kernel-debug-devel-2.6.32-754.35.1.el6.i686
[10.8 MiB] |
Changelog
by Denys Vlasenko (2020-09-16):
- [ata] libata: fix NULL sdev dereference race in atapi_qc_complete() (Kenneth Yin) [1876296]
|
kernel-debug-devel-2.6.32-754.33.1.el6.i686
[10.8 MiB] |
Changelog
by Denys Vlasenko (2020-08-10):
- [message] scsi: mptscsih: Fix read sense data size (Tomas Henzl) [1824907]
|
kernel-debug-devel-2.6.32-754.31.1.el6.i686
[10.8 MiB] |
Changelog
by Denys Vlasenko (2020-06-15):
- [x86] x86/speculation: Provide SRBDS late microcode loading support (Waiman Long) [1827185] {CVE-2020-0543}
- [documentation] x86/speculation: Add Ivy Bridge to affected list (Waiman Long) [1827185] {CVE-2020-0543}
- [documentation] x86/speculation: Add SRBDS vulnerability and mitigation documentation (Waiman Long) [1827185] {CVE-2020-0543}
- [x86] x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Waiman Long) [1827185] {CVE-2020-0543}
- [x86] x86/cpu: Add 'table' argument to cpu_matches() (Waiman Long) [1827185] {CVE-2020-0543}
- [x86] x86/cpu: Add a steppings field to struct x86_cpu_id (Waiman Long) [1827185] {CVE-2020-0543}
- [x86] x86/cpu/bugs: Convert to new matching macros (Waiman Long) [1827185] {CVE-2020-0543}
- [x86] x86/cpu: Add consistent CPU match macros (Waiman Long) [1827185] {CVE-2020-0543}
- [x86] x86/devicetable: Move x86 specific macro out of generic code (Waiman Long) [1827185] {CVE-2020-0543}
- [netdrv] bonding/802.3ad: fix link_failure_count tracking (Patrick Talbert) [1841819]
- [mm] mm: migration: add migrate_entry_wait_huge() (Waiman Long) [1839653]
- [powerpc] powerpc/book3s64: Fix link stack flush on context switch (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64s: support nospectre_v2 cmdline option (Gustavo Duarte) [1796810]
- [powerpc] powerpc/security: Fix spectre_v2 reporting (Gustavo Duarte) [1796810]
- [powerpc] powerpc/fsl: Update Spectre v2 reporting (Gustavo Duarte) [1796810]
- [powerpc] powerpc/fsl: Add nospectre_v2 command line argument (Gustavo Duarte) [1796810]
- [powerpc] powerpc/fsl: Fix spectre_v2 mitigations reporting (Gustavo Duarte) [1796810]
- [powerpc] powerpc/pseries: Query hypervisor for count cache flush settings (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64s: Add support for software count cache flush (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64s: Add new security feature flags for count cache flush (Gustavo Duarte) [1796810]
- [powerpc] powerpc/asm: Add a patch_site macro & helpers for patching instructions (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64: Make meltdown reporting Book3S 64 specific (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64: Call setup_barrier_nospec() from setup_arch() (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64: Add CONFIG_PPC_BARRIER_NOSPEC (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64: Make stf barrier PPC_BOOK3S_64 specific (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64: Disable the speculation barrier from the command line (Gustavo Duarte) [1796810]
- [powerpc] powerpc64s: Show ori31 availability in spectre_v1 sysfs file not v2 (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64s: Enhance the information in cpu_show_spectre_v1() (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64: Use barrier_nospec in syscall entry (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64s: Enable barrier_nospec based on firmware settings (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64s: Patch barrier_nospec in modules (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64s: Add support for ori barrier_nospec patching (Gustavo Duarte) [1796810]
- [powerpc] powerpc/64s: Add barrier_nospec (Gustavo Duarte) [1796810]
- [powerpc] powerpc: Add helper to check if offset is within relative branch range (Gustavo Duarte) [1796810]
- [powerpc] powerpc: Have patch_instruction detect faults (Gustavo Duarte) [1796810]
- [powerpc] powerpc: Introduce asm-prototypes.h (Gustavo Duarte) [1796810]
- [powerpc] powerpc: Move local setup.h declarations to arch includes (Gustavo Duarte) [1796810]
|
kernel-debug-devel-2.6.32-754.30.2.el6.i686
[10.8 MiB] |
Changelog
by Denys Vlasenko (2020-05-29):
- x86/speculation: Provide SRBDS late microcode loading support (Waiman Long)
- [documentation] x86/speculation: Add Ivy Bridge to affected list (Waiman Long) [1827185] {CVE-2020-0543}
- [documentation] x86/speculation: Add SRBDS vulnerability and mitigation documentation (Waiman Long) [1827185] {CVE-2020-0543}
- [x86] x86/speculation: Add Special Register Buffer Data Sampling (SRBDS) mitigation (Waiman Long) [1827185] {CVE-2020-0543}
- [x86] x86/cpu: Add 'table' argument to cpu_matches() (Waiman Long) [1827185] {CVE-2020-0543}
- [x86] x86/cpu: Add a steppings field to struct x86_cpu_id (Waiman Long) [1827185] {CVE-2020-0543}
- [x86] x86/cpu/bugs: Convert to new matching macros (Waiman Long) [1827185] {CVE-2020-0543}
- [x86] x86/cpu: Add consistent CPU match macros (Waiman Long) [1827185] {CVE-2020-0543}
- [x86] x86/devicetable: Move x86 specific macro out of generic code (Waiman Long) [1827185] {CVE-2020-0543}
|
kernel-debug-devel-2.6.32-754.29.2.el6.i686
[10.8 MiB] |
Changelog
by Denys Vlasenko (2020-05-07):
- [net] netlabel: cope with NULL catmap (Paolo Abeni) [1827226] {CVE-2020-10711}
|
kernel-debug-devel-2.6.32-754.29.1.el6.i686
[10.8 MiB] |
Changelog
by Denys Vlasenko (2020-03-12):
- [wireless] rtlwifi: Fix potential overflow on P2P code (Jarod Wilson) [1775226] {CVE-2019-17666}
- [x86] mm: revert x86_64 and arm64 ELF_ET_DYN_BASE base changes (Denys Vlasenko) [1485759]
- [powerpc] powerpc: move ELF_ET_DYN_BASE to 4GB / 4MB (Denys Vlasenko) [1485759]
- binfmt_elf: use ELF_ET_DYN_BASE only for PIE (Denys Vlasenko) [1485759]
- [powerpc] powerpc: Use generic PIE randomization (Denys Vlasenko) [1485759]
|
kernel-debug-devel-2.6.32-754.28.1.el6.i686
[10.8 MiB] |
Changelog
by Denys Vlasenko (2020-01-31):
- [netdrv] ixgbevf: Use cached link state instead of re-reading the value for ethtool (Ken Cox) [1795404]
- [isdn] mISDN: enforce CAP_NET_RAW for raw sockets (Andrea Claudi) [1779473] {CVE-2019-17055}
- [net] cfg80211: wext: avoid copying malformed SSIDs (Jarod Wilson) [1778625] {CVE-2019-17133}
- [netdrv] bonding: speed/duplex update at NETDEV_UP event (Patrick Talbert) [1772779]
- [netdrv] bonding: make speed, duplex setting consistent with link state (Patrick Talbert) [1772779]
- [netdrv] bonding: simplify / unify event handling code for 3ad mode (Patrick Talbert) [1772779]
- [netdrv] bonding: unify all places where actor-oper key needs to be updated (Patrick Talbert) [1772779]
- [netdrv] bonding: simple code refactor (Patrick Talbert) [1772779]
|
kernel-debug-devel-2.6.32-754.25.1.el6.i686
[10.8 MiB] |
Changelog
by Denys Vlasenko (2019-11-20):
- [kvm] KVM: VMX: Set VMENTER_L1D_FLUSH_NOT_REQUIRED if !X86_BUG_L1TF (Waiman Long) [1733760]
- [virt] KVM: coalesced_mmio: add bounds checking (Bandan Das) [1746799] {CVE-2019-14821}
- [virt] KVM: MMIO: Lock coalesced device when checking for available entry (Bandan Das) [1746799] {CVE-2019-14821}
- [scsi] scsi: bnx2fc: Handle scope bits when array returns BUSY or TSF (Nilesh Javali) [1749512]
- [scsi] scsi: bnx2fc: remove set but not used variables 'task', 'port', 'orig_task' (Nilesh Javali) [1749512]
- [scsi] scsi: bnx2fc: remove set but not used variables 'lport', 'host' (Nilesh Javali) [1749512]
- [security] KEYS: prevent creating a different user's keyrings (David Howells) [1537371]
- [documentation] Documentation: Add ITLB_MULTIHIT documentation (Paolo Bonzini) [1692385] {CVE-2018-12207}
- [kvm] KVM: introduce no_huge_pages module parameter (Paolo Bonzini) [1692385] {CVE-2018-12207}
- [x86] x86: Add ITLB_MULTIHIT bug infrastructure (Paolo Bonzini) [1692385] {CVE-2018-12207}
- [x86] x86/spec_ctrl/taa: Enable TAA status change after late microcode (Waiman Long) [1766531] {CVE-2019-11135}
- [documentation] x86/speculation/taa: Add documentation for TSX Async Abort (Waiman Long) [1766531] {CVE-2019-11135}
- [base] x86/speculation/taa: Add sysfs reporting for TSX Async Abort (Waiman Long) [1766531] {CVE-2019-11135}
- [x86] x86/speculation/taa: Add mitigation for TSX Async Abort (Waiman Long) [1766531] {CVE-2019-11135}
- [x86] x86/cpu: Add a helper function x86_read_arch_cap_msr() (Waiman Long) [1766531] {CVE-2019-11135}
- [x86] x86/msr: Add the IA32_TSX_CTRL MSR (Waiman Long) [1766531] {CVE-2019-11135}
- [drm] drm/i915/cmdparser: Fix jump whitelist clearing (Denys Vlasenko) [1756891] {CVE-2019-0155}
- [drm] drm/i915: Lower RM timeout to avoid DSI hard hangs (Dave Airlie) [1756824] {CVE-2019-0154}
- [drm] drm/i915/gen8+: Add RC6 CTX corruption WA (Dave Airlie) [1756824] {CVE-2019-0154}
- [drm] drm/i915/cmdparser: Ignore Length operands during command matching (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915/cmdparser: Add support for backward jumps (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915: Add gen9 BCS cmdparsing (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915: Allow parsing of unsized batches (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915: Support ro ppgtt mapped cmdparser shadow buffers (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915: Add support for mandatory cmdparsing (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915: Remove Master tables from cmdparser (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915: Disable Secure Batches for gen6+ (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915: Rename gen7 cmdparser tables (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915/gtt: Disable read-only support under GVT (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] erm/i915/gtt: Read-only pages for insert_entries on bdw+ (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915/gtt: Add read only pages to gen8_pte_encode (Dave Airlie) [1756891] {CVE-2019-0155}
|
kernel-debug-devel-2.6.32-754.24.3.el6.i686
[10.8 MiB] |
Changelog
by Denys Vlasenko (2019-11-12):
- [drm] drm/i915/cmdparser: Fix jump whitelist clearing (Denys Vlasenko) [1756891] {CVE-2019-0155}
|
kernel-debug-devel-2.6.32-754.24.2.el6.i686
[10.8 MiB] |
Changelog
by Denys Vlasenko (2019-11-06):
- [documentation] Documentation: Add ITLB_MULTIHIT documentation (Paolo Bonzini) [1692385] {CVE-2018-12207}
- [kvm] KVM: introduce no_huge_pages module parameter (Paolo Bonzini) [1692385] {CVE-2018-12207}
- [x86] x86: Add ITLB_MULTIHIT bug infrastructure (Paolo Bonzini) [1692385] {CVE-2018-12207}
- [x86] x86/spec_ctrl/taa: Enable TAA status change after late microcode (Waiman Long) [1766531] {CVE-2019-11135}
- [documentation] x86/speculation/taa: Add documentation for TSX Async Abort (Waiman Long) [1766531] {CVE-2019-11135}
- [base] x86/speculation/taa: Add sysfs reporting for TSX Async Abort (Waiman Long) [1766531] {CVE-2019-11135}
- [x86] x86/speculation/taa: Add mitigation for TSX Async Abort (Waiman Long) [1766531] {CVE-2019-11135}
- [x86] x86/cpu: Add a helper function x86_read_arch_cap_msr() (Waiman Long) [1766531] {CVE-2019-11135}
- [x86] x86/msr: Add the IA32_TSX_CTRL MSR (Waiman Long) [1766531] {CVE-2019-11135}
- [drm] drm/i915: Lower RM timeout to avoid DSI hard hangs (Dave Airlie) [1756824] {CVE-2019-0154}
- [drm] drm/i915/gen8+: Add RC6 CTX corruption WA (Dave Airlie) [1756824] {CVE-2019-0154}
- [drm] drm/i915/cmdparser: Ignore Length operands during command matching (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915/cmdparser: Add support for backward jumps (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915: Add gen9 BCS cmdparsing (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915: Allow parsing of unsized batches (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915: Support ro ppgtt mapped cmdparser shadow buffers (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915: Add support for mandatory cmdparsing (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915: Remove Master tables from cmdparser (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915: Disable Secure Batches for gen6+ (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915: Rename gen7 cmdparser tables (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915/gtt: Disable read-only support under GVT (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] erm/i915/gtt: Read-only pages for insert_entries on bdw+ (Dave Airlie) [1756891] {CVE-2019-0155}
- [drm] drm/i915/gtt: Add read only pages to gen8_pte_encode (Dave Airlie) [1756891] {CVE-2019-0155}
|
kernel-debug-devel-2.6.32-754.23.1.el6.i686
[10.8 MiB] |
Changelog
by Denys Vlasenko (2019-09-17):
- [vhost] vhost: make sure log_num < in_num (Eugenio Perez) [1750869 1750869] {CVE-2019-14835}
|
kernel-debug-devel-2.6.32-754.22.1.el6.i686
[10.8 MiB] |
Changelog
by Denys Vlasenko (2019-08-16):
- [scsi] scsi: megaraid_sas: return error when create DMA pool failed (Tomas Henzl) [1712858] {CVE-2019-11810}
- [net] net: Set sk_prot_creator when copying sockets to the right proto (Andrea Claudi) [1657117] {CVE-2018-9568}
|
kernel-debug-devel-2.6.32-754.18.2.el6.i686
[10.8 MiB] |
Changelog
by Phillip Lougher (2019-07-25):
- [x86] x86/speculation: Enable Spectre v1 swapgs mitigations (Waiman Long) [1724512] {CVE-2019-1125}
- [x86] x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations (Waiman Long) [1724512] {CVE-2019-1125}
|
kernel-debug-devel-2.6.32-754.17.1.el6.i686
[10.8 MiB] |
Changelog
by Phillip Lougher (2019-06-20):
- [net] tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (Florian Westphal) [1719614] {CVE-2019-11479}
- [net] tcp: add tcp_min_snd_mss sysctl (Florian Westphal) [1719614] {CVE-2019-11479}
- [net] tcp: tcp_fragment() should apply sane memory limits (Florian Westphal) [1719840] {CVE-2019-11478}
- [net] tcp: limit payload size of sacked skbs (Florian Westphal) [1719585] {CVE-2019-11477}
- [net] tcp: pass previous skb to tcp_shifted_skb() (Florian Westphal) [1719585] {CVE-2019-11477}
- [lib] idr: free the top layer if idr tree has the maximum height (Denys Vlasenko) [1698139] {CVE-2019-3896}
- [lib] idr: fix top layer handling (Denys Vlasenko) [1698139] {CVE-2019-3896}
- [lib] idr: fix backtrack logic in idr_remove_all (Denys Vlasenko) [1698139] {CVE-2019-3896}
|
kernel-debug-devel-2.6.32-754.15.3.el6.i686
[10.8 MiB] |
Changelog
by Phillip Lougher (2019-06-13):
- [net] tcp: enforce tcp_min_snd_mss in tcp_mtu_probing() (Florian Westphal) [1719614] {CVE-2019-11479}
- [net] tcp: add tcp_min_snd_mss sysctl (Florian Westphal) [1719614] {CVE-2019-11479}
- [net] tcp: tcp_fragment() should apply sane memory limits (Florian Westphal) [1719840] {CVE-2019-11478}
- [net] tcp: limit payload size of sacked skbs (Florian Westphal) [1719585] {CVE-2019-11477}
- [net] tcp: pass previous skb to tcp_shifted_skb() (Florian Westphal) [1719585] {CVE-2019-11477}
|
kernel-debug-devel-2.6.32-754.14.2.el6.i686
[10.8 MiB] |
Changelog
by Phillip Lougher (2019-04-24):
- [x86] x86/speculation/mds: Add SMT warning message (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mds=full, nosmt cmdline option (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Remove redundant arch_smt_update() invocation (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/spec_ctrl: Add debugfs x86/smt_present file (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/spec_ctrl: Update MDS mitigation status after late microcode load (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [documentation] Documentation: Add MDS vulnerability documentation (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [documentation] Documentation: Move L1TF to separate directory (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mitigation mode VMWERV (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add sysfs reporting for MDS (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mitigation control for MDS (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Conditionally clear CPU buffers on idle entry (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [kvm] x86/kvm/vmx: Add MDS protection when L1D Flush is not active (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Clear CPU buffers on exit to user (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add mds_clear_cpu_buffers() (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [kvm] x86/kvm: Expose X86_FEATURE_MD_CLEAR to guests (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add BUG_MSBDS_ONLY (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation/mds: Add basic bug infrastructure for MDS (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Consolidate CPU whitelists (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/l1tf: Show actual SMT state (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Simplify sysfs report of VMX L1TF vulnerability (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/cpu: Sanitize FAM6_ATOM naming (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [kernel] sched/smt: Provide sched_smt_active() (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/speculation: Provide arch_smt_update() (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
- [x86] x86/mm: Fix compilation warning in pgtable_types.h (Waiman Long) [1692386 1692387 1692388] {CVE-2018-12126 CVE-2018-12127 CVE-2018-12130}
|
kernel-debug-devel-2.6.32-754.12.1.el6.i686
[10.8 MiB] |
Changelog
by Phillip Lougher (2019-03-07):
- [x86] vDSO: Don't generate retpoline for indirect call (Waiman Long) [1638552]
- [fs] cifs: fix reparse point/symlink breakage (Leif Sahlberg) [1636484]
- [scsi] qla2xxx: Mask off Scope bits in retry delay (Himanshu Madhani) [1588133]
- [net] tcp: make tcp_retransmit_timer a no-op on empty write queue (Paolo Abeni) [1585892]
- [kernel] sched/sysctl: Check user input value of sysctl_sched_time_avg (Lauro Ramos Venancio) [1579128]
- [fs] Fix up non-directory creation in SGID directories (Miklos Szeredi) [1600951] {CVE-2018-13405}
- [fs] hugetlbfs: switch to inode_init_owner() (Miklos Szeredi) [1600951] {CVE-2018-13405}
- [fs] udf: replace inode uid, gid, mode init with helper (Miklos Szeredi) [1600951] {CVE-2018-13405}
- [fs] ubifs: replace inode uid, gid, mode initialization with helper function (Miklos Szeredi) [1600951] {CVE-2018-13405}
- [fs] ramfs: replace inode uid, gid, mode initialization with helper function (Miklos Szeredi) [1600951] {CVE-2018-13405}
- [fs] ext4: replace inode uid, gid, mode init with helper (Miklos Szeredi) [1600951] {CVE-2018-13405}
- [fs] ext3: replace inode uid, gid, mode init with helper (Miklos Szeredi) [1600951] {CVE-2018-13405}
- [fs] ext2: replace inode uid, gid, mode init with helper (Miklos Szeredi) [1600951] {CVE-2018-13405}
- [fs] btrfs: replace inode uid, gid, mode initialization with helper function (Miklos Szeredi) [1600951] {CVE-2018-13405}
- [fs] vfs: Add inode uid,gid,mode init helper (Miklos Szeredi) [1600951] {CVE-2018-13405}
- [s390] kernel: adapt to changed CPU vulnerabilities function prototypes (Hendrik Brueckner) [1625381]
- [s390] detect etoken facility (Hendrik Brueckner) [1625381]
- [s390] Correct register corruption in critical section cleanup (Hendrik Brueckner) [1625381]
- [s390] remove indirect branch from do_softirq_own_stack (Hendrik Brueckner) [1625381]
- [s390] move spectre sysfs attribute code (Hendrik Brueckner) [1625381]
- [s390] kernel: use expoline for indirect branches (Hendrik Brueckner) [1625381]
- [s390] ftrace: use expoline for indirect branches (Hendrik Brueckner) [1625381]
- [s390] move expoline assembler macros to a header (Hendrik Brueckner) [1625381]
- [s390] correct module section names for expoline code revert (Hendrik Brueckner) [1625381]
- [x86] speculation/l1tf: Fix overflow in l1tf_pfn_limit() on 32bit (Oleksandr Natalenko) [1670328]
- [perf] Fix a race between ring_buffer_detach() and ring_buffer_attach() (Jiri Olsa) [1589340]
- [perf] Fix mmap() accounting hole (Jiri Olsa) [1627672]
- [perf] Fix perf mmap bugs (Jiri Olsa) [1627672]
|
kernel-debug-devel-2.6.32-754.11.1.el6.i686
[10.8 MiB] |
Changelog
by Phillip Lougher (2019-01-22):
- [x86] mm/fault: Allow stack access below rsp (Waiman Long) [1644401]
- [sound] alsa: rawmidi: Change resized buffers atomically (Denys Vlasenko) [1593083] {CVE-2018-10902}
|
kernel-debug-devel-2.6.32-754.6.3.el6.i686
[10.8 MiB] |
Changelog
by Frantisek Hrbata (2018-09-18):
- [kvm] VMX: fixes for vmentry_l1d_flush module parameter (Marcelo Tosatti) [1628796]
- [x86] speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (Marcelo Tosatti) [1628796]
- [x86] KVM: VMX: skip L1TF flush on VM-entry if EPT is disabled (Marcelo Tosatti) [1616397]
|
kernel-debug-devel-2.6.32-754.3.5.el6.i686
[10.8 MiB] |
Changelog
by Phillip Lougher (2018-08-09):
- [kernel] cpu/hotplug: Enable 'nosmt' as late as possible (Frantisek Hrbata) [1593376] {CVE-2018-3620}
|
kernel-debug-devel-2.6.32-754.2.1.el6.i686
[10.8 MiB] |
Changelog
by Phillip Lougher (2018-07-03):
- [x86] entry/64: Don't use IST entry for #BP stack (Waiman Long) [1596113] {CVE-2018-10872}
- [fs] gfs2: Flush delayed work earlier in gfs2_inode_lookup (Andreas Grunbacher) [1506281]
- [mm] mempolicy: fix use after free when calling get_mempolicy (Augusto Caringi) [1576757] {CVE-2018-10675}
- [mm] Fix NULL pointer dereference in dequeue_hwpoisoned_huge_page() (Larry Woodman) [1381653]
- [fs] NFSv4.1: Fix up replays of interrupted requests (Benjamin Coddington) [1553423]
- [fs] NFSv4.1: Simplify struct nfs4_sequence_args too (Benjamin Coddington) [1553423]
- [fs] NFSv4.1: Label each entry in the session slot tables with its slot number (Benjamin Coddington) [1553423]
- [fs] NFSv4.1: Shrink struct nfs4_sequence_res by moving the session pointer (Benjamin Coddington) [1553423]
- [fs] NFSv4.1: nfs4_alloc_slots doesn't need zeroing (Benjamin Coddington) [1553423]
- [fs] NFSv4.1: clean up nfs4_recall_slot to use nfs4_alloc_slots (Benjamin Coddington) [1553423]
- [fs] NFSv4.1: Fix a NFSv4.1 session initialisation regression (Benjamin Coddington) [1553423]
- [scsi] ipr: Fix sync scsi scan (Gustavo Duarte) [1572310]
- [scsi] ipr: Wait to do async scan until scsi host is initialized (Gustavo Duarte) [1572310]
|
kernel-debug-devel-2.6.32-754.el6.i686
[10.8 MiB] |
Changelog
by Phillip Lougher (2018-05-24):
- [powerpc] 64s: Add support for a store forwarding barrier at kernel entry/exit (Mauricio Oliveira) [1581053] {CVE-2018-3639}
- [x86] amd: Disable AMD SSBD mitigation in a VM (Waiman Long) [1580360]
- [x86] spec_ctrl: Fix late microcode problem with AMD (Waiman Long) [1566899] {CVE-2018-3639}
- [x86] spec_ctrl: Clean up entry code & remove unused APIs (Waiman Long) [1566899] {CVE-2018-3639}
- [x86] spec_ctrl: Mask off SPEC_CTRL MSR bits that are managed by kernel (Waiman Long) [1566899] {CVE-2018-3639}
- [x86] spec_ctrl: add support for SSBD to RHEL IBRS entry/exit macros (Waiman Long) [1566899] {CVE-2018-3639}
- [x86] bugs: Rename _RDS to _SSBD (Waiman Long) [1566899] {CVE-2018-3639}
- [x86] speculation: Add prctl for Speculative Store Bypass mitigation (Waiman Long) [1566899] {CVE-2018-3639}
- [x86] process: Allow runtime control of Speculative Store Bypass (Waiman Long) [1566899] {CVE-2018-3639}
- [kernel] prctl: Add speculation control prctls (Waiman Long) [1566899] {CVE-2018-3639}
- [x86] kvm: Expose the RDS bit to the guest (Waiman Long) [1566899] {CVE-2018-3639}
- [x86] bugs/AMD: Add support to disable RDS on Fam(15, 16, 17)h if requested (Waiman Long) [1566899] {CVE-2018-3639}
- [x86] spec_ctrl: Sync up RDS setting with IBRS code (Waiman Long) [1566899] {CVE-2018-3639}
- [x86] bugs: Provide boot parameters for the spec_store_bypass_disable mitigation (Waiman Long) [1566899] {CVE-2018-3639}
- [x86] bugs: Expose the /sys/../spec_store_bypass and X86_BUG_SPEC_STORE_BYPASS (Waiman Long) [1566899] {CVE-2018-3639}
- [x86] bugs: Read SPEC_CTRL MSR during boot and re-use reserved bits (Waiman Long) [1566899] {CVE-2018-3639}
- [x86] spec_ctrl: Use separate PCP variables for IBRS entry and exit (Waiman Long) [1566899] {CVE-2018-3639}
- [x86] cpu/intel: Knight Mill and Moorefield update to intel-family.h (Waiman Long) [1566899] {CVE-2018-3639}
- [x86] speculation: Update Speculation Control microcode blacklist (Waiman Long) [1566899] {CVE-2018-3639}
- [x86] cpuid: Fix up "virtual" IBRS/IBPB/STIBP feature bits on Intel (Waiman Long) [1566899] {CVE-2018-3639}
- [x86] cpufeatures: Clean up Spectre v2 related CPUID flags (Waiman Long) [1566899] {CVE-2018-3639}
- [x86] cpufeatures: Add AMD feature bits for Speculation Control (Waiman Long) [1566899] {CVE-2018-3639}
- [x86] cpufeatures: Add Intel feature bits for Speculation (Waiman Long) [1566899] {CVE-2018-3639}
- [x86] cpufeatures: Add CPUID_7_EDX CPUID leaf (Waiman Long) [1566899] {CVE-2018-3639}
- [x86] cpu: Fill in feature word 13, CPUID_8000_0008_EBX (Waiman Long) [1566899] {CVE-2018-3639}
- [x86] Extend RH cpuinfo to 10 extra words (Waiman Long) [1566899] {CVE-2018-3639}
- [x86] invpcid: Enable 'noinvpcid' boot parameter for X86_32 (Waiman Long) [1560494]
- [x86] dumpstack_32: Fix kernel panic in dump_trace (Waiman Long) [1577351]
- [fs] gfs2: For fs_freeze, do a log flush and flush the ail1 list (Robert S Peterson) [1569148]
- [net] dccp: check sk for closed state in dccp_sendmsg() (Stefano Brivio) [1576586] {CVE-2018-1130}
- [net] ipv6: dccp: add missing bind_conflict to dccp_ipv6_mapped (Stefano Brivio) [1576586] {CVE-2018-1130}
|
kernel-debug-devel-2.6.32-696.30.1.el6.i686
[10.8 MiB] |
Changelog
by Jan Stancek (2018-05-18):
- [x86] x86/kvm: fix CPUID_7_EDX (word 18) mask (Jan Stancek) [1566893 1566899] {CVE-2018-3639}
|
kernel-debug-devel-2.6.32-696.28.1.el6.i686
[10.8 MiB] |
Changelog
by Jan Stancek (2018-04-26):
- [x86] entry/64: Don't use IST entry for #BP stack (Waiman Long) [1567078 1567079] {CVE-2018-8897}
- [x86] xen: do not use xen_info on HVM, set pv_info name to "Xen HVM" (Vitaly Kuznetsov) [1569141 1568241]
|
kernel-debug-devel-2.6.32-696.23.1.el6.i686
[10.7 MiB] |
Changelog
by Jan Stancek (2018-02-10):
- [scsi] avoid a permanent stop of the scsi device's request queue (Ewan Milne) [1519857 1513455]
- [x86] retpoline/hyperv: Convert assembler indirect jumps (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: Upgrade GCC retpoline warning to an error for brew builds (Waiman Long) [1543022 1535645]
- [x86] retpoline: Don't use kernel indirect thunks in vsyscalls (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: Add a read-only retp_enabled debugfs knob (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: detect unretpolined modules (Waiman Long) [1543022 1535645]
- [x86] retpoline/ACPI: Convert indirect jump in wakeup code (Waiman Long) [1543022 1535645]
- [x86] retpoline/efi: Convert stub indirect calls & jumps (Waiman Long) [1543022 1535645]
- [watchdog] hpwdt: remove indirect call in drivers/watchdog/hpwdt.c (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: cleanup __ptrace_may_access (Waiman Long) [1543022 1535645]
- [x86] bugs: Drop one "mitigation" from dmesg (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: fix ptrace IBPB optimization (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: Avoid returns in IBRS-disabled regions (Waiman Long) [1543022 1535645]
- [x86] spectre/meltdown: avoid the vulnerability directory to weaken kernel security (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: Update spec_ctrl.txt and kernel-parameters.txt (Waiman Long) [1543022 1535645]
- [x86] Use IBRS for firmware update path (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: stuff RSB on context switch with SMEP enabled (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: use upstream RSB stuffing function (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: add ibrs_enabled=3 (ibrs_user) (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: Integrate IBRS with retpoline (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: print features changed by microcode loading (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: refactor the init and microcode loading paths (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: move initialization of X86_FEATURE_IBPB_SUPPORT (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: remove SPEC_CTRL_PCP_IBPB bit (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: remove ibrs_enabled variable (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: add ibp_disabled variable (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: add X86_FEATURE_IBP_DISABLE (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: remove IBP disable for AMD model 0x16 (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: remove performance measurements from documentation (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: make ipbp_enabled read-only (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: remove ibpb_enabled=2 mode (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: Enable spec_ctrl functions for x86-32 (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: move vmexit rmb in the last branch before IBRS (Waiman Long) [1543022 1535645]
- [x86] spec_ctrl: satisfy the barrier like semantics of IBRS (Waiman Long) [1543022 1535645]
- [x86] spectre_v1: Mark it as mitigated (Waiman Long) [1543022 1535645]
- [x86] pti: Do not enable PTI on CPUs which are not vulnerable to Meltdown (Waiman Long) [1543022 1535645]
- [x86] mce: Make machine check speculation protected (Waiman Long) [1543022 1535645]
- [x86] retpoline: Add LFENCE to the retpoline/RSB filling RSB macros (Waiman Long) [1543022 1535645]
- [x86] retpoline: Fill return stack buffer on vmexit (Waiman Long) [1543022 1535645]
- [x86] retpoline/irq32: Convert assembler indirect jumps (Waiman Long) [1543022 1535645]
- [x86] retpoline/checksum32: Convert assembler indirect jumps (Waiman Long) [1543022 1535645]
- [x86] retpoline/entry: Convert entry assembler indirect (Waiman Long) [1543022 1535645]
- [x86] retpoline/crypto: Convert crypto assembler indirect jumps (Waiman Long) [1543022 1535645]
- [x86] spectre: Add boot time option to select Spectre v2 mitigation (Waiman Long) [1543022 1535645]
- [x86] retpoline: Add initial retpoline support (Waiman Long) [1543022 1535645]
- [x86] cpu: Implement CPU vulnerabilites sysfs functions (Waiman Long) [1543022 1535645]
- [base] sysfs/cpu: Add vulnerability folder (Waiman Long) [1543022 1535645]
- [x86] cpufeatures: Add X86_BUG_SPECTRE_V[12] (Waiman Long) [1543022 1535645]
- [x86] pti: Add the pti= cmdline option and documentation (Waiman Long) [1543022 1535645]
- [x86] cpufeatures: Add X86_BUG_CPU_MELTDOWN (Waiman Long) [1543022 1535645]
- [x86] pti: Rename CONFIG_KAISER to CONFIG_PAGE_TABLE_ISOLATION (Waiman Long) [1543022 1535645]
- [x86] cpu: Expand cpufeature facility to include cpu bugs (Waiman Long) [1543022 1535645]
- [x86] cpu: Merge bugs.c and bugs_64.c (Waiman Long) [1543022 1535645]
- [x86] cpu/intel: Introduce macros for Intel family numbers (Waiman Long) [1543022 1535645]
- [x86] alternatives: Add missing '\n' at end of ALTERNATIVE inline asm (Waiman Long) [1543022 1535645]
- [x86] alternatives: Fix alt_max_short macro to really be a max() (Waiman Long) [1543022 1535645]
- [x86] asm: Make asm/alternative.h safe from assembly (Waiman Long) [1543022 1535645]
- [x86] alternatives: Document macros (Waiman Long) [1543022 1535645]
- [x86] alternatives: Fix ALTERNATIVE_2 padding generation properly (Waiman Long) [1543022 1535645]
- [x86] alternatives: Add instruction padding (Waiman Long) [1543022 1535645]
- [x86] alternative: Add header guards to <asm/alternative-asm.h> (Waiman Long) [1543022 1535645]
- [x86] alternative: Use .pushsection/.popsection (Waiman Long) [1543022 1535645]
- [x86] copy_user_generic: Optimize copy_user_generic with CPU erms feature (Waiman Long) [1543022 1535645]
- [x86] Make .altinstructions bit size neutral (Waiman Long) [1543022 1535645]
- [x86] pti: Rework the trampoline stack switching code (Waiman Long) [1543022 1535645]
- [x86] pti: Disable interrupt before trampoline stack switching (Waiman Long) [1543022 1535645]
|
kernel-debug-devel-2.6.32-696.20.1.el6.i686
[10.7 MiB] |
Changelog
by Denys Vlasenko (2018-01-12):
- [x86] kaiser/efi: unbreak tboot (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] pti/mm: Fix trampoline stack problem with XEN PV (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] pti/mm: Fix XEN PV boot failure (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] entry: Invoke TRACE_IRQS_IRETQ in paranoid_userspace_restore_all (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] spec_ctrl: show added cpuid flags in /proc/cpuinfo after late microcode update (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: svm: spec_ctrl at vmexit needs per-cpu areas functional (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: Eliminate redundnat FEATURE Not Present messages (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: enable IBRS and stuff_RSB before calling NMI C code (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: skip CAP_SYS_PTRACE check to skip audit (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: disable ibrs while in intel_idle() (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: skip IBRS/CR3 restore when paranoid exception returns to userland (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- Revert "x86/entry: Use retpoline for syscall's indirect calls" (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] mm/dump_pagetables: Allow dumping current pagetables (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/dump_pagetables: Add a pgd argument to walk_pgd_level() (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/dump_pagetables: Add page table directory (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] entry: Remove unneeded nmi_userspace code (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] entry: Fix nmi exit code with CONFIG_TRACE_IRQFLAGS (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: init_tss is supposed to go in the PAGE_ALIGNED per-cpu section (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: Clear kdump pgd page to prevent incorrect behavior (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: consider the init_mm.pgd a kaiser pgd (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: convert userland visible "kpti" name to "pti" (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] spec_ctrl: set IBRS during resume from RAM if ibrs_enabled is 2 (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] mm/kaiser: __load_cr3 in resume from RAM after kernel %gs has been restored (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] mm/kaiser: Revert the __GFP_COMP flag change (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] entry: Fix paranoid_exit() trampoline clobber (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] spec_ctrl: allow use_ibp_disable only if both SPEC_CTRL and IBPB_SUPPORT are missing (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: Documentation spec_ctrl.txt (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: remove irqs_disabled() check from intel_idle() (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: use enum when setting ibrs/ibpb_enabled (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: undo speculation barrier for ibrs_enabled and noibrs_cmdline (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: introduce ibpb_enabled = 2 for IBPB instead of IBRS (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: introduce SPEC_CTRL_PCP_ONLY_IBPB (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: cleanup s/flush/sync/ naming when sending IPIs (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: set IBRS during CPU init if in ibrs_enabled == 2 (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: use IBRS_ENABLED instead of 1 (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: allow the IBP disable feature to be toggled at runtime (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: always initialize save_reg in ENABLE_IBRS_SAVE_AND_CLOBBER (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: ibrs_enabled() is expected to return > 1 (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: CLEAR_EXTRA_REGS and extra regs save/restore (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] syscall: Clear unused extra registers on syscall (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] entry: Add back STUFF_RSB to interrupt and error paths (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] mm/kaiser: make is_kaiser_pgd reliable (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: disable global pages by default with KAISER (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] revert: mm/kaiser: Disable global pages by default with KAISER (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] kaiser/mm: fix pgd freeing in error path (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] entry: Fix 32-bit program crash with 64-bit kernel on AMD boxes (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: reload spec_ctrl cpuid in all microcode load paths (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: Prevent unwanted speculation without IBRS (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: add noibrs noibpb boot options (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] entry: Use retpoline for syscall's indirect calls (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] syscall: Clear unused extra registers on 32-bit compatible syscall entrance (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: rescan cpuid after a late microcode update (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: add debugfs ibrs_enabled ibpb_enabled (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: consolidate the spec control boot detection (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] Remove __cpuinitdata from some data & function (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] KVM/spec_ctrl: allow IBRS to stay enabled in host userland (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: move stuff_RSB in spec_ctrl.h (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] entry: Remove STUFF_RSB in error and interrupt code (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] entry: Stuff RSB for entry to kernel for non-SMEP platform (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] mm: Only set IBPB when the new thread cannot ptrace (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] mm: Set IBPB upon context switch (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] idle: Disable IBRS when offlining cpu and re-enable (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] idle: Disable IBRS entering idle and enable it on wakeup (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: implement spec ctrl C methods (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: save IBRS MSR value in save_paranoid for NMI (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] enter: Use IBRS on syscall and interrupts (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: swap rdx with rsi for nmi nesting detection (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: spec_ctrl_pcp and kaiser_enabled_pcp in same cachline (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: use per-cpu knob instead of ALTERNATIVES for ibpb and ibrs (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] enter: MACROS to set/clear IBRS and set IBPB (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [kvm] x86: add SPEC_CTRL to MSR and CPUID lists (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [kvm] svm: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] svm: Set IBPB when running a different VCPU (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [kvm] vmx: add MSR_IA32_SPEC_CTRL and MSR_IA32_PRED_CMD (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [kvm] vmx: Set IBPB when running a different VCPU (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [kvm] x86: clear registers on VM exit (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] [kvm] Pad RSB on VM transition (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [security] Add SPEC_CTRL Kconfig option (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] cpu/AMD: Control indirect branch predictor when SPEC_CTRL not available (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] feature: Report presence of IBPB and IBRS control (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] feature: Enable the x86 feature to control Speculation (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] cpuid: Provide get_scattered_cpuid_leaf() (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] cpuid: Cleanup cpuid_regs definitions (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] microcode: Share native MSR accessing variants (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] nop: Make the ASM_NOP* macros work from assembly (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] cpu: Clean up and unify the NOP selection infrastructure (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] entry: Further simplify the paranoid_exit code (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] entry: Remove trampoline check from paranoid entry path (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] entry: Don't switch to trampoline stack in paranoid_exit (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] entry: Simplify trampoline stack restore code (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [misc] locking/barriers: prevent speculative execution based on Coverity scan results (Waiman Long) [1519787 1519789] {CVE-2017-5753}
- [fs] udf: prevent speculative execution (Waiman Long) [1519787 1519789] {CVE-2017-5753}
- [fs] prevent speculative execution (Waiman Long) [1519787 1519789] {CVE-2017-5753}
- [scsi] qla2xxx: prevent speculative execution (Waiman Long) [1519787 1519789] {CVE-2017-5753}
- [netdrv] p54: prevent speculative execution (Waiman Long) [1519787 1519789] {CVE-2017-5753}
- [netdrv] carl9170: prevent speculative execution (Waiman Long) [1519787 1519789] {CVE-2017-5753}
- [media] uvcvideo: prevent speculative execution (Waiman Long) [1519787 1519789] {CVE-2017-5753}
- [x86] cpu/AMD: Remove now unused definition of MFENCE_RDTSC feature (Waiman Long) [1519787 1519789] {CVE-2017-5753}
- [x86] cpu/AMD: Make the LFENCE instruction serialized (Waiman Long) [1519787 1519789] {CVE-2017-5753}
- [kernel] locking/barriers: introduce new memory barrier gmb() (Waiman Long) [1519787 1519789] {CVE-2017-5753}
- [x86] Fix typo preventing msr_set/clear_bit from having an effect (Waiman Long) [1519787 1519789] {CVE-2017-5753}
- [x86] Add another set of MSR accessor functions (Waiman Long) [1519787 1519789] {CVE-2017-5753}
- [x86] mm/kaiser: Replace kaiser with kpti to sync with upstream (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: map the trace idt tables in userland shadow pgd (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: add "kaiser" and "nokaiser" boot options (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] kaiser/mm: fix RESTORE_CR3 crash in kaiser_stop_machine (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: use stop_machine for enable/disable knob (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] kaiser/mm: use atomic ops to poison/unpoison user pagetables (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: use invpcid to flush the two kaiser PCID AISD (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: use two PCID ASIDs optimize the TLB during enter/exit kernel (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: stop patching flush_tlb_single (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm: If INVPCID is available, use it to flush global mappings (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: use PCID feature to make user and kernel switches faster (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/64: Initialize CR4.PCIDE early (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm: Add a 'noinvpcid' boot option to turn off INVPCID (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm: Add the 'nopcid' boot option to turn off PCID (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: validate trampoline stack (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] entry: Move SYSENTER_stack to the beginning of struct tss_struct (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: isolate the user mapped per cpu areas (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: selective boot time defaults (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser/xen: Dynamically disable KAISER when running under Xen PV (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: add Kconfig (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: avoid false positives during non-kaiser pgd updates (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: Respect disabled CPU features (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] kaiser/mm: trampoline stack comments (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: stack trampoline (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: re-enable vsyscalls (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: allow to build KAISER with KASRL (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: allow KAISER to be enabled/disabled at runtime (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: un-poison PGDs at runtime (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: add a function to check for KAISER being enabled (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: add debugfs file to turn KAISER on/off at runtime (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: disable native VSYSCALL (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: map virtually-addressed performance monitoring buffers (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: add kprobes text section (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: map trace interrupt entry (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: map entry stack per-cpu areas (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: map dynamically-allocated LDTs (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: make sure static PGDs are 8k in size (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: allow NX poison to be set in p4d/pgd (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: unmap kernel from userspace page tables (core patch) (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: mark per-cpu data structures required for entry/exit (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: introduce user-mapped per-cpu areas (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: add cr3 switches to entry code (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: remove scratch registers (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: prepare assembly for entry/exit CR3 switching (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: Disable global pages by default with KAISER (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm: Document X86_CR4_PGE toggling behavior (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/tlb: Make CR4-based TLB flushes more robust (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm: Do not set _PAGE_USER for init_mm page tables (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] increase robusteness of bad_iret fixup handler (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm: Check if PUD is large when validating a kernel address (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] Separate out entry text section (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [include] linux/const.h: Add _BITUL() and _BITULL() (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [include] linux/mmdebug.h: add VM_WARN_ON() and VM_WARN_ON_ONCE() (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [include] stddef.h: Move offsetofend() from vfio.h to a generic kernel header (Waiman Long) [1519799 1519802] {CVE-2017-5754}
|
kernel-debug-devel-2.6.32-696.18.7.el6.i686
[10.7 MiB] |
Changelog
by Denys Vlasenko (2017-12-28):
- [x86] spec_ctrl: svm: spec_ctrl at vmexit needs per-cpu areas functional (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: Eliminate redundnat FEATURE Not Present messages (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: enable IBRS and stuff_RSB before calling NMI C code (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: skip CAP_SYS_PTRACE check to skip audit (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: disable ibrs while in intel_idle() (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] spec_ctrl: skip IBRS/CR3 restore when paranoid exception returns to userland (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- Revert "x86/entry: Use retpoline for syscall's indirect calls" (Waiman Long) [1519797 1519796] {CVE-2017-5715}
- [x86] mm/dump_pagetables: Allow dumping current pagetables (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/dump_pagetables: Add a pgd argument to walk_pgd_level() (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/dump_pagetables: Add page table directory (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] entry: Remove unneeded nmi_userspace code (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] entry: Fix nmi exit code with CONFIG_TRACE_IRQFLAGS (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: init_tss is supposed to go in the PAGE_ALIGNED per-cpu section (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: Clear kdump pgd page to prevent incorrect behavior (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: consider the init_mm.pgd a kaiser pgd (Waiman Long) [1519799 1519802] {CVE-2017-5754}
- [x86] mm/kaiser: convert userland visible "kpti" name to "pti" (Waiman Long) [1519799 1519802] {CVE-2017-5754}
|
kernel-debug-devel-2.6.32-696.16.1.el6.i686
[10.7 MiB] |
Changelog
by Denys Vlasenko (2017-10-08):
- [net] packet: fix tp_reserve race in packet_set_ring (Stefano Brivio) [1481941 1481943] {CVE-2017-1000111}
- [net] packet: fix overflow in check for tp_frame_nr (Stefano Brivio) [1481941 1481943] {CVE-2017-1000111}
- [net] packet: fix overflow in check for tp_reserve (Stefano Brivio) [1481941 1481943] {CVE-2017-1000111}
- [netdrv] sfc: tx ring can only have 2048 entries for all EF10 NICs (Jarod Wilson) [1498019 1441773]
- [fs] sunrpc: always treat the invalid cache as unexpired (Thiago Becker) [1497976 1477288]
- [fs] sunrpc: xpt_auth_cache should be ignored when expired (Thiago Becker) [1497976 1477288]
- [net] tcp: initialize rcv_mss to TCP_MIN_MSS instead of 0 (Davide Caratti) [1488344 1488340] {CVE-2017-14106}
- [net] tcp: fix 0 divide in __tcp_select_window() (Davide Caratti) [1488344 1488340] {CVE-2017-14106}
- [scsi] lpfc: fix "integer constant too large" error on 32bit archs (Maurizio Lombardi) [1487220 1441169]
- [scsi] lpfc: version 11.0.1.6 is 11.0.0.6 with no_hba_reset patches (Maurizio Lombardi) [1487220 1441169]
- [scsi] lpfc: Vport creation is failing with "Link Down" error (Maurizio Lombardi) [1487220 1441169]
- [scsi] lpfc: Fix panic on BFS configuration (Maurizio Lombardi) [1487220 1441169]
- [scsi] lpfc: Fix eh_deadline setting for sli3 adapters (Maurizio Lombardi) [1487220 1441169]
- [scsi] lpfc: Correct panics with eh_timeout and eh_deadline (Maurizio Lombardi) [1487220 1441169]
- [net] udp: consistently apply ufo or fragmentation (Davide Caratti) [1481532 1481529] {CVE-2017-1000112}
- [net] ipv6: Should use consistent conditional judgement for ip6 fragment between __ip6_append_data and ip6_finish_output (Davide Caratti) [1481532 1481529] {CVE-2017-1000112}
- [net] ipv4: Should use consistent conditional judgement for ip fragment in __ip_append_data and ip_finish_output (Davide Caratti) [1481532 1481529] {CVE-2017-1000112}
|
kernel-debug-devel-2.6.32-696.13.2.el6.i686
[10.7 MiB] |
Changelog
by Denys Vlasenko (2017-09-22):
- [net] l2cap: prevent stack overflow on incoming bluetooth packet (Neil Horman) [1490060 1490062] {CVE-2017-1000251}
- [fs] binfmt_elf.c:load_elf_binary(): return -EINVAL on zero-length mappings (Petr Matousek) [1492959 1492961] {CVE-2017-1000253}
- [fs] binfmt_elf.c: fix bug in loading of PIE binaries (Petr Matousek) [1492959 1492961] {CVE-2017-1000253}
|
kernel-debug-devel-2.6.32-696.10.3.el6.i686
[10.7 MiB] |
Changelog
by Denys Vlasenko (2017-09-21):
- [fs] binfmt_elf.c:load_elf_binary(): return -EINVAL on zero-length mappings (Petr Matousek) [1492959 1492961] {CVE-2017-1000253}
- [fs] binfmt_elf.c: fix bug in loading of PIE binaries (Petr Matousek) [1492959 1492961] {CVE-2017-1000253}
|
kernel-debug-devel-2.6.32-696.10.2.el6.i686
[10.7 MiB] |
Changelog
by Frantisek Hrbata (2017-09-10):
- [net] l2cap: prevent stack overflow on incoming bluetooth packet (Neil Horman) [1490060 1490062] {CVE-2017-1000251}
|
kernel-debug-devel-2.6.32-696.6.3.el6.i686
[10.7 MiB] |
Changelog
by Denys Vlasenko (2017-06-30):
- [mm] allow JVM to implement its own stack guard pages (Larry Woodman) [1466667 1464237]
- [mm] enlarge stack guard gap (Larry Woodman) [1466667 1464237]
- Revert: [mm] enlarge stack guard gap (Larry Woodman) [1466667 1464237]
|
kernel-debug-devel-2.6.32-696.3.2.el6.i686
[10.7 MiB] |
Changelog
by Denys Vlasenko (2017-06-07):
- [mm] enlarge stack guard gap (Larry Woodman) [1452729 1452730] {CVE-2017-1000364 CVE-2017-1000366}
|
kernel-debug-devel-2.6.32-696.3.1.el6.i686
[10.7 MiB] |
Changelog
by Denys Vlasenko (2017-04-20):
- [netdrv] be2net: Fix endian issue in logical link config command (Ivan Vecera) [1442979 1436527]
- [scsi] lpfc: update for rhel6 11.0.0.6 (Maurizio Lombardi) [1439636 1429881]
- [scsi] lpfc: The lpfc driver does not issue RFF_ID and RFT_ID in the correct sequence (Maurizio Lombardi) [1439636 1429881]
- [x86] vmalloc_sync: avoid syncing vmalloc area on crashing cpu (Pingfan Liu) [1443499 1146727]
- [kernel] audit: plug cred memory leak in audit_filter_rules (Richard Guy Briggs) [1443234 1434560]
- [net] tcp: avoid infinite loop in tcp_splice_read() (Davide Caratti) [1430577 1430578] {CVE-2017-6214}
|
kernel-debug-devel-2.6.32-696.1.1.el6.i686
[10.7 MiB] |
Changelog
by Denys Vlasenko (2017-03-21):
- [block] fix use-after-free in seq file (Denys Vlasenko) [1418548 1418549] {CVE-2016-7910}
- [firmware] Replacing the chelsio firmware (t4,t5)fw-1.15.37.0 (Sai Vemuri) [1433865 1425749]
- [kernel] genirq: Avoid taking sparse_irq_lock for non-existent irqs (Dave Wysochanski) [1428106 1360930]
- [tty] n_hdlc: get rid of racy n_hdlc.tbuf (Herton R. Krzesinski) [1429917 1429918] {CVE-2017-2636}
|