ELSA-2019-4541

Описание

[4.14.35-1844.2.5]

• x86/apic: Switch all APICs to Fixed delivery mode (Thomas Gleixner) [Orabug: 29262403]

[4.14.35-1844.2.4]

• x86/platform/UV: Add check of TSC state set by UV BIOS (mike.travis@hpe.com) [Orabug: 29205471]
• x86/tsc: Provide a means to disable TSC ART (mike.travis@hpe.com) [Orabug: 29205471]
• x86/tsc: Drastically reduce the number of firmware bug warnings (mike.travis@hpe.com) [Orabug: 29205471]
• x86/tsc: Skip TSC test and error messages if already unstable (mike.travis@hpe.com) [Orabug: 29205471]
• x86/tsc: Add option that TSC on Socket 0 being non-zero is valid (mike.travis@hpe.com) [Orabug: 29205471]
• scsi: lpfc: Enable Management features for IF_TYPE=6 (James Smart) [Orabug: 29248376]

[4.14.35-1844.2.3]

• RDS: Heap OOB write in rds_message_alloc_sgs() (Mohamed Ghannam) [Orabug: 28983233]
• proc: restrict kernel stack dumps to root (Jann Horn) [Orabug: 29114876] {CVE-2018-17972}
• rds: congestion updates can be missed when kernel low on memory (Mukesh Kacker) [Orabug: 29200902]
• x86/retpoline: Make CONFIG_RETPOLINE depend on compiler support (Zhenzhong Duan) [Orabug: 29211613]
• xen-netback: wake up xenvif_dealloc_kthread when it should stop (Dongli Zhang) [Orabug: 29237355]
• xen/blkback: rework validate_io_op() (Dongli Zhang) [Orabug: 29237430]
• xen/blkback: optimize validate_io_op() to filter BLKIF_OP_RESERVED_1 operation (Dongli Zhang) [Orabug: 29237430]
• xen/blkback: do not BUG() for invalid blkif_request from frontend (Dongli Zhang) [Orabug: 29237430]
• net/rds: WARNING: at net/rds/recv.c:222 rds_recv_hs_exthdrs+0xf8/0x1e0 (Venkat Venkatsubra) [Orabug: 29248238]
• kvm: x86: Add AMDs EX_CFG to the list of ignored MSRs (Eduardo Habkost) [Orabug: 29254549]
• alarmtimer: Prevent overflow for relative nanosleep (Thomas Gleixner) [Orabug: 29269148] {CVE-2018-13053}

[4.14.35-1844.2.2]

• genirq/affinity: Dont return with empty affinity masks on error (Thomas Gleixner) [Orabug: 29209330]
• x86/apic/x2apic: set affinity of a single interrupt to one cpu (Jianchao Wang) [Orabug: 29201434]
• uek-rpm: Update x86_64 config options (Victor Erminpour) [Orabug: 29129556]
• net: rds: fix excess initialization of the recv SGEs (Zhu Yanjun) [Orabug: 29004501]
• nvme-pci: fix memory leak on probe failure (Keith Busch) [Orabug: 29214245]
• nvme-pci: limit max IO size and segments to avoid high order allocations (Jens Axboe) [Orabug: 29214245]
• arm64, dtrace: add non-virtual clocksources to fbt blacklist (Nick Alcock) [Orabug: 29220926]
• net/rds: ib: Fix endless RNR Retries caused by memory allocation failures (Venkat Venkatsubra) [Orabug: 29222874]
• x86/speculation: simplify IBRS firmware control (Alexandre Chartre) [Orabug: 29225114]
• x86/speculation: use jump label instead of alternative to control IBRS firmware (Alexandre Chartre) [Orabug: 29225114]
• x86/speculation: fix and simplify IBPB control (Alexandre Chartre) [Orabug: 29225114]
• x86/speculation: use jump label instead of alternative to control IBPB (Alexandre Chartre) [Orabug: 29225114]
• x86/speculation: move ANNOTATE_* macros to a new header file (Alexandre Chartre) [Orabug: 29225114]
• be2net: Update the driver version to 12.0.0.0 (Suresh Reddy) [Orabug: 29228473]
• be2net: Handle transmit completion errors in Lancer (Suresh Reddy) [Orabug: 29228473]
• be2net: Fix HW stall issue in Lancer (Suresh Reddy) [Orabug: 29228473]
• x86/platform/UV: Fix GAM MMR references in the UV x2apic code (Mike Travis) [Orabug: 29205471]
• x86/platform/UV: Fix GAM MMR changes in UV4A (Mike Travis) [Orabug: 29205471]
• x86/platform/UV: Add references to access fixed UV4A HUB MMRs (Mike Travis) [Orabug: 29205471]
• x86/platform/UV: Fix UV4A support on new Intel Processors (Mike Travis) [Orabug: 29205471]
• x86/platform/UV: Update uv_mmrs.h to prepare for UV4A fixes (Mike Travis) [Orabug: 29205471]

[4.14.35-1844.2.1]

• rds: Incorrect rds-info send and retransmission message output (Ka-Cheong Poon) [Orabug: 29024033]
• mlx4_core: Disable P_Key Violation Traps (Hakon Bugge) [Orabug: 28861014]
• rds: ib: Use a delay when reconnecting to the very same IP address (Hakon Bugge) [Orabug: 29161391]
• KVM: Fix UAF in nested posted interrupt processing (Cfir Cohen) [Orabug: 29172125] {CVE-2018-16882}
• x86/alternative: check int3 breakpoint physical addresses (Alexandre Chartre) [Orabug: 29178334]
• Change mincore() to count 'mapped' pages rather than 'cached' pages (Linus Torvalds) [Orabug: 29187408] {CVE-2019-5489}
• net/rds: RDS connection does not reconnect after CQ access violation error (Venkat Venkatsubra) [Orabug: 29180514]

[4.14.35-1844.2.0]

• userfaultfd: check VM_MAYWRITE was set after verifying the uffd is registered (Andrea Arcangeli) [Orabug: 29163742] {CVE-2018-18397}
• userfaultfd: shmem/hugetlbfs: only allow to register VM_MAYWRITE vmas (Andrea Arcangeli) [Orabug: 29163742] {CVE-2018-18397}
• ocfs2: dont clear bh uptodate for block read (Junxiao Bi) [Orabug: 29159655]
• ocfs2: clear journal dirty flag after shutdown journal (Junxiao Bi) [Orabug: 29154599]
• ocfs2: fix panic due to unrecovered local alloc (Junxiao Bi) [Orabug: 29154599]