ELSA-2019-4575

Описание

[4.1.12-124.26.1]

• NFS: commit direct writes even if they fail partially (J. Bruce Fields) [Orabug: 28212440]
• rds: update correct congestion map for loopback transport (Mukesh Kacker) [Orabug: 29175685]
• ext4: only look at the bg_flags field if it is valid (Theodore Tso) [Orabug: 29316684] {CVE-2018-10876} {CVE-2018-10876}
• uek-rpm: Add kernel-uek version to kernel-ueknano provides (Somasundaram Krishnasamy) [Orabug: 29357643]
• net: Set sk_prot_creator when cloning sockets to the right proto (Christoph Paasch) [Orabug: 29422739] {CVE-2018-9568}
• ext4: always check block group bounds in ext4_init_block_bitmap() (Theodore Tso) [Orabug: 29428607] {CVE-2018-10878}
• ext4: make sure bitmaps and the inode table dont overlap with bg descriptors (Theodore Tso) [Orabug: 29428607] {CVE-2018-10878}
• vfs: Add sb_rdonly(sb) to query the MS_RDONLY flag on s_flags (David Howells) [Orabug: 29428607] {CVE-2018-10878}
• iscsi: Capture iscsi debug messages using tracepoints (Fred Herard) [Orabug: 29429855]

[4.1.12-124.25.4]

• KEYS: add missing permission check for request_key() destination (Eric Biggers) [Orabug: 29304551] {CVE-2017-17807}
• KEYS: Dont permit request_key() to construct a new keyring (David Howells) [Orabug: 29304551] {CVE-2017-17807}
• mlx4_ib: Distribute completion vectors when zero is supplied (Hakon Bugge) [Orabug: 29318191]
• bnxt_en: Fix TX timeout during netpoll. (Michael Chan) [Orabug: 29357977]
• bnxt_en: Fix for system hang if request_irq fails (Vikas Gupta) [Orabug: 29357977]
• bnxt_en: Fix firmware message delay loop regression. (Michael Chan) [Orabug: 29357977]
• bnxt_en: reduce timeout on initial HWRM calls (Andy Gospodarek) [Orabug: 29357977]
• bnxt_en: Fix NULL pointer dereference at bnxt_free_irq(). (Michael Chan) [Orabug: 29357977]
• bnxt_en: Check valid VNIC ID in bnxt_hwrm_vnic_set_tpa(). (Michael Chan) [Orabug: 29357977]
• bnxt_en: Do not modify max IRQ count after RDMA driver requests/frees IRQs. (Michael Chan) [Orabug: 29357977]
• mm: cleancache: fix corruption on missed inode invalidation (Pavel Tikhomirov) [Orabug: 29364670] {CVE-2018-16862}
• l2tp: fix reading optional fields of L2TPv3 (Jacob Wen) [Orabug: 29368048]
• net/packet: fix a race in packet_bind() and packet_notifier() (Eric Dumazet) [Orabug: 29385593] {CVE-2018-18559}
• ext4: verify the depth of extent tree in ext4_find_extent() (Theodore Tso) [Orabug: 29396712] {CVE-2018-10877} {CVE-2018-10877}

[4.1.12-124.25.3]

• blk-mq: Do not invoke .queue_rq() for a stopped queue (Bart Van Assche) [Orabug: 28766011]
• uek-rpm: use multi-threaded xz compression for rpms (Alexander Burmashev) [Orabug: 29323635]
• uek-rpm: optimize find-requires usage (Alexander Burmashev) [Orabug: 29323635]
• find-debuginfo.sh: backport parallel files procession (Alexander Burmashev) [Orabug: 29323635]
• KVM: SVM: Add MSR-based feature support for serializing LFENCE (Tom Lendacky) [Orabug: 29335274]

[4.1.12-124.25.2]

• Enable RANDOMIZE_BASE (John Haxby) [Orabug: 29305587]
• slub: make ->cpu_partial unsigned (Alexey Dobriyan) [Orabug: 28620592]
• dtrace: support kernels built with RANDOMIZE_BASE (Kris Van Hees) [Orabug: 29204005]