The following RPMs are included in this version:
| RPM | Issue |
|---|---|
| bpftool-4.18.0-553.27.1.el8_10.x86_64.rpm | - lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (Waiman Long) [RHEL-62139] {CVE-2024-47668} |
| - bonding: fix xfrm real_dev null pointer dereference (Hangbin Liu) [RHEL-57239] {CVE-2024-44989} | |
| - bonding: fix null pointer deref in bond_ipsec_offload_ok (Hangbin Liu) [RHEL-57233] {CVE-2024-44990} | |
| - bpf: Fix overrunning reservations in ringbuf (Viktor Malik) [RHEL-49414] {CVE-2024-41009} | |
| - xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CKI Backport Bot) [RHEL-49309] {CVE-2022-48773} | |
| - tty: tty_io: update timestamps on all device nodes (Aristeu Rozanski) [RHEL-55257] | |
| - tty: use 64-bit timstamp (Aristeu Rozanski) [RHEL-55257] | |
| - ELF: fix kernel.randomize_va_space double read (Rafael Aquini) [RHEL-60669] {CVE-2024-46826} | |
| - xfrm: set dst dev to blackhole_netdev instead of loopback_dev in ifdown (Xin Long) [RHEL-58100] | |
| - loopback: fix lockdep splat (Xin Long) [RHEL-58100] | |
| - blackhole_netdev: use blackhole_netdev to invalidate dst entries (Xin Long) [RHEL-58100] | |
| - loopback: create blackhole net device similar to loopack. (Xin Long) [RHEL-58100] | |
| - ethtool: check device is present when getting link settings (Jamie Bainbridge) [RHEL-57002] | |
| - netfilter: nft_set_pipapo: do not free live element (Phil Sutter) [RHEL-34221] {CVE-2024-26924} | |
| - netfilter: nf_tables: missing iterator type in lookup walk (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nft_set_pipapo: walk over current view on netlink dump (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nftables: add helper function to flush set elements (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nf_tables: prefer nft_chain_validate (Phil Sutter) [RHEL-51040] {CVE-2024-41042} | |
| - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (Phil Sutter) [RHEL-51516] {CVE-2024-42070} | |
| - netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (Phil Sutter) [RHEL-43003] {CVE-2024-35898} | |
| - netfilter: ipset: Fix suspicious rcu_dereference_protected() (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: ipset: Add list flush to cancel_gc (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: nf_conntrack_h323: Add protection for bmp length out of range (Phil Sutter) [RHEL-42680] {CVE-2024-26851} | |
| - netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - dev/parport: fix the array out-of-bounds risk (Steve Best) [RHEL-54985] {CVE-2024-42301} | |
| - KVM: Always flush async #PF workqueue when vCPU is being destroyed (Sean Christopherson) [RHEL-35100] {CVE-2024-26976} | |
| - bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (Kamal Heib) [RHEL-44279] {CVE-2024-38540} | |
| - tipc: Return non-zero value from tipc_udp_addr2str() on error (Xin Long) [RHEL-55069] {CVE-2024-42284} | |
| - Bluetooth: Fix TOCTOU in HCI debugfs implementation (CKI Backport Bot) [RHEL-26831] {CVE-2024-24857} | |
| - drm/i915/dpt: Make DPT object unshrinkable (CKI Backport Bot) [RHEL-47856] {CVE-2024-40924} | |
| - tipc: force a dst refcount before doing decryption (Xin Long) [RHEL-48363] {CVE-2024-40983} | |
| - block: initialize integrity buffer to zero before writing it to media (Ming Lei) [RHEL-54763] {CVE-2024-43854} | |
| - gso: do not skip outer ip header in case of ipip and net_failover (CKI Backport Bot) [RHEL-55790] {CVE-2022-48936} | |
| - drm/amdgpu: avoid using null object of framebuffer (CKI Backport Bot) [RHEL-51405] {CVE-2024-41093} | |
| - ipv6: prevent possible NULL deref in fib6_nh_init() (Guillaume Nault) [RHEL-48170] {CVE-2024-40961} | |
| - mlxsw: spectrum_acl_erp: Fix object nesting warning (CKI Backport Bot) [RHEL-55568] {CVE-2024-43880} | |
| - ibmvnic: Add tx check to prevent skb leak (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066} | |
| - ibmvnic: rename local variable index to bufidx (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066} | |
| - netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - USB: serial: mos7840: fix crash on resume (CKI Backport Bot) [RHEL-53680] {CVE-2024-42244} | |
| - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (CKI Backport Bot) [RHEL-48381] {CVE-2024-40984} | |
| - nouveau: lock the client object tree. (Abdiel Janulgue) [RHEL-35118] {CVE-2024-27062} | |
| - cifs: fix deadlock between reconnect and lease break (Paulo Alcantara) [RHEL-58037] | |
| - ACPI: PAD: fix crash in exit_round_robin() (Mark Langsdorf) [RHEL-56156] | |
| - gfs2: Randomize GLF_VERIFY_DELETE work delay (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Use mod_delayed_work in gfs2_queue_try_to_evict (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Update to the evict / remote delete documentation (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Clean up delete work processing (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Return enum evict_behavior from gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename dinode_demise to evict_behavior (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename GIF_{DEFERRED -> DEFER}_DELETE (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Faster gfs2_upgrade_iopen_glock wakeups (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Fix unlinked inode cleanup (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Initialize gl_no_formal_ino earlier (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename GLF_VERIFY_EVICT to GLF_VERIFY_DELETE (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: make timeout values more explicit (Wolfram Sang) [RHEL-35757] | |
| - gfs2: Simplify function gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename SDF_DEACTIVATING to SDF_KILL (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Cease delete work during unmount (Bob Peterson) [RHEL-35757] | |
| - gfs2: Improve gfs2_upgrade_iopen_glock comment (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: nit: gfs2_drop_inode shouldn't return bool (Bob Peterson) [RHEL-35757] | |
| - dmaengine: fix NULL pointer in channel unregistration function (Jerry Snitselaar) [RHEL-28867] {CVE-2023-52492} | |
| - dma-direct: Leak pages on dma_set_decrypted() failure (Jerry Snitselaar) [RHEL-37335] {CVE-2024-35939} | |
| - nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (Olga Kornievskaia) [RHEL-41075] | |
| - NFSv4: Always ask for type with READDIR (Benjamin Coddington) [RHEL-39397] | |
| - cifs: get rid of unneeded conditional in cifs_get_num_sgs() (Paulo Alcantara) [RHEL-60251] | |
| - cifs: Get rid of unneeded conditional in the smb2_get_aead_req() (Paulo Alcantara) [RHEL-60251] | |
| - cifs: Remove duplicated include in cifsglob.h (Paulo Alcantara) [RHEL-60251] | |
| - cifs: fix oops during encryption (Paulo Alcantara) [RHEL-60251] | |
| - cifs: do not set WorkstationName in NTLMSSP auth blob (Paulo Alcantara) [RHEL-56729] | |
| - padata: Fix possible divide-by-0 panic in padata_mt_helper() (Steve Best) [RHEL-56162] {CVE-2024-43889} | |
| - i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR (CKI Backport Bot) [RHEL-57000] | |
| - sctp: Fix null-ptr-deref in reuseport_add_sock(). (Xin Long) [RHEL-56234] {CVE-2024-44935} | |
| - net/mlx5e: Fix netif state handling (Michal Schmidt) [RHEL-43864] {CVE-2024-38608} | |
| - net/mlx5e: Add wrapping for auxiliary_driver ops and remove unused args (Michal Schmidt) [RHEL-43864] {CVE-2024-38608} | |
| - r8169: Fix possible ring buffer corruption on fragmented Tx packets. (cki-backport-bot) [RHEL-44031] {CVE-2024-38586} | |
| - netfilter: flowtable: initialise extack before use (Florian Westphal) [RHEL-58542] {CVE-2024-45018} | |
| - memcg: protect concurrent access to mem_cgroup_idr (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - memcontrol: ensure memcg acquired by id is properly set up (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - mm: memcontrol: fix cannot alloc the maximum memcg ID (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - mm/memcg: minor cleanup for MEM_CGROUP_ID_MAX (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - ice: Add netif_device_attach/detach into PF reset flow (CKI Backport Bot) [RHEL-23676] | |
| - Adding prod certs and changed cert date to 20210620 (Sherif Nagy) | |
| - Adding Rocky secure boot certs (Sherif Nagy) | |
| - Fixing vmlinuz removal (Sherif Nagy) | |
| - Fixing UEFI CA path (Sherif Nagy) | |
| - Porting to 8.10, debranding and Rocky branding (Louis Abel) | |
| - Fixing pesign_key_name values (Sherif Nagy) | |
| - Adding prod certs and changed cert date to 20210620 (Sherif Nagy) | |
| - Adding Rocky secure boot certs (Sherif Nagy) | |
| - Fixing vmlinuz removal (Sherif Nagy) | |
| - Fixing UEFI CA path (Sherif Nagy) | |
| - Porting to 8.10, debranding and Rocky branding (Louis Abel) | |
| - Fixing pesign_key_name values (Sherif Nagy) | |
| - cifs: modefromsids must add an ACE for authenticated users (Paulo Alcantara) [RHEL-56052] | |
| - cifs: do not use uninitialized data in the owner/group sid (Paulo Alcantara) [RHEL-56052] | |
| - cifs: fix set of group SID via NTSD xattrs (Paulo Alcantara) [RHEL-56052] | |
| - smb3: correct smb3 ACL security descriptor (Paulo Alcantara) [RHEL-56052] | |
| - smb3: fix possible access to uninitialized pointer to DACL (Paulo Alcantara) [RHEL-56052] | |
| - cifs: remove two cases where rc is set unnecessarily in sid_to_id (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix chmod with modefromsid when an older ACE already exists. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: update new ACE pointer after populate_new_aces. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: If a corrupted DACL is returned by the server, bail out. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: cleanup a few le16 vs. le32 uses in cifsacl.c (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Change SIDs in ACEs while transferring file ownership. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Retain old ACEs when converting between mode bits and ACL. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix cifsacl ACE mask for group and others. (Paulo Alcantara) [RHEL-56052] | |
| - Add SMB 2 support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052] | |
| - SMB3: Add support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Enable sticky bit with cifsacl mount option. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix unix perm bits to cifsacl conversion for "other" bits. (Paulo Alcantara) [RHEL-56052] | |
| - drm/i915/gt: Fix potential UAF by revoke of fence registers (Mika Penttilä) [RHEL-53633] {CVE-2024-41092} | |
| - scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (Dick Kennedy) [RHEL-27224] | |
| - kobject_uevent: Fix OOB access within zap_modalias_env() (Rafael Aquini) [RHEL-55000] {CVE-2024-42292} | |
| - gfs2: Fix NULL pointer dereference in gfs2_log_flush (Andrew Price) [RHEL-51553] {CVE-2024-42079} | |
| - of: module: add buffer overflow check in of_modalias() (Charles Mirabile) [RHEL-44267] {CVE-2024-38541} | |
| bzip2-1.0.6-27.el8_10.x86_64.rpm | - Fixes out of bounds access in BZ2_decompress (RHEL-64929) |
| bzip2-libs-1.0.6-27.el8_10.x86_64.rpm | - Fixes out of bounds access in BZ2_decompress (RHEL-64929) |
| chrony-4.5-2.el8_10.x86_64.rpm | - fix crash on reload command during start (RHEL-59112) |
| - enable AES-CMAC support using gnutls (RHEL-59032) | |
| cups-libs-2.2.6-61.el8_10.x86_64.rpm | - RHEL-54038 cups source rpm doesn't actually build lspp support |
| - fix memory leaks caused by lspp | |
| glib2-2.56.4-165.el8_10.x86_64.rpm | - Add support for x-gvfs-trash mount option |
| - Resolves: RHEL-46828 | |
| - Add support to ignore trash for certain mounts | |
| - Resolves: RHEL-2836 | |
| glib2-devel-2.56.4-165.el8_10.x86_64.rpm | - Add support for x-gvfs-trash mount option |
| - Resolves: RHEL-46828 | |
| - Add support to ignore trash for certain mounts | |
| - Resolves: RHEL-2836 | |
| grub2-common-2.02-158.el8_10.rocky.0.1.noarch.rpm | - 20-grub-install: fix SELinux security type context for BLS |
| - Resolves: #RHEL-4395 | |
| - Removing redhat old cert sources entries (Sherif Nagy) | |
| - Preserving rhel8 sbat entry based on shim-review feedback ticket no. 194 | |
| - Porting to 8.10 | |
| - Cleaning up grup.macro extra signing certs and updating rocky test CA and CERT | |
| - Cleaning up grup.macro extra signing certs | |
| - Use rocky-sb-certs for secure boot signing | |
| - Removing redhat old cert sources entries (Sherif Nagy) | |
| - Preserving rhel8 sbat entry based on shim-review feedback ticket no. 194 | |
| - Porting to 8.10 | |
| - Cleaning up grup.macro extra signing certs and updating rocky test CA and CERT | |
| - Cleaning up grup.macro extra signing certs | |
| - Use rocky-sb-certs for secure boot signing | |
| - grub-mkconfig.in: turn off executable owner bit | |
| - Resolves: #RHEL-58835 | |
| grub2-efi-x64-2.02-158.el8_10.rocky.0.1.x86_64.rpm | - 20-grub-install: fix SELinux security type context for BLS |
| - Resolves: #RHEL-4395 | |
| - Removing redhat old cert sources entries (Sherif Nagy) | |
| - Preserving rhel8 sbat entry based on shim-review feedback ticket no. 194 | |
| - Porting to 8.10 | |
| - Cleaning up grup.macro extra signing certs and updating rocky test CA and CERT | |
| - Cleaning up grup.macro extra signing certs | |
| - Use rocky-sb-certs for secure boot signing | |
| - Removing redhat old cert sources entries (Sherif Nagy) | |
| - Preserving rhel8 sbat entry based on shim-review feedback ticket no. 194 | |
| - Porting to 8.10 | |
| - Cleaning up grup.macro extra signing certs and updating rocky test CA and CERT | |
| - Cleaning up grup.macro extra signing certs | |
| - Use rocky-sb-certs for secure boot signing | |
| - grub-mkconfig.in: turn off executable owner bit | |
| - Resolves: #RHEL-58835 | |
| grub2-pc-2.02-158.el8_10.rocky.0.1.x86_64.rpm | - 20-grub-install: fix SELinux security type context for BLS |
| - Resolves: #RHEL-4395 | |
| - Removing redhat old cert sources entries (Sherif Nagy) | |
| - Preserving rhel8 sbat entry based on shim-review feedback ticket no. 194 | |
| - Porting to 8.10 | |
| - Cleaning up grup.macro extra signing certs and updating rocky test CA and CERT | |
| - Cleaning up grup.macro extra signing certs | |
| - Use rocky-sb-certs for secure boot signing | |
| - Removing redhat old cert sources entries (Sherif Nagy) | |
| - Preserving rhel8 sbat entry based on shim-review feedback ticket no. 194 | |
| - Porting to 8.10 | |
| - Cleaning up grup.macro extra signing certs and updating rocky test CA and CERT | |
| - Cleaning up grup.macro extra signing certs | |
| - Use rocky-sb-certs for secure boot signing | |
| - grub-mkconfig.in: turn off executable owner bit | |
| - Resolves: #RHEL-58835 | |
| grub2-pc-modules-2.02-158.el8_10.rocky.0.1.noarch.rpm | - 20-grub-install: fix SELinux security type context for BLS |
| - Resolves: #RHEL-4395 | |
| - Removing redhat old cert sources entries (Sherif Nagy) | |
| - Preserving rhel8 sbat entry based on shim-review feedback ticket no. 194 | |
| - Porting to 8.10 | |
| - Cleaning up grup.macro extra signing certs and updating rocky test CA and CERT | |
| - Cleaning up grup.macro extra signing certs | |
| - Use rocky-sb-certs for secure boot signing | |
| - Removing redhat old cert sources entries (Sherif Nagy) | |
| - Preserving rhel8 sbat entry based on shim-review feedback ticket no. 194 | |
| - Porting to 8.10 | |
| - Cleaning up grup.macro extra signing certs and updating rocky test CA and CERT | |
| - Cleaning up grup.macro extra signing certs | |
| - Use rocky-sb-certs for secure boot signing | |
| - grub-mkconfig.in: turn off executable owner bit | |
| - Resolves: #RHEL-58835 | |
| grub2-tools-2.02-158.el8_10.rocky.0.1.x86_64.rpm | - 20-grub-install: fix SELinux security type context for BLS |
| - Resolves: #RHEL-4395 | |
| - Removing redhat old cert sources entries (Sherif Nagy) | |
| - Preserving rhel8 sbat entry based on shim-review feedback ticket no. 194 | |
| - Porting to 8.10 | |
| - Cleaning up grup.macro extra signing certs and updating rocky test CA and CERT | |
| - Cleaning up grup.macro extra signing certs | |
| - Use rocky-sb-certs for secure boot signing | |
| - Removing redhat old cert sources entries (Sherif Nagy) | |
| - Preserving rhel8 sbat entry based on shim-review feedback ticket no. 194 | |
| - Porting to 8.10 | |
| - Cleaning up grup.macro extra signing certs and updating rocky test CA and CERT | |
| - Cleaning up grup.macro extra signing certs | |
| - Use rocky-sb-certs for secure boot signing | |
| - grub-mkconfig.in: turn off executable owner bit | |
| - Resolves: #RHEL-58835 | |
| grub2-tools-efi-2.02-158.el8_10.rocky.0.1.x86_64.rpm | - 20-grub-install: fix SELinux security type context for BLS |
| - Resolves: #RHEL-4395 | |
| - Removing redhat old cert sources entries (Sherif Nagy) | |
| - Preserving rhel8 sbat entry based on shim-review feedback ticket no. 194 | |
| - Porting to 8.10 | |
| - Cleaning up grup.macro extra signing certs and updating rocky test CA and CERT | |
| - Cleaning up grup.macro extra signing certs | |
| - Use rocky-sb-certs for secure boot signing | |
| - Removing redhat old cert sources entries (Sherif Nagy) | |
| - Preserving rhel8 sbat entry based on shim-review feedback ticket no. 194 | |
| - Porting to 8.10 | |
| - Cleaning up grup.macro extra signing certs and updating rocky test CA and CERT | |
| - Cleaning up grup.macro extra signing certs | |
| - Use rocky-sb-certs for secure boot signing | |
| - grub-mkconfig.in: turn off executable owner bit | |
| - Resolves: #RHEL-58835 | |
| grub2-tools-extra-2.02-158.el8_10.rocky.0.1.x86_64.rpm | - 20-grub-install: fix SELinux security type context for BLS |
| - Resolves: #RHEL-4395 | |
| - Removing redhat old cert sources entries (Sherif Nagy) | |
| - Preserving rhel8 sbat entry based on shim-review feedback ticket no. 194 | |
| - Porting to 8.10 | |
| - Cleaning up grup.macro extra signing certs and updating rocky test CA and CERT | |
| - Cleaning up grup.macro extra signing certs | |
| - Use rocky-sb-certs for secure boot signing | |
| - Removing redhat old cert sources entries (Sherif Nagy) | |
| - Preserving rhel8 sbat entry based on shim-review feedback ticket no. 194 | |
| - Porting to 8.10 | |
| - Cleaning up grup.macro extra signing certs and updating rocky test CA and CERT | |
| - Cleaning up grup.macro extra signing certs | |
| - Use rocky-sb-certs for secure boot signing | |
| - grub-mkconfig.in: turn off executable owner bit | |
| - Resolves: #RHEL-58835 | |
| grub2-tools-minimal-2.02-158.el8_10.rocky.0.1.x86_64.rpm | - 20-grub-install: fix SELinux security type context for BLS |
| - Resolves: #RHEL-4395 | |
| - Removing redhat old cert sources entries (Sherif Nagy) | |
| - Preserving rhel8 sbat entry based on shim-review feedback ticket no. 194 | |
| - Porting to 8.10 | |
| - Cleaning up grup.macro extra signing certs and updating rocky test CA and CERT | |
| - Cleaning up grup.macro extra signing certs | |
| - Use rocky-sb-certs for secure boot signing | |
| - Removing redhat old cert sources entries (Sherif Nagy) | |
| - Preserving rhel8 sbat entry based on shim-review feedback ticket no. 194 | |
| - Porting to 8.10 | |
| - Cleaning up grup.macro extra signing certs and updating rocky test CA and CERT | |
| - Cleaning up grup.macro extra signing certs | |
| - Use rocky-sb-certs for secure boot signing | |
| - grub-mkconfig.in: turn off executable owner bit | |
| - Resolves: #RHEL-58835 | |
| iwl100-firmware-39.31.5.1-125.el8_10.1.noarch.rpm | - Update linux-firmware to latest upstream (RHEL-62359) |
| Changes since the last update are noted on items below, copied from | |
| the git changelog of upstream linux-firmware repository. | |
| - mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher | |
| - ath12k: WCN7850 hw2.0: update board-2.bin | |
| - ath12k: QCN9274 hw2.0: add to WLAN.WBE.1.3.1-00162-QCAHKSWPL_SILICONZ-1 | |
| - ath12k: QCN9274 hw2.0: add board-2.bin | |
| - copy-firmware.sh: rename variables in symlink hanlding | |
| - copy-firmware.sh: remove no longer reachable test -L | |
| - copy-firmware.sh: remove no longer reachable test -f | |
| - copy-firmware.sh: call ./check_whence.py before parsing the file | |
| - copy-firmware.sh: warn if the destination folder is not empty | |
| - copy-firmware.sh: add err() helper | |
| - copy-firmware.sh: fix indentation | |
| - copy-firmware.sh: reset and consistently handle destdir | |
| - Revert "copy-firmware: Support additional compressor options" | |
| - copy-firmware.sh: flesh out and fix dedup-firmware.sh | |
| - Style update yaml files | |
| - editorconfig: add initial config file | |
| - check_whence.py: annotate replacement strings as raw | |
| - check_whence.py: LC_ALL=C sort -u the filelist | |
| - check_whence.py: ban link-to-a-link | |
| - check_whence.py: use consistent naming | |
| - Add a link from TAS2XXX1EB3.bin -> ti/tas2781/TAS2XXX1EB30.bin | |
| - tas2781: Upload dsp firmware for ASUS laptop 1EB30 & 1EB31 | |
| - rtlwifi: Add firmware v39.0 for RTL8192DU | |
| - Revert "ath12k: WCN7850 hw2.0: update board-2.bin" | |
| - amdgpu: DMCUB DCN35 update | |
| - brcm: Add BCM4354 NVRAM for Jetson TX1 | |
| - brcm: Link FriendlyElec NanoPi M4 to AP6356S nvram | |
| - linux-firmware: add firmware for MediaTek Bluetooth chip (MT7920) | |
| - linux-firmware: add firmware for MT7920 | |
| - amdgpu: update raven firmware | |
| - amdgpu: update SMU 13.0.10 firmware | |
| - amdgpu: update PSP 13.0.10 firmware | |
| - amdgpu: update GC 11.0.3 firmware | |
| - amdgpu: update VCN 3.1.2 firmware | |
| - amdgpu: update PSP 13.0.5 firmware | |
| - amdgpu: update PSP 13.0.8 firmware | |
| - amdgpu: update vega12 firmware | |
| - amdgpu: update PSP 14.0.4 firmware | |
| - amdgpu: update GC 11.5.2 firmware | |
| - amdgpu: update vega10 firmware | |
| - amdgpu: update VCN 4.0.0 firmware | |
| - amdgpu: update PSP 13.0.0 firmware | |
| - amdgpu: update GC 11.0.0 firmware | |
| - amdgpu: update picasso firmware | |
| - amdgpu: update beige goby firmware | |
| - amdgpu: update vangogh firmware | |
| - amdgpu: update dimgrey cavefish firmware | |
| - amdgpu: update navy flounder firmware | |
| - amdgpu: update green sardine firmware | |
| - amdgpu: update VCN 4.0.2 firmware | |
| - amdgpu: update PSP 13.0.4 firmware | |
| - amdgpu: update GC 11.0.1 firmware | |
| - amdgpu: update sienna cichlid firmware | |
| - amdgpu: update VCN 4.0.6 firmware | |
| - amdgpu: update PSP 14.0.1 firmware | |
| - amdgpu: update GC 11.5.1 firmware | |
| - amdgpu: update VCN 4.0.5 firmware | |
| - amdgpu: update PSP 14.0.0 firmware | |
| - amdgpu: update GC 11.5.0 firmware | |
| - amdgpu: update navi14 firmware | |
| - amdgpu: update renoir firmware | |
| - amdgpu: update navi12 firmware | |
| - amdgpu: update SMU 13.0.6 firmware | |
| - amdgpu: update SDMA 4.4.2 firmware | |
| - amdgpu: update PSP 13.0.6 firmware | |
| - amdgpu: update GC 9.4.3 firmware | |
| - amdgpu: update yellow carp firmware | |
| - amdgpu: update VCN 4.0.4 firmware | |
| - amdgpu: update PSP 13.0.7 firmware | |
| - amdgpu: update GC 11.0.2 firmware | |
| - amdgpu: update navi10 firmware | |
| - amdgpu: update aldebaran firmware | |
| - qcom: update gpu firmwares for qcm6490 chipset | |
| - mt76: mt7996: add firmware files for mt7992 chipset | |
| - mt76: mt7996: add firmware files for mt7996 chipset variants | |
| - qcom: add gpu firmwares for sa8775p chipset | |
| - amdgpu: update DMCUB to v0.0.233.0 DCN351 | |
| - rtw89: 8922a: add fw format-2 v0.35.42.1 | |
| - copy-firmware: Handle links to uncompressed files | |
| - WHENCE: Fix battmgr.jsn entry type | |
| - amdgpu: Add VPE 6.1.3 microcode | |
| - amdgpu: add SDMA 6.1.2 microcode | |
| - amdgpu: Add support for PSP 14.0.4 | |
| - amdgpu: add GC 11.5.2 microcode | |
| - qcom: qcm6490: add ADSP and CDSP firmware | |
| - linux-firmware: Update firmware file for Intel Bluetooth Magnetor core | |
| - linux-firmware: Update firmware file for Intel BlazarU core | |
| - linux-firmware: Update firmware file for Intel Bluetooth Solar core | |
| - rtl_bt: Update RTL8852B BT USB FW to 0x0447_9301 | |
| - realtek: rt1320: Add patch firmware of MCU | |
| - i915: Update MTL DMC v2.23 | |
| - cirrus: cs35l56: Add firmware for Cirrus CS35L54 for some HP laptops | |
| - amdgpu: Revert sienna cichlid dmcub firmware update | |
| - Merge tag 'iwlwifi-fw-2024-09-03' of http://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware into iwlwifi-20240903 | |
| - iwlwifi: add Bz FW for core89-58 release | |
| - rtl_nic: add firmware rtl8126a-3 | |
| - linux-firmware: update firmware for MT7921 WiFi device | |
| - linux-firmware: update firmware for mediatek bluetooth chip (MT7921) | |
| - amdgpu: update DMCUB to v0.0.232.0 for DCN314 and DCN351 | |
| - qcom: vpu: restore compatibility with kernels before 6.6 | |
| Resolves: RHEL-62359 | |
| iwl1000-firmware-39.31.5.1-125.el8_10.1.noarch.rpm | - Update linux-firmware to latest upstream (RHEL-62359) |
| Changes since the last update are noted on items below, copied from | |
| the git changelog of upstream linux-firmware repository. | |
| - mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher | |
| - ath12k: WCN7850 hw2.0: update board-2.bin | |
| - ath12k: QCN9274 hw2.0: add to WLAN.WBE.1.3.1-00162-QCAHKSWPL_SILICONZ-1 | |
| - ath12k: QCN9274 hw2.0: add board-2.bin | |
| - copy-firmware.sh: rename variables in symlink hanlding | |
| - copy-firmware.sh: remove no longer reachable test -L | |
| - copy-firmware.sh: remove no longer reachable test -f | |
| - copy-firmware.sh: call ./check_whence.py before parsing the file | |
| - copy-firmware.sh: warn if the destination folder is not empty | |
| - copy-firmware.sh: add err() helper | |
| - copy-firmware.sh: fix indentation | |
| - copy-firmware.sh: reset and consistently handle destdir | |
| - Revert "copy-firmware: Support additional compressor options" | |
| - copy-firmware.sh: flesh out and fix dedup-firmware.sh | |
| - Style update yaml files | |
| - editorconfig: add initial config file | |
| - check_whence.py: annotate replacement strings as raw | |
| - check_whence.py: LC_ALL=C sort -u the filelist | |
| - check_whence.py: ban link-to-a-link | |
| - check_whence.py: use consistent naming | |
| - Add a link from TAS2XXX1EB3.bin -> ti/tas2781/TAS2XXX1EB30.bin | |
| - tas2781: Upload dsp firmware for ASUS laptop 1EB30 & 1EB31 | |
| - rtlwifi: Add firmware v39.0 for RTL8192DU | |
| - Revert "ath12k: WCN7850 hw2.0: update board-2.bin" | |
| - amdgpu: DMCUB DCN35 update | |
| - brcm: Add BCM4354 NVRAM for Jetson TX1 | |
| - brcm: Link FriendlyElec NanoPi M4 to AP6356S nvram | |
| - linux-firmware: add firmware for MediaTek Bluetooth chip (MT7920) | |
| - linux-firmware: add firmware for MT7920 | |
| - amdgpu: update raven firmware | |
| - amdgpu: update SMU 13.0.10 firmware | |
| - amdgpu: update PSP 13.0.10 firmware | |
| - amdgpu: update GC 11.0.3 firmware | |
| - amdgpu: update VCN 3.1.2 firmware | |
| - amdgpu: update PSP 13.0.5 firmware | |
| - amdgpu: update PSP 13.0.8 firmware | |
| - amdgpu: update vega12 firmware | |
| - amdgpu: update PSP 14.0.4 firmware | |
| - amdgpu: update GC 11.5.2 firmware | |
| - amdgpu: update vega10 firmware | |
| - amdgpu: update VCN 4.0.0 firmware | |
| - amdgpu: update PSP 13.0.0 firmware | |
| - amdgpu: update GC 11.0.0 firmware | |
| - amdgpu: update picasso firmware | |
| - amdgpu: update beige goby firmware | |
| - amdgpu: update vangogh firmware | |
| - amdgpu: update dimgrey cavefish firmware | |
| - amdgpu: update navy flounder firmware | |
| - amdgpu: update green sardine firmware | |
| - amdgpu: update VCN 4.0.2 firmware | |
| - amdgpu: update PSP 13.0.4 firmware | |
| - amdgpu: update GC 11.0.1 firmware | |
| - amdgpu: update sienna cichlid firmware | |
| - amdgpu: update VCN 4.0.6 firmware | |
| - amdgpu: update PSP 14.0.1 firmware | |
| - amdgpu: update GC 11.5.1 firmware | |
| - amdgpu: update VCN 4.0.5 firmware | |
| - amdgpu: update PSP 14.0.0 firmware | |
| - amdgpu: update GC 11.5.0 firmware | |
| - amdgpu: update navi14 firmware | |
| - amdgpu: update renoir firmware | |
| - amdgpu: update navi12 firmware | |
| - amdgpu: update SMU 13.0.6 firmware | |
| - amdgpu: update SDMA 4.4.2 firmware | |
| - amdgpu: update PSP 13.0.6 firmware | |
| - amdgpu: update GC 9.4.3 firmware | |
| - amdgpu: update yellow carp firmware | |
| - amdgpu: update VCN 4.0.4 firmware | |
| - amdgpu: update PSP 13.0.7 firmware | |
| - amdgpu: update GC 11.0.2 firmware | |
| - amdgpu: update navi10 firmware | |
| - amdgpu: update aldebaran firmware | |
| - qcom: update gpu firmwares for qcm6490 chipset | |
| - mt76: mt7996: add firmware files for mt7992 chipset | |
| - mt76: mt7996: add firmware files for mt7996 chipset variants | |
| - qcom: add gpu firmwares for sa8775p chipset | |
| - amdgpu: update DMCUB to v0.0.233.0 DCN351 | |
| - rtw89: 8922a: add fw format-2 v0.35.42.1 | |
| - copy-firmware: Handle links to uncompressed files | |
| - WHENCE: Fix battmgr.jsn entry type | |
| - amdgpu: Add VPE 6.1.3 microcode | |
| - amdgpu: add SDMA 6.1.2 microcode | |
| - amdgpu: Add support for PSP 14.0.4 | |
| - amdgpu: add GC 11.5.2 microcode | |
| - qcom: qcm6490: add ADSP and CDSP firmware | |
| - linux-firmware: Update firmware file for Intel Bluetooth Magnetor core | |
| - linux-firmware: Update firmware file for Intel BlazarU core | |
| - linux-firmware: Update firmware file for Intel Bluetooth Solar core | |
| - rtl_bt: Update RTL8852B BT USB FW to 0x0447_9301 | |
| - realtek: rt1320: Add patch firmware of MCU | |
| - i915: Update MTL DMC v2.23 | |
| - cirrus: cs35l56: Add firmware for Cirrus CS35L54 for some HP laptops | |
| - amdgpu: Revert sienna cichlid dmcub firmware update | |
| - Merge tag 'iwlwifi-fw-2024-09-03' of http://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware into iwlwifi-20240903 | |
| - iwlwifi: add Bz FW for core89-58 release | |
| - rtl_nic: add firmware rtl8126a-3 | |
| - linux-firmware: update firmware for MT7921 WiFi device | |
| - linux-firmware: update firmware for mediatek bluetooth chip (MT7921) | |
| - amdgpu: update DMCUB to v0.0.232.0 for DCN314 and DCN351 | |
| - qcom: vpu: restore compatibility with kernels before 6.6 | |
| Resolves: RHEL-62359 | |
| iwl105-firmware-18.168.6.1-125.el8_10.1.noarch.rpm | - Update linux-firmware to latest upstream (RHEL-62359) |
| Changes since the last update are noted on items below, copied from | |
| the git changelog of upstream linux-firmware repository. | |
| - mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher | |
| - ath12k: WCN7850 hw2.0: update board-2.bin | |
| - ath12k: QCN9274 hw2.0: add to WLAN.WBE.1.3.1-00162-QCAHKSWPL_SILICONZ-1 | |
| - ath12k: QCN9274 hw2.0: add board-2.bin | |
| - copy-firmware.sh: rename variables in symlink hanlding | |
| - copy-firmware.sh: remove no longer reachable test -L | |
| - copy-firmware.sh: remove no longer reachable test -f | |
| - copy-firmware.sh: call ./check_whence.py before parsing the file | |
| - copy-firmware.sh: warn if the destination folder is not empty | |
| - copy-firmware.sh: add err() helper | |
| - copy-firmware.sh: fix indentation | |
| - copy-firmware.sh: reset and consistently handle destdir | |
| - Revert "copy-firmware: Support additional compressor options" | |
| - copy-firmware.sh: flesh out and fix dedup-firmware.sh | |
| - Style update yaml files | |
| - editorconfig: add initial config file | |
| - check_whence.py: annotate replacement strings as raw | |
| - check_whence.py: LC_ALL=C sort -u the filelist | |
| - check_whence.py: ban link-to-a-link | |
| - check_whence.py: use consistent naming | |
| - Add a link from TAS2XXX1EB3.bin -> ti/tas2781/TAS2XXX1EB30.bin | |
| - tas2781: Upload dsp firmware for ASUS laptop 1EB30 & 1EB31 | |
| - rtlwifi: Add firmware v39.0 for RTL8192DU | |
| - Revert "ath12k: WCN7850 hw2.0: update board-2.bin" | |
| - amdgpu: DMCUB DCN35 update | |
| - brcm: Add BCM4354 NVRAM for Jetson TX1 | |
| - brcm: Link FriendlyElec NanoPi M4 to AP6356S nvram | |
| - linux-firmware: add firmware for MediaTek Bluetooth chip (MT7920) | |
| - linux-firmware: add firmware for MT7920 | |
| - amdgpu: update raven firmware | |
| - amdgpu: update SMU 13.0.10 firmware | |
| - amdgpu: update PSP 13.0.10 firmware | |
| - amdgpu: update GC 11.0.3 firmware | |
| - amdgpu: update VCN 3.1.2 firmware | |
| - amdgpu: update PSP 13.0.5 firmware | |
| - amdgpu: update PSP 13.0.8 firmware | |
| - amdgpu: update vega12 firmware | |
| - amdgpu: update PSP 14.0.4 firmware | |
| - amdgpu: update GC 11.5.2 firmware | |
| - amdgpu: update vega10 firmware | |
| - amdgpu: update VCN 4.0.0 firmware | |
| - amdgpu: update PSP 13.0.0 firmware | |
| - amdgpu: update GC 11.0.0 firmware | |
| - amdgpu: update picasso firmware | |
| - amdgpu: update beige goby firmware | |
| - amdgpu: update vangogh firmware | |
| - amdgpu: update dimgrey cavefish firmware | |
| - amdgpu: update navy flounder firmware | |
| - amdgpu: update green sardine firmware | |
| - amdgpu: update VCN 4.0.2 firmware | |
| - amdgpu: update PSP 13.0.4 firmware | |
| - amdgpu: update GC 11.0.1 firmware | |
| - amdgpu: update sienna cichlid firmware | |
| - amdgpu: update VCN 4.0.6 firmware | |
| - amdgpu: update PSP 14.0.1 firmware | |
| - amdgpu: update GC 11.5.1 firmware | |
| - amdgpu: update VCN 4.0.5 firmware | |
| - amdgpu: update PSP 14.0.0 firmware | |
| - amdgpu: update GC 11.5.0 firmware | |
| - amdgpu: update navi14 firmware | |
| - amdgpu: update renoir firmware | |
| - amdgpu: update navi12 firmware | |
| - amdgpu: update SMU 13.0.6 firmware | |
| - amdgpu: update SDMA 4.4.2 firmware | |
| - amdgpu: update PSP 13.0.6 firmware | |
| - amdgpu: update GC 9.4.3 firmware | |
| - amdgpu: update yellow carp firmware | |
| - amdgpu: update VCN 4.0.4 firmware | |
| - amdgpu: update PSP 13.0.7 firmware | |
| - amdgpu: update GC 11.0.2 firmware | |
| - amdgpu: update navi10 firmware | |
| - amdgpu: update aldebaran firmware | |
| - qcom: update gpu firmwares for qcm6490 chipset | |
| - mt76: mt7996: add firmware files for mt7992 chipset | |
| - mt76: mt7996: add firmware files for mt7996 chipset variants | |
| - qcom: add gpu firmwares for sa8775p chipset | |
| - amdgpu: update DMCUB to v0.0.233.0 DCN351 | |
| - rtw89: 8922a: add fw format-2 v0.35.42.1 | |
| - copy-firmware: Handle links to uncompressed files | |
| - WHENCE: Fix battmgr.jsn entry type | |
| - amdgpu: Add VPE 6.1.3 microcode | |
| - amdgpu: add SDMA 6.1.2 microcode | |
| - amdgpu: Add support for PSP 14.0.4 | |
| - amdgpu: add GC 11.5.2 microcode | |
| - qcom: qcm6490: add ADSP and CDSP firmware | |
| - linux-firmware: Update firmware file for Intel Bluetooth Magnetor core | |
| - linux-firmware: Update firmware file for Intel BlazarU core | |
| - linux-firmware: Update firmware file for Intel Bluetooth Solar core | |
| - rtl_bt: Update RTL8852B BT USB FW to 0x0447_9301 | |
| - realtek: rt1320: Add patch firmware of MCU | |
| - i915: Update MTL DMC v2.23 | |
| - cirrus: cs35l56: Add firmware for Cirrus CS35L54 for some HP laptops | |
| - amdgpu: Revert sienna cichlid dmcub firmware update | |
| - Merge tag 'iwlwifi-fw-2024-09-03' of http://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware into iwlwifi-20240903 | |
| - iwlwifi: add Bz FW for core89-58 release | |
| - rtl_nic: add firmware rtl8126a-3 | |
| - linux-firmware: update firmware for MT7921 WiFi device | |
| - linux-firmware: update firmware for mediatek bluetooth chip (MT7921) | |
| - amdgpu: update DMCUB to v0.0.232.0 for DCN314 and DCN351 | |
| - qcom: vpu: restore compatibility with kernels before 6.6 | |
| Resolves: RHEL-62359 | |
| iwl135-firmware-18.168.6.1-125.el8_10.1.noarch.rpm | - Update linux-firmware to latest upstream (RHEL-62359) |
| Changes since the last update are noted on items below, copied from | |
| the git changelog of upstream linux-firmware repository. | |
| - mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher | |
| - ath12k: WCN7850 hw2.0: update board-2.bin | |
| - ath12k: QCN9274 hw2.0: add to WLAN.WBE.1.3.1-00162-QCAHKSWPL_SILICONZ-1 | |
| - ath12k: QCN9274 hw2.0: add board-2.bin | |
| - copy-firmware.sh: rename variables in symlink hanlding | |
| - copy-firmware.sh: remove no longer reachable test -L | |
| - copy-firmware.sh: remove no longer reachable test -f | |
| - copy-firmware.sh: call ./check_whence.py before parsing the file | |
| - copy-firmware.sh: warn if the destination folder is not empty | |
| - copy-firmware.sh: add err() helper | |
| - copy-firmware.sh: fix indentation | |
| - copy-firmware.sh: reset and consistently handle destdir | |
| - Revert "copy-firmware: Support additional compressor options" | |
| - copy-firmware.sh: flesh out and fix dedup-firmware.sh | |
| - Style update yaml files | |
| - editorconfig: add initial config file | |
| - check_whence.py: annotate replacement strings as raw | |
| - check_whence.py: LC_ALL=C sort -u the filelist | |
| - check_whence.py: ban link-to-a-link | |
| - check_whence.py: use consistent naming | |
| - Add a link from TAS2XXX1EB3.bin -> ti/tas2781/TAS2XXX1EB30.bin | |
| - tas2781: Upload dsp firmware for ASUS laptop 1EB30 & 1EB31 | |
| - rtlwifi: Add firmware v39.0 for RTL8192DU | |
| - Revert "ath12k: WCN7850 hw2.0: update board-2.bin" | |
| - amdgpu: DMCUB DCN35 update | |
| - brcm: Add BCM4354 NVRAM for Jetson TX1 | |
| - brcm: Link FriendlyElec NanoPi M4 to AP6356S nvram | |
| - linux-firmware: add firmware for MediaTek Bluetooth chip (MT7920) | |
| - linux-firmware: add firmware for MT7920 | |
| - amdgpu: update raven firmware | |
| - amdgpu: update SMU 13.0.10 firmware | |
| - amdgpu: update PSP 13.0.10 firmware | |
| - amdgpu: update GC 11.0.3 firmware | |
| - amdgpu: update VCN 3.1.2 firmware | |
| - amdgpu: update PSP 13.0.5 firmware | |
| - amdgpu: update PSP 13.0.8 firmware | |
| - amdgpu: update vega12 firmware | |
| - amdgpu: update PSP 14.0.4 firmware | |
| - amdgpu: update GC 11.5.2 firmware | |
| - amdgpu: update vega10 firmware | |
| - amdgpu: update VCN 4.0.0 firmware | |
| - amdgpu: update PSP 13.0.0 firmware | |
| - amdgpu: update GC 11.0.0 firmware | |
| - amdgpu: update picasso firmware | |
| - amdgpu: update beige goby firmware | |
| - amdgpu: update vangogh firmware | |
| - amdgpu: update dimgrey cavefish firmware | |
| - amdgpu: update navy flounder firmware | |
| - amdgpu: update green sardine firmware | |
| - amdgpu: update VCN 4.0.2 firmware | |
| - amdgpu: update PSP 13.0.4 firmware | |
| - amdgpu: update GC 11.0.1 firmware | |
| - amdgpu: update sienna cichlid firmware | |
| - amdgpu: update VCN 4.0.6 firmware | |
| - amdgpu: update PSP 14.0.1 firmware | |
| - amdgpu: update GC 11.5.1 firmware | |
| - amdgpu: update VCN 4.0.5 firmware | |
| - amdgpu: update PSP 14.0.0 firmware | |
| - amdgpu: update GC 11.5.0 firmware | |
| - amdgpu: update navi14 firmware | |
| - amdgpu: update renoir firmware | |
| - amdgpu: update navi12 firmware | |
| - amdgpu: update SMU 13.0.6 firmware | |
| - amdgpu: update SDMA 4.4.2 firmware | |
| - amdgpu: update PSP 13.0.6 firmware | |
| - amdgpu: update GC 9.4.3 firmware | |
| - amdgpu: update yellow carp firmware | |
| - amdgpu: update VCN 4.0.4 firmware | |
| - amdgpu: update PSP 13.0.7 firmware | |
| - amdgpu: update GC 11.0.2 firmware | |
| - amdgpu: update navi10 firmware | |
| - amdgpu: update aldebaran firmware | |
| - qcom: update gpu firmwares for qcm6490 chipset | |
| - mt76: mt7996: add firmware files for mt7992 chipset | |
| - mt76: mt7996: add firmware files for mt7996 chipset variants | |
| - qcom: add gpu firmwares for sa8775p chipset | |
| - amdgpu: update DMCUB to v0.0.233.0 DCN351 | |
| - rtw89: 8922a: add fw format-2 v0.35.42.1 | |
| - copy-firmware: Handle links to uncompressed files | |
| - WHENCE: Fix battmgr.jsn entry type | |
| - amdgpu: Add VPE 6.1.3 microcode | |
| - amdgpu: add SDMA 6.1.2 microcode | |
| - amdgpu: Add support for PSP 14.0.4 | |
| - amdgpu: add GC 11.5.2 microcode | |
| - qcom: qcm6490: add ADSP and CDSP firmware | |
| - linux-firmware: Update firmware file for Intel Bluetooth Magnetor core | |
| - linux-firmware: Update firmware file for Intel BlazarU core | |
| - linux-firmware: Update firmware file for Intel Bluetooth Solar core | |
| - rtl_bt: Update RTL8852B BT USB FW to 0x0447_9301 | |
| - realtek: rt1320: Add patch firmware of MCU | |
| - i915: Update MTL DMC v2.23 | |
| - cirrus: cs35l56: Add firmware for Cirrus CS35L54 for some HP laptops | |
| - amdgpu: Revert sienna cichlid dmcub firmware update | |
| - Merge tag 'iwlwifi-fw-2024-09-03' of http://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware into iwlwifi-20240903 | |
| - iwlwifi: add Bz FW for core89-58 release | |
| - rtl_nic: add firmware rtl8126a-3 | |
| - linux-firmware: update firmware for MT7921 WiFi device | |
| - linux-firmware: update firmware for mediatek bluetooth chip (MT7921) | |
| - amdgpu: update DMCUB to v0.0.232.0 for DCN314 and DCN351 | |
| - qcom: vpu: restore compatibility with kernels before 6.6 | |
| Resolves: RHEL-62359 | |
| iwl2000-firmware-18.168.6.1-125.el8_10.1.noarch.rpm | - Update linux-firmware to latest upstream (RHEL-62359) |
| Changes since the last update are noted on items below, copied from | |
| the git changelog of upstream linux-firmware repository. | |
| - mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher | |
| - ath12k: WCN7850 hw2.0: update board-2.bin | |
| - ath12k: QCN9274 hw2.0: add to WLAN.WBE.1.3.1-00162-QCAHKSWPL_SILICONZ-1 | |
| - ath12k: QCN9274 hw2.0: add board-2.bin | |
| - copy-firmware.sh: rename variables in symlink hanlding | |
| - copy-firmware.sh: remove no longer reachable test -L | |
| - copy-firmware.sh: remove no longer reachable test -f | |
| - copy-firmware.sh: call ./check_whence.py before parsing the file | |
| - copy-firmware.sh: warn if the destination folder is not empty | |
| - copy-firmware.sh: add err() helper | |
| - copy-firmware.sh: fix indentation | |
| - copy-firmware.sh: reset and consistently handle destdir | |
| - Revert "copy-firmware: Support additional compressor options" | |
| - copy-firmware.sh: flesh out and fix dedup-firmware.sh | |
| - Style update yaml files | |
| - editorconfig: add initial config file | |
| - check_whence.py: annotate replacement strings as raw | |
| - check_whence.py: LC_ALL=C sort -u the filelist | |
| - check_whence.py: ban link-to-a-link | |
| - check_whence.py: use consistent naming | |
| - Add a link from TAS2XXX1EB3.bin -> ti/tas2781/TAS2XXX1EB30.bin | |
| - tas2781: Upload dsp firmware for ASUS laptop 1EB30 & 1EB31 | |
| - rtlwifi: Add firmware v39.0 for RTL8192DU | |
| - Revert "ath12k: WCN7850 hw2.0: update board-2.bin" | |
| - amdgpu: DMCUB DCN35 update | |
| - brcm: Add BCM4354 NVRAM for Jetson TX1 | |
| - brcm: Link FriendlyElec NanoPi M4 to AP6356S nvram | |
| - linux-firmware: add firmware for MediaTek Bluetooth chip (MT7920) | |
| - linux-firmware: add firmware for MT7920 | |
| - amdgpu: update raven firmware | |
| - amdgpu: update SMU 13.0.10 firmware | |
| - amdgpu: update PSP 13.0.10 firmware | |
| - amdgpu: update GC 11.0.3 firmware | |
| - amdgpu: update VCN 3.1.2 firmware | |
| - amdgpu: update PSP 13.0.5 firmware | |
| - amdgpu: update PSP 13.0.8 firmware | |
| - amdgpu: update vega12 firmware | |
| - amdgpu: update PSP 14.0.4 firmware | |
| - amdgpu: update GC 11.5.2 firmware | |
| - amdgpu: update vega10 firmware | |
| - amdgpu: update VCN 4.0.0 firmware | |
| - amdgpu: update PSP 13.0.0 firmware | |
| - amdgpu: update GC 11.0.0 firmware | |
| - amdgpu: update picasso firmware | |
| - amdgpu: update beige goby firmware | |
| - amdgpu: update vangogh firmware | |
| - amdgpu: update dimgrey cavefish firmware | |
| - amdgpu: update navy flounder firmware | |
| - amdgpu: update green sardine firmware | |
| - amdgpu: update VCN 4.0.2 firmware | |
| - amdgpu: update PSP 13.0.4 firmware | |
| - amdgpu: update GC 11.0.1 firmware | |
| - amdgpu: update sienna cichlid firmware | |
| - amdgpu: update VCN 4.0.6 firmware | |
| - amdgpu: update PSP 14.0.1 firmware | |
| - amdgpu: update GC 11.5.1 firmware | |
| - amdgpu: update VCN 4.0.5 firmware | |
| - amdgpu: update PSP 14.0.0 firmware | |
| - amdgpu: update GC 11.5.0 firmware | |
| - amdgpu: update navi14 firmware | |
| - amdgpu: update renoir firmware | |
| - amdgpu: update navi12 firmware | |
| - amdgpu: update SMU 13.0.6 firmware | |
| - amdgpu: update SDMA 4.4.2 firmware | |
| - amdgpu: update PSP 13.0.6 firmware | |
| - amdgpu: update GC 9.4.3 firmware | |
| - amdgpu: update yellow carp firmware | |
| - amdgpu: update VCN 4.0.4 firmware | |
| - amdgpu: update PSP 13.0.7 firmware | |
| - amdgpu: update GC 11.0.2 firmware | |
| - amdgpu: update navi10 firmware | |
| - amdgpu: update aldebaran firmware | |
| - qcom: update gpu firmwares for qcm6490 chipset | |
| - mt76: mt7996: add firmware files for mt7992 chipset | |
| - mt76: mt7996: add firmware files for mt7996 chipset variants | |
| - qcom: add gpu firmwares for sa8775p chipset | |
| - amdgpu: update DMCUB to v0.0.233.0 DCN351 | |
| - rtw89: 8922a: add fw format-2 v0.35.42.1 | |
| - copy-firmware: Handle links to uncompressed files | |
| - WHENCE: Fix battmgr.jsn entry type | |
| - amdgpu: Add VPE 6.1.3 microcode | |
| - amdgpu: add SDMA 6.1.2 microcode | |
| - amdgpu: Add support for PSP 14.0.4 | |
| - amdgpu: add GC 11.5.2 microcode | |
| - qcom: qcm6490: add ADSP and CDSP firmware | |
| - linux-firmware: Update firmware file for Intel Bluetooth Magnetor core | |
| - linux-firmware: Update firmware file for Intel BlazarU core | |
| - linux-firmware: Update firmware file for Intel Bluetooth Solar core | |
| - rtl_bt: Update RTL8852B BT USB FW to 0x0447_9301 | |
| - realtek: rt1320: Add patch firmware of MCU | |
| - i915: Update MTL DMC v2.23 | |
| - cirrus: cs35l56: Add firmware for Cirrus CS35L54 for some HP laptops | |
| - amdgpu: Revert sienna cichlid dmcub firmware update | |
| - Merge tag 'iwlwifi-fw-2024-09-03' of http://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware into iwlwifi-20240903 | |
| - iwlwifi: add Bz FW for core89-58 release | |
| - rtl_nic: add firmware rtl8126a-3 | |
| - linux-firmware: update firmware for MT7921 WiFi device | |
| - linux-firmware: update firmware for mediatek bluetooth chip (MT7921) | |
| - amdgpu: update DMCUB to v0.0.232.0 for DCN314 and DCN351 | |
| - qcom: vpu: restore compatibility with kernels before 6.6 | |
| Resolves: RHEL-62359 | |
| iwl2030-firmware-18.168.6.1-125.el8_10.1.noarch.rpm | - Update linux-firmware to latest upstream (RHEL-62359) |
| Changes since the last update are noted on items below, copied from | |
| the git changelog of upstream linux-firmware repository. | |
| - mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher | |
| - ath12k: WCN7850 hw2.0: update board-2.bin | |
| - ath12k: QCN9274 hw2.0: add to WLAN.WBE.1.3.1-00162-QCAHKSWPL_SILICONZ-1 | |
| - ath12k: QCN9274 hw2.0: add board-2.bin | |
| - copy-firmware.sh: rename variables in symlink hanlding | |
| - copy-firmware.sh: remove no longer reachable test -L | |
| - copy-firmware.sh: remove no longer reachable test -f | |
| - copy-firmware.sh: call ./check_whence.py before parsing the file | |
| - copy-firmware.sh: warn if the destination folder is not empty | |
| - copy-firmware.sh: add err() helper | |
| - copy-firmware.sh: fix indentation | |
| - copy-firmware.sh: reset and consistently handle destdir | |
| - Revert "copy-firmware: Support additional compressor options" | |
| - copy-firmware.sh: flesh out and fix dedup-firmware.sh | |
| - Style update yaml files | |
| - editorconfig: add initial config file | |
| - check_whence.py: annotate replacement strings as raw | |
| - check_whence.py: LC_ALL=C sort -u the filelist | |
| - check_whence.py: ban link-to-a-link | |
| - check_whence.py: use consistent naming | |
| - Add a link from TAS2XXX1EB3.bin -> ti/tas2781/TAS2XXX1EB30.bin | |
| - tas2781: Upload dsp firmware for ASUS laptop 1EB30 & 1EB31 | |
| - rtlwifi: Add firmware v39.0 for RTL8192DU | |
| - Revert "ath12k: WCN7850 hw2.0: update board-2.bin" | |
| - amdgpu: DMCUB DCN35 update | |
| - brcm: Add BCM4354 NVRAM for Jetson TX1 | |
| - brcm: Link FriendlyElec NanoPi M4 to AP6356S nvram | |
| - linux-firmware: add firmware for MediaTek Bluetooth chip (MT7920) | |
| - linux-firmware: add firmware for MT7920 | |
| - amdgpu: update raven firmware | |
| - amdgpu: update SMU 13.0.10 firmware | |
| - amdgpu: update PSP 13.0.10 firmware | |
| - amdgpu: update GC 11.0.3 firmware | |
| - amdgpu: update VCN 3.1.2 firmware | |
| - amdgpu: update PSP 13.0.5 firmware | |
| - amdgpu: update PSP 13.0.8 firmware | |
| - amdgpu: update vega12 firmware | |
| - amdgpu: update PSP 14.0.4 firmware | |
| - amdgpu: update GC 11.5.2 firmware | |
| - amdgpu: update vega10 firmware | |
| - amdgpu: update VCN 4.0.0 firmware | |
| - amdgpu: update PSP 13.0.0 firmware | |
| - amdgpu: update GC 11.0.0 firmware | |
| - amdgpu: update picasso firmware | |
| - amdgpu: update beige goby firmware | |
| - amdgpu: update vangogh firmware | |
| - amdgpu: update dimgrey cavefish firmware | |
| - amdgpu: update navy flounder firmware | |
| - amdgpu: update green sardine firmware | |
| - amdgpu: update VCN 4.0.2 firmware | |
| - amdgpu: update PSP 13.0.4 firmware | |
| - amdgpu: update GC 11.0.1 firmware | |
| - amdgpu: update sienna cichlid firmware | |
| - amdgpu: update VCN 4.0.6 firmware | |
| - amdgpu: update PSP 14.0.1 firmware | |
| - amdgpu: update GC 11.5.1 firmware | |
| - amdgpu: update VCN 4.0.5 firmware | |
| - amdgpu: update PSP 14.0.0 firmware | |
| - amdgpu: update GC 11.5.0 firmware | |
| - amdgpu: update navi14 firmware | |
| - amdgpu: update renoir firmware | |
| - amdgpu: update navi12 firmware | |
| - amdgpu: update SMU 13.0.6 firmware | |
| - amdgpu: update SDMA 4.4.2 firmware | |
| - amdgpu: update PSP 13.0.6 firmware | |
| - amdgpu: update GC 9.4.3 firmware | |
| - amdgpu: update yellow carp firmware | |
| - amdgpu: update VCN 4.0.4 firmware | |
| - amdgpu: update PSP 13.0.7 firmware | |
| - amdgpu: update GC 11.0.2 firmware | |
| - amdgpu: update navi10 firmware | |
| - amdgpu: update aldebaran firmware | |
| - qcom: update gpu firmwares for qcm6490 chipset | |
| - mt76: mt7996: add firmware files for mt7992 chipset | |
| - mt76: mt7996: add firmware files for mt7996 chipset variants | |
| - qcom: add gpu firmwares for sa8775p chipset | |
| - amdgpu: update DMCUB to v0.0.233.0 DCN351 | |
| - rtw89: 8922a: add fw format-2 v0.35.42.1 | |
| - copy-firmware: Handle links to uncompressed files | |
| - WHENCE: Fix battmgr.jsn entry type | |
| - amdgpu: Add VPE 6.1.3 microcode | |
| - amdgpu: add SDMA 6.1.2 microcode | |
| - amdgpu: Add support for PSP 14.0.4 | |
| - amdgpu: add GC 11.5.2 microcode | |
| - qcom: qcm6490: add ADSP and CDSP firmware | |
| - linux-firmware: Update firmware file for Intel Bluetooth Magnetor core | |
| - linux-firmware: Update firmware file for Intel BlazarU core | |
| - linux-firmware: Update firmware file for Intel Bluetooth Solar core | |
| - rtl_bt: Update RTL8852B BT USB FW to 0x0447_9301 | |
| - realtek: rt1320: Add patch firmware of MCU | |
| - i915: Update MTL DMC v2.23 | |
| - cirrus: cs35l56: Add firmware for Cirrus CS35L54 for some HP laptops | |
| - amdgpu: Revert sienna cichlid dmcub firmware update | |
| - Merge tag 'iwlwifi-fw-2024-09-03' of http://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware into iwlwifi-20240903 | |
| - iwlwifi: add Bz FW for core89-58 release | |
| - rtl_nic: add firmware rtl8126a-3 | |
| - linux-firmware: update firmware for MT7921 WiFi device | |
| - linux-firmware: update firmware for mediatek bluetooth chip (MT7921) | |
| - amdgpu: update DMCUB to v0.0.232.0 for DCN314 and DCN351 | |
| - qcom: vpu: restore compatibility with kernels before 6.6 | |
| Resolves: RHEL-62359 | |
| iwl3160-firmware-25.30.13.0-125.el8_10.1.noarch.rpm | - Update linux-firmware to latest upstream (RHEL-62359) |
| Changes since the last update are noted on items below, copied from | |
| the git changelog of upstream linux-firmware repository. | |
| - mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher | |
| - ath12k: WCN7850 hw2.0: update board-2.bin | |
| - ath12k: QCN9274 hw2.0: add to WLAN.WBE.1.3.1-00162-QCAHKSWPL_SILICONZ-1 | |
| - ath12k: QCN9274 hw2.0: add board-2.bin | |
| - copy-firmware.sh: rename variables in symlink hanlding | |
| - copy-firmware.sh: remove no longer reachable test -L | |
| - copy-firmware.sh: remove no longer reachable test -f | |
| - copy-firmware.sh: call ./check_whence.py before parsing the file | |
| - copy-firmware.sh: warn if the destination folder is not empty | |
| - copy-firmware.sh: add err() helper | |
| - copy-firmware.sh: fix indentation | |
| - copy-firmware.sh: reset and consistently handle destdir | |
| - Revert "copy-firmware: Support additional compressor options" | |
| - copy-firmware.sh: flesh out and fix dedup-firmware.sh | |
| - Style update yaml files | |
| - editorconfig: add initial config file | |
| - check_whence.py: annotate replacement strings as raw | |
| - check_whence.py: LC_ALL=C sort -u the filelist | |
| - check_whence.py: ban link-to-a-link | |
| - check_whence.py: use consistent naming | |
| - Add a link from TAS2XXX1EB3.bin -> ti/tas2781/TAS2XXX1EB30.bin | |
| - tas2781: Upload dsp firmware for ASUS laptop 1EB30 & 1EB31 | |
| - rtlwifi: Add firmware v39.0 for RTL8192DU | |
| - Revert "ath12k: WCN7850 hw2.0: update board-2.bin" | |
| - amdgpu: DMCUB DCN35 update | |
| - brcm: Add BCM4354 NVRAM for Jetson TX1 | |
| - brcm: Link FriendlyElec NanoPi M4 to AP6356S nvram | |
| - linux-firmware: add firmware for MediaTek Bluetooth chip (MT7920) | |
| - linux-firmware: add firmware for MT7920 | |
| - amdgpu: update raven firmware | |
| - amdgpu: update SMU 13.0.10 firmware | |
| - amdgpu: update PSP 13.0.10 firmware | |
| - amdgpu: update GC 11.0.3 firmware | |
| - amdgpu: update VCN 3.1.2 firmware | |
| - amdgpu: update PSP 13.0.5 firmware | |
| - amdgpu: update PSP 13.0.8 firmware | |
| - amdgpu: update vega12 firmware | |
| - amdgpu: update PSP 14.0.4 firmware | |
| - amdgpu: update GC 11.5.2 firmware | |
| - amdgpu: update vega10 firmware | |
| - amdgpu: update VCN 4.0.0 firmware | |
| - amdgpu: update PSP 13.0.0 firmware | |
| - amdgpu: update GC 11.0.0 firmware | |
| - amdgpu: update picasso firmware | |
| - amdgpu: update beige goby firmware | |
| - amdgpu: update vangogh firmware | |
| - amdgpu: update dimgrey cavefish firmware | |
| - amdgpu: update navy flounder firmware | |
| - amdgpu: update green sardine firmware | |
| - amdgpu: update VCN 4.0.2 firmware | |
| - amdgpu: update PSP 13.0.4 firmware | |
| - amdgpu: update GC 11.0.1 firmware | |
| - amdgpu: update sienna cichlid firmware | |
| - amdgpu: update VCN 4.0.6 firmware | |
| - amdgpu: update PSP 14.0.1 firmware | |
| - amdgpu: update GC 11.5.1 firmware | |
| - amdgpu: update VCN 4.0.5 firmware | |
| - amdgpu: update PSP 14.0.0 firmware | |
| - amdgpu: update GC 11.5.0 firmware | |
| - amdgpu: update navi14 firmware | |
| - amdgpu: update renoir firmware | |
| - amdgpu: update navi12 firmware | |
| - amdgpu: update SMU 13.0.6 firmware | |
| - amdgpu: update SDMA 4.4.2 firmware | |
| - amdgpu: update PSP 13.0.6 firmware | |
| - amdgpu: update GC 9.4.3 firmware | |
| - amdgpu: update yellow carp firmware | |
| - amdgpu: update VCN 4.0.4 firmware | |
| - amdgpu: update PSP 13.0.7 firmware | |
| - amdgpu: update GC 11.0.2 firmware | |
| - amdgpu: update navi10 firmware | |
| - amdgpu: update aldebaran firmware | |
| - qcom: update gpu firmwares for qcm6490 chipset | |
| - mt76: mt7996: add firmware files for mt7992 chipset | |
| - mt76: mt7996: add firmware files for mt7996 chipset variants | |
| - qcom: add gpu firmwares for sa8775p chipset | |
| - amdgpu: update DMCUB to v0.0.233.0 DCN351 | |
| - rtw89: 8922a: add fw format-2 v0.35.42.1 | |
| - copy-firmware: Handle links to uncompressed files | |
| - WHENCE: Fix battmgr.jsn entry type | |
| - amdgpu: Add VPE 6.1.3 microcode | |
| - amdgpu: add SDMA 6.1.2 microcode | |
| - amdgpu: Add support for PSP 14.0.4 | |
| - amdgpu: add GC 11.5.2 microcode | |
| - qcom: qcm6490: add ADSP and CDSP firmware | |
| - linux-firmware: Update firmware file for Intel Bluetooth Magnetor core | |
| - linux-firmware: Update firmware file for Intel BlazarU core | |
| - linux-firmware: Update firmware file for Intel Bluetooth Solar core | |
| - rtl_bt: Update RTL8852B BT USB FW to 0x0447_9301 | |
| - realtek: rt1320: Add patch firmware of MCU | |
| - i915: Update MTL DMC v2.23 | |
| - cirrus: cs35l56: Add firmware for Cirrus CS35L54 for some HP laptops | |
| - amdgpu: Revert sienna cichlid dmcub firmware update | |
| - Merge tag 'iwlwifi-fw-2024-09-03' of http://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware into iwlwifi-20240903 | |
| - iwlwifi: add Bz FW for core89-58 release | |
| - rtl_nic: add firmware rtl8126a-3 | |
| - linux-firmware: update firmware for MT7921 WiFi device | |
| - linux-firmware: update firmware for mediatek bluetooth chip (MT7921) | |
| - amdgpu: update DMCUB to v0.0.232.0 for DCN314 and DCN351 | |
| - qcom: vpu: restore compatibility with kernels before 6.6 | |
| Resolves: RHEL-62359 | |
| iwl5000-firmware-8.83.5.1_1-125.el8_10.1.noarch.rpm | - Update linux-firmware to latest upstream (RHEL-62359) |
| Changes since the last update are noted on items below, copied from | |
| the git changelog of upstream linux-firmware repository. | |
| - mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher | |
| - ath12k: WCN7850 hw2.0: update board-2.bin | |
| - ath12k: QCN9274 hw2.0: add to WLAN.WBE.1.3.1-00162-QCAHKSWPL_SILICONZ-1 | |
| - ath12k: QCN9274 hw2.0: add board-2.bin | |
| - copy-firmware.sh: rename variables in symlink hanlding | |
| - copy-firmware.sh: remove no longer reachable test -L | |
| - copy-firmware.sh: remove no longer reachable test -f | |
| - copy-firmware.sh: call ./check_whence.py before parsing the file | |
| - copy-firmware.sh: warn if the destination folder is not empty | |
| - copy-firmware.sh: add err() helper | |
| - copy-firmware.sh: fix indentation | |
| - copy-firmware.sh: reset and consistently handle destdir | |
| - Revert "copy-firmware: Support additional compressor options" | |
| - copy-firmware.sh: flesh out and fix dedup-firmware.sh | |
| - Style update yaml files | |
| - editorconfig: add initial config file | |
| - check_whence.py: annotate replacement strings as raw | |
| - check_whence.py: LC_ALL=C sort -u the filelist | |
| - check_whence.py: ban link-to-a-link | |
| - check_whence.py: use consistent naming | |
| - Add a link from TAS2XXX1EB3.bin -> ti/tas2781/TAS2XXX1EB30.bin | |
| - tas2781: Upload dsp firmware for ASUS laptop 1EB30 & 1EB31 | |
| - rtlwifi: Add firmware v39.0 for RTL8192DU | |
| - Revert "ath12k: WCN7850 hw2.0: update board-2.bin" | |
| - amdgpu: DMCUB DCN35 update | |
| - brcm: Add BCM4354 NVRAM for Jetson TX1 | |
| - brcm: Link FriendlyElec NanoPi M4 to AP6356S nvram | |
| - linux-firmware: add firmware for MediaTek Bluetooth chip (MT7920) | |
| - linux-firmware: add firmware for MT7920 | |
| - amdgpu: update raven firmware | |
| - amdgpu: update SMU 13.0.10 firmware | |
| - amdgpu: update PSP 13.0.10 firmware | |
| - amdgpu: update GC 11.0.3 firmware | |
| - amdgpu: update VCN 3.1.2 firmware | |
| - amdgpu: update PSP 13.0.5 firmware | |
| - amdgpu: update PSP 13.0.8 firmware | |
| - amdgpu: update vega12 firmware | |
| - amdgpu: update PSP 14.0.4 firmware | |
| - amdgpu: update GC 11.5.2 firmware | |
| - amdgpu: update vega10 firmware | |
| - amdgpu: update VCN 4.0.0 firmware | |
| - amdgpu: update PSP 13.0.0 firmware | |
| - amdgpu: update GC 11.0.0 firmware | |
| - amdgpu: update picasso firmware | |
| - amdgpu: update beige goby firmware | |
| - amdgpu: update vangogh firmware | |
| - amdgpu: update dimgrey cavefish firmware | |
| - amdgpu: update navy flounder firmware | |
| - amdgpu: update green sardine firmware | |
| - amdgpu: update VCN 4.0.2 firmware | |
| - amdgpu: update PSP 13.0.4 firmware | |
| - amdgpu: update GC 11.0.1 firmware | |
| - amdgpu: update sienna cichlid firmware | |
| - amdgpu: update VCN 4.0.6 firmware | |
| - amdgpu: update PSP 14.0.1 firmware | |
| - amdgpu: update GC 11.5.1 firmware | |
| - amdgpu: update VCN 4.0.5 firmware | |
| - amdgpu: update PSP 14.0.0 firmware | |
| - amdgpu: update GC 11.5.0 firmware | |
| - amdgpu: update navi14 firmware | |
| - amdgpu: update renoir firmware | |
| - amdgpu: update navi12 firmware | |
| - amdgpu: update SMU 13.0.6 firmware | |
| - amdgpu: update SDMA 4.4.2 firmware | |
| - amdgpu: update PSP 13.0.6 firmware | |
| - amdgpu: update GC 9.4.3 firmware | |
| - amdgpu: update yellow carp firmware | |
| - amdgpu: update VCN 4.0.4 firmware | |
| - amdgpu: update PSP 13.0.7 firmware | |
| - amdgpu: update GC 11.0.2 firmware | |
| - amdgpu: update navi10 firmware | |
| - amdgpu: update aldebaran firmware | |
| - qcom: update gpu firmwares for qcm6490 chipset | |
| - mt76: mt7996: add firmware files for mt7992 chipset | |
| - mt76: mt7996: add firmware files for mt7996 chipset variants | |
| - qcom: add gpu firmwares for sa8775p chipset | |
| - amdgpu: update DMCUB to v0.0.233.0 DCN351 | |
| - rtw89: 8922a: add fw format-2 v0.35.42.1 | |
| - copy-firmware: Handle links to uncompressed files | |
| - WHENCE: Fix battmgr.jsn entry type | |
| - amdgpu: Add VPE 6.1.3 microcode | |
| - amdgpu: add SDMA 6.1.2 microcode | |
| - amdgpu: Add support for PSP 14.0.4 | |
| - amdgpu: add GC 11.5.2 microcode | |
| - qcom: qcm6490: add ADSP and CDSP firmware | |
| - linux-firmware: Update firmware file for Intel Bluetooth Magnetor core | |
| - linux-firmware: Update firmware file for Intel BlazarU core | |
| - linux-firmware: Update firmware file for Intel Bluetooth Solar core | |
| - rtl_bt: Update RTL8852B BT USB FW to 0x0447_9301 | |
| - realtek: rt1320: Add patch firmware of MCU | |
| - i915: Update MTL DMC v2.23 | |
| - cirrus: cs35l56: Add firmware for Cirrus CS35L54 for some HP laptops | |
| - amdgpu: Revert sienna cichlid dmcub firmware update | |
| - Merge tag 'iwlwifi-fw-2024-09-03' of http://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware into iwlwifi-20240903 | |
| - iwlwifi: add Bz FW for core89-58 release | |
| - rtl_nic: add firmware rtl8126a-3 | |
| - linux-firmware: update firmware for MT7921 WiFi device | |
| - linux-firmware: update firmware for mediatek bluetooth chip (MT7921) | |
| - amdgpu: update DMCUB to v0.0.232.0 for DCN314 and DCN351 | |
| - qcom: vpu: restore compatibility with kernels before 6.6 | |
| Resolves: RHEL-62359 | |
| iwl5150-firmware-8.24.2.2-125.el8_10.1.noarch.rpm | - Update linux-firmware to latest upstream (RHEL-62359) |
| Changes since the last update are noted on items below, copied from | |
| the git changelog of upstream linux-firmware repository. | |
| - mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher | |
| - ath12k: WCN7850 hw2.0: update board-2.bin | |
| - ath12k: QCN9274 hw2.0: add to WLAN.WBE.1.3.1-00162-QCAHKSWPL_SILICONZ-1 | |
| - ath12k: QCN9274 hw2.0: add board-2.bin | |
| - copy-firmware.sh: rename variables in symlink hanlding | |
| - copy-firmware.sh: remove no longer reachable test -L | |
| - copy-firmware.sh: remove no longer reachable test -f | |
| - copy-firmware.sh: call ./check_whence.py before parsing the file | |
| - copy-firmware.sh: warn if the destination folder is not empty | |
| - copy-firmware.sh: add err() helper | |
| - copy-firmware.sh: fix indentation | |
| - copy-firmware.sh: reset and consistently handle destdir | |
| - Revert "copy-firmware: Support additional compressor options" | |
| - copy-firmware.sh: flesh out and fix dedup-firmware.sh | |
| - Style update yaml files | |
| - editorconfig: add initial config file | |
| - check_whence.py: annotate replacement strings as raw | |
| - check_whence.py: LC_ALL=C sort -u the filelist | |
| - check_whence.py: ban link-to-a-link | |
| - check_whence.py: use consistent naming | |
| - Add a link from TAS2XXX1EB3.bin -> ti/tas2781/TAS2XXX1EB30.bin | |
| - tas2781: Upload dsp firmware for ASUS laptop 1EB30 & 1EB31 | |
| - rtlwifi: Add firmware v39.0 for RTL8192DU | |
| - Revert "ath12k: WCN7850 hw2.0: update board-2.bin" | |
| - amdgpu: DMCUB DCN35 update | |
| - brcm: Add BCM4354 NVRAM for Jetson TX1 | |
| - brcm: Link FriendlyElec NanoPi M4 to AP6356S nvram | |
| - linux-firmware: add firmware for MediaTek Bluetooth chip (MT7920) | |
| - linux-firmware: add firmware for MT7920 | |
| - amdgpu: update raven firmware | |
| - amdgpu: update SMU 13.0.10 firmware | |
| - amdgpu: update PSP 13.0.10 firmware | |
| - amdgpu: update GC 11.0.3 firmware | |
| - amdgpu: update VCN 3.1.2 firmware | |
| - amdgpu: update PSP 13.0.5 firmware | |
| - amdgpu: update PSP 13.0.8 firmware | |
| - amdgpu: update vega12 firmware | |
| - amdgpu: update PSP 14.0.4 firmware | |
| - amdgpu: update GC 11.5.2 firmware | |
| - amdgpu: update vega10 firmware | |
| - amdgpu: update VCN 4.0.0 firmware | |
| - amdgpu: update PSP 13.0.0 firmware | |
| - amdgpu: update GC 11.0.0 firmware | |
| - amdgpu: update picasso firmware | |
| - amdgpu: update beige goby firmware | |
| - amdgpu: update vangogh firmware | |
| - amdgpu: update dimgrey cavefish firmware | |
| - amdgpu: update navy flounder firmware | |
| - amdgpu: update green sardine firmware | |
| - amdgpu: update VCN 4.0.2 firmware | |
| - amdgpu: update PSP 13.0.4 firmware | |
| - amdgpu: update GC 11.0.1 firmware | |
| - amdgpu: update sienna cichlid firmware | |
| - amdgpu: update VCN 4.0.6 firmware | |
| - amdgpu: update PSP 14.0.1 firmware | |
| - amdgpu: update GC 11.5.1 firmware | |
| - amdgpu: update VCN 4.0.5 firmware | |
| - amdgpu: update PSP 14.0.0 firmware | |
| - amdgpu: update GC 11.5.0 firmware | |
| - amdgpu: update navi14 firmware | |
| - amdgpu: update renoir firmware | |
| - amdgpu: update navi12 firmware | |
| - amdgpu: update SMU 13.0.6 firmware | |
| - amdgpu: update SDMA 4.4.2 firmware | |
| - amdgpu: update PSP 13.0.6 firmware | |
| - amdgpu: update GC 9.4.3 firmware | |
| - amdgpu: update yellow carp firmware | |
| - amdgpu: update VCN 4.0.4 firmware | |
| - amdgpu: update PSP 13.0.7 firmware | |
| - amdgpu: update GC 11.0.2 firmware | |
| - amdgpu: update navi10 firmware | |
| - amdgpu: update aldebaran firmware | |
| - qcom: update gpu firmwares for qcm6490 chipset | |
| - mt76: mt7996: add firmware files for mt7992 chipset | |
| - mt76: mt7996: add firmware files for mt7996 chipset variants | |
| - qcom: add gpu firmwares for sa8775p chipset | |
| - amdgpu: update DMCUB to v0.0.233.0 DCN351 | |
| - rtw89: 8922a: add fw format-2 v0.35.42.1 | |
| - copy-firmware: Handle links to uncompressed files | |
| - WHENCE: Fix battmgr.jsn entry type | |
| - amdgpu: Add VPE 6.1.3 microcode | |
| - amdgpu: add SDMA 6.1.2 microcode | |
| - amdgpu: Add support for PSP 14.0.4 | |
| - amdgpu: add GC 11.5.2 microcode | |
| - qcom: qcm6490: add ADSP and CDSP firmware | |
| - linux-firmware: Update firmware file for Intel Bluetooth Magnetor core | |
| - linux-firmware: Update firmware file for Intel BlazarU core | |
| - linux-firmware: Update firmware file for Intel Bluetooth Solar core | |
| - rtl_bt: Update RTL8852B BT USB FW to 0x0447_9301 | |
| - realtek: rt1320: Add patch firmware of MCU | |
| - i915: Update MTL DMC v2.23 | |
| - cirrus: cs35l56: Add firmware for Cirrus CS35L54 for some HP laptops | |
| - amdgpu: Revert sienna cichlid dmcub firmware update | |
| - Merge tag 'iwlwifi-fw-2024-09-03' of http://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware into iwlwifi-20240903 | |
| - iwlwifi: add Bz FW for core89-58 release | |
| - rtl_nic: add firmware rtl8126a-3 | |
| - linux-firmware: update firmware for MT7921 WiFi device | |
| - linux-firmware: update firmware for mediatek bluetooth chip (MT7921) | |
| - amdgpu: update DMCUB to v0.0.232.0 for DCN314 and DCN351 | |
| - qcom: vpu: restore compatibility with kernels before 6.6 | |
| Resolves: RHEL-62359 | |
| iwl6000-firmware-9.221.4.1-125.el8_10.1.noarch.rpm | - Update linux-firmware to latest upstream (RHEL-62359) |
| Changes since the last update are noted on items below, copied from | |
| the git changelog of upstream linux-firmware repository. | |
| - mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher | |
| - ath12k: WCN7850 hw2.0: update board-2.bin | |
| - ath12k: QCN9274 hw2.0: add to WLAN.WBE.1.3.1-00162-QCAHKSWPL_SILICONZ-1 | |
| - ath12k: QCN9274 hw2.0: add board-2.bin | |
| - copy-firmware.sh: rename variables in symlink hanlding | |
| - copy-firmware.sh: remove no longer reachable test -L | |
| - copy-firmware.sh: remove no longer reachable test -f | |
| - copy-firmware.sh: call ./check_whence.py before parsing the file | |
| - copy-firmware.sh: warn if the destination folder is not empty | |
| - copy-firmware.sh: add err() helper | |
| - copy-firmware.sh: fix indentation | |
| - copy-firmware.sh: reset and consistently handle destdir | |
| - Revert "copy-firmware: Support additional compressor options" | |
| - copy-firmware.sh: flesh out and fix dedup-firmware.sh | |
| - Style update yaml files | |
| - editorconfig: add initial config file | |
| - check_whence.py: annotate replacement strings as raw | |
| - check_whence.py: LC_ALL=C sort -u the filelist | |
| - check_whence.py: ban link-to-a-link | |
| - check_whence.py: use consistent naming | |
| - Add a link from TAS2XXX1EB3.bin -> ti/tas2781/TAS2XXX1EB30.bin | |
| - tas2781: Upload dsp firmware for ASUS laptop 1EB30 & 1EB31 | |
| - rtlwifi: Add firmware v39.0 for RTL8192DU | |
| - Revert "ath12k: WCN7850 hw2.0: update board-2.bin" | |
| - amdgpu: DMCUB DCN35 update | |
| - brcm: Add BCM4354 NVRAM for Jetson TX1 | |
| - brcm: Link FriendlyElec NanoPi M4 to AP6356S nvram | |
| - linux-firmware: add firmware for MediaTek Bluetooth chip (MT7920) | |
| - linux-firmware: add firmware for MT7920 | |
| - amdgpu: update raven firmware | |
| - amdgpu: update SMU 13.0.10 firmware | |
| - amdgpu: update PSP 13.0.10 firmware | |
| - amdgpu: update GC 11.0.3 firmware | |
| - amdgpu: update VCN 3.1.2 firmware | |
| - amdgpu: update PSP 13.0.5 firmware | |
| - amdgpu: update PSP 13.0.8 firmware | |
| - amdgpu: update vega12 firmware | |
| - amdgpu: update PSP 14.0.4 firmware | |
| - amdgpu: update GC 11.5.2 firmware | |
| - amdgpu: update vega10 firmware | |
| - amdgpu: update VCN 4.0.0 firmware | |
| - amdgpu: update PSP 13.0.0 firmware | |
| - amdgpu: update GC 11.0.0 firmware | |
| - amdgpu: update picasso firmware | |
| - amdgpu: update beige goby firmware | |
| - amdgpu: update vangogh firmware | |
| - amdgpu: update dimgrey cavefish firmware | |
| - amdgpu: update navy flounder firmware | |
| - amdgpu: update green sardine firmware | |
| - amdgpu: update VCN 4.0.2 firmware | |
| - amdgpu: update PSP 13.0.4 firmware | |
| - amdgpu: update GC 11.0.1 firmware | |
| - amdgpu: update sienna cichlid firmware | |
| - amdgpu: update VCN 4.0.6 firmware | |
| - amdgpu: update PSP 14.0.1 firmware | |
| - amdgpu: update GC 11.5.1 firmware | |
| - amdgpu: update VCN 4.0.5 firmware | |
| - amdgpu: update PSP 14.0.0 firmware | |
| - amdgpu: update GC 11.5.0 firmware | |
| - amdgpu: update navi14 firmware | |
| - amdgpu: update renoir firmware | |
| - amdgpu: update navi12 firmware | |
| - amdgpu: update SMU 13.0.6 firmware | |
| - amdgpu: update SDMA 4.4.2 firmware | |
| - amdgpu: update PSP 13.0.6 firmware | |
| - amdgpu: update GC 9.4.3 firmware | |
| - amdgpu: update yellow carp firmware | |
| - amdgpu: update VCN 4.0.4 firmware | |
| - amdgpu: update PSP 13.0.7 firmware | |
| - amdgpu: update GC 11.0.2 firmware | |
| - amdgpu: update navi10 firmware | |
| - amdgpu: update aldebaran firmware | |
| - qcom: update gpu firmwares for qcm6490 chipset | |
| - mt76: mt7996: add firmware files for mt7992 chipset | |
| - mt76: mt7996: add firmware files for mt7996 chipset variants | |
| - qcom: add gpu firmwares for sa8775p chipset | |
| - amdgpu: update DMCUB to v0.0.233.0 DCN351 | |
| - rtw89: 8922a: add fw format-2 v0.35.42.1 | |
| - copy-firmware: Handle links to uncompressed files | |
| - WHENCE: Fix battmgr.jsn entry type | |
| - amdgpu: Add VPE 6.1.3 microcode | |
| - amdgpu: add SDMA 6.1.2 microcode | |
| - amdgpu: Add support for PSP 14.0.4 | |
| - amdgpu: add GC 11.5.2 microcode | |
| - qcom: qcm6490: add ADSP and CDSP firmware | |
| - linux-firmware: Update firmware file for Intel Bluetooth Magnetor core | |
| - linux-firmware: Update firmware file for Intel BlazarU core | |
| - linux-firmware: Update firmware file for Intel Bluetooth Solar core | |
| - rtl_bt: Update RTL8852B BT USB FW to 0x0447_9301 | |
| - realtek: rt1320: Add patch firmware of MCU | |
| - i915: Update MTL DMC v2.23 | |
| - cirrus: cs35l56: Add firmware for Cirrus CS35L54 for some HP laptops | |
| - amdgpu: Revert sienna cichlid dmcub firmware update | |
| - Merge tag 'iwlwifi-fw-2024-09-03' of http://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware into iwlwifi-20240903 | |
| - iwlwifi: add Bz FW for core89-58 release | |
| - rtl_nic: add firmware rtl8126a-3 | |
| - linux-firmware: update firmware for MT7921 WiFi device | |
| - linux-firmware: update firmware for mediatek bluetooth chip (MT7921) | |
| - amdgpu: update DMCUB to v0.0.232.0 for DCN314 and DCN351 | |
| - qcom: vpu: restore compatibility with kernels before 6.6 | |
| Resolves: RHEL-62359 | |
| iwl6000g2a-firmware-18.168.6.1-125.el8_10.1.noarch.rpm | - Update linux-firmware to latest upstream (RHEL-62359) |
| Changes since the last update are noted on items below, copied from | |
| the git changelog of upstream linux-firmware repository. | |
| - mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher | |
| - ath12k: WCN7850 hw2.0: update board-2.bin | |
| - ath12k: QCN9274 hw2.0: add to WLAN.WBE.1.3.1-00162-QCAHKSWPL_SILICONZ-1 | |
| - ath12k: QCN9274 hw2.0: add board-2.bin | |
| - copy-firmware.sh: rename variables in symlink hanlding | |
| - copy-firmware.sh: remove no longer reachable test -L | |
| - copy-firmware.sh: remove no longer reachable test -f | |
| - copy-firmware.sh: call ./check_whence.py before parsing the file | |
| - copy-firmware.sh: warn if the destination folder is not empty | |
| - copy-firmware.sh: add err() helper | |
| - copy-firmware.sh: fix indentation | |
| - copy-firmware.sh: reset and consistently handle destdir | |
| - Revert "copy-firmware: Support additional compressor options" | |
| - copy-firmware.sh: flesh out and fix dedup-firmware.sh | |
| - Style update yaml files | |
| - editorconfig: add initial config file | |
| - check_whence.py: annotate replacement strings as raw | |
| - check_whence.py: LC_ALL=C sort -u the filelist | |
| - check_whence.py: ban link-to-a-link | |
| - check_whence.py: use consistent naming | |
| - Add a link from TAS2XXX1EB3.bin -> ti/tas2781/TAS2XXX1EB30.bin | |
| - tas2781: Upload dsp firmware for ASUS laptop 1EB30 & 1EB31 | |
| - rtlwifi: Add firmware v39.0 for RTL8192DU | |
| - Revert "ath12k: WCN7850 hw2.0: update board-2.bin" | |
| - amdgpu: DMCUB DCN35 update | |
| - brcm: Add BCM4354 NVRAM for Jetson TX1 | |
| - brcm: Link FriendlyElec NanoPi M4 to AP6356S nvram | |
| - linux-firmware: add firmware for MediaTek Bluetooth chip (MT7920) | |
| - linux-firmware: add firmware for MT7920 | |
| - amdgpu: update raven firmware | |
| - amdgpu: update SMU 13.0.10 firmware | |
| - amdgpu: update PSP 13.0.10 firmware | |
| - amdgpu: update GC 11.0.3 firmware | |
| - amdgpu: update VCN 3.1.2 firmware | |
| - amdgpu: update PSP 13.0.5 firmware | |
| - amdgpu: update PSP 13.0.8 firmware | |
| - amdgpu: update vega12 firmware | |
| - amdgpu: update PSP 14.0.4 firmware | |
| - amdgpu: update GC 11.5.2 firmware | |
| - amdgpu: update vega10 firmware | |
| - amdgpu: update VCN 4.0.0 firmware | |
| - amdgpu: update PSP 13.0.0 firmware | |
| - amdgpu: update GC 11.0.0 firmware | |
| - amdgpu: update picasso firmware | |
| - amdgpu: update beige goby firmware | |
| - amdgpu: update vangogh firmware | |
| - amdgpu: update dimgrey cavefish firmware | |
| - amdgpu: update navy flounder firmware | |
| - amdgpu: update green sardine firmware | |
| - amdgpu: update VCN 4.0.2 firmware | |
| - amdgpu: update PSP 13.0.4 firmware | |
| - amdgpu: update GC 11.0.1 firmware | |
| - amdgpu: update sienna cichlid firmware | |
| - amdgpu: update VCN 4.0.6 firmware | |
| - amdgpu: update PSP 14.0.1 firmware | |
| - amdgpu: update GC 11.5.1 firmware | |
| - amdgpu: update VCN 4.0.5 firmware | |
| - amdgpu: update PSP 14.0.0 firmware | |
| - amdgpu: update GC 11.5.0 firmware | |
| - amdgpu: update navi14 firmware | |
| - amdgpu: update renoir firmware | |
| - amdgpu: update navi12 firmware | |
| - amdgpu: update SMU 13.0.6 firmware | |
| - amdgpu: update SDMA 4.4.2 firmware | |
| - amdgpu: update PSP 13.0.6 firmware | |
| - amdgpu: update GC 9.4.3 firmware | |
| - amdgpu: update yellow carp firmware | |
| - amdgpu: update VCN 4.0.4 firmware | |
| - amdgpu: update PSP 13.0.7 firmware | |
| - amdgpu: update GC 11.0.2 firmware | |
| - amdgpu: update navi10 firmware | |
| - amdgpu: update aldebaran firmware | |
| - qcom: update gpu firmwares for qcm6490 chipset | |
| - mt76: mt7996: add firmware files for mt7992 chipset | |
| - mt76: mt7996: add firmware files for mt7996 chipset variants | |
| - qcom: add gpu firmwares for sa8775p chipset | |
| - amdgpu: update DMCUB to v0.0.233.0 DCN351 | |
| - rtw89: 8922a: add fw format-2 v0.35.42.1 | |
| - copy-firmware: Handle links to uncompressed files | |
| - WHENCE: Fix battmgr.jsn entry type | |
| - amdgpu: Add VPE 6.1.3 microcode | |
| - amdgpu: add SDMA 6.1.2 microcode | |
| - amdgpu: Add support for PSP 14.0.4 | |
| - amdgpu: add GC 11.5.2 microcode | |
| - qcom: qcm6490: add ADSP and CDSP firmware | |
| - linux-firmware: Update firmware file for Intel Bluetooth Magnetor core | |
| - linux-firmware: Update firmware file for Intel BlazarU core | |
| - linux-firmware: Update firmware file for Intel Bluetooth Solar core | |
| - rtl_bt: Update RTL8852B BT USB FW to 0x0447_9301 | |
| - realtek: rt1320: Add patch firmware of MCU | |
| - i915: Update MTL DMC v2.23 | |
| - cirrus: cs35l56: Add firmware for Cirrus CS35L54 for some HP laptops | |
| - amdgpu: Revert sienna cichlid dmcub firmware update | |
| - Merge tag 'iwlwifi-fw-2024-09-03' of http://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware into iwlwifi-20240903 | |
| - iwlwifi: add Bz FW for core89-58 release | |
| - rtl_nic: add firmware rtl8126a-3 | |
| - linux-firmware: update firmware for MT7921 WiFi device | |
| - linux-firmware: update firmware for mediatek bluetooth chip (MT7921) | |
| - amdgpu: update DMCUB to v0.0.232.0 for DCN314 and DCN351 | |
| - qcom: vpu: restore compatibility with kernels before 6.6 | |
| Resolves: RHEL-62359 | |
| iwl6000g2b-firmware-18.168.6.1-125.el8_10.1.noarch.rpm | - Update linux-firmware to latest upstream (RHEL-62359) |
| Changes since the last update are noted on items below, copied from | |
| the git changelog of upstream linux-firmware repository. | |
| - mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher | |
| - ath12k: WCN7850 hw2.0: update board-2.bin | |
| - ath12k: QCN9274 hw2.0: add to WLAN.WBE.1.3.1-00162-QCAHKSWPL_SILICONZ-1 | |
| - ath12k: QCN9274 hw2.0: add board-2.bin | |
| - copy-firmware.sh: rename variables in symlink hanlding | |
| - copy-firmware.sh: remove no longer reachable test -L | |
| - copy-firmware.sh: remove no longer reachable test -f | |
| - copy-firmware.sh: call ./check_whence.py before parsing the file | |
| - copy-firmware.sh: warn if the destination folder is not empty | |
| - copy-firmware.sh: add err() helper | |
| - copy-firmware.sh: fix indentation | |
| - copy-firmware.sh: reset and consistently handle destdir | |
| - Revert "copy-firmware: Support additional compressor options" | |
| - copy-firmware.sh: flesh out and fix dedup-firmware.sh | |
| - Style update yaml files | |
| - editorconfig: add initial config file | |
| - check_whence.py: annotate replacement strings as raw | |
| - check_whence.py: LC_ALL=C sort -u the filelist | |
| - check_whence.py: ban link-to-a-link | |
| - check_whence.py: use consistent naming | |
| - Add a link from TAS2XXX1EB3.bin -> ti/tas2781/TAS2XXX1EB30.bin | |
| - tas2781: Upload dsp firmware for ASUS laptop 1EB30 & 1EB31 | |
| - rtlwifi: Add firmware v39.0 for RTL8192DU | |
| - Revert "ath12k: WCN7850 hw2.0: update board-2.bin" | |
| - amdgpu: DMCUB DCN35 update | |
| - brcm: Add BCM4354 NVRAM for Jetson TX1 | |
| - brcm: Link FriendlyElec NanoPi M4 to AP6356S nvram | |
| - linux-firmware: add firmware for MediaTek Bluetooth chip (MT7920) | |
| - linux-firmware: add firmware for MT7920 | |
| - amdgpu: update raven firmware | |
| - amdgpu: update SMU 13.0.10 firmware | |
| - amdgpu: update PSP 13.0.10 firmware | |
| - amdgpu: update GC 11.0.3 firmware | |
| - amdgpu: update VCN 3.1.2 firmware | |
| - amdgpu: update PSP 13.0.5 firmware | |
| - amdgpu: update PSP 13.0.8 firmware | |
| - amdgpu: update vega12 firmware | |
| - amdgpu: update PSP 14.0.4 firmware | |
| - amdgpu: update GC 11.5.2 firmware | |
| - amdgpu: update vega10 firmware | |
| - amdgpu: update VCN 4.0.0 firmware | |
| - amdgpu: update PSP 13.0.0 firmware | |
| - amdgpu: update GC 11.0.0 firmware | |
| - amdgpu: update picasso firmware | |
| - amdgpu: update beige goby firmware | |
| - amdgpu: update vangogh firmware | |
| - amdgpu: update dimgrey cavefish firmware | |
| - amdgpu: update navy flounder firmware | |
| - amdgpu: update green sardine firmware | |
| - amdgpu: update VCN 4.0.2 firmware | |
| - amdgpu: update PSP 13.0.4 firmware | |
| - amdgpu: update GC 11.0.1 firmware | |
| - amdgpu: update sienna cichlid firmware | |
| - amdgpu: update VCN 4.0.6 firmware | |
| - amdgpu: update PSP 14.0.1 firmware | |
| - amdgpu: update GC 11.5.1 firmware | |
| - amdgpu: update VCN 4.0.5 firmware | |
| - amdgpu: update PSP 14.0.0 firmware | |
| - amdgpu: update GC 11.5.0 firmware | |
| - amdgpu: update navi14 firmware | |
| - amdgpu: update renoir firmware | |
| - amdgpu: update navi12 firmware | |
| - amdgpu: update SMU 13.0.6 firmware | |
| - amdgpu: update SDMA 4.4.2 firmware | |
| - amdgpu: update PSP 13.0.6 firmware | |
| - amdgpu: update GC 9.4.3 firmware | |
| - amdgpu: update yellow carp firmware | |
| - amdgpu: update VCN 4.0.4 firmware | |
| - amdgpu: update PSP 13.0.7 firmware | |
| - amdgpu: update GC 11.0.2 firmware | |
| - amdgpu: update navi10 firmware | |
| - amdgpu: update aldebaran firmware | |
| - qcom: update gpu firmwares for qcm6490 chipset | |
| - mt76: mt7996: add firmware files for mt7992 chipset | |
| - mt76: mt7996: add firmware files for mt7996 chipset variants | |
| - qcom: add gpu firmwares for sa8775p chipset | |
| - amdgpu: update DMCUB to v0.0.233.0 DCN351 | |
| - rtw89: 8922a: add fw format-2 v0.35.42.1 | |
| - copy-firmware: Handle links to uncompressed files | |
| - WHENCE: Fix battmgr.jsn entry type | |
| - amdgpu: Add VPE 6.1.3 microcode | |
| - amdgpu: add SDMA 6.1.2 microcode | |
| - amdgpu: Add support for PSP 14.0.4 | |
| - amdgpu: add GC 11.5.2 microcode | |
| - qcom: qcm6490: add ADSP and CDSP firmware | |
| - linux-firmware: Update firmware file for Intel Bluetooth Magnetor core | |
| - linux-firmware: Update firmware file for Intel BlazarU core | |
| - linux-firmware: Update firmware file for Intel Bluetooth Solar core | |
| - rtl_bt: Update RTL8852B BT USB FW to 0x0447_9301 | |
| - realtek: rt1320: Add patch firmware of MCU | |
| - i915: Update MTL DMC v2.23 | |
| - cirrus: cs35l56: Add firmware for Cirrus CS35L54 for some HP laptops | |
| - amdgpu: Revert sienna cichlid dmcub firmware update | |
| - Merge tag 'iwlwifi-fw-2024-09-03' of http://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware into iwlwifi-20240903 | |
| - iwlwifi: add Bz FW for core89-58 release | |
| - rtl_nic: add firmware rtl8126a-3 | |
| - linux-firmware: update firmware for MT7921 WiFi device | |
| - linux-firmware: update firmware for mediatek bluetooth chip (MT7921) | |
| - amdgpu: update DMCUB to v0.0.232.0 for DCN314 and DCN351 | |
| - qcom: vpu: restore compatibility with kernels before 6.6 | |
| Resolves: RHEL-62359 | |
| iwl6050-firmware-41.28.5.1-125.el8_10.1.noarch.rpm | - Update linux-firmware to latest upstream (RHEL-62359) |
| Changes since the last update are noted on items below, copied from | |
| the git changelog of upstream linux-firmware repository. | |
| - mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher | |
| - ath12k: WCN7850 hw2.0: update board-2.bin | |
| - ath12k: QCN9274 hw2.0: add to WLAN.WBE.1.3.1-00162-QCAHKSWPL_SILICONZ-1 | |
| - ath12k: QCN9274 hw2.0: add board-2.bin | |
| - copy-firmware.sh: rename variables in symlink hanlding | |
| - copy-firmware.sh: remove no longer reachable test -L | |
| - copy-firmware.sh: remove no longer reachable test -f | |
| - copy-firmware.sh: call ./check_whence.py before parsing the file | |
| - copy-firmware.sh: warn if the destination folder is not empty | |
| - copy-firmware.sh: add err() helper | |
| - copy-firmware.sh: fix indentation | |
| - copy-firmware.sh: reset and consistently handle destdir | |
| - Revert "copy-firmware: Support additional compressor options" | |
| - copy-firmware.sh: flesh out and fix dedup-firmware.sh | |
| - Style update yaml files | |
| - editorconfig: add initial config file | |
| - check_whence.py: annotate replacement strings as raw | |
| - check_whence.py: LC_ALL=C sort -u the filelist | |
| - check_whence.py: ban link-to-a-link | |
| - check_whence.py: use consistent naming | |
| - Add a link from TAS2XXX1EB3.bin -> ti/tas2781/TAS2XXX1EB30.bin | |
| - tas2781: Upload dsp firmware for ASUS laptop 1EB30 & 1EB31 | |
| - rtlwifi: Add firmware v39.0 for RTL8192DU | |
| - Revert "ath12k: WCN7850 hw2.0: update board-2.bin" | |
| - amdgpu: DMCUB DCN35 update | |
| - brcm: Add BCM4354 NVRAM for Jetson TX1 | |
| - brcm: Link FriendlyElec NanoPi M4 to AP6356S nvram | |
| - linux-firmware: add firmware for MediaTek Bluetooth chip (MT7920) | |
| - linux-firmware: add firmware for MT7920 | |
| - amdgpu: update raven firmware | |
| - amdgpu: update SMU 13.0.10 firmware | |
| - amdgpu: update PSP 13.0.10 firmware | |
| - amdgpu: update GC 11.0.3 firmware | |
| - amdgpu: update VCN 3.1.2 firmware | |
| - amdgpu: update PSP 13.0.5 firmware | |
| - amdgpu: update PSP 13.0.8 firmware | |
| - amdgpu: update vega12 firmware | |
| - amdgpu: update PSP 14.0.4 firmware | |
| - amdgpu: update GC 11.5.2 firmware | |
| - amdgpu: update vega10 firmware | |
| - amdgpu: update VCN 4.0.0 firmware | |
| - amdgpu: update PSP 13.0.0 firmware | |
| - amdgpu: update GC 11.0.0 firmware | |
| - amdgpu: update picasso firmware | |
| - amdgpu: update beige goby firmware | |
| - amdgpu: update vangogh firmware | |
| - amdgpu: update dimgrey cavefish firmware | |
| - amdgpu: update navy flounder firmware | |
| - amdgpu: update green sardine firmware | |
| - amdgpu: update VCN 4.0.2 firmware | |
| - amdgpu: update PSP 13.0.4 firmware | |
| - amdgpu: update GC 11.0.1 firmware | |
| - amdgpu: update sienna cichlid firmware | |
| - amdgpu: update VCN 4.0.6 firmware | |
| - amdgpu: update PSP 14.0.1 firmware | |
| - amdgpu: update GC 11.5.1 firmware | |
| - amdgpu: update VCN 4.0.5 firmware | |
| - amdgpu: update PSP 14.0.0 firmware | |
| - amdgpu: update GC 11.5.0 firmware | |
| - amdgpu: update navi14 firmware | |
| - amdgpu: update renoir firmware | |
| - amdgpu: update navi12 firmware | |
| - amdgpu: update SMU 13.0.6 firmware | |
| - amdgpu: update SDMA 4.4.2 firmware | |
| - amdgpu: update PSP 13.0.6 firmware | |
| - amdgpu: update GC 9.4.3 firmware | |
| - amdgpu: update yellow carp firmware | |
| - amdgpu: update VCN 4.0.4 firmware | |
| - amdgpu: update PSP 13.0.7 firmware | |
| - amdgpu: update GC 11.0.2 firmware | |
| - amdgpu: update navi10 firmware | |
| - amdgpu: update aldebaran firmware | |
| - qcom: update gpu firmwares for qcm6490 chipset | |
| - mt76: mt7996: add firmware files for mt7992 chipset | |
| - mt76: mt7996: add firmware files for mt7996 chipset variants | |
| - qcom: add gpu firmwares for sa8775p chipset | |
| - amdgpu: update DMCUB to v0.0.233.0 DCN351 | |
| - rtw89: 8922a: add fw format-2 v0.35.42.1 | |
| - copy-firmware: Handle links to uncompressed files | |
| - WHENCE: Fix battmgr.jsn entry type | |
| - amdgpu: Add VPE 6.1.3 microcode | |
| - amdgpu: add SDMA 6.1.2 microcode | |
| - amdgpu: Add support for PSP 14.0.4 | |
| - amdgpu: add GC 11.5.2 microcode | |
| - qcom: qcm6490: add ADSP and CDSP firmware | |
| - linux-firmware: Update firmware file for Intel Bluetooth Magnetor core | |
| - linux-firmware: Update firmware file for Intel BlazarU core | |
| - linux-firmware: Update firmware file for Intel Bluetooth Solar core | |
| - rtl_bt: Update RTL8852B BT USB FW to 0x0447_9301 | |
| - realtek: rt1320: Add patch firmware of MCU | |
| - i915: Update MTL DMC v2.23 | |
| - cirrus: cs35l56: Add firmware for Cirrus CS35L54 for some HP laptops | |
| - amdgpu: Revert sienna cichlid dmcub firmware update | |
| - Merge tag 'iwlwifi-fw-2024-09-03' of http://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware into iwlwifi-20240903 | |
| - iwlwifi: add Bz FW for core89-58 release | |
| - rtl_nic: add firmware rtl8126a-3 | |
| - linux-firmware: update firmware for MT7921 WiFi device | |
| - linux-firmware: update firmware for mediatek bluetooth chip (MT7921) | |
| - amdgpu: update DMCUB to v0.0.232.0 for DCN314 and DCN351 | |
| - qcom: vpu: restore compatibility with kernels before 6.6 | |
| Resolves: RHEL-62359 | |
| iwl7260-firmware-25.30.13.0-125.el8_10.1.noarch.rpm | - Update linux-firmware to latest upstream (RHEL-62359) |
| Changes since the last update are noted on items below, copied from | |
| the git changelog of upstream linux-firmware repository. | |
| - mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher | |
| - ath12k: WCN7850 hw2.0: update board-2.bin | |
| - ath12k: QCN9274 hw2.0: add to WLAN.WBE.1.3.1-00162-QCAHKSWPL_SILICONZ-1 | |
| - ath12k: QCN9274 hw2.0: add board-2.bin | |
| - copy-firmware.sh: rename variables in symlink hanlding | |
| - copy-firmware.sh: remove no longer reachable test -L | |
| - copy-firmware.sh: remove no longer reachable test -f | |
| - copy-firmware.sh: call ./check_whence.py before parsing the file | |
| - copy-firmware.sh: warn if the destination folder is not empty | |
| - copy-firmware.sh: add err() helper | |
| - copy-firmware.sh: fix indentation | |
| - copy-firmware.sh: reset and consistently handle destdir | |
| - Revert "copy-firmware: Support additional compressor options" | |
| - copy-firmware.sh: flesh out and fix dedup-firmware.sh | |
| - Style update yaml files | |
| - editorconfig: add initial config file | |
| - check_whence.py: annotate replacement strings as raw | |
| - check_whence.py: LC_ALL=C sort -u the filelist | |
| - check_whence.py: ban link-to-a-link | |
| - check_whence.py: use consistent naming | |
| - Add a link from TAS2XXX1EB3.bin -> ti/tas2781/TAS2XXX1EB30.bin | |
| - tas2781: Upload dsp firmware for ASUS laptop 1EB30 & 1EB31 | |
| - rtlwifi: Add firmware v39.0 for RTL8192DU | |
| - Revert "ath12k: WCN7850 hw2.0: update board-2.bin" | |
| - amdgpu: DMCUB DCN35 update | |
| - brcm: Add BCM4354 NVRAM for Jetson TX1 | |
| - brcm: Link FriendlyElec NanoPi M4 to AP6356S nvram | |
| - linux-firmware: add firmware for MediaTek Bluetooth chip (MT7920) | |
| - linux-firmware: add firmware for MT7920 | |
| - amdgpu: update raven firmware | |
| - amdgpu: update SMU 13.0.10 firmware | |
| - amdgpu: update PSP 13.0.10 firmware | |
| - amdgpu: update GC 11.0.3 firmware | |
| - amdgpu: update VCN 3.1.2 firmware | |
| - amdgpu: update PSP 13.0.5 firmware | |
| - amdgpu: update PSP 13.0.8 firmware | |
| - amdgpu: update vega12 firmware | |
| - amdgpu: update PSP 14.0.4 firmware | |
| - amdgpu: update GC 11.5.2 firmware | |
| - amdgpu: update vega10 firmware | |
| - amdgpu: update VCN 4.0.0 firmware | |
| - amdgpu: update PSP 13.0.0 firmware | |
| - amdgpu: update GC 11.0.0 firmware | |
| - amdgpu: update picasso firmware | |
| - amdgpu: update beige goby firmware | |
| - amdgpu: update vangogh firmware | |
| - amdgpu: update dimgrey cavefish firmware | |
| - amdgpu: update navy flounder firmware | |
| - amdgpu: update green sardine firmware | |
| - amdgpu: update VCN 4.0.2 firmware | |
| - amdgpu: update PSP 13.0.4 firmware | |
| - amdgpu: update GC 11.0.1 firmware | |
| - amdgpu: update sienna cichlid firmware | |
| - amdgpu: update VCN 4.0.6 firmware | |
| - amdgpu: update PSP 14.0.1 firmware | |
| - amdgpu: update GC 11.5.1 firmware | |
| - amdgpu: update VCN 4.0.5 firmware | |
| - amdgpu: update PSP 14.0.0 firmware | |
| - amdgpu: update GC 11.5.0 firmware | |
| - amdgpu: update navi14 firmware | |
| - amdgpu: update renoir firmware | |
| - amdgpu: update navi12 firmware | |
| - amdgpu: update SMU 13.0.6 firmware | |
| - amdgpu: update SDMA 4.4.2 firmware | |
| - amdgpu: update PSP 13.0.6 firmware | |
| - amdgpu: update GC 9.4.3 firmware | |
| - amdgpu: update yellow carp firmware | |
| - amdgpu: update VCN 4.0.4 firmware | |
| - amdgpu: update PSP 13.0.7 firmware | |
| - amdgpu: update GC 11.0.2 firmware | |
| - amdgpu: update navi10 firmware | |
| - amdgpu: update aldebaran firmware | |
| - qcom: update gpu firmwares for qcm6490 chipset | |
| - mt76: mt7996: add firmware files for mt7992 chipset | |
| - mt76: mt7996: add firmware files for mt7996 chipset variants | |
| - qcom: add gpu firmwares for sa8775p chipset | |
| - amdgpu: update DMCUB to v0.0.233.0 DCN351 | |
| - rtw89: 8922a: add fw format-2 v0.35.42.1 | |
| - copy-firmware: Handle links to uncompressed files | |
| - WHENCE: Fix battmgr.jsn entry type | |
| - amdgpu: Add VPE 6.1.3 microcode | |
| - amdgpu: add SDMA 6.1.2 microcode | |
| - amdgpu: Add support for PSP 14.0.4 | |
| - amdgpu: add GC 11.5.2 microcode | |
| - qcom: qcm6490: add ADSP and CDSP firmware | |
| - linux-firmware: Update firmware file for Intel Bluetooth Magnetor core | |
| - linux-firmware: Update firmware file for Intel BlazarU core | |
| - linux-firmware: Update firmware file for Intel Bluetooth Solar core | |
| - rtl_bt: Update RTL8852B BT USB FW to 0x0447_9301 | |
| - realtek: rt1320: Add patch firmware of MCU | |
| - i915: Update MTL DMC v2.23 | |
| - cirrus: cs35l56: Add firmware for Cirrus CS35L54 for some HP laptops | |
| - amdgpu: Revert sienna cichlid dmcub firmware update | |
| - Merge tag 'iwlwifi-fw-2024-09-03' of http://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware into iwlwifi-20240903 | |
| - iwlwifi: add Bz FW for core89-58 release | |
| - rtl_nic: add firmware rtl8126a-3 | |
| - linux-firmware: update firmware for MT7921 WiFi device | |
| - linux-firmware: update firmware for mediatek bluetooth chip (MT7921) | |
| - amdgpu: update DMCUB to v0.0.232.0 for DCN314 and DCN351 | |
| - qcom: vpu: restore compatibility with kernels before 6.6 | |
| Resolves: RHEL-62359 | |
| kernel-4.18.0-553.27.1.el8_10.x86_64.rpm | - lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (Waiman Long) [RHEL-62139] {CVE-2024-47668} |
| - bonding: fix xfrm real_dev null pointer dereference (Hangbin Liu) [RHEL-57239] {CVE-2024-44989} | |
| - bonding: fix null pointer deref in bond_ipsec_offload_ok (Hangbin Liu) [RHEL-57233] {CVE-2024-44990} | |
| - bpf: Fix overrunning reservations in ringbuf (Viktor Malik) [RHEL-49414] {CVE-2024-41009} | |
| - xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CKI Backport Bot) [RHEL-49309] {CVE-2022-48773} | |
| - tty: tty_io: update timestamps on all device nodes (Aristeu Rozanski) [RHEL-55257] | |
| - tty: use 64-bit timstamp (Aristeu Rozanski) [RHEL-55257] | |
| - ELF: fix kernel.randomize_va_space double read (Rafael Aquini) [RHEL-60669] {CVE-2024-46826} | |
| - xfrm: set dst dev to blackhole_netdev instead of loopback_dev in ifdown (Xin Long) [RHEL-58100] | |
| - loopback: fix lockdep splat (Xin Long) [RHEL-58100] | |
| - blackhole_netdev: use blackhole_netdev to invalidate dst entries (Xin Long) [RHEL-58100] | |
| - loopback: create blackhole net device similar to loopack. (Xin Long) [RHEL-58100] | |
| - libceph: fix potential use-after-free on linger ping and resends (Jay Shin) [RHEL-21394 RHEL-20390] | |
| - netfilter: nf_tables: reject QUEUE/DROP verdict parameters (Florian Westphal) [RHEL-24010 RHEL-23506] {CVE-2024-1086} | |
| - ethtool: check device is present when getting link settings (Jamie Bainbridge) [RHEL-57002] | |
| - netfilter: nft_set_pipapo: do not free live element (Phil Sutter) [RHEL-34221] {CVE-2024-26924} | |
| - netfilter: nf_tables: missing iterator type in lookup walk (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nft_set_pipapo: walk over current view on netlink dump (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nftables: add helper function to flush set elements (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nf_tables: prefer nft_chain_validate (Phil Sutter) [RHEL-51040] {CVE-2024-41042} | |
| - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (Phil Sutter) [RHEL-51516] {CVE-2024-42070} | |
| - netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (Phil Sutter) [RHEL-43003] {CVE-2024-35898} | |
| - netfilter: ipset: Fix suspicious rcu_dereference_protected() (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: ipset: Add list flush to cancel_gc (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: nf_conntrack_h323: Add protection for bmp length out of range (Phil Sutter) [RHEL-42680] {CVE-2024-26851} | |
| - netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - dev/parport: fix the array out-of-bounds risk (Steve Best) [RHEL-54985] {CVE-2024-42301} | |
| - KVM: Always flush async #PF workqueue when vCPU is being destroyed (Sean Christopherson) [RHEL-35100] {CVE-2024-26976} | |
| - bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (Kamal Heib) [RHEL-44279] {CVE-2024-38540} | |
| - tipc: Return non-zero value from tipc_udp_addr2str() on error (Xin Long) [RHEL-55069] {CVE-2024-42284} | |
| - Bluetooth: Fix TOCTOU in HCI debugfs implementation (CKI Backport Bot) [RHEL-26831] {CVE-2024-24857} | |
| - drm/i915/dpt: Make DPT object unshrinkable (CKI Backport Bot) [RHEL-47856] {CVE-2024-40924} | |
| - tipc: force a dst refcount before doing decryption (Xin Long) [RHEL-48363] {CVE-2024-40983} | |
| - block: initialize integrity buffer to zero before writing it to media (Ming Lei) [RHEL-54763] {CVE-2024-43854} | |
| - gso: do not skip outer ip header in case of ipip and net_failover (CKI Backport Bot) [RHEL-55790] {CVE-2022-48936} | |
| - drm/amdgpu: avoid using null object of framebuffer (CKI Backport Bot) [RHEL-51405] {CVE-2024-41093} | |
| - ipv6: prevent possible NULL deref in fib6_nh_init() (Guillaume Nault) [RHEL-48170] {CVE-2024-40961} | |
| - mlxsw: spectrum_acl_erp: Fix object nesting warning (CKI Backport Bot) [RHEL-55568] {CVE-2024-43880} | |
| - ibmvnic: Add tx check to prevent skb leak (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066} | |
| - ibmvnic: rename local variable index to bufidx (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066} | |
| - netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - USB: serial: mos7840: fix crash on resume (CKI Backport Bot) [RHEL-53680] {CVE-2024-42244} | |
| - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (CKI Backport Bot) [RHEL-48381] {CVE-2024-40984} | |
| - tracing/timerlat: Add user-space interface (Chris White) [RHEL-20362 RHEL-15142] | |
| - tracing/osnoise: Skip running osnoise if all instances are off (Chris White) [RHEL-20362 RHEL-15142] | |
| - tracing/osnoise: Switch from PF_NO_SETAFFINITY to migrate_disable (Chris White) [RHEL-20362 RHEL-15142] | |
| - tracing/timerlat: Always wakeup the timerlat thread (Chris White) [RHEL-20362 RHEL-15142] | |
| - tracing/osnoise: Fix notify new tracing_max_latency (Chris White) [RHEL-20362 RHEL-15142] | |
| - tracing/timerlat: Notify new max thread latency (Chris White) [RHEL-20362 RHEL-15142] | |
| - trace/osnoise: make use of the helper function kthread_run_on_cpu() (Chris White) [RHEL-20362 RHEL-15142] | |
| - kthread: add the helper function kthread_run_on_cpu() (Chris White) [RHEL-20362 RHEL-15142] | |
| - x86/apic: Mark _all_ legacy interrupts when IO/APIC is missing (Prarit Bhargava) [RHEL-7238 RHEL-4244] | |
| - HID: check empty report_list in hid_validate_values() (Desnes Nunes) [RHEL-19274 RHEL-19237] {CVE-2023-1073} | |
| - s390/dasd: print copy pair message only for the correct error (Tobias Huschle) [RHEL-9444 RHEL-2831] | |
| - blk-mq: don't count completed flush data request as inflight in case of quiesce (Ming Lei) [RHEL-19111 RHEL-18055] | |
| - Adding prod certs and changed cert date to 20210620 (Sherif Nagy) | |
| - Adding Rocky secure boot certs (Sherif Nagy) | |
| - Fixing vmlinuz removal (Sherif Nagy) | |
| - Fixing UEFI CA path (Sherif Nagy) | |
| - Porting to 8.9/8.10, debranding and Rocky branding (Louis Abel) | |
| - Fixing pesign_key_name values (Sherif Nagy) | |
| - Debrand the kernel (Louis Abel) | |
| - redhat: fix to be able to build with rpm 4.19.0 (Denys Vlasenko) | |
| - blk-mq: enforce op-specific segment limits in blk_insert_cloned_request (Ming Lei) [RHEL-14718 RHEL-14504] | |
| - KVM: x86: Add SBPB support (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - KVM: x86: Add IBPB_BRTYPE support (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/retpoline: Document some thunk handling aspects (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Remove unnecessary semicolon (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/rethunk: Use SYM_CODE_START[_LOCAL]_NOALIGN macros (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Disentangle rethunk-dependent options (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Move retbleed IBPB check into existing 'has_microcode' code block (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/bugs: Remove default case for fully switched enums (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Remove 'pred_cmd' label (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Unexport untraining functions (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Improve i-cache locality for alias mitigation (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Fix vulnerability reporting for missing microcode (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Print mitigation for retbleed IBPB case (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Print actual mitigation if requested mitigation isn't possible (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Fix SBPB enablement for (possible) future fixed HW (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/alternatives: Remove faulty optimization (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Fix SBPB enablement for spec_rstack_overflow=off (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Don't probe microcode in a guest (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Set CPUID feature bits independently of bug or mitigation status (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Fix srso_show_state() side effect (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu: Fix amd_check_microcode() declaration (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/CPU/AMD: Remove amd_get_topology_early() (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Correct the mitigation status when SMT is disabled (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Explain the untraining sequences a bit more (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu/kvm: Provide UNTRAIN_RET_VM (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu: Cleanup the untrain mess (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu: Rename srso_(.*)_alias to srso_alias_\1 (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu: Rename original retbleed methods (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu: Clean up SRSO return thunk mess (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/alternative: Make custom return thunk unconditional (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - objtool/x86: Fix SRSO mess (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu: Fix up srso_safe_ret() and __x86_return_thunk() (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu: Fix __x86_return_thunk symbol type (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/retpoline,kprobes: Fix position of thunk sections with CONFIG_LTO_CLANG (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Disable the mitigation on unaffected configurations (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/CPU/AMD: Fix the DIV(0) initial fix attempt (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/retpoline: Don't clobber RFLAGS during srso_safe_ret() (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405 (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - driver core: cpu: Fix the fallback cpu_show_gds() name (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86: Move gds_ucode_mitigated() declaration to header (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/speculation: Add cpu_show_gds() prototype (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - driver core: cpu: Make cpu_show_not_affected() static (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Fix build breakage with the LLVM linker (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - Documentation/srso: Document IBPB aspect and fix formatting (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - driver core: cpu: Unify redundant silly stubs (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/CPU/AMD: Do not leak quotient data after a division by 0 (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Tie SBPB bit setting to microcode patch detection (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Add a forgotten NOENDBR annotation (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Fix return thunks in generated code (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Add IBPB on VMEXIT (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Add IBPB (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Add SRSO_NO support (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Add IBPB_BRTYPE support (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Add a Speculative RAS Overflow mitigation (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/retbleed: Add __x86_return_thunk alignment checks (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/retbleed: Fix return thunk alignment (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/alternative: Optimize returns patching (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/microcode/AMD: Load late on both threads too (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/returnthunk: Allow different return thunks (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86: Sanitize linker script (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - objtool: Fix .return_sites generation (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - drm/amdgpu: Fix possible null pointer dereference (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/amdgpu: Fix possible null pointer dereference (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Keep a gem reference to user bos in surfaces (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: fix typo of sizeof argument (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Fix possible invalid drm gem put calls (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Fix shader stage validation (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: remove unused vmw_overlay function (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Fix Legacy Display Unit atomic drm support (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Print errors when running on broken/unsupported configs (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Drop mksstat_init_record fn as currently unused (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Fix src/dst_pitch confusion (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Replace one-element array with flexible-array member (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Do not drop the reference to the handle too soon (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Stop accessing buffer objects which failed init (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Make the driver work without the dummy resources (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Stop using raw ttm_buffer_object's (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Abstract placement selection (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Rename dummy to is_iomem (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Cleanup the vmw bo usage in the cursor paths (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Simplify fb pinning (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Rename vmw_buffer_object to vmw_bo (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Remove the duplicate bo_free function (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Use the common gem mmap instead of the custom code (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/radeon: handle NULL bo->resource in move callback (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/qxl: handle NULL bo->resource in move callback (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/gem-vram: handle NULL bo->resource in move callback (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/ttm: prevent moving of pinned BOs (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/ttm: stop allocating a dummy resource for pipelined gutting (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/ttm: stop allocating dummy resources during BO creation (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/ttm: clear the ttm_tt when bo->resource is NULL (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/i915/ttm: audit remaining bo->resource (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - Revert "drm/vmwgfx: Stop accessing buffer objects which failed init" (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - Revert "drm/vmwgfx: Do not drop the reference to the handle too soon" (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - Revert "drm/vmwgfx: Fix Legacy Display Unit atomic drm support" (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - nfp: fix use-after-free in area_cache_get() (Ricardo Robaina) [RHEL-19452 RHEL-6567] {CVE-2022-3545} | |
| - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb (David Marlin) [RHEL-18999 RHEL-1231] {CVE-2023-40283} | |
| - md/raid5: release batch_last before waiting for another stripe_head (Nigel Croxon) [RHEL-12284 RHEL-9875] | |
| - nouveau: lock the client object tree. (Abdiel Janulgue) [RHEL-35118] {CVE-2024-27062} | |
| - cifs: fix deadlock between reconnect and lease break (Paulo Alcantara) [RHEL-58037] | |
| - ACPI: PAD: fix crash in exit_round_robin() (Mark Langsdorf) [RHEL-56156] | |
| - gfs2: Randomize GLF_VERIFY_DELETE work delay (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Use mod_delayed_work in gfs2_queue_try_to_evict (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Update to the evict / remote delete documentation (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Clean up delete work processing (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Return enum evict_behavior from gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename dinode_demise to evict_behavior (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename GIF_{DEFERRED -> DEFER}_DELETE (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Faster gfs2_upgrade_iopen_glock wakeups (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Fix unlinked inode cleanup (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Initialize gl_no_formal_ino earlier (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename GLF_VERIFY_EVICT to GLF_VERIFY_DELETE (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: make timeout values more explicit (Wolfram Sang) [RHEL-35757] | |
| - gfs2: Simplify function gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename SDF_DEACTIVATING to SDF_KILL (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Cease delete work during unmount (Bob Peterson) [RHEL-35757] | |
| - gfs2: Improve gfs2_upgrade_iopen_glock comment (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: nit: gfs2_drop_inode shouldn't return bool (Bob Peterson) [RHEL-35757] | |
| - dmaengine: fix NULL pointer in channel unregistration function (Jerry Snitselaar) [RHEL-28867] {CVE-2023-52492} | |
| - dma-direct: Leak pages on dma_set_decrypted() failure (Jerry Snitselaar) [RHEL-37335] {CVE-2024-35939} | |
| - nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (Olga Kornievskaia) [RHEL-41075] | |
| - NFSv4: Always ask for type with READDIR (Benjamin Coddington) [RHEL-39397] | |
| - cifs: get rid of unneeded conditional in cifs_get_num_sgs() (Paulo Alcantara) [RHEL-60251] | |
| - cifs: Get rid of unneeded conditional in the smb2_get_aead_req() (Paulo Alcantara) [RHEL-60251] | |
| - cifs: Remove duplicated include in cifsglob.h (Paulo Alcantara) [RHEL-60251] | |
| - cifs: fix oops during encryption (Paulo Alcantara) [RHEL-60251] | |
| - x86/cpu: Enable STIBP on AMD if Automatic IBRS is enabled (Waiman Long) [2227916] | |
| - Documentation/hw-vuln: Document the interaction between IBRS and STIBP (Waiman Long) [2227916] | |
| - x86/CPU/AMD: Make sure EFER[AIBRSE] is set (Waiman Long) [2227916] | |
| - fs: don't audit the capability check in simple_xattr_list() (Andrey Albershteyn) [RHEL-863] | |
| - rbd: don't move requests to the running list on errors (Ilya Dryomov) [RHEL-24204 RHEL-21941] | |
| - drm/amdgpu: Fix potential fence use-after-free v2 (Jorge San Emeterio) [RHEL-24479 RHEL-22504] {CVE-2023-51042} | |
| - perf: Fix perf_event_validate_size() lockdep splat (Michael Petlan) [RHEL-22930 RHEL-17968] {CVE-2023-6931} | |
| - perf: Fix perf_event_validate_size() (Michael Petlan) [RHEL-22930 RHEL-17968] {CVE-2023-6931} | |
| - smb: client: fix OOB in receive_encrypted_standard() (Scott Mayhew) [RHEL-22077 RHEL-21685] {CVE-2024-0565} | |
| - ibmveth: Remove condition to recompute TCP header checksum. (Mamatha Inamdar) [RHEL-20822 RHEL-12553] | |
| - net: tls, update curr on splice as well (Sabrina Dubroca) [RHEL-22091 RHEL-19065] {CVE-2024-0646} | |
| - smb: client: fix potential OOB in smb2_dump_detail() (Scott Mayhew) [RHEL-21672 RHEL-19144] {CVE-2023-6610} | |
| - smb: client: fix potential OOB in cifs_dump_detail() (Scott Mayhew) [RHEL-21672 RHEL-19144] {CVE-2023-6610} | |
| - nvmet-tcp: Fix the H2C expected PDU len calculation (Maurizio Lombardi) [RHEL-22299 RHEL-22637 RHEL-22641 RHEL-19155 RHEL-19161 RHEL-19167] {CVE-2023-6535 CVE-2023-6356 CVE-2023-6536} | |
| - nvmet-tcp: remove boilerplate code (Maurizio Lombardi) [RHEL-22299 RHEL-22637 RHEL-22641 RHEL-19155 RHEL-19161 RHEL-19167] {CVE-2023-6535 CVE-2023-6356 CVE-2023-6536} | |
| - nvmet-tcp: fix a crash in nvmet_req_complete() (Maurizio Lombardi) [RHEL-22299 RHEL-22637 RHEL-22641 RHEL-19155 RHEL-19161 RHEL-19167] {CVE-2023-6535 CVE-2023-6356 CVE-2023-6536} | |
| - nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length (Maurizio Lombardi) [RHEL-22299 RHEL-22637 RHEL-22641 RHEL-19155 RHEL-19161 RHEL-19167] {CVE-2023-6535 CVE-2023-6356 CVE-2023-6536} | |
| - net-sysfs: add check for netdevice being present to speed_show (Michal Schmidt) [RHEL-20924 RHEL-16007] | |
| - netfilter: nft_set_pipapo: skip inactive elements during set walk (Florian Westphal) [RHEL-20698 RHEL-19721] {CVE-2023-6817} | |
| - pNFS/filelayout: treat GETDEVICEINFO errors as layout failure (Scott Mayhew) [RHEL-16407 RHEL-4969] | |
| - scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress (Chris Leech) [RHEL-12082 RHEL-8992] {CVE-2023-2162} | |
| - scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress (Chris Leech) [RHEL-12082 RHEL-8992] {CVE-2023-2162} | |
| - KVM: x86/mmu: Fix an sign-extension bug with mmu_seq that hangs vCPUs (Peter Xu) [RHEL-15121 RHEL-7210] | |
| - netfilter: conntrack: Fix gre tunneling over ipv6 (Florian Westphal) [RHEL-15259 RHEL-12497] | |
| - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c (Florian Westphal) [RHEL-8443 RHEL-8444] {CVE-2023-42753} | |
| - tcp: enforce receive buffer memory limits by allowing the tcp window to shrink (Felix Maurer) [RHEL-15096 RHEL-15023] | |
| - redhat: change builder image to rhel-8.9 (Michael Hofmann) | |
| - net: openvswitch: add support for l4 symmetric hashing (Antoine Tenart) [RHEL-12746 RHEL-10498] | |
| - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). (Guillaume Nault) [RHEL-16388 RHEL-2574] {CVE-2023-4622} | |
| - cifs: do not set WorkstationName in NTLMSSP auth blob (Paulo Alcantara) [RHEL-56729] | |
| - padata: Fix possible divide-by-0 panic in padata_mt_helper() (Steve Best) [RHEL-56162] {CVE-2024-43889} | |
| - i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR (CKI Backport Bot) [RHEL-57000] | |
| - sctp: Fix null-ptr-deref in reuseport_add_sock(). (Xin Long) [RHEL-56234] {CVE-2024-44935} | |
| - net/mlx5e: Fix netif state handling (Michal Schmidt) [RHEL-43864] {CVE-2024-38608} | |
| - net/mlx5e: Add wrapping for auxiliary_driver ops and remove unused args (Michal Schmidt) [RHEL-43864] {CVE-2024-38608} | |
| - r8169: Fix possible ring buffer corruption on fragmented Tx packets. (cki-backport-bot) [RHEL-44031] {CVE-2024-38586} | |
| - netfilter: flowtable: initialise extack before use (Florian Westphal) [RHEL-58542] {CVE-2024-45018} | |
| - memcg: protect concurrent access to mem_cgroup_idr (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - memcontrol: ensure memcg acquired by id is properly set up (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - mm: memcontrol: fix cannot alloc the maximum memcg ID (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - mm/memcg: minor cleanup for MEM_CGROUP_ID_MAX (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - ice: Add netif_device_attach/detach into PF reset flow (CKI Backport Bot) [RHEL-23676] | |
| - cifs: Fix UAF in cifs_demultiplex_thread() (Scott Mayhew) [RHEL-15159 RHEL-7930] {CVE-2023-1192} | |
| - ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1 (Florian Westphal) [RHEL-12371 RHEL-5742] | |
| - sched/rt: Fix bad task migration for rt tasks (Valentin Schneider) [RHEL-11682 RHEL-3872] | |
| - bpf: Fix incorrect verifier pruning due to missing register precision taints (Artem Savkov) [RHEL-13049 RHEL-7534] {CVE-2023-2163} | |
| - redhat: fix bug/zjira sort in the changelog (Patrick Talbert) | |
| - CI: Remove unused kpet_tree_family (Nikolai Kondrashov) | |
| - redhat: set default zstream brew target for 8.9 (Patrick Talbert) | |
| - rbd: take header_rwsem in rbd_dev_refresh() only when updating (Ilya Dryomov) [RHEL-12689 RHEL-11241] | |
| - rbd: decouple parent info read-in from updating rbd_dev (Ilya Dryomov) [RHEL-12689 RHEL-11241] | |
| - rbd: decouple header read-in from updating rbd_dev->header (Ilya Dryomov) [RHEL-12689 RHEL-11241] | |
| - rbd: move rbd_dev_refresh() definition (Ilya Dryomov) [RHEL-12689 RHEL-11241] | |
| - media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919} | |
| - media: dvb_ca_en50221: fix a size write bug (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919} | |
| - media: dvb_ca_en50221: avoid speculation from CA slot (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919} | |
| - media: dvb-core: fix epoll() by calling poll_wait first (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919} | |
| - media: dvb_ca_en50221: off by one in dvb_ca_en50221_io_do_ioctl() (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919} | |
| - iavf: schedule a request immediately after add/delete vlan (Petr Oros) [2240750 2231174] | |
| - iavf: add iavf_schedule_aq_request() helper (Petr Oros) [2240750 2231174] | |
| - bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire (Tomas Glozar) [RHEL-6123 2229965] | |
| - media: dvb-core: Fix use-after-free due on race condition at dvb_net (Dean Nelson) [RHEL-11248 RHEL-1842] {CVE-2022-45886} | |
| - media: dvb_net: avoid speculation from net slot (Dean Nelson) [RHEL-11248 RHEL-1842] {CVE-2022-45886} | |
| - mm/slab_common: fix slab_caches list corruption after kmem_cache_destroy() (Rafael Aquini) [RHEL-11588 RHEL-3652] | |
| - ice: always add legacy 32byte RXDID in supported_rxdids (Michal Schmidt) [RHEL-10393 RHEL-3379] | |
| - net: tun: fix bugs for oversize packet when napi frags enabled (Ricardo Robaina) [RHEL-12295 RHEL-7185] {CVE-2023-3812} | |
| - ice: Don't tx before switchdev is fully configured (Michal Schmidt) [RHEL-11331 RHEL-10997] | |
| - media: dvb-core: Fix use-after-free due to race at dvb_register_device() (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884} | |
| - media: dvbdev: fix refcnt bug (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884} | |
| - media: dvbdev: adopts refcnt to avoid UAF (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884} | |
| - media: dvbdev: fix error logic at dvb_register_device() (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884} | |
| - media: dvbdev: Fix memleak in dvb_register_device (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884} | |
| - media: media/dvb: Use kmemdup rather than duplicating its implementation (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884} | |
| - media: dvbdev: remove double-unlock (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884} | |
| - bpf: Adjust insufficient default bpf_jit_limit (Viktor Malik) [2243011 2219567] | |
| - bpf: Prevent increasing bpf_jit_limit above max (Viktor Malik) [2243011 2219567] | |
| - Adding prod certs and changed cert date to 20210620 (Sherif Nagy) | |
| - Adding Rocky secure boot certs (Sherif Nagy) | |
| - Fixing vmlinuz removal (Sherif Nagy) | |
| - Fixing UEFI CA path (Sherif Nagy) | |
| - Porting to 8.10, debranding and Rocky branding (Louis Abel) | |
| - Fixing pesign_key_name values (Sherif Nagy) | |
| - redhat: list Z-Jiras in the changelog before Y-Jiras (Herton R. Krzesinski) | |
| - Revert "mm, meminit: recalculate pcpu batch and high limits after init completes" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm,memory_hotplug: factor out adjusting present pages into adjust_present_page_count()" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: move free_the_page" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: allow high-order pages to be stored on the per-cpu lists" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: fetch the correct pcp buddy during bulk free" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: track range of active PCP lists during bulk free" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: simplify how many pages are selected per pcp list during bulk free" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: drain the requested list first during bulk free" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: free pages in a single pass during bulk free" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: do not prefetch buddies during bulk free" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: check high-order pages for corruption during PCP operations" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: fix incorrect PGFREE and PGALLOC for high-order page" (Chris von Recklinghausen) [RHEL-8539] | |
| - Adding prod certs and changed cert date to 20210620 (Sherif Nagy) | |
| - Adding Rocky secure boot certs (Sherif Nagy) | |
| - Fixing vmlinuz removal (Sherif Nagy) | |
| - Fixing UEFI CA path (Sherif Nagy) | |
| - Porting to 8.10, debranding and Rocky branding (Louis Abel) | |
| - Fixing pesign_key_name values (Sherif Nagy) | |
| - IB/ipoib: Fix mcast list locking (Daniel Vacek) [RHEL-19699 RHEL-19244] | |
| - RDMA/IPoIB: Fix error code return in ipoib_mcast_join (Daniel Vacek) [RHEL-19699 RHEL-19244] | |
| - x86/sev: Check for user-space IOIO pointing to kernel space (Wander Lairson Costa) [RHEL-18014 RHEL-14978] {CVE-2023-46813} | |
| - x86/sev: Check IOBM for IOIO exceptions from user-space (Wander Lairson Costa) [RHEL-18014 RHEL-14978] {CVE-2023-46813} | |
| - x86/sev: Disable MMIO emulation from user mode (Wander Lairson Costa) [RHEL-18014 RHEL-14978] {CVE-2023-46813} | |
| - x86/sev-es: Fix SEV-ES OUT/IN immediate opcode vc handling (Wander Lairson Costa) [RHEL-18014 RHEL-14978] {CVE-2023-46813} | |
| - Adding prod certs and changed cert date to 20210620 (Sherif Nagy) | |
| - Adding Rocky secure boot certs (Sherif Nagy) | |
| - Fixing vmlinuz removal (Sherif Nagy) | |
| - Fixing UEFI CA path (Sherif Nagy) | |
| - Porting to 8.10, debranding and Rocky branding (Louis Abel) | |
| - Fixing pesign_key_name values (Sherif Nagy) | |
| - drm/amd/display: fix the white screen issue when >= 64GB DRAM (Mika Penttilä) [2231934] | |
| - gfs2: conversion deadlock do_promote bypass (Bob Peterson) [2225228] | |
| - gfs2: do_promote cleanup (Andreas Gruenbacher) [2225228] | |
| - gfs2: Make use of list_is_first (Andreas Gruenbacher) [2225228] | |
| - Revert "cnic: Use the bitmap API to allocate bitmaps" (Chris Leech) [RHEL-1950] | |
| - Revert "cnic: don't pass bogus GFP_ flags to dma_alloc_coherent" (Chris Leech) [RHEL-1950] | |
| - scsi: lpfc: Prevent use-after-free during rmmod with mapped NVMe rports (Paul Ely) [RHEL-2602] | |
| - scsi: lpfc: Early return after marking final NLP_DROPPED flag in dev_loss_tmo (Paul Ely) [RHEL-2602] | |
| - gfs2: Add quota_change type (Bob Peterson) [2224075] | |
| - redhat: rewrite genlog and support Y- tags (Jan Stancek) | |
| - smb: client: fix OOB in smbCalcSize() (Scott Mayhew) [RHEL-21662 RHEL-18990] {CVE-2023-6606} | |
| - s390/qeth: Don't call dev_close/dev_open (DOWN/UP) (Tobias Huschle) [RHEL-17884 RHEL-2410] | |
| - blk-mq: use quiesced elevator switch when reinitializing queues (Ming Lei) [RHEL-21785 RHEL-19944] | |
| - lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (Ming Lei) [RHEL-20232 RHEL-8128] | |
| - s390/qeth: Fix vipa deletion (Tobias Huschle) [RHEL-25811 RHEL-11194] | |
| - smsc95xx: fix stalled rx after link change (Izabela Bakollari) [RHEL-25719 RHEL-22312] | |
| - ceph: don't let check_caps skip sending responses for revoke msgs (Xiubo Li) [RHEL-20909 RHEL-16412] | |
| - ceph: issue a cap release immediately if no cap exists (Xiubo Li) [RHEL-20909 RHEL-16412] | |
| - ceph: trigger to flush the buffer when making snapshot (Xiubo Li) [RHEL-20909 RHEL-16412] | |
| - ceph: force updating the msg pointer in non-split case (Xiubo Li) [RHEL-20909 RHEL-16412] | |
| - ceph: flush cap releases when the session is flushed (Xiubo Li) [RHEL-20909 RHEL-16412] | |
| - ceph: reorder fields in 'struct ceph_snapid_map' (Xiubo Li) [RHEL-20909 RHEL-16412] | |
| - ceph: voluntarily drop Xx caps for requests those touch parent mtime (Xiubo Li) [RHEL-20909 RHEL-16412] | |
| - KVM: x86: Constrain guest-supported xfeatures only at KVM_GET_XSAVE{2} (Bandan Das) [RHEL-23063 RHEL-7558] | |
| - x86/fpu: Allow caller to constrain xfeatures when copying to uabi buffer (Bandan Das) [RHEL-23063 RHEL-7558] | |
| - dm-crypt, dm-verity: disable tasklets (Benjamin Marzinski) [RHEL-26101 RHEL-22232] | |
| - dm verity: initialize fec io before freeing it (Benjamin Marzinski) [RHEL-26101 RHEL-22232] | |
| - dm-verity: don't use blocking calls from tasklets (Benjamin Marzinski) [RHEL-26101 RHEL-22232] | |
| - ceph: add ceph_cap_unlink_work to fire check_caps() immediately (Xiubo Li) [RHEL-27496 RHEL-21760] | |
| - ceph: always queue a writeback when revoking the Fb caps (Xiubo Li) [RHEL-27496 RHEL-21760] | |
| - ceph: always check dir caps asynchronously (Xiubo Li) [RHEL-27496 RHEL-21760] | |
| - scsi: smartpqi: Fix disable_managed_interrupts (Tomas Henzl) [RHEL-26139 RHEL-25747] | |
| - ext4: fix kernel BUG in 'ext4_write_inline_data_end()' (Carlos Maiolino) [RHEL-26331 RHEL-23386] {CVE-2021-33631} | |
| - serial: core: return early on unsupported ioctls (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - lib/hexdump: make print_hex_dump_bytes() a nop on !DEBUG builds (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix race condition in status line change on dead connections (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - Revert "tty: n_gsm: fix UAF in gsm_cleanup_mux" (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix UAF in gsm_cleanup_mux (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: add parameter negotiation support (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: add parameters used with parameter negotiation (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: introduce macro for minimal unit size (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: name the debug bits (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: introduce gsm_control_command() function (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: replace use of gsm_read_ea() with gsm_read_ea_val() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: name gsm tty device minors (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: initialize more members at gsm_alloc_mux() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: add sanity check for gsm->receive in gsm_receive_buf() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix flow control handling in tx path (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix resource allocation order in gsm_activate_mux() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix deadlock and link starvation in outgoing data path (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix race condition in gsmld_write() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix non flow control frames during mux flow off (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix missing timer to handle stalled links (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong queuing behavior in gsm_dlci_data_output() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix tty registration before control channel open (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix user open not possible at responder until initiator open (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Debug output allocation must use GFP_ATOMIC (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Fix packet data hex dump output (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix buffer over-read in gsm_dlci_data() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix sometimes uninitialized warning in gsm_dlci_modem_output() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix software flow control handling (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix invalid use of MSC in advanced option (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix broken virtual tty handling (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix missing update of modem controls after DLCI open (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix reset fifo race condition (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix missing tty wakeup in convergence layer type 2 (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong signal octets encoding in MSC (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong command frame length field encoding (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong command retry handling (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix missing explicit ldisc flush (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong DLCI release order (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix insufficient txframe size (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix frame reception handling (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2 (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix mux cleanup after unregister tty device (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix decoupled mux resource (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix restart handling via CLD command (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix deadlock in gsmtty_open() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong modem processing in convergence layer type 2 (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong tty control line for flow control (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix NULL pointer access due to DLCI release (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix encoding of command/response bit (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix SW flow control encoding/handling (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove tty parameter from mxser_receive_chars_new() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: don't throttle manually (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: make mxser_port::ldisc_stop_rx a bool (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Don't ignore write return value in gsmld_output() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: clean up indenting in gsm_queue() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Save dlci address open status when config requester (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Modify gsmtty driver register method when config requester (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Delete gsmtty open SABM frame when config requester (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Modify CR,PF bit printk info when config requester (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Modify CR,PF bit when config requester (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: stop using alloc_tty_driver (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: don't store semi-state into tty drivers (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - hvsi: don't panic on tty_register_driver failure (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - amiserial: switch rs_table to a single state (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - amiserial: expand "custom" (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - amiserial: use memset to zero serial_state (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - amiserial: remove serial_* strings (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: drop mxser_port::custom_divisor (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: drop mxser_port::baud_base (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove unused mxser_port::stop_rx (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: don't allocate MXSER_PORTS + 1 (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove cnt from mxser_receive_chars (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove MOXA_GETMSTATUS ioctl (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove MOXA_GETDATACOUNT ioctl (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove MOXA_CHKPORTENABLE ioctl (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove MOXA_ASPP_LSTATUS ioctl (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove MOXA_ASPP_MON and friends (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove MOXA_SET_BAUD_METHOD ioctl (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove MOXA_GET_MAJOR deprecated ioctl (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: drop unused MOXA_DIAGNOSE macro (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: drop UART_MCR_AFE and UART_LSR_SPECIAL defines (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove else from LSR bits checks (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: extract mxser_receive_chars_old (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: extract mxser_receive_chars_new (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: simplify mxser_interrupt and drop mxser_board::vector_mask (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: extract port ISR (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: cleanup LSR handling in mxser_receive_chars (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove nonsense from ISR (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: drop constant board::uart_type (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: introduce enum mxser_must_hwid (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: rename mxser_board::chip_flag to must_hwid (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: rename CheckIsMoxaMust to mxser_get_must_hwid (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: cleanup Gpci_uart_info struct (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: integrate mxser.h into .c (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: drop ISA support (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: use goto-failpaths in gsm_init (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: mxser: drop low-latency workaround (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: check error while registering tty devices (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: mxser: fix TIOCSSERIAL jiffies conversions (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm, remove duplicates of parameters (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: do not check tty_unregister_driver's return value (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: nozomi, remove init/exit messages (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty_port: drop last traces of low_latency (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Demote obvious abuse of kernel-doc and supply other missing docss (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm, eliminate indirection for gsm->{output,error}() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Fix bogus i++ in gsm_data_kick (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Remove unnecessary test in gsm_print_packet() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Fix waking up upper tty layer when room available (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Fix SOF skipping (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Improve debug output (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: switch constipated to bool (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: switch throttled to bool (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: switch dead to bool (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: introduce enum gsm_dlci_mode (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: introduce enum gsm_dlci_state (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: drop unneeded gsm_dlci->fifo field (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Replace zero-length array with flexible-array member (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: avoid recursive locking with async port hangup (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: add helpers to convert mux-num to/from tty-base (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - docs: serial: move it to the driver-api (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - docs: serial: convert docs to ReST and rename to *.rst (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Mark expected switch fall-throughs (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: Constify u8 and unsigned char usage (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Add copy_config() and gsm_config() to prepare for serdev (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: switch to ->[sg]et_serial() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - amiserial: switch to ->[sg]et_serial() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty/serial_core: add ISO7816 infrastructure (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve (Davide Caratti) [RHEL-16858 RHEL-14032] {CVE-2023-4623} | |
| - net/sched: sch_hfsc: Ensure inner classes have fsc curve (Davide Caratti) [RHEL-16858 RHEL-14032] {CVE-2023-4623} | |
| - net: sched: sch_qfq: Use non-work-conserving warning handler (Davide Caratti) [RHEL-14423 RHEL-14032] {CVE-2023-4921} | |
| - net: sched: sch_qfq: Fix UAF in qfq_dequeue() (Davide Caratti) [RHEL-14423 RHEL-14032] {CVE-2023-4921} | |
| - net/tls: Remove the context from the list in tls_device_down (Jay Shin) [RHEL-17813 RHEL-17301] | |
| - tls: Fix context leak on tls_device_down (Jay Shin) [RHEL-17813 RHEL-17301] | |
| - igb: set max size RX buffer when store bad packet is enabled (Wander Lairson Costa) [RHEL-15187 RHEL-15188] {CVE-2023-45871} | |
| - ice: reset first in crash dump kernels (Petr Oros) [2244625 2139761] | |
| - nvmet-tcp: Fix a possible UAF in queue intialization setup (John Meneghini) [RHEL-11507 RHEL-11509] {CVE-2023-5178} | |
| - block: check_events: don't bother with events if unsupported (Ming Lei) [RHEL-15052 RHEL-2407] | |
| - Revert "block: unexport DISK_EVENT_MEDIA_CHANGE for legacy/fringe drivers" (Ming Lei) [RHEL-15052 RHEL-2407] | |
| - Revert "ide: unexport DISK_EVENT_MEDIA_CHANGE for ide-gd and ide-cd" (Ming Lei) [RHEL-15052 RHEL-2407] | |
| - block: disk_events: introduce event flags (Ming Lei) [RHEL-15052 RHEL-2407] | |
| - block: genhd: remove async_events field (Ming Lei) [RHEL-15052 RHEL-2407] | |
| - net: virtio_net_hdr_to_skb: count transport header in UFO (Cindy Lu) [RHEL-16332 RHEL-6030] | |
| - x86/sev: Make enc_dec_hypercall() accept a size instead of npages (Vitaly Kuznetsov) [RHEL-5764 RHEL-3656] | |
| - drm/vmwgfx: Fix possible null pointer derefence with invalid contexts (Jocelyn Falempe) [RHEL-22766 RHEL-3179] {CVE-2022-38096} | |
| - drm/mgag200: Fix gamma lut not initialized for G200ER, G200EV, G200SE (Jocelyn Falempe) [RHEL-21055 RHEL-21054] | |
| - sched/fair: Block nohz tick_stop when cfs bandwidth in use (Phil Auld) [RHEL-12723 RHEL-2527] | |
| - sched, cgroup: Restore meaning to hierarchical_quota (Phil Auld) [RHEL-12723 RHEL-2527] | |
| - sched/fair: Hide unused init_cfs_bandwidth() stub (Phil Auld) [RHEL-12723 RHEL-2527] | |
| - Fix double fget() in vhost_net_set_backend() (Jon Maloy) [RHEL-13212 RHEL-7162] {CVE-2023-1838} | |
| - can: af_can: fix NULL pointer dereference in can_rcv_filter (Ricardo Robaina) [RHEL-19462 RHEL-6429] {CVE-2023-2166} | |
| - RDMA/core: Update CMA destination address on rdma_resolve_addr (Kamal Heib) [RHEL-19328 RHEL-1032] {CVE-2023-2176} | |
| - RDMA/core: Refactor rdma_bind_addr (Kamal Heib) [RHEL-19328 RHEL-1032] {CVE-2023-2176} | |
| - net: fix net device address assign type (Michal Schmidt) [RHEL-17296 RHEL-6383] | |
| - net: add check for current MAC address in dev_set_mac_address (Michal Schmidt) [RHEL-17296 RHEL-6383] | |
| - perf/core: Fix potential NULL deref (Wander Lairson Costa) [RHEL-18004 RHEL-14982] {CVE-2023-5717} | |
| - perf: Disallow mis-matched inherited group reads (Wander Lairson Costa) [RHEL-18004 RHEL-14982] {CVE-2023-5717} | |
| - drivers: net: slip: fix NPD bug in sl_tx_timeout() (Michal Schmidt) [RHEL-18583 RHEL-6655] {CVE-2022-41858} | |
| - cifs: modefromsids must add an ACE for authenticated users (Paulo Alcantara) [RHEL-56052] | |
| - cifs: do not use uninitialized data in the owner/group sid (Paulo Alcantara) [RHEL-56052] | |
| - cifs: fix set of group SID via NTSD xattrs (Paulo Alcantara) [RHEL-56052] | |
| - smb3: correct smb3 ACL security descriptor (Paulo Alcantara) [RHEL-56052] | |
| - smb3: fix possible access to uninitialized pointer to DACL (Paulo Alcantara) [RHEL-56052] | |
| - cifs: remove two cases where rc is set unnecessarily in sid_to_id (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix chmod with modefromsid when an older ACE already exists. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: update new ACE pointer after populate_new_aces. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: If a corrupted DACL is returned by the server, bail out. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: cleanup a few le16 vs. le32 uses in cifsacl.c (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Change SIDs in ACEs while transferring file ownership. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Retain old ACEs when converting between mode bits and ACL. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix cifsacl ACE mask for group and others. (Paulo Alcantara) [RHEL-56052] | |
| - Add SMB 2 support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052] | |
| - SMB3: Add support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Enable sticky bit with cifsacl mount option. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix unix perm bits to cifsacl conversion for "other" bits. (Paulo Alcantara) [RHEL-56052] | |
| - drm/i915/gt: Fix potential UAF by revoke of fence registers (Mika Penttilä) [RHEL-53633] {CVE-2024-41092} | |
| - scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (Dick Kennedy) [RHEL-27224] | |
| - kobject_uevent: Fix OOB access within zap_modalias_env() (Rafael Aquini) [RHEL-55000] {CVE-2024-42292} | |
| - gfs2: Fix NULL pointer dereference in gfs2_log_flush (Andrew Price) [RHEL-51553] {CVE-2024-42079} | |
| - of: module: add buffer overflow check in of_modalias() (Charles Mirabile) [RHEL-44267] {CVE-2024-38541} | |
| kernel-core-4.18.0-553.27.1.el8_10.x86_64.rpm | - lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (Waiman Long) [RHEL-62139] {CVE-2024-47668} |
| - bonding: fix xfrm real_dev null pointer dereference (Hangbin Liu) [RHEL-57239] {CVE-2024-44989} | |
| - bonding: fix null pointer deref in bond_ipsec_offload_ok (Hangbin Liu) [RHEL-57233] {CVE-2024-44990} | |
| - bpf: Fix overrunning reservations in ringbuf (Viktor Malik) [RHEL-49414] {CVE-2024-41009} | |
| - xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CKI Backport Bot) [RHEL-49309] {CVE-2022-48773} | |
| - tty: tty_io: update timestamps on all device nodes (Aristeu Rozanski) [RHEL-55257] | |
| - tty: use 64-bit timstamp (Aristeu Rozanski) [RHEL-55257] | |
| - ELF: fix kernel.randomize_va_space double read (Rafael Aquini) [RHEL-60669] {CVE-2024-46826} | |
| - xfrm: set dst dev to blackhole_netdev instead of loopback_dev in ifdown (Xin Long) [RHEL-58100] | |
| - loopback: fix lockdep splat (Xin Long) [RHEL-58100] | |
| - blackhole_netdev: use blackhole_netdev to invalidate dst entries (Xin Long) [RHEL-58100] | |
| - loopback: create blackhole net device similar to loopack. (Xin Long) [RHEL-58100] | |
| - libceph: fix potential use-after-free on linger ping and resends (Jay Shin) [RHEL-21394 RHEL-20390] | |
| - netfilter: nf_tables: reject QUEUE/DROP verdict parameters (Florian Westphal) [RHEL-24010 RHEL-23506] {CVE-2024-1086} | |
| - ethtool: check device is present when getting link settings (Jamie Bainbridge) [RHEL-57002] | |
| - netfilter: nft_set_pipapo: do not free live element (Phil Sutter) [RHEL-34221] {CVE-2024-26924} | |
| - netfilter: nf_tables: missing iterator type in lookup walk (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nft_set_pipapo: walk over current view on netlink dump (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nftables: add helper function to flush set elements (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nf_tables: prefer nft_chain_validate (Phil Sutter) [RHEL-51040] {CVE-2024-41042} | |
| - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (Phil Sutter) [RHEL-51516] {CVE-2024-42070} | |
| - netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (Phil Sutter) [RHEL-43003] {CVE-2024-35898} | |
| - netfilter: ipset: Fix suspicious rcu_dereference_protected() (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: ipset: Add list flush to cancel_gc (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: nf_conntrack_h323: Add protection for bmp length out of range (Phil Sutter) [RHEL-42680] {CVE-2024-26851} | |
| - netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - dev/parport: fix the array out-of-bounds risk (Steve Best) [RHEL-54985] {CVE-2024-42301} | |
| - KVM: Always flush async #PF workqueue when vCPU is being destroyed (Sean Christopherson) [RHEL-35100] {CVE-2024-26976} | |
| - bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (Kamal Heib) [RHEL-44279] {CVE-2024-38540} | |
| - tipc: Return non-zero value from tipc_udp_addr2str() on error (Xin Long) [RHEL-55069] {CVE-2024-42284} | |
| - Bluetooth: Fix TOCTOU in HCI debugfs implementation (CKI Backport Bot) [RHEL-26831] {CVE-2024-24857} | |
| - drm/i915/dpt: Make DPT object unshrinkable (CKI Backport Bot) [RHEL-47856] {CVE-2024-40924} | |
| - tipc: force a dst refcount before doing decryption (Xin Long) [RHEL-48363] {CVE-2024-40983} | |
| - block: initialize integrity buffer to zero before writing it to media (Ming Lei) [RHEL-54763] {CVE-2024-43854} | |
| - gso: do not skip outer ip header in case of ipip and net_failover (CKI Backport Bot) [RHEL-55790] {CVE-2022-48936} | |
| - drm/amdgpu: avoid using null object of framebuffer (CKI Backport Bot) [RHEL-51405] {CVE-2024-41093} | |
| - ipv6: prevent possible NULL deref in fib6_nh_init() (Guillaume Nault) [RHEL-48170] {CVE-2024-40961} | |
| - mlxsw: spectrum_acl_erp: Fix object nesting warning (CKI Backport Bot) [RHEL-55568] {CVE-2024-43880} | |
| - ibmvnic: Add tx check to prevent skb leak (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066} | |
| - ibmvnic: rename local variable index to bufidx (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066} | |
| - netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - USB: serial: mos7840: fix crash on resume (CKI Backport Bot) [RHEL-53680] {CVE-2024-42244} | |
| - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (CKI Backport Bot) [RHEL-48381] {CVE-2024-40984} | |
| - tracing/timerlat: Add user-space interface (Chris White) [RHEL-20362 RHEL-15142] | |
| - tracing/osnoise: Skip running osnoise if all instances are off (Chris White) [RHEL-20362 RHEL-15142] | |
| - tracing/osnoise: Switch from PF_NO_SETAFFINITY to migrate_disable (Chris White) [RHEL-20362 RHEL-15142] | |
| - tracing/timerlat: Always wakeup the timerlat thread (Chris White) [RHEL-20362 RHEL-15142] | |
| - tracing/osnoise: Fix notify new tracing_max_latency (Chris White) [RHEL-20362 RHEL-15142] | |
| - tracing/timerlat: Notify new max thread latency (Chris White) [RHEL-20362 RHEL-15142] | |
| - trace/osnoise: make use of the helper function kthread_run_on_cpu() (Chris White) [RHEL-20362 RHEL-15142] | |
| - kthread: add the helper function kthread_run_on_cpu() (Chris White) [RHEL-20362 RHEL-15142] | |
| - x86/apic: Mark _all_ legacy interrupts when IO/APIC is missing (Prarit Bhargava) [RHEL-7238 RHEL-4244] | |
| - HID: check empty report_list in hid_validate_values() (Desnes Nunes) [RHEL-19274 RHEL-19237] {CVE-2023-1073} | |
| - s390/dasd: print copy pair message only for the correct error (Tobias Huschle) [RHEL-9444 RHEL-2831] | |
| - blk-mq: don't count completed flush data request as inflight in case of quiesce (Ming Lei) [RHEL-19111 RHEL-18055] | |
| - Adding prod certs and changed cert date to 20210620 (Sherif Nagy) | |
| - Adding Rocky secure boot certs (Sherif Nagy) | |
| - Fixing vmlinuz removal (Sherif Nagy) | |
| - Fixing UEFI CA path (Sherif Nagy) | |
| - Porting to 8.9/8.10, debranding and Rocky branding (Louis Abel) | |
| - Fixing pesign_key_name values (Sherif Nagy) | |
| - Debrand the kernel (Louis Abel) | |
| - redhat: fix to be able to build with rpm 4.19.0 (Denys Vlasenko) | |
| - blk-mq: enforce op-specific segment limits in blk_insert_cloned_request (Ming Lei) [RHEL-14718 RHEL-14504] | |
| - KVM: x86: Add SBPB support (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - KVM: x86: Add IBPB_BRTYPE support (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/retpoline: Document some thunk handling aspects (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Remove unnecessary semicolon (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/rethunk: Use SYM_CODE_START[_LOCAL]_NOALIGN macros (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Disentangle rethunk-dependent options (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Move retbleed IBPB check into existing 'has_microcode' code block (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/bugs: Remove default case for fully switched enums (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Remove 'pred_cmd' label (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Unexport untraining functions (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Improve i-cache locality for alias mitigation (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Fix vulnerability reporting for missing microcode (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Print mitigation for retbleed IBPB case (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Print actual mitigation if requested mitigation isn't possible (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Fix SBPB enablement for (possible) future fixed HW (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/alternatives: Remove faulty optimization (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Fix SBPB enablement for spec_rstack_overflow=off (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Don't probe microcode in a guest (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Set CPUID feature bits independently of bug or mitigation status (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Fix srso_show_state() side effect (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu: Fix amd_check_microcode() declaration (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/CPU/AMD: Remove amd_get_topology_early() (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Correct the mitigation status when SMT is disabled (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Explain the untraining sequences a bit more (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu/kvm: Provide UNTRAIN_RET_VM (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu: Cleanup the untrain mess (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu: Rename srso_(.*)_alias to srso_alias_\1 (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu: Rename original retbleed methods (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu: Clean up SRSO return thunk mess (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/alternative: Make custom return thunk unconditional (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - objtool/x86: Fix SRSO mess (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu: Fix up srso_safe_ret() and __x86_return_thunk() (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu: Fix __x86_return_thunk symbol type (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/retpoline,kprobes: Fix position of thunk sections with CONFIG_LTO_CLANG (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Disable the mitigation on unaffected configurations (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/CPU/AMD: Fix the DIV(0) initial fix attempt (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/retpoline: Don't clobber RFLAGS during srso_safe_ret() (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405 (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - driver core: cpu: Fix the fallback cpu_show_gds() name (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86: Move gds_ucode_mitigated() declaration to header (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/speculation: Add cpu_show_gds() prototype (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - driver core: cpu: Make cpu_show_not_affected() static (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Fix build breakage with the LLVM linker (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - Documentation/srso: Document IBPB aspect and fix formatting (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - driver core: cpu: Unify redundant silly stubs (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/CPU/AMD: Do not leak quotient data after a division by 0 (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Tie SBPB bit setting to microcode patch detection (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Add a forgotten NOENDBR annotation (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Fix return thunks in generated code (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Add IBPB on VMEXIT (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Add IBPB (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Add SRSO_NO support (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Add IBPB_BRTYPE support (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Add a Speculative RAS Overflow mitigation (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/retbleed: Add __x86_return_thunk alignment checks (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/retbleed: Fix return thunk alignment (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/alternative: Optimize returns patching (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/microcode/AMD: Load late on both threads too (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/returnthunk: Allow different return thunks (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86: Sanitize linker script (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - objtool: Fix .return_sites generation (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - drm/amdgpu: Fix possible null pointer dereference (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/amdgpu: Fix possible null pointer dereference (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Keep a gem reference to user bos in surfaces (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: fix typo of sizeof argument (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Fix possible invalid drm gem put calls (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Fix shader stage validation (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: remove unused vmw_overlay function (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Fix Legacy Display Unit atomic drm support (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Print errors when running on broken/unsupported configs (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Drop mksstat_init_record fn as currently unused (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Fix src/dst_pitch confusion (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Replace one-element array with flexible-array member (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Do not drop the reference to the handle too soon (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Stop accessing buffer objects which failed init (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Make the driver work without the dummy resources (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Stop using raw ttm_buffer_object's (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Abstract placement selection (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Rename dummy to is_iomem (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Cleanup the vmw bo usage in the cursor paths (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Simplify fb pinning (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Rename vmw_buffer_object to vmw_bo (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Remove the duplicate bo_free function (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Use the common gem mmap instead of the custom code (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/radeon: handle NULL bo->resource in move callback (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/qxl: handle NULL bo->resource in move callback (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/gem-vram: handle NULL bo->resource in move callback (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/ttm: prevent moving of pinned BOs (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/ttm: stop allocating a dummy resource for pipelined gutting (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/ttm: stop allocating dummy resources during BO creation (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/ttm: clear the ttm_tt when bo->resource is NULL (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/i915/ttm: audit remaining bo->resource (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - Revert "drm/vmwgfx: Stop accessing buffer objects which failed init" (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - Revert "drm/vmwgfx: Do not drop the reference to the handle too soon" (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - Revert "drm/vmwgfx: Fix Legacy Display Unit atomic drm support" (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - nfp: fix use-after-free in area_cache_get() (Ricardo Robaina) [RHEL-19452 RHEL-6567] {CVE-2022-3545} | |
| - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb (David Marlin) [RHEL-18999 RHEL-1231] {CVE-2023-40283} | |
| - md/raid5: release batch_last before waiting for another stripe_head (Nigel Croxon) [RHEL-12284 RHEL-9875] | |
| - nouveau: lock the client object tree. (Abdiel Janulgue) [RHEL-35118] {CVE-2024-27062} | |
| - cifs: fix deadlock between reconnect and lease break (Paulo Alcantara) [RHEL-58037] | |
| - ACPI: PAD: fix crash in exit_round_robin() (Mark Langsdorf) [RHEL-56156] | |
| - gfs2: Randomize GLF_VERIFY_DELETE work delay (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Use mod_delayed_work in gfs2_queue_try_to_evict (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Update to the evict / remote delete documentation (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Clean up delete work processing (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Return enum evict_behavior from gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename dinode_demise to evict_behavior (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename GIF_{DEFERRED -> DEFER}_DELETE (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Faster gfs2_upgrade_iopen_glock wakeups (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Fix unlinked inode cleanup (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Initialize gl_no_formal_ino earlier (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename GLF_VERIFY_EVICT to GLF_VERIFY_DELETE (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: make timeout values more explicit (Wolfram Sang) [RHEL-35757] | |
| - gfs2: Simplify function gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename SDF_DEACTIVATING to SDF_KILL (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Cease delete work during unmount (Bob Peterson) [RHEL-35757] | |
| - gfs2: Improve gfs2_upgrade_iopen_glock comment (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: nit: gfs2_drop_inode shouldn't return bool (Bob Peterson) [RHEL-35757] | |
| - dmaengine: fix NULL pointer in channel unregistration function (Jerry Snitselaar) [RHEL-28867] {CVE-2023-52492} | |
| - dma-direct: Leak pages on dma_set_decrypted() failure (Jerry Snitselaar) [RHEL-37335] {CVE-2024-35939} | |
| - nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (Olga Kornievskaia) [RHEL-41075] | |
| - NFSv4: Always ask for type with READDIR (Benjamin Coddington) [RHEL-39397] | |
| - cifs: get rid of unneeded conditional in cifs_get_num_sgs() (Paulo Alcantara) [RHEL-60251] | |
| - cifs: Get rid of unneeded conditional in the smb2_get_aead_req() (Paulo Alcantara) [RHEL-60251] | |
| - cifs: Remove duplicated include in cifsglob.h (Paulo Alcantara) [RHEL-60251] | |
| - cifs: fix oops during encryption (Paulo Alcantara) [RHEL-60251] | |
| - x86/cpu: Enable STIBP on AMD if Automatic IBRS is enabled (Waiman Long) [2227916] | |
| - Documentation/hw-vuln: Document the interaction between IBRS and STIBP (Waiman Long) [2227916] | |
| - x86/CPU/AMD: Make sure EFER[AIBRSE] is set (Waiman Long) [2227916] | |
| - fs: don't audit the capability check in simple_xattr_list() (Andrey Albershteyn) [RHEL-863] | |
| - rbd: don't move requests to the running list on errors (Ilya Dryomov) [RHEL-24204 RHEL-21941] | |
| - drm/amdgpu: Fix potential fence use-after-free v2 (Jorge San Emeterio) [RHEL-24479 RHEL-22504] {CVE-2023-51042} | |
| - perf: Fix perf_event_validate_size() lockdep splat (Michael Petlan) [RHEL-22930 RHEL-17968] {CVE-2023-6931} | |
| - perf: Fix perf_event_validate_size() (Michael Petlan) [RHEL-22930 RHEL-17968] {CVE-2023-6931} | |
| - smb: client: fix OOB in receive_encrypted_standard() (Scott Mayhew) [RHEL-22077 RHEL-21685] {CVE-2024-0565} | |
| - ibmveth: Remove condition to recompute TCP header checksum. (Mamatha Inamdar) [RHEL-20822 RHEL-12553] | |
| - net: tls, update curr on splice as well (Sabrina Dubroca) [RHEL-22091 RHEL-19065] {CVE-2024-0646} | |
| - smb: client: fix potential OOB in smb2_dump_detail() (Scott Mayhew) [RHEL-21672 RHEL-19144] {CVE-2023-6610} | |
| - smb: client: fix potential OOB in cifs_dump_detail() (Scott Mayhew) [RHEL-21672 RHEL-19144] {CVE-2023-6610} | |
| - nvmet-tcp: Fix the H2C expected PDU len calculation (Maurizio Lombardi) [RHEL-22299 RHEL-22637 RHEL-22641 RHEL-19155 RHEL-19161 RHEL-19167] {CVE-2023-6535 CVE-2023-6356 CVE-2023-6536} | |
| - nvmet-tcp: remove boilerplate code (Maurizio Lombardi) [RHEL-22299 RHEL-22637 RHEL-22641 RHEL-19155 RHEL-19161 RHEL-19167] {CVE-2023-6535 CVE-2023-6356 CVE-2023-6536} | |
| - nvmet-tcp: fix a crash in nvmet_req_complete() (Maurizio Lombardi) [RHEL-22299 RHEL-22637 RHEL-22641 RHEL-19155 RHEL-19161 RHEL-19167] {CVE-2023-6535 CVE-2023-6356 CVE-2023-6536} | |
| - nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length (Maurizio Lombardi) [RHEL-22299 RHEL-22637 RHEL-22641 RHEL-19155 RHEL-19161 RHEL-19167] {CVE-2023-6535 CVE-2023-6356 CVE-2023-6536} | |
| - net-sysfs: add check for netdevice being present to speed_show (Michal Schmidt) [RHEL-20924 RHEL-16007] | |
| - netfilter: nft_set_pipapo: skip inactive elements during set walk (Florian Westphal) [RHEL-20698 RHEL-19721] {CVE-2023-6817} | |
| - pNFS/filelayout: treat GETDEVICEINFO errors as layout failure (Scott Mayhew) [RHEL-16407 RHEL-4969] | |
| - scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress (Chris Leech) [RHEL-12082 RHEL-8992] {CVE-2023-2162} | |
| - scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress (Chris Leech) [RHEL-12082 RHEL-8992] {CVE-2023-2162} | |
| - KVM: x86/mmu: Fix an sign-extension bug with mmu_seq that hangs vCPUs (Peter Xu) [RHEL-15121 RHEL-7210] | |
| - netfilter: conntrack: Fix gre tunneling over ipv6 (Florian Westphal) [RHEL-15259 RHEL-12497] | |
| - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c (Florian Westphal) [RHEL-8443 RHEL-8444] {CVE-2023-42753} | |
| - tcp: enforce receive buffer memory limits by allowing the tcp window to shrink (Felix Maurer) [RHEL-15096 RHEL-15023] | |
| - redhat: change builder image to rhel-8.9 (Michael Hofmann) | |
| - net: openvswitch: add support for l4 symmetric hashing (Antoine Tenart) [RHEL-12746 RHEL-10498] | |
| - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). (Guillaume Nault) [RHEL-16388 RHEL-2574] {CVE-2023-4622} | |
| - cifs: do not set WorkstationName in NTLMSSP auth blob (Paulo Alcantara) [RHEL-56729] | |
| - padata: Fix possible divide-by-0 panic in padata_mt_helper() (Steve Best) [RHEL-56162] {CVE-2024-43889} | |
| - i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR (CKI Backport Bot) [RHEL-57000] | |
| - sctp: Fix null-ptr-deref in reuseport_add_sock(). (Xin Long) [RHEL-56234] {CVE-2024-44935} | |
| - net/mlx5e: Fix netif state handling (Michal Schmidt) [RHEL-43864] {CVE-2024-38608} | |
| - net/mlx5e: Add wrapping for auxiliary_driver ops and remove unused args (Michal Schmidt) [RHEL-43864] {CVE-2024-38608} | |
| - r8169: Fix possible ring buffer corruption on fragmented Tx packets. (cki-backport-bot) [RHEL-44031] {CVE-2024-38586} | |
| - netfilter: flowtable: initialise extack before use (Florian Westphal) [RHEL-58542] {CVE-2024-45018} | |
| - memcg: protect concurrent access to mem_cgroup_idr (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - memcontrol: ensure memcg acquired by id is properly set up (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - mm: memcontrol: fix cannot alloc the maximum memcg ID (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - mm/memcg: minor cleanup for MEM_CGROUP_ID_MAX (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - ice: Add netif_device_attach/detach into PF reset flow (CKI Backport Bot) [RHEL-23676] | |
| - cifs: Fix UAF in cifs_demultiplex_thread() (Scott Mayhew) [RHEL-15159 RHEL-7930] {CVE-2023-1192} | |
| - ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1 (Florian Westphal) [RHEL-12371 RHEL-5742] | |
| - sched/rt: Fix bad task migration for rt tasks (Valentin Schneider) [RHEL-11682 RHEL-3872] | |
| - bpf: Fix incorrect verifier pruning due to missing register precision taints (Artem Savkov) [RHEL-13049 RHEL-7534] {CVE-2023-2163} | |
| - redhat: fix bug/zjira sort in the changelog (Patrick Talbert) | |
| - CI: Remove unused kpet_tree_family (Nikolai Kondrashov) | |
| - redhat: set default zstream brew target for 8.9 (Patrick Talbert) | |
| - rbd: take header_rwsem in rbd_dev_refresh() only when updating (Ilya Dryomov) [RHEL-12689 RHEL-11241] | |
| - rbd: decouple parent info read-in from updating rbd_dev (Ilya Dryomov) [RHEL-12689 RHEL-11241] | |
| - rbd: decouple header read-in from updating rbd_dev->header (Ilya Dryomov) [RHEL-12689 RHEL-11241] | |
| - rbd: move rbd_dev_refresh() definition (Ilya Dryomov) [RHEL-12689 RHEL-11241] | |
| - media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919} | |
| - media: dvb_ca_en50221: fix a size write bug (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919} | |
| - media: dvb_ca_en50221: avoid speculation from CA slot (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919} | |
| - media: dvb-core: fix epoll() by calling poll_wait first (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919} | |
| - media: dvb_ca_en50221: off by one in dvb_ca_en50221_io_do_ioctl() (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919} | |
| - iavf: schedule a request immediately after add/delete vlan (Petr Oros) [2240750 2231174] | |
| - iavf: add iavf_schedule_aq_request() helper (Petr Oros) [2240750 2231174] | |
| - bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire (Tomas Glozar) [RHEL-6123 2229965] | |
| - media: dvb-core: Fix use-after-free due on race condition at dvb_net (Dean Nelson) [RHEL-11248 RHEL-1842] {CVE-2022-45886} | |
| - media: dvb_net: avoid speculation from net slot (Dean Nelson) [RHEL-11248 RHEL-1842] {CVE-2022-45886} | |
| - mm/slab_common: fix slab_caches list corruption after kmem_cache_destroy() (Rafael Aquini) [RHEL-11588 RHEL-3652] | |
| - ice: always add legacy 32byte RXDID in supported_rxdids (Michal Schmidt) [RHEL-10393 RHEL-3379] | |
| - net: tun: fix bugs for oversize packet when napi frags enabled (Ricardo Robaina) [RHEL-12295 RHEL-7185] {CVE-2023-3812} | |
| - ice: Don't tx before switchdev is fully configured (Michal Schmidt) [RHEL-11331 RHEL-10997] | |
| - media: dvb-core: Fix use-after-free due to race at dvb_register_device() (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884} | |
| - media: dvbdev: fix refcnt bug (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884} | |
| - media: dvbdev: adopts refcnt to avoid UAF (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884} | |
| - media: dvbdev: fix error logic at dvb_register_device() (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884} | |
| - media: dvbdev: Fix memleak in dvb_register_device (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884} | |
| - media: media/dvb: Use kmemdup rather than duplicating its implementation (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884} | |
| - media: dvbdev: remove double-unlock (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884} | |
| - bpf: Adjust insufficient default bpf_jit_limit (Viktor Malik) [2243011 2219567] | |
| - bpf: Prevent increasing bpf_jit_limit above max (Viktor Malik) [2243011 2219567] | |
| - Adding prod certs and changed cert date to 20210620 (Sherif Nagy) | |
| - Adding Rocky secure boot certs (Sherif Nagy) | |
| - Fixing vmlinuz removal (Sherif Nagy) | |
| - Fixing UEFI CA path (Sherif Nagy) | |
| - Porting to 8.10, debranding and Rocky branding (Louis Abel) | |
| - Fixing pesign_key_name values (Sherif Nagy) | |
| - redhat: list Z-Jiras in the changelog before Y-Jiras (Herton R. Krzesinski) | |
| - Revert "mm, meminit: recalculate pcpu batch and high limits after init completes" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm,memory_hotplug: factor out adjusting present pages into adjust_present_page_count()" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: move free_the_page" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: allow high-order pages to be stored on the per-cpu lists" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: fetch the correct pcp buddy during bulk free" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: track range of active PCP lists during bulk free" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: simplify how many pages are selected per pcp list during bulk free" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: drain the requested list first during bulk free" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: free pages in a single pass during bulk free" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: do not prefetch buddies during bulk free" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: check high-order pages for corruption during PCP operations" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: fix incorrect PGFREE and PGALLOC for high-order page" (Chris von Recklinghausen) [RHEL-8539] | |
| - Adding prod certs and changed cert date to 20210620 (Sherif Nagy) | |
| - Adding Rocky secure boot certs (Sherif Nagy) | |
| - Fixing vmlinuz removal (Sherif Nagy) | |
| - Fixing UEFI CA path (Sherif Nagy) | |
| - Porting to 8.10, debranding and Rocky branding (Louis Abel) | |
| - Fixing pesign_key_name values (Sherif Nagy) | |
| - IB/ipoib: Fix mcast list locking (Daniel Vacek) [RHEL-19699 RHEL-19244] | |
| - RDMA/IPoIB: Fix error code return in ipoib_mcast_join (Daniel Vacek) [RHEL-19699 RHEL-19244] | |
| - x86/sev: Check for user-space IOIO pointing to kernel space (Wander Lairson Costa) [RHEL-18014 RHEL-14978] {CVE-2023-46813} | |
| - x86/sev: Check IOBM for IOIO exceptions from user-space (Wander Lairson Costa) [RHEL-18014 RHEL-14978] {CVE-2023-46813} | |
| - x86/sev: Disable MMIO emulation from user mode (Wander Lairson Costa) [RHEL-18014 RHEL-14978] {CVE-2023-46813} | |
| - x86/sev-es: Fix SEV-ES OUT/IN immediate opcode vc handling (Wander Lairson Costa) [RHEL-18014 RHEL-14978] {CVE-2023-46813} | |
| - Adding prod certs and changed cert date to 20210620 (Sherif Nagy) | |
| - Adding Rocky secure boot certs (Sherif Nagy) | |
| - Fixing vmlinuz removal (Sherif Nagy) | |
| - Fixing UEFI CA path (Sherif Nagy) | |
| - Porting to 8.10, debranding and Rocky branding (Louis Abel) | |
| - Fixing pesign_key_name values (Sherif Nagy) | |
| - drm/amd/display: fix the white screen issue when >= 64GB DRAM (Mika Penttilä) [2231934] | |
| - gfs2: conversion deadlock do_promote bypass (Bob Peterson) [2225228] | |
| - gfs2: do_promote cleanup (Andreas Gruenbacher) [2225228] | |
| - gfs2: Make use of list_is_first (Andreas Gruenbacher) [2225228] | |
| - Revert "cnic: Use the bitmap API to allocate bitmaps" (Chris Leech) [RHEL-1950] | |
| - Revert "cnic: don't pass bogus GFP_ flags to dma_alloc_coherent" (Chris Leech) [RHEL-1950] | |
| - scsi: lpfc: Prevent use-after-free during rmmod with mapped NVMe rports (Paul Ely) [RHEL-2602] | |
| - scsi: lpfc: Early return after marking final NLP_DROPPED flag in dev_loss_tmo (Paul Ely) [RHEL-2602] | |
| - gfs2: Add quota_change type (Bob Peterson) [2224075] | |
| - redhat: rewrite genlog and support Y- tags (Jan Stancek) | |
| - smb: client: fix OOB in smbCalcSize() (Scott Mayhew) [RHEL-21662 RHEL-18990] {CVE-2023-6606} | |
| - s390/qeth: Don't call dev_close/dev_open (DOWN/UP) (Tobias Huschle) [RHEL-17884 RHEL-2410] | |
| - blk-mq: use quiesced elevator switch when reinitializing queues (Ming Lei) [RHEL-21785 RHEL-19944] | |
| - lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (Ming Lei) [RHEL-20232 RHEL-8128] | |
| - s390/qeth: Fix vipa deletion (Tobias Huschle) [RHEL-25811 RHEL-11194] | |
| - smsc95xx: fix stalled rx after link change (Izabela Bakollari) [RHEL-25719 RHEL-22312] | |
| - ceph: don't let check_caps skip sending responses for revoke msgs (Xiubo Li) [RHEL-20909 RHEL-16412] | |
| - ceph: issue a cap release immediately if no cap exists (Xiubo Li) [RHEL-20909 RHEL-16412] | |
| - ceph: trigger to flush the buffer when making snapshot (Xiubo Li) [RHEL-20909 RHEL-16412] | |
| - ceph: force updating the msg pointer in non-split case (Xiubo Li) [RHEL-20909 RHEL-16412] | |
| - ceph: flush cap releases when the session is flushed (Xiubo Li) [RHEL-20909 RHEL-16412] | |
| - ceph: reorder fields in 'struct ceph_snapid_map' (Xiubo Li) [RHEL-20909 RHEL-16412] | |
| - ceph: voluntarily drop Xx caps for requests those touch parent mtime (Xiubo Li) [RHEL-20909 RHEL-16412] | |
| - KVM: x86: Constrain guest-supported xfeatures only at KVM_GET_XSAVE{2} (Bandan Das) [RHEL-23063 RHEL-7558] | |
| - x86/fpu: Allow caller to constrain xfeatures when copying to uabi buffer (Bandan Das) [RHEL-23063 RHEL-7558] | |
| - dm-crypt, dm-verity: disable tasklets (Benjamin Marzinski) [RHEL-26101 RHEL-22232] | |
| - dm verity: initialize fec io before freeing it (Benjamin Marzinski) [RHEL-26101 RHEL-22232] | |
| - dm-verity: don't use blocking calls from tasklets (Benjamin Marzinski) [RHEL-26101 RHEL-22232] | |
| - ceph: add ceph_cap_unlink_work to fire check_caps() immediately (Xiubo Li) [RHEL-27496 RHEL-21760] | |
| - ceph: always queue a writeback when revoking the Fb caps (Xiubo Li) [RHEL-27496 RHEL-21760] | |
| - ceph: always check dir caps asynchronously (Xiubo Li) [RHEL-27496 RHEL-21760] | |
| - scsi: smartpqi: Fix disable_managed_interrupts (Tomas Henzl) [RHEL-26139 RHEL-25747] | |
| - ext4: fix kernel BUG in 'ext4_write_inline_data_end()' (Carlos Maiolino) [RHEL-26331 RHEL-23386] {CVE-2021-33631} | |
| - serial: core: return early on unsupported ioctls (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - lib/hexdump: make print_hex_dump_bytes() a nop on !DEBUG builds (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix race condition in status line change on dead connections (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - Revert "tty: n_gsm: fix UAF in gsm_cleanup_mux" (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix UAF in gsm_cleanup_mux (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: add parameter negotiation support (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: add parameters used with parameter negotiation (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: introduce macro for minimal unit size (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: name the debug bits (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: introduce gsm_control_command() function (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: replace use of gsm_read_ea() with gsm_read_ea_val() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: name gsm tty device minors (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: initialize more members at gsm_alloc_mux() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: add sanity check for gsm->receive in gsm_receive_buf() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix flow control handling in tx path (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix resource allocation order in gsm_activate_mux() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix deadlock and link starvation in outgoing data path (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix race condition in gsmld_write() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix non flow control frames during mux flow off (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix missing timer to handle stalled links (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong queuing behavior in gsm_dlci_data_output() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix tty registration before control channel open (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix user open not possible at responder until initiator open (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Debug output allocation must use GFP_ATOMIC (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Fix packet data hex dump output (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix buffer over-read in gsm_dlci_data() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix sometimes uninitialized warning in gsm_dlci_modem_output() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix software flow control handling (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix invalid use of MSC in advanced option (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix broken virtual tty handling (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix missing update of modem controls after DLCI open (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix reset fifo race condition (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix missing tty wakeup in convergence layer type 2 (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong signal octets encoding in MSC (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong command frame length field encoding (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong command retry handling (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix missing explicit ldisc flush (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong DLCI release order (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix insufficient txframe size (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix frame reception handling (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2 (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix mux cleanup after unregister tty device (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix decoupled mux resource (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix restart handling via CLD command (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix deadlock in gsmtty_open() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong modem processing in convergence layer type 2 (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong tty control line for flow control (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix NULL pointer access due to DLCI release (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix encoding of command/response bit (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix SW flow control encoding/handling (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove tty parameter from mxser_receive_chars_new() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: don't throttle manually (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: make mxser_port::ldisc_stop_rx a bool (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Don't ignore write return value in gsmld_output() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: clean up indenting in gsm_queue() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Save dlci address open status when config requester (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Modify gsmtty driver register method when config requester (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Delete gsmtty open SABM frame when config requester (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Modify CR,PF bit printk info when config requester (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Modify CR,PF bit when config requester (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: stop using alloc_tty_driver (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: don't store semi-state into tty drivers (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - hvsi: don't panic on tty_register_driver failure (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - amiserial: switch rs_table to a single state (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - amiserial: expand "custom" (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - amiserial: use memset to zero serial_state (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - amiserial: remove serial_* strings (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: drop mxser_port::custom_divisor (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: drop mxser_port::baud_base (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove unused mxser_port::stop_rx (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: don't allocate MXSER_PORTS + 1 (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove cnt from mxser_receive_chars (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove MOXA_GETMSTATUS ioctl (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove MOXA_GETDATACOUNT ioctl (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove MOXA_CHKPORTENABLE ioctl (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove MOXA_ASPP_LSTATUS ioctl (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove MOXA_ASPP_MON and friends (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove MOXA_SET_BAUD_METHOD ioctl (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove MOXA_GET_MAJOR deprecated ioctl (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: drop unused MOXA_DIAGNOSE macro (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: drop UART_MCR_AFE and UART_LSR_SPECIAL defines (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove else from LSR bits checks (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: extract mxser_receive_chars_old (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: extract mxser_receive_chars_new (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: simplify mxser_interrupt and drop mxser_board::vector_mask (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: extract port ISR (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: cleanup LSR handling in mxser_receive_chars (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove nonsense from ISR (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: drop constant board::uart_type (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: introduce enum mxser_must_hwid (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: rename mxser_board::chip_flag to must_hwid (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: rename CheckIsMoxaMust to mxser_get_must_hwid (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: cleanup Gpci_uart_info struct (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: integrate mxser.h into .c (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: drop ISA support (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: use goto-failpaths in gsm_init (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: mxser: drop low-latency workaround (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: check error while registering tty devices (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: mxser: fix TIOCSSERIAL jiffies conversions (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm, remove duplicates of parameters (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: do not check tty_unregister_driver's return value (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: nozomi, remove init/exit messages (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty_port: drop last traces of low_latency (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Demote obvious abuse of kernel-doc and supply other missing docss (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm, eliminate indirection for gsm->{output,error}() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Fix bogus i++ in gsm_data_kick (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Remove unnecessary test in gsm_print_packet() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Fix waking up upper tty layer when room available (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Fix SOF skipping (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Improve debug output (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: switch constipated to bool (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: switch throttled to bool (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: switch dead to bool (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: introduce enum gsm_dlci_mode (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: introduce enum gsm_dlci_state (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: drop unneeded gsm_dlci->fifo field (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Replace zero-length array with flexible-array member (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: avoid recursive locking with async port hangup (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: add helpers to convert mux-num to/from tty-base (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - docs: serial: move it to the driver-api (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - docs: serial: convert docs to ReST and rename to *.rst (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Mark expected switch fall-throughs (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: Constify u8 and unsigned char usage (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Add copy_config() and gsm_config() to prepare for serdev (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: switch to ->[sg]et_serial() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - amiserial: switch to ->[sg]et_serial() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty/serial_core: add ISO7816 infrastructure (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve (Davide Caratti) [RHEL-16858 RHEL-14032] {CVE-2023-4623} | |
| - net/sched: sch_hfsc: Ensure inner classes have fsc curve (Davide Caratti) [RHEL-16858 RHEL-14032] {CVE-2023-4623} | |
| - net: sched: sch_qfq: Use non-work-conserving warning handler (Davide Caratti) [RHEL-14423 RHEL-14032] {CVE-2023-4921} | |
| - net: sched: sch_qfq: Fix UAF in qfq_dequeue() (Davide Caratti) [RHEL-14423 RHEL-14032] {CVE-2023-4921} | |
| - net/tls: Remove the context from the list in tls_device_down (Jay Shin) [RHEL-17813 RHEL-17301] | |
| - tls: Fix context leak on tls_device_down (Jay Shin) [RHEL-17813 RHEL-17301] | |
| - igb: set max size RX buffer when store bad packet is enabled (Wander Lairson Costa) [RHEL-15187 RHEL-15188] {CVE-2023-45871} | |
| - ice: reset first in crash dump kernels (Petr Oros) [2244625 2139761] | |
| - nvmet-tcp: Fix a possible UAF in queue intialization setup (John Meneghini) [RHEL-11507 RHEL-11509] {CVE-2023-5178} | |
| - block: check_events: don't bother with events if unsupported (Ming Lei) [RHEL-15052 RHEL-2407] | |
| - Revert "block: unexport DISK_EVENT_MEDIA_CHANGE for legacy/fringe drivers" (Ming Lei) [RHEL-15052 RHEL-2407] | |
| - Revert "ide: unexport DISK_EVENT_MEDIA_CHANGE for ide-gd and ide-cd" (Ming Lei) [RHEL-15052 RHEL-2407] | |
| - block: disk_events: introduce event flags (Ming Lei) [RHEL-15052 RHEL-2407] | |
| - block: genhd: remove async_events field (Ming Lei) [RHEL-15052 RHEL-2407] | |
| - net: virtio_net_hdr_to_skb: count transport header in UFO (Cindy Lu) [RHEL-16332 RHEL-6030] | |
| - x86/sev: Make enc_dec_hypercall() accept a size instead of npages (Vitaly Kuznetsov) [RHEL-5764 RHEL-3656] | |
| - drm/vmwgfx: Fix possible null pointer derefence with invalid contexts (Jocelyn Falempe) [RHEL-22766 RHEL-3179] {CVE-2022-38096} | |
| - drm/mgag200: Fix gamma lut not initialized for G200ER, G200EV, G200SE (Jocelyn Falempe) [RHEL-21055 RHEL-21054] | |
| - sched/fair: Block nohz tick_stop when cfs bandwidth in use (Phil Auld) [RHEL-12723 RHEL-2527] | |
| - sched, cgroup: Restore meaning to hierarchical_quota (Phil Auld) [RHEL-12723 RHEL-2527] | |
| - sched/fair: Hide unused init_cfs_bandwidth() stub (Phil Auld) [RHEL-12723 RHEL-2527] | |
| - Fix double fget() in vhost_net_set_backend() (Jon Maloy) [RHEL-13212 RHEL-7162] {CVE-2023-1838} | |
| - can: af_can: fix NULL pointer dereference in can_rcv_filter (Ricardo Robaina) [RHEL-19462 RHEL-6429] {CVE-2023-2166} | |
| - RDMA/core: Update CMA destination address on rdma_resolve_addr (Kamal Heib) [RHEL-19328 RHEL-1032] {CVE-2023-2176} | |
| - RDMA/core: Refactor rdma_bind_addr (Kamal Heib) [RHEL-19328 RHEL-1032] {CVE-2023-2176} | |
| - net: fix net device address assign type (Michal Schmidt) [RHEL-17296 RHEL-6383] | |
| - net: add check for current MAC address in dev_set_mac_address (Michal Schmidt) [RHEL-17296 RHEL-6383] | |
| - perf/core: Fix potential NULL deref (Wander Lairson Costa) [RHEL-18004 RHEL-14982] {CVE-2023-5717} | |
| - perf: Disallow mis-matched inherited group reads (Wander Lairson Costa) [RHEL-18004 RHEL-14982] {CVE-2023-5717} | |
| - drivers: net: slip: fix NPD bug in sl_tx_timeout() (Michal Schmidt) [RHEL-18583 RHEL-6655] {CVE-2022-41858} | |
| - cifs: modefromsids must add an ACE for authenticated users (Paulo Alcantara) [RHEL-56052] | |
| - cifs: do not use uninitialized data in the owner/group sid (Paulo Alcantara) [RHEL-56052] | |
| - cifs: fix set of group SID via NTSD xattrs (Paulo Alcantara) [RHEL-56052] | |
| - smb3: correct smb3 ACL security descriptor (Paulo Alcantara) [RHEL-56052] | |
| - smb3: fix possible access to uninitialized pointer to DACL (Paulo Alcantara) [RHEL-56052] | |
| - cifs: remove two cases where rc is set unnecessarily in sid_to_id (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix chmod with modefromsid when an older ACE already exists. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: update new ACE pointer after populate_new_aces. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: If a corrupted DACL is returned by the server, bail out. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: cleanup a few le16 vs. le32 uses in cifsacl.c (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Change SIDs in ACEs while transferring file ownership. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Retain old ACEs when converting between mode bits and ACL. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix cifsacl ACE mask for group and others. (Paulo Alcantara) [RHEL-56052] | |
| - Add SMB 2 support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052] | |
| - SMB3: Add support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Enable sticky bit with cifsacl mount option. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix unix perm bits to cifsacl conversion for "other" bits. (Paulo Alcantara) [RHEL-56052] | |
| - drm/i915/gt: Fix potential UAF by revoke of fence registers (Mika Penttilä) [RHEL-53633] {CVE-2024-41092} | |
| - scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (Dick Kennedy) [RHEL-27224] | |
| - kobject_uevent: Fix OOB access within zap_modalias_env() (Rafael Aquini) [RHEL-55000] {CVE-2024-42292} | |
| - gfs2: Fix NULL pointer dereference in gfs2_log_flush (Andrew Price) [RHEL-51553] {CVE-2024-42079} | |
| - of: module: add buffer overflow check in of_modalias() (Charles Mirabile) [RHEL-44267] {CVE-2024-38541} | |
| kernel-headers-4.18.0-553.27.1.el8_10.x86_64.rpm | - lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (Waiman Long) [RHEL-62139] {CVE-2024-47668} |
| - bonding: fix xfrm real_dev null pointer dereference (Hangbin Liu) [RHEL-57239] {CVE-2024-44989} | |
| - bonding: fix null pointer deref in bond_ipsec_offload_ok (Hangbin Liu) [RHEL-57233] {CVE-2024-44990} | |
| - bpf: Fix overrunning reservations in ringbuf (Viktor Malik) [RHEL-49414] {CVE-2024-41009} | |
| - xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CKI Backport Bot) [RHEL-49309] {CVE-2022-48773} | |
| - tty: tty_io: update timestamps on all device nodes (Aristeu Rozanski) [RHEL-55257] | |
| - tty: use 64-bit timstamp (Aristeu Rozanski) [RHEL-55257] | |
| - ELF: fix kernel.randomize_va_space double read (Rafael Aquini) [RHEL-60669] {CVE-2024-46826} | |
| - xfrm: set dst dev to blackhole_netdev instead of loopback_dev in ifdown (Xin Long) [RHEL-58100] | |
| - loopback: fix lockdep splat (Xin Long) [RHEL-58100] | |
| - blackhole_netdev: use blackhole_netdev to invalidate dst entries (Xin Long) [RHEL-58100] | |
| - loopback: create blackhole net device similar to loopack. (Xin Long) [RHEL-58100] | |
| - ethtool: check device is present when getting link settings (Jamie Bainbridge) [RHEL-57002] | |
| - netfilter: nft_set_pipapo: do not free live element (Phil Sutter) [RHEL-34221] {CVE-2024-26924} | |
| - netfilter: nf_tables: missing iterator type in lookup walk (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nft_set_pipapo: walk over current view on netlink dump (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nftables: add helper function to flush set elements (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nf_tables: prefer nft_chain_validate (Phil Sutter) [RHEL-51040] {CVE-2024-41042} | |
| - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (Phil Sutter) [RHEL-51516] {CVE-2024-42070} | |
| - netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (Phil Sutter) [RHEL-43003] {CVE-2024-35898} | |
| - netfilter: ipset: Fix suspicious rcu_dereference_protected() (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: ipset: Add list flush to cancel_gc (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: nf_conntrack_h323: Add protection for bmp length out of range (Phil Sutter) [RHEL-42680] {CVE-2024-26851} | |
| - netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - dev/parport: fix the array out-of-bounds risk (Steve Best) [RHEL-54985] {CVE-2024-42301} | |
| - KVM: Always flush async #PF workqueue when vCPU is being destroyed (Sean Christopherson) [RHEL-35100] {CVE-2024-26976} | |
| - bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (Kamal Heib) [RHEL-44279] {CVE-2024-38540} | |
| - tipc: Return non-zero value from tipc_udp_addr2str() on error (Xin Long) [RHEL-55069] {CVE-2024-42284} | |
| - Bluetooth: Fix TOCTOU in HCI debugfs implementation (CKI Backport Bot) [RHEL-26831] {CVE-2024-24857} | |
| - drm/i915/dpt: Make DPT object unshrinkable (CKI Backport Bot) [RHEL-47856] {CVE-2024-40924} | |
| - tipc: force a dst refcount before doing decryption (Xin Long) [RHEL-48363] {CVE-2024-40983} | |
| - block: initialize integrity buffer to zero before writing it to media (Ming Lei) [RHEL-54763] {CVE-2024-43854} | |
| - gso: do not skip outer ip header in case of ipip and net_failover (CKI Backport Bot) [RHEL-55790] {CVE-2022-48936} | |
| - drm/amdgpu: avoid using null object of framebuffer (CKI Backport Bot) [RHEL-51405] {CVE-2024-41093} | |
| - ipv6: prevent possible NULL deref in fib6_nh_init() (Guillaume Nault) [RHEL-48170] {CVE-2024-40961} | |
| - mlxsw: spectrum_acl_erp: Fix object nesting warning (CKI Backport Bot) [RHEL-55568] {CVE-2024-43880} | |
| - ibmvnic: Add tx check to prevent skb leak (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066} | |
| - ibmvnic: rename local variable index to bufidx (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066} | |
| - netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - USB: serial: mos7840: fix crash on resume (CKI Backport Bot) [RHEL-53680] {CVE-2024-42244} | |
| - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (CKI Backport Bot) [RHEL-48381] {CVE-2024-40984} | |
| - nouveau: lock the client object tree. (Abdiel Janulgue) [RHEL-35118] {CVE-2024-27062} | |
| - cifs: fix deadlock between reconnect and lease break (Paulo Alcantara) [RHEL-58037] | |
| - ACPI: PAD: fix crash in exit_round_robin() (Mark Langsdorf) [RHEL-56156] | |
| - gfs2: Randomize GLF_VERIFY_DELETE work delay (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Use mod_delayed_work in gfs2_queue_try_to_evict (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Update to the evict / remote delete documentation (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Clean up delete work processing (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Return enum evict_behavior from gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename dinode_demise to evict_behavior (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename GIF_{DEFERRED -> DEFER}_DELETE (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Faster gfs2_upgrade_iopen_glock wakeups (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Fix unlinked inode cleanup (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Initialize gl_no_formal_ino earlier (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename GLF_VERIFY_EVICT to GLF_VERIFY_DELETE (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: make timeout values more explicit (Wolfram Sang) [RHEL-35757] | |
| - gfs2: Simplify function gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename SDF_DEACTIVATING to SDF_KILL (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Cease delete work during unmount (Bob Peterson) [RHEL-35757] | |
| - gfs2: Improve gfs2_upgrade_iopen_glock comment (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: nit: gfs2_drop_inode shouldn't return bool (Bob Peterson) [RHEL-35757] | |
| - dmaengine: fix NULL pointer in channel unregistration function (Jerry Snitselaar) [RHEL-28867] {CVE-2023-52492} | |
| - dma-direct: Leak pages on dma_set_decrypted() failure (Jerry Snitselaar) [RHEL-37335] {CVE-2024-35939} | |
| - nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (Olga Kornievskaia) [RHEL-41075] | |
| - NFSv4: Always ask for type with READDIR (Benjamin Coddington) [RHEL-39397] | |
| - cifs: get rid of unneeded conditional in cifs_get_num_sgs() (Paulo Alcantara) [RHEL-60251] | |
| - cifs: Get rid of unneeded conditional in the smb2_get_aead_req() (Paulo Alcantara) [RHEL-60251] | |
| - cifs: Remove duplicated include in cifsglob.h (Paulo Alcantara) [RHEL-60251] | |
| - cifs: fix oops during encryption (Paulo Alcantara) [RHEL-60251] | |
| - cifs: do not set WorkstationName in NTLMSSP auth blob (Paulo Alcantara) [RHEL-56729] | |
| - padata: Fix possible divide-by-0 panic in padata_mt_helper() (Steve Best) [RHEL-56162] {CVE-2024-43889} | |
| - i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR (CKI Backport Bot) [RHEL-57000] | |
| - sctp: Fix null-ptr-deref in reuseport_add_sock(). (Xin Long) [RHEL-56234] {CVE-2024-44935} | |
| - net/mlx5e: Fix netif state handling (Michal Schmidt) [RHEL-43864] {CVE-2024-38608} | |
| - net/mlx5e: Add wrapping for auxiliary_driver ops and remove unused args (Michal Schmidt) [RHEL-43864] {CVE-2024-38608} | |
| - r8169: Fix possible ring buffer corruption on fragmented Tx packets. (cki-backport-bot) [RHEL-44031] {CVE-2024-38586} | |
| - netfilter: flowtable: initialise extack before use (Florian Westphal) [RHEL-58542] {CVE-2024-45018} | |
| - memcg: protect concurrent access to mem_cgroup_idr (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - memcontrol: ensure memcg acquired by id is properly set up (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - mm: memcontrol: fix cannot alloc the maximum memcg ID (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - mm/memcg: minor cleanup for MEM_CGROUP_ID_MAX (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - ice: Add netif_device_attach/detach into PF reset flow (CKI Backport Bot) [RHEL-23676] | |
| - Adding prod certs and changed cert date to 20210620 (Sherif Nagy) | |
| - Adding Rocky secure boot certs (Sherif Nagy) | |
| - Fixing vmlinuz removal (Sherif Nagy) | |
| - Fixing UEFI CA path (Sherif Nagy) | |
| - Porting to 8.10, debranding and Rocky branding (Louis Abel) | |
| - Fixing pesign_key_name values (Sherif Nagy) | |
| - Adding prod certs and changed cert date to 20210620 (Sherif Nagy) | |
| - Adding Rocky secure boot certs (Sherif Nagy) | |
| - Fixing vmlinuz removal (Sherif Nagy) | |
| - Fixing UEFI CA path (Sherif Nagy) | |
| - Porting to 8.10, debranding and Rocky branding (Louis Abel) | |
| - Fixing pesign_key_name values (Sherif Nagy) | |
| - cifs: modefromsids must add an ACE for authenticated users (Paulo Alcantara) [RHEL-56052] | |
| - cifs: do not use uninitialized data in the owner/group sid (Paulo Alcantara) [RHEL-56052] | |
| - cifs: fix set of group SID via NTSD xattrs (Paulo Alcantara) [RHEL-56052] | |
| - smb3: correct smb3 ACL security descriptor (Paulo Alcantara) [RHEL-56052] | |
| - smb3: fix possible access to uninitialized pointer to DACL (Paulo Alcantara) [RHEL-56052] | |
| - cifs: remove two cases where rc is set unnecessarily in sid_to_id (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix chmod with modefromsid when an older ACE already exists. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: update new ACE pointer after populate_new_aces. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: If a corrupted DACL is returned by the server, bail out. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: cleanup a few le16 vs. le32 uses in cifsacl.c (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Change SIDs in ACEs while transferring file ownership. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Retain old ACEs when converting between mode bits and ACL. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix cifsacl ACE mask for group and others. (Paulo Alcantara) [RHEL-56052] | |
| - Add SMB 2 support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052] | |
| - SMB3: Add support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Enable sticky bit with cifsacl mount option. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix unix perm bits to cifsacl conversion for "other" bits. (Paulo Alcantara) [RHEL-56052] | |
| - drm/i915/gt: Fix potential UAF by revoke of fence registers (Mika Penttilä) [RHEL-53633] {CVE-2024-41092} | |
| - scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (Dick Kennedy) [RHEL-27224] | |
| - kobject_uevent: Fix OOB access within zap_modalias_env() (Rafael Aquini) [RHEL-55000] {CVE-2024-42292} | |
| - gfs2: Fix NULL pointer dereference in gfs2_log_flush (Andrew Price) [RHEL-51553] {CVE-2024-42079} | |
| - of: module: add buffer overflow check in of_modalias() (Charles Mirabile) [RHEL-44267] {CVE-2024-38541} | |
| kernel-modules-4.18.0-553.27.1.el8_10.x86_64.rpm | - lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (Waiman Long) [RHEL-62139] {CVE-2024-47668} |
| - bonding: fix xfrm real_dev null pointer dereference (Hangbin Liu) [RHEL-57239] {CVE-2024-44989} | |
| - bonding: fix null pointer deref in bond_ipsec_offload_ok (Hangbin Liu) [RHEL-57233] {CVE-2024-44990} | |
| - bpf: Fix overrunning reservations in ringbuf (Viktor Malik) [RHEL-49414] {CVE-2024-41009} | |
| - xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CKI Backport Bot) [RHEL-49309] {CVE-2022-48773} | |
| - tty: tty_io: update timestamps on all device nodes (Aristeu Rozanski) [RHEL-55257] | |
| - tty: use 64-bit timstamp (Aristeu Rozanski) [RHEL-55257] | |
| - ELF: fix kernel.randomize_va_space double read (Rafael Aquini) [RHEL-60669] {CVE-2024-46826} | |
| - xfrm: set dst dev to blackhole_netdev instead of loopback_dev in ifdown (Xin Long) [RHEL-58100] | |
| - loopback: fix lockdep splat (Xin Long) [RHEL-58100] | |
| - blackhole_netdev: use blackhole_netdev to invalidate dst entries (Xin Long) [RHEL-58100] | |
| - loopback: create blackhole net device similar to loopack. (Xin Long) [RHEL-58100] | |
| - libceph: fix potential use-after-free on linger ping and resends (Jay Shin) [RHEL-21394 RHEL-20390] | |
| - netfilter: nf_tables: reject QUEUE/DROP verdict parameters (Florian Westphal) [RHEL-24010 RHEL-23506] {CVE-2024-1086} | |
| - ethtool: check device is present when getting link settings (Jamie Bainbridge) [RHEL-57002] | |
| - netfilter: nft_set_pipapo: do not free live element (Phil Sutter) [RHEL-34221] {CVE-2024-26924} | |
| - netfilter: nf_tables: missing iterator type in lookup walk (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nft_set_pipapo: walk over current view on netlink dump (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nftables: add helper function to flush set elements (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nf_tables: prefer nft_chain_validate (Phil Sutter) [RHEL-51040] {CVE-2024-41042} | |
| - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (Phil Sutter) [RHEL-51516] {CVE-2024-42070} | |
| - netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (Phil Sutter) [RHEL-43003] {CVE-2024-35898} | |
| - netfilter: ipset: Fix suspicious rcu_dereference_protected() (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: ipset: Add list flush to cancel_gc (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: nf_conntrack_h323: Add protection for bmp length out of range (Phil Sutter) [RHEL-42680] {CVE-2024-26851} | |
| - netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - dev/parport: fix the array out-of-bounds risk (Steve Best) [RHEL-54985] {CVE-2024-42301} | |
| - KVM: Always flush async #PF workqueue when vCPU is being destroyed (Sean Christopherson) [RHEL-35100] {CVE-2024-26976} | |
| - bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (Kamal Heib) [RHEL-44279] {CVE-2024-38540} | |
| - tipc: Return non-zero value from tipc_udp_addr2str() on error (Xin Long) [RHEL-55069] {CVE-2024-42284} | |
| - Bluetooth: Fix TOCTOU in HCI debugfs implementation (CKI Backport Bot) [RHEL-26831] {CVE-2024-24857} | |
| - drm/i915/dpt: Make DPT object unshrinkable (CKI Backport Bot) [RHEL-47856] {CVE-2024-40924} | |
| - tipc: force a dst refcount before doing decryption (Xin Long) [RHEL-48363] {CVE-2024-40983} | |
| - block: initialize integrity buffer to zero before writing it to media (Ming Lei) [RHEL-54763] {CVE-2024-43854} | |
| - gso: do not skip outer ip header in case of ipip and net_failover (CKI Backport Bot) [RHEL-55790] {CVE-2022-48936} | |
| - drm/amdgpu: avoid using null object of framebuffer (CKI Backport Bot) [RHEL-51405] {CVE-2024-41093} | |
| - ipv6: prevent possible NULL deref in fib6_nh_init() (Guillaume Nault) [RHEL-48170] {CVE-2024-40961} | |
| - mlxsw: spectrum_acl_erp: Fix object nesting warning (CKI Backport Bot) [RHEL-55568] {CVE-2024-43880} | |
| - ibmvnic: Add tx check to prevent skb leak (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066} | |
| - ibmvnic: rename local variable index to bufidx (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066} | |
| - netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - USB: serial: mos7840: fix crash on resume (CKI Backport Bot) [RHEL-53680] {CVE-2024-42244} | |
| - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (CKI Backport Bot) [RHEL-48381] {CVE-2024-40984} | |
| - tracing/timerlat: Add user-space interface (Chris White) [RHEL-20362 RHEL-15142] | |
| - tracing/osnoise: Skip running osnoise if all instances are off (Chris White) [RHEL-20362 RHEL-15142] | |
| - tracing/osnoise: Switch from PF_NO_SETAFFINITY to migrate_disable (Chris White) [RHEL-20362 RHEL-15142] | |
| - tracing/timerlat: Always wakeup the timerlat thread (Chris White) [RHEL-20362 RHEL-15142] | |
| - tracing/osnoise: Fix notify new tracing_max_latency (Chris White) [RHEL-20362 RHEL-15142] | |
| - tracing/timerlat: Notify new max thread latency (Chris White) [RHEL-20362 RHEL-15142] | |
| - trace/osnoise: make use of the helper function kthread_run_on_cpu() (Chris White) [RHEL-20362 RHEL-15142] | |
| - kthread: add the helper function kthread_run_on_cpu() (Chris White) [RHEL-20362 RHEL-15142] | |
| - x86/apic: Mark _all_ legacy interrupts when IO/APIC is missing (Prarit Bhargava) [RHEL-7238 RHEL-4244] | |
| - HID: check empty report_list in hid_validate_values() (Desnes Nunes) [RHEL-19274 RHEL-19237] {CVE-2023-1073} | |
| - s390/dasd: print copy pair message only for the correct error (Tobias Huschle) [RHEL-9444 RHEL-2831] | |
| - blk-mq: don't count completed flush data request as inflight in case of quiesce (Ming Lei) [RHEL-19111 RHEL-18055] | |
| - Adding prod certs and changed cert date to 20210620 (Sherif Nagy) | |
| - Adding Rocky secure boot certs (Sherif Nagy) | |
| - Fixing vmlinuz removal (Sherif Nagy) | |
| - Fixing UEFI CA path (Sherif Nagy) | |
| - Porting to 8.9/8.10, debranding and Rocky branding (Louis Abel) | |
| - Fixing pesign_key_name values (Sherif Nagy) | |
| - Debrand the kernel (Louis Abel) | |
| - redhat: fix to be able to build with rpm 4.19.0 (Denys Vlasenko) | |
| - blk-mq: enforce op-specific segment limits in blk_insert_cloned_request (Ming Lei) [RHEL-14718 RHEL-14504] | |
| - KVM: x86: Add SBPB support (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - KVM: x86: Add IBPB_BRTYPE support (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/retpoline: Document some thunk handling aspects (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Remove unnecessary semicolon (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/rethunk: Use SYM_CODE_START[_LOCAL]_NOALIGN macros (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Disentangle rethunk-dependent options (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Move retbleed IBPB check into existing 'has_microcode' code block (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/bugs: Remove default case for fully switched enums (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Remove 'pred_cmd' label (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Unexport untraining functions (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Improve i-cache locality for alias mitigation (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Fix vulnerability reporting for missing microcode (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Print mitigation for retbleed IBPB case (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Print actual mitigation if requested mitigation isn't possible (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Fix SBPB enablement for (possible) future fixed HW (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/alternatives: Remove faulty optimization (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Fix SBPB enablement for spec_rstack_overflow=off (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Don't probe microcode in a guest (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Set CPUID feature bits independently of bug or mitigation status (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Fix srso_show_state() side effect (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu: Fix amd_check_microcode() declaration (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/CPU/AMD: Remove amd_get_topology_early() (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Correct the mitigation status when SMT is disabled (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Explain the untraining sequences a bit more (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu/kvm: Provide UNTRAIN_RET_VM (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu: Cleanup the untrain mess (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu: Rename srso_(.*)_alias to srso_alias_\1 (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu: Rename original retbleed methods (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu: Clean up SRSO return thunk mess (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/alternative: Make custom return thunk unconditional (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - objtool/x86: Fix SRSO mess (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu: Fix up srso_safe_ret() and __x86_return_thunk() (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu: Fix __x86_return_thunk symbol type (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/retpoline,kprobes: Fix position of thunk sections with CONFIG_LTO_CLANG (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Disable the mitigation on unaffected configurations (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/CPU/AMD: Fix the DIV(0) initial fix attempt (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/retpoline: Don't clobber RFLAGS during srso_safe_ret() (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/cpu/amd: Enable Zenbleed fix for AMD Custom APU 0405 (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - driver core: cpu: Fix the fallback cpu_show_gds() name (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86: Move gds_ucode_mitigated() declaration to header (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/speculation: Add cpu_show_gds() prototype (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - driver core: cpu: Make cpu_show_not_affected() static (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Fix build breakage with the LLVM linker (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - Documentation/srso: Document IBPB aspect and fix formatting (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - driver core: cpu: Unify redundant silly stubs (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/CPU/AMD: Do not leak quotient data after a division by 0 (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Tie SBPB bit setting to microcode patch detection (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Add a forgotten NOENDBR annotation (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Fix return thunks in generated code (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Add IBPB on VMEXIT (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Add IBPB (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Add SRSO_NO support (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Add IBPB_BRTYPE support (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/srso: Add a Speculative RAS Overflow mitigation (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/retbleed: Add __x86_return_thunk alignment checks (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/retbleed: Fix return thunk alignment (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/alternative: Optimize returns patching (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/microcode/AMD: Load late on both threads too (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86/returnthunk: Allow different return thunks (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - x86: Sanitize linker script (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - objtool: Fix .return_sites generation (Waiman Long) [RHEL-14115 RHEL-9298] {CVE-2023-20569} | |
| - drm/amdgpu: Fix possible null pointer dereference (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/amdgpu: Fix possible null pointer dereference (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Keep a gem reference to user bos in surfaces (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: fix typo of sizeof argument (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Fix possible invalid drm gem put calls (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Fix shader stage validation (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: remove unused vmw_overlay function (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Fix Legacy Display Unit atomic drm support (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Print errors when running on broken/unsupported configs (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Drop mksstat_init_record fn as currently unused (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Fix src/dst_pitch confusion (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Replace one-element array with flexible-array member (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Do not drop the reference to the handle too soon (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Stop accessing buffer objects which failed init (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Make the driver work without the dummy resources (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Stop using raw ttm_buffer_object's (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Abstract placement selection (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Rename dummy to is_iomem (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Cleanup the vmw bo usage in the cursor paths (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Simplify fb pinning (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Rename vmw_buffer_object to vmw_bo (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Remove the duplicate bo_free function (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/vmwgfx: Use the common gem mmap instead of the custom code (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/radeon: handle NULL bo->resource in move callback (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/qxl: handle NULL bo->resource in move callback (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/gem-vram: handle NULL bo->resource in move callback (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/ttm: prevent moving of pinned BOs (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/ttm: stop allocating a dummy resource for pipelined gutting (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/ttm: stop allocating dummy resources during BO creation (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/ttm: clear the ttm_tt when bo->resource is NULL (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - drm/i915/ttm: audit remaining bo->resource (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - Revert "drm/vmwgfx: Stop accessing buffer objects which failed init" (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - Revert "drm/vmwgfx: Do not drop the reference to the handle too soon" (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - Revert "drm/vmwgfx: Fix Legacy Display Unit atomic drm support" (Jocelyn Falempe) [RHEL-14509 RHEL-14510] {CVE-2023-5633} | |
| - nfp: fix use-after-free in area_cache_get() (Ricardo Robaina) [RHEL-19452 RHEL-6567] {CVE-2022-3545} | |
| - Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb (David Marlin) [RHEL-18999 RHEL-1231] {CVE-2023-40283} | |
| - md/raid5: release batch_last before waiting for another stripe_head (Nigel Croxon) [RHEL-12284 RHEL-9875] | |
| - nouveau: lock the client object tree. (Abdiel Janulgue) [RHEL-35118] {CVE-2024-27062} | |
| - cifs: fix deadlock between reconnect and lease break (Paulo Alcantara) [RHEL-58037] | |
| - ACPI: PAD: fix crash in exit_round_robin() (Mark Langsdorf) [RHEL-56156] | |
| - gfs2: Randomize GLF_VERIFY_DELETE work delay (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Use mod_delayed_work in gfs2_queue_try_to_evict (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Update to the evict / remote delete documentation (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Clean up delete work processing (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Return enum evict_behavior from gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename dinode_demise to evict_behavior (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename GIF_{DEFERRED -> DEFER}_DELETE (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Faster gfs2_upgrade_iopen_glock wakeups (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Fix unlinked inode cleanup (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Initialize gl_no_formal_ino earlier (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename GLF_VERIFY_EVICT to GLF_VERIFY_DELETE (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: make timeout values more explicit (Wolfram Sang) [RHEL-35757] | |
| - gfs2: Simplify function gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename SDF_DEACTIVATING to SDF_KILL (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Cease delete work during unmount (Bob Peterson) [RHEL-35757] | |
| - gfs2: Improve gfs2_upgrade_iopen_glock comment (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: nit: gfs2_drop_inode shouldn't return bool (Bob Peterson) [RHEL-35757] | |
| - dmaengine: fix NULL pointer in channel unregistration function (Jerry Snitselaar) [RHEL-28867] {CVE-2023-52492} | |
| - dma-direct: Leak pages on dma_set_decrypted() failure (Jerry Snitselaar) [RHEL-37335] {CVE-2024-35939} | |
| - nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (Olga Kornievskaia) [RHEL-41075] | |
| - NFSv4: Always ask for type with READDIR (Benjamin Coddington) [RHEL-39397] | |
| - cifs: get rid of unneeded conditional in cifs_get_num_sgs() (Paulo Alcantara) [RHEL-60251] | |
| - cifs: Get rid of unneeded conditional in the smb2_get_aead_req() (Paulo Alcantara) [RHEL-60251] | |
| - cifs: Remove duplicated include in cifsglob.h (Paulo Alcantara) [RHEL-60251] | |
| - cifs: fix oops during encryption (Paulo Alcantara) [RHEL-60251] | |
| - x86/cpu: Enable STIBP on AMD if Automatic IBRS is enabled (Waiman Long) [2227916] | |
| - Documentation/hw-vuln: Document the interaction between IBRS and STIBP (Waiman Long) [2227916] | |
| - x86/CPU/AMD: Make sure EFER[AIBRSE] is set (Waiman Long) [2227916] | |
| - fs: don't audit the capability check in simple_xattr_list() (Andrey Albershteyn) [RHEL-863] | |
| - rbd: don't move requests to the running list on errors (Ilya Dryomov) [RHEL-24204 RHEL-21941] | |
| - drm/amdgpu: Fix potential fence use-after-free v2 (Jorge San Emeterio) [RHEL-24479 RHEL-22504] {CVE-2023-51042} | |
| - perf: Fix perf_event_validate_size() lockdep splat (Michael Petlan) [RHEL-22930 RHEL-17968] {CVE-2023-6931} | |
| - perf: Fix perf_event_validate_size() (Michael Petlan) [RHEL-22930 RHEL-17968] {CVE-2023-6931} | |
| - smb: client: fix OOB in receive_encrypted_standard() (Scott Mayhew) [RHEL-22077 RHEL-21685] {CVE-2024-0565} | |
| - ibmveth: Remove condition to recompute TCP header checksum. (Mamatha Inamdar) [RHEL-20822 RHEL-12553] | |
| - net: tls, update curr on splice as well (Sabrina Dubroca) [RHEL-22091 RHEL-19065] {CVE-2024-0646} | |
| - smb: client: fix potential OOB in smb2_dump_detail() (Scott Mayhew) [RHEL-21672 RHEL-19144] {CVE-2023-6610} | |
| - smb: client: fix potential OOB in cifs_dump_detail() (Scott Mayhew) [RHEL-21672 RHEL-19144] {CVE-2023-6610} | |
| - nvmet-tcp: Fix the H2C expected PDU len calculation (Maurizio Lombardi) [RHEL-22299 RHEL-22637 RHEL-22641 RHEL-19155 RHEL-19161 RHEL-19167] {CVE-2023-6535 CVE-2023-6356 CVE-2023-6536} | |
| - nvmet-tcp: remove boilerplate code (Maurizio Lombardi) [RHEL-22299 RHEL-22637 RHEL-22641 RHEL-19155 RHEL-19161 RHEL-19167] {CVE-2023-6535 CVE-2023-6356 CVE-2023-6536} | |
| - nvmet-tcp: fix a crash in nvmet_req_complete() (Maurizio Lombardi) [RHEL-22299 RHEL-22637 RHEL-22641 RHEL-19155 RHEL-19161 RHEL-19167] {CVE-2023-6535 CVE-2023-6356 CVE-2023-6536} | |
| - nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length (Maurizio Lombardi) [RHEL-22299 RHEL-22637 RHEL-22641 RHEL-19155 RHEL-19161 RHEL-19167] {CVE-2023-6535 CVE-2023-6356 CVE-2023-6536} | |
| - net-sysfs: add check for netdevice being present to speed_show (Michal Schmidt) [RHEL-20924 RHEL-16007] | |
| - netfilter: nft_set_pipapo: skip inactive elements during set walk (Florian Westphal) [RHEL-20698 RHEL-19721] {CVE-2023-6817} | |
| - pNFS/filelayout: treat GETDEVICEINFO errors as layout failure (Scott Mayhew) [RHEL-16407 RHEL-4969] | |
| - scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress (Chris Leech) [RHEL-12082 RHEL-8992] {CVE-2023-2162} | |
| - scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress (Chris Leech) [RHEL-12082 RHEL-8992] {CVE-2023-2162} | |
| - KVM: x86/mmu: Fix an sign-extension bug with mmu_seq that hangs vCPUs (Peter Xu) [RHEL-15121 RHEL-7210] | |
| - netfilter: conntrack: Fix gre tunneling over ipv6 (Florian Westphal) [RHEL-15259 RHEL-12497] | |
| - netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c (Florian Westphal) [RHEL-8443 RHEL-8444] {CVE-2023-42753} | |
| - tcp: enforce receive buffer memory limits by allowing the tcp window to shrink (Felix Maurer) [RHEL-15096 RHEL-15023] | |
| - redhat: change builder image to rhel-8.9 (Michael Hofmann) | |
| - net: openvswitch: add support for l4 symmetric hashing (Antoine Tenart) [RHEL-12746 RHEL-10498] | |
| - af_unix: Fix null-ptr-deref in unix_stream_sendpage(). (Guillaume Nault) [RHEL-16388 RHEL-2574] {CVE-2023-4622} | |
| - cifs: do not set WorkstationName in NTLMSSP auth blob (Paulo Alcantara) [RHEL-56729] | |
| - padata: Fix possible divide-by-0 panic in padata_mt_helper() (Steve Best) [RHEL-56162] {CVE-2024-43889} | |
| - i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR (CKI Backport Bot) [RHEL-57000] | |
| - sctp: Fix null-ptr-deref in reuseport_add_sock(). (Xin Long) [RHEL-56234] {CVE-2024-44935} | |
| - net/mlx5e: Fix netif state handling (Michal Schmidt) [RHEL-43864] {CVE-2024-38608} | |
| - net/mlx5e: Add wrapping for auxiliary_driver ops and remove unused args (Michal Schmidt) [RHEL-43864] {CVE-2024-38608} | |
| - r8169: Fix possible ring buffer corruption on fragmented Tx packets. (cki-backport-bot) [RHEL-44031] {CVE-2024-38586} | |
| - netfilter: flowtable: initialise extack before use (Florian Westphal) [RHEL-58542] {CVE-2024-45018} | |
| - memcg: protect concurrent access to mem_cgroup_idr (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - memcontrol: ensure memcg acquired by id is properly set up (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - mm: memcontrol: fix cannot alloc the maximum memcg ID (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - mm/memcg: minor cleanup for MEM_CGROUP_ID_MAX (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - ice: Add netif_device_attach/detach into PF reset flow (CKI Backport Bot) [RHEL-23676] | |
| - cifs: Fix UAF in cifs_demultiplex_thread() (Scott Mayhew) [RHEL-15159 RHEL-7930] {CVE-2023-1192} | |
| - ipvs: queue delayed work to expire no destination connections if expire_nodest_conn=1 (Florian Westphal) [RHEL-12371 RHEL-5742] | |
| - sched/rt: Fix bad task migration for rt tasks (Valentin Schneider) [RHEL-11682 RHEL-3872] | |
| - bpf: Fix incorrect verifier pruning due to missing register precision taints (Artem Savkov) [RHEL-13049 RHEL-7534] {CVE-2023-2163} | |
| - redhat: fix bug/zjira sort in the changelog (Patrick Talbert) | |
| - CI: Remove unused kpet_tree_family (Nikolai Kondrashov) | |
| - redhat: set default zstream brew target for 8.9 (Patrick Talbert) | |
| - rbd: take header_rwsem in rbd_dev_refresh() only when updating (Ilya Dryomov) [RHEL-12689 RHEL-11241] | |
| - rbd: decouple parent info read-in from updating rbd_dev (Ilya Dryomov) [RHEL-12689 RHEL-11241] | |
| - rbd: decouple header read-in from updating rbd_dev->header (Ilya Dryomov) [RHEL-12689 RHEL-11241] | |
| - rbd: move rbd_dev_refresh() definition (Ilya Dryomov) [RHEL-12689 RHEL-11241] | |
| - media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919} | |
| - media: dvb_ca_en50221: fix a size write bug (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919} | |
| - media: dvb_ca_en50221: avoid speculation from CA slot (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919} | |
| - media: dvb-core: fix epoll() by calling poll_wait first (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919} | |
| - media: dvb_ca_en50221: off by one in dvb_ca_en50221_io_do_ioctl() (Dean Nelson) [RHEL-11279 RHEL-1784] {CVE-2022-45919} | |
| - iavf: schedule a request immediately after add/delete vlan (Petr Oros) [2240750 2231174] | |
| - iavf: add iavf_schedule_aq_request() helper (Petr Oros) [2240750 2231174] | |
| - bpf: sockmap: Remove preempt_disable in sock_map_sk_acquire (Tomas Glozar) [RHEL-6123 2229965] | |
| - media: dvb-core: Fix use-after-free due on race condition at dvb_net (Dean Nelson) [RHEL-11248 RHEL-1842] {CVE-2022-45886} | |
| - media: dvb_net: avoid speculation from net slot (Dean Nelson) [RHEL-11248 RHEL-1842] {CVE-2022-45886} | |
| - mm/slab_common: fix slab_caches list corruption after kmem_cache_destroy() (Rafael Aquini) [RHEL-11588 RHEL-3652] | |
| - ice: always add legacy 32byte RXDID in supported_rxdids (Michal Schmidt) [RHEL-10393 RHEL-3379] | |
| - net: tun: fix bugs for oversize packet when napi frags enabled (Ricardo Robaina) [RHEL-12295 RHEL-7185] {CVE-2023-3812} | |
| - ice: Don't tx before switchdev is fully configured (Michal Schmidt) [RHEL-11331 RHEL-10997] | |
| - media: dvb-core: Fix use-after-free due to race at dvb_register_device() (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884} | |
| - media: dvbdev: fix refcnt bug (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884} | |
| - media: dvbdev: adopts refcnt to avoid UAF (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884} | |
| - media: dvbdev: fix error logic at dvb_register_device() (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884} | |
| - media: dvbdev: Fix memleak in dvb_register_device (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884} | |
| - media: media/dvb: Use kmemdup rather than duplicating its implementation (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884} | |
| - media: dvbdev: remove double-unlock (Dean Nelson) [RHEL-11271 RHEL-1841] {CVE-2022-45884} | |
| - bpf: Adjust insufficient default bpf_jit_limit (Viktor Malik) [2243011 2219567] | |
| - bpf: Prevent increasing bpf_jit_limit above max (Viktor Malik) [2243011 2219567] | |
| - Adding prod certs and changed cert date to 20210620 (Sherif Nagy) | |
| - Adding Rocky secure boot certs (Sherif Nagy) | |
| - Fixing vmlinuz removal (Sherif Nagy) | |
| - Fixing UEFI CA path (Sherif Nagy) | |
| - Porting to 8.10, debranding and Rocky branding (Louis Abel) | |
| - Fixing pesign_key_name values (Sherif Nagy) | |
| - redhat: list Z-Jiras in the changelog before Y-Jiras (Herton R. Krzesinski) | |
| - Revert "mm, meminit: recalculate pcpu batch and high limits after init completes" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm,memory_hotplug: factor out adjusting present pages into adjust_present_page_count()" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: move free_the_page" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: allow high-order pages to be stored on the per-cpu lists" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: fetch the correct pcp buddy during bulk free" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: track range of active PCP lists during bulk free" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: simplify how many pages are selected per pcp list during bulk free" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: drain the requested list first during bulk free" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: free pages in a single pass during bulk free" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: do not prefetch buddies during bulk free" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: check high-order pages for corruption during PCP operations" (Chris von Recklinghausen) [RHEL-8539] | |
| - Revert "mm/page_alloc: fix incorrect PGFREE and PGALLOC for high-order page" (Chris von Recklinghausen) [RHEL-8539] | |
| - Adding prod certs and changed cert date to 20210620 (Sherif Nagy) | |
| - Adding Rocky secure boot certs (Sherif Nagy) | |
| - Fixing vmlinuz removal (Sherif Nagy) | |
| - Fixing UEFI CA path (Sherif Nagy) | |
| - Porting to 8.10, debranding and Rocky branding (Louis Abel) | |
| - Fixing pesign_key_name values (Sherif Nagy) | |
| - IB/ipoib: Fix mcast list locking (Daniel Vacek) [RHEL-19699 RHEL-19244] | |
| - RDMA/IPoIB: Fix error code return in ipoib_mcast_join (Daniel Vacek) [RHEL-19699 RHEL-19244] | |
| - x86/sev: Check for user-space IOIO pointing to kernel space (Wander Lairson Costa) [RHEL-18014 RHEL-14978] {CVE-2023-46813} | |
| - x86/sev: Check IOBM for IOIO exceptions from user-space (Wander Lairson Costa) [RHEL-18014 RHEL-14978] {CVE-2023-46813} | |
| - x86/sev: Disable MMIO emulation from user mode (Wander Lairson Costa) [RHEL-18014 RHEL-14978] {CVE-2023-46813} | |
| - x86/sev-es: Fix SEV-ES OUT/IN immediate opcode vc handling (Wander Lairson Costa) [RHEL-18014 RHEL-14978] {CVE-2023-46813} | |
| - Adding prod certs and changed cert date to 20210620 (Sherif Nagy) | |
| - Adding Rocky secure boot certs (Sherif Nagy) | |
| - Fixing vmlinuz removal (Sherif Nagy) | |
| - Fixing UEFI CA path (Sherif Nagy) | |
| - Porting to 8.10, debranding and Rocky branding (Louis Abel) | |
| - Fixing pesign_key_name values (Sherif Nagy) | |
| - drm/amd/display: fix the white screen issue when >= 64GB DRAM (Mika Penttilä) [2231934] | |
| - gfs2: conversion deadlock do_promote bypass (Bob Peterson) [2225228] | |
| - gfs2: do_promote cleanup (Andreas Gruenbacher) [2225228] | |
| - gfs2: Make use of list_is_first (Andreas Gruenbacher) [2225228] | |
| - Revert "cnic: Use the bitmap API to allocate bitmaps" (Chris Leech) [RHEL-1950] | |
| - Revert "cnic: don't pass bogus GFP_ flags to dma_alloc_coherent" (Chris Leech) [RHEL-1950] | |
| - scsi: lpfc: Prevent use-after-free during rmmod with mapped NVMe rports (Paul Ely) [RHEL-2602] | |
| - scsi: lpfc: Early return after marking final NLP_DROPPED flag in dev_loss_tmo (Paul Ely) [RHEL-2602] | |
| - gfs2: Add quota_change type (Bob Peterson) [2224075] | |
| - redhat: rewrite genlog and support Y- tags (Jan Stancek) | |
| - smb: client: fix OOB in smbCalcSize() (Scott Mayhew) [RHEL-21662 RHEL-18990] {CVE-2023-6606} | |
| - s390/qeth: Don't call dev_close/dev_open (DOWN/UP) (Tobias Huschle) [RHEL-17884 RHEL-2410] | |
| - blk-mq: use quiesced elevator switch when reinitializing queues (Ming Lei) [RHEL-21785 RHEL-19944] | |
| - lib/group_cpus.c: avoid acquiring cpu hotplug lock in group_cpus_evenly (Ming Lei) [RHEL-20232 RHEL-8128] | |
| - s390/qeth: Fix vipa deletion (Tobias Huschle) [RHEL-25811 RHEL-11194] | |
| - smsc95xx: fix stalled rx after link change (Izabela Bakollari) [RHEL-25719 RHEL-22312] | |
| - ceph: don't let check_caps skip sending responses for revoke msgs (Xiubo Li) [RHEL-20909 RHEL-16412] | |
| - ceph: issue a cap release immediately if no cap exists (Xiubo Li) [RHEL-20909 RHEL-16412] | |
| - ceph: trigger to flush the buffer when making snapshot (Xiubo Li) [RHEL-20909 RHEL-16412] | |
| - ceph: force updating the msg pointer in non-split case (Xiubo Li) [RHEL-20909 RHEL-16412] | |
| - ceph: flush cap releases when the session is flushed (Xiubo Li) [RHEL-20909 RHEL-16412] | |
| - ceph: reorder fields in 'struct ceph_snapid_map' (Xiubo Li) [RHEL-20909 RHEL-16412] | |
| - ceph: voluntarily drop Xx caps for requests those touch parent mtime (Xiubo Li) [RHEL-20909 RHEL-16412] | |
| - KVM: x86: Constrain guest-supported xfeatures only at KVM_GET_XSAVE{2} (Bandan Das) [RHEL-23063 RHEL-7558] | |
| - x86/fpu: Allow caller to constrain xfeatures when copying to uabi buffer (Bandan Das) [RHEL-23063 RHEL-7558] | |
| - dm-crypt, dm-verity: disable tasklets (Benjamin Marzinski) [RHEL-26101 RHEL-22232] | |
| - dm verity: initialize fec io before freeing it (Benjamin Marzinski) [RHEL-26101 RHEL-22232] | |
| - dm-verity: don't use blocking calls from tasklets (Benjamin Marzinski) [RHEL-26101 RHEL-22232] | |
| - ceph: add ceph_cap_unlink_work to fire check_caps() immediately (Xiubo Li) [RHEL-27496 RHEL-21760] | |
| - ceph: always queue a writeback when revoking the Fb caps (Xiubo Li) [RHEL-27496 RHEL-21760] | |
| - ceph: always check dir caps asynchronously (Xiubo Li) [RHEL-27496 RHEL-21760] | |
| - scsi: smartpqi: Fix disable_managed_interrupts (Tomas Henzl) [RHEL-26139 RHEL-25747] | |
| - ext4: fix kernel BUG in 'ext4_write_inline_data_end()' (Carlos Maiolino) [RHEL-26331 RHEL-23386] {CVE-2021-33631} | |
| - serial: core: return early on unsupported ioctls (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - lib/hexdump: make print_hex_dump_bytes() a nop on !DEBUG builds (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix race condition in status line change on dead connections (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - Revert "tty: n_gsm: fix UAF in gsm_cleanup_mux" (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix the UAF caused by race condition in gsm_cleanup_mux (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix UAF in gsm_cleanup_mux (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: add parameter negotiation support (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: add parameters used with parameter negotiation (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: introduce macro for minimal unit size (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: name the debug bits (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: introduce gsm_control_command() function (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: replace use of gsm_read_ea() with gsm_read_ea_val() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: name gsm tty device minors (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: initialize more members at gsm_alloc_mux() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: add sanity check for gsm->receive in gsm_receive_buf() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix flow control handling in tx path (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix resource allocation order in gsm_activate_mux() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix deadlock and link starvation in outgoing data path (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix race condition in gsmld_write() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix non flow control frames during mux flow off (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix missing timer to handle stalled links (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong queuing behavior in gsm_dlci_data_output() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix tty registration before control channel open (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix user open not possible at responder until initiator open (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Debug output allocation must use GFP_ATOMIC (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Fix packet data hex dump output (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix buffer over-read in gsm_dlci_data() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix sometimes uninitialized warning in gsm_dlci_modem_output() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix software flow control handling (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix invalid use of MSC in advanced option (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix broken virtual tty handling (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix missing update of modem controls after DLCI open (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix reset fifo race condition (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix missing tty wakeup in convergence layer type 2 (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong signal octets encoding in MSC (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong command frame length field encoding (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong command retry handling (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix missing explicit ldisc flush (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong DLCI release order (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix insufficient txframe size (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix frame reception handling (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong signal octet encoding in convergence layer type 2 (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix mux cleanup after unregister tty device (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix decoupled mux resource (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix restart handling via CLD command (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix deadlock in gsmtty_open() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong modem processing in convergence layer type 2 (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix wrong tty control line for flow control (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix NULL pointer access due to DLCI release (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix encoding of command/response bit (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: fix SW flow control encoding/handling (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove tty parameter from mxser_receive_chars_new() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: don't throttle manually (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: make mxser_port::ldisc_stop_rx a bool (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Don't ignore write return value in gsmld_output() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: clean up indenting in gsm_queue() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Save dlci address open status when config requester (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Modify gsmtty driver register method when config requester (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Delete gsmtty open SABM frame when config requester (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Modify CR,PF bit printk info when config requester (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Modify CR,PF bit when config requester (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: stop using alloc_tty_driver (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: don't store semi-state into tty drivers (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - hvsi: don't panic on tty_register_driver failure (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - amiserial: switch rs_table to a single state (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - amiserial: expand "custom" (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - amiserial: use memset to zero serial_state (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - amiserial: remove serial_* strings (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: drop mxser_port::custom_divisor (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: drop mxser_port::baud_base (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove unused mxser_port::stop_rx (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: don't allocate MXSER_PORTS + 1 (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove cnt from mxser_receive_chars (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove MOXA_GETMSTATUS ioctl (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove MOXA_GETDATACOUNT ioctl (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove MOXA_CHKPORTENABLE ioctl (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove MOXA_ASPP_LSTATUS ioctl (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove MOXA_ASPP_MON and friends (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove MOXA_SET_BAUD_METHOD ioctl (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove MOXA_GET_MAJOR deprecated ioctl (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: drop unused MOXA_DIAGNOSE macro (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: drop UART_MCR_AFE and UART_LSR_SPECIAL defines (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove else from LSR bits checks (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: extract mxser_receive_chars_old (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: extract mxser_receive_chars_new (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: simplify mxser_interrupt and drop mxser_board::vector_mask (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: extract port ISR (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: cleanup LSR handling in mxser_receive_chars (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: remove nonsense from ISR (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: drop constant board::uart_type (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: introduce enum mxser_must_hwid (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: rename mxser_board::chip_flag to must_hwid (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: rename CheckIsMoxaMust to mxser_get_must_hwid (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: cleanup Gpci_uart_info struct (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: integrate mxser.h into .c (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: drop ISA support (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: use goto-failpaths in gsm_init (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: mxser: drop low-latency workaround (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: check error while registering tty devices (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: mxser: fix TIOCSSERIAL jiffies conversions (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm, remove duplicates of parameters (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: do not check tty_unregister_driver's return value (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: nozomi, remove init/exit messages (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty_port: drop last traces of low_latency (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Demote obvious abuse of kernel-doc and supply other missing docss (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm, eliminate indirection for gsm->{output,error}() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Fix bogus i++ in gsm_data_kick (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Remove unnecessary test in gsm_print_packet() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Fix waking up upper tty layer when room available (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Fix SOF skipping (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Improve debug output (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: switch constipated to bool (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: switch throttled to bool (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: switch dead to bool (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: introduce enum gsm_dlci_mode (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: introduce enum gsm_dlci_state (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: drop unneeded gsm_dlci->fifo field (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Replace zero-length array with flexible-array member (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: avoid recursive locking with async port hangup (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: add helpers to convert mux-num to/from tty-base (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - docs: serial: move it to the driver-api (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - docs: serial: convert docs to ReST and rename to *.rst (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Mark expected switch fall-throughs (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - n_gsm: Constify u8 and unsigned char usage (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty: n_gsm: Add copy_config() and gsm_config() to prepare for serdev (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - mxser: switch to ->[sg]et_serial() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - amiserial: switch to ->[sg]et_serial() (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - tty/serial_core: add ISO7816 infrastructure (Wander Lairson Costa) [RHEL-19954 RHEL-19955] {CVE-2023-6546} | |
| - net/sched: sch_hfsc: upgrade 'rt' to 'sc' when it becomes a inner curve (Davide Caratti) [RHEL-16858 RHEL-14032] {CVE-2023-4623} | |
| - net/sched: sch_hfsc: Ensure inner classes have fsc curve (Davide Caratti) [RHEL-16858 RHEL-14032] {CVE-2023-4623} | |
| - net: sched: sch_qfq: Use non-work-conserving warning handler (Davide Caratti) [RHEL-14423 RHEL-14032] {CVE-2023-4921} | |
| - net: sched: sch_qfq: Fix UAF in qfq_dequeue() (Davide Caratti) [RHEL-14423 RHEL-14032] {CVE-2023-4921} | |
| - net/tls: Remove the context from the list in tls_device_down (Jay Shin) [RHEL-17813 RHEL-17301] | |
| - tls: Fix context leak on tls_device_down (Jay Shin) [RHEL-17813 RHEL-17301] | |
| - igb: set max size RX buffer when store bad packet is enabled (Wander Lairson Costa) [RHEL-15187 RHEL-15188] {CVE-2023-45871} | |
| - ice: reset first in crash dump kernels (Petr Oros) [2244625 2139761] | |
| - nvmet-tcp: Fix a possible UAF in queue intialization setup (John Meneghini) [RHEL-11507 RHEL-11509] {CVE-2023-5178} | |
| - block: check_events: don't bother with events if unsupported (Ming Lei) [RHEL-15052 RHEL-2407] | |
| - Revert "block: unexport DISK_EVENT_MEDIA_CHANGE for legacy/fringe drivers" (Ming Lei) [RHEL-15052 RHEL-2407] | |
| - Revert "ide: unexport DISK_EVENT_MEDIA_CHANGE for ide-gd and ide-cd" (Ming Lei) [RHEL-15052 RHEL-2407] | |
| - block: disk_events: introduce event flags (Ming Lei) [RHEL-15052 RHEL-2407] | |
| - block: genhd: remove async_events field (Ming Lei) [RHEL-15052 RHEL-2407] | |
| - net: virtio_net_hdr_to_skb: count transport header in UFO (Cindy Lu) [RHEL-16332 RHEL-6030] | |
| - x86/sev: Make enc_dec_hypercall() accept a size instead of npages (Vitaly Kuznetsov) [RHEL-5764 RHEL-3656] | |
| - drm/vmwgfx: Fix possible null pointer derefence with invalid contexts (Jocelyn Falempe) [RHEL-22766 RHEL-3179] {CVE-2022-38096} | |
| - drm/mgag200: Fix gamma lut not initialized for G200ER, G200EV, G200SE (Jocelyn Falempe) [RHEL-21055 RHEL-21054] | |
| - sched/fair: Block nohz tick_stop when cfs bandwidth in use (Phil Auld) [RHEL-12723 RHEL-2527] | |
| - sched, cgroup: Restore meaning to hierarchical_quota (Phil Auld) [RHEL-12723 RHEL-2527] | |
| - sched/fair: Hide unused init_cfs_bandwidth() stub (Phil Auld) [RHEL-12723 RHEL-2527] | |
| - Fix double fget() in vhost_net_set_backend() (Jon Maloy) [RHEL-13212 RHEL-7162] {CVE-2023-1838} | |
| - can: af_can: fix NULL pointer dereference in can_rcv_filter (Ricardo Robaina) [RHEL-19462 RHEL-6429] {CVE-2023-2166} | |
| - RDMA/core: Update CMA destination address on rdma_resolve_addr (Kamal Heib) [RHEL-19328 RHEL-1032] {CVE-2023-2176} | |
| - RDMA/core: Refactor rdma_bind_addr (Kamal Heib) [RHEL-19328 RHEL-1032] {CVE-2023-2176} | |
| - net: fix net device address assign type (Michal Schmidt) [RHEL-17296 RHEL-6383] | |
| - net: add check for current MAC address in dev_set_mac_address (Michal Schmidt) [RHEL-17296 RHEL-6383] | |
| - perf/core: Fix potential NULL deref (Wander Lairson Costa) [RHEL-18004 RHEL-14982] {CVE-2023-5717} | |
| - perf: Disallow mis-matched inherited group reads (Wander Lairson Costa) [RHEL-18004 RHEL-14982] {CVE-2023-5717} | |
| - drivers: net: slip: fix NPD bug in sl_tx_timeout() (Michal Schmidt) [RHEL-18583 RHEL-6655] {CVE-2022-41858} | |
| - cifs: modefromsids must add an ACE for authenticated users (Paulo Alcantara) [RHEL-56052] | |
| - cifs: do not use uninitialized data in the owner/group sid (Paulo Alcantara) [RHEL-56052] | |
| - cifs: fix set of group SID via NTSD xattrs (Paulo Alcantara) [RHEL-56052] | |
| - smb3: correct smb3 ACL security descriptor (Paulo Alcantara) [RHEL-56052] | |
| - smb3: fix possible access to uninitialized pointer to DACL (Paulo Alcantara) [RHEL-56052] | |
| - cifs: remove two cases where rc is set unnecessarily in sid_to_id (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix chmod with modefromsid when an older ACE already exists. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: update new ACE pointer after populate_new_aces. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: If a corrupted DACL is returned by the server, bail out. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: cleanup a few le16 vs. le32 uses in cifsacl.c (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Change SIDs in ACEs while transferring file ownership. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Retain old ACEs when converting between mode bits and ACL. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix cifsacl ACE mask for group and others. (Paulo Alcantara) [RHEL-56052] | |
| - Add SMB 2 support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052] | |
| - SMB3: Add support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Enable sticky bit with cifsacl mount option. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix unix perm bits to cifsacl conversion for "other" bits. (Paulo Alcantara) [RHEL-56052] | |
| - drm/i915/gt: Fix potential UAF by revoke of fence registers (Mika Penttilä) [RHEL-53633] {CVE-2024-41092} | |
| - scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (Dick Kennedy) [RHEL-27224] | |
| - kobject_uevent: Fix OOB access within zap_modalias_env() (Rafael Aquini) [RHEL-55000] {CVE-2024-42292} | |
| - gfs2: Fix NULL pointer dereference in gfs2_log_flush (Andrew Price) [RHEL-51553] {CVE-2024-42079} | |
| - of: module: add buffer overflow check in of_modalias() (Charles Mirabile) [RHEL-44267] {CVE-2024-38541} | |
| kernel-tools-4.18.0-553.27.1.el8_10.x86_64.rpm | - lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (Waiman Long) [RHEL-62139] {CVE-2024-47668} |
| - bonding: fix xfrm real_dev null pointer dereference (Hangbin Liu) [RHEL-57239] {CVE-2024-44989} | |
| - bonding: fix null pointer deref in bond_ipsec_offload_ok (Hangbin Liu) [RHEL-57233] {CVE-2024-44990} | |
| - bpf: Fix overrunning reservations in ringbuf (Viktor Malik) [RHEL-49414] {CVE-2024-41009} | |
| - xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CKI Backport Bot) [RHEL-49309] {CVE-2022-48773} | |
| - tty: tty_io: update timestamps on all device nodes (Aristeu Rozanski) [RHEL-55257] | |
| - tty: use 64-bit timstamp (Aristeu Rozanski) [RHEL-55257] | |
| - ELF: fix kernel.randomize_va_space double read (Rafael Aquini) [RHEL-60669] {CVE-2024-46826} | |
| - xfrm: set dst dev to blackhole_netdev instead of loopback_dev in ifdown (Xin Long) [RHEL-58100] | |
| - loopback: fix lockdep splat (Xin Long) [RHEL-58100] | |
| - blackhole_netdev: use blackhole_netdev to invalidate dst entries (Xin Long) [RHEL-58100] | |
| - loopback: create blackhole net device similar to loopack. (Xin Long) [RHEL-58100] | |
| - ethtool: check device is present when getting link settings (Jamie Bainbridge) [RHEL-57002] | |
| - netfilter: nft_set_pipapo: do not free live element (Phil Sutter) [RHEL-34221] {CVE-2024-26924} | |
| - netfilter: nf_tables: missing iterator type in lookup walk (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nft_set_pipapo: walk over current view on netlink dump (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nftables: add helper function to flush set elements (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nf_tables: prefer nft_chain_validate (Phil Sutter) [RHEL-51040] {CVE-2024-41042} | |
| - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (Phil Sutter) [RHEL-51516] {CVE-2024-42070} | |
| - netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (Phil Sutter) [RHEL-43003] {CVE-2024-35898} | |
| - netfilter: ipset: Fix suspicious rcu_dereference_protected() (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: ipset: Add list flush to cancel_gc (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: nf_conntrack_h323: Add protection for bmp length out of range (Phil Sutter) [RHEL-42680] {CVE-2024-26851} | |
| - netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - dev/parport: fix the array out-of-bounds risk (Steve Best) [RHEL-54985] {CVE-2024-42301} | |
| - KVM: Always flush async #PF workqueue when vCPU is being destroyed (Sean Christopherson) [RHEL-35100] {CVE-2024-26976} | |
| - bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (Kamal Heib) [RHEL-44279] {CVE-2024-38540} | |
| - tipc: Return non-zero value from tipc_udp_addr2str() on error (Xin Long) [RHEL-55069] {CVE-2024-42284} | |
| - Bluetooth: Fix TOCTOU in HCI debugfs implementation (CKI Backport Bot) [RHEL-26831] {CVE-2024-24857} | |
| - drm/i915/dpt: Make DPT object unshrinkable (CKI Backport Bot) [RHEL-47856] {CVE-2024-40924} | |
| - tipc: force a dst refcount before doing decryption (Xin Long) [RHEL-48363] {CVE-2024-40983} | |
| - block: initialize integrity buffer to zero before writing it to media (Ming Lei) [RHEL-54763] {CVE-2024-43854} | |
| - gso: do not skip outer ip header in case of ipip and net_failover (CKI Backport Bot) [RHEL-55790] {CVE-2022-48936} | |
| - drm/amdgpu: avoid using null object of framebuffer (CKI Backport Bot) [RHEL-51405] {CVE-2024-41093} | |
| - ipv6: prevent possible NULL deref in fib6_nh_init() (Guillaume Nault) [RHEL-48170] {CVE-2024-40961} | |
| - mlxsw: spectrum_acl_erp: Fix object nesting warning (CKI Backport Bot) [RHEL-55568] {CVE-2024-43880} | |
| - ibmvnic: Add tx check to prevent skb leak (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066} | |
| - ibmvnic: rename local variable index to bufidx (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066} | |
| - netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - USB: serial: mos7840: fix crash on resume (CKI Backport Bot) [RHEL-53680] {CVE-2024-42244} | |
| - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (CKI Backport Bot) [RHEL-48381] {CVE-2024-40984} | |
| - nouveau: lock the client object tree. (Abdiel Janulgue) [RHEL-35118] {CVE-2024-27062} | |
| - cifs: fix deadlock between reconnect and lease break (Paulo Alcantara) [RHEL-58037] | |
| - ACPI: PAD: fix crash in exit_round_robin() (Mark Langsdorf) [RHEL-56156] | |
| - gfs2: Randomize GLF_VERIFY_DELETE work delay (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Use mod_delayed_work in gfs2_queue_try_to_evict (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Update to the evict / remote delete documentation (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Clean up delete work processing (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Return enum evict_behavior from gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename dinode_demise to evict_behavior (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename GIF_{DEFERRED -> DEFER}_DELETE (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Faster gfs2_upgrade_iopen_glock wakeups (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Fix unlinked inode cleanup (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Initialize gl_no_formal_ino earlier (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename GLF_VERIFY_EVICT to GLF_VERIFY_DELETE (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: make timeout values more explicit (Wolfram Sang) [RHEL-35757] | |
| - gfs2: Simplify function gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename SDF_DEACTIVATING to SDF_KILL (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Cease delete work during unmount (Bob Peterson) [RHEL-35757] | |
| - gfs2: Improve gfs2_upgrade_iopen_glock comment (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: nit: gfs2_drop_inode shouldn't return bool (Bob Peterson) [RHEL-35757] | |
| - dmaengine: fix NULL pointer in channel unregistration function (Jerry Snitselaar) [RHEL-28867] {CVE-2023-52492} | |
| - dma-direct: Leak pages on dma_set_decrypted() failure (Jerry Snitselaar) [RHEL-37335] {CVE-2024-35939} | |
| - nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (Olga Kornievskaia) [RHEL-41075] | |
| - NFSv4: Always ask for type with READDIR (Benjamin Coddington) [RHEL-39397] | |
| - cifs: get rid of unneeded conditional in cifs_get_num_sgs() (Paulo Alcantara) [RHEL-60251] | |
| - cifs: Get rid of unneeded conditional in the smb2_get_aead_req() (Paulo Alcantara) [RHEL-60251] | |
| - cifs: Remove duplicated include in cifsglob.h (Paulo Alcantara) [RHEL-60251] | |
| - cifs: fix oops during encryption (Paulo Alcantara) [RHEL-60251] | |
| - cifs: do not set WorkstationName in NTLMSSP auth blob (Paulo Alcantara) [RHEL-56729] | |
| - padata: Fix possible divide-by-0 panic in padata_mt_helper() (Steve Best) [RHEL-56162] {CVE-2024-43889} | |
| - i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR (CKI Backport Bot) [RHEL-57000] | |
| - sctp: Fix null-ptr-deref in reuseport_add_sock(). (Xin Long) [RHEL-56234] {CVE-2024-44935} | |
| - net/mlx5e: Fix netif state handling (Michal Schmidt) [RHEL-43864] {CVE-2024-38608} | |
| - net/mlx5e: Add wrapping for auxiliary_driver ops and remove unused args (Michal Schmidt) [RHEL-43864] {CVE-2024-38608} | |
| - r8169: Fix possible ring buffer corruption on fragmented Tx packets. (cki-backport-bot) [RHEL-44031] {CVE-2024-38586} | |
| - netfilter: flowtable: initialise extack before use (Florian Westphal) [RHEL-58542] {CVE-2024-45018} | |
| - memcg: protect concurrent access to mem_cgroup_idr (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - memcontrol: ensure memcg acquired by id is properly set up (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - mm: memcontrol: fix cannot alloc the maximum memcg ID (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - mm/memcg: minor cleanup for MEM_CGROUP_ID_MAX (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - ice: Add netif_device_attach/detach into PF reset flow (CKI Backport Bot) [RHEL-23676] | |
| - Adding prod certs and changed cert date to 20210620 (Sherif Nagy) | |
| - Adding Rocky secure boot certs (Sherif Nagy) | |
| - Fixing vmlinuz removal (Sherif Nagy) | |
| - Fixing UEFI CA path (Sherif Nagy) | |
| - Porting to 8.10, debranding and Rocky branding (Louis Abel) | |
| - Fixing pesign_key_name values (Sherif Nagy) | |
| - Adding prod certs and changed cert date to 20210620 (Sherif Nagy) | |
| - Adding Rocky secure boot certs (Sherif Nagy) | |
| - Fixing vmlinuz removal (Sherif Nagy) | |
| - Fixing UEFI CA path (Sherif Nagy) | |
| - Porting to 8.10, debranding and Rocky branding (Louis Abel) | |
| - Fixing pesign_key_name values (Sherif Nagy) | |
| - cifs: modefromsids must add an ACE for authenticated users (Paulo Alcantara) [RHEL-56052] | |
| - cifs: do not use uninitialized data in the owner/group sid (Paulo Alcantara) [RHEL-56052] | |
| - cifs: fix set of group SID via NTSD xattrs (Paulo Alcantara) [RHEL-56052] | |
| - smb3: correct smb3 ACL security descriptor (Paulo Alcantara) [RHEL-56052] | |
| - smb3: fix possible access to uninitialized pointer to DACL (Paulo Alcantara) [RHEL-56052] | |
| - cifs: remove two cases where rc is set unnecessarily in sid_to_id (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix chmod with modefromsid when an older ACE already exists. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: update new ACE pointer after populate_new_aces. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: If a corrupted DACL is returned by the server, bail out. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: cleanup a few le16 vs. le32 uses in cifsacl.c (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Change SIDs in ACEs while transferring file ownership. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Retain old ACEs when converting between mode bits and ACL. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix cifsacl ACE mask for group and others. (Paulo Alcantara) [RHEL-56052] | |
| - Add SMB 2 support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052] | |
| - SMB3: Add support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Enable sticky bit with cifsacl mount option. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix unix perm bits to cifsacl conversion for "other" bits. (Paulo Alcantara) [RHEL-56052] | |
| - drm/i915/gt: Fix potential UAF by revoke of fence registers (Mika Penttilä) [RHEL-53633] {CVE-2024-41092} | |
| - scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (Dick Kennedy) [RHEL-27224] | |
| - kobject_uevent: Fix OOB access within zap_modalias_env() (Rafael Aquini) [RHEL-55000] {CVE-2024-42292} | |
| - gfs2: Fix NULL pointer dereference in gfs2_log_flush (Andrew Price) [RHEL-51553] {CVE-2024-42079} | |
| - of: module: add buffer overflow check in of_modalias() (Charles Mirabile) [RHEL-44267] {CVE-2024-38541} | |
| kernel-tools-libs-4.18.0-553.27.1.el8_10.x86_64.rpm | - lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (Waiman Long) [RHEL-62139] {CVE-2024-47668} |
| - bonding: fix xfrm real_dev null pointer dereference (Hangbin Liu) [RHEL-57239] {CVE-2024-44989} | |
| - bonding: fix null pointer deref in bond_ipsec_offload_ok (Hangbin Liu) [RHEL-57233] {CVE-2024-44990} | |
| - bpf: Fix overrunning reservations in ringbuf (Viktor Malik) [RHEL-49414] {CVE-2024-41009} | |
| - xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CKI Backport Bot) [RHEL-49309] {CVE-2022-48773} | |
| - tty: tty_io: update timestamps on all device nodes (Aristeu Rozanski) [RHEL-55257] | |
| - tty: use 64-bit timstamp (Aristeu Rozanski) [RHEL-55257] | |
| - ELF: fix kernel.randomize_va_space double read (Rafael Aquini) [RHEL-60669] {CVE-2024-46826} | |
| - xfrm: set dst dev to blackhole_netdev instead of loopback_dev in ifdown (Xin Long) [RHEL-58100] | |
| - loopback: fix lockdep splat (Xin Long) [RHEL-58100] | |
| - blackhole_netdev: use blackhole_netdev to invalidate dst entries (Xin Long) [RHEL-58100] | |
| - loopback: create blackhole net device similar to loopack. (Xin Long) [RHEL-58100] | |
| - ethtool: check device is present when getting link settings (Jamie Bainbridge) [RHEL-57002] | |
| - netfilter: nft_set_pipapo: do not free live element (Phil Sutter) [RHEL-34221] {CVE-2024-26924} | |
| - netfilter: nf_tables: missing iterator type in lookup walk (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nft_set_pipapo: walk over current view on netlink dump (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nftables: add helper function to flush set elements (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nf_tables: prefer nft_chain_validate (Phil Sutter) [RHEL-51040] {CVE-2024-41042} | |
| - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (Phil Sutter) [RHEL-51516] {CVE-2024-42070} | |
| - netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (Phil Sutter) [RHEL-43003] {CVE-2024-35898} | |
| - netfilter: ipset: Fix suspicious rcu_dereference_protected() (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: ipset: Add list flush to cancel_gc (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: nf_conntrack_h323: Add protection for bmp length out of range (Phil Sutter) [RHEL-42680] {CVE-2024-26851} | |
| - netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - dev/parport: fix the array out-of-bounds risk (Steve Best) [RHEL-54985] {CVE-2024-42301} | |
| - KVM: Always flush async #PF workqueue when vCPU is being destroyed (Sean Christopherson) [RHEL-35100] {CVE-2024-26976} | |
| - bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (Kamal Heib) [RHEL-44279] {CVE-2024-38540} | |
| - tipc: Return non-zero value from tipc_udp_addr2str() on error (Xin Long) [RHEL-55069] {CVE-2024-42284} | |
| - Bluetooth: Fix TOCTOU in HCI debugfs implementation (CKI Backport Bot) [RHEL-26831] {CVE-2024-24857} | |
| - drm/i915/dpt: Make DPT object unshrinkable (CKI Backport Bot) [RHEL-47856] {CVE-2024-40924} | |
| - tipc: force a dst refcount before doing decryption (Xin Long) [RHEL-48363] {CVE-2024-40983} | |
| - block: initialize integrity buffer to zero before writing it to media (Ming Lei) [RHEL-54763] {CVE-2024-43854} | |
| - gso: do not skip outer ip header in case of ipip and net_failover (CKI Backport Bot) [RHEL-55790] {CVE-2022-48936} | |
| - drm/amdgpu: avoid using null object of framebuffer (CKI Backport Bot) [RHEL-51405] {CVE-2024-41093} | |
| - ipv6: prevent possible NULL deref in fib6_nh_init() (Guillaume Nault) [RHEL-48170] {CVE-2024-40961} | |
| - mlxsw: spectrum_acl_erp: Fix object nesting warning (CKI Backport Bot) [RHEL-55568] {CVE-2024-43880} | |
| - ibmvnic: Add tx check to prevent skb leak (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066} | |
| - ibmvnic: rename local variable index to bufidx (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066} | |
| - netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - USB: serial: mos7840: fix crash on resume (CKI Backport Bot) [RHEL-53680] {CVE-2024-42244} | |
| - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (CKI Backport Bot) [RHEL-48381] {CVE-2024-40984} | |
| - nouveau: lock the client object tree. (Abdiel Janulgue) [RHEL-35118] {CVE-2024-27062} | |
| - cifs: fix deadlock between reconnect and lease break (Paulo Alcantara) [RHEL-58037] | |
| - ACPI: PAD: fix crash in exit_round_robin() (Mark Langsdorf) [RHEL-56156] | |
| - gfs2: Randomize GLF_VERIFY_DELETE work delay (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Use mod_delayed_work in gfs2_queue_try_to_evict (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Update to the evict / remote delete documentation (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Clean up delete work processing (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Return enum evict_behavior from gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename dinode_demise to evict_behavior (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename GIF_{DEFERRED -> DEFER}_DELETE (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Faster gfs2_upgrade_iopen_glock wakeups (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Fix unlinked inode cleanup (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Initialize gl_no_formal_ino earlier (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename GLF_VERIFY_EVICT to GLF_VERIFY_DELETE (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: make timeout values more explicit (Wolfram Sang) [RHEL-35757] | |
| - gfs2: Simplify function gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename SDF_DEACTIVATING to SDF_KILL (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Cease delete work during unmount (Bob Peterson) [RHEL-35757] | |
| - gfs2: Improve gfs2_upgrade_iopen_glock comment (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: nit: gfs2_drop_inode shouldn't return bool (Bob Peterson) [RHEL-35757] | |
| - dmaengine: fix NULL pointer in channel unregistration function (Jerry Snitselaar) [RHEL-28867] {CVE-2023-52492} | |
| - dma-direct: Leak pages on dma_set_decrypted() failure (Jerry Snitselaar) [RHEL-37335] {CVE-2024-35939} | |
| - nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (Olga Kornievskaia) [RHEL-41075] | |
| - NFSv4: Always ask for type with READDIR (Benjamin Coddington) [RHEL-39397] | |
| - cifs: get rid of unneeded conditional in cifs_get_num_sgs() (Paulo Alcantara) [RHEL-60251] | |
| - cifs: Get rid of unneeded conditional in the smb2_get_aead_req() (Paulo Alcantara) [RHEL-60251] | |
| - cifs: Remove duplicated include in cifsglob.h (Paulo Alcantara) [RHEL-60251] | |
| - cifs: fix oops during encryption (Paulo Alcantara) [RHEL-60251] | |
| - cifs: do not set WorkstationName in NTLMSSP auth blob (Paulo Alcantara) [RHEL-56729] | |
| - padata: Fix possible divide-by-0 panic in padata_mt_helper() (Steve Best) [RHEL-56162] {CVE-2024-43889} | |
| - i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR (CKI Backport Bot) [RHEL-57000] | |
| - sctp: Fix null-ptr-deref in reuseport_add_sock(). (Xin Long) [RHEL-56234] {CVE-2024-44935} | |
| - net/mlx5e: Fix netif state handling (Michal Schmidt) [RHEL-43864] {CVE-2024-38608} | |
| - net/mlx5e: Add wrapping for auxiliary_driver ops and remove unused args (Michal Schmidt) [RHEL-43864] {CVE-2024-38608} | |
| - r8169: Fix possible ring buffer corruption on fragmented Tx packets. (cki-backport-bot) [RHEL-44031] {CVE-2024-38586} | |
| - netfilter: flowtable: initialise extack before use (Florian Westphal) [RHEL-58542] {CVE-2024-45018} | |
| - memcg: protect concurrent access to mem_cgroup_idr (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - memcontrol: ensure memcg acquired by id is properly set up (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - mm: memcontrol: fix cannot alloc the maximum memcg ID (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - mm/memcg: minor cleanup for MEM_CGROUP_ID_MAX (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - ice: Add netif_device_attach/detach into PF reset flow (CKI Backport Bot) [RHEL-23676] | |
| - Adding prod certs and changed cert date to 20210620 (Sherif Nagy) | |
| - Adding Rocky secure boot certs (Sherif Nagy) | |
| - Fixing vmlinuz removal (Sherif Nagy) | |
| - Fixing UEFI CA path (Sherif Nagy) | |
| - Porting to 8.10, debranding and Rocky branding (Louis Abel) | |
| - Fixing pesign_key_name values (Sherif Nagy) | |
| - Adding prod certs and changed cert date to 20210620 (Sherif Nagy) | |
| - Adding Rocky secure boot certs (Sherif Nagy) | |
| - Fixing vmlinuz removal (Sherif Nagy) | |
| - Fixing UEFI CA path (Sherif Nagy) | |
| - Porting to 8.10, debranding and Rocky branding (Louis Abel) | |
| - Fixing pesign_key_name values (Sherif Nagy) | |
| - cifs: modefromsids must add an ACE for authenticated users (Paulo Alcantara) [RHEL-56052] | |
| - cifs: do not use uninitialized data in the owner/group sid (Paulo Alcantara) [RHEL-56052] | |
| - cifs: fix set of group SID via NTSD xattrs (Paulo Alcantara) [RHEL-56052] | |
| - smb3: correct smb3 ACL security descriptor (Paulo Alcantara) [RHEL-56052] | |
| - smb3: fix possible access to uninitialized pointer to DACL (Paulo Alcantara) [RHEL-56052] | |
| - cifs: remove two cases where rc is set unnecessarily in sid_to_id (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix chmod with modefromsid when an older ACE already exists. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: update new ACE pointer after populate_new_aces. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: If a corrupted DACL is returned by the server, bail out. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: cleanup a few le16 vs. le32 uses in cifsacl.c (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Change SIDs in ACEs while transferring file ownership. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Retain old ACEs when converting between mode bits and ACL. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix cifsacl ACE mask for group and others. (Paulo Alcantara) [RHEL-56052] | |
| - Add SMB 2 support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052] | |
| - SMB3: Add support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Enable sticky bit with cifsacl mount option. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix unix perm bits to cifsacl conversion for "other" bits. (Paulo Alcantara) [RHEL-56052] | |
| - drm/i915/gt: Fix potential UAF by revoke of fence registers (Mika Penttilä) [RHEL-53633] {CVE-2024-41092} | |
| - scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (Dick Kennedy) [RHEL-27224] | |
| - kobject_uevent: Fix OOB access within zap_modalias_env() (Rafael Aquini) [RHEL-55000] {CVE-2024-42292} | |
| - gfs2: Fix NULL pointer dereference in gfs2_log_flush (Andrew Price) [RHEL-51553] {CVE-2024-42079} | |
| - of: module: add buffer overflow check in of_modalias() (Charles Mirabile) [RHEL-44267] {CVE-2024-38541} | |
| krb5-libs-1.18.2-30.el8_10.x86_64.rpm | - libkrad: implement support for Message-Authenticator (CVE-2024-3596) |
| Resolves: RHEL-50253 | |
| - Remove RSA protocol for PKINIT | |
| Resolves: RHEL-17616 | |
| libertas-usb8388-firmware-20241014-125.git06bad2f1.el8_10.noarch.rpm | - Update linux-firmware to latest upstream (RHEL-62359) |
| Changes since the last update are noted on items below, copied from | |
| the git changelog of upstream linux-firmware repository. | |
| - mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher | |
| - ath12k: WCN7850 hw2.0: update board-2.bin | |
| - ath12k: QCN9274 hw2.0: add to WLAN.WBE.1.3.1-00162-QCAHKSWPL_SILICONZ-1 | |
| - ath12k: QCN9274 hw2.0: add board-2.bin | |
| - copy-firmware.sh: rename variables in symlink hanlding | |
| - copy-firmware.sh: remove no longer reachable test -L | |
| - copy-firmware.sh: remove no longer reachable test -f | |
| - copy-firmware.sh: call ./check_whence.py before parsing the file | |
| - copy-firmware.sh: warn if the destination folder is not empty | |
| - copy-firmware.sh: add err() helper | |
| - copy-firmware.sh: fix indentation | |
| - copy-firmware.sh: reset and consistently handle destdir | |
| - Revert "copy-firmware: Support additional compressor options" | |
| - copy-firmware.sh: flesh out and fix dedup-firmware.sh | |
| - Style update yaml files | |
| - editorconfig: add initial config file | |
| - check_whence.py: annotate replacement strings as raw | |
| - check_whence.py: LC_ALL=C sort -u the filelist | |
| - check_whence.py: ban link-to-a-link | |
| - check_whence.py: use consistent naming | |
| - Add a link from TAS2XXX1EB3.bin -> ti/tas2781/TAS2XXX1EB30.bin | |
| - tas2781: Upload dsp firmware for ASUS laptop 1EB30 & 1EB31 | |
| - rtlwifi: Add firmware v39.0 for RTL8192DU | |
| - Revert "ath12k: WCN7850 hw2.0: update board-2.bin" | |
| - amdgpu: DMCUB DCN35 update | |
| - brcm: Add BCM4354 NVRAM for Jetson TX1 | |
| - brcm: Link FriendlyElec NanoPi M4 to AP6356S nvram | |
| - linux-firmware: add firmware for MediaTek Bluetooth chip (MT7920) | |
| - linux-firmware: add firmware for MT7920 | |
| - amdgpu: update raven firmware | |
| - amdgpu: update SMU 13.0.10 firmware | |
| - amdgpu: update PSP 13.0.10 firmware | |
| - amdgpu: update GC 11.0.3 firmware | |
| - amdgpu: update VCN 3.1.2 firmware | |
| - amdgpu: update PSP 13.0.5 firmware | |
| - amdgpu: update PSP 13.0.8 firmware | |
| - amdgpu: update vega12 firmware | |
| - amdgpu: update PSP 14.0.4 firmware | |
| - amdgpu: update GC 11.5.2 firmware | |
| - amdgpu: update vega10 firmware | |
| - amdgpu: update VCN 4.0.0 firmware | |
| - amdgpu: update PSP 13.0.0 firmware | |
| - amdgpu: update GC 11.0.0 firmware | |
| - amdgpu: update picasso firmware | |
| - amdgpu: update beige goby firmware | |
| - amdgpu: update vangogh firmware | |
| - amdgpu: update dimgrey cavefish firmware | |
| - amdgpu: update navy flounder firmware | |
| - amdgpu: update green sardine firmware | |
| - amdgpu: update VCN 4.0.2 firmware | |
| - amdgpu: update PSP 13.0.4 firmware | |
| - amdgpu: update GC 11.0.1 firmware | |
| - amdgpu: update sienna cichlid firmware | |
| - amdgpu: update VCN 4.0.6 firmware | |
| - amdgpu: update PSP 14.0.1 firmware | |
| - amdgpu: update GC 11.5.1 firmware | |
| - amdgpu: update VCN 4.0.5 firmware | |
| - amdgpu: update PSP 14.0.0 firmware | |
| - amdgpu: update GC 11.5.0 firmware | |
| - amdgpu: update navi14 firmware | |
| - amdgpu: update renoir firmware | |
| - amdgpu: update navi12 firmware | |
| - amdgpu: update SMU 13.0.6 firmware | |
| - amdgpu: update SDMA 4.4.2 firmware | |
| - amdgpu: update PSP 13.0.6 firmware | |
| - amdgpu: update GC 9.4.3 firmware | |
| - amdgpu: update yellow carp firmware | |
| - amdgpu: update VCN 4.0.4 firmware | |
| - amdgpu: update PSP 13.0.7 firmware | |
| - amdgpu: update GC 11.0.2 firmware | |
| - amdgpu: update navi10 firmware | |
| - amdgpu: update aldebaran firmware | |
| - qcom: update gpu firmwares for qcm6490 chipset | |
| - mt76: mt7996: add firmware files for mt7992 chipset | |
| - mt76: mt7996: add firmware files for mt7996 chipset variants | |
| - qcom: add gpu firmwares for sa8775p chipset | |
| - amdgpu: update DMCUB to v0.0.233.0 DCN351 | |
| - rtw89: 8922a: add fw format-2 v0.35.42.1 | |
| - copy-firmware: Handle links to uncompressed files | |
| - WHENCE: Fix battmgr.jsn entry type | |
| - amdgpu: Add VPE 6.1.3 microcode | |
| - amdgpu: add SDMA 6.1.2 microcode | |
| - amdgpu: Add support for PSP 14.0.4 | |
| - amdgpu: add GC 11.5.2 microcode | |
| - qcom: qcm6490: add ADSP and CDSP firmware | |
| - linux-firmware: Update firmware file for Intel Bluetooth Magnetor core | |
| - linux-firmware: Update firmware file for Intel BlazarU core | |
| - linux-firmware: Update firmware file for Intel Bluetooth Solar core | |
| - rtl_bt: Update RTL8852B BT USB FW to 0x0447_9301 | |
| - realtek: rt1320: Add patch firmware of MCU | |
| - i915: Update MTL DMC v2.23 | |
| - cirrus: cs35l56: Add firmware for Cirrus CS35L54 for some HP laptops | |
| - amdgpu: Revert sienna cichlid dmcub firmware update | |
| - Merge tag 'iwlwifi-fw-2024-09-03' of http://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware into iwlwifi-20240903 | |
| - iwlwifi: add Bz FW for core89-58 release | |
| - rtl_nic: add firmware rtl8126a-3 | |
| - linux-firmware: update firmware for MT7921 WiFi device | |
| - linux-firmware: update firmware for mediatek bluetooth chip (MT7921) | |
| - amdgpu: update DMCUB to v0.0.232.0 for DCN314 and DCN351 | |
| - qcom: vpu: restore compatibility with kernels before 6.6 | |
| Resolves: RHEL-62359 | |
| libproxy-0.4.15-5.5.el8_10.x86_64.rpm | - Fix CVE-2020-25219 (#1880349) |
| - Bump up version number | |
| - Fix PAC buffer overflow (#1869639) | |
| libtiff-4.0.9-33.el8_10.x86_64.rpm | - fix CVE-2024-7006 a null pointer dereference in tif_dirinfo (RHEL-52927) |
| linux-firmware-20241014-125.git06bad2f1.el8_10.noarch.rpm | - Update linux-firmware to latest upstream (RHEL-62359) |
| Changes since the last update are noted on items below, copied from | |
| the git changelog of upstream linux-firmware repository. | |
| - mtk_wed: add firmware for mt7988 Wireless Ethernet Dispatcher | |
| - ath12k: WCN7850 hw2.0: update board-2.bin | |
| - ath12k: QCN9274 hw2.0: add to WLAN.WBE.1.3.1-00162-QCAHKSWPL_SILICONZ-1 | |
| - ath12k: QCN9274 hw2.0: add board-2.bin | |
| - copy-firmware.sh: rename variables in symlink hanlding | |
| - copy-firmware.sh: remove no longer reachable test -L | |
| - copy-firmware.sh: remove no longer reachable test -f | |
| - copy-firmware.sh: call ./check_whence.py before parsing the file | |
| - copy-firmware.sh: warn if the destination folder is not empty | |
| - copy-firmware.sh: add err() helper | |
| - copy-firmware.sh: fix indentation | |
| - copy-firmware.sh: reset and consistently handle destdir | |
| - Revert "copy-firmware: Support additional compressor options" | |
| - copy-firmware.sh: flesh out and fix dedup-firmware.sh | |
| - Style update yaml files | |
| - editorconfig: add initial config file | |
| - check_whence.py: annotate replacement strings as raw | |
| - check_whence.py: LC_ALL=C sort -u the filelist | |
| - check_whence.py: ban link-to-a-link | |
| - check_whence.py: use consistent naming | |
| - Add a link from TAS2XXX1EB3.bin -> ti/tas2781/TAS2XXX1EB30.bin | |
| - tas2781: Upload dsp firmware for ASUS laptop 1EB30 & 1EB31 | |
| - rtlwifi: Add firmware v39.0 for RTL8192DU | |
| - Revert "ath12k: WCN7850 hw2.0: update board-2.bin" | |
| - amdgpu: DMCUB DCN35 update | |
| - brcm: Add BCM4354 NVRAM for Jetson TX1 | |
| - brcm: Link FriendlyElec NanoPi M4 to AP6356S nvram | |
| - linux-firmware: add firmware for MediaTek Bluetooth chip (MT7920) | |
| - linux-firmware: add firmware for MT7920 | |
| - amdgpu: update raven firmware | |
| - amdgpu: update SMU 13.0.10 firmware | |
| - amdgpu: update PSP 13.0.10 firmware | |
| - amdgpu: update GC 11.0.3 firmware | |
| - amdgpu: update VCN 3.1.2 firmware | |
| - amdgpu: update PSP 13.0.5 firmware | |
| - amdgpu: update PSP 13.0.8 firmware | |
| - amdgpu: update vega12 firmware | |
| - amdgpu: update PSP 14.0.4 firmware | |
| - amdgpu: update GC 11.5.2 firmware | |
| - amdgpu: update vega10 firmware | |
| - amdgpu: update VCN 4.0.0 firmware | |
| - amdgpu: update PSP 13.0.0 firmware | |
| - amdgpu: update GC 11.0.0 firmware | |
| - amdgpu: update picasso firmware | |
| - amdgpu: update beige goby firmware | |
| - amdgpu: update vangogh firmware | |
| - amdgpu: update dimgrey cavefish firmware | |
| - amdgpu: update navy flounder firmware | |
| - amdgpu: update green sardine firmware | |
| - amdgpu: update VCN 4.0.2 firmware | |
| - amdgpu: update PSP 13.0.4 firmware | |
| - amdgpu: update GC 11.0.1 firmware | |
| - amdgpu: update sienna cichlid firmware | |
| - amdgpu: update VCN 4.0.6 firmware | |
| - amdgpu: update PSP 14.0.1 firmware | |
| - amdgpu: update GC 11.5.1 firmware | |
| - amdgpu: update VCN 4.0.5 firmware | |
| - amdgpu: update PSP 14.0.0 firmware | |
| - amdgpu: update GC 11.5.0 firmware | |
| - amdgpu: update navi14 firmware | |
| - amdgpu: update renoir firmware | |
| - amdgpu: update navi12 firmware | |
| - amdgpu: update SMU 13.0.6 firmware | |
| - amdgpu: update SDMA 4.4.2 firmware | |
| - amdgpu: update PSP 13.0.6 firmware | |
| - amdgpu: update GC 9.4.3 firmware | |
| - amdgpu: update yellow carp firmware | |
| - amdgpu: update VCN 4.0.4 firmware | |
| - amdgpu: update PSP 13.0.7 firmware | |
| - amdgpu: update GC 11.0.2 firmware | |
| - amdgpu: update navi10 firmware | |
| - amdgpu: update aldebaran firmware | |
| - qcom: update gpu firmwares for qcm6490 chipset | |
| - mt76: mt7996: add firmware files for mt7992 chipset | |
| - mt76: mt7996: add firmware files for mt7996 chipset variants | |
| - qcom: add gpu firmwares for sa8775p chipset | |
| - amdgpu: update DMCUB to v0.0.233.0 DCN351 | |
| - rtw89: 8922a: add fw format-2 v0.35.42.1 | |
| - copy-firmware: Handle links to uncompressed files | |
| - WHENCE: Fix battmgr.jsn entry type | |
| - amdgpu: Add VPE 6.1.3 microcode | |
| - amdgpu: add SDMA 6.1.2 microcode | |
| - amdgpu: Add support for PSP 14.0.4 | |
| - amdgpu: add GC 11.5.2 microcode | |
| - qcom: qcm6490: add ADSP and CDSP firmware | |
| - linux-firmware: Update firmware file for Intel Bluetooth Magnetor core | |
| - linux-firmware: Update firmware file for Intel BlazarU core | |
| - linux-firmware: Update firmware file for Intel Bluetooth Solar core | |
| - rtl_bt: Update RTL8852B BT USB FW to 0x0447_9301 | |
| - realtek: rt1320: Add patch firmware of MCU | |
| - i915: Update MTL DMC v2.23 | |
| - cirrus: cs35l56: Add firmware for Cirrus CS35L54 for some HP laptops | |
| - amdgpu: Revert sienna cichlid dmcub firmware update | |
| - Merge tag 'iwlwifi-fw-2024-09-03' of http://git.kernel.org/pub/scm/linux/kernel/git/iwlwifi/linux-firmware into iwlwifi-20240903 | |
| - iwlwifi: add Bz FW for core89-58 release | |
| - rtl_nic: add firmware rtl8126a-3 | |
| - linux-firmware: update firmware for MT7921 WiFi device | |
| - linux-firmware: update firmware for mediatek bluetooth chip (MT7921) | |
| - amdgpu: update DMCUB to v0.0.232.0 for DCN314 and DCN351 | |
| - qcom: vpu: restore compatibility with kernels before 6.6 | |
| Resolves: RHEL-62359 | |
| microcode_ctl-20240910-1.el8_10.x86_64.rpm | - Update Intel CPU microcode to microcode-20240910 release, addresses |
| CVE-2024-23984, CVE-2024-24853, CVE-2024-24968, CVE-2024-24980, | |
| CVE-2024-25939 (RHEL-59081): | |
| - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in | |
| intel-06-8c-01/intel-ucode/06-8c-01) from revision 0xb6 up to 0xb8; | |
| - Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in | |
| intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xf4 up | |
| to 0xf6; | |
| - Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in | |
| intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xf4 up | |
| to 0xf6; | |
| - Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in | |
| intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xf4 up | |
| to 0xf6; | |
| - Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in | |
| intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xf4 up | |
| to 0xf6; | |
| - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) | |
| microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from | |
| revision 0xfa up to 0xfc; | |
| - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in | |
| intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xf6 up | |
| to 0xf8; | |
| - Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in | |
| intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xf4 up | |
| to 0xf6; | |
| - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in | |
| intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xf6 up | |
| to 0xf8; | |
| - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in | |
| intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xfc up | |
| to 0x100; | |
| - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision | |
| 0x5003605 up to 0x5003707; | |
| - Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x7002802 | |
| up to 0x7002904; | |
| - Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003d1 | |
| up to 0xd0003e7; | |
| - Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000290 | |
| up to 0x10002b0; | |
| - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xc4 | |
| up to 0xc6; | |
| - Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x36 up | |
| to 0x38; | |
| - Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x50 up | |
| to 0x52; | |
| - Update of 06-96-01/0x01 (EHL B1) microcode from revision 0x19 up | |
| to 0x1a; | |
| - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision | |
| 0x35 up to 0x36; | |
| - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in | |
| intel-ucode/06-97-02) from revision 0x35 up to 0x36; | |
| - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) | |
| from revision 0x35 up to 0x36; | |
| - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) | |
| from revision 0x35 up to 0x36; | |
| - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in | |
| intel-ucode/06-97-05) from revision 0x35 up to 0x36; | |
| - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x35 | |
| up to 0x36; | |
| - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) | |
| from revision 0x35 up to 0x36; | |
| - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) | |
| from revision 0x35 up to 0x36; | |
| - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision | |
| 0x433 up to 0x434; | |
| - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in | |
| intel-ucode/06-9a-03) from revision 0x433 up to 0x434; | |
| - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in | |
| intel-ucode/06-9a-04) from revision 0x433 up to 0x434; | |
| - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x433 | |
| up to 0x434; | |
| - Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xfa up | |
| to 0xfc; | |
| - Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xfa | |
| up to 0xfc; | |
| - Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xfa | |
| up to 0xfc; | |
| - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xfa | |
| up to 0xfe; | |
| - Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode from revision | |
| 0xfa up to 0xfc; | |
| - Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x5e up | |
| to 0x62; | |
| - Update of 06-aa-04/0xe6 (MTL-H/U C0) microcode from revision 0x1c | |
| up to 0x1f; | |
| - Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x123 up | |
| to 0x129; | |
| - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision | |
| 0x4121 up to 0x4122; | |
| - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in | |
| intel-ucode/06-ba-02) from revision 0x4121 up to 0x4122; | |
| - Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) from | |
| revision 0x4121 up to 0x4122; | |
| - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in | |
| intel-ucode/06-ba-03) from revision 0x4121 up to 0x4122; | |
| - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4121 | |
| up to 0x4122; | |
| - Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) from | |
| revision 0x4121 up to 0x4122; | |
| - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in | |
| intel-ucode/06-ba-08) from revision 0x4121 up to 0x4122; | |
| - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in | |
| intel-ucode/06-ba-08) from revision 0x4121 up to 0x4122; | |
| - Update of 06-ba-08/0xe0 microcode from revision 0x4121 up to 0x4122; | |
| - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in | |
| intel-ucode/06-bf-02) from revision 0x35 up to 0x36; | |
| - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in | |
| intel-ucode/06-bf-02) from revision 0x35 up to 0x36; | |
| - Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x35 up | |
| to 0x36; | |
| - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02) | |
| from revision 0x35 up to 0x36; | |
| - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in | |
| intel-ucode/06-bf-05) from revision 0x35 up to 0x36; | |
| - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in | |
| intel-ucode/06-bf-05) from revision 0x35 up to 0x36; | |
| - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05) | |
| from revision 0x35 up to 0x36; | |
| - Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x35 up | |
| to 0x36; | |
| - Update of 06-be-00/0x19 (ADL-N A0) microcode from revision 0x17 up | |
| to 0x1a (old pf 0x11). | |
| - Update Intel CPU microcode to microcode-20231009 release, addresses | |
| CVE-2023-23583 (RHEL-3684): | |
| - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in | |
| intel-06-8c-01/intel-ucode/06-8c-01) from revision 0xac up to 0xb4; | |
| - Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003a5 | |
| up to 0xd0003b9; | |
| - Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000230 | |
| up to 0x1000268; | |
| - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xbc | |
| up to 0xc2; | |
| - Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x2c up | |
| to 0x34; | |
| - Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x46 up | |
| to 0x4e; | |
| - Update of 06-8f-04/0x10 microcode from revision 0x2c000271 up to | |
| 0x2c000290; | |
| - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode from revision | |
| 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in | |
| intel-ucode/06-8f-04) from revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in | |
| intel-ucode/06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-04) from | |
| revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in | |
| intel-ucode/06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in | |
| intel-ucode/06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in | |
| intel-ucode/06-8f-04) from revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in | |
| intel-ucode/06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-05) from | |
| revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in | |
| intel-ucode/06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode from revision | |
| 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-05/0x87 (SPR-SP E2) microcode from revision 0x2b0004b1 | |
| up to 0x2b0004d0; | |
| - Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-05) from | |
| revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in | |
| intel-ucode/06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in | |
| intel-ucode/06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in | |
| intel-ucode/06-8f-05) from revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in | |
| intel-ucode/06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-06) from | |
| revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in | |
| intel-ucode/06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in | |
| intel-ucode/06-8f-06) from revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in | |
| intel-ucode/06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-06/0x10 microcode from revision 0x2c000271 up to | |
| 0x2c000290; | |
| - Update of 06-8f-06/0x87 (SPR-SP E3) microcode from revision 0x2b0004b1 | |
| up to 0x2b0004d0; | |
| - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in | |
| intel-ucode/06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in | |
| intel-ucode/06-8f-06) from revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in | |
| intel-ucode/06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in | |
| intel-ucode/06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in | |
| intel-ucode/06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in | |
| intel-ucode/06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision | |
| 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in | |
| intel-ucode/06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) from | |
| revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in | |
| intel-ucode/06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in | |
| intel-ucode/06-8f-08) from revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in | |
| intel-ucode/06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) from | |
| revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in | |
| intel-ucode/06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in | |
| intel-ucode/06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode from revision | |
| 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision | |
| 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision | |
| 0x2e up to 0x32; | |
| - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in | |
| intel-ucode/06-97-02) from revision 0x2e up to 0x32; | |
| - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) | |
| from revision 0x2e up to 0x32; | |
| - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) | |
| from revision 0x2e up to 0x32; | |
| - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in | |
| intel-ucode/06-97-05) from revision 0x2e up to 0x32; | |
| - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x2e | |
| up to 0x32; | |
| - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) | |
| from revision 0x2e up to 0x32; | |
| - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) | |
| from revision 0x2e up to 0x32; | |
| - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision | |
| 0x42c up to 0x430; | |
| - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in | |
| intel-ucode/06-9a-03) from revision 0x42c up to 0x430; | |
| - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in | |
| intel-ucode/06-9a-04) from revision 0x42c up to 0x430; | |
| - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x42c | |
| up to 0x430; | |
| - Update of 06-9a-04/0x40 (AZB A0) microcode from revision 0x4 up | |
| to 0x5; | |
| - Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x59 up | |
| to 0x5d; | |
| - Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x119 up | |
| to 0x11d; | |
| - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision | |
| 0x4119 up to 0x411c; | |
| - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in | |
| intel-ucode/06-ba-02) from revision 0x4119 up to 0x411c; | |
| - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in | |
| intel-ucode/06-ba-03) from revision 0x4119 up to 0x411c; | |
| - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4119 | |
| up to 0x411c; | |
| - Update of 06-be-00/0x11 (ADL-N A0) microcode from revision 0x11 up | |
| to 0x12; | |
| - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in | |
| intel-ucode/06-bf-02) from revision 0x2e up to 0x32; | |
| - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in | |
| intel-ucode/06-bf-02) from revision 0x2e up to 0x32; | |
| - Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x2e up | |
| to 0x32; | |
| - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02) | |
| from revision 0x2e up to 0x32; | |
| - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in | |
| intel-ucode/06-bf-05) from revision 0x2e up to 0x32; | |
| - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in | |
| intel-ucode/06-bf-05) from revision 0x2e up to 0x32; | |
| - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05) | |
| from revision 0x2e up to 0x32; | |
| - Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x2e up | |
| to 0x32. | |
| - Update Intel CPU microcode to microcode-20240531 release, addresses | |
| CVE-2023-22655, CVE-2023-23583. CVE-2023-28746, CVE-2023-38575, | |
| CVE-2023-39368, CVE-2023-42667, CVE-2023-43490, CVE-2023-45733, | |
| CVE-2023-46103, CVE-2023-49141 (RHEL-30859, RHEL-30862, RHEL-30865, | |
| RHEL-30868, RHEL-30871, RHEL-41093, RHEL-41108): | |
| - Addition of 06-aa-04/0xe6 (MTL-H/U C0) microcode at revision 0x1c; | |
| - Addition of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) at | |
| revision 0x4121; | |
| - Addition of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) at | |
| revision 0x4121; | |
| - Addition of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in | |
| intel-ucode/06-ba-08) at revision 0x4121; | |
| - Addition of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in | |
| intel-ucode/06-ba-08) at revision 0x4121; | |
| - Addition of 06-ba-08/0xe0 microcode at revision 0x4121; | |
| - Addition of 06-cf-01/0x87 (EMR-SP A0) microcode at revision | |
| 0x21000230; | |
| - Addition of 06-cf-02/0x87 (EMR-SP A1) microcode (in | |
| intel-ucode/06-cf-01) at revision 0x21000230; | |
| - Addition of 06-cf-01/0x87 (EMR-SP A0) microcode (in | |
| intel-ucode/06-cf-02) at revision 0x21000230; | |
| - Addition of 06-cf-02/0x87 (EMR-SP A1) microcode at revision | |
| 0x21000230; | |
| - Removal of 06-8f-04/0x10 microcode at revision 0x2c000290; | |
| - Removal of 06-8f-04/0x87 (SPR-SP E0/S1) microcode at revision | |
| 0x2b0004d0; | |
| - Removal of 06-8f-05/0x10 (SPR-HBM B1) microcode (in | |
| intel-ucode/06-8f-04) at revision 0x2c000290; | |
| - Removal of 06-8f-05/0x87 (SPR-SP E2) microcode (in | |
| intel-ucode/06-8f-04) at revision 0x2b0004d0; | |
| - Removal of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-04) at | |
| revision 0x2c000290; | |
| - Removal of 06-8f-06/0x87 (SPR-SP E3) microcode (in | |
| intel-ucode/06-8f-04) at revision 0x2b0004d0; | |
| - Removal of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in | |
| intel-ucode/06-8f-04) at revision 0x2b0004d0; | |
| - Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in | |
| intel-ucode/06-8f-04) at revision 0x2c000290; | |
| - Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in | |
| intel-ucode/06-8f-04) at revision 0x2b0004d0; | |
| - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in | |
| intel-06-8c-01/intel-ucode/06-8c-01) from revision 0xb4 up to 0xb6; | |
| - Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0) | |
| microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from | |
| revision 0xf8 up to 0xfa; | |
| - Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in | |
| intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xf4 up | |
| to 0xf8; | |
| - Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in | |
| intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xf4 up | |
| to 0xf6; | |
| - Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in | |
| intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xf4 up | |
| to 0xf6; | |
| - Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in | |
| intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xfa up | |
| to 0xfc; | |
| - Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000181 | |
| up to 0x1000191; | |
| - Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003604 | |
| up to 0x4003605; | |
| - Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision | |
| 0x5003604 up to 0x5003605; | |
| - Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x7002703 | |
| up to 0x7002802; | |
| - Update of 06-56-05/0x10 (BDX-NS A0/A1, HWL A1) microcode from revision | |
| 0xe000014 up to 0xe000015; | |
| - Update of 06-5f-01/0x01 (DNV B0) microcode from revision 0x38 up | |
| to 0x3e; | |
| - Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003b9 | |
| up to 0xd0003d1; | |
| - Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000268 | |
| up to 0x1000290; | |
| - Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x3e up | |
| to 0x42; | |
| - Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x22 up | |
| to 0x24; | |
| - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xc2 | |
| up to 0xc4; | |
| - Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x34 up | |
| to 0x36; | |
| - Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x4e up | |
| to 0x50; | |
| - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-05) from | |
| revision 0x2c000290 up to 0x2c000390; | |
| - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in | |
| intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0; | |
| - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode from revision | |
| 0x2c000290 up to 0x2c000390; | |
| - Update of 06-8f-05/0x87 (SPR-SP E2) microcode from revision 0x2b0004d0 | |
| up to 0x2b0005c0; | |
| - Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-05) from | |
| revision 0x2c000290 up to 0x2c000390; | |
| - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in | |
| intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0; | |
| - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in | |
| intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0; | |
| - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in | |
| intel-ucode/06-8f-05) from revision 0x2c000290 up to 0x2c000390; | |
| - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in | |
| intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0; | |
| - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-06) from | |
| revision 0x2c000290 up to 0x2c000390; | |
| - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in | |
| intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0; | |
| - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in | |
| intel-ucode/06-8f-06) from revision 0x2c000290 up to 0x2c000390; | |
| - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in | |
| intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0; | |
| - Update of 06-8f-06/0x10 microcode from revision 0x2c000290 up to | |
| 0x2c000390; | |
| - Update of 06-8f-06/0x87 (SPR-SP E3) microcode from revision 0x2b0004d0 | |
| up to 0x2b0005c0; | |
| - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in | |
| intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0; | |
| - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in | |
| intel-ucode/06-8f-06) from revision 0x2c000290 up to 0x2c000390; | |
| - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in | |
| intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0; | |
| - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in | |
| intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0; | |
| - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in | |
| intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0; | |
| - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in | |
| intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0; | |
| - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision | |
| 0x2b0004d0 up to 0x2b0005c0; | |
| - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in | |
| intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0; | |
| - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) from | |
| revision 0x2c000290 up to 0x2c000390; | |
| - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in | |
| intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0; | |
| - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in | |
| intel-ucode/06-8f-08) from revision 0x2c000290 up to 0x2c000390; | |
| - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in | |
| intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0; | |
| - Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) from | |
| revision 0x2c000290 up to 0x2c000390; | |
| - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in | |
| intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0; | |
| - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in | |
| intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0; | |
| - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode from revision | |
| 0x2c000290 up to 0x2c000390; | |
| - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision | |
| 0x2b0004d0 up to 0x2b0005c0; | |
| - Update of 06-96-01/0x01 (EHL B1) microcode from revision 0x17 up | |
| to 0x19; | |
| - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision | |
| 0x32 up to 0x35; | |
| - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in | |
| intel-ucode/06-97-02) from revision 0x32 up to 0x35; | |
| - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) | |
| from revision 0x32 up to 0x35; | |
| - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) | |
| from revision 0x32 up to 0x35; | |
| - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in | |
| intel-ucode/06-97-05) from revision 0x32 up to 0x35; | |
| - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x32 | |
| up to 0x35; | |
| - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) | |
| from revision 0x32 up to 0x35; | |
| - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) | |
| from revision 0x32 up to 0x35; | |
| - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision | |
| 0x430 up to 0x433; | |
| - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in | |
| intel-ucode/06-9a-03) from revision 0x430 up to 0x433; | |
| - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in | |
| intel-ucode/06-9a-04) from revision 0x430 up to 0x433; | |
| - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x430 | |
| up to 0x433; | |
| - Update of 06-9a-04/0x40 (AZB A0) microcode from revision 0x5 up | |
| to 0x7; | |
| - Update of 06-9c-00/0x01 (JSL A0/A1) microcode from revision 0x24000024 | |
| up to 0x24000026; | |
| - Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xf8 up | |
| to 0xfa; | |
| - Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xf8 | |
| up to 0xfa; | |
| - Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xf8 | |
| up to 0xfa; | |
| - Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xf8 | |
| up to 0xfa; | |
| - Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode from revision | |
| 0xf8 up to 0xfa; | |
| - Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x5d up | |
| to 0x5e; | |
| - Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x11d up | |
| to 0x123; | |
| - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision | |
| 0x411c up to 0x4121; | |
| - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in | |
| intel-ucode/06-ba-02) from revision 0x411c up to 0x4121; | |
| - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in | |
| intel-ucode/06-ba-03) from revision 0x411c up to 0x4121; | |
| - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x411c | |
| up to 0x4121; | |
| - Update of 06-be-00/0x11 (ADL-N A0) microcode from revision 0x12 up | |
| to 0x17; | |
| - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in | |
| intel-ucode/06-bf-02) from revision 0x32 up to 0x35; | |
| - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in | |
| intel-ucode/06-bf-02) from revision 0x32 up to 0x35; | |
| - Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x32 up | |
| to 0x35; | |
| - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02) | |
| from revision 0x32 up to 0x35; | |
| - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in | |
| intel-ucode/06-bf-05) from revision 0x32 up to 0x35; | |
| - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in | |
| intel-ucode/06-bf-05) from revision 0x32 up to 0x35; | |
| - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05) | |
| from revision 0x32 up to 0x35; | |
| - Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x32 up | |
| to 0x35. | |
| - Update Intel CPU microcode to microcode-20231009 release, addresses | |
| CVE-2023-23583: | |
| - Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in | |
| intel-06-8c-01/intel-ucode/06-8c-01) from revision 0xac up to 0xb4; | |
| - Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003a5 | |
| up to 0xd0003b9; | |
| - Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000230 | |
| up to 0x1000268; | |
| - Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xbc | |
| up to 0xc2; | |
| - Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x2c up | |
| to 0x34; | |
| - Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x46 up | |
| to 0x4e; | |
| - Update of 06-8f-04/0x10 microcode from revision 0x2c000271 up to | |
| 0x2c000290; | |
| - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode from revision | |
| 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in | |
| intel-ucode/06-8f-04) from revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in | |
| intel-ucode/06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-04) from | |
| revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in | |
| intel-ucode/06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in | |
| intel-ucode/06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in | |
| intel-ucode/06-8f-04) from revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in | |
| intel-ucode/06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-05) from | |
| revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in | |
| intel-ucode/06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode from revision | |
| 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-05/0x87 (SPR-SP E2) microcode from revision 0x2b0004b1 | |
| up to 0x2b0004d0; | |
| - Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-05) from | |
| revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in | |
| intel-ucode/06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in | |
| intel-ucode/06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in | |
| intel-ucode/06-8f-05) from revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in | |
| intel-ucode/06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-06) from | |
| revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in | |
| intel-ucode/06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in | |
| intel-ucode/06-8f-06) from revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in | |
| intel-ucode/06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-06/0x10 microcode from revision 0x2c000271 up to | |
| 0x2c000290; | |
| - Update of 06-8f-06/0x87 (SPR-SP E3) microcode from revision 0x2b0004b1 | |
| up to 0x2b0004d0; | |
| - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in | |
| intel-ucode/06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in | |
| intel-ucode/06-8f-06) from revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in | |
| intel-ucode/06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in | |
| intel-ucode/06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in | |
| intel-ucode/06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in | |
| intel-ucode/06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision | |
| 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in | |
| intel-ucode/06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) from | |
| revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in | |
| intel-ucode/06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in | |
| intel-ucode/06-8f-08) from revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in | |
| intel-ucode/06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) from | |
| revision 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in | |
| intel-ucode/06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in | |
| intel-ucode/06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-8f-08/0x10 (SPR-HBM B3) microcode from revision | |
| 0x2c000271 up to 0x2c000290; | |
| - Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision | |
| 0x2b0004b1 up to 0x2b0004d0; | |
| - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision | |
| 0x2e up to 0x32; | |
| - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in | |
| intel-ucode/06-97-02) from revision 0x2e up to 0x32; | |
| - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) | |
| from revision 0x2e up to 0x32; | |
| - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02) | |
| from revision 0x2e up to 0x32; | |
| - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in | |
| intel-ucode/06-97-05) from revision 0x2e up to 0x32; | |
| - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x2e | |
| up to 0x32; | |
| - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) | |
| from revision 0x2e up to 0x32; | |
| - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05) | |
| from revision 0x2e up to 0x32; | |
| - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision | |
| 0x42c up to 0x430; | |
| - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in | |
| intel-ucode/06-9a-03) from revision 0x42c up to 0x430; | |
| - Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in | |
| intel-ucode/06-9a-04) from revision 0x42c up to 0x430; | |
| - Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x42c | |
| up to 0x430; | |
| - Update of 06-9a-04/0x40 (AZB A0) microcode from revision 0x4 up | |
| to 0x5; | |
| - Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x59 up | |
| to 0x5d; | |
| - Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x119 up | |
| to 0x11d; | |
| - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision | |
| 0x4119 up to 0x411c; | |
| - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in | |
| intel-ucode/06-ba-02) from revision 0x4119 up to 0x411c; | |
| - Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in | |
| intel-ucode/06-ba-03) from revision 0x4119 up to 0x411c; | |
| - Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4119 | |
| up to 0x411c; | |
| - Update of 06-be-00/0x11 (ADL-N A0) microcode from revision 0x11 up | |
| to 0x12; | |
| - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in | |
| intel-ucode/06-bf-02) from revision 0x2e up to 0x32; | |
| - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in | |
| intel-ucode/06-bf-02) from revision 0x2e up to 0x32; | |
| - Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x2e up | |
| to 0x32; | |
| - Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02) | |
| from revision 0x2e up to 0x32; | |
| - Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in | |
| intel-ucode/06-bf-05) from revision 0x2e up to 0x32; | |
| - Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in | |
| intel-ucode/06-bf-05) from revision 0x2e up to 0x32; | |
| - Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05) | |
| from revision 0x2e up to 0x32; | |
| - Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x2e up | |
| to 0x32. | |
| openldap-2.4.46-20.el8_10.x86_64.rpm | - Bump version to 2.4.46-20 |
| - Resolves: RHEL-35538 - Fix OpenSSL channel binding digest | |
| openldap-clients-2.4.46-20.el8_10.x86_64.rpm | - Bump version to 2.4.46-20 |
| - Resolves: RHEL-35538 - Fix OpenSSL channel binding digest | |
| python3-perf-4.18.0-553.27.1.el8_10.x86_64.rpm | - lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (Waiman Long) [RHEL-62139] {CVE-2024-47668} |
| - bonding: fix xfrm real_dev null pointer dereference (Hangbin Liu) [RHEL-57239] {CVE-2024-44989} | |
| - bonding: fix null pointer deref in bond_ipsec_offload_ok (Hangbin Liu) [RHEL-57233] {CVE-2024-44990} | |
| - bpf: Fix overrunning reservations in ringbuf (Viktor Malik) [RHEL-49414] {CVE-2024-41009} | |
| - xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CKI Backport Bot) [RHEL-49309] {CVE-2022-48773} | |
| - tty: tty_io: update timestamps on all device nodes (Aristeu Rozanski) [RHEL-55257] | |
| - tty: use 64-bit timstamp (Aristeu Rozanski) [RHEL-55257] | |
| - ELF: fix kernel.randomize_va_space double read (Rafael Aquini) [RHEL-60669] {CVE-2024-46826} | |
| - xfrm: set dst dev to blackhole_netdev instead of loopback_dev in ifdown (Xin Long) [RHEL-58100] | |
| - loopback: fix lockdep splat (Xin Long) [RHEL-58100] | |
| - blackhole_netdev: use blackhole_netdev to invalidate dst entries (Xin Long) [RHEL-58100] | |
| - loopback: create blackhole net device similar to loopack. (Xin Long) [RHEL-58100] | |
| - ethtool: check device is present when getting link settings (Jamie Bainbridge) [RHEL-57002] | |
| - netfilter: nft_set_pipapo: do not free live element (Phil Sutter) [RHEL-34221] {CVE-2024-26924} | |
| - netfilter: nf_tables: missing iterator type in lookup walk (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nft_set_pipapo: walk over current view on netlink dump (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nftables: add helper function to flush set elements (Phil Sutter) [RHEL-35033] {CVE-2024-27017} | |
| - netfilter: nf_tables: prefer nft_chain_validate (Phil Sutter) [RHEL-51040] {CVE-2024-41042} | |
| - netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (Phil Sutter) [RHEL-51516] {CVE-2024-42070} | |
| - netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (Phil Sutter) [RHEL-43003] {CVE-2024-35898} | |
| - netfilter: ipset: Fix suspicious rcu_dereference_protected() (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: ipset: Add list flush to cancel_gc (Phil Sutter) [RHEL-47606] {CVE-2024-39503} | |
| - netfilter: nf_conntrack_h323: Add protection for bmp length out of range (Phil Sutter) [RHEL-42680] {CVE-2024-26851} | |
| - netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - dev/parport: fix the array out-of-bounds risk (Steve Best) [RHEL-54985] {CVE-2024-42301} | |
| - KVM: Always flush async #PF workqueue when vCPU is being destroyed (Sean Christopherson) [RHEL-35100] {CVE-2024-26976} | |
| - bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (Kamal Heib) [RHEL-44279] {CVE-2024-38540} | |
| - tipc: Return non-zero value from tipc_udp_addr2str() on error (Xin Long) [RHEL-55069] {CVE-2024-42284} | |
| - Bluetooth: Fix TOCTOU in HCI debugfs implementation (CKI Backport Bot) [RHEL-26831] {CVE-2024-24857} | |
| - drm/i915/dpt: Make DPT object unshrinkable (CKI Backport Bot) [RHEL-47856] {CVE-2024-40924} | |
| - tipc: force a dst refcount before doing decryption (Xin Long) [RHEL-48363] {CVE-2024-40983} | |
| - block: initialize integrity buffer to zero before writing it to media (Ming Lei) [RHEL-54763] {CVE-2024-43854} | |
| - gso: do not skip outer ip header in case of ipip and net_failover (CKI Backport Bot) [RHEL-55790] {CVE-2022-48936} | |
| - drm/amdgpu: avoid using null object of framebuffer (CKI Backport Bot) [RHEL-51405] {CVE-2024-41093} | |
| - ipv6: prevent possible NULL deref in fib6_nh_init() (Guillaume Nault) [RHEL-48170] {CVE-2024-40961} | |
| - mlxsw: spectrum_acl_erp: Fix object nesting warning (CKI Backport Bot) [RHEL-55568] {CVE-2024-43880} | |
| - ibmvnic: Add tx check to prevent skb leak (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066} | |
| - ibmvnic: rename local variable index to bufidx (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066} | |
| - netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} | |
| - USB: serial: mos7840: fix crash on resume (CKI Backport Bot) [RHEL-53680] {CVE-2024-42244} | |
| - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (CKI Backport Bot) [RHEL-48381] {CVE-2024-40984} | |
| - nouveau: lock the client object tree. (Abdiel Janulgue) [RHEL-35118] {CVE-2024-27062} | |
| - cifs: fix deadlock between reconnect and lease break (Paulo Alcantara) [RHEL-58037] | |
| - ACPI: PAD: fix crash in exit_round_robin() (Mark Langsdorf) [RHEL-56156] | |
| - gfs2: Randomize GLF_VERIFY_DELETE work delay (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Use mod_delayed_work in gfs2_queue_try_to_evict (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Update to the evict / remote delete documentation (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Clean up delete work processing (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Return enum evict_behavior from gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename dinode_demise to evict_behavior (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename GIF_{DEFERRED -> DEFER}_DELETE (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Faster gfs2_upgrade_iopen_glock wakeups (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Fix unlinked inode cleanup (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Initialize gl_no_formal_ino earlier (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename GLF_VERIFY_EVICT to GLF_VERIFY_DELETE (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: make timeout values more explicit (Wolfram Sang) [RHEL-35757] | |
| - gfs2: Simplify function gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Rename SDF_DEACTIVATING to SDF_KILL (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: Cease delete work during unmount (Bob Peterson) [RHEL-35757] | |
| - gfs2: Improve gfs2_upgrade_iopen_glock comment (Andreas Gruenbacher) [RHEL-35757] | |
| - gfs2: nit: gfs2_drop_inode shouldn't return bool (Bob Peterson) [RHEL-35757] | |
| - dmaengine: fix NULL pointer in channel unregistration function (Jerry Snitselaar) [RHEL-28867] {CVE-2023-52492} | |
| - dma-direct: Leak pages on dma_set_decrypted() failure (Jerry Snitselaar) [RHEL-37335] {CVE-2024-35939} | |
| - nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (Olga Kornievskaia) [RHEL-41075] | |
| - NFSv4: Always ask for type with READDIR (Benjamin Coddington) [RHEL-39397] | |
| - cifs: get rid of unneeded conditional in cifs_get_num_sgs() (Paulo Alcantara) [RHEL-60251] | |
| - cifs: Get rid of unneeded conditional in the smb2_get_aead_req() (Paulo Alcantara) [RHEL-60251] | |
| - cifs: Remove duplicated include in cifsglob.h (Paulo Alcantara) [RHEL-60251] | |
| - cifs: fix oops during encryption (Paulo Alcantara) [RHEL-60251] | |
| - cifs: do not set WorkstationName in NTLMSSP auth blob (Paulo Alcantara) [RHEL-56729] | |
| - padata: Fix possible divide-by-0 panic in padata_mt_helper() (Steve Best) [RHEL-56162] {CVE-2024-43889} | |
| - i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR (CKI Backport Bot) [RHEL-57000] | |
| - sctp: Fix null-ptr-deref in reuseport_add_sock(). (Xin Long) [RHEL-56234] {CVE-2024-44935} | |
| - net/mlx5e: Fix netif state handling (Michal Schmidt) [RHEL-43864] {CVE-2024-38608} | |
| - net/mlx5e: Add wrapping for auxiliary_driver ops and remove unused args (Michal Schmidt) [RHEL-43864] {CVE-2024-38608} | |
| - r8169: Fix possible ring buffer corruption on fragmented Tx packets. (cki-backport-bot) [RHEL-44031] {CVE-2024-38586} | |
| - netfilter: flowtable: initialise extack before use (Florian Westphal) [RHEL-58542] {CVE-2024-45018} | |
| - memcg: protect concurrent access to mem_cgroup_idr (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - memcontrol: ensure memcg acquired by id is properly set up (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - mm: memcontrol: fix cannot alloc the maximum memcg ID (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - mm/memcg: minor cleanup for MEM_CGROUP_ID_MAX (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} | |
| - ice: Add netif_device_attach/detach into PF reset flow (CKI Backport Bot) [RHEL-23676] | |
| - Adding prod certs and changed cert date to 20210620 (Sherif Nagy) | |
| - Adding Rocky secure boot certs (Sherif Nagy) | |
| - Fixing vmlinuz removal (Sherif Nagy) | |
| - Fixing UEFI CA path (Sherif Nagy) | |
| - Porting to 8.10, debranding and Rocky branding (Louis Abel) | |
| - Fixing pesign_key_name values (Sherif Nagy) | |
| - Adding prod certs and changed cert date to 20210620 (Sherif Nagy) | |
| - Adding Rocky secure boot certs (Sherif Nagy) | |
| - Fixing vmlinuz removal (Sherif Nagy) | |
| - Fixing UEFI CA path (Sherif Nagy) | |
| - Porting to 8.10, debranding and Rocky branding (Louis Abel) | |
| - Fixing pesign_key_name values (Sherif Nagy) | |
| - cifs: modefromsids must add an ACE for authenticated users (Paulo Alcantara) [RHEL-56052] | |
| - cifs: do not use uninitialized data in the owner/group sid (Paulo Alcantara) [RHEL-56052] | |
| - cifs: fix set of group SID via NTSD xattrs (Paulo Alcantara) [RHEL-56052] | |
| - smb3: correct smb3 ACL security descriptor (Paulo Alcantara) [RHEL-56052] | |
| - smb3: fix possible access to uninitialized pointer to DACL (Paulo Alcantara) [RHEL-56052] | |
| - cifs: remove two cases where rc is set unnecessarily in sid_to_id (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix chmod with modefromsid when an older ACE already exists. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: update new ACE pointer after populate_new_aces. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: If a corrupted DACL is returned by the server, bail out. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: cleanup a few le16 vs. le32 uses in cifsacl.c (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Change SIDs in ACEs while transferring file ownership. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Retain old ACEs when converting between mode bits and ACL. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix cifsacl ACE mask for group and others. (Paulo Alcantara) [RHEL-56052] | |
| - Add SMB 2 support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052] | |
| - SMB3: Add support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Enable sticky bit with cifsacl mount option. (Paulo Alcantara) [RHEL-56052] | |
| - cifs: Fix unix perm bits to cifsacl conversion for "other" bits. (Paulo Alcantara) [RHEL-56052] | |
| - drm/i915/gt: Fix potential UAF by revoke of fence registers (Mika Penttilä) [RHEL-53633] {CVE-2024-41092} | |
| - scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (Dick Kennedy) [RHEL-27224] | |
| - kobject_uevent: Fix OOB access within zap_modalias_env() (Rafael Aquini) [RHEL-55000] {CVE-2024-42292} | |
| - gfs2: Fix NULL pointer dereference in gfs2_log_flush (Andrew Price) [RHEL-51553] {CVE-2024-42079} | |
| - of: module: add buffer overflow check in of_modalias() (Charles Mirabile) [RHEL-44267] {CVE-2024-38541} | |
| resource-agents-4.9.0-54.el8_10.5.x86_64.rpm | - nfsserver: also stop rpc-statd for nfsv4_only to avoid stop failing |
| in some cases | |
| Resolves: RHEL-61138 | |
| rsyslog-8.2102.0-15.el8_10.1.x86_64.rpm | - Propagate gnutlsPriorityString when accepting new connection |
| resolves: RHEL-54663 | |
| tzdata-2024b-4.el8.noarch.rpm | - Harden against links to removed zones (RHEL-59542) |
| - Add copyright, patch attribution and build dependencies for | |
| the previous commit. (RHEL-59542) | |
| - Update to tzdata-2024b | |
| - Improve historical data for Mexico, Mongolia, and Portugal. | |
| - System V names are now obsolescent. | |
| - The main data form now uses %z. | |
| - The code now conforms to RFC 8536 for early timestamps. | |
| - Support POSIX.1-2024, which removes asctime_r and ctime_r. | |
| - Assume POSIX.2-1992 or later for shell scripts. | |
| - SUPPORT_C89 now defaults to 1. | |
| - Include two upstream patches for month names as in April vs Apr. | |
| - Bump release and rebuild to fix a build issue. | |
| tzdata-java-2024b-4.el8.noarch.rpm | - Harden against links to removed zones (RHEL-59542) |
| - Add copyright, patch attribution and build dependencies for | |
| the previous commit. (RHEL-59542) | |
| - Update to tzdata-2024b | |
| - Improve historical data for Mexico, Mongolia, and Portugal. | |
| - System V names are now obsolescent. | |
| - The main data form now uses %z. | |
| - The code now conforms to RFC 8536 for early timestamps. | |
| - Support POSIX.1-2024, which removes asctime_r and ctime_r. | |
| - Assume POSIX.2-1992 or later for shell scripts. | |
| - SUPPORT_C89 now defaults to 1. | |
| - Include two upstream patches for month names as in April vs Apr. | |
| - Bump release and rebuild to fix a build issue. | |
| xorg-x11-server-Xorg-1.20.11-25.el8_10.x86_64.rpm | - CVE fix for CVE-2024-9632 |
| xorg-x11-server-common-1.20.11-25.el8_10.x86_64.rpm | - CVE fix for CVE-2024-9632 |
×