ELSA-2025-20319

Опубликовано: 11 мая 2025

Источник: oracle-oval

Платформа: Oracle Linux 8

Платформа: Oracle Linux 7

Описание

ELSA-2025-20319: Unbreakable Enterprise kernel security update (IMPORTANT)

[5.4.17-2136.343.5.1]

nvme: fix deadlock between reset and scan (Bitao Hu) [Orabug: 37920457]

[5.4.17-2136.343.5]

sctp: sysctl: auth_enable: avoid using current->nsproxy (Matthieu Baerts (NGI0)) [Orabug: 37846673]
sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (Matthieu Baerts (NGI0)) [Orabug: 37846668]
uek-rpm: remove .el7 from shim version (Samasth Norway Ananda) [Orabug: 37834734]

[5.4.17-2136.343.4]

bpf: Use preempt_count() directly in bpf_send_signal_common() (Hou Tao)
Revert 'sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy' (Magali Lemes)
jfs: fix slab-out-of-bounds read in ea_get() (Qasim Ijaz)
serial: 8250_dma: terminate correct DMA in tx_dma_flush() (John Keeping)
Revert 'sctp: sysctl: auth_enable: avoid using current->nsproxy' (Magali Lemes)
net: usb: usbnet: restore usb%d name exception for local mac addresses (Dominique Martinet)
vlan: fix memory leak in vlan_newlink() (Eric Dumazet)
rds: ib: Fix NULL ptr deref in rds_ib_cq_follow_affinity (Hakon Bugge) [Orabug: 37747826]

[5.4.17-2136.343.3]

LTS tag: v5.4.291 (Sherry Yang)
eeprom: digsy_mtc: Make GPIO lookup table match the device (Andy Shevchenko)
slimbus: messaging: Free transaction ID in delayed interrupt scenario (Visweswara Tanuku)
intel_th: pci: Add Panther Lake-P/U support (Alexander Shishkin)
intel_th: pci: Add Panther Lake-H support (Alexander Shishkin)
intel_th: pci: Add Arrow Lake support (Pawel Chmielewski)
Squashfs: check the inode number is not the invalid value of zero (Phillip Lougher)
xhci: pci: Fix indentation in the PCI device ID definitions (Andy Shevchenko)
usb: gadget: Check bmAttributes only if configuration is valid (Prashanth K)
usb: gadget: Fix setting self-powered state on suspend (Marek Szyprowski)
usb: gadget: Set self-powered based on MaxPower and bmAttributes (Prashanth K)
usb: typec: tcpci_rt1711h: Unmask alert interrupts to fix functionality (AngeloGioacchino Del Regno)
usb: typec: ucsi: increase timeout for PPM reset operations (Fedor Pchelkin)
usb: atm: cxacru: fix a flaw in existing endpoint checks (Nikita Zhandarovich)
usb: renesas_usbhs: Flush the notify_hotplug_work (Claudiu Beznea)
usb: quirks: Add DELAY_INIT and NO_LPM for Prolific Mass Storage Card Reader (Miao Li)
usb: renesas_usbhs: Use devm_usb_get_phy() (Claudiu Beznea)
usb: renesas_usbhs: Call clk_put() (Claudiu Beznea)
Revert 'drivers/card_reader/rtsx_usb: Restore interrupt based detection' (Christian Heusel)
gpio: rcar: Fix missing of_node_put() call (Fabrizio Castro)
net: ipv6: fix missing dst ref drop in ila lwtunnel (Justin Iurman)
net: ipv6: fix dst ref loop in ila lwtunnel (Justin Iurman)
net-timestamp: support TCP GSO case for a few missing flags (Jason Xing)
vlan: enforce underlying device type (Oscar Maes)
ppp: Fix KMSAN uninit-value warning with bpf (Jiayuan Chen)
be2net: fix sleeping while atomic bugs in be_ndo_bridge_getlink (Nikolay Aleksandrov)
drm/sched: Fix preprocessor guard (Philipp Stanner)
hwmon: fix a NULL vs IS_ERR_OR_NULL() check in xgene_hwmon_probe() (Xinghuo Chen)
llc: do not use skb_get() before dev_queue_xmit() (Eric Dumazet)
hwmon: (ad7314) Validate leading zero bits and return error (Erik Schumacher)
hwmon: (ntc_thermistor) Fix the ncpXXxh103 sensor table (Maud Spierings)
hwmon: (pmbus) Initialise page count in pmbus_identify() (Titus Rwantare)
caif_virtio: fix wrong pointer check in cfv_probe() (Vitaliy Shevtsov)
net: gso: fix ownership in __udp_gso_segment (Antoine Tenart)
HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (Zhang Lixu)
HID: google: fix unused variable warning under !CONFIG_ACPI (Yu-Chun Lin)
wifi: iwlwifi: limit printed string from FW file (Johannes Berg)
mm/page_alloc: fix uninitialized variable (Hao Zhang)
rapidio: fix an API misues when rio_add_net() fails (Haoxiang Li)
rapidio: add check for rio_add_net() in rio_scan_alloc_net() (Haoxiang Li)
wifi: nl80211: reject cooked mode if it is set along with other flags (Vitaliy Shevtsov)
wifi: cfg80211: regulatory: improve invalid hints checking (Nikita Zhandarovich)
x86/cpu: Properly parse CPUID leaf 0x2 TLB descriptor 0x63 (Ahmed S. Darwish)
x86/cpu: Validate CPUID leaf 0x2 EDX output (Ahmed S. Darwish)
x86/cacheinfo: Validate CPUID leaf 0x2 EDX output (Ahmed S. Darwish)
platform/x86: thinkpad_acpi: Add battery quirk for ThinkPad X131e (Mingcong Bai)
drm/radeon: Fix rs400_gpu_init for ATI mobility radeon Xpress 200M (Richard Thier)
ALSA: hda/realtek: update ALC222 depop optimize (Kailang Yang)
ALSA: hda: intel: Add Dell ALC3271 to power_save denylist (Hoku Ishibe)
HID: appleir: Fix potential NULL dereference at raw event handle (Daniil Dulov)
Revert 'of: reserved-memory: Fix using wrong number of cells to get property 'alignment'' (Rob Herring (Arm))
drm/amdgpu: disable BAR resize on Dell G5 SE (Alex Deucher)
drm/amdgpu: Check extended configuration space register when system uses large bar (Ma Jun)
drm/amdgpu: skip BAR resizing if the bios already did it (Alex Deucher)
acct: perform last write from workqueue (Christian Brauner)
kernel/acct.c: use dedicated helper to access rlimit values (Yang Yang)
kernel/acct.c: use #elif instead of #end and #elif (Hui Su)
drop_monitor: fix incorrect initialization order (Gavrilov Ilia)
pfifo_tail_enqueue: Drop new packet when sch->limit == 0 (Quang Le)
sched/core: Prevent rescheduling when interrupts are disabled (Thomas Gleixner)
phy: exynos5-usbdrd: fix MPLL_MULTIPLIER and SSC_REFCLKSEL masks in refclk (Kaustabh Chakraborty)
phy: tegra: xusb: reset VBUS & ID OVERRIDE (BH Hsieh)
usbnet: gl620a: fix endpoint checking in genelink_bind() (Nikita Zhandarovich)
perf/core: Fix low freq setting via IOC_PERIOD (Kan Liang)
ftrace: Avoid potential division by zero in function_stat_show() (Nikolay Kuratov)
x86/CPU: Fix warm boot hang regression on AMD SC1100 SoC systems (Russell Senior)
net: mvpp2: cls: Fixed Non IP flow, with vlan tag flow defination. (Harshal Chaudhari)
ipvs: Always clear ipvs_property flag in skb_scrub_packet() (Philo Lu)
ASoC: es8328: fix route from DAC to output (Nicolas Frattaroli)
net: cadence: macb: Synchronize stats calculations (Sean Anderson)
sunrpc: suppress warnings for unused procfs functions (Arnd Bergmann)
batman-adv: Drop unmanaged ELP metric worker (Sven Eckelmann)
batman-adv: Ignore neighbor throughput metrics in error case (Sven Eckelmann)
acct: block access to kernel internal filesystems (Christian Brauner)
ALSA: hda/conexant: Add quirk for HP ProBook 450 G4 mute LED (John Veness)
nfp: bpf: Add check for nfp_app_ctrl_msg_alloc() (Haoxiang Li)
tee: optee: Fix supplicant wait loop (Sumit Garg)
power: supply: da9150-fg: fix potential overflow (Andrey Vatoropin)
flow_dissector: Fix port range key handling in BPF conversion (Cong Wang)
flow_dissector: Fix handling of mixed port and port-range keys (Cong Wang)
net: extract port range fields from fl_flow_key (Maksym Glubokiy)
geneve: Suppress list corruption splat in geneve_destroy_tunnels(). (Kuniyuki Iwashima)
geneve: Fix use-after-free in geneve_find_dev(). (Kuniyuki Iwashima)
powerpc/code-patching: Fix KASAN hit by not flagging text patching area as VM_ALLOC (Christophe Leroy)
powerpc/64s: Rewrite __real_pte() and __rpte_to_hidx() as static inline (Christophe Leroy)
powerpc/64s/mm: Move __real_pte stubs into hash-4k.h (Michael Ellerman)
USB: gadget: f_midi: f_midi_complete to call queue_work (Jill Donahue)
usb/gadget: f_midi: Replace tasklet with work (Davidlohr Bueso)
usb/gadget: f_midi: convert tasklets to use new tasklet_setup() API (Allen Pais)
usb: dwc3: Fix timeout issue during controller enter/exit from halt state (Selvarasu Ganesan)
usb: dwc3: Increase DWC3 controller halt timeout (Wesley Cheng)
memcg: fix soft lockup in the OOM process (Chen Ridong)
mm: update mark_victim tracepoints fields (Carlos Galo)
crypto: testmgr - some more fixes to RSA test vectors (Ignat Korchagin)
crypto: testmgr - populate RSA CRT parameters in RSA test vectors (Ignat Korchagin)
crypto: testmgr - fix version number of RSA tests (lei he)
crypto: testmgr - Fix wrong test case of RSA (Lei He)
crypto: testmgr - fix wrong key length for pkcs1pad (Lei He)
driver core: bus: Fix double free in driver API bus_register() (Zijun Hu)
scsi: storvsc: Set correct data length for sending SCSI command without payload (Long Li)
vlan: move dev_put into vlan_dev_uninit (Xin Long)
vlan: introduce vlan_dev_free_egress_priority (Xin Long)
pps: Fix a use-after-free (Calvin Owens)
btrfs: avoid monopolizing a core when activating a swap file (Filipe Manana)
x86/i8253: Disable PIT timer 0 when not in use (David Woodhouse)
parport_pc: add support for ASIX AX99100 (Jiaqing Zhao)
serial: 8250_pci: add support for ASIX AX99100 (Jiaqing Zhao)
can: ems_pci: move ASIX AX99100 ids to pci_ids.h (Jiaqing Zhao)
nilfs2: protect access to buffers with no active references (Ryusuke Konishi)
nilfs2: do not force clear folio if buffer is referenced (Ryusuke Konishi)
nilfs2: do not output warnings when clearing dirty buffers (Ryusuke Konishi)
alpha: replace hardcoded stack offsets with autogenerated ones (Ivan Kokshaysky)
ndisc: extend RCU protection in ndisc_send_skb() (Eric Dumazet)
openvswitch: use RCU protection in ovs_vport_cmd_fill_info() (Eric Dumazet)
arp: use RCU protection in arp_xmit() (Eric Dumazet)
neighbour: use RCU protection in __neigh_notify() (Eric Dumazet)
neighbour: delete redundant judgment statements (Li Zetao)
ndisc: use RCU protection in ndisc_alloc_skb() (Eric Dumazet)
ipv6: use RCU protection in ip6_default_advmss() (Eric Dumazet)
ipv4: use RCU protection in inet_select_addr() (Eric Dumazet)
ipv4: use RCU protection in rt_is_expired() (Eric Dumazet)
net: add dev_net_rcu() helper (Eric Dumazet)
net: treat possible_net_t net pointer as an RCU one and add read_pnet_rcu() (Jiri Pirko)
regmap-irq: Add missing kfree() (Jiasheng Jiang)
partitions: mac: fix handling of bogus partition table (Jann Horn)
gpio: stmpe: Check return value of stmpe_reg_read in stmpe_gpio_irq_sync_unlock (Wentao Liang)
alpha: align stack for page fault and user unaligned trap handlers (Ivan Kokshaysky)
serial: 8250: Fix fifo underflow on flush (John Keeping)
alpha: make stack 16-byte aligned (most cases) (Ivan Kokshaysky)
can: j1939: j1939_sk_send_loop(): fix unable to send messages with data length zero (Alexander Holzl)
can: c_can: fix unbalanced runtime PM disable in error path (Krzysztof Kozlowski)
USB: serial: option: drop MeiG Smart defines (Johan Hovold)
USB: serial: option: fix Telit Cinterion FN990A name (Fabio Porcedda)
USB: serial: option: add Telit Cinterion FN990B compositions (Fabio Porcedda)
USB: serial: option: add MeiG Smart SLM828 (Chester A. Unal)
usb: cdc-acm: Fix handling of oversized fragments (Jann Horn)
usb: cdc-acm: Check control transfer buffer size before access (Jann Horn)
USB: cdc-acm: Fill in Renesas R-Car D3 USB Download mode quirk (Marek Vasut)
USB: hub: Ignore non-compliant devices with too many configs or interfaces (Alan Stern)
usb: gadget: f_midi: fix MIDI Streaming descriptor lengths (John Keeping)
USB: Add USB_QUIRK_NO_LPM quirk for sony xperia xz1 smartphone (Mathias Nyman)
USB: quirks: add USB_QUIRK_NO_LPM quirk for Teclast dist (Lei Huang)
USB: pci-quirks: Fix HCCPARAMS register error for LS7A EHCI (Huacai Chen)
usb: dwc2: gadget: remove of_node reference upon udc_stop (Fabrice Gasnier)
usb: gadget: udc: renesas_usb3: Fix compiler warning (Guo Ren)
usb: roles: set switch registered flag early on (Elson Roy Serrao)
batman-adv: fix panic during interface removal (Andy Strohman)
ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet 5V (Hans de Goede)
orangefs: fix a oob in orangefs_debug_write (Mike Marshall)
Grab mm lock before grabbing pt lock (Maksym Planeta)
vfio/pci: Enable iowrite64 and ioread64 for vfio pci (Ramesh Thomas)
media: cxd2841er: fix 64-bit division on gcc-9 (Arnd Bergmann)
gpio: bcm-kona: Add missing newline to dev_err format string (Artur Weber)
gpio: bcm-kona: Make sure GPIO bits are unlocked when requesting IRQ (Artur Weber)
gpio: bcm-kona: Fix GPIO lock/unlock for banks above bank 0 (Artur Weber)
arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (Radu Rendec)
team: better TEAM_OPTION_TYPE_STRING validation (Eric Dumazet)
vrf: use RCU protection in l3mdev_l3_out() (Eric Dumazet)
ndisc: ndisc_send_redirect() must use dev_get_by_index_rcu() (Eric Dumazet)
HID: multitouch: Add NULL check in mt_input_configured (Charles Han)
ocfs2: check dir i_size in ocfs2_find_entry (Su Yue)
MIPS: ftrace: Declare ftrace_get_parent_ra_addr() as static (WangYuli)
ptp: Ensure info->enable callback is always set (Thomas Weissschuh)
net/ncsi: wait for the last response to Deselect Package before configuring channel (Paul Fertser)
misc: fastrpc: Fix registered buffer page address (Ekansh Gupta)
mtd: onenand: Fix uninitialized retlen in do_otp_read() (Ivan Stepchenko)
NFC: nci: Add bounds checking in nci_hci_create_pipe() (Dan Carpenter)
nilfs2: fix possible int overflows in nilfs_fiemap() (Nikita Zhandarovich)
ocfs2: handle a symlink read error correctly (Matthew Wilcox (Oracle))
vfio/platform: check the bounds of read/write syscalls (Alex Williamson)
nvmem: core: improve range check for nvmem_cell_write() (Jennifer Berringer)
crypto: qce - unregister previously registered algos in error path (Bartosz Golaszewski)
crypto: qce - fix goto jump in error path (Bartosz Golaszewski)
media: uvcvideo: Remove redundant NULL assignment (Ricardo Ribalda)
media: uvcvideo: Fix event flags in uvc_ctrl_send_events (Ricardo Ribalda)
media: ov5640: fix get_light_freq on auto (Sam Bobrowicz)
soc: qcom: smem_state: fix missing of_node_put in error path (Krzysztof Kozlowski)
kbuild: Move -Wenum-enum-conversion to W=2 (Nathan Chancellor)
powerpc/pseries/eeh: Fix get PE state translation (Narayana Murty N)
serial: sh-sci: Do not probe the serial port if its slot in sci_ports[] is in use (Claudiu Beznea)
serial: sh-sci: Drop __initdata macro for port_cfg (Claudiu Beznea)
soc: qcom: socinfo: Avoid out of bounds read of serial number (Stephan Gerhold)
usb: gadget: f_tcm: Don't prepare BOT write request twice (Thinh Nguyen)
usb: gadget: f_tcm: ep_autoconfig with fullspeed endpoint (Thinh Nguyen)
usb: gadget: f_tcm: Decrement command ref count on cleanup (Thinh Nguyen)
usb: gadget: f_tcm: Translate error to sense (Thinh Nguyen)
wifi: brcmfmac: fix NULL pointer dereference in brcmf_txfinalize() (Marcel Hamer)
HID: hid-sensor-hub: don't use stale platform-data on remove (Heiko Stuebner)
of: reserved-memory: Fix using wrong number of cells to get property 'alignment' (Zijun Hu)
of: Fix of_find_node_opts_by_path() handling of alias+path+options (Zijun Hu)
of: Correct child specifier used as input of the 2nd nexus node (Zijun Hu)
perf bench: Fix undefined behavior in cmpworker() (Kuan-Wei Chiu)
clk: qcom: clk-rpmh: prevent integer overflow in recalc_rate (Anastasia Belova)
clk: qcom: clk-alpha-pll: fix alpha mode configuration (Gabor Juhos)
drm/komeda: Add check for komeda_get_layer_fourcc_list() (Haoxiang Li)
KVM: s390: vsie: fix some corner-cases when grabbing vsie pages (David Hildenbrand)
KVM: Explicitly verify target vCPU is online in kvm_get_vcpu() (Sean Christopherson)
arm64: dts: rockchip: increase gmac rx_delay on rk3399-puma (Jakob Unterwurzacher)
binfmt_flat: Fix integer overflow bug on 32 bit systems (Dan Carpenter)
m68k: vga: Fix I/O defines (Thomas Zimmermann)
s390/futex: Fix FUTEX_OP_ANDN implementation (Heiko Carstens)
leds: lp8860: Write full EEPROM, not only half of it (Alexander Sverdlin)
cpufreq: s3c64xx: Fix compilation warning (Viresh Kumar)
tun: revert fix group permission check (Willem de Bruijn)
net: rose: lock the socket in rose_bind() (Eric Dumazet)
udp: gso: do not drop small packets when PMTU reduces (Yan Zhai)
tg3: Disable tg3 PCIe AER on system reboot (Lenny Szubowicz)
gpu: drm_dp_cec: fix broken CEC adapter properties check (Hans Verkuil)
firmware: iscsi_ibft: fix ISCSI_IBFT Kconfig entry (Prasad Pandit)
nvme: handle connectivity loss in nvme_set_queue_count (Daniel Wagner)
usb: xhci: Fix NULL pointer dereference on certain command aborts (Michal Pecio)
usb: xhci: Add timeout argument in address_device USB HCD callback (Hardik Gajjar)
net: usb: rtl8150: enable basic endpoint checking (Nikita Zhandarovich)
net: usb: rtl8150: use new tasklet API (Emil Renner Berthing)
tasklet: Introduce new initialization API (Romain Perier)
kbuild: userprogs: use correct lld when linking through clang (Thomas Weissschuh)
media: uvcvideo: Remove dangling pointers (Ricardo Ribalda)
media: uvcvideo: Only save async fh if success (Ricardo Ribalda)
nilfs2: handle errors that nilfs_prepare_chunk() may return (Ryusuke Konishi)
nilfs2: eliminate staggered calls to kunmap in nilfs_rename (Ryusuke Konishi)
nilfs2: move page release outside of nilfs_delete_entry and nilfs_set_link (Ryusuke Konishi)
spi-mxs: Fix chipselect glitch (Ralf Schlatterbeck)
x86/mm: Don't disable PCID when INVLPG has been fixed by microcode (Xi Ruoyao)
APEI: GHES: Have GHES honor the panic= setting (Borislav Petkov)
HID: Wacom: Add PCI Wacom device support (Even Xu)
mfd: lpc_ich: Add another Gemini Lake ISA bridge PCI device-id (Hans de Goede)
tomoyo: don't emit warning in tomoyo_write_control() (Tetsuo Handa)
wifi: brcmsmac: add gain range check to wlc_phy_iqcal_gainparams_nphy() (Dmitry Antipov)
mmc: core: Respect quirk_max_rate for non-UHS SDIO card (Shawn Lin)
tun: fix group permission check (Stas Sergeev)
printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX (Kuan-Wei Chiu)
x86/amd_nb: Restrict init function to AMD-based systems (Yazen Ghannam)
sched: Don't try to catch up excess steal time. (Suleiman Souhlal)
btrfs: convert BUG_ON in btrfs_reloc_cow_block() to proper error handling (Josef Bacik)
btrfs: fix use-after-free when attempting to join an aborted transaction (Filipe Manana)
btrfs: output the reason for open_ctree() failure (Qu Wenruo)
usb: gadget: f_tcm: Don't free command immediately (Thinh Nguyen)
media: uvcvideo: Fix double free in error path (Laurent Pinchart)
HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections (Alan Stern)
usb: typec: tcpm: set SRC_SEND_CAPABILITIES timeout to PD_T_SENDER_RESPONSE (Jos Wang)
drivers/card_reader/rtsx_usb: Restore interrupt based detection (Sean Rhodes)
ktest.pl: Check kernelrelease return in get_version (Ricardo B. Marliere)
NFSD: Reset cb_seq_status after NFS4ERR_DELAY (Chuck Lever)
hexagon: Fix unbalanced spinlock in die() (Lin Yujun)
hexagon: fix using plain integer as NULL pointer warning in cmpxchg (Willem de Bruijn)
genksyms: fix memory leak when the same symbol is read from *.symref file (Masahiro Yamada)
genksyms: fix memory leak when the same symbol is added from source (Masahiro Yamada)
net: sh_eth: Fix missing rtnl lock in suspend/resume path (Kory Maincent)
vsock: Allow retrying on connect() failure (Michal Luczaj)
perf trace: Fix runtime error of index out of bounds (Howard Chu)
net: davicom: fix UAF in dm9000_drv_remove (Chenyuan Yang)
net: rose: fix timer races against user threads (Eric Dumazet)
PM: hibernate: Add error handling for syscore_suspend() (Wentao Liang)
ipmr: do not call mr_mfc_uses_dev() for unres entries (Eric Dumazet)
net: fec: implement TSO descriptor cleanup (Dheeraj Reddy Jonnalagadda)
ubifs: skip dumping tnc tree when zroot is null (pangliyuan)
rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read (Oleksij Rempel)
dmaengine: ti: edma: fix OF node reference leaks in edma_driver (Joe Hattori)
module: Extend the preempt disabled section in dereference_symbol_descriptor(). (Sebastian Andrzej Siewior)
ocfs2: mark dquot as inactive if failed to start trans while releasing dquot (Su Yue)
scsi: ufs: bsg: Delete bsg_dev when setting up bsg fails (Guixin Liu)
scsi: mpt3sas: Set ioc->manu_pg11.EEDPTagMode directly to 1 (Paul Menzel)
staging: media: imx: fix OF node leak in imx_media_add_of_subdevs() (Joe Hattori)
media: uvcvideo: Propagate buf->error to userspace (Ricardo Ribalda)
media: camif-core: Add check for clk_enable() (Jiasheng Jiang)
media: mipi-csis: Add check for clk_enable() (Jiasheng Jiang)
PCI: endpoint: Destroy the EPC device in devm_pci_epc_destroy() (Zijun Hu)
media: lmedm04: Handle errors for lme2510_int_read (Chen Ni)
media: lmedm04: Use GFP_KERNEL for URB allocation/submission. (Malcolm Priestley)
media: rc: iguanair: handle timeouts (Oliver Neukum)
fbdev: omapfb: Fix an OF node leak in dss_of_port_get_parent_device() (Joe Hattori)
ARM: dts: mediatek: mt7623: fix IR nodename (Rafal Milecki)
arm64: dts: mediatek: mt8173-evb: Fix MT6397 PMIC sub-node names (Chen-Yu Tsai)
arm64: dts: mediatek: mt8173-evb: Drop regulator-compatible property (Chen-Yu Tsai)
rdma/cxgb4: Prevent potential integer overflow on 32bit (Dan Carpenter)
RDMA/mlx4: Avoid false error about access to uninitialized gids array (Leon Romanovsky)
bpf: Send signals asynchronously if !preemptible (Puranjay Mohan)
perf report: Fix misleading help message about --demangle (Jiachen Zhang)
perf top: Don't complain about lack of vmlinux when not resolving some kernel samples (Arnaldo Carvalho de Melo)
padata: fix sysfs store callback check (Thomas Weissschuh)
ktest.pl: Remove unused declarations in run_bisect_test function (Ba Jing)
perf header: Fix one memory leakage in process_bpf_prog_info() (Zhongqiu Han)
perf header: Fix one memory leakage in process_bpf_btf() (Zhongqiu Han)
ASoC: sun4i-spdif: Add clock multiplier settings (George Lander)
tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (Marco Leogrande)
net: sched: Disallow replacing of child qdisc from one parent to another (Jamal Hadi Salim)
net/mlxfw: Drop hard coded max FW flash image size (Maher Sanalla)
net: let net.core.dev_weight always be non-zero (Liu Jian)
clk: analogbits: Fix incorrect calculation of vco rate delta (Bo Gan)
selftests: harness: fix printing of mismatch values in __EXPECT() (Dmitry V. Levin)
selftests/harness: Display signed values correctly (Kees Cook)
wifi: wlcore: fix unbalanced pm_runtime calls (Andreas Kemnade)
regulator: of: Implement the unwind path of of_regulator_match() (Joe Hattori)
team: prevent adding a device which is already a team device lower (Octavian Purdila)
cpupower: fix TSC MHz calculation (He Rongguang)
wifi: rtlwifi: pci: wait for firmware loading before releasing memory (Thadeu Lima de Souza Cascardo)
wifi: rtlwifi: fix memory leaks and invalid access at probe error path (Thadeu Lima de Souza Cascardo)
wifi: rtlwifi: remove unused check_buddy_priv (Thadeu Lima de Souza Cascardo)
wifi: rtlwifi: remove unused dualmac control leftovers (Dmitry Antipov)
wifi: rtlwifi: remove unused timer and related code (Dmitry Antipov)
rtlwifi: replace usage of found with dedicated list iterator variable (Jakob Koschel)
dt-bindings: mmc: controller: clarify the address-cells description (Neil Armstrong)
wifi: rtlwifi: usb: fix workqueue leak when probe fails (Thadeu Lima de Souza Cascardo)
wifi: rtlwifi: rtl8192se: rise completion of firmware loading as last step (Thadeu Lima de Souza Cascardo)
rtlwifi: rtl8192se Rename RT_TRACE to rtl_dbg (Larry Finger)
wifi: rtlwifi: do not complete firmware loading needlessly (Thadeu Lima de Souza Cascardo)
ipmi: ipmb: Add check devm_kasprintf() returned value (Charles Han)
drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table (Ivan Stepchenko)
drm/etnaviv: Fix page property being used for non writecombine buffers (Sui Jingfeng)
partitions: ldm: remove the initial kernel-doc notation (Randy Dunlap)
nbd: don't allow reconnect after disconnect (Yu Kuai)
afs: Fix directory format encoding struct (David Howells)
overflow: Allow mixed type arguments (Kees Cook)
overflow: Correct check_shl_overflow() comment (Keith Busch)
overflow: Add _must_check attribute to check*() helpers (Kees Cook)

[5.4.17-2136.343.2]

rds: ib: Do not attempt to insert RDMA exthdr twice (Hakon Bugge) [Orabug: 37721764]
net: mana: Fix TX CQE error handling (Haiyang Zhang) [Orabug: 36983924] {CVE-2023-52532}
net/mlx5: Stop waiting for PCI if pci channel is offline (Moshe Shemesh) [Orabug: 36929747]
rds: ib: Fix racy send affinity work cancellation (Hakon Bugge) [Orabug: 36605776]
uek-rpm: install the perf exec dir (Stephen Brennan) [Orabug: 35023180]
uek-rpm: switch to new secureboot certificates and upgrade shim (Samasth Norway Ananda) [Orabug: 37764002]

[5.4.17-2136.343.1]

rds: ib: Make traffic_class visible to user-space (Hakon Bugge) [Orabug: 37617866]
rds: ib: Remove incorrect update of the path record sl and qos_class fields (Hakon Bugge) [Orabug: 37617866]
net: core: reject skb_copy(_expand) for fraglist GSO skbs (Felix Fietkau) [Orabug: 36683418] {CVE-2024-36929}
udp: do not accept non-tunnel GSO skbs landing in a tunnel (Antoine Tenart) [Orabug: 36643088]
udp: never accept GSO_FRAGLIST packets (Paolo Abeni) [Orabug: 36643088]
udp: initialize is_flist with 0 in udp_gro_receive (Xin Long) [Orabug: 36643088]

[5.4.17-2136.342.5]

ima: Fix use-after-free on a dentry's dname.name (Stefan Berger) [Orabug: 36835558] {CVE-2024-39494}

[5.4.17-2136.342.4]

sched: sch_cake: add bounds checks to host bulk flow fairness counts (Toke Hoiland-Jorgensen)
udf: Fix use of check_add_overflow() with mixed type arguments (Ben Hutchings)
x86/xen: allow larger contiguous memory regions in PV guests (Juergen Gross)
xen: remove a confusing comment on auto-translated guest I/O (Petr Tesarik)
ALSA: hda/realtek: Fixup ALC225 depop procedure (Kailang Yang)
ALSA: hda/realtek - Add type for ALC287 (Kailang Yang)
net: loopback: Avoid sending IP packets without an Ethernet header (Ido Schimmel)
netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (Cong Wang)
ocfs2: fix incorrect CPU endianness conversion causing mount failure (Heming Zhao)
Revert 'btrfs: avoid monopolizing a core when activating a swap file' (Koichiro Den)
gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl(). (Kuniyuki Iwashima)
Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (Fedor Pchelkin)
rds: Make sure transmit path and connection tear-down does not run concurrently (Hakon Bugge) [Orabug: 36308571]
NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() (Yanjun Zhang) [Orabug: 37206487]

[5.4.17-2136.342.3]

LTS tag: v5.4.290 (Alok Tiwari)
Partial revert of xhci: use pm_ptr() instead #ifdef for CONFIG_PM conditionals (Ron Economos)
xhci: use pm_ptr() instead of #ifdef for CONFIG_PM conditionals (Arnd Bergmann)
drm/v3d: Assign job pointer to NULL before signaling the fence (Maira Canal)
Input: xpad - add support for wooting two he (arm) (Jack Greiner)
Input: xpad - add unofficial Xbox 360 wireless receiver clone (Nilton Perim Neto)
Input: atkbd - map F23 key to support default copilot shortcut (Mark Pearson)
Revert 'usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null' (Greg Kroah-Hartman)
USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (Qasim Ijaz)
ext4: fix slab-use-after-free in ext4_split_extent_at() (Baokun Li)
ext4: avoid ext4_error()'s caused by ENOMEM in the truncate path (Theodore Ts'o)
vfio/platform: check the bounds of read/write syscalls (Alex Williamson)
net/xen-netback: prevent UAF in xenvif_flush_hash() (Jeongjun Park)
net: xen-netback: hash.c: Use built-in RCU list checking (Madhuparna Bhowmik)
signal/m68k: Use force_sigsegv(SIGSEGV) in fpsp040_die (Eric W. Biederman)
m68k: Add missing mmap_read_lock() to sys_cacheflush() (Liam Howlett)
m68k: Update ->thread.esp0 before calling syscall_trace() in ret_from_signal (Al Viro)
gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (Andreas Gruenbacher)
irqchip/sunxi-nmi: Add missing SKIP_WAKE flag (Philippe Simons)
scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (Xiang Zhang)
ASoC: wm8994: Add depends on MFD core (Charles Keepax)
net: fix data-races around sk->sk_forward_alloc (Wang Liang)
scsi: sg: Fix slab-use-after-free read in sg_release() (Suraj Sonawane)
ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (Eric Dumazet)
irqchip/gic-v3: Handle CPU_PM_ENTER_FAILED correctly (Yogesh Lal)
fs/proc: fix softlockup in __read_vmcore (part 2) (Rik van Riel)
net: ethernet: xgbe: re-add aneg to supported features in PHY quirks (Heiner Kallweit)
nvmet: propagate npwg topology (Luis Chamberlain)
poll_wait: add mb() to fix theoretical race between waitqueue_active() and .poll() (Oleg Nesterov)
kheaders: Ignore silly-rename files (David Howells)
hfs: Sanity check the root record (Leo Stone)
mac802154: check local interfaces before deleting sdata list (Lizhi Xu)
i2c: mux: demux-pinctrl: check initial mux selection, too (Wolfram Sang)
drm/v3d: Ensure job pointer is set to NULL after job completion (Maira Canal)
nfp: bpf: prevent integer overflow in nfp_bpf_event_output() (Dan Carpenter)
gtp: Destroy device along with udp socket's netns dismantle. (Kuniyuki Iwashima)
gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp(). (Kuniyuki Iwashima)
gtp: use exit_batch_rtnl() method (Eric Dumazet)
net: add exit_batch_rtnl() method (Eric Dumazet)
net: net_namespace: Optimize the code (Yajun Deng)
net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field() (Sudheer Kumar Doredla)
sctp: sysctl: rto_min/max: avoid using current->nsproxy (Matthieu Baerts (NGI0))
ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv (Dennis Lam)
ocfs2: correct return value of ocfs2_local_free_info() (Joseph Qi)
phy: core: Fix that API devm_of_phy_provider_unregister() fails to unregister the phy provider (Zijun Hu)
phy: core: fix code style in devm_of_phy_provider_unregister (Vinod Koul)
arm64: dts: rockchip: add hevc power domain clock to rk3328 (Peter Geis)
arm64: dts: rockchip: add #power-domain-cells to power domain nodes (Johan Jonker)
arm64: dts: rockchip: fix pd_tcpc0 and pd_tcpc1 node position on rk3399 (Johan Jonker)
arm64: dts: rockchip: fix defines in pd_vio node for rk3399 (Johan Jonker)
iio: inkern: call iio_device_put() only on mapped devices (Joe Hattori)
iio: adc: at91: call input_free_device() on allocated iio_dev (Joe Hattori)
iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (Fabio Estevam)
iio: gyro: fxas21002c: Fix missing data update in trigger handler (Carlos Song)
iio: adc: ti-ads8688: fix information leak in triggered buffer (Javier Carrasco)
iio: imu: kmx61: fix information leak in triggered buffer (Javier Carrasco)
iio: light: vcnl4035: fix information leak in triggered buffer (Javier Carrasco)
iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (Javier Carrasco)
iio: pressure: zpa2326: fix information leak in triggered buffer (Javier Carrasco)
usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (Akash M)
usb: fix reference leak in usb_new_device() (Ma Ke)
USB: core: Disable LPM only for non-suspended ports (Kai-Heng Feng)
USB: usblp: return error when setting unsupported protocol (Jun Yan)
usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (Lianqin Hu)
USB: serial: cp210x: add Phoenix Contact UPS Device (Johan Hovold)
usb-storage: Add max sectors quirk for Nokia 208 (Lubomir Rintel)
staging: iio: ad9832: Correct phase range check (Zicheng Qu)
staging: iio: ad9834: Correct phase range check (Zicheng Qu)
USB: serial: option: add Neoway N723-EA support (Michal Hrusecky)
USB: serial: option: add MeiG Smart SRM815 (Chukun Pan)
drm/amd/display: increase MAX_SURFACES to the value supported by hw (Melissa Wen)
ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[] (Hans de Goede)
ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[] (Hans de Goede)
drm/amd/display: Add check for granularity in dml ceil/floor helpers (Roman Li)
sctp: sysctl: auth_enable: avoid using current->nsproxy (Matthieu Baerts (NGI0))
sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (Matthieu Baerts (NGI0))
dm thin: make get_first_thin use rcu-safe list first function (Krister Johansen)
tls: Fix tls_sw_sendmsg error handling (Benjamin Coddington)
net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute (Eric Dumazet)
tcp/dccp: allow a connection when sk_max_ack_backlog is zero (Zhongqiu Duan)
tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog (Jason Xing)
net: 802: LLC+SNAP OID:PID lookup on start of skb data (Antonio Pastor)
ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (Keisuke Nishimura)
dm array: fix cursor index when skipping across block boundaries (Ming-Hung Tsai)
dm array: fix unreleased btree blocks on closing a faulty array cursor (Ming-Hung Tsai)
dm array: fix releasing a faulty array block twice in dm_array_cursor_end (Ming-Hung Tsai)
jbd2: flush filesystem device before updating tail sequence (Zhang Yi)

[5.4.17-2136.342.2]

Revert 'NFSD: Limit the number of concurrent async COPY operations' (Sherry Yang) [Orabug: 37660195]
rds: ib: Avoid sleeping function inside RCU region by using sampled values instead (Hakon Bugge) [Orabug: 37586090]
dm rq: don't queue request to blk-mq during DM suspend (Ming Lei) [Orabug: 37010188]
dm: rearrange core declarations for extended use from dm-zone.c (Damien Le Moal) [Orabug: 37010188]

[5.4.17-2136.342.1]

cgroup: Make operations on the cgroup root_list RCU safe (Yafang Shao) [Orabug: 37621585]
uek: kabi: Fix build error for HIDE_INCLUDE macro (Saeed Mirzamohammadi) [Orabug: 37619102]
oracleasm: Fix PI when use_logical_block_size is set (Martin K. Petersen) [Orabug: 37503280]
oracleasm: Add support for per-I/O block size selection (Martin K. Petersen) [Orabug: 37503280]
perf/x86/intel/uncore: Fix NULL pointer dereference issue in upi_fill_topology() (Alexander Antonov) [Orabug: 36882938]

[5.4.17-2136.341.3]

io_uring: fix possible deadlock in io_register_iowq_max_workers() (Hagar Hemdan) [Orabug: 37565787]
io_uring/rw: fix missing NOWAIT check for O_DIRECT start write (Jens Axboe) [Orabug: 37565787]
io_uring: use kiocb_{start,end}_write() helpers (Amir Goldstein) [Orabug: 37565787]
fs: create kiocb_{start,end}_write() helpers (Amir Goldstein) [Orabug: 37565787]
io_uring: rename kiocb_end_write() local helper (Amir Goldstein) [Orabug: 37565787]
io_uring/sqpoll: close race on waiting for sqring entries (Jens Axboe) [Orabug: 37565787]
io_uring/sqpoll: do not put cpumask on stack (Felix Moessbauer) [Orabug: 37565787]
io_uring/sqpoll: retain test for whether the CPU is valid (Jens Axboe) [Orabug: 37565787]
io_uring/sqpoll: do not allow pinning outside of cpuset (Felix Moessbauer) [Orabug: 37565787]
io_uring/io-wq: limit retrying worker initialisation (Pavel Begunkov) [Orabug: 37565787]
vfs: check dentry is still valid in get_link() (Ian Kent) [Orabug: 37536393]
RDS: avoid queueing delayed work on an offlined cpu (Praveen Kumar Kannoju) [Orabug: 37260584]
NFSD: Limit the number of concurrent async COPY operations (Chuck Lever) [Orabug: 37206187]

[5.4.17-2136.341.2]

LTS tag: v5.4.289 (Sherry Yang)
mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() (Seiji Nishikawa)
drm: adv7511: Drop dsi single lane support (Biju Das)
net/sctp: Prevent autoclose integer overflow in sctp_association_init() (Nikolay Kuratov)
sky2: Add device ID 11ab:4373 for Marvell 88E8075 (Pascal Hambourg)
pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (Evgenii Shatokhin)
RDMA/uverbs: Prevent integer overflow issue (Dan Carpenter)
modpost: fix the missed iteration for the max bit in do_input() (Masahiro Yamada)
modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host (Masahiro Yamada)
ARC: build: Try to guess GCC variant of cross compiler (Leon Romanovsky)
irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base (Uros Bizjak)
net: usb: qmi_wwan: add Telit FE910C04 compositions (Daniele Palmas)
bpf: fix potential error return (Anton Protopopov)
sound: usb: format: don't warn that raw DSD is unsupported (Adrian Ratiu)
wifi: mac80211: wake the queues in case of failure in resume (Emmanuel Grumbach)
ila: serialize calls to nf_register_net_hooks() (Eric Dumazet)
ALSA: usb-audio: US16x08: Initialize array before use (Tanya Agarwal)
net: llc: reset skb->transport_header (Antonio Pastor)
netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext (Pablo Neira Ayuso)
netfilter: Replace zero-length array with flexible-array member (Gustavo A. R. Silva)
netrom: check buffer length before accessing it (Ilya Shchipletsov)
drm/bridge: adv7511_audio: Update Audio InfoFrame properly (Stefan Ekenberg)
drm: bridge: adv7511: Enable SPDIF DAI (Bogdan Togorean)
RDMA/bnxt_re: Fix max_qp_wrs reported (Selvin Xavier)
RDMA/bnxt_re: Fix reporting hw_ver in query_device (Kalesh AP)
RDMA/bnxt_re: Add check for path mtu in modify_qp (Saravanan Vajravel)
RDMA/mlx5: Enforce same type port association for multiport RoCE (Patrisious Haddad)
net/mlx5: Make API mlx5_core_is_ecpf accept const pointer (Parav Pandit)
IB/mlx5: Introduce and use mlx5_core_is_vf() (Parav Pandit)
Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (Michael Kelley)
selinux: ignore unknown extended permissions (Thiebaud Weksteen)
ipv6: prevent possible UAF in ip6_xmit() (Eric Dumazet)
skb_expand_head() adjust skb->truesize incorrectly (Vasily Averin)
btrfs: avoid monopolizing a core when activating a swap file (Filipe Manana)
tracing: Constify string literal data member in struct trace_event_call (Christian Gottsche)
bpf: fix recursive lock when verdict program return SK_PASS (Jiayuan Chen)
ipv6: fix possible UAF in ip6_finish_output2() (Eric Dumazet) [Orabug: 37029070] {CVE-2024-44986}
ipv6: use skb_expand_head in ip6_xmit (Vasily Averin)
ipv6: use skb_expand_head in ip6_finish_output2 (Vasily Averin)
skbuff: introduce skb_expand_head() (Vasily Averin)
MIPS: Probe toolchain support of -msym32 (Jiaxun Yang)
epoll: Add synchronous wakeup support for ep_poll_callback (Xuewen Yan)
virtio-blk: don't keep queue frozen during system suspend (Ming Lei)
scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (Ranjan Kumar)
platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (Armin Wolf)
regmap: Use correct format specifier for logging range errors (Mark Brown)
scsi: megaraid_sas: Fix for a potential deadlock (Tomas Henzl)
scsi: qla1280: Fix hw revision numbering for ISP1020/1040 (Magnus Lindholm)
tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (Masami Hiramatsu (Google))
dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset (Chen Ridong) [Orabug: 37452681] {CVE-2024-56767}
dmaengine: mv_xor: fix child node refcount handling in early exit (Javier Carrasco)
phy: core: Fix that API devm_phy_destroy() fails to destroy the phy (Zijun Hu)
phy: core: Fix that API devm_phy_put() fails to release the phy (Zijun Hu)
phy: core: Fix an OF node refcount leakage in of_phy_provider_lookup() (Zijun Hu)
phy: core: Fix an OF node refcount leakage in _of_phy_get() (Zijun Hu)
mtd: diskonchip: Cast an operand to prevent potential overflow (Zichen Xie)
bpf: Check negative offsets in __bpf_skb_min_len() (Cong Wang)
media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg (Nikita Zhandarovich) [Orabug: 37452687] {CVE-2024-56769}
of: Fix refcount leakage for OF node returned by __of_get_dma_parent() (Zijun Hu)
of: Fix error path in of_parse_phandle_with_args_map() (Herve Codina)
udmabuf: also check for F_SEAL_FUTURE_WRITE (Jann Horn)
nilfs2: prevent use of deleted inode (Edward Adam Davis)
NFS/pnfs: Fix a live lock between recalled layouts and layoutget (Trond Myklebust)
btrfs: tree-checker: reject inline extent items with 0 ref count (Qu Wenruo)
zram: refuse to use zero sized block device as backing device (Kairui Song)
sh: clk: Fix clk_enable() to return 0 on NULL clk (Geert Uytterhoeven)
USB: serial: option: add Telit FE910C04 rmnet compositions (Daniele Palmas)
USB: serial: option: add MediaTek T7XX compositions (Jack Wu)
USB: serial: option: add Netprisma LCUK54 modules for WWAN Ready (Mank Wang)
USB: serial: option: add MeiG Smart SLM770A (Michal Hrusecky)
USB: serial: option: add TCL IK512 MBIM & ECM (Daniel Swanemar)
efivarfs: Fix error on non-existent file (James Bottomley)
i2c: riic: Always round-up when calculating bus period (Geert Uytterhoeven)
chelsio/chtls: prevent potential integer overflow on 32bit (Dan Carpenter)
mmc: sdhci-tegra: Remove SDHCI_QUIRK_BROKEN_ADMA_ZEROLEN_DESC quirk (Prathamesh Shete)
netfilter: ipset: Fix for recursive locking warning (Phil Sutter)
net: ethernet: bgmac-platform: fix an OF node reference leak (Joe Hattori)
net: hinic: Fix cleanup in create_rxqs/txqs() (Dan Carpenter)
ionic: use ee->offset when returning sprom data (Shannon Nelson)
net/smc: check sndbuf_space again after NOSPACE flag is set in smc_poll (Guangguan Wang)
erofs: fix incorrect symlink detection in fast symlink (Gao Xiang)
erofs: fix order >= MAX_ORDER warning due to crafted negative i_size (Gao Xiang)
drm/i915: Fix memory leak by correcting cache object name in error handler (Jiasheng Jiang)
PCI: Add ACS quirk for Broadcom BCM5760X NIC (Ajit Khaparde)
ALSA: usb: Fix UBSAN warning in parse_audio_unit() (Takashi Iwai)
PCI/AER: Disable AER service on suspend (Kai-Heng Feng)
usb: dwc2: gadget: Don't write invalid mapped sg entries into dma_desc with iommu enabled (Peng Hongchi)
net: sched: fix ordering of qlen adjustment (Lion Ackermann) [Orabug: 37433383] {CVE-2024-53164}

[5.4.17-2136.341.1]

kpcimgr: fix flush_icache_range arguments (Joe Dobosenski) [Orabug: 37525298]
uek-rpm: Update network stress testing options for embedded2 (Joe Dobosenski) [Orabug: 37530220]

[5.4.17-2136.340.4]

ftrace: use preempt_enable/disable notrace macros to avoid double fault (Koichiro Den)
nfsd: restore callback functionality for NFSv4.0 (NeilBrown)
i2c: pnx: Fix timeout in wait functions (Vladimir Riabchun)
of/irq: Fix using uninitialized variable @addr_len in API of_irq_parse_one() (Zijun Hu)
af_packet: fix vlan_get_tci() vs MSG_PEEK (Eric Dumazet)
af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK (Eric Dumazet)
mtd: rawnand: fix double free in atmel_pmecc_create_user() (Dan Carpenter) [Orabug: 37506347] {CVE-2024-56766}

[5.4.17-2136.340.3]

Revert 'xen/swiotlb: add alignment check for dma buffers' (Harshvardhan Jha) [Orabug: 37475435]
vfio/iommu_type1: Fix some sanity checks in detach group (Keqian Zhu) [Orabug: 37136890]
Revert 'vfio/iommu_type1: Fix some sanity checks in detach group' (Dongli Zhang) [Orabug: 37136890]
rds: ib: Avoid UAF on RDS Socket's rs_trans_lock (Hakon Bugge) [Orabug: 36693622]
rds: ib: Fix blocked processes related to race in rds_rdma_free_dev_rs_worker() (Hakon Bugge) [Orabug: 36693622]
rds: ib: Fix deterministic UAF in rds_rdma_free_dev_rs_worker() (Hakon Bugge) [Orabug: 36693622]
Revert 'KVM: SVM: Add a module parameter to override iommu AVIC usage' (Alejandro Jimenez) [Orabug: 35001679]

[5.4.17-2136.340.2]

LTS tag: v5.4.288 (Alok Tiwari)
ALSA: usb-audio: Fix a DMA to stack memory bug (Dan Carpenter)
xen/netfront: fix crash when removing device (Juergen Gross) [Orabug: 37427542] {CVE-2024-53240}
KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (Raghavendra Rao Ananta)
blk-iocost: Avoid using clamp() on inuse in __propagate_weights() (Nathan Chancellor)
blk-iocost: fix weight updates of inner active iocgs (Tejun Heo)
blk-iocost: clamp inuse and skip noops in __propagate_weights() (Tejun Heo)
ACPICA: events/evxfregn: don't release the ContextMutex that was never acquired (Daniil Tatianin)
net/sched: netem: account for backlog updates from child qdisc (Martin Ottens)
qca_spi: Make driver probing reliable (Stefan Wahren)
qca_spi: Fix clock speed for multiple QCA7000 (Stefan Wahren)
ACPI: resource: Fix memory resource type union access (Ilpo Jarvinen)
net: lapb: increase LAPB_HEADER_LEN (Eric Dumazet) [Orabug: 37434237] {CVE-2024-56659}
tipc: fix NULL deref in cleanup_bearer() (Eric Dumazet) [Orabug: 37506456] {CVE-2024-56661}
batman-adv: Do not let TT changes list grows indefinitely (Remi Pommarel)
batman-adv: Remove uninitialized data in full table TT response (Remi Pommarel)
batman-adv: Do not send uninitialized TT changes (Remi Pommarel)
bpf, sockmap: Fix update element with same (Michal Luczaj)
xfs: don't drop errno values when we fail to ficlone the entire range (Darrick J. Wong)
usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer (Lianqin Hu) [Orabug: 37434264] {CVE-2024-56670}
usb: ehci-hcd: fix call balance of clocks handling routines (Vitalii Mordan)
usb: dwc2: hcd: Fix GetPortStatus & SetPortFeature (Stefan Wahren)
ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (Joe Hattori)
usb: host: max3421-hcd: Correctly abort a USB request. (Mark Tomlinson)
LTS tag: v5.4.287 (Alok Tiwari)
bpf, xdp: Update devmap comments to reflect napi/rcu usage (John Fastabend)
ALSA: usb-audio: Fix out of bounds reads when finding clock sources (Takashi Iwai) [Orabug: 37427489] {CVE-2024-53150}
PCI: rockchip-ep: Fix address translation unit programming (Damien Le Moal)
Revert 'drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read()' (Zhang Zekun)
modpost: Add .irqentry.text to OTHER_SECTIONS (Thomas Gleixner)
jffs2: Fix rtime decompressor (Richard Weinberger)
jffs2: Prevent rtime decompress memory corruption (Kinsey Moore)
KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (Kunkun Jiang)
KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (Kunkun Jiang)
KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (Jing Zhang)
perf/x86/intel/pt: Fix buffer full but size is 0 case (Adrian Hunter)
bpf: fix OOB devmap writes when deleting elements (Maciej Fijalkowski) [Orabug: 37434047] {CVE-2024-56615}
xdp: Simplify devmap cleanup (Bjorn Topel)
misc: eeprom: eeprom_93cx6: Add quirk for extra read clock cycle (Parker Newman)
powerpc/prom_init: Fixup missing powermac #size-cells (Michael Ellerman)
usb: chipidea: udc: handle USB Error Interrupt if IOC not set (Xu Yang)
i3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock (Defa Li)
PCI: Add ACS quirk for Wangxun FF5xxx NICs (Mengyuan Lou)
PCI: Add 'reset_subordinate' to reset hierarchy below bridge (Keith Busch)
f2fs: fix f2fs_bug_on when uninstalling filesystem call f2fs_evict_inode. (Qi Han) [Orabug: 37433861] {CVE-2024-56586}
nvdimm: rectify the illogical code within nd_dax_probe() (Yi Yang)
pinctrl: qcom-pmic-gpio: add support for PM8937 (Barnabas Czeman)
scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after device reset (Kai Makisara)
scsi: st: Don't modify unknown block number in MTIOCGET (Kai Makisara)
leds: class: Protect brightness_show() with led_cdev->led_access mutex (Mukesh Ojha) [Orabug: 37433869] {CVE-2024-56587}
tracing: Use atomic64_inc_return() in trace_clock_counter() (Uros Bizjak)
netpoll: Use rcu_access_pointer() in __netpoll_setup (Breno Leitao)
net/neighbor: clear error in case strict check is not set (Jakub Kicinski)
rocker: fix link status detection in rocker_carrier_init() (Dmitry Antipov)
ASoC: hdmi-codec: reorder channel allocation list (Jonas Karlman)
Bluetooth: btusb: Add RTL8852BE device 0489:e123 to device tables (Hilda Wu)
wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw() (Norbert van Bolhuis) [Orabug: 37433908] {CVE-2024-56593}
wifi: ipw2x00: libipw_rx_any(): fix bad alignment (Jiapeng Chong)
drm/amdgpu: set the right AMDGPU sg segment limitation (Prike Liang) [Orabug: 37433914] {CVE-2024-56594}
jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree (Nihar Chaithanya) [Orabug: 37433920] {CVE-2024-56595}
jfs: fix array-index-out-of-bounds in jfs_readdir (Ghanshyam Agrawal) [Orabug: 37433928] {CVE-2024-56596}
jfs: fix shift-out-of-bounds in dbSplit (Ghanshyam Agrawal) [Orabug: 37433934] {CVE-2024-56597}
jfs: array-index-out-of-bounds fix in dtReadFirst (Ghanshyam Agrawal) [Orabug: 37433941] {CVE-2024-56598}
wifi: ath5k: add PCI ID for Arcadyan devices (Rosen Penev)
wifi: ath5k: add PCI ID for SX76X (Rosen Penev)
net: inet6: do not leave a dangling sk pointer in inet6_create() (Ignat Korchagin) [Orabug: 37433955] {CVE-2024-56600}
net: inet: do not leave a dangling sk pointer in inet_create() (Ignat Korchagin) [Orabug: 37433962] {CVE-2024-56601}
net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (Ignat Korchagin) [Orabug: 37433970] {CVE-2024-56602}
net: af_can: do not leave a dangling sk pointer in can_create() (Ignat Korchagin) [Orabug: 37433977] {CVE-2024-56603}
Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (Ignat Korchagin) [Orabug: 37433990] {CVE-2024-56605}
af_packet: avoid erroring out after sock_init_data() in packet_create() (Ignat Korchagin) [Orabug: 37433996] {CVE-2024-56606}
net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (Elena Salomatkina)
net: ethernet: fs_enet: Use %pa to format resource_size_t (Simon Horman)
net: fec_mpc52xx_phy: Use %pa to format resource_size_t (Simon Horman)
samples/bpf: Fix a resource leak (Zhu Jun)
drm/radeon/r600_cs: Fix possible int overflow in r600_packet3_check() (Igor Artemiev)
drm/mcde: Enable module autoloading (Liao Chen)
drm: panel-orientation-quirks: Add quirk for AYA NEO 2 model (Joaquin Ignacio Aramendia)
media: cx231xx: Add support for Dexatek USB Video Grabber 1d19:6108 (Rohan Barar)
media: uvcvideo: Add a quirk for the Kaiweets KTI-W02 infrared camera (David Given)
s390/cpum_sf: Handle CPU hotplug remove during sampling (Thomas Richter)
mmc: core: Further prevent card detect during shutdown (Ulf Hansson)
regmap: detach regmap from dev on regmap_exit (Cosmin Tanislav)
dma-buf: fix dma_fence_array_signaled v4 (Christian Konig)
bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again (Liequan Che)
nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (Ryusuke Konishi) [Orabug: 37434065] {CVE-2024-56619}
scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (Saurav Kashyap)
scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (Anil Gurumurthy)
scsi: qla2xxx: Fix NVMe and NPIV connect issue (Quinn Tran)
ocfs2: update seq_file index in ocfs2_dlm_seq_next (Wengang Wang)
tracing: Fix cmp_entries_dup() to respect sort() comparison rules (Kuan-Wei Chiu)
HID: wacom: fix when get product name maybe null pointer (WangYuli) [Orabug: 37434108] {CVE-2024-56629}
bpf: Fix exact match conditions in trie_get_next_key() (Hou Tao)
bpf: Handle BPF_EXIST and BPF_NOEXIST for LPM trie (Hou Tao)
ocfs2: free inode when ocfs2_get_init_inode() fails (Tetsuo Handa) [Orabug: 37434113] {CVE-2024-56630}
spi: mpc52xx: Add cancel_work_sync before module remove (Pei Xiao)
tcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg (Zijian Zhang) [Orabug: 37434127] {CVE-2024-56633}
drm/sti: Add __iomem for mixer_dbg_mxn's parameter (Pei Xiao)
gpio: grgpio: Add NULL check in grgpio_probe (Charles Han) [Orabug: 37434131] {CVE-2024-56634}
gpio: grgpio: use a helper variable to store the address of ofdev->dev (Bartosz Golaszewski)
crypto: x86/aegis128 - access 32-bit arguments as 32-bit (Eric Biggers)
x86/asm: Reorder early variables (Jiri Slaby)
xen: Fix the issue of resource not being properly released in xenbus_dev_probe() (Qiu-ji Chen) [Orabug: 37433540] {CVE-2024-53198}
xen/xenbus: fix locking (Juergen Gross)
xenbus/backend: Protect xenbus callback with lock (SeongJae Park)
xenbus/backend: Add memory pressure handler callback (SeongJae Park)
xen/xenbus: reference count registered modules (Paul Durrant)
netfilter: nft_set_hash: skip duplicated elements pending gc run (Pablo Neira Ayuso)
netfilter: ipset: Hold module reference while requesting a module (Phil Sutter) [Orabug: 37434143] {CVE-2024-56637}
igb: Fix potential invalid memory access in igb_init_module() (Yuan Can)
net/qed: allow old cards not supporting 'num_images' to work (Louis Leseur)
tipc: Fix use-after-free of kernel socket in cleanup_bearer(). (Kuniyuki Iwashima) [Orabug: 37434161] {CVE-2024-56642}
tipc: add new AEAD key structure for user API (Tuong Lien)
tipc: enable creating a 'preliminary' node (Tuong Lien)
tipc: add reference counter to bearer (Tuong Lien)
dccp: Fix memory leak in dccp_feat_change_recv (Ivan Solodovnikov) [Orabug: 37434167] {CVE-2024-56643}
can: j1939: j1939_session_new(): fix skb reference counting (Dmitry Antipov)
net/sched: tbf: correct backlog statistic for GSO packets (Martin Ottens)
netfilter: x_tables: fix LED ID check in led_tg_check() (Dmitry Antipov) [Orabug: 37434200] {CVE-2024-56650}
ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (Jinghao Jia)
can: sun4i_can: sun4i_can_err(): fix {rx,tx}_errors statistics (Dario Binacchi)
can: sun4i_can: sun4i_can_err(): call can_change_state() even if cf is NULL (Dario Binacchi)
watchdog: mediatek: Make sure system reset gets asserted in mtk_wdt_restart() (Yassine Oudjana)
iTCO_wdt: mask NMI_NOW bit for update_no_reboot_bit() call (Oleksandr Ocheretnyi)
drm/etnaviv: flush shader L1 cache after user commandstream (Lucas Stach)
nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur (Yang Erkun)
nfsd: make sure exp active before svc_export_show (Yang Erkun) [Orabug: 37433745] {CVE-2024-56558}
dm thin: Add missing destroy_work_on_stack() (Yuan Can)
i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs() (Frank Li) [Orabug: 37433756] {CVE-2024-56562}
util_macros.h: fix/rework find_closest() macros (Alexandru Ardelean)
ad7780: fix division by zero in ad7780_write_raw() (Zicheng Qu) [Orabug: 37433772] {CVE-2024-56567}
clk: qcom: gcc-qcs404: fix initial rate of GPLL3 (Gabor Juhos)
ftrace: Fix regression with module command in stack_trace_filter (guoweikang) [Orabug: 37433784] {CVE-2024-56569}
ovl: Filter invalid inodes with missing lookup function (Vasiliy Kovalev) [Orabug: 37433789] {CVE-2024-56570}
media: platform: allegro-dvt: Fix possible memory leak in allocate_buffers_internal() (Gaosheng Cui) [Orabug: 37433798] {CVE-2024-56572}
media: gspca: ov534-ov772x: Fix off-by-one error in set_frame_rate() (Jinjie Ruan)
media: venus: Fix pm_runtime_set_suspended() with runtime pm enabled (Jinjie Ruan)
media: ts2020: fix null-ptr-deref in ts2020_probe() (Li Zetao) [Orabug: 37433805] {CVE-2024-56574}
media: i2c: tc358743: Fix crash in the probe error path when using polling (Alexander Shiyan) [Orabug: 37433817] {CVE-2024-56576}
btrfs: ref-verify: fix use-after-free after invalid ref action (Filipe Manana) [Orabug: 37433832] {CVE-2024-56581}
quota: flush quota_release_work upon quota writeback (Ojaswin Mujoo)
ASoC: fsl_micfil: fix the naming style for mask definition (Shengjiu Wang)
sh: intc: Fix use-after-free bug in register_intc_controller() (Dan Carpenter) [Orabug: 37433393] {CVE-2024-53165}
sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport (Liu Jian) [Orabug: 37434314] {CVE-2024-56688}
SUNRPC: Replace internal use of SOCKWQ_ASYNC_NOSPACE (Trond Myklebust)
SUNRPC: correct error code comment in xs_tcp_setup_socket() (Calum Mackay)
modpost: remove incorrect code in do_eisa_entry() (Masahiro Yamada)
rtc: ab-eoz9: don't fail temperature reads on undervoltage notification (Maxime Chevallier)
9p/xen: fix release of IRQ (Alex Zenla) [Orabug: 37434374] {CVE-2024-56704}
9p/xen: fix init sequence (Alex Zenla)
block: return unsigned int from bdev_io_min (Christoph Hellwig)
jffs2: fix use of uninitialized variable (Qingfang Deng)
ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit (Waqar Hameed) [Orabug: 37433414] {CVE-2024-53171}
ubi: fastmap: Fix duplicate slab cache names while attaching (Zhihao Cheng) [Orabug: 37433419] {CVE-2024-53172}
ubifs: Correct the total block count by deducting journal reservation (Zhihao Cheng)
rtc: check if __rtc_read_time was successful in rtc_timer_do_work() (Yongliang Gao) [Orabug: 37434456] {CVE-2024-56739}
rtc: abx80x: Fix WDT bit position of the status register (Nobuhiro Iwamatsu)
rtc: st-lpc: Use IRQF_NO_AUTOEN flag in request_irq() (Jinjie Ruan)
NFSv4.0: Fix a use-after-free problem in the asynchronous open() (Trond Myklebust) [Orabug: 37433426] {CVE-2024-53173}
um: Always dump trace for specified task in show_stack (Tiwei Bie)
um: Clean up stacktrace dump (Johannes Berg)
um: add show_stack_loglvl() (Dmitry Safonov)
um/sysrq: remove needless variable sp (Dmitry Safonov)
um: Fix the return value of elf_core_copy_task_fpregs (Tiwei Bie)
um: Fix potential integer overflow during physmem setup (Tiwei Bie) [Orabug: 37427464] {CVE-2024-53145}
rpmsg: glink: Propagate TX failures in intentless mode as well (Bjorn Andersson)
SUNRPC: make sure cache entry active before cache_show (Yang Erkun) [Orabug: 37433433] {CVE-2024-53174}
NFSD: Prevent a potential integer overflow (Chuck Lever) [Orabug: 37427470] {CVE-2024-53146}
lib: string_helpers: silence snprintf() output truncation warning (Bartosz Golaszewski)
usb: dwc3: gadget: Fix checking for number of TRBs left (Thinh Nguyen)
ALSA: hda/realtek: Apply quirk for Medion E15433 (Takashi Iwai)
ALSA: hda/realtek: Fix Internal Speaker and Mic boost of Infinix Y4 Max (Dinesh Kumar)
ALSA: hda/realtek: Set PCBeep to default value for ALC274 (Kailang Yang)
ALSA: hda/realtek: Update ALC225 depop procedure (Kailang Yang)
media: wl128x: Fix atomicity violation in fmc_send_cmd() (Qiu-ji Chen) [Orabug: 37434358] {CVE-2024-56700}
HID: wacom: Interpret tilt data from Intuos Pro BT as signed values (Jason Gerecke)
block: fix ordering between checking BLK_MQ_S_STOPPED request adding (Muchun Song)
arm64: tls: Fix context-switching of tpidrro_el0 when kpti is enabled (Will Deacon)
sh: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK (Huacai Chen)
um: vector: Do not use drvdata in release (Tiwei Bie) [Orabug: 37433467] {CVE-2024-53181}
serial: 8250: omap: Move pm_runtime_get_sync (Bin Liu)
um: net: Do not use drvdata in release (Tiwei Bie) [Orabug: 37433475] {CVE-2024-53183}
um: ubd: Do not use drvdata in release (Tiwei Bie) [Orabug: 37433484] {CVE-2024-53184}
ubi: wl: Put source PEB into correct list if trying locking LEB failed (Zhihao Cheng)
spi: Fix acpi deferred irq probe (Stanislaw Gruszka)
netfilter: ipset: add missing range check in bitmap_ip_uadt (Jeongjun Park) [Orabug: 37388867] {CVE-2024-53141}
Revert 'serial: sh-sci: Clean sci_ports[0] after at earlycon exit' (Greg Kroah-Hartman)
serial: sh-sci: Clean sci_ports[0] after at earlycon exit (Claudiu Beznea)
Bluetooth: Fix type of len in rfcomm_sock_getsockopt{,_old}() (Andrej Shadura)
tty: ldsic: fix tty_ldisc_autoload sysctl's proc_handler (Nicolas Bouchinet)
comedi: Flush partial mappings in error case (Jann Horn) [Orabug: 37427482] {CVE-2024-53148}
PCI: Fix use-after-free of slot->bus on hot remove (Lukas Wunner) [Orabug: 37433516] {CVE-2024-53194}
ASoC: codecs: Fix atomicity violation in snd_soc_component_get_drvdata() (Qiu-ji Chen)
jfs: xattr: check invalid xattr size more strictly (Artem Sadovnikov)
ext4: fix FS_IOC_GETFSMAP handling (Theodore Ts'o)
ext4: supress data-race warnings in ext4_free_inodes_{count,set}() (Jeongjun Park)
ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (Benoit Sevens) [Orabug: 37433532] {CVE-2024-53197}
soc: qcom: socinfo: fix revision check in qcom_socinfo_probe() (Manikanta Mylavarapu)
usb: ehci-spear: fix call balance of sehci clk handling routines (Vitalii Mordan)
apparmor: fix 'Do simple duplicate message elimination' (chao liu)
staging: greybus: uart: clean up TIOCGSERIAL (Johan Hovold)
misc: apds990x: Fix missing pm_runtime_disable() (Jinjie Ruan)
USB: chaoskey: Fix possible deadlock chaoskey_list_lock (Edward Adam Davis)
USB: chaoskey: fail open after removal (Oliver Neukum)
usb: yurex: make waiting on yurex_write interruptible (Oliver Neukum)
usb: using mutex lock and supporting O_NONBLOCK flag in iowarrior_read() (Jeongjun Park)
ipmr: fix tables suspicious RCU usage (Paolo Abeni)
ipmr: convert /proc handlers to rcu_read_lock() (Eric Dumazet)
net: stmmac: dwmac-socfpga: Set RX watchdog interrupt as broken (Maxime Chevallier)
marvell: pxa168_eth: fix call balance of pep->clk handling routines (Vitalii Mordan)
net: usb: lan78xx: Fix refcounting and autosuspend on invalid WoL configuration (Oleksij Rempel)
tg3: Set coherent DMA mask bits to 31 for BCM57766 chipsets (Pavan Chebbi)
net: usb: lan78xx: Fix memory leak on device unplug by freeing PHY device (Oleksij Rempel)
power: supply: core: Remove might_sleep() from power_supply_put() (Bart Van Assche)
vfio/pci: Properly hide first-in-list PCIe extended capability (Avihai Horon) [Orabug: 37433578] {CVE-2024-53214}
NFSD: Fix nfsd4_shutdown_copy() (Chuck Lever)
NFSD: Cap the number of bytes copied by nfs4_reset_recoverydir() (Chuck Lever)
NFSD: Prevent NULL dereference in nfsd4_process_cb_update() (Chuck Lever) [Orabug: 37433594] {CVE-2024-53217}
rpmsg: glink: use only lower 16-bits of param2 for CMD_OPEN name length (Jonathan Marek)
rpmsg: glink: Fix GLINK command prefix (Bjorn Andersson)
rpmsg: glink: Send READ_NOTIFY command in FIFO full case (Arun Kumar Neelakantam)
rpmsg: glink: Add TX_DATA_CONT command while sending (Arun Kumar Neelakantam)
perf trace: Avoid garbage when not printing a syscall's arguments (Benjamin Peterson)
perf trace: Do not lose last events in a race (Benjamin Peterson)
m68k: coldfire/device.c: only build FEC when HW macros are defined (Antonio Quartulli)
m68k: mcfgpio: Fix incorrect register offset for CONFIG_M5441x (Jean-Michel Hautbois)
PCI: cpqphp: Fix PCIBIOS_* return value confusion (Ilpo Jarvinen)
PCI: cpqphp: Use PCI_POSSIBLE_ERROR() to check config reads (weiyufeng)
perf probe: Correct demangled symbols in C++ program (Leo Yan)
perf cs-etm: Don't flush when packet_queue fills up (James Clark)
clk: clk-axi-clkgen: make sure to enable the AXI bus clock (Nuno Sa)
clk: axi-clkgen: use devm_platform_ioremap_resource() short-hand (Alexandru Ardelean)
dt-bindings: clock: axi-clkgen: include AXI clk (Nuno Sa)
dt-bindings: clock: adi,axi-clkgen: convert old binding to yaml format (Alexandru Ardelean)
fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() (Zhen Lei) [Orabug: 37434478] {CVE-2024-56746}
fbdev/sh7760fb: Alloc DMA memory from hardware device (Thomas Zimmermann)
powerpc/sstep: make emulate_vsx_load and emulate_vsx_store static (Michal Suchanek)
ocfs2: fix uninitialized value in ocfs2_file_read_iter() (Dmitry Antipov) [Orabug: 37427503] {CVE-2024-53155}
scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() (Zhen Lei) [Orabug: 37434484] {CVE-2024-56747}
scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() (Zhen Lei) [Orabug: 37434489] {CVE-2024-56748}
scsi: fusion: Remove unused variable 'rc' (Zeng Heng)
scsi: bfa: Fix use-after-free in bfad_im_module_exit() (Ye Bin) [Orabug: 37433630] {CVE-2024-53227}
mfd: rt5033: Fix missing regmap_del_irq_chip() (Zhang Changzhong)
mtd: rawnand: atmel: Fix possible memory leak (Miquel Raynal)
cpufreq: loongson2: Unregister platform_driver on failure (Yuan Can)
mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices (Andy Shevchenko) [Orabug: 37434429] {CVE-2024-56723}
mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device (Andy Shevchenko) [Orabug: 37434434] {CVE-2024-56724}
mfd: intel_soc_pmic_bxtwc: Use IRQ domain for USB Type-C device (Andy Shevchenko) [Orabug: 37434330] {CVE-2024-56691}
mfd: intel_soc_pmic_bxtwc: Use dev_err_probe() (Andy Shevchenko)
mfd: da9052-spi: Change read-mask to write-mask (Marcus Folkesson)
mfd: tps65010: Use IRQF_NO_AUTOEN flag in request_irq() to fix race (Jinjie Ruan)
trace/trace_event_perf: remove duplicate samples on the first tracepoint event (Levi Yun)
netpoll: Use rcu_access_pointer() in netpoll_poll_lock (Breno Leitao)
ALSA: 6fire: Release resources at card release (Takashi Iwai) [Orabug: 37433660] {CVE-2024-53239}
ALSA: caiaq: Use snd_card_free_when_closed() at disconnection (Takashi Iwai) [Orabug: 37433666] {CVE-2024-56531}
ALSA: us122l: Use snd_card_free_when_closed() at disconnection (Takashi Iwai) [Orabug: 37433672] {CVE-2024-56532}
net: rfkill: gpio: Add check for clk_enable() (Mingwei Zheng)
selftests: net: really check for bg process completion (Paolo Abeni)
bpf, sockmap: Fix sk_msg_reset_curr (Zijian Zhang)
bpf, sockmap: Several fixes to bpf_msg_pop_data (Zijian Zhang)
bpf, sockmap: Several fixes to bpf_msg_push_data (Zijian Zhang)
drm/etnaviv: hold GPU lock across perfmon sampling (Lucas Stach)
drm/etnaviv: fix power register offset on GC300 (Doug Brown)
drm/etnaviv: dump: fix sparse warnings (Marc Kleine-Budde)
drm/msm/adreno: Use IRQF_NO_AUTOEN flag in request_irq() (Jinjie Ruan)
drm/panfrost: Remove unused id_mask from struct panfrost_model (Steven Price)
wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (Alper Nebi Yasak) [Orabug: 37433695] {CVE-2024-56539}
bpf: Fix the xdp_adjust_tail sample prog issue (Yuan Chen)
ASoC: fsl_micfil: fix regmap_write_bits usage (Shengjiu Wang)
ASoC: fsl_micfil: use GENMASK to define register bit fields (Sascha Hauer)
ASoC: fsl_micfil: do not define SHIFT/MASK for single bits (Sascha Hauer)
ASoC: fsl_micfil: Drop unnecessary register read (Sascha Hauer)
dt-bindings: vendor-prefixes: Add NeoFidelity, Inc (Igor Prusov)
drm/imx/ipuv3: Use IRQF_NO_AUTOEN flag in request_irq() (Jinjie Ruan)
wifi: mwifiex: Use IRQF_NO_AUTOEN flag in request_irq() (Jinjie Ruan)
wifi: p54: Use IRQF_NO_AUTOEN flag in request_irq() (Jinjie Ruan)
drm/omap: Fix locking in omap_gem_new_dmabuf() (Tomi Valkeinen)
wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (Jeongjun Park) [Orabug: 37427509] {CVE-2024-53156}
drm/mm: Mark drm_mm_interval_tree*() functions with __maybe_unused (Andy Shevchenko)
firmware: arm_scpi: Check the DVFS OPP count returned by the firmware (Luo Qiu) [Orabug: 37427515] {CVE-2024-53157}
regmap: irq: Set lockdep class for hierarchical IRQ domains (Andy Shevchenko)
ARM: dts: cubieboard4: Fix DCDC5 regulator constraints (Andre Przywara)
tpm: fix signed/unsigned bug when checking event logs (Gregory Price)
efi/tpm: Pass correct address to memblock_reserve (Jerry Snitselaar)
mmc: mmc_spi: drop buggy snprintf() (Bartosz Golaszewski)
soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() (Dan Carpenter) [Orabug: 37427524] {CVE-2024-53158}
soc: ti: smartreflex: Use IRQF_NO_AUTOEN flag in request_irq() (Jinjie Ruan)
time: Fix references to _msecs_to_jiffies() handling of values (Miguel Ojeda)
crypto: cavium - Fix an error handling path in cpt_ucode_load_fw() (Christophe JAILLET)
crypto: bcm - add error check in the ahash_hmac_init function (Chen Ridong) [Orabug: 37434298] {CVE-2024-56681}
crypto: cavium - Fix the if condition to exit loop after timeout (Everest K.C)
crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY (Yi Yang) [Orabug: 37434323] {CVE-2024-56690}
EDAC/fsl_ddr: Fix bad bit shift operations (Priyanka Singh)
EDAC/bluefield: Fix potential integer overflow (David Thompson) [Orabug: 37427533] {CVE-2024-53161}
firmware: google: Unregister driver_info on failure (Yuan Can)
firmware: google: Unregister driver_info on failure and exit in gsmi (Arthur Heymans)
hfsplus: don't query the device logical block size multiple times (Thadeu Lima de Souza Cascardo) [Orabug: 37433720] {CVE-2024-56548}
s390/syscalls: Avoid creation of arch/arch/ directory (Masahiro Yamada)
acpi/arm64: Adjust error handling procedure in gtdt_parse_timer_block() (Aleksandr Mishin)
m68k: mvme147: Reinstate early console (Daniel Palmer)
m68k: mvme16x: Add and use 'mvme16x.h' (Geert Uytterhoeven)
m68k: mvme147: Fix SCSI controller IRQ numbers (Daniel Palmer)
nvme-pci: fix freeing of the HMB descriptor table (Christoph Hellwig) [Orabug: 37434510] {CVE-2024-56756}
initramfs: avoid filename buffer overrun (David Disseldorp) [Orabug: 37388874] {CVE-2024-53142}
mips: asm: fix warning when disabling MIPS_FP_SUPPORT (Jonas Gorski)
x86/xen/pvh: Annotate indirect branch as safe (Josh Poimboeuf)
nvme: fix metadata handling in nvme-passthrough (Puranjay Mohan)
cifs: Fix buffer overflow when parsing NFS reparse points (Pali Rohar) [Orabug: 37206284] {CVE-2024-49996}
ipmr: Fix access to mfc_cache_list without lock held (Breno Leitao)
proc/softirqs: replace seq_printf with seq_put_decimal_ull_width (David Wang)
ASoC: stm: Prevent potential division by zero in stm32_sai_get_clk_div() (Luo Yifan)
ASoC: stm: Prevent potential division by zero in stm32_sai_mclk_round_rate() (Luo Yifan)
regulator: rk808: Add apply_bit for BUCK3 on RK809 (Mikhail Rudenko)
soc: qcom: Add check devm_kasprintf() returned value (Charles Han)
net: usb: qmi_wwan: add Quectel RG650V (Benoit Monin)
x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB (Arnd Bergmann)
ALSA: hda/realtek: Add subwoofer quirk for Infinix ZERO BOOK 13 (Piyush Raj Chouhan)
selftests/watchdog-test: Fix system accidentally reset after watchdog-test (Li Zhijian)
mac80211: fix user-power when emulating chanctx (Ben Greear)
ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet (Hans de Goede)
kbuild: Use uname for LINUX_COMPILE_HOST detection (Chris Down)
media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set (Mauro Carvalho Chehab)
nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint (Ryusuke Konishi) [Orabug: 37388819] {CVE-2024-53130}
ocfs2: fix UBSAN warning in ocfs2_verify_volume() (Dmitry Antipov)
nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint (Ryusuke Konishi) [Orabug: 37388825] {CVE-2024-53131}
KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (Sean Christopherson) [Orabug: 37388846] {CVE-2024-53135}
ocfs2: uncache inode which has failed entering the group (Dmitry Antipov) [Orabug: 37388753] {CVE-2024-53112}
net/mlx5e: kTLS, Fix incorrect page refcounting (Dragos Tatulea)
net/mlx5: fs, lock FTE when checking if active (Mark Bloch)
netlink: terminate outstanding dump on socket close (Jakub Kicinski) [Orabug: 37388861] {CVE-2024-53140}
LTS tag: v5.4.286 (Alok Tiwari)
9p: fix slab cache name creation for real (Linus Torvalds)
md/raid10: improve code of mrdev in raid10_sync_request (Li Nan)
net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition (Reinhard Speyerer)
fs: Fix uninitialized value issue in from_kuid and from_kgid (Alessandro Zanni) [Orabug: 37331928] {CVE-2024-53101}
powerpc/powernv: Free name on error in opal_event_init() (Michael Ellerman)
sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML (Julian Vetter)
bpf: use kvzmalloc to allocate BPF verifier environment (Rik van Riel)
HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad (WangYuli)
9p: Avoid creating multiple slab caches with the same name (Pedro Falcato)
ALSA: usb-audio: Add endianness annotations (Jan Schar)
vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (Hyunwoo Kim) [Orabug: 37298681] {CVE-2024-50264}
hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer (Hyunwoo Kim) [Orabug: 37344480] {CVE-2024-53103}
ftrace: Fix possible use-after-free issue in ftrace_location() (Zheng Yejian) [Orabug: 36753574] {CVE-2024-38588}
NFSD: Fix NFSv4's PUTPUBFH operation (Chuck Lever)
ALSA: usb-audio: Add quirks for Dell WD19 dock (Jan Schar)
ALSA: usb-audio: Support jack detection on Dell dock (Jan Schar)
ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() (Andrew Kanner) [Orabug: 37298685] {CVE-2024-50265}
irqchip/gic-v3: Force propagation of the active state with a read-back (Marc Zyngier)
USB: serial: option: add Quectel RG650V (Benoit Monin)
USB: serial: option: add Fibocom FG132 0x0112 composition (Reinhard Speyerer)
USB: serial: qcserial: add support for Sierra Wireless EM86xx (Jack Wu)
USB: serial: io_edgeport: fix use after free in debug printk (Dan Carpenter) [Orabug: 37298695] {CVE-2024-50267}
usb: musb: sunxi: Fix accessing an released usb phy (Zijun Hu) [Orabug: 37298703] {CVE-2024-50269}
fs/proc: fix compile warning about variable 'vmcore_mmap_ops' (Qi Xi)
media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (Benoit Sevens) [Orabug: 37344485] {CVE-2024-53104}
net: bridge: xmit: make sure we have at least eth header len bytes (Nikolay Aleksandrov) [Orabug: 36753372] {CVE-2024-38538}
spi: fix use-after-free of the add_lock mutex (Michael Walle)
spi: Fix deadlock when adding SPI controllers on SPI buses (Mark Brown)
mtd: rawnand: protect access to rawnand devices while in suspend (Sean Nyekjaer)
btrfs: reinitialize delayed ref list after deleting it from the list (Filipe Manana) [Orabug: 37298715] {CVE-2024-50273}
nfs: Fix KMSAN warning in decode_getfattr_attrs() (Roberto Sassu) [Orabug: 37304779] {CVE-2024-53066}
dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (Zichen Xie)
dm cache: fix potential out-of-bounds access on the first resume (Ming-Hung Tsai) [Orabug: 37298732] {CVE-2024-50278}
dm cache: optimize dirty bit checking with find_next_bit when resizing (Ming-Hung Tsai)
dm cache: fix out-of-bounds access to the dirty bitset when resizing (Ming-Hung Tsai) [Orabug: 37298737] {CVE-2024-50279}
dm cache: correct the number of origin blocks to match the target length (Ming-Hung Tsai)
drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() (Alex Deucher) [Orabug: 37298751] {CVE-2024-50282}
pwm: imx-tpm: Use correct MODULO value for EPWM mode (Erik Schumacher)
media: v4l2-tpg: prevent the risk of a division by zero (Mauro Carvalho Chehab) [Orabug: 37298782] {CVE-2024-50287}
media: cx24116: prevent overflows on SNR calculus (Mauro Carvalho Chehab) [Orabug: 37298797] {CVE-2024-50290}
media: s5p-jpeg: prevent buffer overflows (Mauro Carvalho Chehab) [Orabug: 37304763] {CVE-2024-53061}
ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init() (Murad Masimov)
media: adv7604: prevent underflow condition when reporting colorspace (Mauro Carvalho Chehab)
media: dvb_frontend: don't play tricks with underflow values (Mauro Carvalho Chehab)
media: dvbdev: prevent the risk of out of memory access (Mauro Carvalho Chehab) [Orabug: 37304769] {CVE-2024-53063}
media: stb0899_algo: initialize cfr before using it (Mauro Carvalho Chehab)
net: hns3: fix kernel crash when uninstalling driver (Peiyang Wang) [Orabug: 37298811] {CVE-2024-50296}
can: c_can: fix {rx,tx}_errors statistics (Dario Binacchi)
sctp: properly validate chunk size in sctp_sf_ootb() (Xin Long) [Orabug: 37298820] {CVE-2024-50299}
net: enetc: set MAC address to the VF net_device (Wei Fang)
enetc: simplify the return expression of enetc_vf_set_mac_addr() (Qinglang Miao)
security/keys: fix slab-out-of-bounds in key_task_permission (Chen Ridong) [Orabug: 37298827] {CVE-2024-50301}
HID: core: zero-initialize the report buffer (Jiri Kosina) [Orabug: 37298834] {CVE-2024-50302}
ARM: dts: rockchip: Fix the realtek audio codec on rk3036-kylin (Heiko Stuebner)
ARM: dts: rockchip: Fix the spi controller on rk3036 (Heiko Stuebner)
ARM: dts: rockchip: drop grf reference from rk3036 hdmi (Heiko Stuebner)
ARM: dts: rockchip: fix rk3036 acodec node (Heiko Stuebner)
arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion (Heiko Stuebner)
arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards (Heiko Stuebner)
arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 (Diederik de Haas)
arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-excavator (Geert Uytterhoeven)

[5.4.17-2136.340.1]

rds/ib: avoid scq/rcq polling during rds connection shutdown (Arumugam Kolappan) [Orabug: 37092563]
RDMA/mlx5: Send UAR page index as ioctl attribute (Akiva Goldberger) [Orabug: 37029739]
RDMA: Pass entire uverbs attr bundle to create cq function (Akiva Goldberger) [Orabug: 37029739]
IB/uverbs: Enable CQ ioctl commands by default (Yishai Hadas) [Orabug: 37029739]

[5.4.17-2136.339.5]

tracing/kprobes: Skip symbol counting logic for module symbols in create_local_trace_kprobe() (Nikolay Kuratov)
vhost_scsi: log write descriptors (Dongli Zhang) [Orabug: 37393533]
vhost-scsi: protect vq->log_base with vq->mutex (Dongli Zhang) [Orabug: 37393533]

[5.4.17-2136.339.4]

RDMA/bnxt_re: Check cqe flags to know imm_data vs inv_irkey (Kashyap Desai)
Revert 'mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K' (Aurelien Jarno)
mm: revert 'mm: shmem: fix data-race in shmem_getattr()' (Andrew Morton)
net/ipv6: release expired exception dst cached in socket (Jiri Wiesner) [Orabug: 37434173] {CVE-2024-56644}
Revert 'unicode: Don't special case ignorable code points' (Linus Torvalds)
powerpc/vdso: Flag VDSO64 entry points as functions (Christophe Leroy)
Revert 'usb: gadget: composite: fix OS descriptors w_value logic' (Michal Vrastil)

[5.4.17-2136.339.3]

Revert 'ocfs2: fix the la space leak when unmounting an ocfs2 volume' (Sherry Yang) [Orabug: 37364531]
rds: recv_payload_bad_checksum was not 0 after running rds-stress on UEK6 (William Kucharski) [Orabug: 37265127]
rds: If RDS Checksums are enabled for RDMA RDS operations, the extension headers will overflow causing incorrect operation (William Kucharski) [Orabug: 37265125]
rds: rds_message_alloc() needlessly zeroes m_used_sgs (William Kucharski) [Orabug: 37265123]
rds: tracepoint in rds_receive_csum_err() prints pointless information (William Kucharski) [Orabug: 37265121]
rds: rds_inc_init() should initialize the inc->i_conn_path field (William Kucharski) [Orabug: 37265117]
rds: Race condition in adding RDS payload checksum extension header may result in RDS header corruption (William Kucharski) [Orabug: 37265115]
md/raid10: fix task hung in raid10d (Li Nan) [Orabug: 37126683]
md/raid10: factor out code from wait_barrier() to stop_waiting_barrier() (Yu Kuai) [Orabug: 37126683]
md/raid10: avoid deadlock on recovery. (Vitaly Mayatskikh) [Orabug: 37126683]

[5.4.17-2136.339.2]

arm64/cpu_errata: Spectre-BHB mitigation for AMPERE1 expects a loop of 11 iterations. (Miguel Luis) [Orabug: 37027863]

[5.4.17-2136.339.1]

net/rds: report pending-messages count in RDS_INQ response (Devesh Sharma) [Orabug: 35596047] [Orabug: 35316633]
net/rds: Introduce RDS-INQ feature to RDS protocol (Devesh Sharma) [Orabug: 35316632] [Orabug: 37109336]
net/rds: Supporting SIOCOUTQ to read pending sends (Devesh Sharma) [Orabug: 34460809] [Orabug: 37072814]
mm/memory-failure: pass the folio and the page to collect_procs() (Matthew Wilcox (Oracle)) [Orabug: 37270264]
KVM: x86: Stop compiling vmenter.S with OBJECT_FILES_NON_STANDARD (Sean Christopherson) [Orabug: 37273706]
KVM: SVM: Create a stack frame in __svm_vcpu_run() for unwinding (Sean Christopherson) [Orabug: 37273706]
objtool: Default ignore INT3 for unreachable (Peter Zijlstra) [Orabug: 37273706] {CVE-2022-29901}
x86/spec_ctrl: AMD AutoIBRS cannot be dynamically enabled or disabled (Alexandre Chartre) [Orabug: 37310552]
x86/msr: Add functions to set/clear the bit of an MSR on all cpus (Alexandre Chartre) [Orabug: 37310552]

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

kernel-uek

5.4.17-2136.343.5.1.el8uek

kernel-uek-devel

5.4.17-2136.343.5.1.el8uek

kernel-uek-doc

5.4.17-2136.343.5.1.el8uek

kernel-uek-debug

5.4.17-2136.343.5.1.el8uek

kernel-uek-debug-devel

5.4.17-2136.343.5.1.el8uek

Oracle Linux x86_64

kernel-uek

5.4.17-2136.343.5.1.el8uek

kernel-uek-container

5.4.17-2136.343.5.1.el8uek

kernel-uek-container-debug

5.4.17-2136.343.5.1.el8uek

kernel-uek-debug

5.4.17-2136.343.5.1.el8uek

kernel-uek-debug-devel

5.4.17-2136.343.5.1.el8uek

kernel-uek-devel

5.4.17-2136.343.5.1.el8uek

kernel-uek-doc

5.4.17-2136.343.5.1.el8uek

Oracle Linux 7

Oracle Linux x86_64

kernel-uek

5.4.17-2136.343.5.1.el7uek

kernel-uek-container

5.4.17-2136.343.5.1.el7uek

kernel-uek-container-debug

5.4.17-2136.343.5.1.el7uek

kernel-uek-debug

5.4.17-2136.343.5.1.el7uek

kernel-uek-debug-devel

5.4.17-2136.343.5.1.el7uek

kernel-uek-devel

5.4.17-2136.343.5.1.el7uek

kernel-uek-doc

5.4.17-2136.343.5.1.el7uek

kernel-uek-tools

5.4.17-2136.343.5.1.el7uek

Связанные CVE

CVE-2023-52532

CVE-2024-36929

Ссылки на источники

Связанные уязвимости

CVE-2024-36929

ubuntu

около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: net: core: reject skb_copy(_expand) for fraglist GSO skbs SKB_GSO_FRAGLIST skbs must not be linearized, otherwise they become invalid. Return NULL if such an skb is passed to skb_copy or skb_copy_expand, in order to prevent a crash on a potential later call to skb_gso_segment.

CVE-2024-36929

CVSS3: 5.5

redhat

около 1 года назад

CVE-2024-36929

nvd

около 1 года назад

CVE-2024-36929

debian

около 1 года назад

In the Linux kernel, the following vulnerability has been resolved: n ...

CVE-2023-52532

CVSS3: 5.5

ubuntu

больше 1 года назад

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix TX CQE error handling For an unknown TX CQE error type (probably from a newer hardware), still free the SKB, update the queue tail, etc., otherwise the accounting will be wrong. Also, TX errors can be triggered by injecting corrupted packets, so replace the WARN_ONCE to ratelimited error logging.