!1557 release 4.19.90-2405.1.0

From: @chenyi211 Reviewed-by: @Lostwayzxc Signed-off-by: @Lostwayzxc
2024-05-08 03:46:26 +00:00 · 2024-05-08 03:46:26 +00:00 · c4698b2a40
commit c4698b2a40
parent e8148152c4 aa908b162c
2 changed files with 114 additions and 3 deletions
--- a/2
+++ b/2
@ -1 +1 @@
-4.19.90-2404.3.0
+4.19.90-2405.1.0
--- a/kernel.spec
+++ b/kernel.spec
@ -12,7 +12,7 @@

 %global KernelVer %{version}-%{release}.%{_target_cpu}

-%global hulkrelease 2404.3.0
+%global hulkrelease 2405.1.0

 %define with_patch 1

@ -32,7 +32,7 @@

 Name:	 kernel
 Version: 4.19.90
-Release: %{hulkrelease}.0274
+Release: %{hulkrelease}.0275
 Summary: Linux Kernel
 License: GPLv2
 URL:	 http://www.kernel.org/
@ -850,6 +850,117 @@ fi

 %changelog

+* Tue May 07 2024 chenyi <chenyi211@huawei.com> - 4.19.90-2405.1.0.0275
+- !6858  CVE-2024-26883
+- !6836  fs: sysfs: Fix reference leak in sysfs_break_active_protection()
+- !6845  erofs: fix pcluster use-after-free on UP platforms
+- !6827  fat: fix uninitialized field in nostale filehandles
+- !6807  CVE-2024-26923
+- !6847  ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc()
+- bpf: Fix stackmap overflow check on 32-bit arches
+- bpf: Check for integer overflow when using roundup_pow_of_two()
+- !6758  CVE-2022-48664
+- ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc()
+- erofs: fix pcluster use-after-free on UP platforms
+- fs: sysfs: Fix reference leak in sysfs_break_active_protection()
+- !6795  rtmutex: Add acquire semantics for rtmutex lock acquisition slow path
+- fat: fix uninitialized field in nostale filehandles
+- !6777  tun: Fix xdp_rxq_info's queue_index when detaching
+- !6803  scsi: target: core: Add TMF to tmr_list handling
+- af_unix: Suppress false-positive lockdep splat for spin_lock() in __unix_gc().
+- af_unix: Fix garbage collector racing against connect()
+- scsi: target: core: Add TMF to tmr_list handling
+- !6705  quota: fix CVE-2024-26878
+- rtmutex: Add acquire semantics for rtmutex lock acquisition slow path
+- tun: Fix xdp_rxq_info's queue_index when detaching
+- !6674  cifs: fix underflow in parse_server_interfaces()
+- !6494 v2  oom_kill.c: futex: delay the OOM reaper to allow time for proper futex cleanup
+- !6745  PCI/IOV: Improve performance of creating VFs concurrently
+- !6754  binder: check offset alignment in binder_get_object()
+- !6746 v3  openEuler-1.0-LTS: bugfix for mm
+- !6716  CVE-2024-26922
+- btrfs: fix hang during unmount when stopping a space reclaim worker
+- Btrfs: fix crash during unmount due to race with delayed inode workers
+- binder: check offset alignment in binder_get_object()
+- !6652  geneve: make sure to pull inner header in geneve_rx()
+- mm/madvise: fix potential pte_unmap_unlock pte error
+- PCI/IOV: Improve performance of creating VFs concurrently
+- !6664  drm/bridge: adv7511: fix crash on irq during probe
+- !6653  net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
+- !6510  cachefiles: fix memory leak in cachefiles_add_cache()
+- drm/amdgpu: validate the parameters of bo mapping operations more clearly
+- amdgpu: validate offset_in_bo of drm_amdgpu_gem_va
+- drm/amdgpu: restrict bo mapping within gpu address limits
+- drm/amdgpu: check alignment on CPU page for bo map
+- quota: Fix potential NULL pointer dereference
+- quota: check time limit when back out space/inode change
+- quota: code cleanup for __dquot_alloc_space()
+- !6662  sched/rt: Disallow writing invalid values to sched_rt_period_us
+- !6661  sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset
+- !6659  sched/rt: Fix sysctl_sched_rr_timeslice intial value
+- !6578  drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip
+- !6641  CVE-2024-26863
+- cifs: fix underflow in parse_server_interfaces()
+- !6646  fix race between rebuild scheduler domains and hotplug work
+- drm/bridge: adv7511: fix crash on irq during probe
+- sched/rt: Disallow writing invalid values to sched_rt_period_us
+- sched/rt: sysctl_sched_rr_timeslice show default timeslice after reset
+- sched/rt: Fix sysctl_sched_rr_timeslice intial value
+- !6642 v3  x86/hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails
+- net/ipv6: avoid possible UAF in ip6_route_mpath_notify()
+- geneve: make sure to pull inner header in geneve_rx()
+- !6621  amdkfd: use calloc instead of kzalloc to avoid integer overflow
+- cpuset: fix race between rebuild scheduler domains and hotplug work
+- !6617  net/bnx2x: Prevent access to a freed page in page_pool
+- !6611  net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv()
+- x86/hyperv: Fix NULL deref in set_hv_tscchange_cb() if Hyper-V setup fails
+- hsr: Fix uninit-value access in hsr_get_node()
+- net: hsr: fix placement of logical operator in a multi-line statement
+- !6397  btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve
+- !6616  drm/amdgpu: Reset IH OVERFLOW_CLEAR bit
+- amdkfd: use calloc instead of kzalloc to avoid integer overflow
+- net/bnx2x: Prevent access to a freed page in page_pool
+- drm/amdgpu: Reset IH OVERFLOW_CLEAR bit
+- net: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv()
+- !6525 v2  CVE-2024-24860 bugfix
+- !6478  do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
+- !6582  ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()
+- !6577  media: rc: bpf attach/detach requires write permission
+- !6560  IB/hfi1: Fix a memleak in init_credit_return
+- !6420  tty: fix read of tty->pgrp outside of ctrl_lock
+- !6436  dm: call the resume method on internal suspend
+- !6562  nfc: nci: free rx_data_reassembly skb on NCI device cleanup
+- !6481  CVE-2024-26875
+- ACPI: processor_idle: Fix memory leak in acpi_processor_power_exit()
+- drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip
+- media: rc: bpf attach/detach requires write permission
+- !6495  RDMA/srpt: Do not register event handler until srpt device is fully setup
+- !6457  CVE-2024-26813
+- nfc: nci: free rx_data_reassembly skb on NCI device cleanup
+- IB/hfi1: Fix a memleak in init_credit_return
+- !6517  scsi: lpfc: Fix link down processing to address NULL pointer dereference
+- !6521  netfilter: nf_conntrack_h323: Add protection for bmp length out of range
+- !6454  CVE-2021-47182
+- Bluetooth: Fix atomicity violation in {min,max}_key_size_set
+- Bluetooth: Move {min,max}_key_size debugfs into hci_debugfs_create_le
+- netfilter: nf_conntrack_h323: Add protection for bmp length out of range
+- scsi: lpfc: Fix link down processing to address NULL pointer dereference
+- cachefiles: fix memory leak in cachefiles_add_cache()
+- RDMA/srpt: Do not register event handler until srpt device is fully setup
+- mm: oom_kill: fix KABI broken by "oom_kill.c: futex: delay the OOM reaper to allow time for proper futex cleanup"
+- oom_kill.c: futex: delay the OOM reaper to allow time for proper futex cleanup
+- sched: Allocate a new task_struct_resvd object for fork task
+- media: pvrusb2: fix uaf in pvr2_context_set_notify
+- do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
+- vfio/platform: Create persistent IRQ handlers
+- vfio/platform: Disable virqfds on cleanup
+- scsi: core: Fix scsi_mode_sense() buffer length handling
+- scsi: core: Reshuffle response handling in scsi_mode_sense()
+- scsi: core: Fixup calling convention for scsi_mode_sense()
+- dm: call the resume method on internal suspend
+- tty: fix read of tty->pgrp outside of ctrl_lock
+- btrfs: fix data race at btrfs_use_block_rsv() when accessing block reserve
+
 * Wed Apr 24 2024 chenyi <chenyi211@huawei.com> - 4.19.90-2404.3.0.0274
 - !6313  fixup CVE-2024-26908
 - !6447  can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock