASoC: ops: Validate input values in snd_soc_put_volsw_range() (Mark Brown) \n- ASoC: max98090: Generate notifications on changes for custom control (Mark Brown) \n- ASoC: max98090: Reject invalid values in custom control put() (Mark Brown) \n- hwmon: (f71882fg) Fix negative temperature (Ji-Ze Hong (Peter Hong)) \n- net: sfc: ef10: fix memory leak in efx_ef10_mtd_probe() (Taehee Yoo) \n- net/smc: non blocking recvmsg() return -EAGAIN when no data and signal_pending (Guangguan Wang) \n- s390/lcs: fix variable dereferenced before check (Alexandra Winter) \n- s390/ctcm: fix potential memory leak (Alexandra Winter) \n- s390/ctcm: fix variable dereferenced before check (Alexandra Winter) \n- hwmon: (ltq-cputemp) restrict it to SOC_XWAY (Randy Dunlap) \n- mac80211_hwsim: call ieee80211_tx_prepare_skb under RCU protection (Johannes Berg) \n- netlink: do not reset transport header in netlink_recvmsg() (Eric Dumazet) \n- ipv4: drop dst in multicast routing path (Lokesh Dhoundiyal) \n- net: Fix features skip in for_each_netdev_feature() (Tariq Toukan) \n- batman-adv: Dont skb_split skbuffs with frag_list (Sven Eckelmann) \n- Linux 4.14.279 (Greg Kroah-Hartman) \n- VFS: Fix memory leak caused by concurrently mounting fs with subtype (ChenXiaoSong) \n- ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock (Takashi Iwai) \n- mm: userfaultfd: fix missing cache flush in mcopy_atomic_pte() and __mcopy_atomic() (Muchun Song) \n- mm: hugetlb: fix missing cache flush in copy_huge_page_from_user() (Muchun Song) \n- mmc: rtsx: add 74 Clocks in power on flow (Ricky WU) \n- Bluetooth: Fix the creation of hdev->name (Itay Iellin) \n- can: grcan: only use the NAPI poll budget for RX (Andreas Larsson) \n- can: grcan: grcan_probe(): fix broken system id check for errata workaround needs (Andreas Larsson) \n- block: drbd: drbd_nl: Make conversion to enum drbd_ret_code explicit (Lee Jones) \n- MIPS: Use address-of operator on section symbols (Nathan Chancellor) \n- Linux 4.14.278 (Greg Kroah-Hartman) \n- PCI: aardvark: Fix reading MSI interrupt number (Pali Rohar) \n- PCI: aardvark: Clear all MSIs at setup (Pali Rohar) \n- dm: interlock pending dm_io and dm_wait_for_bios_completion (Mike Snitzer) \n- dm: fix mempool NULL pointer race when completing IO (Jiazi Li) \n- net: ipv6: ensure we call ipv6_mc_down() at most once (j.nixdorf@avm.de) \n- kvm: x86/cpuid: Only provide CPUID leaf 0xA if host has architectural PMU (Sandipan Das) \n- net: igmp: respect RCU rules in ip_mc_source() and ip_mc_msfilter() (Eric Dumazet) \n- btrfs: always log symlinks in full mode (Filipe Manana) \n- smsc911x: allow using IRQ0 (Sergey Shtylyov) \n- net: emaclite: Add error handling for of_address_to_resource() (Shravya Kumbham) \n- hwmon: (adt7470) Fix warning on module removal (Armin Wolf) \n- NFC: netlink: fix sleep in atomic bug when firmware download timeout (Duoming Zhou) \n- nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs (Duoming Zhou) \n- nfc: replace improper check device_is_registered() in netlink related functions (Duoming Zhou) \n- can: grcan: use ofdev->dev when allocating DMA memory (Daniel Hellstrom) \n- can: grcan: grcan_close(): fix deadlock (Duoming Zhou) \n- ASoC: wm8958: Fix change notifications for DSP controls (Mark Brown) \n- firewire: core: extend card->lock in fw_core_handle_bus_reset (Niels Dossche) \n- firewire: remove check of list iterator against head past the loop body (Jakob Koschel) \n- firewire: fix potential uaf in outbound_phy_packet_callback() (Chengfeng Ye) \n- Revert SUNRPC: attempt AF_LOCAL connect on setup (Trond Myklebust) \n- ALSA: fireworks: fix wrong return count shorter than expected by 4 bytes (Takashi Sakamoto) \n- parisc: Merge model and model name into one line in /proc/cpuinfo (Helge Deller) \n- MIPS: Fix CP0 counter erratum detection for R4k CPUs (Maciej W. Rozycki) \n- tty: n_gsm: fix incorrect UA handling (Daniel Starke) \n- tty: n_gsm: fix wrong command frame length field encoding (Daniel Starke) \n- tty: n_gsm: fix wrong command retry handling (Daniel Starke) \n- tty: n_gsm: fix missing explicit ldisc flush (Daniel Starke) \n- tty: n_gsm: fix insufficient txframe size (Daniel Starke) \n- tty: n_gsm: fix malformed counter for out of frame data (Daniel Starke) \n- tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2 (Daniel Starke) \n- drivers: net: hippi: Fix deadlock in rr_close() (Duoming Zhou) \n- cifs: destage any unwritten data to the server before calling copychunk_write (Ronnie Sahlberg) \n- x86: __memcpy_flushcache: fix wrong alignment if size > 2^32 (Mikulas Patocka) \n- ASoC: wm8731: Disable the regulator when probing fails (Zheyu Ma) \n- bnx2x: fix napi API usage sequence (Manish Chopra) \n- net: bcmgenet: hide status block before TX timestamping (Jonathan Lemon) \n- clk: sunxi: sun9i-mmc: check return value after calling platform_get_resource() (Yang Yingliang) \n- bus: sunxi-rsb: Fix the return value of sunxi_rsb_device_create() (Christophe JAILLET) \n- tcp: fix potential xmit stalls caused by TCP_NOTSENT_LOWAT (Eric Dumazet) \n- ip_gre: Make o_seqno start from 0 in native mode (Peilin Ye) \n- pinctrl: pistachio: fix use of irq_of_parse_and_map() (Lv Ruyi) \n- sctp: check asoc strreset_chunk in sctp_generate_reconf_event (Xin Long) \n- mtd: rawnand: Fix return value check of wait_for_completion_timeout (Miaoqian Lin) \n- ipvs: correctly print the memory size of ip_vs_conn_tab (Pengcheng Yang) \n- ARM: dts: Fix mmc order for omap3-gta04 (H. Nikolaus Schaller) \n- ARM: OMAP2+: Fix refcount leak in omap_gic_of_init (Miaoqian Lin) \n- phy: samsung: exynos5250-sata: fix missing device put in probe error paths (Krzysztof Kozlowski) \n- phy: samsung: Fix missing of_node_put() in exynos_sata_phy_probe (Miaoqian Lin) \n- ARM: dts: imx6qdl-apalis: Fix sgtl5000 detection issue (Fabio Estevam) \n- USB: Fix xhci event ring dequeue pointer ERDP update issue (Weitao Wang) \n- hex2bin: fix access beyond string end (Mikulas Patocka) \n- hex2bin: make the function hex_to_bin constant-time (Mikulas Patocka) \n- serial: 8250: Correct the clock for EndRun PTP/1588 PCIe device (Maciej W. Rozycki) \n- serial: 8250: Also set sticky MCR bits in console restoration (Maciej W. Rozycki) \n- usb: gadget: configfs: clear deactivation flag in configfs_composite_unbind() (Vijayavardhan Vennapusa) \n- usb: gadget: uvc: Fix crash when encoding data for usb request (Dan Vacura) \n- usb: misc: fix improper handling of refcount in uss720_probe() (Hangyu Hua) \n- iio: magnetometer: ak8975: Fix the error handling in ak8975_power_on() (Zheyu Ma) \n- iio: dac: ad5446: Fix read_raw not returning set value (Michael Hennerich) \n- iio: dac: ad5592r: Fix the missing return value. (Zizhuang Deng) \n- xhci: stop polling roothubs after shutdown (Henry Lin) \n- USB: serial: option: add Telit 0x1057, 0x1058, 0x1075 compositions (Daniele Palmas) \n- USB: serial: option: add support for Cinterion MV32-WA/MV32-WB (Slark Xiao) \n- USB: serial: cp210x: add PIDs for Kamstrup USB Meter Reader (Bruno Thomsen) \n- USB: serial: whiteheat: fix heap overflow in WHITEHEAT_GET_DTR_RTS (Kees Cook) \n- USB: quirks: add STRING quirk for VCOM device (Oliver Neukum) \n- USB: quirks: add a Realtek card reader (Oliver Neukum) \n- usb: mtu3: fix USB 3.0 dual-role-switch from device to host (Macpaul Lin) \n- lightnvm: disable the subsystem (Greg Kroah-Hartman) \n- net/sched: cls_u32: fix netns refcount changes in u32_change() (Eric Dumazet) \n- hamradio: remove needs_free_netdev to avoid UAF (Lin Ma) \n- hamradio: defer 6pack kfree after unregister_netdev (Lin Ma) \n- floppy: disable FDRAWCMD by default (Willy Tarreau) \n- Linux 4.14.277 (Greg Kroah-Hartman) \n- ax25: Fix UAF bugs in ax25 timers (Duoming Zhou) \n- ax25: Fix NULL pointer dereferences in ax25 timers (Duoming Zhou) \n- ax25: fix NPD bug in ax25_disconnect (Duoming Zhou) \n- ax25: fix UAF bug in ax25_send_control() (Duoming Zhou) \n- ax25: Fix refcount leaks caused by ax25_cb_del() (Duoming Zhou) \n- ax25: fix UAF bugs of net_device caused by rebinding operation (Duoming Zhou) \n- ax25: fix reference count leaks of ax25_dev (Duoming Zhou) \n- ax25: add refcount in ax25_dev to avoid UAF bugs (Duoming Zhou) \n- block/compat_ioctl: fix range check in BLKGETSIZE (Khazhismel Kumykov) \n- staging: ion: Prevent incorrect reference counting behavour (Lee Jones) \n- ext4: force overhead calculation if the s_overhead_cluster makes no sense (Theodore Tso) \n- ext4: fix overhead calculation to account for the reserved gdt blocks (Theodore Tso) \n- ext4: limit length to bitmap_maxbytes - blocksize in punch_hole (Tadeusz Struk) \n- ext4: fix symlink file size not match to file content (Ye Bin) \n- ARC: entry: fix syscall_trace_exit argument (Sergey Matyukevich) \n- e1000e: Fix possible overflow in LTR decoding (Sasha Neftin) \n- ASoC: soc-dapm: fix two incorrect uses of list iterator (Xiaomeng Tong) \n- openvswitch: fix OOB access in reserve_sfa_size() (Paolo Valerio) \n- powerpc/perf: Fix power9 event alternatives (Athira Rajeev) \n- dma: at_xdmac: fix a missing check on list iterator (Xiaomeng Tong) \n- ata: pata_marvell: Check the bmdma_addr beforing reading (Zheyu Ma) \n- stat: fix inconsistency between struct stat and struct compat_stat (Mikulas Patocka) \n- net: macb: Restart tx only if queue pointer is lagging (Tomas Melin) \n- drm/msm/mdp5: check the return of kzalloc() (Xiaoke Wang) \n- brcmfmac: sdio: Fix undefined behavior due to shift overflowing the constant (Borislav Petkov) \n- cifs: Check the IOCB_DIRECT flag, not O_DIRECT (David Howells) \n- vxlan: fix error return code in vxlan_fdb_append (Hongbin Wang) \n- ALSA: usb-audio: Fix undefined behavior due to shift overflowing the constant (Borislav Petkov) \n- platform/x86: samsung-laptop: Fix an unsigned comparison which can never be negative (Jiapeng Chong) \n- ARM: vexpress/spc: Avoid negative array index when !SMP (Kees Cook) \n- netlink: reset network and mac headers in netlink_dump() (Eric Dumazet) \n- net/packet: fix packet_sock xmit return value checking (Hangbin Liu) \n- dmaengine: imx-sdma: Fix error checking in sdma_event_remap (Miaoqian Lin) \n- tcp: Fix potential use-after-free due to double kfree() (Kuniyuki Iwashima) \n- tcp: fix race condition when creating child sockets from syncookies (Ricardo Dias) \n- ALSA: usb-audio: Clear MIDI port active flag after draining (Takashi Iwai) \n- gfs2: assign rgrp glock before compute_bitstructs (Bob Peterson) \n- can: usb_8dev: usb_8dev_start_xmit(): fix double dev_kfree_skb() in error path (Hangyu Hua) \n- tracing: Dump stacktrace trigger to the corresponding instance (Daniel Bristot de Oliveira) \n- tracing: Have traceon and traceoff trigger honor the instance (Steven Rostedt (Google)) \n- mm: page_alloc: fix building error on -Werror=array-compare (Xiongwei Song) \n- etherdevice: Adjust ether_addr* prototypes to silence -Wstringop-overead (Kees Cook)", "cvss3": {}, "published": "2022-08-09T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-2588"], "modified": "2022-08-09T00:00:00", "id": "ELSA-2022-9693", "href": "http://linux.oracle.com/errata/ELSA-2022-9693.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-08-09T20:40:47", "description": "[4.1.12-124.65.1.1]\n- net_sched: cls_route: remove from list when handle is 0 (Thadeu Lima de Souza Cascardo) [Orabug: 34460939] {CVE-2022-2588}", "cvss3": {}, "published": "2022-08-09T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-2588"], "modified": "2022-08-09T00:00:00", "id": "ELSA-2022-9694", "href": "http://linux.oracle.com/errata/ELSA-2022-9694.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-09-16T00:43:27", "description": "[4.14.35-2047.517.3]\n- KVM: x86: use raw clock values consistently (Paolo Bonzini) [Orabug: 34575637] \n- KVM: x86: reorganize pvclock_gtod_data members (Paolo Bonzini) [Orabug: 34575637] \n- KVM: x86: switch KVMCLOCK base to monotonic raw clock (Marcelo Tosatti) [Orabug: 34575637]\n[4.14.35-2047.517.2]\n- kernfs: Replace global kernfs_open_file_mutex with hashed mutexes. (Imran Khan) [Orabug: 34476942] \n- kernfs: Introduce interface to access global kernfs_open_file_mutex. (Imran Khan) [Orabug: 34476942] \n- kernfs: make ->attr.open RCU protected. (Imran Khan) [Orabug: 34476942] \n- kernfs: Rename kernfs_put_open_node to kernfs_unlink_open_file. (Imran Khan) [Orabug: 34476942] \n- kernfs: Remove reference counting for kernfs_open_node. (Imran Khan) [Orabug: 34476942] \n- rds/ib: handle posted ACK during connection shutdown (Rohit Nair) [Orabug: 34465810] \n- rds/ib: reap tx completions during connection shutdown (Rohit Nair) [Orabug: 34465810] \n- scsi: target: Fix WRITE_SAME No Data Buffer crash (Mike Christie) [Orabug: 34419972] {CVE-2022-21546}\n- rds/rdma: destroy CQs during user initiated rds connection resets (Rohit Nair) [Orabug: 34414240] \n- rds: copy_from_user only once per rds_sendmsg system call (Hans Westgaard Ry) [Orabug: 34510858] {CVE-2022-21385}\n[4.14.35-2047.517.1]\n- net_sched: cls_route: remove from list when handle is 0 (Thadeu Lima de Souza Cascardo) [Orabug: 34480752] {CVE-2022-2588}\n- Restore 'module, async: async_synchronize_full() on module init iff async is used' (Mridula Shastry) [Orabug: 34469834] \n- net/rds: Replace #ifdef DEBUG with CONFIG_SLUB_DEBUG (Freddy Carrillo) [Orabug: 34405766] \n- ext4: Move to shared i_rwsem even without dioread_nolock mount opt (Ritesh Harjani) [Orabug: 34295843] \n- ext4: Start with shared i_rwsem in case of DIO instead of exclusive (Ritesh Harjani) [Orabug: 34295843] \n- ext4: further refactoring bufferio and dio helper (Junxiao Bi) [Orabug: 34295843] \n- ext4: refactor ext4_file_write_iter (Junxiao Bi) [Orabug: 34295843] \n- xen/manage: Use orderly_reboot() to reboot (Ross Lagerwall) [Orabug: 34211118] \n- xen/manage: revert 'xen/manage: enable C_A_D to force reboot' (Dongli Zhang) [Orabug: 34211118] \n- Linux 4.14.288 (Greg Kroah-Hartman) \n- dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate (Miaoqian Lin) \n- dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate (Miaoqian Lin) \n- dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc() correctly (Michael Walle) \n- ida: don't use BUG_ON() for debugging (Linus Torvalds) \n- i2c: cadence: Unregister the clk notifier in error path (Satish Nagireddy) \n- pinctrl: sunxi: a83t: Fix NAND function name for some pins (Samuel Holland) \n- xfs: remove incorrect ASSERT in xfs_rename (Eric Sandeen) \n- powerpc/powernv: delay rng platform device creation until later in boot (Jason A. Donenfeld) \n- video: of_display_timing.h: include errno.h (Hsin-Yi Wang) \n- fbcon: Disallow setting font bigger than screen size (Helge Deller) \n- iommu/vt-d: Fix PCI bus rescan device hot add (Yian Chen) \n- net: rose: fix UAF bug caused by rose_t0timer_expiry (Duoming Zhou) \n- usbnet: fix memory leak in error case (Oliver Neukum) \n- can: gs_usb: gs_usb_open/close(): fix memory leak (Rhett Aultman) \n- can: grcan: grcan_probe(): remove extra of_node_get() (Liang He) \n- mm/slub: add missing TID updates on slab deactivation (Jann Horn) \n- esp: limit skb_page_frag_refill use to a single page (Sabrina Dubroca) \n- Linux 4.14.287 (Greg Kroah-Hartman) \n- xen/gntdev: Avoid blocking in unmap_grant_pages() (Demi Marie Obenour) \n- net: usb: qmi_wwan: add Telit 0x1070 composition (Daniele Palmas) \n- net: usb: qmi_wwan: add Telit 0x1060 composition (Carlo Lobrano) \n- xen/arm: Fix race in RB-tree based P2M accounting (Oleksandr Tyshchenko) \n- net: Rename and export copy_skb_header (Ilya Lesokhin) \n- ipv6/sit: fix ipip6_tunnel_get_prl return value (katrinzhou) \n- sit: use min (kernel test robot) \n- hwmon: (ibmaem) don't call platform_device_del() if platform_device_add() fails (Yang Yingliang) \n- NFC: nxp-nci: Don't issue a zero length i2c_master_read() (Michael Walle) \n- nfc: nfcmrvl: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski) \n- net: bonding: fix use-after-free after 802.3ad slave unbind (Yevhen Orlov) \n- net: bonding: fix possible NULL deref in rlb code (Eric Dumazet) \n- netfilter: nft_dynset: restore set element counter when failing to update (Pablo Neira Ayuso) \n- caif_virtio: fix race between virtio_device_ready() and ndo_open() (Jason Wang) \n- net: ipv6: unexport __init-annotated seg6_hmac_net_init() (YueHaibing) \n- usbnet: fix memory allocation in helpers (Oliver Neukum) \n- RDMA/qedr: Fix reporting QP timeout attribute (Kamal Heib) \n- net: usb: ax88179_178a: Fix packet receiving (Jose Alonso) \n- net: rose: fix UAF bugs caused by timer handler (Duoming Zhou) \n- SUNRPC: Fix READ_PLUS crasher (Chuck Lever) \n- s390/archrandom: simplify back to earlier design and initialize earlier (Jason A. Donenfeld) \n- dm raid: fix KASAN warning in raid5_add_disks (Mikulas Patocka) \n- dm raid: fix accesses beyond end of raid member array (Heinz Mauelshagen) \n- nvdimm: Fix badblocks clear off-by-one error (Chris Ye) \n- Linux 4.14.286 (Greg Kroah-Hartman) \n- swiotlb: skip swiotlb_bounce when orig_addr is zero (Liu Shixin) \n- kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add] (Naveen N. Rao) \n- fdt: Update CRC check for rng-seed (Hsin-Yi Wang) \n- xen: unexport __init-annotated xen_xlate_map_ballooned_pages() (Masahiro Yamada) \n- drm: remove drm_fb_helper_modinit (Christoph Hellwig) \n- powerpc/pseries: wire up rng during setup_arch() (Jason A. Donenfeld) \n- modpost: fix section mismatch check for exported init/exit sections (Masahiro Yamada) \n- ARM: cns3xxx: Fix refcount leak in cns3xxx_init (Miaoqian Lin) \n- ARM: Fix refcount leak in axxia_boot_secondary (Miaoqian Lin) \n- ARM: exynos: Fix refcount leak in exynos_map_pmu (Miaoqian Lin) \n- ARM: dts: imx6qdl: correct PU regulator ramp delay (Lucas Stach) \n- powerpc/powernv: wire up rng during setup_arch (Jason A. Donenfeld) \n- powerpc/rtas: Allow ibm,platform-dump RTAS call with null buffer address (Andrew Donnellan) \n- powerpc: Enable execve syscall exit tracepoint (Naveen N. Rao) \n- xtensa: Fix refcount leak bug in time.c (Liang He) \n- xtensa: xtfpga: Fix refcount leak bug in setup (Liang He) \n- iio: adc: axp288: Override TS pin bias current for some models (Hans de Goede) \n- iio: trigger: sysfs: fix use-after-free on remove (Vincent Whitchurch) \n- iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up() (Zheyu Ma) \n- iio: accel: mma8452: ignore the return value of reset operation (Haibo Chen) \n- iio:accel:bma180: rearrange iio trigger get and register (Dmitry Rokosov) \n- usb: chipidea: udc: check request status before setting device address (Xu Yang) \n- iio: adc: vf610: fix conversion mode sysfs node name (Baruch Siach) \n- igb: Make DMA faster when CPU is active on the PCIe link (Kai-Heng Feng) \n- MIPS: Remove repetitive increase irq_err_count (huhai) \n- x86/xen: Remove undefined behavior in setup_features() (Julien Grall) \n- bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers (Jay Vosburgh) \n- USB: serial: option: add Quectel RM500K module support (Macpaul Lin) \n- USB: serial: option: add Quectel EM05-G modem (Yonglin Tan) \n- USB: serial: option: add Telit LE910Cx 0x1250 composition (Carlo Lobrano) \n- random: quiet urandom warning ratelimit suppression message (Jason A. Donenfeld) \n- dm era: commit metadata in postsuspend after worker stops (Nikos Tsironis) \n- ata: libata: add qc->flags in ata_qc_complete_template tracepoint (Edward Wu) \n- random: schedule mix_interrupt_randomness() less often (Jason A. Donenfeld) \n- vt: drop old FONT ioctls (Jiri Slaby) \n- Linux 4.14.285 (Greg Kroah-Hartman) \n- tcp: drop the hash_32() part from the index calculation (Willy Tarreau) \n- tcp: increase source port perturb table to 2^16 (Willy Tarreau) \n- tcp: dynamically allocate the perturb table used by source ports (Willy Tarreau) \n- tcp: add small random increments to the source port (Willy Tarreau) \n- tcp: use different parts of the port_offset for index and offset (Willy Tarreau) \n- tcp: add some entropy in __inet_hash_connect() (Eric Dumazet) \n- xprtrdma: fix incorrect header size calculations (Colin Ian King) \n- usb: gadget: u_ether: fix regression in setting fixed MAC address (Marian Postevca) \n- s390/mm: use non-quiescing sske for KVM switch to keyed guest (Christian Borntraeger) \n- virtio-pci: Remove wrong address verification in vp_del_vqs() (Murilo Opsfelder Araujo) \n- ext4: add reserved GDT blocks check (Zhang Yi) \n- ext4: make variable 'count' signed (Ding Xiang) \n- ext4: fix bug_on ext4_mb_use_inode_pa (Baokun Li) \n- serial: 8250: Store to lsr_save_flags after lsr read (Ilpo Jarvinen) \n- usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe (Miaoqian Lin) \n- usb: dwc2: Fix memory leak in dwc2_hcd_init (Miaoqian Lin) \n- USB: serial: io_ti: add Agilent E5805A support (Robert Eckelmann) \n- USB: serial: option: add support for Cinterion MV31 with new baseline (Slark Xiao) \n- comedi: vmk80xx: fix expression for tx buffer size (Ian Abbott) \n- irqchip/gic/realview: Fix refcount leak in realview_gic_of_init (Miaoqian Lin) \n- certs/blacklist_hashes.c: fix const confusion in certs blacklist (Masahiro Yamada) \n- arm64: ftrace: fix branch range checks (Mark Rutland) \n- net: bgmac: Fix an erroneous kfree() in bgmac_remove() (Christophe JAILLET) \n- misc: atmel-ssc: Fix IRQ check in ssc_probe (Miaoqian Lin) \n- tty: goldfish: Fix free_irq() on remove (Vincent Whitchurch) \n- i40e: Fix call trace in setup_tx_descriptors (Aleksandr Loktionov) \n- pNFS: Don't keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE (Trond Myklebust) \n- random: credit cpu and bootloader seeds by default (Jason A. Donenfeld) \n- net: ethernet: mtk_eth_soc: fix misuse of mem alloc interface netdev[napi]_alloc_frag (Chen Lin) \n- ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg (Wang Yufen) \n- nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred (Xiaohui Zhang) \n- virtio-mmio: fix missing put_device() when vm_cmdline_parent registration failed (chengkaitao) \n- scsi: pmcraid: Fix missing resource cleanup in error case (Chengguang Xu) \n- scsi: ipr: Fix missing/incorrect resource cleanup in error case (Chengguang Xu) \n- scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topology (James Smart) \n- scsi: vmw_pvscsi: Expand vcpuHint to 16 bits (Wentao Wang) \n- ASoC: wm8962: Fix suspend while playing music (Adam Ford) \n- ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo() (Sergey Shtylyov) \n- ASoC: cs42l56: Correct typo in minimum level for SX volume controls (Charles Keepax) \n- ASoC: cs42l52: Correct TLV for Bypass Volume (Charles Keepax) \n- ASoC: cs53l30: Correct number of volume levels on SX controls (Charles Keepax) \n- ASoC: cs42l52: Fix TLV scales for mixer controls (Charles Keepax) \n- random: account for arch randomness in bits (Jason A. Donenfeld) \n- random: mark bootloader randomness code as __init (Jason A. Donenfeld) \n- random: avoid checking crng_ready() twice in random_init() (Jason A. Donenfeld) \n- crypto: drbg - make reseeding from get_random_bytes() synchronous (Nicolai Stange) \n- crypto: drbg - always try to free Jitter RNG instance (Stephan Muller) \n- crypto: drbg - move dynamic ->reseed_threshold adjustments to __drbg_seed() (Nicolai Stange) \n- crypto: drbg - track whether DRBG was seeded with !rng_is_initialized() (Nicolai Stange) \n- crypto: drbg - prepare for more fine-grained tracking of seeding state (Nicolai Stange) \n- crypto: drbg - always seeded with SP800-90B compliant noise source (Stephan Muller) \n- crypto: drbg - add FIPS 140-2 CTRNG for noise source (Stephan Mueller) \n- Revert 'random: use static branch for crng_ready()' (Jason A. Donenfeld) \n- random: check for signals after page of pool writes (Jason A. Donenfeld) \n- random: wire up fops->splice_{read,write}_iter() (Jens Axboe) \n- random: convert to using fops->write_iter() (Jens Axboe) \n- random: move randomize_page() into mm where it belongs (Jason A. Donenfeld) \n- random: move initialization functions out of hot pages (Jason A. Donenfeld) \n- random: use proper jiffies comparison macro (Jason A. Donenfeld) \n- random: use symbolic constants for crng_init states (Jason A. Donenfeld) \n- siphash: use one source of truth for siphash permutations (Jason A. Donenfeld) \n- random: help compiler out with fast_mix() by using simpler arguments (Jason A. Donenfeld) \n- random: do not use input pool from hard IRQs (Saeed Mirzamohammadi) \n- random: order timer entropy functions below interrupt functions (Jason A. Donenfeld) \n- random: do not pretend to handle premature next security model (Jason A. Donenfeld) \n- random: do not use batches when !crng_ready() (Jason A. Donenfeld) \n- random: insist on random_get_entropy() existing in order to simplify (Jason A. Donenfeld) \n- xtensa: use fallback for random_get_entropy() instead of zero (Jason A. Donenfeld) \n- sparc: use fallback for random_get_entropy() instead of zero (Jason A. Donenfeld) \n- um: use fallback for random_get_entropy() instead of zero (Jason A. Donenfeld) \n- x86/tsc: Use fallback for random_get_entropy() instead of zero (Jason A. Donenfeld) \n- nios2: use fallback for random_get_entropy() instead of zero (Jason A. Donenfeld) \n- arm: use fallback for random_get_entropy() instead of zero (Jason A. Donenfeld) \n- mips: use fallback for random_get_entropy() instead of just c0 random (Jason A. Donenfeld) \n- m68k: use fallback for random_get_entropy() instead of zero (Jason A. Donenfeld) \n- timekeeping: Add raw clock fallback for random_get_entropy() (Jason A. Donenfeld) \n- powerpc: define get_cycles macro for arch-override (Jason A. Donenfeld) \n- alpha: define get_cycles macro for arch-override (Jason A. Donenfeld) \n- parisc: define get_cycles macro for arch-override (Jason A. Donenfeld) \n- s390: define get_cycles macro for arch-override (Jason A. Donenfeld) \n- ia64: define get_cycles macro for arch-override (Jason A. Donenfeld) \n- init: call time_init() before rand_initialize() (Jason A. Donenfeld) \n- random: fix sysctl documentation nits (Jason A. Donenfeld) \n- random: document crng_fast_key_erasure() destination possibility (Jason A. Donenfeld) \n- random: make random_get_entropy() return an unsigned long (Jason A. Donenfeld) \n- random: check for signals every PAGE_SIZE chunk of /dev/[u]random (Jason A. Donenfeld) \n- random: check for signal_pending() outside of need_resched() check (Jann Horn) \n- random: do not allow user to keep crng key around on stack (Jason A. Donenfeld) \n- random: do not split fast init input in add_hwgenerator_randomness() (Jan Varho) \n- random: mix build-time latent entropy into pool at init (Jason A. Donenfeld) \n- random: re-add removed comment about get_random_{u32,u64} reseeding (Jason A. Donenfeld) \n- random: treat bootloader trust toggle the same way as cpu trust toggle (Jason A. Donenfeld) \n- random: skip fast_init if hwrng provides large chunk of entropy (Jason A. Donenfeld) \n- random: check for signal and try earlier when generating entropy (Jason A. Donenfeld) \n- random: reseed more often immediately after booting (Jason A. Donenfeld) \n- random: make consistent usage of crng_ready() (Jason A. Donenfeld) \n- random: use SipHash as interrupt entropy accumulator (Jason A. Donenfeld) \n- random: replace custom notifier chain with standard one (Jason A. Donenfeld) \n- random: don't let 644 read-only sysctls be written to (Jason A. Donenfeld) \n- random: give sysctl_random_min_urandom_seed a more sensible value (Jason A. Donenfeld) \n- random: do crng pre-init loading in worker rather than irq (Jason A. Donenfeld) \n- random: unify cycles_t and jiffies usage and types (Jason A. Donenfeld) \n- random: cleanup UUID handling (Jason A. Donenfeld) \n- random: only wake up writers after zap if threshold was passed (Jason A. Donenfeld) \n- random: round-robin registers as ulong, not u32 (Jason A. Donenfeld) \n- random: pull add_hwgenerator_randomness() declaration into random.h (Jason A. Donenfeld) \n- random: check for crng_init == 0 in add_device_randomness() (Jason A. Donenfeld) \n- random: unify early init crng load accounting (Jason A. Donenfeld) \n- random: do not take pool spinlock at boot (Jason A. Donenfeld) \n- random: defer fast pool mixing to worker (Jason A. Donenfeld) \n- random: rewrite header introductory comment (Jason A. Donenfeld) \n- random: group sysctl functions (Jason A. Donenfeld) \n- random: group userspace read/write functions (Jason A. Donenfeld) \n- random: group entropy collection functions (Jason A. Donenfeld) \n- random: group entropy extraction functions (Jason A. Donenfeld) \n- random: remove useless header comment (Jason A. Donenfeld) \n- random: introduce drain_entropy() helper to declutter crng_reseed() (Jason A. Donenfeld) \n- random: deobfuscate irq u32/u64 contributions (Jason A. Donenfeld) \n- random: add proper SPDX header (Jason A. Donenfeld) \n- random: remove unused tracepoints (Jason A. Donenfeld) \n- random: remove ifdef'd out interrupt bench (Jason A. Donenfeld) \n- random: tie batched entropy generation to base_crng generation (Jason A. Donenfeld) \n- random: zero buffer after reading entropy from userspace (Jason A. Donenfeld) \n- random: remove outdated INT_MAX >> 6 check in urandom_read() (Jason A. Donenfeld) \n- random: use hash function for crng_slow_load() (Jason A. Donenfeld) \n- random: absorb fast pool into input pool after fast load (Jason A. Donenfeld) \n- random: do not xor RDRAND when writing into /dev/random (Jason A. Donenfeld) \n- random: ensure early RDSEED goes through mixer on init (Jason A. Donenfeld) \n- random: inline leaves of rand_initialize() (Jason A. Donenfeld) \n- random: use RDSEED instead of RDRAND in entropy extraction (Jason A. Donenfeld) \n- random: fix locking in crng_fast_load() (Dominik Brodowski) \n- random: remove batched entropy locking (Jason A. Donenfeld) \n- random: remove use_input_pool parameter from crng_reseed() (Eric Biggers) \n- random: make credit_entropy_bits() always safe (Jason A. Donenfeld) \n- random: always wake up entropy writers after extraction (Jason A. Donenfeld) \n- random: use linear min-entropy accumulation crediting (Jason A. Donenfeld) \n- random: simplify entropy debiting (Jason A. Donenfeld) \n- random: use computational hash for entropy extraction (Jason A. Donenfeld) \n- random: only call crng_finalize_init() for primary_crng (Dominik Brodowski) \n- random: access primary_pool directly rather than through pointer (Dominik Brodowski) \n- random: continually use hwgenerator randomness (Dominik Brodowski) \n- random: simplify arithmetic function flow in account() (Jason A. Donenfeld) \n- random: access input_pool_data directly rather than through pointer (Jason A. Donenfeld) \n- random: cleanup fractional entropy shift constants (Jason A. Donenfeld) \n- random: prepend remaining pool constants with POOL_ (Jason A. Donenfeld) \n- random: de-duplicate INPUT_POOL constants (Jason A. Donenfeld) \n- random: remove unused OUTPUT_POOL constants (Jason A. Donenfeld) \n- random: rather than entropy_store abstraction, use global (Jason A. Donenfeld) \n- random: try to actively add entropy rather than passively wait for it (Linus Torvalds) \n- random: remove unused extract_entropy() reserved argument (Jason A. Donenfeld) \n- random: remove incomplete last_data logic (Jason A. Donenfeld) \n- random: cleanup integer types (Jason A. Donenfeld) \n- crypto: chacha20 - Fix chacha20_block() keystream alignment (again) (Eric Biggers) \n- random: cleanup poolinfo abstraction (Jason A. Donenfeld) \n- random: fix typo in comments (Schspa Shi) \n- random: don't reset crng_init_cnt on urandom_read() (Jann Horn) \n- random: avoid superfluous call to RDRAND in CRNG extraction (Jason A. Donenfeld) \n- random: early initialization of ChaCha constants (Dominik Brodowski) \n- random: initialize ChaCha20 constants with correct endianness (Eric Biggers) \n- random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs (Jason A. Donenfeld) \n- random: harmonize 'crng init done' messages (Dominik Brodowski) \n- random: mix bootloader randomness into pool (Jason A. Donenfeld) \n- random: do not re-init if crng_reseed completes before primary init (Jason A. Donenfeld) \n- random: do not sign extend bytes for rotation when mixing (Jason A. Donenfeld) \n- random: use BLAKE2s instead of SHA1 in extraction (Jason A. Donenfeld) \n- random: remove unused irq_flags argument from add_interrupt_randomness() (Saeed Mirzamohammadi) \n- random: document add_hwgenerator_randomness() with other input functions (Mark Brown) \n- crypto: blake2s - adjust include guard naming (Eric Biggers) \n(Eric Biggers) \n- MAINTAINERS: co-maintain random.c (Jason A. Donenfeld) \n- random: remove dead code left over from blocking pool (Eric Biggers) \n- random: avoid arch_get_random_seed_long() when collecting IRQ randomness (Ard Biesheuvel) \n- random: add arch_get_random_*long_early() (Mark Rutland) \n- powerpc: Use bool in archrandom.h (Richard Henderson) \n- linux/random.h: Mark CONFIG_ARCH_RANDOM functions __must_check (Richard Henderson) \n- linux/random.h: Use false with bool (Richard Henderson) \n- linux/random.h: Remove arch_has_random, arch_has_random_seed (Richard Henderson) \n- s390: Remove arch_has_random, arch_has_random_seed (Richard Henderson) \n- powerpc: Remove arch_has_random, arch_has_random_seed (Richard Henderson) \n- x86: Remove arch_has_random, arch_has_random_seed (Richard Henderson) \n- random: avoid warnings for !CONFIG_NUMA builds (Mark Rutland) \n- random: split primary/secondary crng init paths (Mark Rutland) \n- random: remove some dead code of poolinfo (Yangtao Li) \n- random: fix typo in add_timer_randomness() (Yangtao Li) \n- random: Add and use pr_fmt() (Yangtao Li) \n- random: convert to ENTROPY_BITS for better code readability (Yangtao Li) \n- random: remove unnecessary unlikely() (Yangtao Li) \n- random: remove kernel.random.read_wakeup_threshold (Andy Lutomirski) \n- random: delete code to pull data into pools (Andy Lutomirski) \n- random: remove the blocking pool (Andy Lutomirski) \n- random: fix crash on multiple early calls to add_bootloader_randomness() (Dominik Brodowski) \n- char/random: silence a lockdep splat with printk() (Sergey Senozhatsky) \n- random: make /dev/random be almost like /dev/urandom (Andy Lutomirski) \n- random: ignore GRND_RANDOM in getentropy(2) (Andy Lutomirski) \n- random: add GRND_INSECURE to return best-effort non-cryptographic bytes (Andy Lutomirski) \n- random: Add a urandom_read_nowait() for random APIs that don't warn (Andy Lutomirski) \n- random: Don't wake crng_init_wait when crng_init == 1 (Andy Lutomirski) \n- lib/crypto: sha1: re-roll loops to reduce code size (Jason A. Donenfeld) \n- lib/crypto: blake2s: move hmac construction into wireguard (Jason A. Donenfeld) \n- crypto: blake2s - generic C library implementation and selftest (Jason A. Donenfeld) \n- crypto: Deduplicate le32_to_cpu_array() and cpu_to_le32_array() (Andy Shevchenko) \n- Revert 'hwrng: core - Freeze khwrng thread during suspend' (Herbert Xu) \n- char/random: Add a newline at the end of the file (Borislav Petkov) \n- random: Use wait_event_freezable() in add_hwgenerator_randomness() (Stephen Boyd) \n- fdt: add support for rng-seed (Hsin-Yi Wang) \n- random: Support freezable kthreads in add_hwgenerator_randomness() (Stephen Boyd) \n- random: fix soft lockup when trying to read from an uninitialized blocking pool (Theodore Ts'o) \n- latent_entropy: avoid build error when plugin cflags are not set (Vasily Gorbik) \n- random: document get_random_int() family (George Spelvin) \n- random: move rand_initialize() earlier (Kees Cook) \n- random: only read from /dev/random after its pool has received 128 bits (Theodore Ts'o) \n- drivers/char/random.c: make primary_crng static (Rasmus Villemoes) \n- drivers/char/random.c: remove unused stuct poolinfo::poolbits (Rasmus Villemoes) \n- drivers/char/random.c: constify poolinfo_table (Rasmus Villemoes) \n- random: make CPU trust a boot parameter (Kees Cook) \n- random: Make crng state queryable (Jason A. Donenfeld) \n- random: remove preempt disabled region (Ingo Molnar) \n- random: add a config option to trust the CPU's hwrng (Theodore Ts'o) \n- random: Return nbytes filled from hw RNG (Tobin C. Harding) \n- random: Fix whitespace pre random-bytes work (Tobin C. Harding) \n- drivers/char/random.c: remove unused dont_count_entropy (Rasmus Villemoes) \n- random: optimize add_interrupt_randomness (Andi Kleen) \n- random: always fill buffer in get_random_bytes_wait (Jason A. Donenfeld) \n- crypto: chacha20 - Fix keystream alignment for chacha20_block() (Eric Biggers) \n- 9p: missing chunk of 'fs/9p: Don't update file type when updating file attributes' (Al Viro)\n[4.14.35-2047.517.0]\n- mpt3sas: Fix panic observed while accessing the hw ctx queue (Gulam Mohamed) [Orabug: 34446738] \n- driver: marvell: mmc: Add new bus modes overrides from DT (Wojciech Bartczak) [Orabug: 34440004] \n- octeontx2: mmc: Adds mechanism to modify all MMC bus modes timings (Wojciech Bartczak) [Orabug: 34440004] \n- rds/rdma: correctly assign the dest qp num in rds ib connection (Rohit Nair) [Orabug: 34429478] \n- Revert 'uek-rpm: Enable config CONFIG_SCSI_MQ_DEFAULT' (Gulam Mohamed) [Orabug: 34419153] \n- net/rds : Adding support to print SCQ and RCQ completion vectors in rds-info. (Anand Khoje) [Orabug: 34398210] \n- IB/mlx5: Disable BME for unbound devices too (Hakon Bugge) [Orabug: 34395378] \n- net/mlx5: Rearm the FW tracer after each tracer event (Feras Daoud) [Orabug: 34387281] \n- net/mlx5: FW tracer, Add debug prints (Saeed Mahameed) [Orabug: 34387281] \n- perf script: Fix crash because of missing evsel->priv (Ravi Bangoria) [Orabug: 34382257] \n- net/rds: Fix a NULL dereference in rds_tcp_accept_one() (Harshit Mogalapalli) [Orabug: 34371946] \n- ocfs2: kill EBUSY from dlmfs_evict_inode (Junxiao Bi) [Orabug: 34364338] \n- ocfs2: dlmfs: don't clear USER_LOCK_ATTACHED when destroying lock (Junxiao Bi) [Orabug: 34364338] \n- rds: ib: Qualify RNR Retry Timer check with firmware version (Freddy Carrillo) [Orabug: 33665743]", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.2, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-16T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-21385", "CVE-2022-21546", "CVE-2022-2588"], "modified": "2022-09-16T00:00:00", "id": "ELSA-2022-9787", "href": "http://linux.oracle.com/errata/ELSA-2022-9787.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-09-16T00:43:27", "description": "[4.14.35-2047.517.3.el7]\n- KVM: x86: use raw clock values consistently (Paolo Bonzini) [Orabug: 34575637]\n- KVM: x86: reorganize pvclock_gtod_data members (Paolo Bonzini) [Orabug: 34575637]\n- KVM: x86: switch KVMCLOCK base to monotonic raw clock (Marcelo Tosatti) [Orabug: 34575637]\n[4.14.35-2047.517.2.el7]\n- kernfs: Replace global kernfs_open_file_mutex with hashed mutexes. (Imran Khan) [Orabug: 34476942]\n- kernfs: Introduce interface to access global kernfs_open_file_mutex. (Imran Khan) [Orabug: 34476942]\n- kernfs: make ->attr.open RCU protected. (Imran Khan) [Orabug: 34476942]\n- kernfs: Rename kernfs_put_open_node to kernfs_unlink_open_file. (Imran Khan) [Orabug: 34476942]\n- kernfs: Remove reference counting for kernfs_open_node. (Imran Khan) [Orabug: 34476942]\n- scsi: target: Fix WRITE_SAME No Data Buffer crash (Mike Christie) [Orabug: 34419972] {CVE-2022-21546}\n- rds/rdma: destroy CQs during user initiated rds connection resets (Rohit Nair) [Orabug: 34414240]\n- rds: copy_from_user only once per rds_sendmsg system call (Hans Westgaard Ry) [Orabug: 34510858] {CVE-2022-21385}\n[4.14.35-2047.517.1.el7]\n- net_sched: cls_route: remove from list when handle is 0 (Thadeu Lima de Souza Cascardo) [Orabug: 34480752] {CVE-2022-2588}\n- Restore 'module, async: async_synchronize_full() on module init iff async is used' (Mridula Shastry) [Orabug: 34469834]\n- net/rds: Replace #ifdef DEBUG with CONFIG_SLUB_DEBUG (Freddy Carrillo) [Orabug: 34405766]\n- ext4: Move to shared i_rwsem even without dioread_nolock mount opt (Ritesh Harjani) [Orabug: 34295843]\n- ext4: Start with shared i_rwsem in case of DIO instead of exclusive (Ritesh Harjani) [Orabug: 34295843]\n- ext4: further refactoring bufferio and dio helper (Junxiao Bi) [Orabug: 34295843]\n- ext4: refactor ext4_file_write_iter (Junxiao Bi) [Orabug: 34295843]\n- xen/manage: Use orderly_reboot() to reboot (Ross Lagerwall) [Orabug: 34211118]\n- xen/manage: revert 'xen/manage: enable C_A_D to force reboot' (Dongli Zhang) [Orabug: 34211118]\n- Linux 4.14.288 (Greg Kroah-Hartman) \n- dmaengine: ti: Add missing put_device in ti_dra7_xbar_route_allocate (Miaoqian Lin) \n- dmaengine: ti: Fix refcount leak in ti_dra7_xbar_route_allocate (Miaoqian Lin) \n- dmaengine: at_xdma: handle errors of at_xdmac_alloc_desc() correctly (Michael Walle) \n- ida: don't use BUG_ON() for debugging (Linus Torvalds) \n- i2c: cadence: Unregister the clk notifier in error path (Satish Nagireddy) \n- pinctrl: sunxi: a83t: Fix NAND function name for some pins (Samuel Holland) \n- xfs: remove incorrect ASSERT in xfs_rename (Eric Sandeen) \n- powerpc/powernv: delay rng platform device creation until later in boot (Jason A. Donenfeld) \n- video: of_display_timing.h: include errno.h (Hsin-Yi Wang) \n- fbcon: Disallow setting font bigger than screen size (Helge Deller) \n- iommu/vt-d: Fix PCI bus rescan device hot add (Yian Chen) \n- net: rose: fix UAF bug caused by rose_t0timer_expiry (Duoming Zhou) \n- usbnet: fix memory leak in error case (Oliver Neukum) \n- can: gs_usb: gs_usb_open/close(): fix memory leak (Rhett Aultman) \n- can: grcan: grcan_probe(): remove extra of_node_get() (Liang He) \n- mm/slub: add missing TID updates on slab deactivation (Jann Horn) \n- esp: limit skb_page_frag_refill use to a single page (Sabrina Dubroca) \n- Linux 4.14.287 (Greg Kroah-Hartman) \n- xen/gntdev: Avoid blocking in unmap_grant_pages() (Demi Marie Obenour) \n- net: usb: qmi_wwan: add Telit 0x1070 composition (Daniele Palmas) \n- net: usb: qmi_wwan: add Telit 0x1060 composition (Carlo Lobrano) \n- xen/arm: Fix race in RB-tree based P2M accounting (Oleksandr Tyshchenko) {CVE-2022-33744}\n- net: Rename and export copy_skb_header (Ilya Lesokhin) \n- ipv6/sit: fix ipip6_tunnel_get_prl return value (katrinzhou) \n- sit: use min (kernel test robot) \n- hwmon: (ibmaem) don't call platform_device_del() if platform_device_add() fails (Yang Yingliang) \n- NFC: nxp-nci: Don't issue a zero length i2c_master_read() (Michael Walle) \n- nfc: nfcmrvl: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski) \n- net: bonding: fix use-after-free after 802.3ad slave unbind (Yevhen Orlov) \n- net: bonding: fix possible NULL deref in rlb code (Eric Dumazet) \n- netfilter: nft_dynset: restore set element counter when failing to update (Pablo Neira Ayuso) \n- caif_virtio: fix race between virtio_device_ready() and ndo_open() (Jason Wang) \n- net: ipv6: unexport __init-annotated seg6_hmac_net_init() (YueHaibing) \n- usbnet: fix memory allocation in helpers (Oliver Neukum) \n- RDMA/qedr: Fix reporting QP timeout attribute (Kamal Heib) \n- net: usb: ax88179_178a: Fix packet receiving (Jose Alonso) \n- net: rose: fix UAF bugs caused by timer handler (Duoming Zhou) \n- SUNRPC: Fix READ_PLUS crasher (Chuck Lever) \n- s390/archrandom: simplify back to earlier design and initialize earlier (Jason A. Donenfeld) \n- dm raid: fix KASAN warning in raid5_add_disks (Mikulas Patocka) \n- dm raid: fix accesses beyond end of raid member array (Heinz Mauelshagen) \n- nvdimm: Fix badblocks clear off-by-one error (Chris Ye) \n- Linux 4.14.286 (Greg Kroah-Hartman) \n- swiotlb: skip swiotlb_bounce when orig_addr is zero (Liu Shixin) \n- kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add] (Naveen N. Rao) \n- fdt: Update CRC check for rng-seed (Hsin-Yi Wang) \n- xen: unexport __init-annotated xen_xlate_map_ballooned_pages() (Masahiro Yamada) \n- drm: remove drm_fb_helper_modinit (Christoph Hellwig) \n- powerpc/pseries: wire up rng during setup_arch() (Jason A. Donenfeld) \n- modpost: fix section mismatch check for exported init/exit sections (Masahiro Yamada) \n- ARM: cns3xxx: Fix refcount leak in cns3xxx_init (Miaoqian Lin) \n- ARM: Fix refcount leak in axxia_boot_secondary (Miaoqian Lin) \n- ARM: exynos: Fix refcount leak in exynos_map_pmu (Miaoqian Lin) \n- ARM: dts: imx6qdl: correct PU regulator ramp delay (Lucas Stach) \n- powerpc/powernv: wire up rng during setup_arch (Jason A. Donenfeld) \n- powerpc/rtas: Allow ibm,platform-dump RTAS call with null buffer address (Andrew Donnellan) \n- powerpc: Enable execve syscall exit tracepoint (Naveen N. Rao) \n- xtensa: Fix refcount leak bug in time.c (Liang He) \n- xtensa: xtfpga: Fix refcount leak bug in setup (Liang He) \n- iio: adc: axp288: Override TS pin bias current for some models (Hans de Goede) \n- iio: trigger: sysfs: fix use-after-free on remove (Vincent Whitchurch) \n- iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up() (Zheyu Ma) \n- iio: accel: mma8452: ignore the return value of reset operation (Haibo Chen) \n- iio:accel:bma180: rearrange iio trigger get and register (Dmitry Rokosov) \n- usb: chipidea: udc: check request status before setting device address (Xu Yang) \n- iio: adc: vf610: fix conversion mode sysfs node name (Baruch Siach) \n- igb: Make DMA faster when CPU is active on the PCIe link (Kai-Heng Feng) \n- MIPS: Remove repetitive increase irq_err_count (huhai) \n- x86/xen: Remove undefined behavior in setup_features() (Julien Grall) \n- bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers (Jay Vosburgh) \n- USB: serial: option: add Quectel RM500K module support (Macpaul Lin) \n- USB: serial: option: add Quectel EM05-G modem (Yonglin Tan) \n- USB: serial: option: add Telit LE910Cx 0x1250 composition (Carlo Lobrano) \n- random: quiet urandom warning ratelimit suppression message (Jason A. Donenfeld) \n- dm era: commit metadata in postsuspend after worker stops (Nikos Tsironis) \n- ata: libata: add qc->flags in ata_qc_complete_template tracepoint (Edward Wu) \n- random: schedule mix_interrupt_randomness() less often (Jason A. Donenfeld) \n- vt: drop old FONT ioctls (Jiri Slaby) \n- Linux 4.14.285 (Greg Kroah-Hartman) \n- tcp: drop the hash_32() part from the index calculation (Willy Tarreau) \n- tcp: increase source port perturb table to 2^16 (Willy Tarreau) \n- tcp: dynamically allocate the perturb table used by source ports (Willy Tarreau) \n- tcp: add small random increments to the source port (Willy Tarreau) \n- tcp: use different parts of the port_offset for index and offset (Willy Tarreau) \n- tcp: add some entropy in __inet_hash_connect() (Eric Dumazet) \n- xprtrdma: fix incorrect header size calculations (Colin Ian King) \n- usb: gadget: u_ether: fix regression in setting fixed MAC address (Marian Postevca) \n- s390/mm: use non-quiescing sske for KVM switch to keyed guest (Christian Borntraeger) \n- virtio-pci: Remove wrong address verification in vp_del_vqs() (Murilo Opsfelder Araujo) \n- ext4: add reserved GDT blocks check (Zhang Yi) \n- ext4: make variable 'count' signed (Ding Xiang) \n- ext4: fix bug_on ext4_mb_use_inode_pa (Baokun Li) \n- serial: 8250: Store to lsr_save_flags after lsr read (Ilpo Jarvinen) \n- usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe (Miaoqian Lin) \n- usb: dwc2: Fix memory leak in dwc2_hcd_init (Miaoqian Lin) \n- USB: serial: io_ti: add Agilent E5805A support (Robert Eckelmann) \n- USB: serial: option: add support for Cinterion MV31 with new baseline (Slark Xiao) \n- comedi: vmk80xx: fix expression for tx buffer size (Ian Abbott) \n- irqchip/gic/realview: Fix refcount leak in realview_gic_of_init (Miaoqian Lin) \n- certs/blacklist_hashes.c: fix const confusion in certs blacklist (Masahiro Yamada) \n- arm64: ftrace: fix branch range checks (Mark Rutland) \n- net: bgmac: Fix an erroneous kfree() in bgmac_remove() (Christophe JAILLET) \n- misc: atmel-ssc: Fix IRQ check in ssc_probe (Miaoqian Lin) \n- tty: goldfish: Fix free_irq() on remove (Vincent Whitchurch) \n- i40e: Fix call trace in setup_tx_descriptors (Aleksandr Loktionov) \n- pNFS: Don't keep retrying if the server replied NFS4ERR_LAYOUTUNAVAILABLE (Trond Myklebust) \n- random: credit cpu and bootloader seeds by default (Jason A. Donenfeld) \n- net: ethernet: mtk_eth_soc: fix misuse of mem alloc interface netdev[napi]_alloc_frag (Chen Lin) \n- ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg (Wang Yufen) \n- nfc: nfcmrvl: Fix memory leak in nfcmrvl_play_deferred (Xiaohui Zhang) \n- virtio-mmio: fix missing put_device() when vm_cmdline_parent registration failed (chengkaitao) \n- scsi: pmcraid: Fix missing resource cleanup in error case (Chengguang Xu) \n- scsi: ipr: Fix missing/incorrect resource cleanup in error case (Chengguang Xu) \n- scsi: lpfc: Fix port stuck in bypassed state after LIP in PT2PT topology (James Smart) \n- scsi: vmw_pvscsi: Expand vcpuHint to 16 bits (Wentao Wang) \n- ASoC: wm8962: Fix suspend while playing music (Adam Ford) \n- ata: libata-core: fix NULL pointer deref in ata_host_alloc_pinfo() (Sergey Shtylyov) \n- ASoC: cs42l56: Correct typo in minimum level for SX volume controls (Charles Keepax) \n- ASoC: cs42l52: Correct TLV for Bypass Volume (Charles Keepax) \n- ASoC: cs53l30: Correct number of volume levels on SX controls (Charles Keepax) \n- ASoC: cs42l52: Fix TLV scales for mixer controls (Charles Keepax) \n- random: account for arch randomness in bits (Jason A. Donenfeld) \n- random: mark bootloader randomness code as __init (Jason A. Donenfeld) \n- random: avoid checking crng_ready() twice in random_init() (Jason A. Donenfeld) \n- crypto: drbg - make reseeding from get_random_bytes() synchronous (Nicolai Stange) \n- crypto: drbg - always try to free Jitter RNG instance (Stephan Muller) \n- crypto: drbg - move dynamic ->reseed_threshold adjustments to __drbg_seed() (Nicolai Stange) \n- crypto: drbg - track whether DRBG was seeded with !rng_is_initialized() (Nicolai Stange) \n- crypto: drbg - prepare for more fine-grained tracking of seeding state (Nicolai Stange) \n- crypto: drbg - always seeded with SP800-90B compliant noise source (Stephan Muller) \n- crypto: drbg - add FIPS 140-2 CTRNG for noise source (Stephan Mueller) \n- Revert 'random: use static branch for crng_ready()' (Jason A. Donenfeld) \n- random: check for signals after page of pool writes (Jason A. Donenfeld) \n- random: wire up fops->splice_{read,write}_iter() (Jens Axboe) \n- random: convert to using fops->write_iter() (Jens Axboe) \n- random: move randomize_page() into mm where it belongs (Jason A. Donenfeld) \n- random: move initialization functions out of hot pages (Jason A. Donenfeld) \n- random: use proper jiffies comparison macro (Jason A. Donenfeld) \n- random: use symbolic constants for crng_init states (Jason A. Donenfeld) \n- siphash: use one source of truth for siphash permutations (Jason A. Donenfeld) \n- random: help compiler out with fast_mix() by using simpler arguments (Jason A. Donenfeld) \n- random: do not use input pool from hard IRQs (Saeed Mirzamohammadi) \n- random: order timer entropy functions below interrupt functions (Jason A. Donenfeld) \n- random: do not pretend to handle premature next security model (Jason A. Donenfeld) \n- random: do not use batches when !crng_ready() (Jason A. Donenfeld) \n- random: insist on random_get_entropy() existing in order to simplify (Jason A. Donenfeld) \n- xtensa: use fallback for random_get_entropy() instead of zero (Jason A. Donenfeld) \n- sparc: use fallback for random_get_entropy() instead of zero (Jason A. Donenfeld) \n- um: use fallback for random_get_entropy() instead of zero (Jason A. Donenfeld) \n- x86/tsc: Use fallback for random_get_entropy() instead of zero (Jason A. Donenfeld) \n- nios2: use fallback for random_get_entropy() instead of zero (Jason A. Donenfeld) \n- arm: use fallback for random_get_entropy() instead of zero (Jason A. Donenfeld) \n- mips: use fallback for random_get_entropy() instead of just c0 random (Jason A. Donenfeld) \n- m68k: use fallback for random_get_entropy() instead of zero (Jason A. Donenfeld) \n- timekeeping: Add raw clock fallback for random_get_entropy() (Jason A. Donenfeld) \n- powerpc: define get_cycles macro for arch-override (Jason A. Donenfeld) \n- alpha: define get_cycles macro for arch-override (Jason A. Donenfeld) \n- parisc: define get_cycles macro for arch-override (Jason A. Donenfeld) \n- s390: define get_cycles macro for arch-override (Jason A. Donenfeld) \n- ia64: define get_cycles macro for arch-override (Jason A. Donenfeld) \n- init: call time_init() before rand_initialize() (Jason A. Donenfeld) \n- random: fix sysctl documentation nits (Jason A. Donenfeld) \n- random: document crng_fast_key_erasure() destination possibility (Jason A. Donenfeld) \n- random: make random_get_entropy() return an unsigned long (Jason A. Donenfeld) \n- random: check for signals every PAGE_SIZE chunk of /dev/[u]random (Jason A. Donenfeld) \n- random: check for signal_pending() outside of need_resched() check (Jann Horn) \n- random: do not allow user to keep crng key around on stack (Jason A. Donenfeld) \n- random: do not split fast init input in add_hwgenerator_randomness() (Jan Varho) \n- random: mix build-time latent entropy into pool at init (Jason A. Donenfeld) \n- random: re-add removed comment about get_random_{u32,u64} reseeding (Jason A. Donenfeld) \n- random: treat bootloader trust toggle the same way as cpu trust toggle (Jason A. Donenfeld) \n- random: skip fast_init if hwrng provides large chunk of entropy (Jason A. Donenfeld) \n- random: check for signal and try earlier when generating entropy (Jason A. Donenfeld) \n- random: reseed more often immediately after booting (Jason A. Donenfeld) \n- random: make consistent usage of crng_ready() (Jason A. Donenfeld) \n- random: use SipHash as interrupt entropy accumulator (Jason A. Donenfeld) \n- random: replace custom notifier chain with standard one (Jason A. Donenfeld) \n- random: don't let 644 read-only sysctls be written to (Jason A. Donenfeld) \n- random: give sysctl_random_min_urandom_seed a more sensible value (Jason A. Donenfeld) \n- random: do crng pre-init loading in worker rather than irq (Jason A. Donenfeld) \n- random: unify cycles_t and jiffies usage and types (Jason A. Donenfeld) \n- random: cleanup UUID handling (Jason A. Donenfeld) \n- random: only wake up writers after zap if threshold was passed (Jason A. Donenfeld) \n- random: round-robin registers as ulong, not u32 (Jason A. Donenfeld) \n- random: pull add_hwgenerator_randomness() declaration into random.h (Jason A. Donenfeld) \n- random: check for crng_init == 0 in add_device_randomness() (Jason A. Donenfeld) \n- random: unify early init crng load accounting (Jason A. Donenfeld) \n- random: do not take pool spinlock at boot (Jason A. Donenfeld) \n- random: defer fast pool mixing to worker (Jason A. Donenfeld) \n- random: rewrite header introductory comment (Jason A. Donenfeld) \n- random: group sysctl functions (Jason A. Donenfeld) \n- random: group userspace read/write functions (Jason A. Donenfeld) \n- random: group entropy collection functions (Jason A. Donenfeld) \n- random: group entropy extraction functions (Jason A. Donenfeld) \n- random: remove useless header comment (Jason A. Donenfeld) \n- random: introduce drain_entropy() helper to declutter crng_reseed() (Jason A. Donenfeld) \n- random: deobfuscate irq u32/u64 contributions (Jason A. Donenfeld) \n- random: add proper SPDX header (Jason A. Donenfeld) \n- random: remove unused tracepoints (Jason A. Donenfeld) \n- random: remove ifdef'd out interrupt bench (Jason A. Donenfeld) \n- random: tie batched entropy generation to base_crng generation (Jason A. Donenfeld) \n- random: zero buffer after reading entropy from userspace (Jason A. Donenfeld) \n- random: remove outdated INT_MAX >> 6 check in urandom_read() (Jason A. Donenfeld) \n- random: use hash function for crng_slow_load() (Jason A. Donenfeld) \n- random: absorb fast pool into input pool after fast load (Jason A. Donenfeld) \n- random: do not xor RDRAND when writing into /dev/random (Jason A. Donenfeld) \n- random: ensure early RDSEED goes through mixer on init (Jason A. Donenfeld) \n- random: inline leaves of rand_initialize() (Jason A. Donenfeld) \n- random: use RDSEED instead of RDRAND in entropy extraction (Jason A. Donenfeld) \n- random: fix locking in crng_fast_load() (Dominik Brodowski) \n- random: remove batched entropy locking (Jason A. Donenfeld) \n- random: remove use_input_pool parameter from crng_reseed() (Eric Biggers) \n- random: make credit_entropy_bits() always safe (Jason A. Donenfeld) \n- random: always wake up entropy writers after extraction (Jason A. Donenfeld) \n- random: use linear min-entropy accumulation crediting (Jason A. Donenfeld) \n- random: simplify entropy debiting (Jason A. Donenfeld) \n- random: use computational hash for entropy extraction (Jason A. Donenfeld) \n- random: only call crng_finalize_init() for primary_crng (Dominik Brodowski) \n- random: access primary_pool directly rather than through pointer (Dominik Brodowski) \n- random: continually use hwgenerator randomness (Dominik Brodowski) \n- random: simplify arithmetic function flow in account() (Jason A. Donenfeld) \n- random: access input_pool_data directly rather than through pointer (Jason A. Donenfeld) \n- random: cleanup fractional entropy shift constants (Jason A. Donenfeld) \n- random: prepend remaining pool constants with POOL_ (Jason A. Donenfeld) \n- random: de-duplicate INPUT_POOL constants (Jason A. Donenfeld) \n- random: remove unused OUTPUT_POOL constants (Jason A. Donenfeld) \n- random: rather than entropy_store abstraction, use global (Jason A. Donenfeld) \n- random: try to actively add entropy rather than passively wait for it (Linus Torvalds) \n- random: remove unused extract_entropy() reserved argument (Jason A. Donenfeld) \n- random: remove incomplete last_data logic (Jason A. Donenfeld) \n- random: cleanup integer types (Jason A. Donenfeld) \n- crypto: chacha20 - Fix chacha20_block() keystream alignment (again) (Eric Biggers) \n- random: cleanup poolinfo abstraction (Jason A. Donenfeld) \n- random: fix typo in comments (Schspa Shi) \n- random: don't reset crng_init_cnt on urandom_read() (Jann Horn) \n- random: avoid superfluous call to RDRAND in CRNG extraction (Jason A. Donenfeld) \n- random: early initialization of ChaCha constants (Dominik Brodowski) \n- random: initialize ChaCha20 constants with correct endianness (Eric Biggers) \n- random: use IS_ENABLED(CONFIG_NUMA) instead of ifdefs (Jason A. Donenfeld) \n- random: harmonize 'crng init done' messages (Dominik Brodowski) \n- random: mix bootloader randomness into pool (Jason A. Donenfeld) \n- random: do not re-init if crng_reseed completes before primary init (Jason A. Donenfeld) \n- random: do not sign extend bytes for rotation when mixing (Jason A. Donenfeld) \n- random: use BLAKE2s instead of SHA1 in extraction (Jason A. Donenfeld) \n- random: remove unused irq_flags argument from add_interrupt_randomness() (Saeed Mirzamohammadi) \n- random: document add_hwgenerator_randomness() with other input functions (Mark Brown) \n- crypto: blake2s - adjust include guard naming (Eric Biggers) \n- crypto: blake2s - include \n instead of \n (Eric Biggers) \n- MAINTAINERS: co-maintain random.c (Jason A. Donenfeld) \n- random: remove dead code left over from blocking pool (Eric Biggers) \n- random: avoid arch_get_random_seed_long() when collecting IRQ randomness (Ard Biesheuvel) \n- random: add arch_get_random_*long_early() (Mark Rutland) \n- powerpc: Use bool in archrandom.h (Richard Henderson) \n- linux/random.h: Mark CONFIG_ARCH_RANDOM functions __must_check (Richard Henderson) \n- linux/random.h: Use false with bool (Richard Henderson) \n- linux/random.h: Remove arch_has_random, arch_has_random_seed (Richard Henderson) \n- s390: Remove arch_has_random, arch_has_random_seed (Richard Henderson) \n- powerpc: Remove arch_has_random, arch_has_random_seed (Richard Henderson) \n- x86: Remove arch_has_random, arch_has_random_seed (Richard Henderson) \n- random: avoid warnings for !CONFIG_NUMA builds (Mark Rutland) \n- random: split primary/secondary crng init paths (Mark Rutland) \n- random: remove some dead code of poolinfo (Yangtao Li) \n- random: fix typo in add_timer_randomness() (Yangtao Li) \n- random: Add and use pr_fmt() (Yangtao Li) \n- random: convert to ENTROPY_BITS for better code readability (Yangtao Li) \n- random: remove unnecessary unlikely() (Yangtao Li) \n- random: remove kernel.random.read_wakeup_threshold (Andy Lutomirski) \n- random: delete code to pull data into pools (Andy Lutomirski) \n- random: remove the blocking pool (Andy Lutomirski) \n- random: fix crash on multiple early calls to add_bootloader_randomness() (Dominik Brodowski) \n- char/random: silence a lockdep splat with printk() (Sergey Senozhatsky) \n- random: make /dev/random be almost like /dev/urandom (Andy Lutomirski) \n- random: ignore GRND_RANDOM in getentropy(2) (Andy Lutomirski) \n- random: add GRND_INSECURE to return best-effort non-cryptographic bytes (Andy Lutomirski) \n- random: Add a urandom_read_nowait() for random APIs that don't warn (Andy Lutomirski) \n- random: Don't wake crng_init_wait when crng_init == 1 (Andy Lutomirski) \n- lib/crypto: sha1: re-roll loops to reduce code size (Jason A. Donenfeld) \n- lib/crypto: blake2s: move hmac construction into wireguard (Jason A. Donenfeld) \n- crypto: blake2s - generic C library implementation and selftest (Jason A. Donenfeld) \n- crypto: Deduplicate le32_to_cpu_array() and cpu_to_le32_array() (Andy Shevchenko) \n- Revert 'hwrng: core - Freeze khwrng thread during suspend' (Herbert Xu) \n- char/random: Add a newline at the end of the file (Borislav Petkov) \n- random: Use wait_event_freezable() in add_hwgenerator_randomness() (Stephen Boyd) \n- fdt: add support for rng-seed (Hsin-Yi Wang) \n- random: Support freezable kthreads in add_hwgenerator_randomness() (Stephen Boyd) \n- random: fix soft lockup when trying to read from an uninitialized blocking pool (Theodore Ts'o) \n- latent_entropy: avoid build error when plugin cflags are not set (Vasily Gorbik) \n- random: document get_random_int() family (George Spelvin) \n- random: move rand_initialize() earlier (Kees Cook) \n- random: only read from /dev/random after its pool has received 128 bits (Theodore Ts'o) \n- drivers/char/random.c: make primary_crng static (Rasmus Villemoes) \n- drivers/char/random.c: remove unused stuct poolinfo::poolbits (Rasmus Villemoes) \n- drivers/char/random.c: constify poolinfo_table (Rasmus Villemoes) \n- random: make CPU trust a boot parameter (Kees Cook) \n- random: Make crng state queryable (Jason A. Donenfeld) \n- random: remove preempt disabled region (Ingo Molnar) \n- random: add a config option to trust the CPU's hwrng (Theodore Ts'o) \n- random: Return nbytes filled from hw RNG (Tobin C. Harding) \n- random: Fix whitespace pre random-bytes work (Tobin C. Harding) \n- drivers/char/random.c: remove unused dont_count_entropy (Rasmus Villemoes) \n- random: optimize add_interrupt_randomness (Andi Kleen) \n- random: always fill buffer in get_random_bytes_wait (Jason A. Donenfeld) \n- crypto: chacha20 - Fix keystream alignment for chacha20_block() (Eric Biggers) \n- 9p: missing chunk of 'fs/9p: Don't update file type when updating file attributes' (Al Viro)\n[4.14.35-2047.517.0.el7]\n- mpt3sas: Fix panic observed while accessing the hw ctx queue (Gulam Mohamed) [Orabug: 34446738]\n- driver: marvell: mmc: Add new bus modes overrides from DT (Wojciech Bartczak) [Orabug: 34440004]\n- octeontx2: mmc: Adds mechanism to modify all MMC bus modes timings (Wojciech Bartczak) [Orabug: 34440004]\n- rds/rdma: correctly assign the dest qp num in rds ib connection (Rohit Nair) [Orabug: 34429478]\n- Revert 'uek-rpm: Enable config CONFIG_SCSI_MQ_DEFAULT' (Gulam Mohamed) [Orabug: 34419153]\n- net/rds : Adding support to print SCQ and RCQ completion vectors in rds-info. (Anand Khoje) [Orabug: 34398210]\n- IB/mlx5: Disable BME for unbound devices too (Hakon Bugge) [Orabug: 34395378]\n- net/mlx5: Rearm the FW tracer after each tracer event (Feras Daoud) [Orabug: 34387281]\n- net/mlx5: FW tracer, Add debug prints (Saeed Mahameed) [Orabug: 34387281]\n- perf script: Fix crash because of missing evsel->priv (Ravi Bangoria) [Orabug: 34382257]\n- net/rds: Fix a NULL dereference in rds_tcp_accept_one() (Harshit Mogalapalli) [Orabug: 34371946]\n- ocfs2: kill EBUSY from dlmfs_evict_inode (Junxiao Bi) [Orabug: 34364338]\n- ocfs2: dlmfs: don't clear USER_LOCK_ATTACHED when destroying lock (Junxiao Bi) [Orabug: 34364338]\n- rds: ib: Qualify RNR Retry Timer check with firmware version (Freddy Carrillo) [Orabug: 33665743]", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.2, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-09-16T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel-container security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2022-21385", "CVE-2022-21546", "CVE-2022-2588"], "modified": "2022-09-16T00:00:00", "id": "ELSA-2022-9788", "href": "http://linux.oracle.com/errata/ELSA-2022-9788.html", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2022-08-15T18:31:19", "description": "r[ 5.4.17-2136.310.7]\n- net_sched: cls_route: remove from list when handle is 0 (Thadeu Lima de Souza Cascardo) [Orabug: 34480880] {CVE-2022-2588}\n- x86/spec_ctrl: limit IBRS_FW to retpoline only (Ankur Arora) [Orabug: 34450896] \n- x86/bugs: display dynamic retbleed state (Ankur Arora) [Orabug: 34450896] \n- x86/bugs: remove incorrect __init/__ro_after_init annotations (Ankur Arora) [Orabug: 34455621]\n[5.4.17-2136.310.6]\n- SUNRPC: Fix READ_PLUS crasher (Chuck Lever) \n- Revert 'hwmon: Make chip parameter for with_info API mandatory' (Greg Kroah-Hartman) [Orabug: 34423806] \n- ext4: make variable 'count' signed (Ding Xiang) \n- faddr2line: Fix overlapping text section failures, the sequel (Josh Poimboeuf)\n[5.4.17-2136.310.5]\n- arm64: proton-pack: provide vulnerability file value for RETBleed (James Morse) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- KVM: emulate: do not adjust size of fastop and setcc subroutines (Paolo Bonzini) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/kvm: fix FASTOP_SIZE when return thunks are enabled (Thadeu Lima de Souza Cascardo) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/entry: Remove UNTRAIN_RET from native_irq_return_ldt (Alexandre Chartre) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/speculation: Disable RRSBA behavior (Pawan Gupta) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/exec: Disable RET on kexec (Konrad Rzeszutek Wilk) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bugs: do not enable IBPB-on-entry when IBPB is not supported (Thadeu Lima de Souza Cascardo) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bugs: Add Cannon lake to RETBleed affected CPU list (Pawan Gupta) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/cpu/amd: Enumerate BTC_NO (Andrew Cooper) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/common: Stamp out the stepping madness (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- KVM: VMX: Prevent RSB underflow before vmenter (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/speculation: Fill RSB on vmexit for IBRS (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- KVM: VMX: Fix IBRS handling after vmexit (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- KVM: VMX: Convert launched argument to flags (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- KVM: VMX: Flatten __vmx_vcpu_run() (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- KVM/VMX: Use TEST %REG,%REG instead of CMP /u03/ksharma/errata_processing/work/el7uek6/db_7uek6.ELSA-2022-9710,%REG in vmenter.S (Uros Bizjak) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- KVM/nVMX: Use __vmx_vcpu_run in nested_vmx_check_vmentry_hw (Uros Bizjak) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/speculation: Remove x86_spec_ctrl_mask (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/speculation: Fix SPEC_CTRL write on SMT state change (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/speculation: Fix firmware entry SPEC_CTRL handling (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/cpu/amd: Add Spectral Chicken (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Add entry UNRET validation (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- kbuild/objtool: Add objtool-vmlinux.o pass (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bugs: Do IBPB fallback check only once (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bugs: Add retbleed=ibpb (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/xen: Rename SYS* entry points (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Update Retpoline validation (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- intel_idle: Disable IBRS during long idle (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bugs: Report Intel retbleed vulnerability (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS (Pawan Gupta) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bugs: Optimize SPEC_CTRL MSR writes (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/entry: Add kernel IBRS implementation (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bugs: Enable STIBP for JMP2RET (Kim Phillips) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bugs: Add AMD retbleed= boot parameter (Alexandre Chartre) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bugs: Report AMD retbleed vulnerability (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86: Add magic AMD return-thunk (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/vmlinux: Use INT3 instead of NOP for linker fill bytes (Kees Cook) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/realmode: build with __DISABLE_EXPORTS (Ankur Arora) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86: Use return-thunk in asm code (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/sev: Avoid using __x86_return_thunk (Kim Phillips) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/vsyscall_emu/64: Don't use RET in vsyscall emulation (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/kvm: Fix SETcc emulation for return thunks (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bpf: Alternative RET encoding (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/ftrace: Alternative RET encoding (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86,objtool: Create .return_sites (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/mm: elide references to .discard.* from .return_sites (Ankur Arora) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86: Undo return-thunk damage (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/retpoline: Use -mfunction-return (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/retpoline: Swizzle retpoline thunk (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/alternative: Support not-feature (Juergen Gross) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/retpoline: Cleanup some #ifdefery (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/features: Move RETPOLINE flags to word 11 (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- crypto: x86/poly1305 - Fixup SLS (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- kvm/emulate: Fix SETcc emulation function offsets with SLS (Borislav Petkov) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86: Add straight-line-speculation mitigation (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86: Prepare inline-asm for straight-line-speculation (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86: Prepare asm files for straight-line-speculation (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/lib/atomic64_386_32: Rename things (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Add straight-line-speculation validation (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Classify symbols (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Create reloc sections implicitly (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Add elf_create_reloc() helper (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Rework the elf_rebuild_reloc_section() logic (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Handle per arch retpoline naming (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Correctly handle retpoline thunk calls (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Support retpoline jump detection for vmlinux.o (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Add 'alt_group' struct (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Clean up elf_write() condition (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Add support for relocations without addends (Matt Helsley) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Rename rela to reloc (Matt Helsley) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: optimize add_dead_ends for split sections (Sami Tolvanen) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Move the IRET hack into the arch decoder (Miroslav Benes) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Rename elf_read() to elf_open_read() (Ingo Molnar) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Constify 'struct elf *' parameters (Ingo Molnar) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Optimize !vmlinux.o again (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Better handle IRET (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/unwind_hints: define unwind_hint_save, unwind_hint_restore (Ankur Arora) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Add abstraction for destination offsets (Raphael Gault) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Fix off-by-one in symbol_by_offset() (Julien Thierry) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Optimize find_rela_by_dest_range() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Optimize read_sections() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Optimize find_symbol_by_name() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Rename find_containing_func() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Optimize find_symbol_*() and read_symbols() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Optimize find_section_by_name() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Optimize find_section_by_index() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Add a statistics mode (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Optimize find_symbol_by_index() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Rename func_for_each_insn_all() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Rename func_for_each_insn() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Introduce validate_return() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Improve call destination function detection (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Fix clang switch table edge case (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Add relocation check for alternative sections (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Add is_static_jump() helper (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n[5.4.17-2136.310.4]\n- lockdown: Fix kexec lockdown bypass with ima policy (Eric Snowberg) [Orabug: 34400675] {CVE-2022-21505}\n- bnxt_en: Use page frag RX buffers for better software GRO performance (Jakub Kicinski) [Orabug: 34083551] \n- bnxt_en: enable interrupt sampling on 5750X for DIM (Andy Gospodarek) [Orabug: 34083551] \n- bnxt_en: Add event handler for PAUSE Storm event (Somnath Kotur) [Orabug: 34083551] \n- bnxt_en: reject indirect blk offload when hw-tc-offload is off (Sriharsha Basavapatna) [Orabug: 34083551] \n- bnxt_en: make bnxt_free_skbs() safe to call after bnxt_free_mem() (Edwin Peer) [Orabug: 34083551] \n- bnxt_en: Fix error recovery regression (Michael Chan) [Orabug: 34083551] \n- bnxt_en: Fix possible unintended driver initiated error recovery (Michael Chan) [Orabug: 34083551] \n- bnxt: count discards due to memory allocation errors (Jakub Kicinski) [Orabug: 34083551] \n- bnxt: count packets discarded because of netpoll (Jakub Kicinski) [Orabug: 34083551] \n- ocfs2: kill EBUSY from dlmfs_evict_inode (Junxiao Bi) [Orabug: 34364337] \n- ocfs2: dlmfs: don't clear USER_LOCK_ATTACHED when destroying lock (Junxiao Bi) [Orabug: 34364337] \n- net/rds: Fix a NULL dereference in rds_tcp_accept_one() (Harshit Mogalapalli) [Orabug: 34371884]\n[5.4.17-2136.310.3]\n- RDS/IB: Fix RDS IB SRQ implementation and tune it (Hans Westgaard Ry) [Orabug: 31899472] \n- RDS/IB: Introduce bit_flag routines with memory-barrier for bit flags (Hans Westgaard Ry) [Orabug: 31899472] \n- xfs: don't fail unwritten extent conversion on writeback due to edquot (Darrick J. Wong) [Orabug: 33786167] \n- mm/page_alloc: reuse tail struct pages for compound devmaps (Joao Martins) [Orabug: 34314763] \n- mm/sparse-vmemmap: improve memory savings for compound devmaps (Joao Martins) [Orabug: 34314763] \n- mm/sparse-vmemmap: refactor core of vmemmap_populate_basepages() to helper (Joao Martins) [Orabug: 34314763] \n- mm/sparse-vmemmap: add a pgmap argument to section activation (Joao Martins) [Orabug: 34314763] \n- memory-failure: fetch compound_head after pgmap_pfn_valid() (Joao Martins) [Orabug: 34314763] \n- device-dax: compound devmap support (Joao Martins) [Orabug: 34314763] \n- device-dax: factor out page mapping initialization (Joao Martins) [Orabug: 34314763] \n- device-dax: ensure dev_dax->pgmap is valid for dynamic devices (Joao Martins) [Orabug: 34314763] \n- device-dax: use struct_size() (Joao Martins) [Orabug: 34314763] \n- device-dax: use ALIGN() for determining pgoff (Joao Martins) [Orabug: 34314763] \n- mm/memremap: add ZONE_DEVICE support for compound pages (Joao Martins) [Orabug: 34314763] \n- mm/page_alloc: refactor memmap_init_zone_device() page init (Joao Martins) [Orabug: 34314763] \n- mm/page_alloc: split prep_compound_page into head and tail subparts (Joao Martins) [Orabug: 34314763] \n- RDMA/umem: batch page unpin in __ib_umem_release() (Joao Martins) [Orabug: 34314763] \n- mm/gup: add a range variant of unpin_user_pages_dirty_lock() (Joao Martins) [Orabug: 34314763] \n- KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast() (Vitaly Kuznetsov) [Orabug: 34323859] {CVE-2022-2153}\n- KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq (Vitaly Kuznetsov) [Orabug: 34323859] {CVE-2022-2153}\n- KVM: Add infrastructure and macro to mark VM as bugged (Sean Christopherson) [Orabug: 34323859] {CVE-2022-2153}\n- rds: ib: Qualify RNR Retry Timer check with firmware version (Freddy Carrillo) [Orabug: 34330922] \n- x86/boot/compressed/64: Disable 5-level page tables on AMD (Boris Ostrovsky) [Orabug: 34366382]\n[5.4.17-2136.310.2]\n- LTS tag: v5.4.199 (Sherry Yang) \n- x86/speculation/mmio: Print SMT warning (Josh Poimboeuf) \n- x86/cpu: Add another Alder Lake CPU to the Intel family (Gayatri Kammela) \n- cpu/speculation: Add prototype for cpu_show_srbds() (Guenter Roeck) \n- LTS tag: v5.4.198 (Sherry Yang) \n- tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd (Eric Dumazet) \n- mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N (Tokunori Ikegami) \n- md/raid0: Ignore RAID0 layout if the second zone has only one device (Pascal Hambourg) \n- powerpc/32: Fix overread/overwrite of thread_struct via ptrace (Michael Ellerman) \n- Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag (Mathias Nyman) \n- ixgbe: fix unexpected VLAN Rx in promisc mode on VF (Olivier Matz) \n- ixgbe: fix bcast packets Rx on VF after promisc removal (Olivier Matz) \n- nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling (Martin Faltesek) \n- nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION (Martin Faltesek) \n- mmc: block: Fix CQE recovery reset success (Adrian Hunter) \n- ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files (Sergey Shtylyov) \n- cifs: return errors during session setup during reconnects (Shyam Prasad N) \n- ALSA: hda/conexant - Fix loopback issue with CX20632 (huangwenhui) \n- scripts/gdb: change kernel config dumping method (Kuan-Ying Lee) \n- vringh: Fix loop descriptors check in the indirect cases (Xie Yongji) \n- nodemask: Fix return values to be unsigned (Kees Cook) \n- cifs: version operations for smb20 unneeded when legacy support disabled (Steve French) \n- s390/gmap: voluntarily schedule during key setting (Christian Borntraeger) \n- nbd: fix io hung while disconnecting device (Yu Kuai) \n- nbd: fix race between nbd_alloc_config() and module removal (Yu Kuai) \n- nbd: call genl_unregister_family() first in nbd_cleanup() (Yu Kuai) \n- x86/cpu: Elide KCSAN for cpu_has() and friends (Peter Zijlstra) \n- modpost: fix undefined behavior of is_arm_mapping_symbol() (Masahiro Yamada) \n- drm/radeon: fix a possible null pointer dereference (Gong Yuanjun) \n- ceph: allow ceph.dir.rctime xattr to be updatable (Venky Shankar) \n- Revert 'net: af_key: add check for pfkey_broadcast in function pfkey_process' (Michal Kubecek) \n- scsi: myrb: Fix up null pointer access on myrb_cleanup() (Hannes Reinecke) \n- md: protect md_unregister_thread from reentrancy (Guoqing Jiang) \n- watchdog: wdat_wdt: Stop watchdog when rebooting the system (Liu Xinpeng) \n- kernfs: Separate kernfs_pr_cont_buf and rename_lock. (Hao Luo) \n- serial: msm_serial: disable interrupts in __msm_console_write() (John Ogness) \n- staging: rtl8712: fix uninit-value in r871xu_drv_init() (Wang Cheng) \n- staging: rtl8712: fix uninit-value in usb_read8() and friends (Wang Cheng) \n- clocksource/drivers/sp804: Avoid error on multiple instances (Andre Przywara) \n- extcon: Modify extcon device to be created after driver data is set (bumwoo lee) \n- misc: rtsx: set NULL intfdata when probe fails (Shuah Khan) \n- usb: dwc2: gadget: don't reset gadget's driver->bus (Marek Szyprowski) \n- USB: hcd-pci: Fully suspend across freeze/thaw cycle (Evan Green) \n- drivers: usb: host: Fix deadlock in oxu_bus_suspend() (Duoming Zhou) \n- drivers: tty: serial: Fix deadlock in sa1100_set_termios() (Duoming Zhou) \n- USB: host: isp116x: check return value after calling platform_get_resource() (Zhen Ni) \n- drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop() (Duoming Zhou) \n- drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop() (Duoming Zhou) \n- tty: Fix a possible resource leak in icom_probe (Huang Guobin) \n- tty: synclink_gt: Fix null-pointer-dereference in slgt_clean() (Zheyu Ma) \n- lkdtm/usercopy: Expand size of 'out of frame' object (Kees Cook) \n- iio: st_sensors: Add a local lock for protecting odr (Miquel Raynal) \n- iio: dummy: iio_simple_dummy: check the return value of kstrdup() (Xiaoke Wang) \n- drm: imx: fix compiler warning with gcc-12 (Linus Torvalds) \n- net: altera: Fix refcount leak in altera_tse_mdio_create (Miaoqian Lin) \n- ip_gre: test csum_start instead of transport header (Willem de Bruijn) \n- net/mlx5: fs, fail conflicting actions (Mark Bloch) \n- net/mlx5: Rearm the FW tracer after each tracer event (Feras Daoud) \n- net: ipv6: unexport __init-annotated seg6_hmac_init() (Masahiro Yamada) \n- net: xfrm: unexport __init-annotated xfrm4_protocol_init() (Masahiro Yamada) \n- net: mdio: unexport __init-annotated mdio_bus_init() (Masahiro Yamada) \n- SUNRPC: Fix the calculation of xdr->end in xdr_get_next_encode_buffer() (Chuck Lever) \n- net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure (Gal Pressman) \n- net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list (Miaoqian Lin) \n- bpf, arm64: Clear prog->jited_len along prog->jited (Eric Dumazet) \n- af_unix: Fix a data-race in unix_dgram_peer_wake_me(). (Kuniyuki Iwashima) \n- xen: unexport __init-annotated xen_xlate_map_ballooned_pages() (Masahiro Yamada) \n- netfilter: nf_tables: memleak flow rule from commit path (Pablo Neira Ayuso) \n- ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe (Miaoqian Lin) \n- netfilter: nat: really support inet nat without l3 address (Florian Westphal) \n- xprtrdma: treat all calls not a bcall when bc_serv is NULL (Kinglong Mee) \n- video: fbdev: pxa3xx-gcu: release the resources correctly in pxa3xx_gcu_probe/remove() (Yang Yingliang) \n- NFSv4: Don't hold the layoutget locks across multiple RPC calls (Trond Myklebust) \n- dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type (Radhey Shyam Pandey) \n- m68knommu: fix undefined reference to _init_sp' (Greg Ungerer) \n- m68knommu: set ZERO_PAGE() to the allocated zeroed page (Greg Ungerer) \n- i2c: cadence: Increase timeout per message if necessary (Lucas Tanure) \n- f2fs: remove WARN_ON in f2fs_is_valid_blkaddr (Dongliang Mu) \n- tracing: Avoid adding tracer option before update_tracer_options (Mark-PK Tsai) \n- tracing: Fix sleeping function called from invalid context on RT kernel (Jun Miao) \n- mips: cpc: Fix refcount leak in mips_cpc_default_phys_base (Gong Yuanjun) \n- perf c2c: Fix sorting in percent_rmt_hitm_cmp() (Leo Yan) \n- tipc: check attribute length for bearer name (Hoang Le) \n- afs: Fix infinite loop found by xfstest generic/676 (David Howells) \n- tcp: tcp_rtx_synack() can be called from process context (Eric Dumazet) \n- net: sched: add barrier to fix packet stuck problem for lockless qdisc (Guoju Fang) \n- net/mlx5e: Update netdev features after changing XDP state (Maxim Mikityanskiy) \n- net/mlx5: Don't use already freed action pointer (Leon Romanovsky) \n- nfp: only report pause frame configuration for physical device (Yu Xiao) \n- ubi: ubi_create_volume: Fix use-after-free when volume creation failed (Zhihao Cheng) \n- jffs2: fix memory leak in jffs2_do_fill_super (Baokun Li) \n- modpost: fix removing numeric suffixes (Alexander Lobakin) \n- net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register (Miaoqian Lin) \n- net: ethernet: mtk_eth_soc: out of bounds read in mtk_hwlro_get_fdir_entry() (Dan Carpenter) \n- net: sched: fixed barrier to prevent skbuff sticking in qdisc backlog (Vincent Ray) \n- s390/crypto: fix scatterwalk_unmap() callers in AES-GCM (Jann Horn) \n- clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski) \n- ASoC: fsl_sai: Fix FSL_SAI_xDR/xFR definition (Shengjiu Wang) \n- watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe (Miaoqian Lin) \n- driver core: fix deadlock in __device_attach (Zhang Wensheng) \n- driver: base: fix UAF when driver_attach failed (Schspa Shi) \n- bus: ti-sysc: Fix warnings for unbind for serial (Tony Lindgren) \n- firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle (Miaoqian Lin) \n- serial: stm32-usart: Correct CSIZE, bits, and parity (Ilpo Jarvinen) \n- serial: st-asc: Sanitize CSIZE and correct PARENB for CS7 (Ilpo Jarvinen) \n- serial: sifive: Sanitize CSIZE and c_iflag (Ilpo Jarvinen) \n- serial: sh-sci: Don't allow CS5-6 (Ilpo Jarvinen) \n- serial: txx9: Don't allow CS5-6 (Ilpo Jarvinen) \n- serial: rda-uart: Don't allow CS5-6 (Ilpo Jarvinen) \n- serial: digicolor-usart: Don't allow CS5-6 (Ilpo Jarvinen) \n- serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485 (Ilpo Jarvinen) \n- serial: meson: acquire port->lock in startup() (John Ogness) \n- rtc: mt6397: check return value after calling platform_get_resource() (Yang Yingliang) \n- clocksource/drivers/riscv: Events are stopped during CPU suspend (Samuel Holland) \n- soc: rockchip: Fix refcount leak in rockchip_grf_init (Miaoqian Lin) \n- coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier (Guilherme G. Piccoli) \n- serial: sifive: Report actual baud base rather than fixed 115200 (Maciej W. Rozycki) \n- phy: qcom-qmp: fix pipe-clock imbalance on power-on failure (Johan Hovold) \n- rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() fails (Krzysztof Kozlowski) \n- iio: adc: sc27xx: Fine tune the scale calibration values (Cixi Geng) \n- iio: adc: sc27xx: fix read big scale voltage not right (Cixi Geng) \n- iio: adc: stmpe-adc: Fix wait_for_completion_timeout return value check (Miaoqian Lin) \n- firmware: stratix10-svc: fix a missing check on list iterator (Xiaomeng Tong) \n- usb: dwc3: pci: Fix pm_runtime_get_sync() error checking (Zheng Yongjun) \n- rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski) \n- pwm: lp3943: Fix duty calculation in case period was clamped (Uwe Kleine-Konig) \n- staging: fieldbus: Fix the error handling path in anybuss_host_common_probe() (Christophe JAILLET) \n- usb: musb: Fix missing of_node_put() in omap2430_probe (Miaoqian Lin) \n- USB: storage: karma: fix rio_karma_init return (Lin Ma) \n- usb: usbip: add missing device lock on tweak configuration cmd (Niels Dossche) \n- usb: usbip: fix a refcount leak in stub_probe() (Hangyu Hua) \n- tty: serial: fsl_lpuart: fix potential bug when using both of_alias_get_id and ida_simple_get (Sherry Sun) \n- tty: serial: owl: Fix missing clk_disable_unprepare() in owl_uart_probe (Miaoqian Lin) \n- tty: goldfish: Use tty_port_destroy() to destroy port (Wang Weiyang) \n- iio: adc: ad7124: Remove shift from scan_type (Alexandru Tachici) \n- staging: greybus: codecs: fix type confusion of list iterator variable (Jakob Koschel) \n- pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards (Randy Dunlap) \n- md: bcache: check the return value of kzalloc() in detached_dev_do_request() (Jia-Ju Bai) \n- block: fix bio_clone_blkg_association() to associate with proper blkcg_gq (Jan Kara) \n- bfq: Make sure bfqg for which we are queueing requests is online (Jan Kara) \n- bfq: Get rid of __bio_blkcg() usage (Jan Kara) \n- bfq: Remove pointless bfq_init_rq() calls (Jan Kara) \n- bfq: Drop pointless unlock-lock pair (Jan Kara) \n- bfq: Avoid merging queues with different parents (Jan Kara) \n- MIPS: IP27: Remove incorrect cpu_has_fpu' override (Maciej W. Rozycki) \n- RDMA/rxe: Generate a completion for unsupported/invalid opcode (Xiao Yang) \n- Kconfig: add config option for asm goto w/ outputs (Nick Desaulniers) \n- phy: qcom-qmp: fix reset-controller leak on probe errors (Johan Hovold) \n- blk-iolatency: Fix inflight count imbalances and IO hangs on offline (Tejun Heo) \n- dt-bindings: gpio: altera: correct interrupt-cells (Dinh Nguyen) \n- docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0 (Akira Yokosawa) \n- ARM: pxa: maybe fix gpio lookup tables (Arnd Bergmann) \n- phy: qcom-qmp: fix struct clk leak on probe errors (Johan Hovold) \n- arm64: dts: qcom: ipq8074: fix the sleep clock frequency (Kathiravan T) \n- gma500: fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- serial: pch: don't overwrite xmit->buf[0] by x_char (Jiri Slaby) \n- carl9170: tx: fix an incorrect use of list iterator (Xiaomeng Tong) \n- ASoC: rt5514: Fix event generation for 'DSP Voice Wake Up' control (Mark Brown) \n- rtl818x: Prevent using not initialized queues (Alexander Wetzel) \n- hugetlb: fix huge_pmd_unshare address update (Mike Kravetz) \n- nodemask.h: fix compilation error with GCC12 (Christophe de Dinechin) \n- iommu/msm: Fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- um: Fix out-of-bounds read in LDT setup (Vincent Whitchurch) \n- um: chan_user: Fix winch_tramp() return value (Johannes Berg) \n- mac80211: upgrade passive scan to active scan on DFS channels after beacon rx (Felix Fietkau) \n- irqchip: irq-xtensa-mx: fix initial IRQ affinity (Max Filippov) \n- irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375, A38x, A39x (Pali Rohar) \n- RDMA/hfi1: Fix potential integer multiplication overflow errors (Dennis Dalessandro) \n- Kconfig: Add option for asm goto w/ tied outputs to workaround clang-13 bug (Sean Christopherson) \n- media: coda: Add more H264 levels for CODA960 (Nicolas Dufresne) \n- media: coda: Fix reported H264 profile (Nicolas Dufresne) \n- mtd: cfi_cmdset_0002: Move and rename chip_check/chip_ready/chip_good_for_write (Tokunori Ikegami) \n- md: fix an incorrect NULL check in md_reload_sb (Xiaomeng Tong) \n- md: fix an incorrect NULL check in does_sb_need_changing (Xiaomeng Tong) \n- drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX (Brian Norris) \n- drm/nouveau/clk: Fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- drm/etnaviv: check for reaped mapping in etnaviv_iommu_unmap_gem (Lucas Stach) \n- drm/amdgpu/cs: make commands with 0 chunks illegal behaviour. (Dave Airlie) \n- scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled (Manivannan Sadhasivam) \n- scsi: dc395x: Fix a missing check on list iterator (Xiaomeng Tong) \n- ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock (Junxiao Bi via Ocfs2-devel) \n- dlm: fix missing lkb refcount handling (Alexander Aring) \n- dlm: fix plock invalid read (Alexander Aring) \n- mm, compaction: fast_find_migrateblock() should return pfn in the target zone (Rei Yamamoto) \n- PCI: qcom: Fix unbalanced PHY init on probe errors (Johan Hovold) \n- PCI: qcom: Fix runtime PM imbalance on probe errors (Johan Hovold) \n- PCI/PM: Fix bridge_d3_blacklist[] Elo i2 overwrite of Gigabyte X299 (Bjorn Helgaas) \n- tracing: Fix potential double free in create_var_ref() (Keita Suzuki) \n- ACPI: property: Release subnode properties with data nodes (Sakari Ailus) \n- ext4: avoid cycles in directory h-tree (Jan Kara) \n- ext4: verify dir block before splitting it (Jan Kara) \n- ext4: fix bug_on in ext4_writepages (Ye Bin) \n- ext4: fix warning in ext4_handle_inode_extension (Ye Bin) \n- ext4: fix use-after-free in ext4_rename_dir_prepare (Ye Bin) \n- netfilter: nf_tables: disallow non-stateful expression in sets earlier (Pablo Neira Ayuso) \n- bfq: Track whether bfq_group is still online (Jan Kara) \n- bfq: Update cgroup information before merging bio (Jan Kara) \n- bfq: Split shared queues on move between cgroups (Jan Kara) \n- efi: Do not import certificates from UEFI Secure Boot for T2 Macs (Aditya Garg) \n- fs-writeback: writeback_sb_inodes:Recalculate 'wrote' according skipped pages (Zhihao Cheng) \n- iwlwifi: mvm: fix assert 1F04 upon reconfig (Emmanuel Grumbach) \n- wifi: mac80211: fix use-after-free in chanctx code (Johannes Berg) \n- f2fs: fix fallocate to use file_modified to update permissions consistently (Chao Yu) \n- f2fs: don't need inode lock for system hidden quota (Jaegeuk Kim) \n- f2fs: fix deadloop in foreground GC (Chao Yu) \n- f2fs: fix to clear dirty inode in f2fs_evict_inode() (Chao Yu) \n- f2fs: fix to do sanity check on block address in f2fs_do_zero_range() (Chao Yu) \n- f2fs: fix to avoid f2fs_bug_on() in dec_valid_node_count() (Chao Yu) \n- perf jevents: Fix event syntax error caused by ExtSel (Zhengjun Xing) \n- perf c2c: Use stdio interface if slang is not supported (Leo Yan) \n- iommu/amd: Increase timeout waiting for GA log enablement (Joerg Roedel) \n- dmaengine: stm32-mdma: remove GISR1 register (Amelie Delaunay) \n- video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup (Miaoqian Lin) \n- NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS layout (Trond Myklebust) \n- NFS: Don't report errors from nfs_pageio_complete() more than once (Trond Myklebust) \n- NFS: Do not report flush errors in nfs_write_end() (Trond Myklebust) \n- NFS: Do not report EINTR/ERESTARTSYS as mapping errors (Trond Myklebust) \n- i2c: at91: Initialize dma_buf in at91_twi_xfer() (Nathan Chancellor) \n- i2c: at91: use dma safe buffers (Michael Walle) \n- iommu/mediatek: Add list_del in mtk_iommu_remove (Yong Wu) \n- f2fs: fix dereference of stale list iterator after loop body (Jakob Koschel) \n- Input: stmfts - do not leave device disabled in stmfts_input_open (Dmitry Torokhov) \n- RDMA/hfi1: Prevent use of lock before it is initialized (Douglas Miller) \n- mailbox: forward the hrtimer if not queued and under a lock (Bjorn Ardo) \n- mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe() (Yang Yingliang) \n- powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup (Miaoqian Lin) \n- macintosh: via-pmu and via-cuda need RTC_LIB (Randy Dunlap) \n- powerpc/perf: Fix the threshold compare group constraint for power9 (Kajol Jain) \n- powerpc/64: Only WARN if __pa()/__va() called with bad addresses (Michael Ellerman) \n- Input: sparcspkr - fix refcount leak in bbc_beep_probe (Miaoqian Lin) \n- crypto: cryptd - Protect per-CPU resource by disabling BH. (Sebastian Andrzej Siewior) \n- tty: fix deadlock caused by calling printk() under tty_port->lock (Qi Zheng) \n- PCI: imx6: Fix PERST# start-up sequence (Francesco Dolcini) \n- ipc/mqueue: use get_tree_nodev() in mqueue_get_tree() (Waiman Long) \n- proc: fix dentry/inode overinstantiating under /proc//net (Alexey Dobriyan) \n- powerpc/4xx/cpm: Fix return value of __setup() handler (Randy Dunlap) \n- powerpc/idle: Fix return value of __setup() handler (Randy Dunlap) \n- powerpc/8xx: export 'cpm_setbrg' for modules (Randy Dunlap) \n- dax: fix cache flush on PMD-mapped pages (Muchun Song) \n- drivers/base/node.c: fix compaction sysfs file leak (Miaohe Lin) \n- pinctrl: mvebu: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski) \n- nvdimm: Allow overwrite in the presence of disabled dimms (Dan Williams) \n- firmware: arm_scmi: Fix list protocols enumeration in the base protocol (Cristian Marussi) \n- scsi: fcoe: Fix Wstringop-overflow warnings in fcoe_wwn_from_mac() (Gustavo A. R. Silva) \n- mfd: ipaq-micro: Fix error check return value of platform_get_irq() (Lv Ruyi) \n- powerpc/fadump: fix PT_LOAD segment for boot memory area (Hari Bathini) \n- arm: mediatek: select arch timer for mt7629 (Chuanhong Guo) \n- crypto: marvell/cesa - ECB does not IV (Corentin Labbe) \n- misc: ocxl: fix possible double free in ocxl_file_register_afu (Hangyu Hua) \n- ARM: dts: bcm2835-rpi-b: Fix GPIO line names (Stefan Wahren) \n- ARM: dts: bcm2837-rpi-3-b-plus: Fix GPIO line name of power LED (Phil Elwell) \n- ARM: dts: bcm2837-rpi-cm3-io3: Fix GPIO line names for SMPS I2C (Phil Elwell) \n- ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT (Phil Elwell) \n- can: xilinx_can: mark bit timing constants as const (Marc Kleine-Budde) \n- KVM: nVMX: Leave most VM-Exit info fields unmodified on failed VM-Entry (Sean Christopherson) \n- PCI: rockchip: Fix find_first_zero_bit() limit (Dan Carpenter) \n- PCI: cadence: Fix find_first_zero_bit() limit (Dan Carpenter) \n- soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc (Miaoqian Lin) \n- soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc (Miaoqian Lin) \n- ARM: dts: suniv: F1C100: fix watchdog compatible (Andre Przywara) \n- arm64: dts: rockchip: Move drive-impedance-ohm to emmc phy on rk3399 (Shawn Lin) \n- net/smc: postpone sk_refcnt increment in connect() (liuyacan) \n- rxrpc: Fix decision on when to generate an IDLE ACK (David Howells) \n- rxrpc: Don't let ack.previousPacket regress (David Howells) \n- rxrpc: Fix overlapping ACK accounting (David Howells) \n- rxrpc: Don't try to resend the request if we're receiving the reply (David Howells) \n- rxrpc: Fix listen() setting the bar too high for the prealloc rings (David Howells) \n- NFC: hci: fix sleep in atomic context bugs in nfc_hci_hcp_message_tx (Duoming Zhou) \n- ASoC: wm2000: fix missing clk_disable_unprepare() on error in wm2000_anc_transition() (Yang Yingliang) \n- thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe (Zheng Yongjun) \n- drm: msm: fix possible memory leak in mdp5_crtc_cursor_set() (Hangyu Hua) \n- drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init (Miaoqian Lin) \n- ext4: reject the 'commit' option on ext2 filesystems (Eric Biggers) \n- media: ov7670: remove ov7670_power_off from ov7670_remove (Dongliang Mu) \n- sctp: read sk->sk_bound_dev_if once in sctp_rcv() (Eric Dumazet) \n- m68k: math-emu: Fix dependencies of math emulation support (Geert Uytterhoeven) \n- Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout (Ying Hsu) \n- media: vsp1: Fix offset calculation for plane cropping (Michael Rodin) \n- media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init (Pavel Skripkin) \n- media: exynos4-is: Change clk_disable to clk_disable_unprepare (Miaoqian Lin) \n- media: st-delta: Fix PM disable depth imbalance in delta_probe (Miaoqian Lin) \n- media: aspeed: Fix an error handling path in aspeed_video_probe() (Christophe JAILLET) \n- scripts/faddr2line: Fix overlapping text section failures (Josh Poimboeuf) \n- regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt (Miaoqian Lin) \n- ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe (Miaoqian Lin) \n- ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe (Miaoqian Lin) \n- perf/amd/ibs: Use interrupt regs ip for stack unwinding (Ravi Bangoria) \n- Revert 'cpufreq: Fix possible race in cpufreq online error path' (Viresh Kumar) \n- iomap: iomap_write_failed fix (Andreas Gruenbacher) \n- media: uvcvideo: Fix missing check to determine if element is found in list (Xiaomeng Tong) \n- drm/msm: return an error pointer in msm_gem_prime_get_sg_table() (Dan Carpenter) \n- drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected (Jessica Zhang) \n- drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected (Jessica Zhang) \n- regulator: core: Fix enable_count imbalance with EXCLUSIVE_GET (Zev Weiss) \n- x86/mm: Cleanup the control_va_addr_alignment() __setup handler (Randy Dunlap) \n- irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski) \n- irqchip/exiu: Fix acknowledgment of edge triggered interrupts (Daniel Thompson) \n- x86: Fix return value of __setup handlers (Randy Dunlap) \n- virtio_blk: fix the discard_granularity and discard_alignment queue limits (Christoph Hellwig) \n- drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() (Yang Yingliang) \n- drm/msm/hdmi: fix error check return value of irq_of_parse_and_map() (Lv Ruyi) \n- drm/msm/hdmi: check return value after calling platform_get_resource_byname() (Yang Yingliang) \n- drm/msm/dsi: fix error checks and return values for DSI xmit functions (Dmitry Baryshkov) \n- drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume (Vinod Polimera) \n- perf tools: Add missing headers needed by util/data.h (Yang Jihong) \n- ASoC: rk3328: fix disabling mclk on pclk probe failure (Nicolas Frattaroli) \n- x86/speculation: Add missing prototype for unpriv_ebpf_notify() (Josh Poimboeuf) \n- x86/pm: Fix false positive kmemleak report in msr_build_context() (Matthieu Baerts) \n- scsi: ufs: core: Exclude UECxx from SFR dump list (Kiwoong Kim) \n- of: overlay: do not break notify on NOTIFY_{OK|STOP} (Nuno Sa) \n- fsnotify: fix wrong lockdep annotations (Amir Goldstein) \n- inotify: show inotify mask flags in proc fdinfo (Amir Goldstein) \n- ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix (Dan Carpenter) \n- cpufreq: Fix possible race in cpufreq online error path (Schspa Shi) \n- spi: img-spfi: Fix pm_runtime_get_sync() error checking (Zheng Yongjun) \n- sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq (Chengming Zhou) \n- drm/bridge: Fix error handling in analogix_dp_probe (Miaoqian Lin) \n- HID: elan: Fix potential double free in elan_input_configured (Miaoqian Lin) \n- HID: hid-led: fix maximum brightness for Dream Cheeky (Jonathan Teh) \n- drbd: fix duplicate array initializer (Arnd Bergmann) \n- efi: Add missing prototype for efi_capsule_setup_info (Jan Kiszka) \n- NFC: NULL out the dev->rfkill to prevent UAF (Lin Ma) \n- spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeout (Miaoqian Lin) \n- drm: mali-dp: potential dereference of null pointer (Jiasheng Jiang) \n- drm/komeda: Fix an undefined behavior bug in komeda_plane_add() (Zhou Qingyang) \n- nl80211: show SSID for P2P_GO interfaces (Johannes Berg) \n- bpf: Fix excessive memory allocation in stack_map_alloc() (Yuntao Wang) \n- drm/vc4: txp: Force alpha to be 0xff if it's disabled (Maxime Ripard) \n- drm/vc4: txp: Don't set TXP_VSTART_AT_EOF (Maxime Ripard) \n- drm/mediatek: Fix mtk_cec_mask() (Miles Chen) \n- x86/delay: Fix the wrong asm constraint in delay_loop() (Ammar Faizi) \n- ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe (Miaoqian Lin) \n- ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe (Miaoqian Lin) \n- drm/bridge: adv7511: clean up CEC adapter when probe fails (Lucas Stach) \n- drm/edid: fix invalid EDID extension block filtering (Jani Nikula) \n- ath9k: fix ar9003_get_eepmisc (Wenli Looi) \n- drm: fix EDID struct for old ARM OABI format (Linus Torvalds) \n- RDMA/hfi1: Prevent panic when SDMA is disabled (Douglas Miller) \n- powerpc/iommu: Add missing of_node_put in iommu_init_early_dart (Peng Wu) \n- macintosh/via-pmu: Fix build failure when CONFIG_INPUT is disabled (Finn Thain) \n- powerpc/powernv: fix missing of_node_put in uv_init() (Lv Ruyi) \n- powerpc/xics: fix refcount leak in icp_opal_init() (Lv Ruyi) \n- tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate (Vasily Averin) \n- PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() (Yicong Yang) \n- ARM: hisi: Add missing of_node_put after of_find_compatible_node (Peng Wu) \n- ARM: dts: exynos: add atmel,24c128 fallback to Samsung EEPROM (Krzysztof Kozlowski) \n- ARM: versatile: Add missing of_node_put in dcscb_init (Peng Wu) \n- fat: add ratelimit to fat*_ent_bread() (OGAWA Hirofumi) \n- powerpc/fadump: Fix fadump to work with a different endian capture kernel (Hari Bathini) \n- ARM: OMAP1: clock: Fix UART rate reporting algorithm (Janusz Krzysztofik) \n- fs: jfs: fix possible NULL pointer dereference in dbFree() (Zixuan Fu) \n- PM / devfreq: rk3399_dmc: Disable edev on remove() (Brian Norris) \n- ARM: dts: ox820: align interrupt controller node name with dtschema (Krzysztof Kozlowski) \n- IB/rdmavt: add missing locks in rvt_ruc_loopback (Niels Dossche) \n- selftests/bpf: fix btf_dump/btf_dump due to recent clang change (Yonghong Song) \n- eth: tg3: silence the GCC 12 array-bounds warning (Jakub Kicinski) \n- rxrpc: Return an error to sendmsg if call failed (David Howells) \n- hwmon: Make chip parameter for with_info API mandatory (Guenter Roeck) \n- ASoC: max98357a: remove dependency on GPIOLIB (Pierre-Louis Bossart) \n- media: exynos4-is: Fix compile warning (Kwanghoon Son) \n- net: phy: micrel: Allow probing without .driver_data (Fabio Estevam) \n- nbd: Fix hung on disconnect request if socket is closed before (Xie Yongji) \n- ASoC: rt5645: Fix errorenous cleanup order (Lin Ma) \n- nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags (Smith, Kyle Miller (Nimble Kernel)) \n- openrisc: start CPU timer early in boot (Jason A. Donenfeld) \n- media: cec-adap.c: fix is_configuring state (Hans Verkuil) \n- media: coda: limit frame interval enumeration to supported encoder frame sizes (Philipp Zabel) \n- rtlwifi: Use pr_warn instead of WARN_ONCE (Dongliang Mu) \n- ipmi: Fix pr_fmt to avoid compilation issues (Corey Minyard) \n- ipmi:ssif: Check for NULL msg when handling events and messages (Corey Minyard) \n- ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default (Mario Limonciello) \n- dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC (Mikulas Patocka) \n- spi: stm32-qspi: Fix wait_cmd timeout in APM mode (Patrice Chotard) \n- s390/preempt: disable __preempt_count_add() optimization for PROFILE_ALL_BRANCHES (Heiko Carstens) \n- ASoC: tscs454: Add endianness flag in snd_soc_component_driver (Charles Keepax) \n- HID: bigben: fix slab-out-of-bounds Write in bigben_probe (Dongliang Mu) \n- drm/amdgpu/ucode: Remove firmware load type check in amdgpu_ucode_free_bo (Alice Wong) \n- mlxsw: spectrum_dcb: Do not warn about priority changes (Petr Machata) \n- ASoC: dapm: Don't fold register value changes into notifications (Mark Brown) \n- net/mlx5: fs, delete the FTE when there are no rules attached to it (Mark Bloch) \n- ipv6: Don't send rs packets to the interface of ARPHRD_TUNNEL (jianghaoran) \n- drm: msm: fix error check return value of irq_of_parse_and_map() (Lv Ruyi) \n- arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall (Alexandru Elisei) \n- drm/amd/pm: fix the compile warning (Evan Quan) \n- drm/plane: Move range check for format_count earlier (Steven Price) \n- scsi: megaraid: Fix error check return value of register_chrdev() (Lv Ruyi) \n- mmc: jz4740: Apply DMA engine limits to maximum segment size (Aidan MacDonald) \n- md/bitmap: don't set sb values if can't pass sanity check (Heming Zhao) \n- media: cx25821: Fix the warning when removing the module (Zheyu Ma) \n- media: pci: cx23885: Fix the error handling in cx23885_initdev() (Zheyu Ma) \n- media: venus: hfi: avoid null dereference in deinit (Luca Weiss) \n- ath9k: fix QCA9561 PA bias level (Thibaut VAReNE) \n- drm/amd/pm: fix double free in si_parse_power_table() (Keita Suzuki) \n- tools/power turbostat: fix ICX DRAM power numbers (Len Brown) \n- spi: spi-rspi: Remove setting {src,dst}_{addr,addr_width} based on DMA direction (Biju Das) \n- ALSA: jack: Access input_dev under mutex (Amadeusz Siawinski) \n- drm/komeda: return early if drm_universal_plane_init() fails. (Liviu Dudau) \n- ACPICA: Avoid cache flush inside virtual machines (Kirill A. Shutemov) \n- fbcon: Consistently protect deferred_takeover with console_lock() (Daniel Vetter) \n- ipv6: fix locking issues with loops over idev->addr_list (Niels Dossche) \n- ipw2x00: Fix potential NULL dereference in libipw_xmit() (Haowen Bai) \n- b43: Fix assigning negative value to unsigned variable (Haowen Bai) \n- b43legacy: Fix assigning negative value to unsigned variable (Haowen Bai) \n- mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue (Niels Dossche) \n- drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes (Liu Zixian) \n- btrfs: repair super block num_devices automatically (Qu Wenruo) \n- btrfs: add '0x' prefix for unsupported optional features (Qu Wenruo) \n- ptrace: Reimplement PTRACE_KILL by always sending SIGKILL (Eric W. Biederman) \n- ptrace/xtensa: Replace PT_SINGLESTEP with TIF_SINGLESTEP (Eric W. Biederman) \n- ptrace/um: Replace PT_DTRACE with TIF_SINGLESTEP (Eric W. Biederman) \n- perf/x86/intel: Fix event constraints for ICL (Kan Liang) \n- usb: core: hcd: Add support for deferring roothub registration (Kishon Vijay Abraham I) \n- USB: new quirk for Dell Gen 2 devices (Monish Kumar R) \n- USB: serial: option: add Quectel BG95 modem (Carl Yin) \n- ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS (Marios Levogiannis) \n- binfmt_flat: do not stop relocating GOT entries prematurely on riscv (Niklas Cassel) \n- LTS tag: v5.4.197 (Sherry Yang) \n- bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes (Liu Jian) \n- NFSD: Fix possible sleep during nfsd4_release_lockowner() (Chuck Lever) \n- NFS: Memory allocation failures are not server fatal errors (Trond Myklebust) \n- docs: submitting-patches: Fix crossref to 'The canonical patch format' (Akira Yokosawa) \n- tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe() (Xiu Jianfeng) \n- tpm: Fix buffer access in tpm2_get_tpm_pt() (Stefan Mahnke-Hartmann) \n- HID: multitouch: Add support for Google Whiskers Touchpad (Marek Maslanka) \n- raid5: introduce MD_BROKEN (Mariusz Tkaczyk) \n- dm verity: set DM_TARGET_IMMUTABLE feature flag (Sarthak Kukreti) \n- dm stats: add cond_resched when looping over entries (Mikulas Patocka) \n- dm crypt: make printing of the key constant-time (Mikulas Patocka) \n- dm integrity: fix error code in dm_integrity_ctr() (Dan Carpenter) \n- zsmalloc: fix races between asynchronous zspage free and page migration (Sultan Alsawaf) \n- crypto: ecrdsa - Fix incorrect use of vli_cmp (Vitaly Chikunov) \n- netfilter: conntrack: re-fetch conntrack after insertion (Florian Westphal) \n- exec: Force single empty string when argv is empty (Kees Cook) \n- drm/i915: Fix -Wstringop-overflow warning in call to intel_read_wm_latency() (Gustavo A. R. Silva) \n- cfg80211: set custom regdomain after wiphy registration (Miri Korenblit) \n- i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging (Mika Westerberg) \n- net: ftgmac100: Disable hardware checksum on AST2600 (Joel Stanley) \n- net: af_key: check encryption module availability consistency (Thomas Bartschies) \n- pinctrl: sunxi: fix f1c100s uart2 function (IotaHydrae) \n- ACPI: sysfs: Fix BERT error region memory mapping (Lorenzo Pieralisi) \n- ACPI: sysfs: Make sparse happy about address space in use (Andy Shevchenko) \n- media: vim2m: initialize the media device earlier (Hans Verkuil) \n- media: vim2m: Register video device after setting up internals (Sakari Ailus) \n- secure_seq: use the 64 bits of the siphash for port offset calculation (Willy Tarreau) \n- tcp: change source port randomizarion at connect() time (Eric Dumazet) \n- Input: goodix - fix spurious key release events (Dmitry Mastykin) \n- staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan() (Denis Efremov (Oracle)) \n- x86/pci/xen: Disable PCI/MSI[-X] masking for XEN_HVM guests (Thomas Gleixner)\n[5.4.17-2136.310.1]\n- intel_idle: Fix max_cstate for processor models without C-state tables (Chen Yu) [Orabug: 34081688] \n- intel_idle: add core C6 optimization for SPR (Artem Bityutskiy) [Orabug: 34081688] \n- intel_idle: add 'preferred_cstates' module argument (Artem Bityutskiy) [Orabug: 34081688] \n- intel_idle: add SPR support (Artem Bityutskiy) [Orabug: 34081688] \n- intel_idle: Adjust the SKX C6 parameters if PC6 is disabled (Chen Yu) [Orabug: 34081688] \n- intel_idle: Clean up kerneldoc comments for multiple functions (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Add __initdata annotations to init time variables (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Relocate definitions of cpuidle callbacks (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Clean up definitions of cpuidle callbacks (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Simplify LAPIC timer reliability checks (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Introduce 'states_off' module parameter (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Introduce 'use_acpi' module parameter (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Clean up irtl_2_usec() (Rafael J. Wysocki) [Orabug: 34081688] \n- Documentation: admin-guide: PM: Add intel_idle document (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Move 3 functions closer to their callers (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Annotate initialization code and data structures (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Move and clean up intel_idle_cpuidle_devices_uninit() (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Rearrange intel_idle_cpuidle_driver_init() (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Fold intel_idle_probe() into intel_idle_init() (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Eliminate __setup_broadcast_timer() (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Add module parameter to prevent ACPI _CST from being used (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Allow ACPI _CST to be used for selected known processors (Rafael J. Wysocki) [Orabug: 34081688] \n- cpuidle: Allow idle states to be disabled by default (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Use ACPI _CST for processor models without C-state tables (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Refactor intel_idle_cpuidle_driver_init() (Rafael J. Wysocki) [Orabug: 34081688] \n- cpuidle: Drop disabled field from struct cpuidle_state (Thomas Tai) [Orabug: 34081688] \n- cpuidle: Consolidate disabled state checks (Rafael J. Wysocki) [Orabug: 34081688] \n- Revert 'intel_idle: Use ACPI _CST for processor models without C-state tables' (Thomas Tai) [Orabug: 34081688]", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-08-15T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel-container security update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21505", "CVE-2022-2153", "CVE-2022-23816", "CVE-2022-2588", "CVE-2022-29901"], "modified": "2022-08-15T00:00:00", "id": "ELSA-2022-9710", "href": "http://linux.oracle.com/errata/ELSA-2022-9710.html", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-15T18:31:24", "description": "[5.4.17-2136.310.7]\n- net_sched: cls_route: remove from list when handle is 0 (Thadeu Lima de Souza Cascardo) [Orabug: 34480880] {CVE-2022-2588}\n- x86/spec_ctrl: limit IBRS_FW to retpoline only (Ankur Arora) [Orabug: 34450896] \n- x86/bugs: display dynamic retbleed state (Ankur Arora) [Orabug: 34450896] \n- x86/bugs: remove incorrect __init/__ro_after_init annotations (Ankur Arora) [Orabug: 34455621]\n[5.4.17-2136.310.6]\n- SUNRPC: Fix READ_PLUS crasher (Chuck Lever) \n- Revert 'hwmon: Make chip parameter for with_info API mandatory' (Greg Kroah-Hartman) [Orabug: 34423806] \n- ext4: make variable 'count' signed (Ding Xiang) \n- faddr2line: Fix overlapping text section failures, the sequel (Josh Poimboeuf)\n[5.4.17-2136.310.5]\n- arm64: proton-pack: provide vulnerability file value for RETBleed (James Morse) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- KVM: emulate: do not adjust size of fastop and setcc subroutines (Paolo Bonzini) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/kvm: fix FASTOP_SIZE when return thunks are enabled (Thadeu Lima de Souza Cascardo) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/entry: Remove UNTRAIN_RET from native_irq_return_ldt (Alexandre Chartre) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/speculation: Disable RRSBA behavior (Pawan Gupta) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/exec: Disable RET on kexec (Konrad Rzeszutek Wilk) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bugs: do not enable IBPB-on-entry when IBPB is not supported (Thadeu Lima de Souza Cascardo) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bugs: Add Cannon lake to RETBleed affected CPU list (Pawan Gupta) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/cpu/amd: Enumerate BTC_NO (Andrew Cooper) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/common: Stamp out the stepping madness (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- KVM: VMX: Prevent RSB underflow before vmenter (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/speculation: Fill RSB on vmexit for IBRS (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- KVM: VMX: Fix IBRS handling after vmexit (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- KVM: VMX: Convert launched argument to flags (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- KVM: VMX: Flatten __vmx_vcpu_run() (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- KVM/VMX: Use TEST %REG,%REG instead of CMP /u03/ksharma/errata_processing/work/el7uek6/db_7uek6.ELSA-2022-9709,%REG in vmenter.S (Uros Bizjak) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- KVM/nVMX: Use __vmx_vcpu_run in nested_vmx_check_vmentry_hw (Uros Bizjak) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/speculation: Remove x86_spec_ctrl_mask (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/speculation: Fix SPEC_CTRL write on SMT state change (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/speculation: Fix firmware entry SPEC_CTRL handling (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/cpu/amd: Add Spectral Chicken (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Add entry UNRET validation (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- kbuild/objtool: Add objtool-vmlinux.o pass (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bugs: Do IBPB fallback check only once (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bugs: Add retbleed=ibpb (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/xen: Rename SYS* entry points (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Update Retpoline validation (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- intel_idle: Disable IBRS during long idle (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bugs: Report Intel retbleed vulnerability (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS (Pawan Gupta) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bugs: Optimize SPEC_CTRL MSR writes (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/entry: Add kernel IBRS implementation (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bugs: Enable STIBP for JMP2RET (Kim Phillips) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bugs: Add AMD retbleed= boot parameter (Alexandre Chartre) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bugs: Report AMD retbleed vulnerability (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86: Add magic AMD return-thunk (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/vmlinux: Use INT3 instead of NOP for linker fill bytes (Kees Cook) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/realmode: build with __DISABLE_EXPORTS (Ankur Arora) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86: Use return-thunk in asm code (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/sev: Avoid using __x86_return_thunk (Kim Phillips) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/vsyscall_emu/64: Don't use RET in vsyscall emulation (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/kvm: Fix SETcc emulation for return thunks (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/bpf: Alternative RET encoding (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/ftrace: Alternative RET encoding (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86,objtool: Create .return_sites (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/mm: elide references to .discard.* from .return_sites (Ankur Arora) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86: Undo return-thunk damage (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/retpoline: Use -mfunction-return (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/retpoline: Swizzle retpoline thunk (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/alternative: Support not-feature (Juergen Gross) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/retpoline: Cleanup some #ifdefery (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/features: Move RETPOLINE flags to word 11 (Peter Zijlstra (Intel)) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- crypto: x86/poly1305 - Fixup SLS (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- kvm/emulate: Fix SETcc emulation function offsets with SLS (Borislav Petkov) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86: Add straight-line-speculation mitigation (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86: Prepare inline-asm for straight-line-speculation (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86: Prepare asm files for straight-line-speculation (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/lib/atomic64_386_32: Rename things (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Add straight-line-speculation validation (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Classify symbols (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Create reloc sections implicitly (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Add elf_create_reloc() helper (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Rework the elf_rebuild_reloc_section() logic (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Handle per arch retpoline naming (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Correctly handle retpoline thunk calls (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Support retpoline jump detection for vmlinux.o (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Add 'alt_group' struct (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Clean up elf_write() condition (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Add support for relocations without addends (Matt Helsley) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Rename rela to reloc (Matt Helsley) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: optimize add_dead_ends for split sections (Sami Tolvanen) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Move the IRET hack into the arch decoder (Miroslav Benes) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Rename elf_read() to elf_open_read() (Ingo Molnar) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Constify 'struct elf *' parameters (Ingo Molnar) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Optimize !vmlinux.o again (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Better handle IRET (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- x86/unwind_hints: define unwind_hint_save, unwind_hint_restore (Ankur Arora) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Add abstraction for destination offsets (Raphael Gault) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Fix off-by-one in symbol_by_offset() (Julien Thierry) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Optimize find_rela_by_dest_range() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Optimize read_sections() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Optimize find_symbol_by_name() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Rename find_containing_func() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Optimize find_symbol_*() and read_symbols() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Optimize find_section_by_name() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Optimize find_section_by_index() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Add a statistics mode (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Optimize find_symbol_by_index() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Rename func_for_each_insn_all() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Rename func_for_each_insn() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Introduce validate_return() (Peter Zijlstra) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Improve call destination function detection (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Fix clang switch table edge case (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Add relocation check for alternative sections (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n- objtool: Add is_static_jump() helper (Josh Poimboeuf) [Orabug: 34335632] {CVE-2022-29901} {CVE-2022-23816}\n[5.4.17-2136.310.4]\n- lockdown: Fix kexec lockdown bypass with ima policy (Eric Snowberg) [Orabug: 34400675] {CVE-2022-21505}\n- bnxt_en: Use page frag RX buffers for better software GRO performance (Jakub Kicinski) [Orabug: 34083551] \n- bnxt_en: enable interrupt sampling on 5750X for DIM (Andy Gospodarek) [Orabug: 34083551] \n- bnxt_en: Add event handler for PAUSE Storm event (Somnath Kotur) [Orabug: 34083551] \n- bnxt_en: reject indirect blk offload when hw-tc-offload is off (Sriharsha Basavapatna) [Orabug: 34083551] \n- bnxt_en: make bnxt_free_skbs() safe to call after bnxt_free_mem() (Edwin Peer) [Orabug: 34083551] \n- bnxt_en: Fix error recovery regression (Michael Chan) [Orabug: 34083551] \n- bnxt_en: Fix possible unintended driver initiated error recovery (Michael Chan) [Orabug: 34083551] \n- bnxt: count discards due to memory allocation errors (Jakub Kicinski) [Orabug: 34083551] \n- bnxt: count packets discarded because of netpoll (Jakub Kicinski) [Orabug: 34083551] \n- ocfs2: kill EBUSY from dlmfs_evict_inode (Junxiao Bi) [Orabug: 34364337] \n- ocfs2: dlmfs: don't clear USER_LOCK_ATTACHED when destroying lock (Junxiao Bi) [Orabug: 34364337] \n- net/rds: Fix a NULL dereference in rds_tcp_accept_one() (Harshit Mogalapalli) [Orabug: 34371884]\n[5.4.17-2136.310.3]\n- RDS/IB: Fix RDS IB SRQ implementation and tune it (Hans Westgaard Ry) [Orabug: 31899472] \n- RDS/IB: Introduce bit_flag routines with memory-barrier for bit flags (Hans Westgaard Ry) [Orabug: 31899472] \n- xfs: don't fail unwritten extent conversion on writeback due to edquot (Darrick J. Wong) [Orabug: 33786167] \n- mm/page_alloc: reuse tail struct pages for compound devmaps (Joao Martins) [Orabug: 34314763] \n- mm/sparse-vmemmap: improve memory savings for compound devmaps (Joao Martins) [Orabug: 34314763] \n- mm/sparse-vmemmap: refactor core of vmemmap_populate_basepages() to helper (Joao Martins) [Orabug: 34314763] \n- mm/sparse-vmemmap: add a pgmap argument to section activation (Joao Martins) [Orabug: 34314763] \n- memory-failure: fetch compound_head after pgmap_pfn_valid() (Joao Martins) [Orabug: 34314763] \n- device-dax: compound devmap support (Joao Martins) [Orabug: 34314763] \n- device-dax: factor out page mapping initialization (Joao Martins) [Orabug: 34314763] \n- device-dax: ensure dev_dax->pgmap is valid for dynamic devices (Joao Martins) [Orabug: 34314763] \n- device-dax: use struct_size() (Joao Martins) [Orabug: 34314763] \n- device-dax: use ALIGN() for determining pgoff (Joao Martins) [Orabug: 34314763] \n- mm/memremap: add ZONE_DEVICE support for compound pages (Joao Martins) [Orabug: 34314763] \n- mm/page_alloc: refactor memmap_init_zone_device() page init (Joao Martins) [Orabug: 34314763] \n- mm/page_alloc: split prep_compound_page into head and tail subparts (Joao Martins) [Orabug: 34314763] \n- RDMA/umem: batch page unpin in __ib_umem_release() (Joao Martins) [Orabug: 34314763] \n- mm/gup: add a range variant of unpin_user_pages_dirty_lock() (Joao Martins) [Orabug: 34314763] \n- KVM: x86: Avoid theoretical NULL pointer dereference in kvm_irq_delivery_to_apic_fast() (Vitaly Kuznetsov) [Orabug: 34323859] {CVE-2022-2153}\n- KVM: x86: Check lapic_in_kernel() before attempting to set a SynIC irq (Vitaly Kuznetsov) [Orabug: 34323859] {CVE-2022-2153}\n- KVM: Add infrastructure and macro to mark VM as bugged (Sean Christopherson) [Orabug: 34323859] {CVE-2022-2153}\n- rds: ib: Qualify RNR Retry Timer check with firmware version (Freddy Carrillo) [Orabug: 34330922] \n- x86/boot/compressed/64: Disable 5-level page tables on AMD (Boris Ostrovsky) [Orabug: 34366382]\n[5.4.17-2136.310.2]\n- LTS tag: v5.4.199 (Sherry Yang) \n- x86/speculation/mmio: Print SMT warning (Josh Poimboeuf) \n- x86/cpu: Add another Alder Lake CPU to the Intel family (Gayatri Kammela) \n- cpu/speculation: Add prototype for cpu_show_srbds() (Guenter Roeck) \n- LTS tag: v5.4.198 (Sherry Yang) \n- tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd (Eric Dumazet) \n- mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N (Tokunori Ikegami) \n- md/raid0: Ignore RAID0 layout if the second zone has only one device (Pascal Hambourg) \n- powerpc/32: Fix overread/overwrite of thread_struct via ptrace (Michael Ellerman) \n- Input: bcm5974 - set missing URB_NO_TRANSFER_DMA_MAP urb flag (Mathias Nyman) \n- ixgbe: fix unexpected VLAN Rx in promisc mode on VF (Olivier Matz) \n- ixgbe: fix bcast packets Rx on VF after promisc removal (Olivier Matz) \n- nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling (Martin Faltesek) \n- nfc: st21nfca: fix incorrect validating logic in EVT_TRANSACTION (Martin Faltesek) \n- mmc: block: Fix CQE recovery reset success (Adrian Hunter) \n- ata: libata-transport: fix {dma|pio|xfer}_mode sysfs files (Sergey Shtylyov) \n- cifs: return errors during session setup during reconnects (Shyam Prasad N) \n- ALSA: hda/conexant - Fix loopback issue with CX20632 (huangwenhui) \n- scripts/gdb: change kernel config dumping method (Kuan-Ying Lee) \n- vringh: Fix loop descriptors check in the indirect cases (Xie Yongji) \n- nodemask: Fix return values to be unsigned (Kees Cook) \n- cifs: version operations for smb20 unneeded when legacy support disabled (Steve French) \n- s390/gmap: voluntarily schedule during key setting (Christian Borntraeger) \n- nbd: fix io hung while disconnecting device (Yu Kuai) \n- nbd: fix race between nbd_alloc_config() and module removal (Yu Kuai) \n- nbd: call genl_unregister_family() first in nbd_cleanup() (Yu Kuai) \n- x86/cpu: Elide KCSAN for cpu_has() and friends (Peter Zijlstra) \n- modpost: fix undefined behavior of is_arm_mapping_symbol() (Masahiro Yamada) \n- drm/radeon: fix a possible null pointer dereference (Gong Yuanjun) \n- ceph: allow ceph.dir.rctime xattr to be updatable (Venky Shankar) \n- Revert 'net: af_key: add check for pfkey_broadcast in function pfkey_process' (Michal Kubecek) \n- scsi: myrb: Fix up null pointer access on myrb_cleanup() (Hannes Reinecke) \n- md: protect md_unregister_thread from reentrancy (Guoqing Jiang) \n- watchdog: wdat_wdt: Stop watchdog when rebooting the system (Liu Xinpeng) \n- kernfs: Separate kernfs_pr_cont_buf and rename_lock. (Hao Luo) \n- serial: msm_serial: disable interrupts in __msm_console_write() (John Ogness) \n- staging: rtl8712: fix uninit-value in r871xu_drv_init() (Wang Cheng) \n- staging: rtl8712: fix uninit-value in usb_read8() and friends (Wang Cheng) \n- clocksource/drivers/sp804: Avoid error on multiple instances (Andre Przywara) \n- extcon: Modify extcon device to be created after driver data is set (bumwoo lee) \n- misc: rtsx: set NULL intfdata when probe fails (Shuah Khan) \n- usb: dwc2: gadget: don't reset gadget's driver->bus (Marek Szyprowski) \n- USB: hcd-pci: Fully suspend across freeze/thaw cycle (Evan Green) \n- drivers: usb: host: Fix deadlock in oxu_bus_suspend() (Duoming Zhou) \n- drivers: tty: serial: Fix deadlock in sa1100_set_termios() (Duoming Zhou) \n- USB: host: isp116x: check return value after calling platform_get_resource() (Zhen Ni) \n- drivers: staging: rtl8192e: Fix deadlock in rtllib_beacons_stop() (Duoming Zhou) \n- drivers: staging: rtl8192u: Fix deadlock in ieee80211_beacons_stop() (Duoming Zhou) \n- tty: Fix a possible resource leak in icom_probe (Huang Guobin) \n- tty: synclink_gt: Fix null-pointer-dereference in slgt_clean() (Zheyu Ma) \n- lkdtm/usercopy: Expand size of 'out of frame' object (Kees Cook) \n- iio: st_sensors: Add a local lock for protecting odr (Miquel Raynal) \n- iio: dummy: iio_simple_dummy: check the return value of kstrdup() (Xiaoke Wang) \n- drm: imx: fix compiler warning with gcc-12 (Linus Torvalds) \n- net: altera: Fix refcount leak in altera_tse_mdio_create (Miaoqian Lin) \n- ip_gre: test csum_start instead of transport header (Willem de Bruijn) \n- net/mlx5: fs, fail conflicting actions (Mark Bloch) \n- net/mlx5: Rearm the FW tracer after each tracer event (Feras Daoud) \n- net: ipv6: unexport __init-annotated seg6_hmac_init() (Masahiro Yamada) \n- net: xfrm: unexport __init-annotated xfrm4_protocol_init() (Masahiro Yamada) \n- net: mdio: unexport __init-annotated mdio_bus_init() (Masahiro Yamada) \n- SUNRPC: Fix the calculation of xdr->end in xdr_get_next_encode_buffer() (Chuck Lever) \n- net/mlx4_en: Fix wrong return value on ioctl EEPROM query failure (Gal Pressman) \n- net: dsa: lantiq_gswip: Fix refcount leak in gswip_gphy_fw_list (Miaoqian Lin) \n- bpf, arm64: Clear prog->jited_len along prog->jited (Eric Dumazet) \n- af_unix: Fix a data-race in unix_dgram_peer_wake_me(). (Kuniyuki Iwashima) \n- xen: unexport __init-annotated xen_xlate_map_ballooned_pages() (Masahiro Yamada) \n- netfilter: nf_tables: memleak flow rule from commit path (Pablo Neira Ayuso) \n- ata: pata_octeon_cf: Fix refcount leak in octeon_cf_probe (Miaoqian Lin) \n- netfilter: nat: really support inet nat without l3 address (Florian Westphal) \n- xprtrdma: treat all calls not a bcall when bc_serv is NULL (Kinglong Mee) \n- video: fbdev: pxa3xx-gcu: release the resources correctly in pxa3xx_gcu_probe/remove() (Yang Yingliang) \n- NFSv4: Don't hold the layoutget locks across multiple RPC calls (Trond Myklebust) \n- dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type (Radhey Shyam Pandey) \n- m68knommu: fix undefined reference to _init_sp' (Greg Ungerer) \n- m68knommu: set ZERO_PAGE() to the allocated zeroed page (Greg Ungerer) \n- i2c: cadence: Increase timeout per message if necessary (Lucas Tanure) \n- f2fs: remove WARN_ON in f2fs_is_valid_blkaddr (Dongliang Mu) \n- tracing: Avoid adding tracer option before update_tracer_options (Mark-PK Tsai) \n- tracing: Fix sleeping function called from invalid context on RT kernel (Jun Miao) \n- mips: cpc: Fix refcount leak in mips_cpc_default_phys_base (Gong Yuanjun) \n- perf c2c: Fix sorting in percent_rmt_hitm_cmp() (Leo Yan) \n- tipc: check attribute length for bearer name (Hoang Le) \n- afs: Fix infinite loop found by xfstest generic/676 (David Howells) \n- tcp: tcp_rtx_synack() can be called from process context (Eric Dumazet) \n- net: sched: add barrier to fix packet stuck problem for lockless qdisc (Guoju Fang) \n- net/mlx5e: Update netdev features after changing XDP state (Maxim Mikityanskiy) \n- net/mlx5: Don't use already freed action pointer (Leon Romanovsky) \n- nfp: only report pause frame configuration for physical device (Yu Xiao) \n- ubi: ubi_create_volume: Fix use-after-free when volume creation failed (Zhihao Cheng) \n- jffs2: fix memory leak in jffs2_do_fill_super (Baokun Li) \n- modpost: fix removing numeric suffixes (Alexander Lobakin) \n- net: dsa: mv88e6xxx: Fix refcount leak in mv88e6xxx_mdios_register (Miaoqian Lin) \n- net: ethernet: mtk_eth_soc: out of bounds read in mtk_hwlro_get_fdir_entry() (Dan Carpenter) \n- net: sched: fixed barrier to prevent skbuff sticking in qdisc backlog (Vincent Ray) \n- s390/crypto: fix scatterwalk_unmap() callers in AES-GCM (Jann Horn) \n- clocksource/drivers/oxnas-rps: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski) \n- ASoC: fsl_sai: Fix FSL_SAI_xDR/xFR definition (Shengjiu Wang) \n- watchdog: ts4800_wdt: Fix refcount leak in ts4800_wdt_probe (Miaoqian Lin) \n- driver core: fix deadlock in __device_attach (Zhang Wensheng) \n- driver: base: fix UAF when driver_attach failed (Schspa Shi) \n- bus: ti-sysc: Fix warnings for unbind for serial (Tony Lindgren) \n- firmware: dmi-sysfs: Fix memory leak in dmi_sysfs_register_handle (Miaoqian Lin) \n- serial: stm32-usart: Correct CSIZE, bits, and parity (Ilpo Jarvinen) \n- serial: st-asc: Sanitize CSIZE and correct PARENB for CS7 (Ilpo Jarvinen) \n- serial: sifive: Sanitize CSIZE and c_iflag (Ilpo Jarvinen) \n- serial: sh-sci: Don't allow CS5-6 (Ilpo Jarvinen) \n- serial: txx9: Don't allow CS5-6 (Ilpo Jarvinen) \n- serial: rda-uart: Don't allow CS5-6 (Ilpo Jarvinen) \n- serial: digicolor-usart: Don't allow CS5-6 (Ilpo Jarvinen) \n- serial: 8250_fintek: Check SER_RS485_RTS_* only with RS485 (Ilpo Jarvinen) \n- serial: meson: acquire port->lock in startup() (John Ogness) \n- rtc: mt6397: check return value after calling platform_get_resource() (Yang Yingliang) \n- clocksource/drivers/riscv: Events are stopped during CPU suspend (Samuel Holland) \n- soc: rockchip: Fix refcount leak in rockchip_grf_init (Miaoqian Lin) \n- coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier (Guilherme G. Piccoli) \n- serial: sifive: Report actual baud base rather than fixed 115200 (Maciej W. Rozycki) \n- phy: qcom-qmp: fix pipe-clock imbalance on power-on failure (Johan Hovold) \n- rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() fails (Krzysztof Kozlowski) \n- iio: adc: sc27xx: Fine tune the scale calibration values (Cixi Geng) \n- iio: adc: sc27xx: fix read big scale voltage not right (Cixi Geng) \n- iio: adc: stmpe-adc: Fix wait_for_completion_timeout return value check (Miaoqian Lin) \n- firmware: stratix10-svc: fix a missing check on list iterator (Xiaomeng Tong) \n- usb: dwc3: pci: Fix pm_runtime_get_sync() error checking (Zheng Yongjun) \n- rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski) \n- pwm: lp3943: Fix duty calculation in case period was clamped (Uwe Kleine-Konig) \n- staging: fieldbus: Fix the error handling path in anybuss_host_common_probe() (Christophe JAILLET) \n- usb: musb: Fix missing of_node_put() in omap2430_probe (Miaoqian Lin) \n- USB: storage: karma: fix rio_karma_init return (Lin Ma) \n- usb: usbip: add missing device lock on tweak configuration cmd (Niels Dossche) \n- usb: usbip: fix a refcount leak in stub_probe() (Hangyu Hua) \n- tty: serial: fsl_lpuart: fix potential bug when using both of_alias_get_id and ida_simple_get (Sherry Sun) \n- tty: serial: owl: Fix missing clk_disable_unprepare() in owl_uart_probe (Miaoqian Lin) \n- tty: goldfish: Use tty_port_destroy() to destroy port (Wang Weiyang) \n- iio: adc: ad7124: Remove shift from scan_type (Alexandru Tachici) \n- staging: greybus: codecs: fix type confusion of list iterator variable (Jakob Koschel) \n- pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards (Randy Dunlap) \n- md: bcache: check the return value of kzalloc() in detached_dev_do_request() (Jia-Ju Bai) \n- block: fix bio_clone_blkg_association() to associate with proper blkcg_gq (Jan Kara) \n- bfq: Make sure bfqg for which we are queueing requests is online (Jan Kara) \n- bfq: Get rid of __bio_blkcg() usage (Jan Kara) \n- bfq: Remove pointless bfq_init_rq() calls (Jan Kara) \n- bfq: Drop pointless unlock-lock pair (Jan Kara) \n- bfq: Avoid merging queues with different parents (Jan Kara) \n- MIPS: IP27: Remove incorrect cpu_has_fpu' override (Maciej W. Rozycki) \n- RDMA/rxe: Generate a completion for unsupported/invalid opcode (Xiao Yang) \n- Kconfig: add config option for asm goto w/ outputs (Nick Desaulniers) \n- phy: qcom-qmp: fix reset-controller leak on probe errors (Johan Hovold) \n- blk-iolatency: Fix inflight count imbalances and IO hangs on offline (Tejun Heo) \n- dt-bindings: gpio: altera: correct interrupt-cells (Dinh Nguyen) \n- docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0 (Akira Yokosawa) \n- ARM: pxa: maybe fix gpio lookup tables (Arnd Bergmann) \n- phy: qcom-qmp: fix struct clk leak on probe errors (Johan Hovold) \n- arm64: dts: qcom: ipq8074: fix the sleep clock frequency (Kathiravan T) \n- gma500: fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- serial: pch: don't overwrite xmit->buf[0] by x_char (Jiri Slaby) \n- carl9170: tx: fix an incorrect use of list iterator (Xiaomeng Tong) \n- ASoC: rt5514: Fix event generation for 'DSP Voice Wake Up' control (Mark Brown) \n- rtl818x: Prevent using not initialized queues (Alexander Wetzel) \n- hugetlb: fix huge_pmd_unshare address update (Mike Kravetz) \n- nodemask.h: fix compilation error with GCC12 (Christophe de Dinechin) \n- iommu/msm: Fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- um: Fix out-of-bounds read in LDT setup (Vincent Whitchurch) \n- um: chan_user: Fix winch_tramp() return value (Johannes Berg) \n- mac80211: upgrade passive scan to active scan on DFS channels after beacon rx (Felix Fietkau) \n- irqchip: irq-xtensa-mx: fix initial IRQ affinity (Max Filippov) \n- irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375, A38x, A39x (Pali Rohar) \n- RDMA/hfi1: Fix potential integer multiplication overflow errors (Dennis Dalessandro) \n- Kconfig: Add option for asm goto w/ tied outputs to workaround clang-13 bug (Sean Christopherson) \n- media: coda: Add more H264 levels for CODA960 (Nicolas Dufresne) \n- media: coda: Fix reported H264 profile (Nicolas Dufresne) \n- mtd: cfi_cmdset_0002: Move and rename chip_check/chip_ready/chip_good_for_write (Tokunori Ikegami) \n- md: fix an incorrect NULL check in md_reload_sb (Xiaomeng Tong) \n- md: fix an incorrect NULL check in does_sb_need_changing (Xiaomeng Tong) \n- drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX (Brian Norris) \n- drm/nouveau/clk: Fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- drm/etnaviv: check for reaped mapping in etnaviv_iommu_unmap_gem (Lucas Stach) \n- drm/amdgpu/cs: make commands with 0 chunks illegal behaviour. (Dave Airlie) \n- scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled (Manivannan Sadhasivam) \n- scsi: dc395x: Fix a missing check on list iterator (Xiaomeng Tong) \n- ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock (Junxiao Bi via Ocfs2-devel) \n- dlm: fix missing lkb refcount handling (Alexander Aring) \n- dlm: fix plock invalid read (Alexander Aring) \n- mm, compaction: fast_find_migrateblock() should return pfn in the target zone (Rei Yamamoto) \n- PCI: qcom: Fix unbalanced PHY init on probe errors (Johan Hovold) \n- PCI: qcom: Fix runtime PM imbalance on probe errors (Johan Hovold) \n- PCI/PM: Fix bridge_d3_blacklist[] Elo i2 overwrite of Gigabyte X299 (Bjorn Helgaas) \n- tracing: Fix potential double free in create_var_ref() (Keita Suzuki) \n- ACPI: property: Release subnode properties with data nodes (Sakari Ailus) \n- ext4: avoid cycles in directory h-tree (Jan Kara) \n- ext4: verify dir block before splitting it (Jan Kara) \n- ext4: fix bug_on in ext4_writepages (Ye Bin) \n- ext4: fix warning in ext4_handle_inode_extension (Ye Bin) \n- ext4: fix use-after-free in ext4_rename_dir_prepare (Ye Bin) \n- netfilter: nf_tables: disallow non-stateful expression in sets earlier (Pablo Neira Ayuso) \n- bfq: Track whether bfq_group is still online (Jan Kara) \n- bfq: Update cgroup information before merging bio (Jan Kara) \n- bfq: Split shared queues on move between cgroups (Jan Kara) \n- efi: Do not import certificates from UEFI Secure Boot for T2 Macs (Aditya Garg) \n- fs-writeback: writeback_sb_inodes:Recalculate 'wrote' according skipped pages (Zhihao Cheng) \n- iwlwifi: mvm: fix assert 1F04 upon reconfig (Emmanuel Grumbach) \n- wifi: mac80211: fix use-after-free in chanctx code (Johannes Berg) \n- f2fs: fix fallocate to use file_modified to update permissions consistently (Chao Yu) \n- f2fs: don't need inode lock for system hidden quota (Jaegeuk Kim) \n- f2fs: fix deadloop in foreground GC (Chao Yu) \n- f2fs: fix to clear dirty inode in f2fs_evict_inode() (Chao Yu) \n- f2fs: fix to do sanity check on block address in f2fs_do_zero_range() (Chao Yu) \n- f2fs: fix to avoid f2fs_bug_on() in dec_valid_node_count() (Chao Yu) \n- perf jevents: Fix event syntax error caused by ExtSel (Zhengjun Xing) \n- perf c2c: Use stdio interface if slang is not supported (Leo Yan) \n- iommu/amd: Increase timeout waiting for GA log enablement (Joerg Roedel) \n- dmaengine: stm32-mdma: remove GISR1 register (Amelie Delaunay) \n- video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup (Miaoqian Lin) \n- NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS layout (Trond Myklebust) \n- NFS: Don't report errors from nfs_pageio_complete() more than once (Trond Myklebust) \n- NFS: Do not report flush errors in nfs_write_end() (Trond Myklebust) \n- NFS: Do not report EINTR/ERESTARTSYS as mapping errors (Trond Myklebust) \n- i2c: at91: Initialize dma_buf in at91_twi_xfer() (Nathan Chancellor) \n- i2c: at91: use dma safe buffers (Michael Walle) \n- iommu/mediatek: Add list_del in mtk_iommu_remove (Yong Wu) \n- f2fs: fix dereference of stale list iterator after loop body (Jakob Koschel) \n- Input: stmfts - do not leave device disabled in stmfts_input_open (Dmitry Torokhov) \n- RDMA/hfi1: Prevent use of lock before it is initialized (Douglas Miller) \n- mailbox: forward the hrtimer if not queued and under a lock (Bjorn Ardo) \n- mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe() (Yang Yingliang) \n- powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup (Miaoqian Lin) \n- macintosh: via-pmu and via-cuda need RTC_LIB (Randy Dunlap) \n- powerpc/perf: Fix the threshold compare group constraint for power9 (Kajol Jain) \n- powerpc/64: Only WARN if __pa()/__va() called with bad addresses (Michael Ellerman) \n- Input: sparcspkr - fix refcount leak in bbc_beep_probe (Miaoqian Lin) \n- crypto: cryptd - Protect per-CPU resource by disabling BH. (Sebastian Andrzej Siewior) \n- tty: fix deadlock caused by calling printk() under tty_port->lock (Qi Zheng) \n- PCI: imx6: Fix PERST# start-up sequence (Francesco Dolcini) \n- ipc/mqueue: use get_tree_nodev() in mqueue_get_tree() (Waiman Long) \n- proc: fix dentry/inode overinstantiating under /proc//net (Alexey Dobriyan) \n- powerpc/4xx/cpm: Fix return value of __setup() handler (Randy Dunlap) \n- powerpc/idle: Fix return value of __setup() handler (Randy Dunlap) \n- powerpc/8xx: export 'cpm_setbrg' for modules (Randy Dunlap) \n- dax: fix cache flush on PMD-mapped pages (Muchun Song) \n- drivers/base/node.c: fix compaction sysfs file leak (Miaohe Lin) \n- pinctrl: mvebu: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski) \n- nvdimm: Allow overwrite in the presence of disabled dimms (Dan Williams) \n- firmware: arm_scmi: Fix list protocols enumeration in the base protocol (Cristian Marussi) \n- scsi: fcoe: Fix Wstringop-overflow warnings in fcoe_wwn_from_mac() (Gustavo A. R. Silva) \n- mfd: ipaq-micro: Fix error check return value of platform_get_irq() (Lv Ruyi) \n- powerpc/fadump: fix PT_LOAD segment for boot memory area (Hari Bathini) \n- arm: mediatek: select arch timer for mt7629 (Chuanhong Guo) \n- crypto: marvell/cesa - ECB does not IV (Corentin Labbe) \n- misc: ocxl: fix possible double free in ocxl_file_register_afu (Hangyu Hua) \n- ARM: dts: bcm2835-rpi-b: Fix GPIO line names (Stefan Wahren) \n- ARM: dts: bcm2837-rpi-3-b-plus: Fix GPIO line name of power LED (Phil Elwell) \n- ARM: dts: bcm2837-rpi-cm3-io3: Fix GPIO line names for SMPS I2C (Phil Elwell) \n- ARM: dts: bcm2835-rpi-zero-w: Fix GPIO line name for Wifi/BT (Phil Elwell) \n- can: xilinx_can: mark bit timing constants as const (Marc Kleine-Budde) \n- KVM: nVMX: Leave most VM-Exit info fields unmodified on failed VM-Entry (Sean Christopherson) \n- PCI: rockchip: Fix find_first_zero_bit() limit (Dan Carpenter) \n- PCI: cadence: Fix find_first_zero_bit() limit (Dan Carpenter) \n- soc: qcom: smsm: Fix missing of_node_put() in smsm_parse_ipc (Miaoqian Lin) \n- soc: qcom: smp2p: Fix missing of_node_put() in smp2p_parse_ipc (Miaoqian Lin) \n- ARM: dts: suniv: F1C100: fix watchdog compatible (Andre Przywara) \n- arm64: dts: rockchip: Move drive-impedance-ohm to emmc phy on rk3399 (Shawn Lin) \n- net/smc: postpone sk_refcnt increment in connect() (liuyacan) \n- rxrpc: Fix decision on when to generate an IDLE ACK (David Howells) \n- rxrpc: Don't let ack.previousPacket regress (David Howells) \n- rxrpc: Fix overlapping ACK accounting (David Howells) \n- rxrpc: Don't try to resend the request if we're receiving the reply (David Howells) \n- rxrpc: Fix listen() setting the bar too high for the prealloc rings (David Howells) \n- NFC: hci: fix sleep in atomic context bugs in nfc_hci_hcp_message_tx (Duoming Zhou) \n- ASoC: wm2000: fix missing clk_disable_unprepare() on error in wm2000_anc_transition() (Yang Yingliang) \n- thermal/drivers/broadcom: Fix potential NULL dereference in sr_thermal_probe (Zheng Yongjun) \n- drm: msm: fix possible memory leak in mdp5_crtc_cursor_set() (Hangyu Hua) \n- drm/msm/a6xx: Fix refcount leak in a6xx_gpu_init (Miaoqian Lin) \n- ext4: reject the 'commit' option on ext2 filesystems (Eric Biggers) \n- media: ov7670: remove ov7670_power_off from ov7670_remove (Dongliang Mu) \n- sctp: read sk->sk_bound_dev_if once in sctp_rcv() (Eric Dumazet) \n- m68k: math-emu: Fix dependencies of math emulation support (Geert Uytterhoeven) \n- Bluetooth: fix dangling sco_conn and use-after-free in sco_sock_timeout (Ying Hsu) \n- media: vsp1: Fix offset calculation for plane cropping (Michael Rodin) \n- media: pvrusb2: fix array-index-out-of-bounds in pvr2_i2c_core_init (Pavel Skripkin) \n- media: exynos4-is: Change clk_disable to clk_disable_unprepare (Miaoqian Lin) \n- media: st-delta: Fix PM disable depth imbalance in delta_probe (Miaoqian Lin) \n- media: aspeed: Fix an error handling path in aspeed_video_probe() (Christophe JAILLET) \n- scripts/faddr2line: Fix overlapping text section failures (Josh Poimboeuf) \n- regulator: pfuze100: Fix refcount leak in pfuze_parse_regulators_dt (Miaoqian Lin) \n- ASoC: mxs-saif: Fix refcount leak in mxs_saif_probe (Miaoqian Lin) \n- ASoC: fsl: Fix refcount leak in imx_sgtl5000_probe (Miaoqian Lin) \n- perf/amd/ibs: Use interrupt regs ip for stack unwinding (Ravi Bangoria) \n- Revert 'cpufreq: Fix possible race in cpufreq online error path' (Viresh Kumar) \n- iomap: iomap_write_failed fix (Andreas Gruenbacher) \n- media: uvcvideo: Fix missing check to determine if element is found in list (Xiaomeng Tong) \n- drm/msm: return an error pointer in msm_gem_prime_get_sg_table() (Dan Carpenter) \n- drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected (Jessica Zhang) \n- drm/msm/mdp5: Return error code in mdp5_pipe_release when deadlock is detected (Jessica Zhang) \n- regulator: core: Fix enable_count imbalance with EXCLUSIVE_GET (Zev Weiss) \n- x86/mm: Cleanup the control_va_addr_alignment() __setup handler (Randy Dunlap) \n- irqchip/aspeed-i2c-ic: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski) \n- irqchip/exiu: Fix acknowledgment of edge triggered interrupts (Daniel Thompson) \n- x86: Fix return value of __setup handlers (Randy Dunlap) \n- virtio_blk: fix the discard_granularity and discard_alignment queue limits (Christoph Hellwig) \n- drm/rockchip: vop: fix possible null-ptr-deref in vop_bind() (Yang Yingliang) \n- drm/msm/hdmi: fix error check return value of irq_of_parse_and_map() (Lv Ruyi) \n- drm/msm/hdmi: check return value after calling platform_get_resource_byname() (Yang Yingliang) \n- drm/msm/dsi: fix error checks and return values for DSI xmit functions (Dmitry Baryshkov) \n- drm/msm/disp/dpu1: set vbif hw config to NULL to avoid use after memory free during pm runtime resume (Vinod Polimera) \n- perf tools: Add missing headers needed by util/data.h (Yang Jihong) \n- ASoC: rk3328: fix disabling mclk on pclk probe failure (Nicolas Frattaroli) \n- x86/speculation: Add missing prototype for unpriv_ebpf_notify() (Josh Poimboeuf) \n- x86/pm: Fix false positive kmemleak report in msr_build_context() (Matthieu Baerts) \n- scsi: ufs: core: Exclude UECxx from SFR dump list (Kiwoong Kim) \n- of: overlay: do not break notify on NOTIFY_{OK|STOP} (Nuno Sa) \n- fsnotify: fix wrong lockdep annotations (Amir Goldstein) \n- inotify: show inotify mask flags in proc fdinfo (Amir Goldstein) \n- ath9k_htc: fix potential out of bounds access with invalid rxstatus->rs_keyix (Dan Carpenter) \n- cpufreq: Fix possible race in cpufreq online error path (Schspa Shi) \n- spi: img-spfi: Fix pm_runtime_get_sync() error checking (Zheng Yongjun) \n- sched/fair: Fix cfs_rq_clock_pelt() for throttled cfs_rq (Chengming Zhou) \n- drm/bridge: Fix error handling in analogix_dp_probe (Miaoqian Lin) \n- HID: elan: Fix potential double free in elan_input_configured (Miaoqian Lin) \n- HID: hid-led: fix maximum brightness for Dream Cheeky (Jonathan Teh) \n- drbd: fix duplicate array initializer (Arnd Bergmann) \n- efi: Add missing prototype for efi_capsule_setup_info (Jan Kiszka) \n- NFC: NULL out the dev->rfkill to prevent UAF (Lin Ma) \n- spi: spi-ti-qspi: Fix return value handling of wait_for_completion_timeout (Miaoqian Lin) \n- drm: mali-dp: potential dereference of null pointer (Jiasheng Jiang) \n- drm/komeda: Fix an undefined behavior bug in komeda_plane_add() (Zhou Qingyang) \n- nl80211: show SSID for P2P_GO interfaces (Johannes Berg) \n- bpf: Fix excessive memory allocation in stack_map_alloc() (Yuntao Wang) \n- drm/vc4: txp: Force alpha to be 0xff if it's disabled (Maxime Ripard) \n- drm/vc4: txp: Don't set TXP_VSTART_AT_EOF (Maxime Ripard) \n- drm/mediatek: Fix mtk_cec_mask() (Miles Chen) \n- x86/delay: Fix the wrong asm constraint in delay_loop() (Ammar Faizi) \n- ASoC: mediatek: Fix missing of_node_put in mt2701_wm8960_machine_probe (Miaoqian Lin) \n- ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe (Miaoqian Lin) \n- drm/bridge: adv7511: clean up CEC adapter when probe fails (Lucas Stach) \n- drm/edid: fix invalid EDID extension block filtering (Jani Nikula) \n- ath9k: fix ar9003_get_eepmisc (Wenli Looi) \n- drm: fix EDID struct for old ARM OABI format (Linus Torvalds) \n- RDMA/hfi1: Prevent panic when SDMA is disabled (Douglas Miller) \n- powerpc/iommu: Add missing of_node_put in iommu_init_early_dart (Peng Wu) \n- macintosh/via-pmu: Fix build failure when CONFIG_INPUT is disabled (Finn Thain) \n- powerpc/powernv: fix missing of_node_put in uv_init() (Lv Ruyi) \n- powerpc/xics: fix refcount leak in icp_opal_init() (Lv Ruyi) \n- tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate (Vasily Averin) \n- PCI: Avoid pci_dev_lock() AB/BA deadlock with sriov_numvfs_store() (Yicong Yang) \n- ARM: hisi: Add missing of_node_put after of_find_compatible_node (Peng Wu) \n- ARM: dts: exynos: add atmel,24c128 fallback to Samsung EEPROM (Krzysztof Kozlowski) \n- ARM: versatile: Add missing of_node_put in dcscb_init (Peng Wu) \n- fat: add ratelimit to fat*_ent_bread() (OGAWA Hirofumi) \n- powerpc/fadump: Fix fadump to work with a different endian capture kernel (Hari Bathini) \n- ARM: OMAP1: clock: Fix UART rate reporting algorithm (Janusz Krzysztofik) \n- fs: jfs: fix possible NULL pointer dereference in dbFree() (Zixuan Fu) \n- PM / devfreq: rk3399_dmc: Disable edev on remove() (Brian Norris) \n- ARM: dts: ox820: align interrupt controller node name with dtschema (Krzysztof Kozlowski) \n- IB/rdmavt: add missing locks in rvt_ruc_loopback (Niels Dossche) \n- selftests/bpf: fix btf_dump/btf_dump due to recent clang change (Yonghong Song) \n- eth: tg3: silence the GCC 12 array-bounds warning (Jakub Kicinski) \n- rxrpc: Return an error to sendmsg if call failed (David Howells) \n- hwmon: Make chip parameter for with_info API mandatory (Guenter Roeck) \n- ASoC: max98357a: remove dependency on GPIOLIB (Pierre-Louis Bossart) \n- media: exynos4-is: Fix compile warning (Kwanghoon Son) \n- net: phy: micrel: Allow probing without .driver_data (Fabio Estevam) \n- nbd: Fix hung on disconnect request if socket is closed before (Xie Yongji) \n- ASoC: rt5645: Fix errorenous cleanup order (Lin Ma) \n- nvme-pci: fix a NULL pointer dereference in nvme_alloc_admin_tags (Smith, Kyle Miller (Nimble Kernel)) \n- openrisc: start CPU timer early in boot (Jason A. Donenfeld) \n- media: cec-adap.c: fix is_configuring state (Hans Verkuil) \n- media: coda: limit frame interval enumeration to supported encoder frame sizes (Philipp Zabel) \n- rtlwifi: Use pr_warn instead of WARN_ONCE (Dongliang Mu) \n- ipmi: Fix pr_fmt to avoid compilation issues (Corey Minyard) \n- ipmi:ssif: Check for NULL msg when handling events and messages (Corey Minyard) \n- ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default (Mario Limonciello) \n- dma-debug: change allocation mode from GFP_NOWAIT to GFP_ATIOMIC (Mikulas Patocka) \n- spi: stm32-qspi: Fix wait_cmd timeout in APM mode (Patrice Chotard) \n- s390/preempt: disable __preempt_count_add() optimization for PROFILE_ALL_BRANCHES (Heiko Carstens) \n- ASoC: tscs454: Add endianness flag in snd_soc_component_driver (Charles Keepax) \n- HID: bigben: fix slab-out-of-bounds Write in bigben_probe (Dongliang Mu) \n- drm/amdgpu/ucode: Remove firmware load type check in amdgpu_ucode_free_bo (Alice Wong) \n- mlxsw: spectrum_dcb: Do not warn about priority changes (Petr Machata) \n- ASoC: dapm: Don't fold register value changes into notifications (Mark Brown) \n- net/mlx5: fs, delete the FTE when there are no rules attached to it (Mark Bloch) \n- ipv6: Don't send rs packets to the interface of ARPHRD_TUNNEL (jianghaoran) \n- drm: msm: fix error check return value of irq_of_parse_and_map() (Lv Ruyi) \n- arm64: compat: Do not treat syscall number as ESR_ELx for a bad syscall (Alexandru Elisei) \n- drm/amd/pm: fix the compile warning (Evan Quan) \n- drm/plane: Move range check for format_count earlier (Steven Price) \n- scsi: megaraid: Fix error check return value of register_chrdev() (Lv Ruyi) \n- mmc: jz4740: Apply DMA engine limits to maximum segment size (Aidan MacDonald) \n- md/bitmap: don't set sb values if can't pass sanity check (Heming Zhao) \n- media: cx25821: Fix the warning when removing the module (Zheyu Ma) \n- media: pci: cx23885: Fix the error handling in cx23885_initdev() (Zheyu Ma) \n- media: venus: hfi: avoid null dereference in deinit (Luca Weiss) \n- ath9k: fix QCA9561 PA bias level (Thibaut VAReNE) \n- drm/amd/pm: fix double free in si_parse_power_table() (Keita Suzuki) \n- tools/power turbostat: fix ICX DRAM power numbers (Len Brown) \n- spi: spi-rspi: Remove setting {src,dst}_{addr,addr_width} based on DMA direction (Biju Das) \n- ALSA: jack: Access input_dev under mutex (Amadeusz Siawinski) \n- drm/komeda: return early if drm_universal_plane_init() fails. (Liviu Dudau) \n- ACPICA: Avoid cache flush inside virtual machines (Kirill A. Shutemov) \n- fbcon: Consistently protect deferred_takeover with console_lock() (Daniel Vetter) \n- ipv6: fix locking issues with loops over idev->addr_list (Niels Dossche) \n- ipw2x00: Fix potential NULL dereference in libipw_xmit() (Haowen Bai) \n- b43: Fix assigning negative value to unsigned variable (Haowen Bai) \n- b43legacy: Fix assigning negative value to unsigned variable (Haowen Bai) \n- mwifiex: add mutex lock for call in mwifiex_dfs_chan_sw_work_queue (Niels Dossche) \n- drm/virtio: fix NULL pointer dereference in virtio_gpu_conn_get_modes (Liu Zixian) \n- btrfs: repair super block num_devices automatically (Qu Wenruo) \n- btrfs: add '0x' prefix for unsupported optional features (Qu Wenruo) \n- ptrace: Reimplement PTRACE_KILL by always sending SIGKILL (Eric W. Biederman) \n- ptrace/xtensa: Replace PT_SINGLESTEP with TIF_SINGLESTEP (Eric W. Biederman) \n- ptrace/um: Replace PT_DTRACE with TIF_SINGLESTEP (Eric W. Biederman) \n- perf/x86/intel: Fix event constraints for ICL (Kan Liang) \n- usb: core: hcd: Add support for deferring roothub registration (Kishon Vijay Abraham I) \n- USB: new quirk for Dell Gen 2 devices (Monish Kumar R) \n- USB: serial: option: add Quectel BG95 modem (Carl Yin) \n- ALSA: hda/realtek - Fix microphone noise on ASUS TUF B550M-PLUS (Marios Levogiannis) \n- binfmt_flat: do not stop relocating GOT entries prematurely on riscv (Niklas Cassel) \n- LTS tag: v5.4.197 (Sherry Yang) \n- bpf: Enlarge offset check value to INT_MAX in bpf_skb_{load,store}_bytes (Liu Jian) \n- NFSD: Fix possible sleep during nfsd4_release_lockowner() (Chuck Lever) \n- NFS: Memory allocation failures are not server fatal errors (Trond Myklebust) \n- docs: submitting-patches: Fix crossref to 'The canonical patch format' (Akira Yokosawa) \n- tpm: ibmvtpm: Correct the return value in tpm_ibmvtpm_probe() (Xiu Jianfeng) \n- tpm: Fix buffer access in tpm2_get_tpm_pt() (Stefan Mahnke-Hartmann) \n- HID: multitouch: Add support for Google Whiskers Touchpad (Marek Maslanka) \n- raid5: introduce MD_BROKEN (Mariusz Tkaczyk) \n- dm verity: set DM_TARGET_IMMUTABLE feature flag (Sarthak Kukreti) \n- dm stats: add cond_resched when looping over entries (Mikulas Patocka) \n- dm crypt: make printing of the key constant-time (Mikulas Patocka) \n- dm integrity: fix error code in dm_integrity_ctr() (Dan Carpenter) \n- zsmalloc: fix races between asynchronous zspage free and page migration (Sultan Alsawaf) \n- crypto: ecrdsa - Fix incorrect use of vli_cmp (Vitaly Chikunov) \n- netfilter: conntrack: re-fetch conntrack after insertion (Florian Westphal) \n- exec: Force single empty string when argv is empty (Kees Cook) \n- drm/i915: Fix -Wstringop-overflow warning in call to intel_read_wm_latency() (Gustavo A. R. Silva) \n- cfg80211: set custom regdomain after wiphy registration (Miri Korenblit) \n- i2c: ismt: Provide a DMA buffer for Interrupt Cause Logging (Mika Westerberg) \n- net: ftgmac100: Disable hardware checksum on AST2600 (Joel Stanley) \n- net: af_key: check encryption module availability consistency (Thomas Bartschies) \n- pinctrl: sunxi: fix f1c100s uart2 function (IotaHydrae) \n- ACPI: sysfs: Fix BERT error region memory mapping (Lorenzo Pieralisi) \n- ACPI: sysfs: Make sparse happy about address space in use (Andy Shevchenko) \n- media: vim2m: initialize the media device earlier (Hans Verkuil) \n- media: vim2m: Register video device after setting up internals (Sakari Ailus) \n- secure_seq: use the 64 bits of the siphash for port offset calculation (Willy Tarreau) \n- tcp: change source port randomizarion at connect() time (Eric Dumazet) \n- Input: goodix - fix spurious key release events (Dmitry Mastykin) \n- staging: rtl8723bs: prevent ->Ssid overflow in rtw_wx_set_scan() (Denis Efremov (Oracle)) \n- x86/pci/xen: Disable PCI/MSI[-X] masking for XEN_HVM guests (Thomas Gleixner)\n[5.4.17-2136.310.1]\n- intel_idle: Fix max_cstate for processor models without C-state tables (Chen Yu) [Orabug: 34081688] \n- intel_idle: add core C6 optimization for SPR (Artem Bityutskiy) [Orabug: 34081688] \n- intel_idle: add 'preferred_cstates' module argument (Artem Bityutskiy) [Orabug: 34081688] \n- intel_idle: add SPR support (Artem Bityutskiy) [Orabug: 34081688] \n- intel_idle: Adjust the SKX C6 parameters if PC6 is disabled (Chen Yu) [Orabug: 34081688] \n- intel_idle: Clean up kerneldoc comments for multiple functions (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Add __initdata annotations to init time variables (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Relocate definitions of cpuidle callbacks (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Clean up definitions of cpuidle callbacks (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Simplify LAPIC timer reliability checks (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Introduce 'states_off' module parameter (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Introduce 'use_acpi' module parameter (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Clean up irtl_2_usec() (Rafael J. Wysocki) [Orabug: 34081688] \n- Documentation: admin-guide: PM: Add intel_idle document (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Move 3 functions closer to their callers (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Annotate initialization code and data structures (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Move and clean up intel_idle_cpuidle_devices_uninit() (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Rearrange intel_idle_cpuidle_driver_init() (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Fold intel_idle_probe() into intel_idle_init() (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Eliminate __setup_broadcast_timer() (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Add module parameter to prevent ACPI _CST from being used (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Allow ACPI _CST to be used for selected known processors (Rafael J. Wysocki) [Orabug: 34081688] \n- cpuidle: Allow idle states to be disabled by default (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Use ACPI _CST for processor models without C-state tables (Rafael J. Wysocki) [Orabug: 34081688] \n- intel_idle: Refactor intel_idle_cpuidle_driver_init() (Rafael J. Wysocki) [Orabug: 34081688] \n- cpuidle: Drop disabled field from struct cpuidle_state (Thomas Tai) [Orabug: 34081688] \n- cpuidle: Consolidate disabled state checks (Rafael J. Wysocki) [Orabug: 34081688] \n- Revert 'intel_idle: Use ACPI _CST for processor models without C-state tables' (Thomas Tai) [Orabug: 34081688]", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-08-15T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21505", "CVE-2022-2153", "CVE-2022-23816", "CVE-2022-2588", "CVE-2022-29901"], "modified": "2022-08-15T00:00:00", "id": "ELSA-2022-9709", "href": "http://linux.oracle.com/errata/ELSA-2022-9709.html", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-09-21T22:44:06", "description": "[5.15.0-2.52.3.el8]\n- posix-cpu-timers: Cleanup CPU timers before freeing them during exec (Thadeu Lima de Souza Cascardo) [Orabug: 34495548] {CVE-2022-2585}\n- fix race between exit_itimers() and /proc/pid/timers (Oleg Nesterov) [Orabug: 34495548] \n- rds: ib: Add preemption control when using per-cpu variables (Hakon Bugge) [Orabug: 34505120] \n- ocfs2: fix handle refcount leak in two exception handling paths (Chenyuan Mi) [Orabug: 34436530] \n- netfilter: nf_tables: do not allow RULE_ID to refer to another chain (Thadeu Lima de Souza Cascardo) [Orabug: 34495566] {CVE-2022-2586}\n- netfilter: nf_tables: do not allow CHAIN_ID to refer to another table (Thadeu Lima de Souza Cascardo) [Orabug: 34495566] {CVE-2022-2586}\n- netfilter: nf_tables: do not allow SET_ID to refer to another table (Thadeu Lima de Souza Cascardo) [Orabug: 34495566] {CVE-2022-2586}\n- rds: copy_from_user only once per rds_sendmsg system call (Hans Westgaard Ry) [Orabug: 34510687] {CVE-2022-21385}\n- kernfs: Replace global kernfs_open_file_mutex with hashed mutexes. (Imran Khan) [Orabug: 34476940] \n- kernfs: Introduce interface to access global kernfs_open_file_mutex. (Imran Khan) [Orabug: 34476940] \n- kernfs: make ->attr.open RCU protected. (Imran Khan) [Orabug: 34476940] \n- kernfs: Rename kernfs_put_open_node to kernfs_unlink_open_file. (Imran Khan) [Orabug: 34476940] \n- kernfs: Remove reference counting for kernfs_open_node. (Imran Khan) [Orabug: 34476940] \n- Revert net/rds: Connect TCP backends deterministically (Gerd Rausch) [Orabug: 34476561] \n- rds/ib: handle posted ACK during connection shutdown (Rohit Nair) [Orabug: 34465808] \n- rds/ib: reap tx completions during connection shutdown (Rohit Nair) [Orabug: 34465808] \n- uek-rpm: Set CONFIG_VSOCKETS=m and CONFIG_VSOCKETS_DIAG=m (Victor Erminpour) [Orabug: 34461322] \n- scsi: target: Fix WRITE_SAME No Data Buffer crash (Mike Christie) [Orabug: 34419970] {CVE-2022-21546}\n- rds/rdma: destroy CQs during user initiated rds connection resets (Rohit Nair) [Orabug: 34414238]\n[5.15.0-2.52.2]\n- PCI: pciehp: Add quirk to handle spurious DLLSC on a x4x4 SSD (Thomas Tai) [Orabug: 34358322] \n- net/mlx5: E-Switch, change VFs default admin state to auto in switchdev (Maor Dickman) [Orabug: 34477072] \n- xen/manage: Use orderly_reboot() to reboot (Ross Lagerwall) [Orabug: 34480751] \n- net_sched: cls_route: remove from list when handle is 0 (Thadeu Lima de Souza Cascardo) [Orabug: 34484536] {CVE-2022-2588}\n[5.15.0-2.52.1]\n- LTS version: v5.15.52 (Jack Vogel) \n- io_uring: fix not locked access to fixed buf table (Pavel Begunkov) \n- net: mscc: ocelot: allow unregistered IP multicast flooding to CPU (Vladimir Oltean) \n- rtw88: rtw8821c: enable rfe 6 devices (Ping-Ke Shih) \n- rtw88: 8821c: support RFE type4 wifi NIC (Guo-Feng Fan) \n- fs: account for group membership (Christian Brauner) \n- fs: fix acl translation (Christian Brauner) \n- fs: support mapped mounts of mapped filesystems (Christian Brauner) \n- fs: add i_user_ns() helper (Christian Brauner) \n- fs: port higher-level mapping helpers (Christian Brauner) \n- fs: remove unused low-level mapping helpers (Christian Brauner) \n- fs: use low-level mapping helpers (Christian Brauner) \n- docs: update mapping documentation (Christian Brauner) \n- fs: account for filesystem mappings (Christian Brauner) \n- fs: tweak fsuidgid_has_mapping() (Christian Brauner) \n- fs: move mapping helpers (Christian Brauner) \n- fs: add is_idmapped_mnt() helper (Christian Brauner) \n- powerpc/ftrace: Remove ftrace init tramp once kernel init is complete (Naveen N. Rao) \n- xfs: Fix the free logic of state in xfs_attr_node_hasname (Yang Xu) \n- xfs: use kmem_cache_free() for kmem_cache objects (Rustam Kovhaev) \n- bcache: memset on stack variables in bch_btree_check() and bch_sectors_dirty_init() (Coly Li) \n- tick/nohz: unexport __init-annotated tick_nohz_full_setup() (Masahiro Yamada) \n- LTS version: v5.15.51 (Jack Vogel) \n- powerpc/pseries: wire up rng during setup_arch() (Jason A. Donenfeld) \n- kbuild: link vmlinux only once for CONFIG_TRIM_UNUSED_KSYMS (2nd attempt) (Masahiro Yamada) \n- dma-direct: use the correct size for dma_set_encrypted() (Dexuan Cui) \n- perf build-id: Fix caching files with a wrong build ID (Adrian Hunter) \n- random: update comment from copy_to_user() -> copy_to_iter() (Jason A. Donenfeld) \n- ARM: dts: bcm2711-rpi-400: Fix GPIO line names (Stefan Wahren) \n- modpost: fix section mismatch check for exported init/exit sections (Masahiro Yamada) \n- ARM: cns3xxx: Fix refcount leak in cns3xxx_init (Miaoqian Lin) \n- memory: samsung: exynos5422-dmc: Fix refcount leak in of_get_dram_timings (Miaoqian Lin) \n- ARM: Fix refcount leak in axxia_boot_secondary (Miaoqian Lin) \n- soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe (Miaoqian Lin) \n- ARM: exynos: Fix refcount leak in exynos_map_pmu (Miaoqian Lin) \n- arm64: dts: ti: k3-am64-main: Remove support for HS400 speed mode (Aswath Govindraju) \n- ARM: dts: imx6qdl: correct PU regulator ramp delay (Lucas Stach) \n- ARM: dts: imx7: Move hsic_phy power domain to HSIC PHY node (Alexander Stein) \n- drm/msm/dp: Always clear mask bits to disable interrupts at dp_ctrl_reset_irq_ctrl() (Kuogee Hsieh) \n- powerpc/powernv: wire up rng during setup_arch (Jason A. Donenfeld) \n- powerpc/rtas: Allow ibm,platform-dump RTAS call with null buffer address (Andrew Donnellan) \n- powerpc: Enable execve syscall exit tracepoint (Naveen N. Rao) \n- powerpc/microwatt: wire up rng during setup_arch() (Jason A. Donenfeld) \n- parisc: Enable ARCH_HAS_STRICT_MODULE_RWX (Helge Deller) \n- parisc/stifb: Fix fb_is_primary_device() only available with CONFIG_FB_STI (Helge Deller) \n- xtensa: Fix refcount leak bug in time.c (Liang He) \n- xtensa: xtfpga: Fix refcount leak bug in setup (Liang He) \n- iio: adc: ti-ads131e08: add missing fwnode_handle_put() in ads131e08_alloc_channels() (Jialin Zhang) \n- iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client (Miaoqian Lin) \n- iio: adc: rzg2l_adc: add missing fwnode_handle_put() in rzg2l_adc_parse_properties() (Jialin Zhang) \n- iio: adc: axp288: Override TS pin bias current for some models (Hans de Goede) \n- iio: adc: stm32: Fix IRQs on STM32F4 by removing custom spurious IRQs message (Yannick Brosseau) \n- iio: adc: stm32: Fix ADCs iteration in irq handler (Yannick Brosseau) \n- iio: afe: rescale: Fix boolean logic bug (Linus Walleij) \n- iio: imu: inv_icm42600: Fix broken icm42600 (chip id 0 value) (Jean-Baptiste Maneyrol) \n- iio: adc: stm32: fix maximum clock rate for stm32mp15x (Olivier Moysan) \n- iio: trigger: sysfs: fix use-after-free on remove (Vincent Whitchurch) \n- iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up() (Zheyu Ma) \n- iio: accel: mma8452: ignore the return value of reset operation (Haibo Chen) \n- iio:accel:mxc4005: rearrange iio trigger get and register (Dmitry Rokosov) \n- iio:accel:bma180: rearrange iio trigger get and register (Dmitry Rokosov) \n- iio:accel:kxcjk-1013: rearrange iio trigger get and register (Dmitry Rokosov) \n- iio:chemical:ccs811: rearrange iio trigger get and register (Dmitry Rokosov) \n- iio:humidity:hts221: rearrange iio trigger get and register (Dmitry Rokosov) \n- f2fs: attach inline_data after setting compression (Jaegeuk Kim) \n- btrfs: fix deadlock with fsync+fiemap+transaction commit (Josef Bacik) \n- btrfs: dont set lock_owner when locking extent buffer for reading (Zygo Blaxell) \n- dt-bindings: usb: ehci: Increase the number of PHYs (Geert Uytterhoeven) \n- dt-bindings: usb: ohci: Increase the number of PHYs (Geert Uytterhoeven) \n- usb: chipidea: udc: check request status before setting device address (Xu Yang) \n- USB: gadget: Fix double-free bug in raw_gadget driver (Alan Stern) \n- usb: gadget: Fix non-unique driver names in raw-gadget driver (Alan Stern) \n- xhci-pci: Allow host runtime PM as default for Intel Meteor Lake xHCI (Utkarsh Patel) \n- xhci-pci: Allow host runtime PM as default for Intel Raptor Lake xHCI (Tanveer Alam) \n- xhci: turn off port power in shutdown (Mathias Nyman) \n- usb: typec: wcove: Drop wrong dependency to INTEL_SOC_PMIC (Andy Shevchenko) \n- iio: adc: vf610: fix conversion mode sysfs node name (Baruch Siach) \n- iio: magnetometer: yas530: Fix memchr_inv() misuse (Linus Walleij) \n- iio: mma8452: fix probe fail when device tree compatible is used. (Haibo Chen) \n- s390/cpumf: Handle events cycles and instructions identical (Thomas Richter) \n- gpio: winbond: Fix error code in winbond_gpio_get() (Dan Carpenter) \n- nvme: move the Samsung X5 quirk entry to the core quirks (Christoph Hellwig) \n- nvme-pci: add NO APST quirk for Kioxia device (Enzo Matsumiya) \n- sock: redo the psock vs ULP protection check (Jakub Kicinski) \n- Revert net/tls: fix tls_sk_proto_close executed repeatedly (Jakub Kicinski) \n- virtio_net: fix xdp_rxq_info bug after suspend/resume (Stephan Gerhold) \n- igb: Make DMA faster when CPU is active on the PCIe link (Kai-Heng Feng) \n- regmap-irq: Fix offset/index mismatch in read_sub_irq_data() (Aidan MacDonald) \n- regmap-irq: Fix a bug in regmap_irq_enable() for type_in_mask chips (Aidan MacDonald) \n- ice: ethtool: advertise 1000M speeds properly (Anatolii Gerasymenko) \n- afs: Fix dynamic root getattr (David Howells) \n- MIPS: Remove repetitive increase irq_err_count (huhai) \n- x86/xen: Remove undefined behavior in setup_features() (Julien Grall) \n- xen-blkfront: Handle NULL gendisk (Jason Andryuk) \n- selftests: netfilter: correct PKTGEN_SCRIPT_PATHS in nft_concat_range.sh (Jie2x Zhou) \n- udmabuf: add back sanity check (Gerd Hoffmann) \n- net/tls: fix tls_sk_proto_close executed repeatedly (Ziyang Xuan) \n- erspan: do not assume transport header is always set (Eric Dumazet) \n- perf arm-spe: Dont set data source if its not a memory operation (Leo Yan) \n- drm/msm/dp: force link training for display resolution change (Kuogee Hsieh) \n- drm/msm/dp: do not initialize phy until plugin interrupt received (Kuogee Hsieh) \n- drm/msm/dp: dp_link_parse_sink_count() return immediately if aux read failed (Kuogee Hsieh) \n- drm/msm/dp: Drop now unused hpd_high member (Bjorn Andersson) \n- drm/msm/dp: check core_initialized before disable interrupts at dp_display_unbind() (Kuogee Hsieh) \n- drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf (Miaoqian Lin) \n- net/sched: sch_netem: Fix arithmetic in netem_dump() for 32-bit platforms (Peilin Ye) \n- ethtool: Fix get module eeprom fallback (Ivan Vecera) \n- bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers (Jay Vosburgh) \n- igb: fix a use-after-free issue in igb_clean_tx_ring (Lorenzo Bianconi) \n- tipc: fix use-after-free Read in tipc_named_reinit (Hoang Le) \n- net: fix data-race in dev_isalive() (Eric Dumazet) \n- net: Write lock dev_base_lock without disabling bottom halves. (Sebastian Andrzej Siewior) \n- KVM: arm64: Prevent kmemleak from accessing pKVM memory (Quentin Perret) \n- phy: aquantia: Fix AN when higher speeds than 1G are not advertised (Claudiu Manoil) \n- scsi: storvsc: Correct reporting of Hyper-V I/O size limits (Saurabh Sengar) \n- bpf, x86: Fix tail call count offset calculation on bpf2bpf call (Jakub Sitnicki) \n- drm/sun4i: Fix crash during suspend after component bind failure (Samuel Holland) \n- bpf: Fix request_sock leak in sk lookup helpers (Jon Maxwell) \n- drm/msm: use for_each_sgtable_sg to iterate over scatterlist (Jonathan Marek) \n- xsk: Fix generic transmit when completion queue reservation fails (Ciara Loftus) \n- scsi: iscsi: Exclude zero from the endpoint ID range (Sergey Gorenko) \n- drm/msm: Switch ordering of runpm put vs devfreq_idle (Rob Clark) \n- scsi: scsi_debug: Fix zone transition to full condition (Damien Le Moal) \n- netfilter: use get_random_u32 instead of prandom (Florian Westphal) \n- drm/msm: Fix double pm_runtime_disable() call (Maximilian Luz) \n- drm/msm: Ensure mmap offset is initialized (Rob Clark) \n- USB: serial: option: add Quectel RM500K module support (Macpaul Lin) \n- USB: serial: option: add Quectel EM05-G modem (Yonglin Tan) \n- USB: serial: option: add Telit LE910Cx 0x1250 composition (Carlo Lobrano) \n- USB: serial: pl2303: add support for more HXN (G) types (Johan Hovold) \n- drm/i915: Implement w/a 22010492432 for adl-s (Ville Syrjala) \n- tracing/kprobes: Check whether get_kretprobe() returns NULL in kretprobe_dispatcher() (Masami Hiramatsu (Google)) \n- dm mirror log: clear log bits up to BITS_PER_LONG boundary (Mikulas Patocka) \n- dm era: commit metadata in postsuspend after worker stops (Nikos Tsironis) \n- ata: libata: add qc->flags in ata_qc_complete_template tracepoint (Edward Wu) \n- mtd: rawnand: gpmi: Fix setting busy timeout setting (Sascha Hauer) \n- MAINTAINERS: Add new IOMMU development mailing list (Joerg Roedel) \n- xen/gntdev: Avoid blocking in unmap_grant_pages() (Demi Marie Obenour) \n- mmc: mediatek: wait dma stop bit reset to 0 (Mengqi Zhang) \n- mmc: sdhci-pci-o2micro: Fix card detect by dealing with debouncing (Chevron Li) \n- scsi: ibmvfc: Allocate/free queue resource only during probe/remove (Tyrel Datwyler) \n- scsi: ibmvfc: Store vhost pointer during subcrq allocation (Tyrel Datwyler) \n- btrfs: add error messages to all unrecognized mount options (David Sterba) \n- btrfs: prevent remounting to v1 space cache for subpage mount (Qu Wenruo) \n- btrfs: fix hang during unmount when block group reclaim task is running (Filipe Manana) \n- 9p: fix fid refcount leak in v9fs_vfs_get_link (Dominique Martinet) \n- 9p: fix fid refcount leak in v9fs_vfs_atomic_open_dotl (Dominique Martinet) \n- 9p: Fix refcounting during full path walks for fid lookups (Tyler Hicks) \n- net: openvswitch: fix parsing of nw_proto for IPv6 fragments (Rosemarie ORiorden) \n- ALSA: hda/realtek: Add quirk for Clevo NS50PU (Tim Crawford) \n- ALSA: hda/realtek: Add quirk for Clevo PD70PNT (Tim Crawford) \n- ALSA: hda/realtek: Apply fixup for Lenovo Yoga Duet 7 properly (Takashi Iwai) \n- ALSA: hda/realtek - ALC897 headset MIC no sound (Kailang Yang) \n- ALSA: hda/realtek: Add mute LED quirk for HP Omen laptop (Soham Sen) \n- ALSA: hda/conexant: Fix missing beep setup (Takashi Iwai) \n- ALSA: hda/via: Fix missing beep setup (Takashi Iwai) \n- random: quiet urandom warning ratelimit suppression message (Jason A. Donenfeld) \n- random: schedule mix_interrupt_randomness() less often (Jason A. Donenfeld) \n- LTS version: v5.15.50 (Jack Vogel) \n- arm64: mm: Dont invalidate FROM_DEVICE buffers at start of DMA transfer (Will Deacon) \n- serial: core: Initialize rs485 RTS polarity already on probe (Lukas Wunner) \n- selftests/bpf: Add selftest for calling global functions from freplace (Toke Hoiland-Jorgensen) \n- bpf: Fix calling global functions from BPF_PROG_TYPE_EXT programs (Toke Hoiland-Jorgensen) \n- usb: gadget: u_ether: fix regression in setting fixed MAC address (Marian Postevca) \n- zonefs: fix zonefs_iomap_begin() for reads (Damien Le Moal) \n- drm/amd/display: Dont reinitialize DMCUB on s0ix resume (Nicholas Kazlauskas) \n- s390/mm: use non-quiescing sske for KVM switch to keyed guest (Christian Borntraeger) \n- LTS version: v5.15.49 (Jack Vogel) \n- clk: imx8mp: fix usb_root_clk parent (Peng Fan) \n(Masahiro Yamada) \n- virtio-pci: Remove wrong address verification in vp_del_vqs() (Murilo Opsfelder Araujo) \n- ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine (Andy Chi) \n- KVM: arm64: Dont read a HW interrupt pending state in user context (Marc Zyngier) \n- ext4: add reserved GDT blocks check (Zhang Yi) \n- ext4: make variable count signed (Ding Xiang) \n- ext4: fix bug_on ext4_mb_use_inode_pa (Baokun Li) \n- ext4: fix super block checksum incorrect after mount (Ye Bin) \n- cfi: Fix __cfi_slowpath_diag RCU usage with cpuidle (Sami Tolvanen) \n- drm/amd/display: Cap OLED brightness per max frame-average luminance (Roman Li) \n- dm mirror log: round up region bitmap size to BITS_PER_LONG (Mikulas Patocka) \n- bus: fsl-mc-bus: fix KASAN use-after-free in fsl_mc_bus_remove() (Shinichiro Kawasaki) \n- serial: 8250: Store to lsr_save_flags after lsr read (Ilpo Jarvinen) \n- tty: n_gsm: Debug output allocation must use GFP_ATOMIC (Tony Lindgren) \n- usb: gadget: f_fs: change ep->ep safe in ffs_epfile_io() (Linyu Yuan) \n- usb: gadget: f_fs: change ep->status safe in ffs_epfile_io() (Linyu Yuan) \n- usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe (Miaoqian Lin) \n- usb: cdnsp: Fixed setting last_trb incorrectly (Jing Leng) \n- usb: dwc2: Fix memory leak in dwc2_hcd_init (Miaoqian Lin) \n- USB: serial: io_ti: add Agilent E5805A support (Robert Eckelmann) \n- USB: serial: option: add support for Cinterion MV31 with new baseline (Slark Xiao) \n- crypto: memneq - move into lib/ (Jason A. Donenfeld) \n- comedi: vmk80xx: fix expression for tx buffer size (Ian Abbott) \n- mei: me: add raptor lake point S DID (Alexander Usyskin) \n- mei: hbm: drop capability response on early shutdown (Alexander Usyskin) \n- i2c: designware: Use standard optional ref clock implementation (Serge Semin) \n- sched: Fix balance_push() vs __sched_setscheduler() (Peter Zijlstra) \n- irqchip/realtek-rtl: Fix refcount leak in map_interrupts (Miaoqian Lin) \n- irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions (Miaoqian Lin) \n- irqchip/gic-v3: Fix error handling in gic_populate_ppi_partitions (Miaoqian Lin) \n- irqchip/gic/realview: Fix refcount leak in realview_gic_of_init (Miaoqian Lin) \n- i2c: npcm7xx: Add check for platform_driver_register (Jiasheng Jiang) \n- faddr2line: Fix overlapping text section failures, the sequel (Josh Poimboeuf) \n- block: Fix handling of offline queues in blk_mq_alloc_request_hctx() (Bart Van Assche) \n- init: Initialize noop_backing_dev_info early (Jan Kara) \n- certs/blacklist_hashes.c: fix const confusion in certs blacklist (Masahiro Yamada) \n- arm64: ftrace: consistently handle PLTs. (Mark Rutland) \n- arm64: ftrace: fix branch range checks (Mark Rutland) \n- net: ax25: Fix deadlock caused by skb_recv_datagram in ax25_recvmsg (Duoming Zhou) \n- net: bgmac: Fix an erroneous kfree() in bgmac_remove() (Christophe JAILLET) \n- mlxsw: spectrum_cnt: Reorder counter pools (Petr Machata) \n- nvme: add device name to warning in uuid_show() (Thomas WeiBschuh) \n- rtc: ftrtc010: Use platform_get_irq() to get the interrupt (Lad Prabhakar) \n- rtc: ftrtc010: Use platform_get_irq() to get the interrupt (Lad Prabhakar) \n- rtc: mt6397: check return value after calling platform_get_resource() (Yang Yingliang) \n- ARM: dts: aspeed: ast2600-evb: Enable RX delay for MAC0/MAC1 (Howard Chiu) \n- clocksource/drivers/riscv: Events are stopped during CPU suspend (Samuel Holland) \n- soc: rockchip: Fix refcount leak in rockchip_grf_init (Miaoqian Lin) \n- extcon: ptn5150: Add queue work sync before driver release (Li Jun) \n- ksmbd: fix reference count leak in smb_check_perm_dacl() (Xin Xiong) \n- coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier (Guilherme G. Piccoli) \n- soundwire: intel: prevent pm_runtime resume prior to system suspend (Pierre-Louis Bossart) \n- export: fix string handling of namespace in EXPORT_SYMBOL_NS (Greg Kroah-Hartman) \n- serial: sifive: Report actual baud base rather than fixed 115200 (Maciej W. Rozycki) \n- power: supply: axp288_fuel_gauge: Drop BIOS version check from T3 MRD DMI quirk (Hans de Goede) \n- phy: qcom-qmp: fix pipe-clock imbalance on power-on failure (Johan Hovold) \n- misc/pvpanic: Convert regular spinlock into trylock on panic path (Guilherme G. Piccoli) \n- pvpanic: Fix typos in the comments (Andy Shevchenko) \n- rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() fails (Krzysztof Kozlowski) \n- iio: adc: sc27xx: Fine tune the scale calibration values (Cixi Geng) \n- iio: adc: sc27xx: fix read big scale voltage not right (Cixi Geng) \n- iio: proximity: vl53l0x: Fix return value check of wait_for_completion_timeout (Miaoqian Lin) \n- iio: adc: stmpe-adc: Fix wait_for_completion_timeout return value check (Miaoqian Lin) \n- rpmsg: virtio: Fix the unregistration of the device rpmsg_ctrl (Arnaud Pouliquen) \n- rpmsg: virtio: Fix possible double free in rpmsg_virtio_add_ctrl_dev() (Hangyu Hua) \n- rpmsg: virtio: Fix possible double free in rpmsg_probe() (Hangyu Hua) \n- usb: typec: mux: Check dev_set_name() return value (Bjorn Andersson) \n- firmware: stratix10-svc: fix a missing check on list iterator (Xiaomeng Tong) \n- misc: fastrpc: fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- usb: dwc3: pci: Fix pm_runtime_get_sync() error checking (Zheng Yongjun) \n- usb: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback (Wesley Cheng) \n- rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski) \n- pwm: raspberrypi-poe: Fix endianness in firmware struct (Uwe Kleine-Konig) \n- pwm: lp3943: Fix duty calculation in case period was clamped (Uwe Kleine-Konig) \n- staging: fieldbus: Fix the error handling path in anybuss_host_common_probe() (Christophe JAILLET) \n- usb: musb: Fix missing of_node_put() in omap2430_probe (Miaoqian Lin) \n- USB: storage: karma: fix rio_karma_init return (Lin Ma) \n- usb: usbip: add missing device lock on tweak configuration cmd (Niels Dossche) \n- usb: usbip: fix a refcount leak in stub_probe() (Hangyu Hua) \n- remoteproc: imx_rproc: Ignore create mem entry for resource table (Peng Fan) \n- tty: serial: fsl_lpuart: fix potential bug when using both of_alias_get_id and ida_simple_get (Sherry Sun) \n- serial: 8250_aspeed_vuart: Fix potential NULL dereference in aspeed_vuart_probe (Miaoqian Lin) \n- tty: n_tty: Restore EOF push handling behavior (Daniel Gibson) \n- tty: serial: owl: Fix missing clk_disable_unprepare() in owl_uart_probe (Miaoqian Lin) \n- tty: goldfish: Use tty_port_destroy() to destroy port (Wang Weiyang) \n- lkdtm/bugs: Dont expect thread termination without CONFIG_UBSAN_TRAP (Christophe Leroy) \n- lkdtm/bugs: Check for the NULL pointer after calling kmalloc (Jiasheng Jiang) \n- iio: adc: ad7124: Remove shift from scan_type (Alexandru Tachici) \n- staging: greybus: codecs: fix type confusion of list iterator variable (Jakob Koschel) \n- pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards (Randy Dunlap) \n- LTS version: v5.15.46 (Jack Vogel) \n- block: fix bio_clone_blkg_association() to associate with proper blkcg_gq (Jan Kara) \n- pinctrl/rockchip: support setting input-enable param (Caleb Connolly) \n- md: bcache: check the return value of kzalloc() in detached_dev_do_request() (Jia-Ju Bai) \n- md: fix double free of io_acct_set bioset (Xiao Ni) \n- md: Dont set mddev private to NULL in raid0 pers->free (Xiao Ni) \n- fs/ntfs3: Fix invalid free in log_replay (Namjae Jeon) \n- exportfs: support idmapped mounts (Christian Brauner) \n- fs: add two trivial lookup helpers (Christian Brauner) \n- interconnect: qcom: icc-rpmh: Add BCMs to commit list in pre_aggregate (Mike Tipton) \n- interconnect: qcom: sc7180: Drop IP0 interconnects (Stephen Boyd) \n- ext4: only allow test_dummy_encryption when supported (Eric Biggers) \n- MIPS: IP30: Remove incorrect cpu_has_fpu override (Maciej W. Rozycki) \n- MIPS: IP27: Remove incorrect cpu_has_fpu override (Maciej W. Rozycki) \n- RDMA/rxe: Generate a completion for unsupported/invalid opcode (Xiao Yang) \n- RDMA/hns: Remove the num_cqc_timer variable (Yixing Liu) \n- staging: r8188eu: delete rtw_wx_read/write32() (Dan Carpenter) \n- Revert random: use static branch for crng_ready() (Jason A. Donenfeld) \n- list: test: Add a test for list_is_head() (David Gow) \n- kseltest/cgroup: Make test_stress.sh work if run interactively (Waiman Long) \n- net: ipa: fix page free in ipa_endpoint_replenish_one() (Alex Elder) \n- net: ipa: fix page free in ipa_endpoint_trans_release() (Alex Elder) \n- phy: qcom-qmp: fix reset-controller leak on probe errors (Johan Hovold) \n- coresight: core: Fix coresight device probe failure issue (Mao Jinlong) \n- blk-iolatency: Fix inflight count imbalances and IO hangs on offline (Tejun Heo) \n- vdpasim: allow to enable a vq repeatedly (Eugenio Perez) \n- dt-bindings: gpio: altera: correct interrupt-cells (Dinh Nguyen) \n- docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0 (Akira Yokosawa) \n- SMB3: EBADF/EIO errors in rename/open caused by race condition in smb2_compound_op (Steve French) \n- ARM: pxa: maybe fix gpio lookup tables (Arnd Bergmann) \n- ARM: dts: s5pv210: Remove spi-cs-high on panel in Aries (Jonathan Bakker) \n- phy: qcom-qmp: fix struct clk leak on probe errors (Johan Hovold) \n- clk: tegra: Add missing reset deassertion (Diogo Ivo) \n- arm64: tegra: Add missing DFLL reset on Tegra210 (Diogo Ivo) \n- arm64: dts: qcom: ipq8074: fix the sleep clock frequency (Kathiravan T) \n- gma500: fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- serial: pch: dont overwrite xmit->buf[0] by x_char (Jiri Slaby) \n- bcache: avoid journal no-space deadlock by reserving 1 journal bucket (Coly Li) \n- bcache: remove incremental dirty sector counting for bch_sectors_dirty_init() (Coly Li) \n- bcache: improve multithreaded bch_sectors_dirty_init() (Coly Li) \n- bcache: improve multithreaded bch_btree_check() (Coly Li) \n- stm: ltdc: fix two incorrect NULL checks on list iterator (Xiaomeng Tong) \n- carl9170: tx: fix an incorrect use of list iterator (Xiaomeng Tong) \n- ASoC: rt5514: Fix event generation for DSP Voice Wake Up control (Mark Brown) \n- rtl818x: Prevent using not initialized queues (Alexander Wetzel) \n- xtensa/simdisk: fix proc_read_simdisk() (Yi Yang) \n- mm/memremap: fix missing call to untrack_pfn() in pagemap_range() (Miaohe Lin) \n- hugetlb: fix huge_pmd_unshare address update (Mike Kravetz) \n- nodemask.h: fix compilation error with GCC12 (Christophe de Dinechin) \n- mm/page_alloc: always attempt to allocate at least one page during bulk allocation (Mel Gorman) \n- Revert mm/cma.c: remove redundant cma_mutex lock (Dong Aisheng) \n- iommu/dma: Fix iova map result check bug (Yunfei Wang) \n- iommu/msm: Fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- ksmbd: fix outstanding credits related bugs (Hyunchul Lee) \n- ftrace: Clean up hash direct_functions on register failures (Song Liu) \n- kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add] (Naveen N. Rao) \n- um: Fix out-of-bounds read in LDT setup (Vincent Whitchurch) \n- um: chan_user: Fix winch_tramp() return value (Johannes Berg) \n- um: Use asm-generic/dma-mapping.h (Johannes Berg) \n- mac80211: upgrade passive scan to active scan on DFS channels after beacon rx (Felix Fietkau) \n- cfg80211: declare MODULE_FIRMWARE for regulatory.db (Dimitri John Ledkov) \n- thermal: devfreq_cooling: use local ops instead of global ops (Kant Fan) \n- irqchip: irq-xtensa-mx: fix initial IRQ affinity (Max Filippov) \n- irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375, A38x, A39x (Pali Rohar) \n- csky: patch_text: Fixup last cpu should be master (Guo Ren) \n- mmc: core: Allows to override the timeout value for ioctl() path (Bean Huo) \n- RDMA/hfi1: Fix potential integer multiplication overflow errors (Dennis Dalessandro) \n- Kconfig: Add option for asm goto w/ tied outputs to workaround clang-13 bug (Sean Christopherson) \n- ima: remove the IMA_TEMPLATE Kconfig option (GUO Zihua) \n- media: coda: Add more H264 levels for CODA960 (Nicolas Dufresne) \n- media: coda: Fix reported H264 profile (Nicolas Dufresne) \n- mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N (Tokunori Ikegami) \n- mtd: cfi_cmdset_0002: Move and rename chip_check/chip_ready/chip_good_for_write (Tokunori Ikegami) \n- md: fix an incorrect NULL check in md_reload_sb (Xiaomeng Tong) \n- md: fix an incorrect NULL check in does_sb_need_changing (Xiaomeng Tong) \n- drm/i915/dsi: fix VBT send packet port selection for ICL+ (Jani Nikula) \n- drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX (Brian Norris) \n- drm/nouveau/kms/nv50-: atom: fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- drm/nouveau/clk: Fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- drm/etnaviv: check for reaped mapping in etnaviv_iommu_unmap_gem (Lucas Stach) \n- drm/nouveau/subdev/bus: Ratelimit logging for fault errors (Lyude Paul) \n- drm/amdgpu/cs: make commands with 0 chunks illegal behaviour. (Dave Airlie) \n- landlock: Fix same-layer rule unions (Mickael Salaun) \n- landlock: Create find_rule() from unmask_layers() (Mickael Salaun) \n- landlock: Reduce the maximum number of layers to 16 (Mickael Salaun) \n- landlock: Define access_mask_t to enforce a consistent access mask size (Mickael Salaun) \n- selftests/landlock: Test landlock_create_ruleset(2) argument check ordering (Mickael Salaun) \n- landlock: Change landlock_restrict_self(2) check ordering (Mickael Salaun) \n- landlock: Change landlock_add_rule(2) argument check ordering (Mickael Salaun) \n- selftests/landlock: Add tests for O_PATH (Mickael Salaun) \n- selftests/landlock: Fully test file rename with remove access (Mickael Salaun) \n- selftests/landlock: Extend access right tests to directories (Mickael Salaun) \n- selftests/landlock: Add tests for unknown access rights (Mickael Salaun) \n- selftests/landlock: Extend tests for minimal valid attribute size (Mickael Salaun) \n- selftests/landlock: Make tests build with old libc (Mickael Salaun) \n- landlock: Fix landlock_add_rule(2) documentation (Mickael Salaun) \n- samples/landlock: Format with clang-format (Mickael Salaun) \n- samples/landlock: Add clang-format exceptions (Mickael Salaun) \n- selftests/landlock: Format with clang-format (Mickael Salaun) \n- selftests/landlock: Normalize array assignment (Mickael Salaun) \n- selftests/landlock: Add clang-format exceptions (Mickael Salaun) \n- landlock: Format with clang-format (Mickael Salaun) \n- landlock: Add clang-format exceptions (Mickael Salaun) \n- scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled (Manivannan Sadhasivam) \n- scsi: dc395x: Fix a missing check on list iterator (Xiaomeng Tong) \n- dlm: fix missing lkb refcount handling (Alexander Aring) \n- dlm: uninitialized variable on error in dlm_listen_for_all() (Dan Carpenter) \n- dlm: fix plock invalid read (Alexander Aring) \n- s390/stp: clock_delta should be signed (Sven Schnelle) \n- s390/perf: obtain sie_block from the right address (Nico Boehr) \n- mm, compaction: fast_find_migrateblock() should return pfn in the target zone (Rei Yamamoto) \n- staging: r8188eu: prevent ->Ssid overflow in rtw_wx_set_scan() (Denis Efremov) \n- PCI: qcom: Fix unbalanced PHY init on probe errors (Johan Hovold) \n- PCI: qcom: Fix runtime PM imbalance on probe errors (Johan Hovold) \n- PCI/PM: Fix bridge_d3_blacklist[] Elo i2 overwrite of Gigabyte X299 (Bjorn Helgaas) \n- drm/amdgpu: add beige goby PCI ID (Alex Deucher) \n- tracing: Initialize integer variable to prevent garbage return value (Gautam Menghani) \n- tracing: Fix potential double free in create_var_ref() (Keita Suzuki) \n- tty: goldfish: Introduce gf_ioread32()/gf_iowrite32() (Laurent Vivier) \n- ACPI: property: Release subnode properties with data nodes (Sakari Ailus) \n- ext4: avoid cycles in directory h-tree (Jan Kara) \n- ext4: verify dir block before splitting it (Jan Kara) \n- ext4: fix bug_on in __es_tree_search (Baokun Li) \n- ext4: filter out EXT4_FC_REPLAY from on-disk superblock field s_state (Theodore Tso) \n- ext4: fix bug_on in ext4_writepages (Ye Bin) \n- ext4: fix warning in ext4_handle_inode_extension (Ye Bin) \n- ext4: fix race condition between ext4_write and ext4_convert_inline_data (Baokun Li) \n- ext4: fix use-after-free in ext4_rename_dir_prepare (Ye Bin) \n- ext4: mark group as trimmed only if it was fully scanned (Dmitry Monakhov) \n- bfq: Make sure bfqg for which we are queueing requests is online (Jan Kara) \n- bfq: Get rid of __bio_blkcg() usage (Jan Kara) \n- bfq: Track whether bfq_group is still online (Jan Kara) \n- bfq: Remove pointless bfq_init_rq() calls (Jan Kara) \n- bfq: Drop pointless unlock-lock pair (Jan Kara) \n- bfq: Update cgroup information before merging bio (Jan Kara) \n- bfq: Split shared queues on move between cgroups (Jan Kara) \n- bfq: Avoid merging queues with different parents (Jan Kara) \n- bfq: Avoid false marking of bic as stably merged (Jan Kara) \n- efi: Do not import certificates from UEFI Secure Boot for T2 Macs (Aditya Garg) \n- fs-writeback: writeback_sb_inodes:Recalculate wrote according skipped pages (Zhihao Cheng) \n- iwlwifi: mvm: fix assert 1F04 upon reconfig (Emmanuel Grumbach) \n- wifi: mac80211: fix use-after-free in chanctx code (Johannes Berg) \n- objtool: Fix symbol creation (Peter Zijlstra) \n- objtool: Fix objtool regression on x32 systems (Mikulas Patocka) \n- f2fs: fix to do sanity check for inline inode (Chao Yu) \n- f2fs: fix fallocate to use file_modified to update permissions consistently (Chao Yu) \n- f2fs: dont use casefolded comparison for . and .. (Eric Biggers) \n- f2fs: fix to do sanity check on total_data_blocks (Chao Yu) \n- f2fs: dont need inode lock for system hidden quota (Jaegeuk Kim) \n- f2fs: fix deadloop in foreground GC (Chao Yu) \n- f2fs: fix to clear dirty inode in f2fs_evict_inode() (Chao Yu) \n- f2fs: fix to do sanity check on block address in f2fs_do_zero_range() (Chao Yu) \n- f2fs: fix to avoid f2fs_bug_on() in dec_valid_node_count() (Chao Yu) \n- NFSv4.1 mark qualified async operations as MOVEABLE tasks (Olga Kornievskaia) \n- NFS: Convert GFP_NOFS to GFP_KERNEL (Trond Myklebust) \n- NFS: Create a new nfs_alloc_fattr_with_label() function (Anna Schumaker) \n- NFS: Always initialise fattr->label in nfs_fattr_alloc() (Trond Myklebust) \n- video: fbdev: vesafb: Fix a use-after-free due early fb_info cleanup (Javier Martinez Canillas) \n- perf jevents: Fix event syntax error caused by ExtSel (Zhengjun Xing) \n- perf c2c: Use stdio interface if slang is not supported (Leo Yan) \n- perf build: Fix btf__load_from_kernel_by_id() feature check (Jiri Olsa) \n- i2c: rcar: fix PM ref counts in probe error paths (Kuninori Morimoto) \n- i2c: npcm: Handle spurious interrupts (Tali Perry) \n- i2c: npcm: Correct register access width (Tyrone Ting) \n- i2c: npcm: Fix timeout calculation (Tali Perry) \n- iommu/amd: Increase timeout waiting for GA log enablement (Joerg Roedel) \n- dmaengine: stm32-mdma: fix chan initialization in stm32_mdma_irq_handler() (Amelie Delaunay) \n- dmaengine: stm32-mdma: remove GISR1 register (Amelie Delaunay) \n- video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup (Miaoqian Lin) \n- NFS: Further fixes to the writeback error handling (Trond Myklebust) \n- NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS layout (Trond Myklebust) \n- NFS: Dont report errors from nfs_pageio_complete() more than once (Trond Myklebust) \n- NFS: Do not report flush errors in nfs_write_end() (Trond Myklebust) \n- NFS: Dont report ENOSPC write errors twice (Trond Myklebust) \n- NFS: fsync() should report filesystem errors over EINTR/ERESTARTSYS (Trond Myklebust) \n- NFS: Do not report EINTR/ERESTARTSYS as mapping errors (Trond Myklebust) \n- dmaengine: idxd: Fix the error handling path in idxd_cdev_register() (Christophe JAILLET) \n- i2c: at91: Initialize dma_buf in at91_twi_xfer() (Nathan Chancellor) \n- iommu/mediatek: Fix NULL pointer dereference when printing dev_name (Miles Chen) \n- MIPS: Loongson: Use hwmon_device_register_with_groups() to register hwmon (Guenter Roeck) \n- iommu/arm-smmu-v3-sva: Fix mm use-after-free (Jean-Philippe Brucker) \n- cpufreq: mediatek: Unregister platform device on exit (Rex-BC Chen) \n- cpufreq: mediatek: Use module_init and add module_exit (Jia-Wei Chang) \n- i2c: at91: use dma safe buffers (Michael Walle) \n- iommu/mediatek: Add mutex for m4u_group and m4u_dom in data (Yong Wu) \n- iommu/mediatek: Remove clk_disable in mtk_iommu_remove (Yong Wu) \n- iommu/mediatek: Add list_del in mtk_iommu_remove (Yong Wu) \n- iommu/mediatek: Fix 2 HW sharing pgtable issue (Yong Wu) \n- iommu/amd: Enable swiotlb in all cases (Mario Limonciello) \n- f2fs: fix dereference of stale list iterator after loop body (Jakob Koschel) \n- f2fs: fix to do sanity check on inline_dots inode (Chao Yu) \n- f2fs: support fault injection for dquot_initialize() (Chao Yu) \n- OPP: call of_node_put() on error path in _bandwidth_supported() (Dan Carpenter) \n- Input: stmfts - do not leave device disabled in stmfts_input_open (Dmitry Torokhov) \n- KVM: LAPIC: Drop pending LAPIC timer injection when canceling the timer (Wanpeng Li) \n- RDMA/hfi1: Prevent use of lock before it is initialized (Douglas Miller) \n- mailbox: forward the hrtimer if not queued and under a lock (Bjorn Ardo) \n- nfsd: destroy percpu stats counters after reply cache shutdown (Julian Schroeder) \n- mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe() (Yang Yingliang) \n- powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup (Miaoqian Lin) \n- powerpc/xive: Fix refcount leak in xive_spapr_init (Miaoqian Lin) \n- powerpc/xive: Add some error handling code to xive_spapr_init() (Christophe JAILLET) \n- macintosh: via-pmu and via-cuda need RTC_LIB (Randy Dunlap) \n- powerpc/perf: Fix the threshold compare group constraint for power9 (Kajol Jain) \n- powerpc/perf: Fix the threshold compare group constraint for power10 (Kajol Jain) \n- powerpc/64: Only WARN if __pa()/__va() called with bad addresses (Michael Ellerman) \n- hwrng: omap3-rom - fix using wrong clk_disable() in omap_rom_rng_runtime_resume() (Yang Yingliang) \n- PCI: microchip: Fix potential race in interrupt handling (Daire McNamara) \n- PCI/AER: Clear MULTI_ERR_COR/UNCOR_RCV bits (Kuppuswamy Sathyanarayanan) \n- Input: sparcspkr - fix refcount leak in bbc_beep_probe (Miaoqian Lin) \n- hugetlbfs: fix hugetlbfs_statfs() locking (Mina Almasry) \n- ARM: dts: at91: sama7g5: remove interrupt-parent from gic node (Eugen Hristev) \n- crypto: cryptd - Protect per-CPU resource by disabling BH. (Sebastian Andrzej Siewior) ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-21T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel-container security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21385", "CVE-2022-21546", "CVE-2022-2585", "CVE-2022-2586", "CVE-2022-2588", "CVE-2022-34918"], "modified": "2022-09-21T00:00:00", "id": "ELSA-2022-9830", "href": "http://linux.oracle.com/errata/ELSA-2022-9830.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-09-21T22:44:04", "description": "[5.15.0-2.52.3]\n- posix-cpu-timers: Cleanup CPU timers before freeing them during exec (Thadeu Lima de Souza Cascardo) [Orabug: 34495548] {CVE-2022-2585}\n- fix race between exit_itimers() and /proc/pid/timers (Oleg Nesterov) [Orabug: 34495548] \n- rds: ib: Add preemption control when using per-cpu variables (Hakon Bugge) [Orabug: 34505120] \n- ocfs2: fix handle refcount leak in two exception handling paths (Chenyuan Mi) [Orabug: 34436530] \n- netfilter: nf_tables: do not allow RULE_ID to refer to another chain (Thadeu Lima de Souza Cascardo) [Orabug: 34495566] {CVE-2022-2586}\n- netfilter: nf_tables: do not allow CHAIN_ID to refer to another table (Thadeu Lima de Souza Cascardo) [Orabug: 34495566] {CVE-2022-2586}\n- netfilter: nf_tables: do not allow SET_ID to refer to another table (Thadeu Lima de Souza Cascardo) [Orabug: 34495566] {CVE-2022-2586}\n- rds: copy_from_user only once per rds_sendmsg system call (Hans Westgaard Ry) [Orabug: 34510687] {CVE-2022-21385}\n- kernfs: Replace global kernfs_open_file_mutex with hashed mutexes. (Imran Khan) [Orabug: 34476940] \n- kernfs: Introduce interface to access global kernfs_open_file_mutex. (Imran Khan) [Orabug: 34476940] \n- kernfs: make ->attr.open RCU protected. (Imran Khan) [Orabug: 34476940] \n- kernfs: Rename kernfs_put_open_node to kernfs_unlink_open_file. (Imran Khan) [Orabug: 34476940] \n- kernfs: Remove reference counting for kernfs_open_node. (Imran Khan) [Orabug: 34476940] \n- Revert net/rds: Connect TCP backends deterministically (Gerd Rausch) [Orabug: 34476561] \n- rds/ib: handle posted ACK during connection shutdown (Rohit Nair) [Orabug: 34465808] \n- rds/ib: reap tx completions during connection shutdown (Rohit Nair) [Orabug: 34465808] \n- uek-rpm: Set CONFIG_VSOCKETS=m and CONFIG_VSOCKETS_DIAG=m (Victor Erminpour) [Orabug: 34461322] \n- scsi: target: Fix WRITE_SAME No Data Buffer crash (Mike Christie) [Orabug: 34419970] {CVE-2022-21546}\n- rds/rdma: destroy CQs during user initiated rds connection resets (Rohit Nair) [Orabug: 34414238]\n[5.15.0-2.52.2]\n- PCI: pciehp: Add quirk to handle spurious DLLSC on a x4x4 SSD (Thomas Tai) [Orabug: 34358322] \n- net/mlx5: E-Switch, change VFs default admin state to auto in switchdev (Maor Dickman) [Orabug: 34477072] \n- xen/manage: Use orderly_reboot() to reboot (Ross Lagerwall) [Orabug: 34480751] \n- net_sched: cls_route: remove from list when handle is 0 (Thadeu Lima de Souza Cascardo) [Orabug: 34484536] {CVE-2022-2588}\n[5.15.0-2.52.1]\n- LTS version: v5.15.52 (Jack Vogel) \n- io_uring: fix not locked access to fixed buf table (Pavel Begunkov) \n- net: mscc: ocelot: allow unregistered IP multicast flooding to CPU (Vladimir Oltean) \n- rtw88: rtw8821c: enable rfe 6 devices (Ping-Ke Shih) \n- rtw88: 8821c: support RFE type4 wifi NIC (Guo-Feng Fan) \n- fs: account for group membership (Christian Brauner) \n- fs: fix acl translation (Christian Brauner) \n- fs: support mapped mounts of mapped filesystems (Christian Brauner) \n- fs: add i_user_ns() helper (Christian Brauner) \n- fs: port higher-level mapping helpers (Christian Brauner) \n- fs: remove unused low-level mapping helpers (Christian Brauner) \n- fs: use low-level mapping helpers (Christian Brauner) \n- docs: update mapping documentation (Christian Brauner) \n- fs: account for filesystem mappings (Christian Brauner) \n- fs: tweak fsuidgid_has_mapping() (Christian Brauner) \n- fs: move mapping helpers (Christian Brauner) \n- fs: add is_idmapped_mnt() helper (Christian Brauner) \n- powerpc/ftrace: Remove ftrace init tramp once kernel init is complete (Naveen N. Rao) \n- xfs: Fix the free logic of state in xfs_attr_node_hasname (Yang Xu) \n- xfs: use kmem_cache_free() for kmem_cache objects (Rustam Kovhaev) \n- bcache: memset on stack variables in bch_btree_check() and bch_sectors_dirty_init() (Coly Li) \n- tick/nohz: unexport __init-annotated tick_nohz_full_setup() (Masahiro Yamada) \n- LTS version: v5.15.51 (Jack Vogel) \n- powerpc/pseries: wire up rng during setup_arch() (Jason A. Donenfeld) \n- kbuild: link vmlinux only once for CONFIG_TRIM_UNUSED_KSYMS (2nd attempt) (Masahiro Yamada) \n- dma-direct: use the correct size for dma_set_encrypted() (Dexuan Cui) \n- perf build-id: Fix caching files with a wrong build ID (Adrian Hunter) \n- random: update comment from copy_to_user() -> copy_to_iter() (Jason A. Donenfeld) \n- ARM: dts: bcm2711-rpi-400: Fix GPIO line names (Stefan Wahren) \n- modpost: fix section mismatch check for exported init/exit sections (Masahiro Yamada) \n- ARM: cns3xxx: Fix refcount leak in cns3xxx_init (Miaoqian Lin) \n- memory: samsung: exynos5422-dmc: Fix refcount leak in of_get_dram_timings (Miaoqian Lin) \n- ARM: Fix refcount leak in axxia_boot_secondary (Miaoqian Lin) \n- soc: bcm: brcmstb: pm: pm-arm: Fix refcount leak in brcmstb_pm_probe (Miaoqian Lin) \n- ARM: exynos: Fix refcount leak in exynos_map_pmu (Miaoqian Lin) \n- arm64: dts: ti: k3-am64-main: Remove support for HS400 speed mode (Aswath Govindraju) \n- ARM: dts: imx6qdl: correct PU regulator ramp delay (Lucas Stach) \n- ARM: dts: imx7: Move hsic_phy power domain to HSIC PHY node (Alexander Stein) \n- drm/msm/dp: Always clear mask bits to disable interrupts at dp_ctrl_reset_irq_ctrl() (Kuogee Hsieh) \n- powerpc/powernv: wire up rng during setup_arch (Jason A. Donenfeld) \n- powerpc/rtas: Allow ibm,platform-dump RTAS call with null buffer address (Andrew Donnellan) \n- powerpc: Enable execve syscall exit tracepoint (Naveen N. Rao) \n- powerpc/microwatt: wire up rng during setup_arch() (Jason A. Donenfeld) \n- parisc: Enable ARCH_HAS_STRICT_MODULE_RWX (Helge Deller) \n- parisc/stifb: Fix fb_is_primary_device() only available with CONFIG_FB_STI (Helge Deller) \n- xtensa: Fix refcount leak bug in time.c (Liang He) \n- xtensa: xtfpga: Fix refcount leak bug in setup (Liang He) \n- iio: adc: ti-ads131e08: add missing fwnode_handle_put() in ads131e08_alloc_channels() (Jialin Zhang) \n- iio: adc: adi-axi-adc: Fix refcount leak in adi_axi_adc_attach_client (Miaoqian Lin) \n- iio: adc: rzg2l_adc: add missing fwnode_handle_put() in rzg2l_adc_parse_properties() (Jialin Zhang) \n- iio: adc: axp288: Override TS pin bias current for some models (Hans de Goede) \n- iio: adc: stm32: Fix IRQs on STM32F4 by removing custom spurious IRQs message (Yannick Brosseau) \n- iio: adc: stm32: Fix ADCs iteration in irq handler (Yannick Brosseau) \n- iio: afe: rescale: Fix boolean logic bug (Linus Walleij) \n- iio: imu: inv_icm42600: Fix broken icm42600 (chip id 0 value) (Jean-Baptiste Maneyrol) \n- iio: adc: stm32: fix maximum clock rate for stm32mp15x (Olivier Moysan) \n- iio: trigger: sysfs: fix use-after-free on remove (Vincent Whitchurch) \n- iio: gyro: mpu3050: Fix the error handling in mpu3050_power_up() (Zheyu Ma) \n- iio: accel: mma8452: ignore the return value of reset operation (Haibo Chen) \n- iio:accel:mxc4005: rearrange iio trigger get and register (Dmitry Rokosov) \n- iio:accel:bma180: rearrange iio trigger get and register (Dmitry Rokosov) \n- iio:accel:kxcjk-1013: rearrange iio trigger get and register (Dmitry Rokosov) \n- iio:chemical:ccs811: rearrange iio trigger get and register (Dmitry Rokosov) \n- iio:humidity:hts221: rearrange iio trigger get and register (Dmitry Rokosov) \n- f2fs: attach inline_data after setting compression (Jaegeuk Kim) \n- btrfs: fix deadlock with fsync+fiemap+transaction commit (Josef Bacik) \n- btrfs: dont set lock_owner when locking extent buffer for reading (Zygo Blaxell) \n- dt-bindings: usb: ehci: Increase the number of PHYs (Geert Uytterhoeven) \n- dt-bindings: usb: ohci: Increase the number of PHYs (Geert Uytterhoeven) \n- usb: chipidea: udc: check request status before setting device address (Xu Yang) \n- USB: gadget: Fix double-free bug in raw_gadget driver (Alan Stern) \n- usb: gadget: Fix non-unique driver names in raw-gadget driver (Alan Stern) \n- xhci-pci: Allow host runtime PM as default for Intel Meteor Lake xHCI (Utkarsh Patel) \n- xhci-pci: Allow host runtime PM as default for Intel Raptor Lake xHCI (Tanveer Alam) \n- xhci: turn off port power in shutdown (Mathias Nyman) \n- usb: typec: wcove: Drop wrong dependency to INTEL_SOC_PMIC (Andy Shevchenko) \n- iio: adc: vf610: fix conversion mode sysfs node name (Baruch Siach) \n- iio: magnetometer: yas530: Fix memchr_inv() misuse (Linus Walleij) \n- iio: mma8452: fix probe fail when device tree compatible is used. (Haibo Chen) \n- s390/cpumf: Handle events cycles and instructions identical (Thomas Richter) \n- gpio: winbond: Fix error code in winbond_gpio_get() (Dan Carpenter) \n- nvme: move the Samsung X5 quirk entry to the core quirks (Christoph Hellwig) \n- nvme-pci: add NO APST quirk for Kioxia device (Enzo Matsumiya) \n- sock: redo the psock vs ULP protection check (Jakub Kicinski) \n- Revert net/tls: fix tls_sk_proto_close executed repeatedly (Jakub Kicinski) \n- virtio_net: fix xdp_rxq_info bug after suspend/resume (Stephan Gerhold) \n- igb: Make DMA faster when CPU is active on the PCIe link (Kai-Heng Feng) \n- regmap-irq: Fix offset/index mismatch in read_sub_irq_data() (Aidan MacDonald) \n- regmap-irq: Fix a bug in regmap_irq_enable() for type_in_mask chips (Aidan MacDonald) \n- ice: ethtool: advertise 1000M speeds properly (Anatolii Gerasymenko) \n- afs: Fix dynamic root getattr (David Howells) \n- MIPS: Remove repetitive increase irq_err_count (huhai) \n- x86/xen: Remove undefined behavior in setup_features() (Julien Grall) \n- xen-blkfront: Handle NULL gendisk (Jason Andryuk) \n- selftests: netfilter: correct PKTGEN_SCRIPT_PATHS in nft_concat_range.sh (Jie2x Zhou) \n- udmabuf: add back sanity check (Gerd Hoffmann) \n- net/tls: fix tls_sk_proto_close executed repeatedly (Ziyang Xuan) \n- erspan: do not assume transport header is always set (Eric Dumazet) \n- perf arm-spe: Dont set data source if its not a memory operation (Leo Yan) \n- drm/msm/dp: force link training for display resolution change (Kuogee Hsieh) \n- drm/msm/dp: do not initialize phy until plugin interrupt received (Kuogee Hsieh) \n- drm/msm/dp: dp_link_parse_sink_count() return immediately if aux read failed (Kuogee Hsieh) \n- drm/msm/dp: Drop now unused hpd_high member (Bjorn Andersson) \n- drm/msm/dp: check core_initialized before disable interrupts at dp_display_unbind() (Kuogee Hsieh) \n- drm/msm/mdp4: Fix refcount leak in mdp4_modeset_init_intf (Miaoqian Lin) \n- net/sched: sch_netem: Fix arithmetic in netem_dump() for 32-bit platforms (Peilin Ye) \n- ethtool: Fix get module eeprom fallback (Ivan Vecera) \n- bonding: ARP monitor spams NETDEV_NOTIFY_PEERS notifiers (Jay Vosburgh) \n- igb: fix a use-after-free issue in igb_clean_tx_ring (Lorenzo Bianconi) \n- tipc: fix use-after-free Read in tipc_named_reinit (Hoang Le) \n- net: fix data-race in dev_isalive() (Eric Dumazet) \n- net: Write lock dev_base_lock without disabling bottom halves. (Sebastian Andrzej Siewior) \n- KVM: arm64: Prevent kmemleak from accessing pKVM memory (Quentin Perret) \n- phy: aquantia: Fix AN when higher speeds than 1G are not advertised (Claudiu Manoil) \n- scsi: storvsc: Correct reporting of Hyper-V I/O size limits (Saurabh Sengar) \n- bpf, x86: Fix tail call count offset calculation on bpf2bpf call (Jakub Sitnicki) \n- drm/sun4i: Fix crash during suspend after component bind failure (Samuel Holland) \n- bpf: Fix request_sock leak in sk lookup helpers (Jon Maxwell) \n- drm/msm: use for_each_sgtable_sg to iterate over scatterlist (Jonathan Marek) \n- xsk: Fix generic transmit when completion queue reservation fails (Ciara Loftus) \n- scsi: iscsi: Exclude zero from the endpoint ID range (Sergey Gorenko) \n- drm/msm: Switch ordering of runpm put vs devfreq_idle (Rob Clark) \n- scsi: scsi_debug: Fix zone transition to full condition (Damien Le Moal) \n- netfilter: use get_random_u32 instead of prandom (Florian Westphal) \n- drm/msm: Fix double pm_runtime_disable() call (Maximilian Luz) \n- drm/msm: Ensure mmap offset is initialized (Rob Clark) \n- USB: serial: option: add Quectel RM500K module support (Macpaul Lin) \n- USB: serial: option: add Quectel EM05-G modem (Yonglin Tan) \n- USB: serial: option: add Telit LE910Cx 0x1250 composition (Carlo Lobrano) \n- USB: serial: pl2303: add support for more HXN (G) types (Johan Hovold) \n- drm/i915: Implement w/a 22010492432 for adl-s (Ville Syrjala) \n- tracing/kprobes: Check whether get_kretprobe() returns NULL in kretprobe_dispatcher() (Masami Hiramatsu (Google)) \n- dm mirror log: clear log bits up to BITS_PER_LONG boundary (Mikulas Patocka) \n- dm era: commit metadata in postsuspend after worker stops (Nikos Tsironis) \n- ata: libata: add qc->flags in ata_qc_complete_template tracepoint (Edward Wu) \n- mtd: rawnand: gpmi: Fix setting busy timeout setting (Sascha Hauer) \n- MAINTAINERS: Add new IOMMU development mailing list (Joerg Roedel) \n- xen/gntdev: Avoid blocking in unmap_grant_pages() (Demi Marie Obenour) \n- mmc: mediatek: wait dma stop bit reset to 0 (Mengqi Zhang) \n- mmc: sdhci-pci-o2micro: Fix card detect by dealing with debouncing (Chevron Li) \n- scsi: ibmvfc: Allocate/free queue resource only during probe/remove (Tyrel Datwyler) \n- scsi: ibmvfc: Store vhost pointer during subcrq allocation (Tyrel Datwyler) \n- btrfs: add error messages to all unrecognized mount options (David Sterba) \n- btrfs: prevent remounting to v1 space cache for subpage mount (Qu Wenruo) \n- btrfs: fix hang during unmount when block group reclaim task is running (Filipe Manana) \n- 9p: fix fid refcount leak in v9fs_vfs_get_link (Dominique Martinet) \n- 9p: fix fid refcount leak in v9fs_vfs_atomic_open_dotl (Dominique Martinet) \n- 9p: Fix refcounting during full path walks for fid lookups (Tyler Hicks) \n- net: openvswitch: fix parsing of nw_proto for IPv6 fragments (Rosemarie ORiorden) \n- ALSA: hda/realtek: Add quirk for Clevo NS50PU (Tim Crawford) \n- ALSA: hda/realtek: Add quirk for Clevo PD70PNT (Tim Crawford) \n- ALSA: hda/realtek: Apply fixup for Lenovo Yoga Duet 7 properly (Takashi Iwai) \n- ALSA: hda/realtek - ALC897 headset MIC no sound (Kailang Yang) \n- ALSA: hda/realtek: Add mute LED quirk for HP Omen laptop (Soham Sen) \n- ALSA: hda/conexant: Fix missing beep setup (Takashi Iwai) \n- ALSA: hda/via: Fix missing beep setup (Takashi Iwai) \n- random: quiet urandom warning ratelimit suppression message (Jason A. Donenfeld) \n- random: schedule mix_interrupt_randomness() less often (Jason A. Donenfeld) \n- LTS version: v5.15.50 (Jack Vogel) \n- arm64: mm: Dont invalidate FROM_DEVICE buffers at start of DMA transfer (Will Deacon) \n- serial: core: Initialize rs485 RTS polarity already on probe (Lukas Wunner) \n- selftests/bpf: Add selftest for calling global functions from freplace (Toke Hoiland-Jorgensen) \n- bpf: Fix calling global functions from BPF_PROG_TYPE_EXT programs (Toke Hoiland-Jorgensen) \n- usb: gadget: u_ether: fix regression in setting fixed MAC address (Marian Postevca) \n- zonefs: fix zonefs_iomap_begin() for reads (Damien Le Moal) \n- drm/amd/display: Dont reinitialize DMCUB on s0ix resume (Nicholas Kazlauskas) \n- s390/mm: use non-quiescing sske for KVM switch to keyed guest (Christian Borntraeger) \n- LTS version: v5.15.49 (Jack Vogel) \n- clk: imx8mp: fix usb_root_clk parent (Peng Fan) \n(Masahiro Yamada) \n- virtio-pci: Remove wrong address verification in vp_del_vqs() (Murilo Opsfelder Araujo) \n- ALSA: hda/realtek: fix right sounds and mute/micmute LEDs for HP machine (Andy Chi) \n- KVM: arm64: Dont read a HW interrupt pending state in user context (Marc Zyngier) \n- ext4: add reserved GDT blocks check (Zhang Yi) \n- ext4: make variable count signed (Ding Xiang) \n- ext4: fix bug_on ext4_mb_use_inode_pa (Baokun Li) \n- ext4: fix super block checksum incorrect after mount (Ye Bin) \n- cfi: Fix __cfi_slowpath_diag RCU usage with cpuidle (Sami Tolvanen) \n- drm/amd/display: Cap OLED brightness per max frame-average luminance (Roman Li) \n- dm mirror log: round up region bitmap size to BITS_PER_LONG (Mikulas Patocka) \n- bus: fsl-mc-bus: fix KASAN use-after-free in fsl_mc_bus_remove() (Shinichiro Kawasaki) \n- serial: 8250: Store to lsr_save_flags after lsr read (Ilpo Jarvinen) \n- tty: n_gsm: Debug output allocation must use GFP_ATOMIC (Tony Lindgren) \n- usb: gadget: f_fs: change ep->ep safe in ffs_epfile_io() (Linyu Yuan) \n- usb: gadget: f_fs: change ep->status safe in ffs_epfile_io() (Linyu Yuan) \n- usb: gadget: lpc32xx_udc: Fix refcount leak in lpc32xx_udc_probe (Miaoqian Lin) \n- usb: cdnsp: Fixed setting last_trb incorrectly (Jing Leng) \n- usb: dwc2: Fix memory leak in dwc2_hcd_init (Miaoqian Lin) \n- USB: serial: io_ti: add Agilent E5805A support (Robert Eckelmann) \n- USB: serial: option: add support for Cinterion MV31 with new baseline (Slark Xiao) \n- crypto: memneq - move into lib/ (Jason A. Donenfeld) \n- comedi: vmk80xx: fix expression for tx buffer size (Ian Abbott) \n- mei: me: add raptor lake point S DID (Alexander Usyskin) \n- mei: hbm: drop capability response on early shutdown (Alexander Usyskin) \n- i2c: designware: Use standard optional ref clock implementation (Serge Semin) \n- sched: Fix balance_push() vs __sched_setscheduler() (Peter Zijlstra) \n- irqchip/realtek-rtl: Fix refcount leak in map_interrupts (Miaoqian Lin) \n- irqchip/gic-v3: Fix refcount leak in gic_populate_ppi_partitions (Miaoqian Lin) \n- irqchip/gic-v3: Fix error handling in gic_populate_ppi_partitions (Miaoqian Lin) \n- irqchip/gic/realview: Fix refcount leak in realview_gic_of_init (Miaoqian Lin) \n- i2c: npcm7xx: Add check for platform_driver_register (Jiasheng Jiang) \n- faddr2line: Fix overlapping text section failures, the sequel (Josh Poimboeuf) \n- block: Fix handling of offline queues in blk_mq_alloc_request_hctx() (Bart Van Assche) \n- init: Initialize noop_backing_dev_info early (Jan Kara) \n- certs/blacklist_hashes.c: fix const confusion in certs blacklist (Masahiro Yamada) \n- arm64: ftrace: consistently handle PLTs. (Mark Rutland) \n- arm64: ftrace: fix branch range checks (Mark Rutland) \n- net: ax25: Fix deadlock caused by skb_recv_datagram in ax25_recvmsg (Duoming Zhou) \n- net: bgmac: Fix an erroneous kfree() in bgmac_remove() (Christophe JAILLET) \n- mlxsw: spectrum_cnt: Reorder counter pools (Petr Machata) \n- nvme: add device name to warning in uuid_show() (Thomas WeiBschuh) \n- rtc: ftrtc010: Use platform_get_irq() to get the interrupt (Lad Prabhakar) \n- rtc: ftrtc010: Use platform_get_irq() to get the interrupt (Lad Prabhakar) \n- rtc: mt6397: check return value after calling platform_get_resource() (Yang Yingliang) \n- ARM: dts: aspeed: ast2600-evb: Enable RX delay for MAC0/MAC1 (Howard Chiu) \n- clocksource/drivers/riscv: Events are stopped during CPU suspend (Samuel Holland) \n- soc: rockchip: Fix refcount leak in rockchip_grf_init (Miaoqian Lin) \n- extcon: ptn5150: Add queue work sync before driver release (Li Jun) \n- ksmbd: fix reference count leak in smb_check_perm_dacl() (Xin Xiong) \n- coresight: cpu-debug: Replace mutex with mutex_trylock on panic notifier (Guilherme G. Piccoli) \n- soundwire: intel: prevent pm_runtime resume prior to system suspend (Pierre-Louis Bossart) \n- export: fix string handling of namespace in EXPORT_SYMBOL_NS (Greg Kroah-Hartman) \n- serial: sifive: Report actual baud base rather than fixed 115200 (Maciej W. Rozycki) \n- power: supply: axp288_fuel_gauge: Drop BIOS version check from T3 MRD DMI quirk (Hans de Goede) \n- phy: qcom-qmp: fix pipe-clock imbalance on power-on failure (Johan Hovold) \n- misc/pvpanic: Convert regular spinlock into trylock on panic path (Guilherme G. Piccoli) \n- pvpanic: Fix typos in the comments (Andy Shevchenko) \n- rpmsg: qcom_smd: Fix returning 0 if irq_of_parse_and_map() fails (Krzysztof Kozlowski) \n- iio: adc: sc27xx: Fine tune the scale calibration values (Cixi Geng) \n- iio: adc: sc27xx: fix read big scale voltage not right (Cixi Geng) \n- iio: proximity: vl53l0x: Fix return value check of wait_for_completion_timeout (Miaoqian Lin) \n- iio: adc: stmpe-adc: Fix wait_for_completion_timeout return value check (Miaoqian Lin) \n- rpmsg: virtio: Fix the unregistration of the device rpmsg_ctrl (Arnaud Pouliquen) \n- rpmsg: virtio: Fix possible double free in rpmsg_virtio_add_ctrl_dev() (Hangyu Hua) \n- rpmsg: virtio: Fix possible double free in rpmsg_probe() (Hangyu Hua) \n- usb: typec: mux: Check dev_set_name() return value (Bjorn Andersson) \n- firmware: stratix10-svc: fix a missing check on list iterator (Xiaomeng Tong) \n- misc: fastrpc: fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- usb: dwc3: pci: Fix pm_runtime_get_sync() error checking (Zheng Yongjun) \n- usb: dwc3: gadget: Replace list_for_each_entry_safe() if using giveback (Wesley Cheng) \n- rpmsg: qcom_smd: Fix irq_of_parse_and_map() return value (Krzysztof Kozlowski) \n- pwm: raspberrypi-poe: Fix endianness in firmware struct (Uwe Kleine-Konig) \n- pwm: lp3943: Fix duty calculation in case period was clamped (Uwe Kleine-Konig) \n- staging: fieldbus: Fix the error handling path in anybuss_host_common_probe() (Christophe JAILLET) \n- usb: musb: Fix missing of_node_put() in omap2430_probe (Miaoqian Lin) \n- USB: storage: karma: fix rio_karma_init return (Lin Ma) \n- usb: usbip: add missing device lock on tweak configuration cmd (Niels Dossche) \n- usb: usbip: fix a refcount leak in stub_probe() (Hangyu Hua) \n- remoteproc: imx_rproc: Ignore create mem entry for resource table (Peng Fan) \n- tty: serial: fsl_lpuart: fix potential bug when using both of_alias_get_id and ida_simple_get (Sherry Sun) \n- serial: 8250_aspeed_vuart: Fix potential NULL dereference in aspeed_vuart_probe (Miaoqian Lin) \n- tty: n_tty: Restore EOF push handling behavior (Daniel Gibson) \n- tty: serial: owl: Fix missing clk_disable_unprepare() in owl_uart_probe (Miaoqian Lin) \n- tty: goldfish: Use tty_port_destroy() to destroy port (Wang Weiyang) \n- lkdtm/bugs: Dont expect thread termination without CONFIG_UBSAN_TRAP (Christophe Leroy) \n- lkdtm/bugs: Check for the NULL pointer after calling kmalloc (Jiasheng Jiang) \n- iio: adc: ad7124: Remove shift from scan_type (Alexandru Tachici) \n- staging: greybus: codecs: fix type confusion of list iterator variable (Jakob Koschel) \n- pcmcia: db1xxx_ss: restrict to MIPS_DB1XXX boards (Randy Dunlap) \n- LTS version: v5.15.46 (Jack Vogel) \n- block: fix bio_clone_blkg_association() to associate with proper blkcg_gq (Jan Kara) \n- pinctrl/rockchip: support setting input-enable param (Caleb Connolly) \n- md: bcache: check the return value of kzalloc() in detached_dev_do_request() (Jia-Ju Bai) \n- md: fix double free of io_acct_set bioset (Xiao Ni) \n- md: Dont set mddev private to NULL in raid0 pers->free (Xiao Ni) \n- fs/ntfs3: Fix invalid free in log_replay (Namjae Jeon) \n- exportfs: support idmapped mounts (Christian Brauner) \n- fs: add two trivial lookup helpers (Christian Brauner) \n- interconnect: qcom: icc-rpmh: Add BCMs to commit list in pre_aggregate (Mike Tipton) \n- interconnect: qcom: sc7180: Drop IP0 interconnects (Stephen Boyd) \n- ext4: only allow test_dummy_encryption when supported (Eric Biggers) \n- MIPS: IP30: Remove incorrect cpu_has_fpu override (Maciej W. Rozycki) \n- MIPS: IP27: Remove incorrect cpu_has_fpu override (Maciej W. Rozycki) \n- RDMA/rxe: Generate a completion for unsupported/invalid opcode (Xiao Yang) \n- RDMA/hns: Remove the num_cqc_timer variable (Yixing Liu) \n- staging: r8188eu: delete rtw_wx_read/write32() (Dan Carpenter) \n- Revert random: use static branch for crng_ready() (Jason A. Donenfeld) \n- list: test: Add a test for list_is_head() (David Gow) \n- kseltest/cgroup: Make test_stress.sh work if run interactively (Waiman Long) \n- net: ipa: fix page free in ipa_endpoint_replenish_one() (Alex Elder) \n- net: ipa: fix page free in ipa_endpoint_trans_release() (Alex Elder) \n- phy: qcom-qmp: fix reset-controller leak on probe errors (Johan Hovold) \n- coresight: core: Fix coresight device probe failure issue (Mao Jinlong) \n- blk-iolatency: Fix inflight count imbalances and IO hangs on offline (Tejun Heo) \n- vdpasim: allow to enable a vq repeatedly (Eugenio Perez) \n- dt-bindings: gpio: altera: correct interrupt-cells (Dinh Nguyen) \n- docs/conf.py: Cope with removal of language=None in Sphinx 5.0.0 (Akira Yokosawa) \n- SMB3: EBADF/EIO errors in rename/open caused by race condition in smb2_compound_op (Steve French) \n- ARM: pxa: maybe fix gpio lookup tables (Arnd Bergmann) \n- ARM: dts: s5pv210: Remove spi-cs-high on panel in Aries (Jonathan Bakker) \n- phy: qcom-qmp: fix struct clk leak on probe errors (Johan Hovold) \n- clk: tegra: Add missing reset deassertion (Diogo Ivo) \n- arm64: tegra: Add missing DFLL reset on Tegra210 (Diogo Ivo) \n- arm64: dts: qcom: ipq8074: fix the sleep clock frequency (Kathiravan T) \n- gma500: fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- tilcdc: tilcdc_external: fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- serial: pch: dont overwrite xmit->buf[0] by x_char (Jiri Slaby) \n- bcache: avoid journal no-space deadlock by reserving 1 journal bucket (Coly Li) \n- bcache: remove incremental dirty sector counting for bch_sectors_dirty_init() (Coly Li) \n- bcache: improve multithreaded bch_sectors_dirty_init() (Coly Li) \n- bcache: improve multithreaded bch_btree_check() (Coly Li) \n- stm: ltdc: fix two incorrect NULL checks on list iterator (Xiaomeng Tong) \n- carl9170: tx: fix an incorrect use of list iterator (Xiaomeng Tong) \n- ASoC: rt5514: Fix event generation for DSP Voice Wake Up control (Mark Brown) \n- rtl818x: Prevent using not initialized queues (Alexander Wetzel) \n- xtensa/simdisk: fix proc_read_simdisk() (Yi Yang) \n- mm/memremap: fix missing call to untrack_pfn() in pagemap_range() (Miaohe Lin) \n- hugetlb: fix huge_pmd_unshare address update (Mike Kravetz) \n- nodemask.h: fix compilation error with GCC12 (Christophe de Dinechin) \n- mm/page_alloc: always attempt to allocate at least one page during bulk allocation (Mel Gorman) \n- Revert mm/cma.c: remove redundant cma_mutex lock (Dong Aisheng) \n- iommu/dma: Fix iova map result check bug (Yunfei Wang) \n- iommu/msm: Fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- ksmbd: fix outstanding credits related bugs (Hyunchul Lee) \n- ftrace: Clean up hash direct_functions on register failures (Song Liu) \n- kexec_file: drop weak attribute from arch_kexec_apply_relocations[_add] (Naveen N. Rao) \n- um: Fix out-of-bounds read in LDT setup (Vincent Whitchurch) \n- um: chan_user: Fix winch_tramp() return value (Johannes Berg) \n- um: Use asm-generic/dma-mapping.h (Johannes Berg) \n- mac80211: upgrade passive scan to active scan on DFS channels after beacon rx (Felix Fietkau) \n- cfg80211: declare MODULE_FIRMWARE for regulatory.db (Dimitri John Ledkov) \n- thermal: devfreq_cooling: use local ops instead of global ops (Kant Fan) \n- irqchip: irq-xtensa-mx: fix initial IRQ affinity (Max Filippov) \n- irqchip/armada-370-xp: Do not touch Performance Counter Overflow on A375, A38x, A39x (Pali Rohar) \n- csky: patch_text: Fixup last cpu should be master (Guo Ren) \n- mmc: core: Allows to override the timeout value for ioctl() path (Bean Huo) \n- RDMA/hfi1: Fix potential integer multiplication overflow errors (Dennis Dalessandro) \n- Kconfig: Add option for asm goto w/ tied outputs to workaround clang-13 bug (Sean Christopherson) \n- ima: remove the IMA_TEMPLATE Kconfig option (GUO Zihua) \n- media: coda: Add more H264 levels for CODA960 (Nicolas Dufresne) \n- media: coda: Fix reported H264 profile (Nicolas Dufresne) \n- mtd: cfi_cmdset_0002: Use chip_ready() for write on S29GL064N (Tokunori Ikegami) \n- mtd: cfi_cmdset_0002: Move and rename chip_check/chip_ready/chip_good_for_write (Tokunori Ikegami) \n- md: fix an incorrect NULL check in md_reload_sb (Xiaomeng Tong) \n- md: fix an incorrect NULL check in does_sb_need_changing (Xiaomeng Tong) \n- drm/i915/dsi: fix VBT send packet port selection for ICL+ (Jani Nikula) \n- drm/bridge: analogix_dp: Grab runtime PM reference for DP-AUX (Brian Norris) \n- drm/nouveau/kms/nv50-: atom: fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- drm/nouveau/clk: Fix an incorrect NULL check on list iterator (Xiaomeng Tong) \n- drm/etnaviv: check for reaped mapping in etnaviv_iommu_unmap_gem (Lucas Stach) \n- drm/nouveau/subdev/bus: Ratelimit logging for fault errors (Lyude Paul) \n- drm/amdgpu/cs: make commands with 0 chunks illegal behaviour. (Dave Airlie) \n- landlock: Fix same-layer rule unions (Mickael Salaun) \n- landlock: Create find_rule() from unmask_layers() (Mickael Salaun) \n- landlock: Reduce the maximum number of layers to 16 (Mickael Salaun) \n- landlock: Define access_mask_t to enforce a consistent access mask size (Mickael Salaun) \n- selftests/landlock: Test landlock_create_ruleset(2) argument check ordering (Mickael Salaun) \n- landlock: Change landlock_restrict_self(2) check ordering (Mickael Salaun) \n- landlock: Change landlock_add_rule(2) argument check ordering (Mickael Salaun) \n- selftests/landlock: Add tests for O_PATH (Mickael Salaun) \n- selftests/landlock: Fully test file rename with remove access (Mickael Salaun) \n- selftests/landlock: Extend access right tests to directories (Mickael Salaun) \n- selftests/landlock: Add tests for unknown access rights (Mickael Salaun) \n- selftests/landlock: Extend tests for minimal valid attribute size (Mickael Salaun) \n- selftests/landlock: Make tests build with old libc (Mickael Salaun) \n- landlock: Fix landlock_add_rule(2) documentation (Mickael Salaun) \n- samples/landlock: Format with clang-format (Mickael Salaun) \n- samples/landlock: Add clang-format exceptions (Mickael Salaun) \n- selftests/landlock: Format with clang-format (Mickael Salaun) \n- selftests/landlock: Normalize array assignment (Mickael Salaun) \n- selftests/landlock: Add clang-format exceptions (Mickael Salaun) \n- landlock: Format with clang-format (Mickael Salaun) \n- landlock: Add clang-format exceptions (Mickael Salaun) \n- scsi: ufs: qcom: Add a readl() to make sure ref_clk gets enabled (Manivannan Sadhasivam) \n- scsi: dc395x: Fix a missing check on list iterator (Xiaomeng Tong) \n- dlm: fix missing lkb refcount handling (Alexander Aring) \n- dlm: uninitialized variable on error in dlm_listen_for_all() (Dan Carpenter) \n- dlm: fix plock invalid read (Alexander Aring) \n- s390/stp: clock_delta should be signed (Sven Schnelle) \n- s390/perf: obtain sie_block from the right address (Nico Boehr) \n- mm, compaction: fast_find_migrateblock() should return pfn in the target zone (Rei Yamamoto) \n- staging: r8188eu: prevent ->Ssid overflow in rtw_wx_set_scan() (Denis Efremov) \n- PCI: qcom: Fix unbalanced PHY init on probe errors (Johan Hovold) \n- PCI: qcom: Fix runtime PM imbalance on probe errors (Johan Hovold) \n- PCI/PM: Fix bridge_d3_blacklist[] Elo i2 overwrite of Gigabyte X299 (Bjorn Helgaas) \n- drm/amdgpu: add beige goby PCI ID (Alex Deucher) \n- tracing: Initialize integer variable to prevent garbage return value (Gautam Menghani) \n- tracing: Fix potential double free in create_var_ref() (Keita Suzuki) \n- tty: goldfish: Introduce gf_ioread32()/gf_iowrite32() (Laurent Vivier) \n- ACPI: property: Release subnode properties with data nodes (Sakari Ailus) \n- ext4: avoid cycles in directory h-tree (Jan Kara) \n- ext4: verify dir block before splitting it (Jan Kara) \n- ext4: fix bug_on in __es_tree_search (Baokun Li) \n- ext4: filter out EXT4_FC_REPLAY from on-disk superblock field s_state (Theodore Tso) \n- ext4: fix bug_on in ext4_writepages (Ye Bin) \n- ext4: fix warning in ext4_handle_inode_extension (Ye Bin) \n- ext4: fix race condition between ext4_write and ext4_convert_inline_data (Baokun Li) \n- ext4: fix use-after-free in ext4_rename_dir_prepare (Ye Bin) \n- ext4: mark group as trimmed only if it was fully scanned (Dmitry Monakhov) \n- bfq: Make sure bfqg for which we are queueing requests is online (Jan Kara) \n- bfq: Get rid of __bio_blkcg() usage (Jan Kara) \n- bfq: Track whether bfq_group is still online (Jan Kara) \n- bfq: Remove pointless bfq_init_rq() calls (Jan Kara) \n- bfq: Drop pointless unlock-lock pair (Jan Kara) \n- bfq: Update cgroup information before merging bio (Jan Kara) \n- bfq: Split shared queues on move between cgroups (Jan Kara) \n- bfq: Avoid merging queues with different parents (Jan Kara) \n- bfq: Avoid false marking of bic as stably merged (Jan Kara) \n- efi: Do not import certificates from UEFI Secure Boot for T2 Macs (Aditya Garg) \n- fs-writeback: writeback_sb_inodes:Recalculate wrote according skipped pages (Zhihao Cheng) \n- iwlwifi: mvm: fix assert 1F04 upon reconfig (Emmanuel Grumbach) \n- wifi: mac80211: fix use-after-free in chanctx code (Johannes Berg) \n- objtool: Fix symbol creation (Peter Zijlstra) \n- objtool: Fix objtool regression on x32 systems (Mikulas Patocka) \n- f2fs: fix to do sanity check for inline inode (Chao Yu) \n- f2fs: fix fallocate to use file_modified to update permissions consistently (Chao Yu) \n- f2fs: dont use casefolded comparison for . and .. (Eric Biggers) \n- f2fs: fix to do sanity check on total_data_blocks (Chao Yu) \n- f2fs: dont need inode lock for system hidden quota (Jaegeuk Kim) \n- f2fs: fix deadloop in foreground GC (Chao Yu) \n- f2fs: fix to clear dirty inode in f2fs_evict_inode() (Chao Yu) \n- f2fs: fix to do sanity check on block address in f2fs_do_zero_range() (Chao Yu) \n- f2fs: fix to avoid f2fs_bug_on() in dec_valid_node_count() (Chao Yu) \n- NFSv4.1 mark qualified async operations as MOVEABLE tasks (Olga Kornievskaia) \n- NFS: Convert GFP_NOFS to GFP_KERNEL (Trond Myklebust) \n- NFS: Create a new nfs_alloc_fattr_with_label() function (Anna Schumaker) \n- NFS: Always initialise fattr->label in nfs_fattr_alloc() (Trond Myklebust) \n- video: fbdev: vesafb: Fix a use-after-free due early fb_info cleanup (Javier Martinez Canillas) \n- perf jevents: Fix event syntax error caused by ExtSel (Zhengjun Xing) \n- perf c2c: Use stdio interface if slang is not supported (Leo Yan) \n- perf build: Fix btf__load_from_kernel_by_id() feature check (Jiri Olsa) \n- i2c: rcar: fix PM ref counts in probe error paths (Kuninori Morimoto) \n- i2c: npcm: Handle spurious interrupts (Tali Perry) \n- i2c: npcm: Correct register access width (Tyrone Ting) \n- i2c: npcm: Fix timeout calculation (Tali Perry) \n- iommu/amd: Increase timeout waiting for GA log enablement (Joerg Roedel) \n- dmaengine: stm32-mdma: fix chan initialization in stm32_mdma_irq_handler() (Amelie Delaunay) \n- dmaengine: stm32-mdma: remove GISR1 register (Amelie Delaunay) \n- video: fbdev: clcdfb: Fix refcount leak in clcdfb_of_vram_setup (Miaoqian Lin) \n- NFS: Further fixes to the writeback error handling (Trond Myklebust) \n- NFSv4/pNFS: Do not fail I/O when we fail to allocate the pNFS layout (Trond Myklebust) \n- NFS: Dont report errors from nfs_pageio_complete() more than once (Trond Myklebust) \n- NFS: Do not report flush errors in nfs_write_end() (Trond Myklebust) \n- NFS: Dont report ENOSPC write errors twice (Trond Myklebust) \n- NFS: fsync() should report filesystem errors over EINTR/ERESTARTSYS (Trond Myklebust) \n- NFS: Do not report EINTR/ERESTARTSYS as mapping errors (Trond Myklebust) \n- dmaengine: idxd: Fix the error handling path in idxd_cdev_register() (Christophe JAILLET) \n- i2c: at91: Initialize dma_buf in at91_twi_xfer() (Nathan Chancellor) \n- iommu/mediatek: Fix NULL pointer dereference when printing dev_name (Miles Chen) \n- MIPS: Loongson: Use hwmon_device_register_with_groups() to register hwmon (Guenter Roeck) \n- iommu/arm-smmu-v3-sva: Fix mm use-after-free (Jean-Philippe Brucker) \n- cpufreq: mediatek: Unregister platform device on exit (Rex-BC Chen) \n- cpufreq: mediatek: Use module_init and add module_exit (Jia-Wei Chang) \n- i2c: at91: use dma safe buffers (Michael Walle) \n- iommu/mediatek: Add mutex for m4u_group and m4u_dom in data (Yong Wu) \n- iommu/mediatek: Remove clk_disable in mtk_iommu_remove (Yong Wu) \n- iommu/mediatek: Add list_del in mtk_iommu_remove (Yong Wu) \n- iommu/mediatek: Fix 2 HW sharing pgtable issue (Yong Wu) \n- iommu/amd: Enable swiotlb in all cases (Mario Limonciello) \n- f2fs: fix dereference of stale list iterator after loop body (Jakob Koschel) \n- f2fs: fix to do sanity check on inline_dots inode (Chao Yu) \n- f2fs: support fault injection for dquot_initialize() (Chao Yu) \n- OPP: call of_node_put() on error path in _bandwidth_supported() (Dan Carpenter) \n- Input: stmfts - do not leave device disabled in stmfts_input_open (Dmitry Torokhov) \n- KVM: LAPIC: Drop pending LAPIC timer injection when canceling the timer (Wanpeng Li) \n- RDMA/hfi1: Prevent use of lock before it is initialized (Douglas Miller) \n- mailbox: forward the hrtimer if not queued and under a lock (Bjorn Ardo) \n- nfsd: destroy percpu stats counters after reply cache shutdown (Julian Schroeder) \n- mfd: davinci_voicecodec: Fix possible null-ptr-deref davinci_vc_probe() (Yang Yingliang) \n- powerpc/fsl_rio: Fix refcount leak in fsl_rio_setup (Miaoqian Lin) \n- powerpc/xive: Fix refcount leak in xive_spapr_init (Miaoqian Lin) \n- powerpc/xive: Add some error handling code to xive_spapr_init() (Christophe JAILLET) \n- macintosh: via-pmu and via-cuda need RTC_LIB (Randy Dunlap) \n- powerpc/perf: Fix the threshold compare group constraint for power9 (Kajol Jain) \n- powerpc/perf: Fix the threshold compare group constraint for power10 (Kajol Jain) \n- powerpc/64: Only WARN if __pa()/__va() called with bad addresses (Michael Ellerman) \n- hwrng: omap3-rom - fix using wrong clk_disable() in omap_rom_rng_runtime_resume() (Yang Yingliang) \n- PCI: microchip: Fix potential race in interrupt handling (Daire McNamara) \n- PCI/AER: Clear MULTI_ERR_COR/UNCOR_RCV bits (Kuppuswamy Sathyanarayanan) \n- Input: sparcspkr - fix refcount leak in bbc_beep_probe (Miaoqian Lin) \n- hugetlbfs: fix hugetlbfs_statfs() locking (Mina Almasry) \n- ARM: dts: at91: sama7g5: remove interrupt-parent from gic node (Eugen Hristev) \n- crypto: cryptd - Protect per-CPU resource by disabling BH. (Sebastian Andrzej Siewior) ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-21T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-21385", "CVE-2022-21546", "CVE-2022-2585", "CVE-2022-2586", "CVE-2022-2588", "CVE-2022-34918"], "modified": "2022-09-21T00:00:00", "id": "ELSA-2022-9827", "href": "http://linux.oracle.com/errata/ELSA-2022-9827.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-11-03T16:36:33", "description": "[3.10.0-1160.80.1.0.1.OL7]\n- debug: lock down kgdb [Orabug: 34270798] {CVE-2022-21499}\n[3.10.0-1160.80.1.OL7]\n- Update Oracle Linux certificates (Ilya Okomin)\n- Oracle Linux RHCK Module Signing Key was compiled into kernel (olkmod_signing_key.x509)(alexey.petrenko@oracle.com)\n- Update x509.genkey [Orabug: 24817676]\n- Conflict with shim-ia32 and shim-x64 <= 15-2.0.9\n- Update oracle(kernel-sig-key) value to match new certificate (Ilya Okomin)\n[3.10.0-1160.80.1]\n- scsi: lpfc: Fix FCP I/O flush functionality for TMF routines (Dick Kennedy) [1969988]\n- scsi: lpfc: Fix illegal memory access on Abort IOCBs (Dick Kennedy) [1969988]\n- NFS: Fix extra call to dput() in nfs_prime_dcache (Benjamin Coddington) [2117856]\n[3.10.0-1160.79.1]\n- x86/speculation: Add LFENCE to RSB fill sequence (Rafael Aquini) [2115073] {CVE-2022-26373}\n- x86/speculation: Protect against userspace-userspace spectreRSB (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/speculation: cope with spectre_v2=retpoline cmdline on retbleed-affected Intel CPUs (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- KVM: emulate: do not adjust size of fastop and setcc subroutines (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/kvm: fix FASTOP_SIZE when return thunks are enabled (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/speculation: Disable RRSBA behavior (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/kexec: Disable RET on kexec (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/bugs: Add Cannon lake to RETBleed affected CPU list (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/cpu/amd: Enumerate BTC_NO (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/common: Stamp out the stepping madness (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/cpu/amd: Add Spectral Chicken (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/bugs: Do IBPB fallback check only once (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/bugs: Add retbleed=ibpb (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/bugs: Report Intel retbleed vulnerability (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/bugs: Enable STIBP for JMP2RET (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/bugs: Add AMD retbleed= boot parameter (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/bugs: Report AMD retbleed vulnerability (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86: Add magic AMD return-thunk (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86: Use return-thunk in asm code (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/sev: Avoid using __x86_return_thunk (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/vsyscall_emu/64: Don't use RET in vsyscall emulation (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/kvm: Fix SETcc emulation for return thunks (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86,objtool: Create .return_sites (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86: Undo return-thunk damage (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/retpoline: Use -mfunction-return (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/cpufeatures: Move RETPOLINE flags to word 11 (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- objtool: Add ELF writing capability (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86: Prepare asm files for straight-line-speculation (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86: Prepare inline-asm for straight-line-speculation (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/kvm: Fix fastop function ELF metadata (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/kvm: Move kvm_fastop_exception to .fixup section (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/vdso: Fix vDSO build if a retpoline is emitted (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/cpufeatures: Combine word 11 and 12 into a new scattered features word (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/cpufeatures: Carve out CQM features retrieval (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/cpufeatures: Re-tabulate the X86_FEATURE definitions (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/cpufeature: Move processor tracing out of scattered features (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/cpu: Probe CPUID leaf 6 even when cpuid_level == 6 (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n- x86/alternatives: Cleanup DPRINTK macro (Rafael Aquini) [2090227] {CVE-2022-23816 CVE-2022-23825 CVE-2022-29900 CVE-2022-29901}\n[3.10.0-1160.78.1]\n- net_sched: cls_route: remove from list when handle is 0 (Davide Caratti) [2121809] {CVE-2022-2588}\n[3.10.0-1160.77.1]\n- net/mlx5: Add Fast teardown support (Jay Shin) [2077711]\n- net/mlx5: Free IRQs in shutdown path (Jay Shin) [2077711]\n- net/mlx5: Change teardown with force mode failure message to warning (Jay Shin) [2077711]\n- net/mlx5: Cancel health poll before sending panic teardown command (Jay Shin) [2077711]\n- net/mlx5: Add fast unload support in shutdown flow (Jay Shin) [2077711]\n- net/mlx5: Expose command polling interface (Jay Shin) [2077711]\n- posix-timers: Remove remaining uses of tasklist_lock (Oleg Nesterov) [2115147]\n- posix-timers: Use sighand lock instead of tasklist_lock on timer deletion (Oleg Nesterov) [2115147]\n- posix-cpu-timers: remove tasklist_lock in posix_cpu_clock_get() (Oleg Nesterov) [2115147]", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.0}, "published": "2022-11-03T00:00:00", "type": "oraclelinux", "title": "kernel security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-23816", "CVE-2022-23825", "CVE-2022-2588", "CVE-2022-26373", "CVE-2022-29900", "CVE-2022-29901"], "modified": "2022-11-03T00:00:00", "id": "ELSA-2022-7337", "href": "http://linux.oracle.com/errata/ELSA-2022-7337.html", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-10-26T15:28:41", "description": "[4.18.0-372.32.1.0.1_6.OL8]\n- Update Oracle Linux certificates (Kevin Lyons)\n- Disable signing for aarch64 (Ilya Okomin)\n- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]\n- Update x509.genkey [Orabug: 24817676]\n- Conflict with shim-ia32 and shim-x64 <= 15-11.0.5\n- debug: lockdown kgdb [Orabug: 34270802] {CVE-2022-21499}\n[4.18.0-372.32.1_6]\n- net: atlantic: remove aq_nic_deinit() when resume (Inigo Huguet) [2131936 2130839]\n- net: atlantic: remove deep parameter on suspend/resume functions (Inigo Huguet) [2131936 2130839]\n- configs: enable CONFIG_HP_ILO for aarch64 (Mark Salter) [2129923 2123508]\n- drm/nouveau: recognise GA103 (Karol Herbst) [2127122 1923125]\n- net: fix a memleak when uncloning an skb dst and its metadata (Hangbin Liu) [2131255 2068355]\n- net: do not keep the dst cache when uncloning an skb dst and its metadata (Hangbin Liu) [2131255 2068355]\n- intel_idle: Fix false positive RCU splats due to incorrect hardirqs state (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/spec_ctrl: Enable RHEL only ibrs_always & retpoline,ibrs_user spectre_v2 options (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- KVM: emulate: do not adjust size of fastop and setcc subroutines (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/kvm: fix FASTOP_SIZE when return thunks are enabled (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- efi/x86: use naked RET on mixed mode call wrapper (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/bugs: Remove apostrophe typo (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/entry: Remove UNTRAIN_RET from native_irq_return_ldt (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/bugs: Mark retbleed_strings static (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/asm/32: Fix ANNOTATE_UNRET_SAFE use on 32-bit (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/speculation: Disable RRSBA behavior (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/kexec: Disable RET on kexec (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/bugs: Do not enable IBPB-on-entry when IBPB is not supported (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/bugs: Add Cannon lake to RETBleed affected CPU list (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- redhat/configs: Add new mitigation configs for RetBleed CVEs (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/retbleed: Add fine grained Kconfig knobs (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/cpu/amd: Enumerate BTC_NO (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/common: Stamp out the stepping madness (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- KVM: VMX: Prevent RSB underflow before vmenter (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/speculation: Fill RSB on vmexit for IBRS (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- KVM: VMX: Fix IBRS handling after vmexit (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- KVM: VMX: Convert launched argument to flags (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- KVM: VMX: Flatten __vmx_vcpu_run() (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/speculation: Remove x86_spec_ctrl_mask (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/speculation: Fix SPEC_CTRL write on SMT state change (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/speculation: Fix firmware entry SPEC_CTRL handling (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/cpu/amd: Add Spectral Chicken (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/bugs: Do IBPB fallback check only once (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/bugs: Add retbleed=ibpb (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- objtool: Update Retpoline validation (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- intel_idle: Disable IBRS during long idle (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/bugs: Report Intel retbleed vulnerability (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/bugs: Optimize SPEC_CTRL MSR writes (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/entry: Add kernel IBRS implementation (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/bugs: Enable STIBP for JMP2RET (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/bugs: Add AMD retbleed= boot parameter (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/bugs: Report AMD retbleed vulnerability (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86: Add magic AMD return-thunk (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86: Use return-thunk in asm code (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/sev: Avoid using __x86_return_thunk (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/vsyscall_emu/64: Don't use RET in vsyscall emulation (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/kvm: Fix SETcc emulation for return thunks (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/bpf: Use alternative RET encoding (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/ftrace: Use alternative RET encoding (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86,objtool: Create .return_sites (Josh Poimboeuf) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86: Undo return-thunk damage (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/retpoline: Use -mfunction-return (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/retpoline: Swizzle retpoline thunk (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/retpoline: Cleanup some #ifdefery (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/cpufeatures: Move RETPOLINE flags to word 11 (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/kvm/vmx: Make noinstr clean (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- arch/x86/boot/compressed: Add -D__DISABLE_EXPORTS to kbuild flags (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86: (Ab)use __DISABLE_EXPORTS to disable RETHUNK in real mode (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/entry: Remove skip_r11rcx (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- cpuidle,intel_idle: Fix CPUIDLE_FLAG_IRQ_ENABLE (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/speculation/srbds: Do not try to turn mitigation off when not supported (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/ibt,paravirt: Use text_gen_insn() for paravirt_patch() (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/text-patching: Make text_gen_insn() play nice with ANNOTATE_NOENDBR (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/module: Fix the paravirt vs alternative order (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86: Add straight-line-speculation mitigation (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86: Prepare inline-asm for straight-line-speculation (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86: Prepare asm files for straight-line-speculation (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86: Use -mindirect-branch-cs-prefix for RETPOLINE builds (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86: Move RETPOLINE*_CFLAGS to arch Makefile (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/entry: Add a fence for kernel entry SWAPGS in paranoid_entry() (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- Makefile: remove stale cc-option checks (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- tools headers: Remove broken definition of __LITTLE_ENDIAN (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- tools arch: Update arch/x86/lib/mem{cpy,set}_64.S copies used in 'perf bench mem memcpy' (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86: Add insn_decode_kernel() (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- tools/insn: Restore the relative include paths for cross building (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/alternative: Use insn_decode() (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/insn: Add an insn_decode() API (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/insn: Rename insn_decode() to insn_decode_from_regs() (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/paravirt: Add new features for paravirt patching (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/alternative: Support not-feature (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/alternative: Merge include files (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- objtool: Fix error handling for STD/CLD warnings (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/alternatives: Teach text_poke_bp() to emulate RET (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/ftrace: Have ftrace trampolines turn read-only at the end of system boot up (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/speculation: Change FILL_RETURN_BUFFER to work with objtool (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- objtool: Add support for intra-function calls (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- objtool: Rework allocating stack_ops on decode (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- objtool: Better handle IRET (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- objtool: Support multiple stack_op per instruction (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- objtool: Make BP scratch register warning more robust (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/kexec: Make relocate_kernel_64.S objtool clean (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- objtool: Introduce validate_return() (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- Makefile: disallow data races on gcc-10 as well (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- objtool: Improve call destination function detection (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/alternatives: Implement a better poke_int3_handler() completion scheme (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- lib/: fix Kconfig indentation (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/alternatives: Use INT3_INSN_SIZE (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/kprobes: Fix ordering while text-patching (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/kprobes: Convert to text-patching.h (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/alternative: Shrink text_poke_loc (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/alternative: Remove text_poke_loc::len (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/ftrace: Use text_gen_insn() (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/alternative: Add text_opcode_size() (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/ftrace: Use text_poke() (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/ftrace: Use vmalloc special flag (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/ftrace: Explicitly include vmalloc.h for set_vm_flush_reset_perms() (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/alternatives: Add and use text_gen_insn() helper (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/alternatives, jump_label: Provide better text_poke() batching interface (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/asm: Annotate relocate_kernel_{32,64}.c (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86: kprobes: Prohibit probing on instruction which has emulate prefix (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86: Correct misc typos (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/speculation/mds: Apply more accurate check on hypervisor platform (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- objtool: Convert insn type to enum (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- objtool: Track original function across branches (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- objtool: Rename elf_open() to prevent conflict with libelf from elftoolchain (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/ftrace: Make enable parameter bool where applicable (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/CPU/AMD: Don't force the CPB cap when running under a hypervisor (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- objtool: Fix function fallthrough detection (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/paravirt: Detect over-sized patching bugs in paravirt_patch_call() (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/cpu/amd: Exclude 32bit only assembler from 64bit build (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/asm: Mark all top level asm statements as .text (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/cpu/bugs: Use __initconst for 'const' init data (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- objtool: Add Direction Flag validation (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- objtool: Rewrite add_ignores() (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/nospec, objtool: Introduce ANNOTATE_IGNORE_ALTERNATIVE (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/ftrace: Fix warning and considate ftrace_jmp_replace() and ftrace_call_replace() (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- kbuild: Disable extra debugging info in .s output (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/CPU/AMD: Set the CPB bit unconditionally on F17h (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/alternatives: Print containing function (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/ftrace: Do not call function graph from dynamic trampolines (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- ftrace: Create new ftrace_internal.h header (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- kprobes/x86: Fix instruction patching corruption when copying more than one RIP-relative instruction (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- tracing/Makefile: Fix handling redefinition of CC_FLAGS_FTRACE (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/paravirt: Remove unused paravirt bits (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/paravirt: Remove clobbers parameter from paravirt patch functions (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/paravirt: Make paravirt_patch_call() and paravirt_patch_jmp() static (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/l1tf: Fix build error seen if CONFIG_KVM_INTEL is disabled (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- ftrace: Remove unused pointer ftrace_swapper_pid (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- x86/spec_ctrl: Temporarily remove RHEL specific IBRS code (Waiman Long) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- intel_idle: enable interrupts before C1 on Xeons (Steve Best) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- KVM: nVMX: Query current VMCS when determining if MSR bitmaps are in use (Vitaly Kuznetsov) [2103167 2090229] {CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825}\n- atlantic: Fix issue in the pm resume flow. (Igor Russkikh) [2127845 2002395]\n- atlantic: Fix driver resume flow. (Igor Russkikh) [2127845 2002395]\n- net: atlantic: always deep reset on pm op, fixing up my null deref regression (Foggy Liu) [2124966 2039680]\n- net: atlantic: invert deep par in pm functions, preventing null derefs (Foggy Liu) [2124966 2039680]\n[4.18.0-372.31.1_6]\n- ice: Allow operation with reduced device MSI-X (Petr Oros) [2126482 2102844]\n- redhat: kernel depends on new linux-firmware (John Meneghini) [2120613 2044843]\n- scsi: qedi: Use QEDI_MODE_NORMAL for error handling (John Meneghini) [2119847 2101760]\n- qede: Reduce verbosity of ptp tx timestamp (John Meneghini) [2125477 2080655]\n- qede: confirm skb is allocated before using (John Meneghini) [2120611 2040267]\n- qed: fix ethtool register dump (John Meneghini) [2120611 2040267]\n- scsi: qedf: Stop using the SCSI pointer (John Meneghini) [2120613 2044843]\n- scsi: qedf: Change context reset messages to ratelimited (John Meneghini) [2120613 2044843]\n- scsi: qedf: Fix refcount issue when LOGO is received during TMF (John Meneghini) [2120613 2044843]\n- scsi: qedf: Add stag_work to all the vports (John Meneghini) [2120613 2044843]\n- scsi: qedf: Fix potential dereference of NULL pointer (John Meneghini) [2120613 2044843]\n- scsi: qedi: Remove redundant flush_workqueue() calls (John Meneghini) [2120612 2044837]\n- scsi: qedi: Fix SYSFS_FLAG_FW_SEL_BOOT formatting (John Meneghini) [2120612 2044837]\n- qed: remove unnecessary memset in qed_init_fw_funcs (John Meneghini) [2120611 2040267]\n- qed: return status of qed_iov_get_link (John Meneghini) [2120611 2040267]\n- net: qlogic: check the return value of dma_alloc_coherent() in qed_vf_hw_prepare() (John Meneghini) [2120611 2040267]\n- qed: validate and restrict untrusted VFs vlan promisc mode (John Meneghini) [2120611 2040267]\n- qed: display VF trust config (John Meneghini) [2120611 2040267]\n- qed: prevent a fw assert during device shutdown (John Meneghini) [2120611 2040267]\n- qed: use msleep() in qed_mcp_cmd() and add qed_mcp_cmd_nosleep() for udelay. (John Meneghini) [2120611 2040267]\n- qed: Use dma_set_mask_and_coherent() and simplify code (John Meneghini) [2120611 2040267]\n- qed*: esl priv flag support through ethtool (John Meneghini) [2120611 2040267]\n- qed*: enhance tx timeout debug info (John Meneghini) [2120611 2040267]\n- qede: validate non LSO skb length (John Meneghini) [2120611 2040267]\n- qed: Enhance rammod debug prints to provide pretty details (John Meneghini) [2120611 2040267]\n- net: qed: fix the array may be out of bound (John Meneghini) [2120611 2040267]\n- qed: Use the bitmap API to simplify some functions (John Meneghini) [2120611 2040267]\n- RDMA/qed: Use helper function to set GUIDs (John Meneghini) [2120611 2040267]\n- net: qed_dev: fix check of true !rc expression (John Meneghini) [2120611 2040267]\n- net: qed_ptp: fix check of true !rc expression (John Meneghini) [2120611 2040267]\n- RDMA/qedr: Remove unsupported qedr_resize_cq callback (John Meneghini) [2120611 2040267]\n- qed: Change the TCP common variable - 'iscsi_ooo' (John Meneghini) [2120611 2040267]\n- qed: Optimize the ll2 ooo flow (John Meneghini) [2120611 2040267]\n- net: qed_debug: fix check of false (grc_param < 0) expression (John Meneghini) [2120611 2040267]\n- qed: Fix missing error code in qed_slowpath_start() (John Meneghini) [2120611 2040267]\n- qed: Fix compilation for CONFIG_QED_SRIOV undefined scenario (John Meneghini) [2120611 2040267]\n- qed: Initialize debug string array (John Meneghini) [2120611 2040267]\n- qed: Fix spelling mistake 'ctx_bsaed' -> 'ctx_based' (John Meneghini) [2120611 2040267]\n- qed: fix ll2 establishment during load of RDMA driver (John Meneghini) [2120611 2040267]\n- qed: Update the TCP active termination 2 MSL timer ('TIME_WAIT') (John Meneghini) [2120611 2040267]\n- qed: Update TCP silly-window-syndrome timeout for iwarp, scsi (John Meneghini) [2120611 2040267]\n- qed: Update debug related changes (John Meneghini) [2120611 2040267]\n- qed: Add '_GTT' suffix to the IRO RAM macros (John Meneghini) [2120611 2040267]\n- qed: Update FW init functions to support FW 8.59.1.0 (John Meneghini) [2120611 2040267]\n- qed: Use enum as per FW 8.59.1.0 in qed_iro_hsi.h (John Meneghini) [2120611 2040267]\n- qed: Update qed_hsi.h for fw 8.59.1.0 (John Meneghini) [2120611 2040267]\n- qed: Update qed_mfw_hsi.h for FW ver 8.59.1.0 (John Meneghini) [2120611 2040267]\n- qed: Update common_hsi for FW ver 8.59.1.0 (John Meneghini) [2120611 2040267]\n- qed: Split huge qed_hsi.h header file (John Meneghini) [2120611 2040267]\n- qed: Remove e4_ and _e4 from FW HSI (John Meneghini) [2120611 2040267]\n- qed: Fix kernel-doc warnings (John Meneghini) [2120611 2040267]\n- qed: Don't ignore devlink allocation failures (John Meneghini) [2120611 2040267]\n- qed: Improve the stack space of filter_config() (John Meneghini) [2120611 2040267]\n- RDMA/qedr: Move variables reset to qedr_set_common_qp_params() (John Meneghini) [2120611 2040267]\n- RDMA/qedr: Fix reporting max_{send/recv}_wr attrs (John Meneghini) [2119122 2051524]\n[4.18.0-372.30.1_6]\n- af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register (Xin Long) [2107611 2075181] {CVE-2022-1353}\n- SUNRPC: avoid race between mod_timer() and del_timer_sync() (Benjamin Coddington) [2126184 2104507]\n- powerpc/fadump: print start of preserved area (Diego Domingos) [2107488 2075092]\n- powerpc/fadump: align destination address to pagesize (Diego Domingos) [2107488 2075092]\n- powerpc/fadump: fix PT_LOAD segment for boot memory area (Diego Domingos) [2107488 2075092]\n- drm/amdgpu: vi: disable ASPM on Intel Alder Lake based systems (Michel Danzer) [2091065 2066918]\n- drm/amd: Use amdgpu_device_should_use_aspm on navi umd pstate switching (Michel Danzer) [2091065 2066918]\n- drm/amd: Refactor amdgpu_aspm to be evaluated per device (Michel Danzer) [2091065 2066918]\n- drm/amd: Check if ASPM is enabled from PCIe subsystem (Michel Danzer) [2091065 2066918]\n[4.18.0-372.29.1_6]\n- block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern (Ewan D. Milne) [2107627 2049198] {CVE-2022-0494}\n- cpufreq: Specify default governor on command line (Prarit Bhargava) [2109996 2083766]\n- cpufreq: Fix locking issues with governors (Prarit Bhargava) [2109996 2083766]\n- cpufreq: Register governors at core_initcall (Prarit Bhargava) [2109996 2083766]\n- net_sched: cls_route: remove from list when handle is 0 (Felix Maurer) [2121817 2116328] {CVE-2022-2588}\n[4.18.0-372.28.1_6]\n- powerpc/smp: Update cpu_core_map on all PowerPc systems (Diego Domingos) [2112820 2064104]\n- iavf: Fix reset error handling (Petr Oros) [2120225 2119759]\n- iavf: Fix NULL pointer dereference in iavf_get_link_ksettings (Petr Oros) [2120225 2119759]\n- iavf: Fix adminq error handling (Petr Oros) [2120225 2119759]\n- iavf: Fix missing state logs (Petr Oros) [2120225 2119759]\n- scsi: mpt3sas: Stop fw fault watchdog work item during system shutdown (Tomas Henzl) [2111140 2106413]\n- s390/qeth: cache link_info for ethtool (Michal Schmidt) [2120197 2117098]\n- nvme: fix RCU hole that allowed for endless looping in multipath round robin (Gopal Tiwari) [2106017 2078806]\n- nvme: also mark passthrough-only namespaces ready in nvme_update_ns_info (Gopal Tiwari) [2106017 2078806]\n- nvme: fix use after free when disconnecting a reconnecting ctrl (Gopal Tiwari) [2106017 2078806]\n- nvme: only call synchronize_srcu when clearing current path (Gopal Tiwari) [2106017 2078806]\n- nvme-multipath: revalidate paths during rescan (Gopal Tiwari) [2106017 2078806]\n- scsi: lpfc: Move cfg_log_verbose check before calling lpfc_dmp_dbg() (Dick Kennedy) [2112103 2034425]\n[4.18.0-372.27.1_6]\n- [s390] s390/pci: add s390_iommu_aperture kernel parameter (Claudio Imbrenda) [2081324 2039181]\n- ipv6: take care of disable_policy when restoring routes (Andrea Claudi) [2109971 2103894]\n- net: openvswitch: fix parsing of nw_proto for IPv6 fragments (Eelco Chaudron) [2106703 2101537]\n- scsi: ch: Make it possible to open a ch device multiple times again (Ewan D. Milne) [2115965 2108649]\n- scsi: smartpqi: Fix DMA direction for RAID requests (Don Brace) [2112354 2101548]\n- iommu/vt-d: Calculate mask for non-aligned flushes (Jerry Snitselaar) [2111692 2072179]", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2022-10-26T00:00:00", "type": "oraclelinux", "title": "kernel security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-0494", "CVE-2022-1353", "CVE-2022-23816", "CVE-2022-23825", "CVE-2022-2588", "CVE-2022-29900", "CVE-2022-29901"], "modified": "2022-10-26T00:00:00", "id": "ELSA-2022-7110", "href": "http://linux.oracle.com/errata/ELSA-2022-7110.html", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:C/I:N/A:N"}}, {"lastseen": "2022-09-06T17:18:13", "description": "[4.1.12-124.66.3]\n- fuse: fix pipe buffer lifetime for direct_io (Miklos Szeredi) [Orabug: 33981149] {CVE-2022-1011}\n- vt: drop old FONT ioctls (Jiri Slaby) [Orabug: 34408794] {CVE-2021-33656}\n- video: of_display_timing.h: include errno.h (Hsin-Yi Wang) [Orabug: 34408910] {CVE-2021-33655}\n- fbcon: Disallow setting font bigger than screen size (Helge Deller) [Orabug: 34408910] {CVE-2021-33655}\n- scsi: target: Fix WRITE_SAME No Data Buffer crash (Mike Christie) [Orabug: 34419974] {CVE-2022-21546}\n- scsi/eh: fix hang adding ehandler wakeups after decrementing host_busy (Gulam Mohamed) [Orabug: 33349684] [Orabug: 34492498]\n[4.1.12-124.66.2]\n- mm: enforce min addr even if capable() in expand_downwards() (Jann Horn) [Orabug: 29501997] {CVE-2019-9213}\n- ACPICA: Reference Counts: increase max to 0x4000 for large servers (Erik Schmauss) \n- ipv4: tcp: send zero IPID in SYNACK messages (Eric Dumazet) [Orabug: 33917058] {CVE-2020-36516}\n- ipv4: Cache net in ip_build_and_send_pkt and ip_queue_xmit (Eric W. Biederman) [Orabug: 33917058] {CVE-2020-36516}\n- ipv4: igmp: guard against silly MTU values (Eric Dumazet) [Orabug: 33917058] {CVE-2020-36516}\n- inet: constify ip_dont_fragment() arguments (Eric Dumazet) [Orabug: 33917058] {CVE-2020-36516}\n- ip: constify ip_build_and_send_pkt() socket argument (Eric Dumazet) [Orabug: 33917058] {CVE-2020-36516}\n- vt: vt_ioctl: fix VT_DISALLOCATE freeing in-use virtual console (Eric Biggers) [Orabug: 34433461] {CVE-2020-36557}\n- vt: vt_ioctl: fix race in VT_RESIZEX (Eric Dumazet) [Orabug: 34433476] {CVE-2020-36558}\n- VT_RESIZEX: get rid of field-by-field copyin (Al Viro) [Orabug: 34433476] \n- net_sched: cls_route: remove from list when handle is 0 (Thadeu Lima de Souza Cascardo) [Orabug: 34460939] [Orabug: 34484730] {CVE-2022-2588}\n[4.1.12-124.66.1]\n- net: fix uninit-value in __hw_addr_add_ex() (Eric Dumazet) [Orabug: 34395887] \n- mac80211: silence an uninitialized variable warning (Dan Carpenter) [Orabug: 34396283]", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2022-09-06T00:00:00", "type": "oraclelinux", "title": "Unbreakable Enterprise kernel security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-9213", "CVE-2020-36516", "CVE-2020-36557", "CVE-2020-36558", "CVE-2021-33655", "CVE-2021-33656", "CVE-2022-1011", "CVE-2022-21546", "CVE-2022-2588"], "modified": "2022-09-06T00:00:00", "id": "ELSA-2022-9761", "href": "http://linux.oracle.com/errata/ELSA-2022-9761.html", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2023-01-26T00:00:29", "description": "The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2022-9699 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-09T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2022-9699)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2588"], "modified": "2023-01-13T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:kernel-uek-container"], "id": "ORACLELINUX_ELSA-2022-9699.NASL", "href": "https://www.tenable.com/plugins/nessus/163969", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-9699.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163969);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/13\");\n\n script_cve_id(\"CVE-2022-2588\");\n\n script_name(english:\"Oracle Linux 7 : Unbreakable Enterprise kernel-container (ELSA-2022-9699)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the\nELSA-2022-9699 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-9699.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel-uek-container package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2588\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-container\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['4.14.35-2047.516.1.1.el7'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2022-9699');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '4.14';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-container-4.14.35-2047.516.1.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-container-4.14.35'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek-container');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-25T00:40:46", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:6875 advisory.\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-11T00:00:00", "type": "nessus", "title": "RHEL 8 : kpatch-patch (RHSA-2022:6875)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2588"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:rhel_e4s:8.1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_64_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_65_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_67_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_70_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_74_1"], "id": "REDHAT-RHSA-2022-6875.NASL", "href": "https://www.tenable.com/plugins/nessus/166018", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:6875. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166018);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2022-2588\");\n script_xref(name:\"RHSA\", value:\"2022:6875\");\n\n script_name(english:\"RHEL 8 : kpatch-patch (RHSA-2022:6875)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:6875 advisory.\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation\n (CVE-2022-2588)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2588\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:6875\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2114849\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2588\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_64_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_65_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_67_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_70_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-147_74_1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.1')) audit(AUDIT_OS_NOT, 'Red Hat 8.1', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar kernel_live_checks = [\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel8/8.1/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.1/x86_64/appstream/os',\n 'content/e4s/rhel8/8.1/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.1/x86_64/baseos/os',\n 'content/e4s/rhel8/8.1/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.1/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.1/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.1/x86_64/sap/debug',\n 'content/e4s/rhel8/8.1/x86_64/sap/os',\n 'content/e4s/rhel8/8.1/x86_64/sap/source/SRPMS'\n ],\n 'kernels': {\n '4.18.0-147.64.1.el8_1.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-147_64_1-1-4.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-147.65.1.el8_1.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-147_65_1-1-3.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-147.67.1.el8_1.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-147_67_1-1-2.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-147.70.1.el8_1.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-147_70_1-1-1.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-147.74.1.el8_1.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-147_74_1-1-1.el8_1', 'sp':'1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n }\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:kernel_live_checks);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar kernel_affected = FALSE;\nforeach var kernel_array ( kernel_live_checks ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(kernel_array['repo_relative_urls'])) repo_relative_urls = kernel_array['repo_relative_urls'];\n var kpatch_details = kernel_array['kernels'][uname_r];\n if (empty_or_null(kpatch_details)) continue;\n kernel_affected = TRUE;\n foreach var pkg ( kpatch_details['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n# No kpatch details found for the running kernel version\nif (!kernel_affected) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Update Services for SAP Solutions repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-4_18_0-147_64_1 / kpatch-patch-4_18_0-147_65_1 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-25T00:42:33", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:7171 advisory.\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-25T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel (RHSA-2022:7171)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2588"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:7.6", "cpe:/o:redhat:rhel_e4s:7.6", "cpe:/o:redhat:rhel_tus:7.6", "p-cpe:/a:redhat:enterprise_linux:bpftool", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:python-perf"], "id": "REDHAT-RHSA-2022-7171.NASL", "href": "https://www.tenable.com/plugins/nessus/166470", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:7171. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166470);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2022-2588\");\n script_xref(name:\"RHSA\", value:\"2022:7171\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2022:7171)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:7171 advisory.\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation\n (CVE-2022-2588)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2588\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:7171\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2114849\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2588\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:7.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.6')) audit(AUDIT_OS_NOT, 'Red Hat 7.6', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2022-2588');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2022:7171');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.6/x86_64/debug',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.6/x86_64/os',\n 'content/aus/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap-hana/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/debug',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/os',\n 'content/e4s/rhel/server/7/7.6/x86_64/sap/source/SRPMS',\n 'content/e4s/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/os',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/os',\n 'content/tus/rhel/server/7/7.6/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'kernel-3.10.0-957.99.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-3.10.0-957.99.1.el7', 'sp':'6', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-957.99.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-957.99.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-957.99.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-3.10.0-957.99.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-957.99.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-957.99.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-957.99.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-957.99.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-957.99.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.6/x86_64/debug',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.6/x86_64/os',\n 'content/aus/rhel/server/7/7.6/x86_64/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/os',\n 'content/tus/rhel/server/7/7.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/debug',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/os',\n 'content/tus/rhel/server/7/7.6/x86_64/optional/source/SRPMS',\n 'content/tus/rhel/server/7/7.6/x86_64/os',\n 'content/tus/rhel/server/7/7.6/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'bpftool-3.10.0-957.99.1.el7', 'sp':'6', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel / kernel-abi-whitelists / kernel-debug / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-25T00:45:36", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:7885 advisory.\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-09T00:00:00", "type": "nessus", "title": "RHEL 8 : kpatch-patch (RHSA-2022:7885)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2588"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:rhel_e4s:8.2", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_80_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_81_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_87_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_90_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_91_1"], "id": "REDHAT-RHSA-2022-7885.NASL", "href": "https://www.tenable.com/plugins/nessus/167205", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:7885. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167205);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2022-2588\");\n script_xref(name:\"RHSA\", value:\"2022:7885\");\n\n script_name(english:\"RHEL 8 : kpatch-patch (RHSA-2022:7885)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:7885 advisory.\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation\n (CVE-2022-2588)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2588\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:7885\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2114849\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2588\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_80_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_81_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_87_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_90_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-193_91_1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.2')) audit(AUDIT_OS_NOT, 'Red Hat 8.2', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar kernel_live_checks = [\n {\n 'repo_relative_urls': [\n 'content/e4s/rhel8/8.2/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.2/x86_64/appstream/os',\n 'content/e4s/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.2/x86_64/baseos/os',\n 'content/e4s/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap/os',\n 'content/e4s/rhel8/8.2/x86_64/sap/source/SRPMS'\n ],\n 'kernels': {\n '4.18.0-193.80.1.el8_2.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_80_1-1-2.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-193.81.1.el8_2.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_81_1-1-2.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-193.87.1.el8_2.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_87_1-1-1.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-193.90.1.el8_2.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_90_1-1-1.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-193.91.1.el8_2.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-193_91_1-1-1.el8_2', 'sp':'2', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n }\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:kernel_live_checks);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar kernel_affected = FALSE;\nforeach var kernel_array ( kernel_live_checks ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(kernel_array['repo_relative_urls'])) repo_relative_urls = kernel_array['repo_relative_urls'];\n var kpatch_details = kernel_array['kernels'][uname_r];\n if (empty_or_null(kpatch_details)) continue;\n kernel_affected = TRUE;\n foreach var pkg ( kpatch_details['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n# No kpatch details found for the running kernel version\nif (!kernel_affected) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Update Services for SAP Solutions repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-4_18_0-193_80_1 / kpatch-patch-4_18_0-193_81_1 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-25T03:25:43", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:6978 advisory.\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-18T00:00:00", "type": "nessus", "title": "RHEL 8 : kpatch-patch (RHSA-2022:6978)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2588"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_tus:8.4", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_25_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_45_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_49_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_57_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_62_1"], "id": "REDHAT-RHSA-2022-6978.NASL", "href": "https://www.tenable.com/plugins/nessus/166180", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:6978. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166180);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2022-2588\");\n script_xref(name:\"RHSA\", value:\"2022:6978\");\n\n script_name(english:\"RHEL 8 : kpatch-patch (RHSA-2022:6978)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:6978 advisory.\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation\n (CVE-2022-2588)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2588\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:6978\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2114849\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2588\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_25_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_45_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_49_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_57_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-305_62_1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.4')) audit(AUDIT_OS_NOT, 'Red Hat 8.4', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar kernel_live_checks = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'kernels': {\n '4.18.0-305.25.1.el8_4.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_25_1-1-9.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.45.1.el8_4.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_45_1-1-3.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.49.1.el8_4.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_49_1-1-2.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.57.1.el8_4.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_57_1-1-1.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-305.62.1.el8_4.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-305_62_1-1-1.el8_4', 'sp':'4', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n }\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:kernel_live_checks);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar kernel_affected = FALSE;\nforeach var kernel_array ( kernel_live_checks ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(kernel_array['repo_relative_urls'])) repo_relative_urls = kernel_array['repo_relative_urls'];\n var kpatch_details = kernel_array['kernels'][uname_r];\n if (empty_or_null(kpatch_details)) continue;\n kernel_affected = TRUE;\n foreach var pkg ( kpatch_details['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n# No kpatch details found for the running kernel version\nif (!kernel_affected) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-4_18_0-305_25_1 / kpatch-patch-4_18_0-305_45_1 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-25T04:58:39", "description": "The remote OracleVM system is missing necessary patches to address security updates:\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-10T00:00:00", "type": "nessus", "title": "OracleVM 3.4 : kernel-uek (OVMSA-2022-0022)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2588"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:oracle:vm:kernel-uek", "p-cpe:/a:oracle:vm:kernel-uek-firmware", "cpe:/o:oracle:vm_server:3.4"], "id": "ORACLEVM_OVMSA-2022-0022.NASL", "href": "https://www.tenable.com/plugins/nessus/164039", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were\n# extracted from OracleVM Security Advisory OVMSA-2022-0022.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(164039);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2022-2588\");\n\n script_name(english:\"OracleVM 3.4 : kernel-uek (OVMSA-2022-0022)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote OracleVM host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote OracleVM system is missing necessary patches to address security updates:\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/cve/CVE-2022-2588.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/OVMSA-2022-0022.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel-uek / kernel-uek-firmware packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2588\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:vm:kernel-uek-firmware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:vm_server:3.4\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"OracleVM Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleVM/release\", \"Host/OracleVM/rpm-list\");\n\n exit(0);\n}\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/OracleVM/release\");\nif (isnull(release) || \"OVS\" >!< release) audit(AUDIT_OS_NOT, \"OracleVM\");\nif (! preg(pattern:\"^OVS\" + \"3\\.4\" + \"(\\.[0-9]|$)\", string:release)) audit(AUDIT_OS_NOT, \"OracleVM 3.4\", \"OracleVM \" + release);\nif (!get_kb_item(\"Host/OracleVM/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"OracleVM\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['4.1.12-124.65.1.1.el6uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for OVMSA-2022-0022');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '4.1';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-4.1.12-124.65.1.1.el6uek', 'cpu':'x86_64', 'release':'3.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.1.12'},\n {'reference':'kernel-uek-firmware-4.1.12-124.65.1.1.el6uek', 'cpu':'x86_64', 'release':'3.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-4.1.12'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'OVS' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-firmware');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-25T05:06:33", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:7344 advisory.\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-03T00:00:00", "type": "nessus", "title": "RHEL 7 : kpatch-patch (RHSA-2022:7344)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2588"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_62_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_66_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_71_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_76_1"], "id": "REDHAT-RHSA-2022-7344.NASL", "href": "https://www.tenable.com/plugins/nessus/166879", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:7344. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166879);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2022-2588\");\n script_xref(name:\"RHSA\", value:\"2022:7344\");\n\n script_name(english:\"RHEL 7 : kpatch-patch (RHSA-2022:7344)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:7344 advisory.\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation\n (CVE-2022-2588)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2588\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:7344\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2114849\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2588\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_62_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_66_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_71_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-3_10_0-1160_76_1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar kernel_live_checks = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel/client/7/7Client/x86_64/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/os',\n 'content/dist/rhel/client/7/7Client/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/client/7/7Client/x86_64/os',\n 'content/dist/rhel/client/7/7Client/x86_64/source/SRPMS',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/debug',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/os',\n 'content/dist/rhel/client/7/7Client/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/source/SRPMS',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/debug',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/os',\n 'content/dist/rhel/computenode/7/7ComputeNode/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/os',\n 'content/dist/rhel/server/7/7Server/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/os',\n 'content/dist/rhel/server/7/7Server/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/os',\n 'content/dist/rhel/server/7/7Server/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/server/7/7Server/x86_64/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/os',\n 'content/dist/rhel/server/7/7Server/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/os',\n 'content/dist/rhel/server/7/7Server/x86_64/rt/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap-hana/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/os',\n 'content/dist/rhel/server/7/7Server/x86_64/sap/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/source/SRPMS',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/debug',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/os',\n 'content/dist/rhel/server/7/7Server/x86_64/supplementary/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/optional/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/oracle-java-rm/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/source/SRPMS',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/debug',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/os',\n 'content/dist/rhel/workstation/7/7Workstation/x86_64/supplementary/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/debug',\n 'content/fastrack/rhel/client/7/x86_64/optional/os',\n 'content/fastrack/rhel/client/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/client/7/x86_64/os',\n 'content/fastrack/rhel/client/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/debug',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/os',\n 'content/fastrack/rhel/computenode/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/computenode/7/x86_64/os',\n 'content/fastrack/rhel/computenode/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/debug',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/os',\n 'content/fastrack/rhel/server/7/x86_64/highavailability/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/optional/debug',\n 'content/fastrack/rhel/server/7/x86_64/optional/os',\n 'content/fastrack/rhel/server/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/debug',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/os',\n 'content/fastrack/rhel/server/7/x86_64/resilientstorage/source/SRPMS',\n 'content/fastrack/rhel/server/7/x86_64/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/debug',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/os',\n 'content/fastrack/rhel/workstation/7/x86_64/optional/source/SRPMS',\n 'content/fastrack/rhel/workstation/7/x86_64/os',\n 'content/fastrack/rhel/workstation/7/x86_64/source/SRPMS'\n ],\n 'kernels': {\n '3.10.0-1160.62.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1160_62_1-1-3.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1160.66.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1160_66_1-1-2.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1160.71.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1160_71_1-1-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '3.10.0-1160.76.1.el7.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-3_10_0-1160_76_1-1-1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n }\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:kernel_live_checks);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar kernel_affected = FALSE;\nforeach var kernel_array ( kernel_live_checks ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(kernel_array['repo_relative_urls'])) repo_relative_urls = kernel_array['repo_relative_urls'];\n var kpatch_details = kernel_array['kernels'][uname_r];\n if (empty_or_null(kpatch_details)) continue;\n kernel_affected = TRUE;\n foreach var pkg ( kpatch_details['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n# No kpatch details found for the running kernel version\nif (!kernel_affected) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-3_10_0-1160_62_1 / kpatch-patch-3_10_0-1160_66_1 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-25T10:36:11", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:7146 advisory.\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-25T00:00:00", "type": "nessus", "title": "RHEL 7 : kernel (RHSA-2022:7146)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2588"], "modified": "2023-01-23T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:7.4", "p-cpe:/a:redhat:enterprise_linux:kernel", "p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists", "p-cpe:/a:redhat:enterprise_linux:kernel-debug", "p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-devel", "p-cpe:/a:redhat:enterprise_linux:kernel-headers", "p-cpe:/a:redhat:enterprise_linux:kernel-tools", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs", "p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel", "p-cpe:/a:redhat:enterprise_linux:perf", "p-cpe:/a:redhat:enterprise_linux:python-perf"], "id": "REDHAT-RHSA-2022-7146.NASL", "href": "https://www.tenable.com/plugins/nessus/166477", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:7146. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166477);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/23\");\n\n script_cve_id(\"CVE-2022-2588\");\n script_xref(name:\"RHSA\", value:\"2022:7146\");\n\n script_name(english:\"RHEL 7 : kernel (RHSA-2022:7146)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:7146 advisory.\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation\n (CVE-2022-2588)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2588\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:7146\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2114849\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2588\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-perf\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '7.4')) audit(AUDIT_OS_NOT, 'Red Hat 7.4', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2022-2588');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for RHSA-2022:7146');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel/server/7/7.4/x86_64/debug',\n 'content/aus/rhel/server/7/7.4/x86_64/optional/debug',\n 'content/aus/rhel/server/7/7.4/x86_64/optional/os',\n 'content/aus/rhel/server/7/7.4/x86_64/optional/source/SRPMS',\n 'content/aus/rhel/server/7/7.4/x86_64/os',\n 'content/aus/rhel/server/7/7.4/x86_64/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'kernel-3.10.0-693.106.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-abi-whitelists-3.10.0-693.106.1.el7', 'sp':'4', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-3.10.0-693.106.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-debug-devel-3.10.0-693.106.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-devel-3.10.0-693.106.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-headers-3.10.0-693.106.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-3.10.0-693.106.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-3.10.0-693.106.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-tools-libs-devel-3.10.0-693.106.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'perf-3.10.0-693.106.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-3.10.0-693.106.1.el7', 'sp':'4', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support repository.\\n' +\n 'Access to this repository requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel / kernel-abi-whitelists / kernel-debug / kernel-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-25T08:43:05", "description": "The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9691 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-09T00:00:00", "type": "nessus", "title": "Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9691)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2588"], "modified": "2023-01-13T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:kernel-uek-container", "p-cpe:/a:oracle:linux:kernel-uek-container-debug"], "id": "ORACLELINUX_ELSA-2022-9691.NASL", "href": "https://www.tenable.com/plugins/nessus/163966", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-9691.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163966);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/13\");\n\n script_cve_id(\"CVE-2022-2588\");\n\n script_name(english:\"Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9691)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2022-9691 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-9691.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel-uek-container and / or kernel-uek-container-debug packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2588\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-container\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-container-debug\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(7|8)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7 / 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['5.4.17-2136.309.5.1.el7', '5.4.17-2136.309.5.1.el8'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2022-9691');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '5.4';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-container-5.4.17-2136.309.5.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-container-5.4.17'},\n {'reference':'kernel-uek-container-debug-5.4.17-2136.309.5.1.el7', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-container-debug-5.4.17'},\n {'reference':'kernel-uek-container-5.4.17-2136.309.5.1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-container-5.4.17'},\n {'reference':'kernel-uek-container-debug-5.4.17-2136.309.5.1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-container-debug-5.4.17'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek-container / kernel-uek-container-debug');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-25T08:43:06", "description": "The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9694 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-09T00:00:00", "type": "nessus", "title": "Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2022-9694)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2588"], "modified": "2023-01-13T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-firmware"], "id": "ORACLELINUX_ELSA-2022-9694.NASL", "href": "https://www.tenable.com/plugins/nessus/163970", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-9694.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163970);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/13\");\n\n script_cve_id(\"CVE-2022-2588\");\n\n script_name(english:\"Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2022-9694)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2022-9694 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-9694.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2588\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-firmware\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(6|7)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 6 / 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['4.1.12-124.65.1.1.el6uek', '4.1.12-124.65.1.1.el7uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2022-9694');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '4.1';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-4.1.12-124.65.1.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.1.12'},\n {'reference':'kernel-uek-debug-4.1.12-124.65.1.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.1.12'},\n {'reference':'kernel-uek-debug-devel-4.1.12-124.65.1.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.1.12'},\n {'reference':'kernel-uek-devel-4.1.12-124.65.1.1.el6uek', 'cpu':'x86_64', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.1.12'},\n {'reference':'kernel-uek-doc-4.1.12-124.65.1.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-4.1.12'},\n {'reference':'kernel-uek-firmware-4.1.12-124.65.1.1.el6uek', 'release':'6', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-4.1.12'},\n {'reference':'kernel-uek-4.1.12-124.65.1.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.1.12'},\n {'reference':'kernel-uek-debug-4.1.12-124.65.1.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.1.12'},\n {'reference':'kernel-uek-debug-devel-4.1.12-124.65.1.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.1.12'},\n {'reference':'kernel-uek-devel-4.1.12-124.65.1.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.1.12'},\n {'reference':'kernel-uek-doc-4.1.12-124.65.1.1.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-4.1.12'},\n {'reference':'kernel-uek-firmware-4.1.12-124.65.1.1.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-firmware-4.1.12'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-25T08:43:21", "description": "The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9692 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-09T00:00:00", "type": "nessus", "title": "Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9692)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2588"], "modified": "2023-01-13T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-tools", "p-cpe:/a:oracle:linux:kernel-uek-tools-libs", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2022-9692.NASL", "href": "https://www.tenable.com/plugins/nessus/163967", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-9692.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163967);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/13\");\n\n script_cve_id(\"CVE-2022-2588\");\n\n script_name(english:\"Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2022-9692)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 / 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2022-9692 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-9692.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2588\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(7|8)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7 / 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['5.4.17-2136.309.5.1.el7uek', '5.4.17-2136.309.5.1.el8uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2022-9692');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '5.4';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-5.4.17-2136.309.5.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.4.17'},\n {'reference':'kernel-uek-5.4.17-2136.309.5.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.4.17'},\n {'reference':'kernel-uek-debug-5.4.17-2136.309.5.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.4.17'},\n {'reference':'kernel-uek-debug-5.4.17-2136.309.5.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.4.17'},\n {'reference':'kernel-uek-debug-devel-5.4.17-2136.309.5.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.4.17'},\n {'reference':'kernel-uek-debug-devel-5.4.17-2136.309.5.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.4.17'},\n {'reference':'kernel-uek-devel-5.4.17-2136.309.5.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.4.17'},\n {'reference':'kernel-uek-devel-5.4.17-2136.309.5.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.4.17'},\n {'reference':'kernel-uek-doc-5.4.17-2136.309.5.1.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-5.4.17'},\n {'reference':'kernel-uek-tools-5.4.17-2136.309.5.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-5.4.17'},\n {'reference':'kernel-uek-tools-5.4.17-2136.309.5.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-5.4.17'},\n {'reference':'kernel-uek-tools-libs-5.4.17-2136.309.5.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-libs-5.4.17'},\n {'reference':'perf-5.4.17-2136.309.5.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-5.4.17-2136.309.5.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-5.4.17-2136.309.5.1.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.4.17'},\n {'reference':'kernel-uek-5.4.17-2136.309.5.1.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.4.17'},\n {'reference':'kernel-uek-debug-5.4.17-2136.309.5.1.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.4.17'},\n {'reference':'kernel-uek-debug-5.4.17-2136.309.5.1.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.4.17'},\n {'reference':'kernel-uek-debug-devel-5.4.17-2136.309.5.1.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.4.17'},\n {'reference':'kernel-uek-debug-devel-5.4.17-2136.309.5.1.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.4.17'},\n {'reference':'kernel-uek-devel-5.4.17-2136.309.5.1.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.4.17'},\n {'reference':'kernel-uek-devel-5.4.17-2136.309.5.1.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.4.17'},\n {'reference':'kernel-uek-doc-5.4.17-2136.309.5.1.el8uek', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-5.4.17'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-25T17:06:35", "description": "The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2022:7137 advisory.\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-25T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : kpatch-patch (ALSA-2022:7137)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2588"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:alma:linux:kernel", "cpe:/o:alma:linux:8", "cpe:/o:alma:linux:8::baseos"], "id": "ALMA_LINUX_ALSA-2022-7137.NASL", "href": "https://www.tenable.com/plugins/nessus/166510", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2022:7137.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166510);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2022-2588\");\n script_xref(name:\"ALSA\", value:\"2022:7137\");\n\n script_name(english:\"AlmaLinux 8 : kpatch-patch (ALSA-2022:7137)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the\nALSA-2022:7137 advisory.\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation\n (CVE-2022-2588)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2022-7137.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2588\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8::baseos\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('ksplice.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(os_release) || 'AlmaLinux' >!< os_release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nif (get_one_kb_item('Host/ksplice/kernel-cves'))\n{\n rm_kb_item(name:'Host/uptrack-uname-r');\n var cve_list = make_list('CVE-2022-2588');\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ALSA-2022:7137');\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\nvar pkgs = [\n {'reference':'kernel-4.18.0-372.9.1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-26T00:00:43", "description": "The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9690 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-09T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9690)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2588"], "modified": "2023-01-13T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:kernel-uek-container", "p-cpe:/a:oracle:linux:kernel-uek-container-debug"], "id": "ORACLELINUX_ELSA-2022-9690.NASL", "href": "https://www.tenable.com/plugins/nessus/163968", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-9690.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163968);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/13\");\n\n script_cve_id(\"CVE-2022-2588\");\n\n script_name(english:\"Oracle Linux 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9690)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2022-9690 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-9690.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected kernel-uek-container and / or kernel-uek-container-debug packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2588\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-container\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-container-debug\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\nif ('x86_64' >!< cpu) audit(AUDIT_ARCH_NOT, 'x86_64', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['5.15.0-1.43.4.1.el8'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2022-9690');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '5.15';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-container-5.15.0-1.43.4.1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-container-5.15.0'},\n {'reference':'kernel-uek-container-debug-5.15.0-1.43.4.1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-container-debug-5.15.0'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek-container / kernel-uek-container-debug');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-02-04T03:02:12", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:7137 advisory.\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-26T00:00:00", "type": "nessus", "title": "RHEL 8 : kpatch-patch (RHSA-2022:7137)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2588"], "modified": "2023-02-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-372_13_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-372_16_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-372_19_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-372_26_1", "p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-372_9_1"], "id": "REDHAT-RHSA-2022-7137.NASL", "href": "https://www.tenable.com/plugins/nessus/166542", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:7137. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166542);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/02\");\n\n script_cve_id(\"CVE-2022-2588\");\n script_xref(name:\"RHSA\", value:\"2022:7137\");\n\n script_name(english:\"RHEL 8 : kpatch-patch (RHSA-2022:7137)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2022:7137 advisory.\n\n - kernel: a use-after-free in cls_route filter implementation may lead to privilege escalation\n (CVE-2022-2588)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2588\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:7137\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2114849\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2588\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-372_13_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-372_16_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-372_19_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-372_26_1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:kpatch-patch-4_18_0-372_9_1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar uname_r = get_kb_item(\"Host/uname-r\");\nif (empty_or_null(uname_r)) audit(AUDIT_UNKNOWN_APP_VER, \"kernel\");\n\nvar kernel_live_checks = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'kernels': {\n '4.18.0-372.13.1.el8_6.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-372_13_1-1-2.el8_6', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-372.16.1.el8_6.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-372_16_1-1-2.el8_6', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-372.19.1.el8_6.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-372_19_1-1-1.el8_6', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-372.26.1.el8_6.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-372_26_1-1-1.el8_6', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-372.9.1.el8.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-372_9_1-1-3.el8', 'sp':'6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n }\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'kernels': {\n '4.18.0-372.13.1.el8_6.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-372_13_1-1-2.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-372.16.1.el8_6.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-372_16_1-1-2.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-372.19.1.el8_6.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-372_19_1-1-1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-372.26.1.el8_6.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-372_26_1-1-1.el8_6', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n ]\n },\n '4.18.0-372.9.1.el8.x86_64': {\n 'pkgs': [\n {'reference':'kpatch-patch-4_18_0-372_9_1-1-3.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n }\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:kernel_live_checks);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nvar kernel_affected = FALSE;\nforeach var kernel_array ( kernel_live_checks ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(kernel_array['repo_relative_urls'])) repo_relative_urls = kernel_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n var kpatch_details = kernel_array['kernels'][uname_r];\n if (empty_or_null(kpatch_details)) continue;\n kernel_affected = TRUE;\n foreach var pkg ( kpatch_details['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n# No kpatch details found for the running kernel version\nif (!kernel_affected) audit(AUDIT_INST_VER_NOT_VULN, 'kernel', uname_r);\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kpatch-patch-4_18_0-372_13_1 / kpatch-patch-4_18_0-372_16_1 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-25T03:18:55", "description": "The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9689 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-09T00:00:00", "type": "nessus", "title": "Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2022-9689)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2588"], "modified": "2023-01-13T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "cpe:/o:oracle:linux:9", "p-cpe:/a:oracle:linux:bpftool", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-core", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-core", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-debug-modules", "p-cpe:/a:oracle:linux:kernel-uek-debug-modules-extra", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-modules", "p-cpe:/a:oracle:linux:kernel-uek-modules-extra"], "id": "ORACLELINUX_ELSA-2022-9689.NASL", "href": "https://www.tenable.com/plugins/nessus/163965", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-9689.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163965);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/13\");\n\n script_cve_id(\"CVE-2022-2588\");\n\n script_name(english:\"Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2022-9689)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2022-9689 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-9689.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2588\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:bpftool\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-modules-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-modules-extra\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^(8|9)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8 / 9', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['5.15.0-1.43.4.1.el8uek', '5.15.0-1.43.4.1.el9uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2022-9689');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '5.15';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'bpftool-5.15.0-1.43.4.1.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bpftool-5.15.0-1.43.4.1.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-5.15.0-1.43.4.1.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.15.0'},\n {'reference':'kernel-uek-5.15.0-1.43.4.1.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.15.0'},\n {'reference':'kernel-uek-core-5.15.0-1.43.4.1.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-core-5.15.0'},\n {'reference':'kernel-uek-core-5.15.0-1.43.4.1.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-core-5.15.0'},\n {'reference':'kernel-uek-debug-5.15.0-1.43.4.1.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.15.0'},\n {'reference':'kernel-uek-debug-5.15.0-1.43.4.1.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.15.0'},\n {'reference':'kernel-uek-debug-core-5.15.0-1.43.4.1.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-core-5.15.0'},\n {'reference':'kernel-uek-debug-core-5.15.0-1.43.4.1.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-core-5.15.0'},\n {'reference':'kernel-uek-debug-devel-5.15.0-1.43.4.1.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.15.0'},\n {'reference':'kernel-uek-debug-devel-5.15.0-1.43.4.1.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.15.0'},\n {'reference':'kernel-uek-debug-modules-5.15.0-1.43.4.1.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-modules-5.15.0'},\n {'reference':'kernel-uek-debug-modules-5.15.0-1.43.4.1.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-modules-5.15.0'},\n {'reference':'kernel-uek-debug-modules-extra-5.15.0-1.43.4.1.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-modules-extra-5.15.0'},\n {'reference':'kernel-uek-debug-modules-extra-5.15.0-1.43.4.1.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-modules-extra-5.15.0'},\n {'reference':'kernel-uek-devel-5.15.0-1.43.4.1.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.15.0'},\n {'reference':'kernel-uek-devel-5.15.0-1.43.4.1.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.15.0'},\n {'reference':'kernel-uek-doc-5.15.0-1.43.4.1.el8uek', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-5.15.0'},\n {'reference':'kernel-uek-modules-5.15.0-1.43.4.1.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-modules-5.15.0'},\n {'reference':'kernel-uek-modules-5.15.0-1.43.4.1.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-modules-5.15.0'},\n {'reference':'kernel-uek-modules-extra-5.15.0-1.43.4.1.el8uek', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-modules-extra-5.15.0'},\n {'reference':'kernel-uek-modules-extra-5.15.0-1.43.4.1.el8uek', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-modules-extra-5.15.0'},\n {'reference':'bpftool-5.15.0-1.43.4.1.el9uek', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'bpftool-5.15.0-1.43.4.1.el9uek', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'kernel-uek-5.15.0-1.43.4.1.el9uek', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.15.0'},\n {'reference':'kernel-uek-5.15.0-1.43.4.1.el9uek', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-5.15.0'},\n {'reference':'kernel-uek-core-5.15.0-1.43.4.1.el9uek', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-core-5.15.0'},\n {'reference':'kernel-uek-core-5.15.0-1.43.4.1.el9uek', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-core-5.15.0'},\n {'reference':'kernel-uek-debug-5.15.0-1.43.4.1.el9uek', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.15.0'},\n {'reference':'kernel-uek-debug-5.15.0-1.43.4.1.el9uek', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-5.15.0'},\n {'reference':'kernel-uek-debug-core-5.15.0-1.43.4.1.el9uek', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-core-5.15.0'},\n {'reference':'kernel-uek-debug-core-5.15.0-1.43.4.1.el9uek', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-core-5.15.0'},\n {'reference':'kernel-uek-debug-devel-5.15.0-1.43.4.1.el9uek', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.15.0'},\n {'reference':'kernel-uek-debug-devel-5.15.0-1.43.4.1.el9uek', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-5.15.0'},\n {'reference':'kernel-uek-debug-modules-5.15.0-1.43.4.1.el9uek', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-modules-5.15.0'},\n {'reference':'kernel-uek-debug-modules-5.15.0-1.43.4.1.el9uek', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-modules-5.15.0'},\n {'reference':'kernel-uek-debug-modules-extra-5.15.0-1.43.4.1.el9uek', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-modules-extra-5.15.0'},\n {'reference':'kernel-uek-debug-modules-extra-5.15.0-1.43.4.1.el9uek', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-modules-extra-5.15.0'},\n {'reference':'kernel-uek-devel-5.15.0-1.43.4.1.el9uek', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.15.0'},\n {'reference':'kernel-uek-devel-5.15.0-1.43.4.1.el9uek', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-5.15.0'},\n {'reference':'kernel-uek-doc-5.15.0-1.43.4.1.el9uek', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-5.15.0'},\n {'reference':'kernel-uek-modules-5.15.0-1.43.4.1.el9uek', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-modules-5.15.0'},\n {'reference':'kernel-uek-modules-5.15.0-1.43.4.1.el9uek', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-modules-5.15.0'},\n {'reference':'kernel-uek-modules-extra-5.15.0-1.43.4.1.el9uek', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-modules-extra-5.15.0'},\n {'reference':'kernel-uek-modules-extra-5.15.0-1.43.4.1.el9uek', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-modules-extra-5.15.0'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'bpftool / kernel-uek / kernel-uek-core / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-25T16:39:49", "description": "The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9693 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-08-09T00:00:00", "type": "nessus", "title": "Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2022-9693)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2588"], "modified": "2023-01-13T00:00:00", "cpe": ["cpe:/o:oracle:linux:7", "p-cpe:/a:oracle:linux:kernel-uek", "p-cpe:/a:oracle:linux:kernel-uek-debug", "p-cpe:/a:oracle:linux:kernel-uek-debug-devel", "p-cpe:/a:oracle:linux:kernel-uek-devel", "p-cpe:/a:oracle:linux:kernel-uek-doc", "p-cpe:/a:oracle:linux:kernel-uek-headers", "p-cpe:/a:oracle:linux:kernel-uek-tools", "p-cpe:/a:oracle:linux:kernel-uek-tools-libs", "p-cpe:/a:oracle:linux:kernel-uek-tools-libs-devel", "p-cpe:/a:oracle:linux:perf", "p-cpe:/a:oracle:linux:python-perf"], "id": "ORACLELINUX_ELSA-2022-9693.NASL", "href": "https://www.tenable.com/plugins/nessus/163971", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2022-9693.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(163971);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/13\");\n\n script_cve_id(\"CVE-2022-2588\");\n\n script_name(english:\"Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2022-9693)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2022-9693 advisory.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2022-9693.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:C/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2588\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/08/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-debug-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-tools-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:kernel-uek-tools-libs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-perf\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"linux_alt_patch_detect.nasl\", \"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('ksplice.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 7', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar machine_uptrack_level = get_one_kb_item('Host/uptrack-uname-r');\nif (machine_uptrack_level)\n{\n var trimmed_uptrack_level = ereg_replace(string:machine_uptrack_level, pattern:\"\\.(x86_64|i[3-6]86|aarch64)$\", replace:'');\n var fixed_uptrack_levels = ['4.14.35-2047.516.1.1.el7uek'];\n foreach var fixed_uptrack_level ( fixed_uptrack_levels ) {\n if (rpm_spec_vers_cmp(a:trimmed_uptrack_level, b:fixed_uptrack_level) >= 0)\n {\n audit(AUDIT_PATCH_INSTALLED, 'KSplice hotfix for ELSA-2022-9693');\n }\n }\n __rpm_report = 'Running KSplice level of ' + trimmed_uptrack_level + ' does not meet the minimum fixed level of ' + join(fixed_uptrack_levels, sep:' / ') + ' for this advisory.\\n\\n';\n}\n\nvar kernel_major_minor = get_kb_item('Host/uname/major_minor');\nif (empty_or_null(kernel_major_minor)) exit(1, 'Unable to determine kernel major-minor level.');\nvar expected_kernel_major_minor = '4.14';\nif (kernel_major_minor != expected_kernel_major_minor)\n audit(AUDIT_OS_NOT, 'running kernel level ' + expected_kernel_major_minor + ', it is running kernel level ' + kernel_major_minor);\n\nvar pkgs = [\n {'reference':'kernel-uek-4.14.35-2047.516.1.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.14.35'},\n {'reference':'kernel-uek-4.14.35-2047.516.1.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-4.14.35'},\n {'reference':'kernel-uek-debug-4.14.35-2047.516.1.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.14.35'},\n {'reference':'kernel-uek-debug-4.14.35-2047.516.1.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-4.14.35'},\n {'reference':'kernel-uek-debug-devel-4.14.35-2047.516.1.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.14.35'},\n {'reference':'kernel-uek-debug-devel-4.14.35-2047.516.1.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-debug-devel-4.14.35'},\n {'reference':'kernel-uek-devel-4.14.35-2047.516.1.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.14.35'},\n {'reference':'kernel-uek-devel-4.14.35-2047.516.1.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-devel-4.14.35'},\n {'reference':'kernel-uek-doc-4.14.35-2047.516.1.1.el7uek', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-doc-4.14.35'},\n {'reference':'kernel-uek-headers-4.14.35-2047.516.1.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-headers-4.14.35'},\n {'reference':'kernel-uek-tools-4.14.35-2047.516.1.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-4.14.35'},\n {'reference':'kernel-uek-tools-4.14.35-2047.516.1.1.el7uek', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-4.14.35'},\n {'reference':'kernel-uek-tools-libs-4.14.35-2047.516.1.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-libs-4.14.35'},\n {'reference':'kernel-uek-tools-libs-devel-4.14.35-2047.516.1.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'kernel-uek-tools-libs-devel-4.14.35'},\n {'reference':'perf-4.14.35-2047.516.1.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-perf-4.14.35-2047.516.1.1.el7uek', 'cpu':'aarch64', 'release':'7', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release) {\n if (exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'kernel-uek / kernel-uek-debug / kernel-uek-debug-devel / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-01-25T03:28:26", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7173 advisory.\n\n - kernel: use-after-free in route4_change() in net/sched/cls_route.c (CVE-2021-3715)\n
Denial Of Service (DoS)
