代码拉取完成,页面将自动刷新
TASK | COMMIT |
---|---|
bugzilla: #I79V8S:CVE-2023-3006 | 0211ac08b393 arm64: Add AMPERE1 to the Spectre-BHB affected list |
bugzilla: #I6TPN9:【syzkaller】WARNING in sk_stream_kill_queues | 31b82122185b sctp: Call inet6_destroy_sock() via sk->sk_destruct(). 8267b0d5924d net: Remove WARN_ON_ONCE(sk->sk_forward_alloc) from sk_stream_kill_queues(). fe2eb442a625 dccp/tcp: Avoid negative sk_forward_alloc by ipv6_pinfo.pktoptions. |
bugzilla: #I6YKXB:CVE-2023-31084 | cfbabcb30713 media: dvb-core: Fix kernel WARNING for blocking operation in wait_event*() |
bugzilla: #I7BQZ0:鲲鹏920潮汐affinity带宽感知功耗优化需求 | ce35ded5d577 sched: smart grid: init sched_grid_qos structure on QOS purpose 713cfd2684fa sched: Introduce smart grid scheduling strategy for cfs |
bugzilla: #I7BZ5U:[openEuler-1.0-LTS] linux-4.19.y bugfix回合 | aaf2ccb45d17 ipmi: fix SSIF not responding under certain cond. b0afa0fa6f02 ipmi_ssif: Rename idle state and check c68cb2370f53 mm/page_alloc: fix potential deadlock on zonelist_update_seq seqlock 13e4745bdae1 printk: declare printk_deferred_{enter,safe}() in include/linux/printk.h e84cc7b8907c serial: 8250: Fix serial8250_tx_empty() race with DMA Tx 5195a946c535 tty: Prevent writing chars during tcsetattr TCSADRAIN/FLUSH dd9c02c5488f af_packet: Don't send zero-byte data in packet_sendmsg_spkt(). 5fd1535ba1ee nohz: Add TICK_DEP_BIT_RCU b17c92472f1d perf/core: Fix hardlockup failure caused by perf throttle 56ce204e20e4 of: Fix modalias string generation 1606722329bb tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp. e76e6556ee86 ipv4: Fix potential uninit variable access bug in __ip_make_skb() 262311ea9156 crypto: drbg - Only fail when jent is unavailable in FIPS mode 72a9e727cf4e crypto: drbg - make drbg_prepare_hrng() handle jent instantiation errors e773dd0e65fb net/packet: convert po->auxdata to an atomic flag e7ca048556fe net/packet: convert po->origdev to an atomic flag 925fad9e4728 ring-buffer: Sync IRQ works before buffer destruction 02fde7c4d742 dccp: Call inet6_destroy_sock() via sk->sk_destruct(). 85d76b96a410 inet6: Remove inet6_destroy_sock() in sk->sk_prot->destroy(). 7d023a7e0bd5 tcp/udp: Call inet6_destroy_sock() in IPv6 sk->sk_destruct(). f5b6756a2ead udp: Call inet6_destroy_sock() in setsockopt(IPV6_ADDRFORM). |
bugzilla: #I73DDA:主线问题修复 | 828b20a29f48 lib/cmdline: fix get_option() for strings starting with hyphen a81561c6714b of: overlay: fix for_each_child.cocci warnings |
bugzilla: 188446, #I6DK3O:【OLK-5.10】执行fs_fusiontest测试套test_fs_fusion174用例,触发KASAN: stack-out-of-bounds Read in unwind_next_frame | 26e94eaf2280 kprobes: Fix to handle forcibly unoptimized kprobes on freeing_list |
bugzilla: #I79LIO:CVE-2023-2985 | 16f9da385df3 fs: hfsplus: fix UAF issue in hfsplus_put_super |
bugzilla: 187268, #I76JDY:【OLK-5.10】WARNING in iomap_apply | a325a2698de5 block: Fix the partition start may overflow in add_partition() ad0628d34225 block: refactor blkpg_ioctl |
bugzilla: 188799, #I79QWO:【OLK-5.10】KASAN: use-after-free Read in sock_shutdown | 4b53fff3a622 nbd: get config_lock before sock_shutdown |
bugzilla: #I7ASU6:CVE-2023-2860 | d9d1ff020291 ipv6: sr: fix out-of-bounds read when setting HMAC data. |
bugzilla: #I78SWJ:dm设备创建过程中alloc dax失败触发panic | ee776389220b dm: add disk before alloc dax |
bugzilla: #I79ZEK:dm-thin-pool kworker与drop cache并发触发死锁 | c7ca9c064ae0 dm thin: Fix ABBA deadlock by resetting dm_bufio_client |
CVE | issue |
---|---|
CVE-2023-2860 | #I7ASU6:CVE-2023-2860 |
CVE-2023-2985 | #I79LIO:CVE-2023-2985 |
CVE-2023-3006 | #I79V8S:CVE-2023-3006 |
CVE-2023-31084 | #I6YKXB:CVE-2023-31084 |
TASK | COMMIT |
---|---|
bugzilla: #I70WHL:ext4 日志checkpoint与do_get_write_access并发可能导致buffer dirty被清除没有落盘 | d55550a76967 jbd2: remove t_checkpoint_io_list 4d00544e8fe7 jbd2: recheck chechpointing non-dirty buffer |
bugzilla: #I6UVFG:鲲鹏上使用20.03 sp2 4.19内核跑fio任务,对比x86的centos 7.6 3.10内核读写性能差,中断多 | b06e74f5f8a2 irqchip/gic-v3-its: Balance initial LPI affinity across CPUs a7293ea13285 irqchip/gic-v3-its: Track LPI distribution on a per CPU basis |
bugzilla: #I7781Q:CVE-2023-33288 | b1e67cfbc36b power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition |
bugzilla: #I79V6E:替换mq的时候出现空指针访问问题 | 90dd65871201 net: sched: fix NULL pointer dereference in mq_attach |
CVE | issue |
---|---|
CVE-2023-33288 | #I7781Q:CVE-2023-33288 |
TASK | COMMIT |
---|---|
bugzilla: #I78PCH:【openEuler-1.0-LTS】cpufreq:conservative: Add a switch to enable fast mode | 75704b66dfba cpufreq: conservative: Add a switch to enable fast mode |
bugzilla: #I78RHX:[openEuler-1.0-LTS] 【长稳】kmemleak检测到内存泄露(pm_check_save_msr) | b6a8455c8958 x86/pm: Fix false positive kmemleak report in msr_build_context() |
bugzilla: #I52XND:CVE-2022-1280 | fedecbf14c46 drm: Lock pointer access in drm_master_release() 9d5d59994e3f drm: Fix use-after-free read in drm_getunique() |
bugzilla: #I77WRQ:[openEuler-1.0-LTS] 主线补丁回合of: overlay: kmemleak in dup_and_fixup_symbol_prop() | 572d59a1eb4f of: overlay: kmemleak in dup_and_fixup_symbol_prop() 4e3707f2728f iommu/dma: Fix MSI reservation allocation |
bugzilla: #I787JE:【openEuler-1.0-LTS】主线补丁回合 lib/stackdepot.c: fix global out-of-bounds in stack_slabs | 151f428b6fde lib/stackdepot.c: fix global out-of-bounds in stack_slabs |
bugzilla: #I70RD3:[openEuler-1.0-LTS] rcu: Use *_ONCE() to protect lockless ->expmask accesses | b6852ac3afe2 rcu: Use *_ONCE() to protect lockless ->expmask accesses |
bugzilla: #I72C6P:配置iommu直通报错 | 98e12a77646f iommu: Don't print warning when IOMMU driver only supports unmanaged domains |
bugzilla: 188791,#I76XUJ:【OLK 同步】【syzkaller】KASAN: slab-out-of-bounds in crc16 | ae9d60b7064b ext4: avoid a potential slab-out-of-bounds in ext4_group_desc_csum |
CVE | issue |
---|---|
CVE-2022-1280 | #I52XND:CVE-2022-1280 |
TASK | COMMIT |
---|---|
bugzilla: #I71F49:CVE-2023-32233 | 17b61a6c6e34 netfilter: nf_tables: deactivate anonymous set from preparation phase |
bugzilla: #I6V709:GNU ar (GNU Binutils for Ubuntu) 2.26.1 编译4.19内核编译失败 | 2b05b5e194b8 x86/msr-index: make SPEC_CTRL_IBRS assembler-portable |
bugzilla: #I6X4UN:CVE-2023-2124 | f5a69974a960 xfs: verify buffer contents when we skip log replay |
bugzilla: #I6WRGD:【openEuler-1.0-LTS】KVM pvsched bug | b699af9b37a2 kvm: arm64: fix some pvsched bugs |
CVE | issue |
---|---|
CVE-2023-2124 | #I6X4UN:CVE-2023-2124 |
CVE-2023-32233 | #I71F49:CVE-2023-32233 |
TASK | COMMIT |
---|---|
bugzilla: 188766, #I72J0M:【openEuler 20.03-LTS-SP3】【arm/x86】ltp执行用例bind04失败 | 3716f8b55f38 net: sctp: update stream->incnt after successful allocation of stream_in |
bugzilla: #I71UGQ:MPAM中断注册失败提示信息修改 | 547d96244681 arm64/mpam: modify mpam irq register error log |
bugzilla: #I722EJ:[openEuler-1.0-LTS] openeuler_defconfig: Add configuration items for zhaoxin | 7a9fe891747c openeuler_defconfig: Add configuration items for zhaoxin |
bugzilla: #I6WHKQ:CVE-2023-2002 | 63055a9f3225 bluetooth: Perform careful capability checks in hci_sock_ioctl() |
bugzilla: #I70OFF:CVE-2023-32269 | 768851b2ba7b netrom: Fix use-after-free caused by accept on already connected socket |
bugzilla: #I6J3EV:[openEuler-1.0-LTS] Add Zhaoxin I2C driver | 735c81b4d33c i2c: Add Zhaoxin I2C driver |
bugzilla: #I70T8Z:【4.19 Backport】mm: memcontrol: switch to rcu protection in drain_all_stock() | 1bcf784ab18f mm: memcontrol: switch to rcu protection in drain_all_stock() |
bugzilla: #I6X8PA:allyesconfig 编译失败 | 69e990d3a8e9 scsi/hifc: Fix compile error in allyesconfigs 6ba57e271892 net/hinic: Fix compile error in allyesconfigs |
bugzilla: #I71KVZ:[openEuler-1.0-LTS] a use-after-free bug in uncore_pci_remove() need to be fixed | 6368e6891dbf x86/perf: fix use-after-free bug in uncore_pci_remove() |
bugzilla: #I6J50I:[openEuler-1.0-LTS] Add support for Zhaoxin SM3 and SM4 instruction | 358c7df96d1c crypto: Driver for Zhaoxin GMI SM4 Block Cipher Algorithm 81b22f5c7b0f crypto: Driver for Zhaoxin GMI SM3 Secure Hash algorithm |
bugzilla: #I715PM:[openEuler-1.0-LTS] linux-4.19.y lts补丁分析回合(4.19.279-4.19.281) | dfe264f8de77 ipv6: Fix an uninit variable access bug in __ip6_make_skb() |
bugzilla: #I6J1F6:[openEuler-1.0-LTS] Add Zhaoxin ACE driver | 0f74c26725b8 crypto: Add Zhaoxin ACE driver |
bugzilla: #I6J28W:[openEuler-1.0-LTS] Add support of turbo boost control interface for Zhaoxin CPUs | 0f84577f13e7 cpufreq: ACPI: Add Zhaoxin/Centaur turbo boost control interface support |
bugzilla: #I6J139:[openEuler-1.0-LTS] Add Zhaoxin rng driver | 050ff2f361bf hwrng: Add Zhaoxin rng driver |
bugzilla: #I62VRB:[openEuelr-1.0-LTS] USB: HCD: Fix URB giveback issue in tasklet function | a43f121a7a5d USB: HCD: Fix URB giveback issue in tasklet function |
bugzilla: #I6IZG5:[openEuler-1.0-LTS] ACPI, x86: Improve Zhaoxin processors support for NONSTOP TSC | 8b3eb0b595d3 ACPI, x86: Improve Zhaoxin processors support for NONSTOP TSC |
CVE | issue |
---|---|
CVE-2023-2002 | #I6WHKQ:CVE-2023-2002 |
CVE-2023-32269 | #I70OFF:CVE-2023-32269 |
TASK | COMMIT |
---|---|
bugzilla: #I715PM:[openEuler-1.0-LTS] linux-4.19.y lts补丁分析回合(4.19.279-4.19.281) | dfe264f8de77 ipv6: Fix an uninit variable access bug in __ip6_make_skb() f2f214e03ac5 cgroup/cpuset: Wake up cpuset_attach_wq tasks in cpuset_cancel_attach() 091d8aaeefec verify_pefile: relax wrapper length check a0b7ac46ca09 udp6: fix potential access to stale information 72aa5504a320 mm/swap: fix swap_info_struct race between swapoff and get_swap_pages() 10bbeae84886 ftrace: Mark get_lock_parent_ip() __always_inline 45d428d0ee55 perf/core: Fix the same task check in perf_event_set_output 4f4f55aaab91 net: don't let netpoll invoke NAPI if in xmit context d4d35e459ea1 icmp: guard against too small mtu e7b1f6981d9c sched_getaffinity: don't assume 'cpumask_size()' is fully initialized ad628dadd52e dm stats: check for and propagate alloc_percpu failure 571b0419f2d6 dm thin: fix deadlock when swapping to thin device |
bugzilla: #I6WPFT:【openEuler 1.0-LTS】【OLK-5.10】新增handle_fasteoi_edge_ir修复中断亲和性设置失败问题 | 94b461f6f354 genirq: introduce handle_fasteoi_edge_irq for phytium a95cc4dafae3 genirq: introduce handle_fasteoi_edge_irq flow handler 109f327dd9f1 Revert "genirq: Remove irqd_irq_disabled in __irq_move_irq" 57640b7f1678 Revert "config: enbale irq pending config for openeuler" dd3c29a33e06 Revert "genirq: introduce CONFIG_GENERIC_PENDING_IRQ_FIX_KABI" 861bab7039b5 Revert "irqchip/gic-v3-its: introduce CONFIG_GENERIC_PENDING_IRQ" |
bugzilla: 188707, #I6VK2F:CVE-2023-2007 | 0efeeaf3c7d1 scsi: dpt_i2o: Remove obsolete driver |
bugzilla: 188015, #I6OERX:【OLK-5.10】md主线补丁回合 | 6e7c8275aa34 md: extend disks_mutex coverage 2ebcef2d5cb7 md: use msleep() in md_notify_reboot() 87c2c3870ca6 md: fix double free of mddev->private in autorun_array() |
bugzilla: 188569, #I6ZG5B:【OLK-5.10】设置坏块时与预期不一致 | 19ee4891a5e7 block/badblocks: fix badblocks loss when badblocks combine b36ddbdb0cea block/badblocks: fix the bug of reverse order efa964ee4749 block: Only set bb->changed when badblocks changes |
bugzilla: 188553, #I6TNFX:【OLK同步】生命周期并发插拔盘,提示sysfs重复 | 4f5666c8cf49 md: fix sysfs duplicate file while adding rdev 52e332f2e418 md: replace invalid function flush_rdev_wq() with flush_workqueue() |
bugzilla: #I718K0:【OLK-5.10】KASAN: use-after-free Write in collect_expired_timers | d8503f10b41d bonding: Fix memory leak when changing bond type to Ethernet |
bugzilla: #I6YQZS:CVE-2023-2269 | 958bfa705d8e dm ioctl: fix nested locking in table_clear() to remove deadlock concern |
bugzilla: #I6WCC1:【OLK-5.10】BUG: soft lockup in sys_wait4 | 63043b7557cf timers/nohz: Last resort update jiffies on nohz_full IRQ entry |
bugzilla: #I6WNGK:【OLK-5.10/openEuler-1.0-LTS】WARNING: proc registration bug in bond_netdev_event | 5e25dec63b45 bonding: restore bond's IFF_SLAVE flag if a non-eth dev enslave fails 5bcf7783da27 bonding: restore IFF_MASTER/SLAVE flags on bond enslave ether type change |
bugzilla: #I6ZWOL:CVE-2023-2483 | 055345a5d7fb net: qcom/emac: Fix use after free bug in emac_remove due to race condition |
bugzilla: #I70MZX:ovl: get_acl:在rcu路径存在空指针解引用问题 | 54f2fb061dd5 ovl: get_acl: Fix null pointer dereference at realinode in rcu-walk mode |
bugzilla: #I6ZISA:CVE-2023-31436 | e769145ba5ed net: sched: sch_qfq: prevent slab-out-of-bounds in qfq_activate_agg |
bugzilla: 188499, #I6TNVT:【OLK-5.10 同步】[syzkaller] WARNING in ext4_da_update_reserve_space | 8c1d63f6de21 ext4: only update i_reserved_data_blocks on successful block allocation |
bugzilla: #I6RKHX:mm: mem_reliable: Set child task's reliable_nr_page to zero during fork | 3fbf32b8a2d7 mm: mem_reliable: Use zone_page_state to count free reliable pages |
bugzilla: 188601, #I6TNTC:【OLK-5.10 同步】[syzkaller] KASAN: null-ptr-deref Write in bdi_split_work_to_wbs | 641e7fcc458c writeback, cgroup: fix null-ptr-deref write in bdi_split_work_to_wbs |
bugzilla: 188712,#I6X47E:CVE-2023-2177 | 703397c74f8f sctp: leave the err path free in sctp_stream_init to sctp_stream_free |
bugzilla: #I6X49E:CVE-2023-2176 | 5ca384e3b0a1 RDMA/core: Refactor rdma_bind_addr be16dfab24cc Revert "RDMA/cma: Simplify rdma_resolve_addr() error flow" |
bugzilla: #I6ZCW0:overlay: 使用acl cache优化路径查找性能 | c309468e7759 fix kabi broken due to import new inode operation get_inode_acl e01a5e43ccfb ovl: enable RCU'd ->get_acl() 527b26b1c422 vfs: add rcu argument to ->get_acl() callback |
CVE | issue |
---|---|
CVE-2023-2007 | #I6VK2F:CVE-2023-2007 |
CVE-2023-2176 | #I6X49E:CVE-2023-2176 |
CVE-2023-2177 | #I6X47E:CVE-2023-2177 |
CVE-2023-2269 | #I6YQZS:CVE-2023-2269 |
CVE-2023-2483 | #I6ZWOL:CVE-2023-2483 |
CVE-2023-31436 | #I6ZISA:CVE-2023-31436 |
TASK | COMMIT |
---|---|
bugzilla: #I51UWX:【openEuler 20.03-LTS-SP3】hns roce inline超规格上限场景拦截 | 18f1f2023e7b RDMA/hns: Add check for user-configured max_inline_data value |
bugzilla: #I6W80A:CVE-2023-30772 | 5f77c283a409 power: supply: da9150: Fix use after free bug in da9150_charger_remove due to race condition |
bugzilla: #I6XHPL:CVE-2023-2194 | b735f6696a2f i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() |
bugzilla: #I6X2LV:kmemleak检测到内存泄露 | 08551f225d8b audit: fix a memleak caused by auditing load module |
bugzilla: #I6WB6P:【openEuler 1.0-LTS】UBSAN: shift-out-of-bounds in net/ipv4/tcp_input.c:545:23 | 091ae3d555f2 tcp: restrict net.ipv4.tcp_app_win |
bugzilla: #I6V7TU:CVE-2023-1998 | 21f0fb9d4b2a x86/speculation: Allow enabling STIBP with legacy IBRS |
bugzilla: #I6WKM7:arm-smmu-v3 存在内存释放后重用bug | f7f1638905b2 iommu/arm-smmu-v3: Fix UAF when handle evt during iommu group removing |
bugzilla: #I6J0SW:[openEulre-1.0-LTS] ata: sata_zhaoxin: Update Zhaoxin Serial ATA product name | 2ee4396a8c61 ata: sata_zhaoxin: Update Zhaoxin Serial ATA product name |
CVE | issue |
---|---|
CVE-2023-1998 | #I6V7TU:CVE-2023-1998 |
CVE-2023-2194 | #I6XHPL:CVE-2023-2194 |
CVE-2023-30772 | #I6W80A:CVE-2023-30772 |
TASK | COMMIT |
---|---|
bugzilla: #I6U7AN:CVE-2023-30456 | 3987c8362591 KVM: nVMX: add missing consistency checks for CR0 and CR4 |
bugzilla: 188685, #I5QLC4:CVE-2022-36280 | 5e4437d3b1a3 drm/vmwgfx: Validate the box size for the snooped cursor |
bugzilla: #I6UYBU:CVE-2023-1829 | 261ad491b1f8 net/sched: Retire tcindex classifier |
bugzilla: #I6FB6C:CVE-2022-27672 | 7a79450e621f Documentation/hw-vuln: Fix rST warning 1101214616ad Documentation/hw-vuln: Add documentation for Cross-Thread Return Predictions 4c403c8ede37 KVM: x86: Mitigate the cross-thread return address predictions bug 944927af1f37 x86/speculation: Identify processors vulnerable to SMT RSB predictions 133b46382cf0 cpu/SMT: create and export cpu_smt_possible() |
bugzilla: #I6UW64:CVE-2023-1990 | a5f1c66087f9 nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition |
bugzilla: #I6UW68:CVE-2023-1989 | ba592ac92ca1 Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition |
CVE | issue |
---|---|
CVE-2022-27672 | #I6FB6C:CVE-2022-27672 |
CVE-2023-1829 | #I6UYBU:CVE-2023-1829 |
CVE-2023-1989 | #I6UW68:CVE-2023-1989 |
CVE-2023-1990 | #I6UW64:CVE-2023-1990 |
CVE-2023-30456 | #I6U7AN:CVE-2023-30456 |
CVE-2022-36280 | #I5QLC4:CVE-2022-36280 |
TASK | COMMIT |
---|---|
bugzilla: 188657, #I6T36A:CVE-2023-1855 | 980077ee512a hwmon: (xgene) Fix use after free bug in xgene_hwmon_remove due to race condition |
bugzilla: 188641, #I6R4MM:CVE-2023-1670 | f4ba1c5f4e4f xirc2ps_cs: Fix use after free bug in xirc2ps_detach |
bugzilla: 188655, #I6T36H:CVE-2023-1859 | 6740b62b2ef8 9p/xen : Fix use after free bug in xen_9pfs_front_remove due to race condition |
bugzilla: #I6TIG1:【openeuler-1.0-LTS】linux-4.19.y lts补丁回合(4.19.273-4.19.279) | c6efc48af630 bpf: add missing header file include bb47af81b6ab uaccess: Add speculation barrier to copy_from_user() fff0900750dc random: always mix cycle counter in add_latent_entropy() 8295451eac31 x86/mm: Fix use of uninitialized buffer in sme_enable() 9188d63895a7 ext4: fail ext4_iget if special inode unallocated 484d277946ab ext4: zero i_disksize when initializing the bootloader inode 8c2b61430618 irqdomain: Drop bogus fwspec-mapping error handling 02f71880b1bc irqdomain: Fix disassociation race 1db520826324 irqdomain: Fix association race a96794fa4925 x86/kprobes: Fix arch_check_optimized_kprobe check within optimized_kprobe range 754bca977c79 x86/kprobes: Fix __recover_optprobed_insn check optimizing logic 4baf67fc8fe0 x86/bugs: Reset speculation control settings on init 960d6b2a68e6 timers: Prevent union confusion from unexpected restart_syscall() 902690527224 crypto: rsa-pkcs1pad - Use akcipher_request_complete 6196963fbeb9 crypto: seqiv - Handle EBUSY correctly 11b6c1a2b202 ACPI: battery: Fix missing NUL-termination with large strings 721f9208f560 ACPICA: nsrepair: handle cases without a return value correctly 09f78ae49e12 genirq: Fix the return type of kstat_cpu_irqs_sum() e0ccb64b8344 ACPI: NFIT: fix a potential deadlock during NFIT teardown 32bc48867637 alarmtimer: Prevent starvation by small intervals and SIG_IGN |
bugzilla: #I6TJ97:tracing:回合主线修复潜在内存乱序问题的补丁 | 19ad53da9465 ring-buffer: Fix race while reader and writer are on the same page |
bugzilla: #I6TI3Y:【同步社区4.19lts】cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock | 6ea7c5e7c10c cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() b48ceb10050c cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock f49afae4d30e cgroup/cpuset: Change cpuset_rwsem and hotplug lock order |
bugzilla: #I6TI3Y:【同步社区4.19lts】cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock | 1ffff6958523 Revert "cgroup/cpuset: Change cpuset_rwsem and hotplug lock order" 5faaedb6b760 Revert "cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock" 7d8391de2f63 Revert "cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all()" |
bugzilla: #I6MRB5:【openEuler 1.0-LTS】block: fix scan partition for exclusively open device again | ad2c2fb94f6c block: fix wrong mode for blkdev_put() from disk_scan_partitions() fb5186196e26 block: fix scan partition for exclusively open device again cdfb5c11ad89 block: fix kabi broken in ioctl.c efc73feb2901 block: merge disk_scan_partitions and blkdev_reread_part fbbec472351c block: cleanup partition scanning in register_disk 33b040f77d59 block: Revert "block: check 'bd_super' before rescanning partition" |
bugzilla: #I6T6VY:【openEuler-1.0-LTS】md: refactor idle/frozen_sync_thread() | d0acf215de83 md: fix kabi broken in struct mddev e990c8140609 md: use interruptible apis in idle/frozen_sync_thread dadf056356b1 md: wake up 'resync_wait' at last in md_reap_sync_thread() 969e6f89624f md: refactor idle/frozen_sync_thread() d2a9f128efd3 md: add a mutex to synchronize idle and frozen in action_store() dd9fcd211132 md: refactor action_store() for 'idle' and 'frozen' |
bugzilla: #I6RKHX:mm: mem_reliable: Set child task's reliable_nr_page to zero during fork | 8b29c3675923 mm: mem_reliable: Initialize reliable_nr_page when mm_init() |
bugzilla: #I6SJI1:【openEuelr 1.0-LTS】md: fix soft lockup in status_resync | 07193bd7bd92 md: fix soft lockup in status_resync dfd1a3692fa8 md: don't update recovery_cp when curr_resync is ACTIVE a89f484219c9 md: Ensure resync is reported after it starts f4c09a4e9723 md: Use enum for overloaded magic numbers used by mddev->curr_resync |
bugzilla: 188586, #I6TFPJ:【OLK-5.10】BUG: KASAN: null-ptr-deref in device_del | ced482be8693 loop: Add parm check in loop_control_ioctl |
bugzilla: #I6LH5K:[openEuler-1.0-LTS]从 cfq 切换为其他调度器wbt将不会使能 | 5b16ba935e47 block/wbt: enable wbt after switching cfq to other schedulers |
bugzilla: #I6T1EY:CVE-2023-1838 | ca27f8069629 Fix double fget() in vhost_net_set_backend() |
bugzilla: #I6TE76:【openEuler-1.0-LTS】vruntime溢出问题补丁回合 | 2ff1290e7767 sched/fair: Sanitize vruntime of entity being migrated 9b35c87f205d sched/fair: sanitize vruntime of entity being placed c0f17a99bce2 Revert "sched: Reinit task's vruntime if a task sleep over 200 days" |
bugzilla: #I6PQCT:CVE-2023-1611 | 88466df56775 btrfs: fix race between quota disable and quota assign ioctls |
CVE | issue |
---|---|
CVE-2023-1611 | #I6PQCT:CVE-2023-1611 |
CVE-2023-1670 | #I6R4MM:CVE-2023-1670 |
CVE-2023-1838 | #I6T1EY:CVE-2023-1838 |
CVE-2023-1855 | #I6T36A:CVE-2023-1855 |
CVE-2023-1859 | #I6T36H:CVE-2023-1859 |
CVE-2023-0459 | #I71N8L:CVE-2023-0459 |
TASK | COMMIT |
---|---|
bugzilla: #I6SMBI:ext4 buffer部分写可能导致idisk_size大于i_size | 4badc771d324 ext4: Fix i_disksize exceeding i_size problem in paritally written case |
bugzilla: #I6MMUV:ext4反复挂载做故障注入可能导致日志部分重演,造成文件系统损坏 | 7962560cb7fc ext4: ext4_put_super: Remove redundant checking for 'sbi->s_journal_bdev' 8b8c3195c877 ext4: Fix reusing stale buffer heads from last failed mounting |
bugzilla: #I6OOP3:CVE-2023-1513 | c7fbe8558c7b kvm: initialize all of the kvm_debugregs structure before sending it to userspace |
bugzilla: #I6S5DO:openEuler-1.0-LTS virtio_net回合2个LTS bugfix补丁 | b34bd6e1468b net: virtio_net_hdr_to_skb: count transport header in UFO 793b08a9a5de net: be more gentle about silly gso requests coming from user |
bugzilla: 188500, #I6RJ0V:【OLK5.10】[Syzkaller] WARNING in ext4_add_complete_io | 41d10c74ff04 ext4: fix race between writepages and remount |
CVE | issue |
---|---|
CVE-2023-1513 | #I6OOP3:CVE-2023-1513 |
TASK | COMMIT |
---|---|
bugzilla: #I6AOWP:CVE-2023-0266 | 3035add57688 ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF |
bugzilla: #I6NJNA:【OLK-5.10】使用kasan内核执行用例发现slab-out-of-bounds in lookup_rec+0xd8/0x17c 及 use-after-free in lookup_rec+0xd8/0x17c | b8bc36011ce4 ftrace: Fix invalid address access in lookup_rec() when index is 0 |
bugzilla: #I6CE9I:【openEuler 1.0-LTS】回合主线trace特性相关的bugfix补丁 | 568913afecb8 ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead |
bugzilla: #I6NBPU:【openEuler 1.0-LTS】block: fix scan partition for exclusively open device again | d490eece0b79 scsi: scsi_dh_alua: fix memleak for 'qdata' in alua_activate() |
bugzilla: #I6Q364:CVE-2021-3923 | 8fc782dc80ba RDMA/core: Don't infoleak GRH fields |
bugzilla: #I6L46J:[openEuler-1.0-LTS] Backport cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock | c2d835561848 cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all() 4924308a1ca9 cgroup: Fix threadgroup_rwsem <-> cpus_read_lock() deadlock c831178aad59 cgroup/cpuset: Change cpuset_rwsem and hotplug lock order |
bugzilla: #I6HGFP:【openEuler 1.0-LTS】回合主线补丁mm: memcontrol: fix cannot alloc the maximum memcg ID | e73a67d49a8c mm: memcontrol: fix cannot alloc the maximum memcg ID |
CVE | issue |
---|---|
CVE-2021-3923 | #I6Q364:CVE-2021-3923 |
CVE-2023-0266 | #I6AOWP:CVE-2023-0266 |
TASK | COMMIT |
---|---|
bugzilla: #I6OP9S:CVE-2023-1281 | b890f5a3cc7e net/sched: tcindex: search key must be 16 bits 5b5fa0f3a642 net/sched: tcindex: update imperfect hash filters respecting rcu e476efc3085f rcu: Upgrade rcu_swap_protected() to rcu_replace_pointer() |
bugzilla: #I5GZ2Z:CVE-2022-29901 | 9f8ce10e5afd x86/speculation: Add RSB VM Exit protections e916d5392cd7 x86/bugs: Warn when "ibrs" mitigation is selected on Enhanced IBRS parts a1394e52ad8e x86/speculation: Use DECLARE_PER_CPU for x86_spec_ctrl_current f9e1d462638f x86/speculation: Disable RRSBA behavior e62fdec4ae04 x86/bugs: Add Cannon lake to RETBleed affected CPU list 7bef7147376e x86/cpu/amd: Enumerate BTC_NO f31d83507635 x86/common: Stamp out the stepping madness f1d04d69267c x86/speculation: Fill RSB on vmexit for IBRS 0bfc2c3f9f4d KVM: VMX: Fix IBRS handling after vmexit b53f15e360de KVM: VMX: Prevent guest RSB poisoning attacks with eIBRS 5daa62c9cf2e x86/speculation: Remove x86_spec_ctrl_mask d23c8595e601 x86/speculation: Use cached host SPEC_CTRL value for guest entry/exit c11e951eea8b x86/speculation: Fix SPEC_CTRL write on SMT state change 33ee9ebdb565 x86/speculation: Fix firmware entry SPEC_CTRL handling f3a233591ef8 x86/speculation: Fix RSB filling with CONFIG_RETPOLINE=n 3acbac72baea x86/speculation: Change FILL_RETURN_BUFFER to work with objtool b182a654cbe5 intel_idle: Disable IBRS during long idle 9c9bc221e8ce x86/bugs: Report Intel retbleed vulnerability 453bc9f90ab6 x86/bugs: Split spectre_v2_select_mitigation() and spectre_v2_user_select_mitigation() f9d721b45167 x86/speculation: Add spectre_v2=ibrs option to support Kernel IBRS 20c985e02798 x86/bugs: Optimize SPEC_CTRL MSR writes d4373bace140 x86/entry: Add kernel IBRS implementation dcafc887e8f2 x86/entry: Remove skip_r11rcx 027d410a0016 x86/bugs: Keep a per-CPU IA32_SPEC_CTRL value fd760c16b338 x86/bugs: Add AMD retbleed= boot parameter 8141c3dedea3 x86/bugs: Report AMD retbleed vulnerability 589b54f5ca82 x86/cpufeatures: Move RETPOLINE flags to word 11 d8f471afab72 x86/cpu: Add a steppings field to struct x86_cpu_id fe92f4a883cb x86/cpu: Add consistent CPU match macros d94cc2165fdc x86/devicetable: Move x86 specific macro out of generic code 360426181b55 x86/cpufeature: Fix various quality problems in the <asm/cpu_device_hd.h> header 512b69f49cd5 x86/cpufeature: Add facility to check for min microcode revisions 147b7989e072 Revert "x86/cpu: Add a steppings field to struct x86_cpu_id" ebcf747f6f04 Revert "x86/speculation: Add RSB VM Exit protections" 1a2d42b2a1b7 x86/nospec: Fix i386 RSB stuffing |
bugzilla: 188471,#I6MR1V:【OLK5.10】文件系统长稳环境出现fsck修复后仍有错误 | 3060396eb530 ext4: make sure fs error flag setted before clear journal error 847c9db673c4 ext4: commit super block if fs record error when journal record without error |
bugzilla: #I6PMWS:【openEuler-1.0-LTS】回合两个hugetlb相关的bugfix | b0fdae57352d hugetlb: fix hugepages_setup when deal with pernode a19acce44557 hugetlb: fix wrong use of nr_online_nodes |
bugzilla: #I6Q4F0:【OLK-5.10】tty: fix out-of-bounds access in tty_driver_lookup_tty() | 0b24a7a2a230 tty: fix out-of-bounds access in tty_driver_lookup_tty() |
bugzilla: #I6O1UD:[openEuler-1.0-LTS] 回合主线补丁 | 6dfc76f160cb arm64: errata: Remove AES hwcap for COMPAT tasks 749b4db93c96 kernel: Initialize cpumask before parsing f8b36a80c940 genirq: Disable interrupts for force threaded handlers eb96b91c895d softirq: Don't try waking ksoftirqd before it has been spawned |
bugzilla: #I6J2FQ:关掉所有phy后,对SAS/SATA盘开phy,其他未开phy的SATA盘会打印‘wait phyup timeout, issuing link reset’ | 2ec9b38eedb9 scsi: hisi_sas: Clear interrupt status when exiting channel int0 for v3 hw |
bugzilla: #I6J25G:SATA盘回DMA Setup帧长度异常时触发群体慢盘问题 | ad00f9f78f35 scsi: hisi_sas: Handle NCQ error when IPTT is valid |
bugzilla: #I6J1SI:跑IO时拔盘压测出现空指针异常 | fab7024b0c77 scsi: hisi_sas: Grab sas_dev lock when traversing the members of sas_dev.list |
bugzilla: #I64END:CVE-2022-4269 | dd56ba38315d act_mirred: use the backlog for nested calls to mirred ingress 07af41461362 net/sched: act_mirred: refactor the handle of xmit a4c713b12dc9 net: sched: don't expose action qstats to skb_tc_reinsert() 66b5f39a8911 net: sched: protect against stack overflow in TC act_mirred bd898bf14a7e net: sched: refactor reinsert action |
bugzilla: #I6NIUR:CVE-2023-28466 | 4d71819aa9de net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() |
bugzilla: #I6NCVX:CVE-2023-1380 | 42c36c1d12db wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies() |
bugzilla: 188522,#I6N7ZP:【OLK5.10】[syzkaller] kernel BUG in ext4_mb_load_buddy_gfp | 72b4882b21aa ext4: fix another off-by-one fsmap error on 1k block filesystems |
CVE | issue |
---|---|
CVE-2022-29901 | #I5GZ2Z:CVE-2022-29901 |
CVE-2022-4269 | #I6MZNK:CVE-2022-4269社区已有补丁 |
CVE-2022-4269 | #I64END:CVE-2022-4269 |
CVE-2023-1281 | #I6OP9S:CVE-2023-1281 |
CVE-2023-1380 | #I6NCVX:CVE-2023-1380 |
CVE-2023-28466 | #I6NIUR:CVE-2023-28466 |
TASK | COMMIT |
---|---|
bugzilla: #I6NCRH:CVE-2023-1382 | 338a985a0da9 tipc: add an extra conn_get in tipc_conn_alloc 30b75522bd3d tipc: set con sock in tipc_conn_alloc |
bugzilla: #I6E9D3:[openEuler-1.0-LTS] oom: decouple mems_allowed from oom_unkillable_task | 7999deb00792 mm/oom_kill.c: fix oom_cpuset_eligible() comment b749780e0737 oom: decouple mems_allowed from oom_unkillable_task cdec350a0aeb mm, oom: remove redundant task_in_mem_cgroup() check 712f5449b0f7 mm, oom: refactor dump_tasks for memcg OOMs |
bugzilla: #I6GTUI:fs: move guard_bio_eod() after bio_set_op_attrs | 37e2394c9430 block: Fix wrong offset in bio_truncate() 5c75e1b8adab fs: move guard_bio_eod() after bio_set_op_attrs 578a75ceb8a9 block: add bio_truncate to fix guard_bio_eod |
bugzilla: #I6L0EC:[openEuler-1.0-LTS] mm/mempolicy.c: fix out of bounds write in mpol_parse_str() | b57634863a38 mm/mempolicy.c: fix out of bounds write in mpol_parse_str() |
bugzilla: 188381, #I644ST:【openEuler-1.0-LTS】 [内核][cifs][smb] 网络不好时,cifs访问出现UAF | be3bd00e246a cifs: Fix use-after-free in rdata->read_into_pages() |
bugzilla: #I6NCQH:CVE-2023-28328 | 190213e7a4f9 media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() |
CVE | issue |
---|---|
CVE-2023-1382 | #I6NCRH:CVE-2023-1382 |
CVE-2023-28328 | #I6NCQH:CVE-2023-28328 |
TASK | COMMIT |
---|---|
bugzilla: 188150, #I643OL:【openEuler 2003 LTS】【openEuler-1.0-LTS】 [内核] [kernfs] [block] 测试iscsi中blk层宕机 | c0c09f907b82 scsi: cancel the inflight async device probe when remove scsi_target |
bugzilla: 188355, #I6E4JF:【openEuler-1.0-LTS】iscsi:不断删除scsi,以及iscsi logout时出现UAF宕机 | 74313e96e2ba scsi: fix use-after-free problem in scsi_remove_target |
bugzilla: #I6I7U9:CVE-2023-1079 | a418baf88350 HID: asus: use spinlock to safely schedule workers 28cadeaeeb9b HID: asus: use spinlock to protect concurrent accesses 11bda74e6195 HID: asus: Remove check for same LED brightness on set |
bugzilla: #I6HOKY:【openEuler 1.0-LTS】kernfs读写与blk_mq_unregister_dev并发触发死锁 | 3b104ae105cf blk-wbt: don't enable throttling if default elevator is bfq 5974d33c8b97 block: Fix kabi broken by "block: split .sysfs_lock into two locks" 696831814f81 block: fix comment and add lockdep assert 3326f40a3e87 block: don't release queue's sysfs lock during switching elevator 5596d82c8583 block: fix race between switching elevator and removing queues e5264f986cae block: split .sysfs_lock into two locks |
bugzilla: #I6ETWH:[openEuler-1.0-LTS] crypto: rsa-pkcs1pad - restore signature length check | 7dc6d3e91263 crypto: rsa-pkcs1pad - restore signature length check |
bugzilla: #I6EVUJ:[openEuler-1.0-LTS] fs/proc: task_mmu.c: don't read mapcount for migration entry | 52c0780d79d5 fs/proc: task_mmu.c: don't read mapcount for migration entry |
bugzilla: #I6KOHU:[openEuler-1.0-LTS] linux-4.19.y 补丁分析回合(4.19.271..4.19.273) | 031a45a606b4 migrate: hugetlb: check for hugetlb shared PMD in node migration f5870e5919d3 mm: hugetlb: proc: check for hugetlb shared PMD in /proc/PID/smaps f1d875559c49 ipv6: Fix tcp socket connection with DSCP. 67e3c16be73a ipv6: Fix datagram socket connection with DSCP. e1429d265e36 aio: fix mremap after fork null-deref 30d362dcbd2e bpf: Always return target ifindex in bpf_fib_lookup 5e65706cb2ee serial: 8250_dma: Fix DMA Rx rearm race 8812dbbec994 serial: 8250_dma: Fix DMA Rx completion race af83cc7d80e7 x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL 16478563e10f ipv4: prevent potential spectre v1 gadget in ip_metrics_convert() 802895f02273 netlink: annotate data races around sk_state 72f0879dc14d netlink: annotate data races around dst_portid and dst_group cff1c1271e72 netlink: annotate data races around nlk->portid 85d4f5676846 netlink: remove hash::nelems check in netlink_insert 4f88522fe0e4 net: fix UaF in netns ops registration error path 3cc926ed33eb netfilter: conntrack: do not renew entry stuck in tcp SYN_SENT state |
bugzilla: 188431, #I6DKVG:CVE-2023-20938 | f39ea04fab0b binder: Gracefully handle BINDER_TYPE_FDA objects with num_fds=0 4369d76d38f4 binder: Address corner cases in deferred copy and fixup aeb72290f074 binder: fix pointer cast warning 10b7fd8d39c9 binder: defer copies of pre-patched txn data fca2d3509780 binder: read pre-translated fds from sender buffer cdd8f6bfd494 binder: avoid potential data leakage when copying txn 84b65739b82d binder: fix handling of error during copy 24a7578b626e binder: use cred instead of task for getsecid bb295d94f6f4 binder: don't detect sender/target during buffer cleanup c31c1b8518d4 binder: make sure fd closes complete c1f73bbb7d46 binder: Remove bogus warning on failed same-process transaction 08f9c4234f65 binder: fix incorrect calculation for num_valid 819938038fb5 binder: Prevent repeated use of ->mmap() via NULL mapping 629bb8dcfe87 binder: Don't modify VMA bounds in ->mmap handler f3547f7a9dc3 binder: Set end of SG buffer area properly. 2672b43c0fa8 binder: return errors from buffer copy functions 0ee6c2a3b69b binder: check for overflow when alloc for security context e8311e88b526 binder: fix BUG_ON found by selinux-testsuite 33ec204f9424 binder: fix handling of misaligned binder object d549e609b868 binder: use userspace pointer as base of buffer space 31ef55d24c2c binder: remove user_buffer_offset 42338d030eca binder: remove kernel vm_area for buffer space 71e99420f63e binder: avoid kernel vm_area for buffer fixups 5a7cf16a73cb binder: add function to copy binder object from buffer f39c7856abb0 binder: add functions to copy to/from binder buffers da280e85b89b binder: create userspace-to-binder-buffer copy function a1da4e72bbf9 binder: fix use-after-free due to ksys_close() during fdget() f219ab951f97 binder: fix kerneldoc header for struct binder_buffer 1f2026c67acb binder: create node flag to request sender's security context 589e7699ecf0 binder: Add BINDER_GET_NODE_INFO_FOR_REF ioctl. 1ff383528290 binder: use standard functions to allocate fds |
bugzilla: #I53Q6M:【OLK-5.10】挂载文件系统的裸盘操作打印增强 | e556e4408096 block: fix kabi change since add bd_write_openers and bd_part_write_openers 756985f38aed block: add info when opening an exclusive opened block device for write af291b1906f1 block: add info when opening a write opend block device exclusively 681d2a461112 Revert "block: add info when opening an exclusive opened block device for write" 729f7e4df3a1 Revert "block: add info when opening a write opend block device exclusively" |
bugzilla: #I6K53I:ext4: 构造特殊block bitmap损坏镜像导致WANRON | fb114c547d4f ext4: fix WARNING in mb_find_extent |
bugzilla: #I6I7U3:CVE-2023-1074 | c281f437f9d3 sctp: fail if no bound addresses can be used for a given scope |
CVE | issue |
---|---|
CVE-2023-1074 | #I6I7U3:CVE-2023-1074 |
CVE-2023-1079 | #I6I7U9:CVE-2023-1079 |
CVE-2023-20938 | #I6DKVG:CVE-2023-20938 |
CVE-2023-1582 | #I6PDF4:CVE-2023-1582 |
TASK | COMMIT |
---|---|
bugzilla: #I6IFV4:CVE-2023-1073 | 9098709adfee HID: check empty report_list in hid_validate_values() |
bugzilla: 46904, #I6KOXL:[openEuler-1.0-LTS] dhugetlb: use mutex lock in update_reserve_pages() | f9234c02aedd dhugetlb: use mutex lock in update_reserve_pages() |
bugzilla: #I6HWOS:CVE-2023-26607 | ead53ab74409 ntfs: fix out-of-bounds read in ntfs_attr_find() a7fca6e8c749 ntfs: fix use-after-free in ntfs_ucsncmp() |
bugzilla: #I6IW01:CVE-2023-1118 | 31f9ae4d3e25 media: rc: Fix use-after-free bugs caused by ene_tx_irqsim() |
bugzilla: #I6IXQP:CVE-2023-23000 | 3c5972ff8fe3 phy: tegra: xusb: Fix return value of tegra_xusb_find_port_node function |
bugzilla: #I6IK9U:CVE-2023-1095 | ee8628e10abb netfilter: nf_tables: fix null deref due to zeroed list head |
bugzilla: #I6H3MB:CVE-2023-0461 | e533d31278a5 tcp: Fix listen() regression in 5.15.88. |
bugzilla: #I6I7UC:CVE-2023-1076 | 03d1f7f58d44 tap: tap_open(): correctly initialize socket uid df0a3d2ffdff tun: tun_chr_open(): correctly initialize socket uid 2f23d45192de net: add sock_init_data_uid() |
bugzilla: #I6I7UF:CVE-2023-1078 | 5c7ddc56383c rds: rds_rm_zerocopy_callback() use list_first_entry() |
CVE | issue |
---|---|
CVE-2023-0461 | #I6H3MB:CVE-2023-0461 |
CVE-2023-1073 | #I6IFV4:CVE-2023-1073 |
CVE-2023-1076 | #I6I7UC:CVE-2023-1076 |
CVE-2023-1078 | #I6I7UF:CVE-2023-1078 |
CVE-2023-1095 | #I6IK9U:CVE-2023-1095 |
CVE-2023-1118 | #I6IW01:CVE-2023-1118 |
CVE-2023-23000 | #I6IXQP:CVE-2023-23000 |
CVE-2023-26607 | #I6HWOS:CVE-2023-26607 |
TASK | COMMIT |
---|---|
bugzilla: #I6BO2R:【openEuler 1.0-LTS】【OLK-5.10】新增中断重入告警维测 | 2e14980575f2 genirq: Remove irqd_irq_disabled in __irq_move_irq |
bugzilla: 188443, #I6I8YD:回合补丁修复iscsi UAF问题 | cc6fb9a67b31 scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress 3835c5e97f02 scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress 6ef38034c01a !420:backport CVEs and bugfixes backport CVEs and bugfixes 18e32b667b26 !415:mainline bugfix backport mainline bugfix backport |
bugzilla: #I6HZHU:CVE-2023-26545 | 387bf44c2b6f net: mpls: fix stale pointer if allocation fails during device rename |
bugzilla: 188413, #I6GWYG:【OLK-5.10】 nbd_dev_add函数出现panic | 659039b1e0be nbd: fix assignment error for first_minor in nbd_dev_add |
bugzilla: #I6DRJ1:主线补丁回合:selinux: reorder hooks to make runtime disable less broken | 2a72e51db13a selinux: further adjust init order for cred_* hooks 5e10c473f431 selinux: further adjust init order for file_alloc_security hook 18e32b667b26 !415:mainline bugfix backport mainline bugfix backport |
bugzilla: #I6DRJ1:主线补丁回合:selinux: reorder hooks to make runtime disable less broken | 87d41806ccde selinux: reorder hooks to make runtime disable less broken |
bugzilla: #I6AAU7:主线补丁回合:evm: Check also if *tfm is an error pointer in init_desc() | 2de20782d714 evm: Fix a small race in init_desc() 57911670b7b3 evm: Check also if *tfm is an error pointer in init_desc() |
bugzilla: 34842, #I6H9U5:【openEuler-1.0-LTS】回合6个主线bugfix补丁 | d00796bcdb13 iommu: Properly export iommu_group_get_for_dev() |
bugzilla: 20547, #I6H9U5:【openEuler-1.0-LTS】回合6个主线bugfix补丁 | 4d84d9c9d5c3 of: resolver: Add of_node_put() before return and break |
bugzilla: 22762, #I6H9U5:【openEuler-1.0-LTS】回合6个主线bugfix补丁 | a08d7b29bcc5 of: unittest: Add of_node_put() before return |
bugzilla: 30226, #I6H9U5:【openEuler-1.0-LTS】回合6个主线bugfix补丁 | 7675ff81e96a drivers/iommu: Allow IOMMU bus ops to be unregistered |
bugzilla: 30237, #I6H9U5:【openEuler-1.0-LTS】回合6个主线bugfix补丁 | 00834beff78d drivers/iommu: Export core IOMMU API symbols to permit modular drivers |
bugzilla: 29297, #I6H9U5:【openEuler-1.0-LTS】回合6个主线bugfix补丁 | 4eb17f9b6e08 component: do not dereference opaque pointer in debugfs |
bugzilla: #I69WIO:【openEuler-1.0-LTS】4.19分支安全组1月份主线补丁回合 | aa8b0c753dcd ipmi: use %*ph to print small buffer |
bugzilla: #I6F049:【openEuler-1.0-LTS】crypto: algif_skcipher - Use chunksize instead of blocksize | 565c35a828cc crypto: algif_skcipher - Use chunksize instead of blocksize |
bugzilla: #I6FMKH:【openEuler-1.0-LTS】 crypto: algif_skcipher - EBUSY on aio should be an error | a14fdf71ecec crypto: algif_skcipher - EBUSY on aio should be an error |
bugzilla: #I6HB6T:crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete() | e49619d52c9c crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete() |
bugzilla: 46904, #I6GSKP:【openEuler 1.0-LTS】动态大页特性完善内存故障处理逻辑 | d755712ec805 dhugetlb: isolate hwpoison hugepage when release |
bugzilla: #I6G76L:【OLK-5.10】sharepool中退组接口和sp_alloc接口存在并发问题,并发调用可能导致UAF | 77978cd7dac4 mm/sharepool: Fix null-pointer-deference in sp_free_area |
CVE | issue |
---|---|
CVE-2023-26545 | #I6HZHU:CVE-2023-26545 |
TASK | COMMIT |
---|---|
bugzilla: #I5Z32F:【openEuler-1.0-LTS】bonding 支持MPLS特性 | e830f7951c39 net: bonding: Inherit MPLS features from slave devices |
bugzilla: 187818, #I6DK3O:【OLK-5.10】执行fs_fusiontest测试套test_fs_fusion174用例,触发KASAN: stack-out-of-bounds Read in unwind_next_frame | be8cb43b5af0 x86/unwind: Fix check_paravirt() calls orc_find() before declaration |
bugzilla: 46904, #I6FCQZ:【openEuler-1.0-LTS】开启动态大页之后使用cont-bit大页可能挂死 | 7d9032b0a196 dhugetlb: set hpool to NULL for cont-bit hugepage |
bugzilla: #I6FK2R:【openEuler 1.0-LTS】【syzkaller】auto tuning hugepage 功能导致出现链表并发操作告警 | 062d53793327 arm64/ascend: Delete CONFIG_ASCEND_AUTO_TUNING_HUGEPAGE in hulk_defconfig 9fb6a430b0b6 arm64/ascend: Delete unused feature auto-tuning hugepage |
bugzilla: #I6AXGS:mm/memcg_memfs_info: fix potential oom_lock recursion deadlock | fbae61552ee6 mm/memcg_memfs_info: fix potential oom_lock recursion deadlock |
bugzilla: #I6DKZJ:定时任务br_ip4_multicast_query_expired概率性出现rcu死锁问题 | d582b6e04f57 net: bridge: mcast: add and enforce query interval minimum c89e66bf5be4 net: bridge: mcast: add and enforce startup query interval minimum |
bugzilla: #I6DZIB:【openEuler-1.0-LTS】block, bfq: switch 'bfqg->ref' to use atomic refcount apis | 9f64d49e3b12 block, bfq: switch 'bfqg->ref' to use atomic refcount apis 278253ce9c0e x86/bugs: Flush IBP in ib_prctl_set() 561722c0d702 media: vivid: fix compose size exceed boundary |
bugzilla: #I697AN:希望4.19.90和5.10.0内核bonding模块支持双发网卡的ARP | 701a586ea523 anolis: bond: broadcast ARP or ND messages to all slaves |
NA
TASK | COMMIT |
---|---|
bugzilla: #I6DZIB:【openEuler-1.0-LTS】block, bfq: switch 'bfqg->ref' to use atomic refcount apis | 9f64d49e3b12 block, bfq: switch 'bfqg->ref' to use atomic refcount apis |
bugzilla: #I6CU98:CVE-2023-0045 | 278253ce9c0e x86/bugs: Flush IBP in ib_prctl_set() |
bugzilla: #I6CIGU:CVE-2023-0615 | 561722c0d702 media: vivid: fix compose size exceed boundary |
bugzilla: #I6DPF8:[openEuler-1.0-LTS] 4.19 lts 补丁回合(4.19.269..4.19.271) | 381166036dcc cifs: do not include page data when checking signature 40124251c4b4 SUNRPC: Don't leak netobj memory when gss_read_proxy_verf() fails 8512d06632d6 net: stream: purge sk_error_queue in sk_stream_kill_queues() d47b2f0c06b4 net: stream: don't purge sk_error_queue in sk_stream_kill_queues() 34b18eb0287a ext4: fix deadlock due to mbcache entry corruption 5ae65557eaf8 mbcache: automatically delete entries from cache on freeing 4cd9f02e7d64 mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths 5fc2a8086e6e mm/khugepaged: fix GUP-fast interaction by sending IPI ca1eb2d47a8f mm: gup: fix the fast GUP race against THP collapse b3701e78a24b prlimit: do_prlimit needs to have a speculation check 89d288a07000 arm64: cmpxchg_double*: hazard against entire exchange variable aeb315d840e5 net/ulp: prevent ULP without clone op from entering the LISTEN status 7798e957909c driver core: Fix bus_type.match() error handling in __driver_attach() 10fddc40e87c md: fix a crash in mempool_free 1bd6a4c1c438 bpf: pull before calling skb_postpull_rcsum() 3839e5832975 SUNRPC: ensure the matching upcall is in-flight upon downcall ef39593e3409 ovl: Use ovl mounter's fsuid and fsgid in ovl_link() 302deb4b70c5 pnode: terminate at peers of source c35e430fb783 cifs: Fix uninitialized memory read for smb311 posix symlink create 29a747a1615a device_cgroup: Roll back to original exceptions after copy failure 5112aa6b6b9c PCI/sysfs: Fix double free in error path b142a0a71168 PCI: Fix pci_device_is_present() for VFs by checking PF 2f5f822e3a67 ipmi: fix use after free in _ipmi_destroy_user() c6ad76f1593c ima: Fix a potential NULL pointer access in ima_restore_measurement_list 6084ee2dfa48 ipmi: fix long wait in unload when IPMI disconnect 3c37b9ffb9c8 binfmt: Fix error return code in load_elf_fdpic_binary() d493c90bb0eb chardev: fix error handling in cdev_device_add() f4db575236be mrp: introduce active flags to prevent UAF when applicant uninit d14c4e41f7dd bpf: make sure skb->len != 0 when redirecting to a tunneling device ea64e5af1ecf ipmi: fix memleak when unload ipmi driver e91098594d1c ACPICA: Fix error code path in acpi_ds_call_control_method() 8b13cf177744 skbuff: Account for tail adjustment during pull operations 6c4ef1eab910 serial: pl011: Do not clear RX FIFO & RX interrupt in unthrottle. 7bac3beadbea serial: amba-pl011: avoid SBSA UART accessing DMACR register 45fdebf6aa35 class: fix possible memory leak in __class_register() bf0e65e2b1fe crypto: tcrypt - Fix multibuffer skcipher speed test mem leak 41ee72beaccc blktrace: Fix output non-blktrace event when blk_classic option enabled 90d323ef4966 SUNRPC: Fix missing release socket in rpc_sockname() a0d020cabbbb bonding: uninitialized variable in bond_miimon_inspect() e6ef75f8bce3 pinctrl: pinconf-generic: add missing of_node_put() ae4122ce7ca8 ima: Fix misuse of dereference of pointer in template_desc_init_fields() 27e4b5d9f3cb ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() 3b4d0937c81c md/raid1: stop mdx_raid1 thread when raid1 array run failed bd54f47b403b blk-mq: fix possible memleak when register 'hctx' failed 928b58de6538 perf: Fix possible memleak in pmu_dev_alloc() 815c58efcb59 cpuidle: dt: Return the correct numbers of parsed idle states a8a7d816de9b pstore: Avoid kcore oops by vmap()ing with VM_IOREMAP 37d38fa423c9 pstore/ram: Fix error return code in ramoops_probe() 3d1f51395dd9 perf: arm_dsu: Fix hotplug callback leak in dsu_pmu_init() |
bugzilla: #I6DZRO:【openEuler-1.0-LTS】sched/rt: Optimize checking group RT scheduler constraints | 4cf97d6f5799 sched/rt: Optimize checking group RT scheduler constraints |
bugzilla: 188227, #I6AG8P:【OLK-5.10】执行测试用例block_fusiontest/tests/scsi-mq/test_208,触发KASAN: use-after-free Read in md_wakeup_thread | 390b7ab520a2 md: protect md_unregister_thread from reentrancy |
bugzilla: #I6BE56:hugetlbfs上punch hole出现start==end的情况 | 9ebfa4f9d8d4 hugetlbfs: fix off-by-one error in hugetlb_vmdelete_list() |
bugzilla: #I6C67X:主线补丁回合,list_debug添加指针安全检测 | 3927ee8111f1 lib/list_debug.c: Detect uninitialized lists |
bugzilla: 188240 | 52973ec4c5d3 crypto: tcrypt - avoid signed overflow in byte count |
bugzilla: #I5RO2H:【OLK5.10 sharepool 修复大页Rsvd字段异常问题】 | ba34d9d30784 mm: sharepool: fix hugepage_rsvd count increase error |
bugzilla: #I6BO2R:【openEuler 1.0-LTS】【OLK-5.10】新增中断重入告警维测 | eca55c5ae657 config: enbale irq pending config for openeuler 16073a1932c7 genirq: introduce CONFIG_GENERIC_PENDING_IRQ_FIX_KABI 6ea5519695b2 irqchip/gic-v3-its: introduce CONFIG_GENERIC_PENDING_IRQ |
bugzilla: 188227, #I6AG8P:【OLK-5.10】执行测试用例block_fusiontest/tests/scsi-mq/test_208,触发KASAN: use-after-free Read in md_wakeup_thread | 98cd4a577bb7 md: fix uaf in md_wakeup_thread |
bugzilla: #I6BO2R:【openEuler 1.0-LTS】【OLK-5.10】新增中断重入告警维测 | db0bbc90d1fc genirq: add printk safe in irq context |
bugzilla: #I6C5HV:jbd2日志do_checkpoint和do_get_write_access并发在掉电场景导致文件系统损坏 | e2c9c2573ecb jbd2: Fix data missing when reusing bh which is ready to be checkpointed |
bugzilla: 187818, #I6DK3O:【OLK-5.10】执行fs_fusiontest测试套test_fs_fusion174用例,触发KASAN: stack-out-of-bounds Read in unwind_next_frame | 98ce3754136a x86/unwind: Fix orc entry for paravirt {save,restore}_fl |
bugzilla: #I6D6RL:CIFS共享目录挂载后执行mv失败 | 22792bc88cee cifs: sanitize multiple delimiters in prepath |
bugzilla: #I5XXFF:CVE-2022-3707 | 1a1bee2fd2f0 drm/i915/gvt: fix double free bug in split_2MB_gtt_entry |
CVE | issue |
---|---|
CVE-2022-3707 | #I5XXFF:CVE-2022-3707 |
CVE-2023-0045 | #I6CU98:CVE-2023-0045 |
CVE-2023-0615 | #I6CIF8:CVE-2023-0615 |
TASK | COMMIT |
---|---|
bugzilla: #I6CE9I:【openEuler 1.0-LTS】回合主线trace特性相关的bugfix补丁 | ac59b83e5b01 ring-buffer: Fix race between reset page and reading page |
bugzilla: #I6B4N7:dm linear设备reload自身触发panic | 920e093b4b9a block: don't allow a disk link holder to itself |
bugzilla: 187904,#I6BJAR:【OLK5.10 LTS 回合】ext4: fix use-after-free in ext4_orphan_cleanup | 7f6d120a3b83 ext4: fix use-after-free in ext4_orphan_cleanup eed57abe5e59 ext4: lost matching-pair of trace in ext4_truncate |
bugzilla: 188291, #I6B1V2:CVE-2023-0394 | 34d18a87e565 ipv6: raw: Deduct extension header length in rawv6_push_pending_frames |
bugzilla: #I6AWEO:zram 压测产生softlock | a0fd3ba4fdbd mm/swapfile: add cond_resched() in get_swap_pages() |
bugzilla: #I6AR36:[OLK-5.10] KASAN: null-ptr-deref Write in delete_from_page_cache | e9b25ed0117e hugetlbfs: don't delete error page from pagecache e759fdf58083 mm: hwpoison: refactor refcount check handling |
bugzilla: 46904, #I6BDME:【openEuler 1.0-LTS】回合动态大页特性 | db1c58801858 dhugetlb: set DYNAMIC_HUGETLB to y for hulk_defconfig 20bd30cdeb29 dhugetlb: use enable_dhugetlb to disable huge_memory 20f0535e57da dhugetlb: skip dissolve hugepage belonging to dynamic hugetlb f15774c66bcd dhugetlb: only support 1G/2M hugepage and ARM64_4K_PAGES 1cca8ee58207 dhugetlb: isolate dynamic hugetlb code 0bc0d0d57eda dhugetlb: backport dynamic hugetlb feature |
bugzilla: #I69PY0:在可用物理内存不足时,可能造成fork失败,系统将不能执行任何命令 | b8042a6b91ce mm: fix false-positive OVERCOMMIT_GUESS failures |
bugzilla: #I6CGZN:【openEuler-1.0-LTS】cfq: fix memory leak for cfqq | ecf818a5ca64 cfq: fix memory leak for cfqq |
CVE | issue |
---|---|
CVE-2023-0394 | #I6B1V2:CVE-2023-0394 |
TASK | COMMIT |
---|---|
bugzilla: #I6AXHU:4.19回合主线bugfix补丁 | ea2f18c2a6f5 bus: hisi_lpc: Fixup IO ports addresses to avoid use-after-free in host removal e007b6e3e16b of/fdt: Don't calculate initrd size from DT if start > end d61c6b1d5738 lib/cmdline: avoid page fault in next_arg |
bugzilla: #I6BO2R:【openEuler 1.0-LTS】【OLK-5.10】新增中断重入告警维测 | bdc370d64dc4 genirq: Introduce warn log when irq be reentrant |
bugzilla: #I6B0FA:CVE-2022-47929 | 9b7fffe98c70 net: sched: disallow noqueue for qdisc classes |
bugzilla: 188250, #I6AQG9:CVE-2023-23455 | 2b3a2023f0fb net: sched: atm: dont intepret cls results when asked to drop |
bugzilla: #I6BHNT:【openEuler-1.0-LTS】block: check 'bd_super' before rescanning partition | 00f206947a6c block: check 'bd_super' before rescanning partition |
bugzilla: #I6AQIL:CVE-2023-23454 | 6398c1f104c5 net: sched: cbq: dont intepret cls results when asked to drop |
bugzilla: #I6AWEO:zram 压测产生softlock | 92100397dfd0 swapfile: fix soft lockup in scan_swap_map_slots |
bugzilla: #I67J42:iBMA驱动在内存压力过大情况下,可能出现自旋锁死锁,造成系统复位 | 22c4847a5ab9 Huawei BMA: Fix iBMA driver bug |
CVE | issue |
---|---|
CVE-2022-47929 | #I6B0FA:CVE-2022-47929 |
CVE-2023-23454 | #I6AQIL:CVE-2023-23454 |
CVE-2023-23455 | #I6AQG9:CVE-2023-23455 |