From 6771ee97bb930a328fcbf51cb39ff1d4109198ff Mon Sep 17 00:00:00 2001 From: Zhao Hang Date: Wed, 6 Nov 2024 16:36:29 +0800 Subject: [PATCH 1/2] [CVE]update to kernel-4.18.0-553.27.1.src.rpm to #bug11753 update to kernel-4.18.0-553.27.1.src.rpm for CVE-2022-48773 CVE-2022-48936 CVE-2023-52492 CVE-2024-24857 CVE-2024-26851 CVE-2024-26924 CVE-2024-26976 CVE-2024-27017 CVE-2024-27062 CVE-2024-35839 CVE-2024-35898 CVE-2024-35939 CVE-2024-38540 CVE-2024-38541 CVE-2024-38586 CVE-2024-38608 CVE-2024-39503 CVE-2024-40924 CVE-2024-40961 CVE-2024-40983 CVE-2024-40984 CVE-2024-41009 CVE-2024-41042 CVE-2024-41066 CVE-2024-41092 CVE-2024-41093 CVE-2024-42070 CVE-2024-42079 CVE-2024-42244 CVE-2024-42284 CVE-2024-42292 CVE-2024-42301 CVE-2024-43854 CVE-2024-43880 CVE-2024-43889 CVE-2024-43892 CVE-2024-44935 CVE-2024-44989 CVE-2024-44990 CVE-2024-45018 CVE-2024-46826 CVE-2024-47668 Project: TC2024080204 Signed-off-by: Zhao Hang --- download | 4 +- kernel.spec | 129 +++++++++++++++++- ...es-causes-kernel-compilation-to-fail.patch | 11 -- 3 files changed, 124 insertions(+), 20 deletions(-) delete mode 100644 repair-dwarves-causes-kernel-compilation-to-fail.patch diff --git a/download b/download index 64d483f..fef567b 100644 --- a/download +++ b/download @@ -1,3 +1,3 @@ -ae30146bd64194dd574e3013d33dfc97 kernel-abi-stablelists-4.18.0-553.tar.bz2 +30258db91934ca7712ca6473b4243e82 kernel-abi-stablelists-4.18.0-553.tar.bz2 559191ff3ea6f1f91b7d06563f479e39 kernel-kabi-dw-4.18.0-553.tar.bz2 -8e87a1910a3e50b0e74f18700f7bde9a linux-4.18.0-553.22.1.el8_10.tar.xz +cd40522539ffc17b79e579f6f0699bac linux-4.18.0-553.27.1.el8_10.tar.xz diff --git a/kernel.spec b/kernel.spec index 9bdc91f..baf47ff 100644 --- a/kernel.spec +++ b/kernel.spec @@ -1,6 +1,5 @@ # We have to override the new %%install behavior because, well... the kernel is special. %global __spec_install_pre %{___build_pre} -%define anolis_release .0.1 # At the time of this writing (2019-03), RHEL8 packages use w2.xzdio # compression for rpms (xz, level 2). @@ -39,10 +38,10 @@ # define buildid .local %define specversion 4.18.0 -%define pkgrelease 553.22.1.el8_10 +%define pkgrelease 553.27.1.el8_10 # allow pkg_release to have configurable %%{?dist} tag -%define specrelease 553.22.1%{anolis_release}%{?dist} +%define specrelease 553.27.1%{?dist} %define pkg_release %{specrelease}%{?buildid} @@ -545,7 +544,6 @@ Source4001: rpminspect.yaml # empty final patch to facilitate testing of kernel patches Patch999999: linux-kernel-test.patch -Patch1000: repair-dwarves-causes-kernel-compilation-to-fail.patch # END OF PATCH DEFINITIONS @@ -1103,7 +1101,6 @@ mv linux-%{specversion}-%{pkgrelease} linux-%{KVERREL} cd linux-%{KVERREL} ApplyOptionalPatch linux-kernel-test.patch -%patch1000 -p0 -b .repair-dwarves-causes-kernel-compilation-to-fail # END OF PATCH APPLICATIONS @@ -2699,8 +2696,126 @@ fi # # %changelog -* Wed Sep 25 2024 Xiaoping Liu - 4.18.0-553.22.1.0.1 -- kernel:repair dwarves causes kernel compilation to fail +* Thu Oct 17 2024 Denys Vlasenko [4.18.0-553.27.1.el8_10] +- lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (Waiman Long) [RHEL-62139] {CVE-2024-47668} +- bonding: fix xfrm real_dev null pointer dereference (Hangbin Liu) [RHEL-57239] {CVE-2024-44989} +- bonding: fix null pointer deref in bond_ipsec_offload_ok (Hangbin Liu) [RHEL-57233] {CVE-2024-44990} +- bpf: Fix overrunning reservations in ringbuf (Viktor Malik) [RHEL-49414] {CVE-2024-41009} +- xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CKI Backport Bot) [RHEL-49309] {CVE-2022-48773} +- tty: tty_io: update timestamps on all device nodes (Aristeu Rozanski) [RHEL-55257] +- tty: use 64-bit timstamp (Aristeu Rozanski) [RHEL-55257] +- ELF: fix kernel.randomize_va_space double read (Rafael Aquini) [RHEL-60669] {CVE-2024-46826} +- xfrm: set dst dev to blackhole_netdev instead of loopback_dev in ifdown (Xin Long) [RHEL-58100] +- loopback: fix lockdep splat (Xin Long) [RHEL-58100] +- blackhole_netdev: use blackhole_netdev to invalidate dst entries (Xin Long) [RHEL-58100] +- loopback: create blackhole net device similar to loopack. (Xin Long) [RHEL-58100] + +* Wed Oct 09 2024 Denys Vlasenko [4.18.0-553.26.1.el8_10] +- nouveau: lock the client object tree. (Abdiel Janulgue) [RHEL-35118] {CVE-2024-27062} +- cifs: fix deadlock between reconnect and lease break (Paulo Alcantara) [RHEL-58037] +- ACPI: PAD: fix crash in exit_round_robin() (Mark Langsdorf) [RHEL-56156] +- gfs2: Randomize GLF_VERIFY_DELETE work delay (Andreas Gruenbacher) [RHEL-35757] +- gfs2: Use mod_delayed_work in gfs2_queue_try_to_evict (Andreas Gruenbacher) [RHEL-35757] +- gfs2: Update to the evict / remote delete documentation (Andreas Gruenbacher) [RHEL-35757] +- gfs2: Clean up delete work processing (Andreas Gruenbacher) [RHEL-35757] +- gfs2: Return enum evict_behavior from gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-35757] +- gfs2: Rename dinode_demise to evict_behavior (Andreas Gruenbacher) [RHEL-35757] +- gfs2: Rename GIF_{DEFERRED -> DEFER}_DELETE (Andreas Gruenbacher) [RHEL-35757] +- gfs2: Faster gfs2_upgrade_iopen_glock wakeups (Andreas Gruenbacher) [RHEL-35757] +- gfs2: Fix unlinked inode cleanup (Andreas Gruenbacher) [RHEL-35757] +- gfs2: Initialize gl_no_formal_ino earlier (Andreas Gruenbacher) [RHEL-35757] +- gfs2: Rename GLF_VERIFY_EVICT to GLF_VERIFY_DELETE (Andreas Gruenbacher) [RHEL-35757] +- gfs2: make timeout values more explicit (Wolfram Sang) [RHEL-35757] +- gfs2: Simplify function gfs2_upgrade_iopen_glock (Andreas Gruenbacher) [RHEL-35757] +- gfs2: Rename SDF_DEACTIVATING to SDF_KILL (Andreas Gruenbacher) [RHEL-35757] +- gfs2: Cease delete work during unmount (Bob Peterson) [RHEL-35757] +- gfs2: Improve gfs2_upgrade_iopen_glock comment (Andreas Gruenbacher) [RHEL-35757] +- gfs2: nit: gfs2_drop_inode shouldn't return bool (Bob Peterson) [RHEL-35757] +- dmaengine: fix NULL pointer in channel unregistration function (Jerry Snitselaar) [RHEL-28867] {CVE-2023-52492} +- dma-direct: Leak pages on dma_set_decrypted() failure (Jerry Snitselaar) [RHEL-37335] {CVE-2024-35939} +- nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (Olga Kornievskaia) [RHEL-41075] +- NFSv4: Always ask for type with READDIR (Benjamin Coddington) [RHEL-39397] +- cifs: get rid of unneeded conditional in cifs_get_num_sgs() (Paulo Alcantara) [RHEL-60251] +- cifs: Get rid of unneeded conditional in the smb2_get_aead_req() (Paulo Alcantara) [RHEL-60251] +- cifs: Remove duplicated include in cifsglob.h (Paulo Alcantara) [RHEL-60251] +- cifs: fix oops during encryption (Paulo Alcantara) [RHEL-60251] + +* Wed Oct 02 2024 Denys Vlasenko [4.18.0-553.25.1.el8_10] +- cifs: modefromsids must add an ACE for authenticated users (Paulo Alcantara) [RHEL-56052] +- cifs: do not use uninitialized data in the owner/group sid (Paulo Alcantara) [RHEL-56052] +- cifs: fix set of group SID via NTSD xattrs (Paulo Alcantara) [RHEL-56052] +- smb3: correct smb3 ACL security descriptor (Paulo Alcantara) [RHEL-56052] +- smb3: fix possible access to uninitialized pointer to DACL (Paulo Alcantara) [RHEL-56052] +- cifs: remove two cases where rc is set unnecessarily in sid_to_id (Paulo Alcantara) [RHEL-56052] +- cifs: Fix chmod with modefromsid when an older ACE already exists. (Paulo Alcantara) [RHEL-56052] +- cifs: update new ACE pointer after populate_new_aces. (Paulo Alcantara) [RHEL-56052] +- cifs: If a corrupted DACL is returned by the server, bail out. (Paulo Alcantara) [RHEL-56052] +- cifs: cleanup a few le16 vs. le32 uses in cifsacl.c (Paulo Alcantara) [RHEL-56052] +- cifs: Change SIDs in ACEs while transferring file ownership. (Paulo Alcantara) [RHEL-56052] +- cifs: Retain old ACEs when converting between mode bits and ACL. (Paulo Alcantara) [RHEL-56052] +- cifs: Fix cifsacl ACE mask for group and others. (Paulo Alcantara) [RHEL-56052] +- Add SMB 2 support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052] +- SMB3: Add support for getting and setting SACLs (Paulo Alcantara) [RHEL-56052] +- cifs: Enable sticky bit with cifsacl mount option. (Paulo Alcantara) [RHEL-56052] +- cifs: Fix unix perm bits to cifsacl conversion for "other" bits. (Paulo Alcantara) [RHEL-56052] +- drm/i915/gt: Fix potential UAF by revoke of fence registers (Mika Penttilä) [RHEL-53633] {CVE-2024-41092} +- scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (Dick Kennedy) [RHEL-27224] +- kobject_uevent: Fix OOB access within zap_modalias_env() (Rafael Aquini) [RHEL-55000] {CVE-2024-42292} +- gfs2: Fix NULL pointer dereference in gfs2_log_flush (Andrew Price) [RHEL-51553] {CVE-2024-42079} +- of: module: add buffer overflow check in of_modalias() (Charles Mirabile) [RHEL-44267] {CVE-2024-38541} + +* Wed Sep 25 2024 Denys Vlasenko [4.18.0-553.24.1.el8_10] +- cifs: do not set WorkstationName in NTLMSSP auth blob (Paulo Alcantara) [RHEL-56729] +- padata: Fix possible divide-by-0 panic in padata_mt_helper() (Steve Best) [RHEL-56162] {CVE-2024-43889} +- i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR (CKI Backport Bot) [RHEL-57000] +- sctp: Fix null-ptr-deref in reuseport_add_sock(). (Xin Long) [RHEL-56234] {CVE-2024-44935} +- net/mlx5e: Fix netif state handling (Michal Schmidt) [RHEL-43864] {CVE-2024-38608} +- net/mlx5e: Add wrapping for auxiliary_driver ops and remove unused args (Michal Schmidt) [RHEL-43864] {CVE-2024-38608} +- r8169: Fix possible ring buffer corruption on fragmented Tx packets. (cki-backport-bot) [RHEL-44031] {CVE-2024-38586} +- netfilter: flowtable: initialise extack before use (Florian Westphal) [RHEL-58542] {CVE-2024-45018} +- memcg: protect concurrent access to mem_cgroup_idr (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} +- memcontrol: ensure memcg acquired by id is properly set up (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} +- mm: memcontrol: fix cannot alloc the maximum memcg ID (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} +- mm/memcg: minor cleanup for MEM_CGROUP_ID_MAX (Rafael Aquini) [RHEL-56252] {CVE-2024-43892} +- ice: Add netif_device_attach/detach into PF reset flow (CKI Backport Bot) [RHEL-23676] + +* Thu Sep 19 2024 Denys Vlasenko [4.18.0-553.23.1.el8_10] +- ethtool: check device is present when getting link settings (Jamie Bainbridge) [RHEL-57002] +- netfilter: nft_set_pipapo: do not free live element (Phil Sutter) [RHEL-34221] {CVE-2024-26924} +- netfilter: nf_tables: missing iterator type in lookup walk (Phil Sutter) [RHEL-35033] {CVE-2024-27017} +- netfilter: nft_set_pipapo: walk over current view on netlink dump (Phil Sutter) [RHEL-35033] {CVE-2024-27017} +- netfilter: nftables: add helper function to flush set elements (Phil Sutter) [RHEL-35033] {CVE-2024-27017} +- netfilter: nf_tables: prefer nft_chain_validate (Phil Sutter) [RHEL-51040] {CVE-2024-41042} +- netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (Phil Sutter) [RHEL-51516] {CVE-2024-42070} +- netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (Phil Sutter) [RHEL-43003] {CVE-2024-35898} +- netfilter: ipset: Fix suspicious rcu_dereference_protected() (Phil Sutter) [RHEL-47606] {CVE-2024-39503} +- netfilter: ipset: Fix race between namespace cleanup and gc in the list:set type (Phil Sutter) [RHEL-47606] {CVE-2024-39503} +- netfilter: ipset: Add list flush to cancel_gc (Phil Sutter) [RHEL-47606] {CVE-2024-39503} +- netfilter: nf_conntrack_h323: Add protection for bmp length out of range (Phil Sutter) [RHEL-42680] {CVE-2024-26851} +- netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} +- netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} +- netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} +- netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} +- dev/parport: fix the array out-of-bounds risk (Steve Best) [RHEL-54985] {CVE-2024-42301} +- KVM: Always flush async #PF workqueue when vCPU is being destroyed (Sean Christopherson) [RHEL-35100] {CVE-2024-26976} +- bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (Kamal Heib) [RHEL-44279] {CVE-2024-38540} +- tipc: Return non-zero value from tipc_udp_addr2str() on error (Xin Long) [RHEL-55069] {CVE-2024-42284} +- Bluetooth: Fix TOCTOU in HCI debugfs implementation (CKI Backport Bot) [RHEL-26831] {CVE-2024-24857} +- drm/i915/dpt: Make DPT object unshrinkable (CKI Backport Bot) [RHEL-47856] {CVE-2024-40924} +- tipc: force a dst refcount before doing decryption (Xin Long) [RHEL-48363] {CVE-2024-40983} +- block: initialize integrity buffer to zero before writing it to media (Ming Lei) [RHEL-54763] {CVE-2024-43854} +- gso: do not skip outer ip header in case of ipip and net_failover (CKI Backport Bot) [RHEL-55790] {CVE-2022-48936} +- drm/amdgpu: avoid using null object of framebuffer (CKI Backport Bot) [RHEL-51405] {CVE-2024-41093} +- ipv6: prevent possible NULL deref in fib6_nh_init() (Guillaume Nault) [RHEL-48170] {CVE-2024-40961} +- mlxsw: spectrum_acl_erp: Fix object nesting warning (CKI Backport Bot) [RHEL-55568] {CVE-2024-43880} +- ibmvnic: Add tx check to prevent skb leak (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066} +- ibmvnic: rename local variable index to bufidx (CKI Backport Bot) [RHEL-51249] {CVE-2024-41066} +- netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} +- netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} +- netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} +- netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-37038 RHEL-37039] {CVE-2024-35839} +- USB: serial: mos7840: fix crash on resume (CKI Backport Bot) [RHEL-53680] {CVE-2024-42244} +- ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (CKI Backport Bot) [RHEL-48381] {CVE-2024-40984} * Wed Sep 11 2024 Denys Vlasenko [4.18.0-553.22.1.el8_10] - wifi: mac80211: Avoid address calculations via out of bounds array indexing (Michal Schmidt) [RHEL-51278] {CVE-2024-41071} diff --git a/repair-dwarves-causes-kernel-compilation-to-fail.patch b/repair-dwarves-causes-kernel-compilation-to-fail.patch deleted file mode 100644 index 74f4020..0000000 --- a/repair-dwarves-causes-kernel-compilation-to-fail.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- Makefile.orig 2022-10-07 22:45:37.000000000 +0800 -+++ Makefile 2023-02-22 15:37:33.069118145 +0800 -@@ -378,7 +378,7 @@ - STRIP = $(CROSS_COMPILE)strip - OBJCOPY = $(CROSS_COMPILE)objcopy - OBJDUMP = $(CROSS_COMPILE)objdump --PAHOLE = pahole -+PAHOLE = pahole --skip_encoding_btf_enum64 - RESOLVE_BTFIDS = $(objtree)/tools/bpf/resolve_btfids/resolve_btfids - LEX = flex - YACC = bison -- Gitee From a2892f81ad1cb9128ccab9bb31766986a0234a85 Mon Sep 17 00:00:00 2001 From: liuxiaoping Date: Wed, 22 Feb 2023 15:53:19 +0800 Subject: [PATCH 2/2] kernel:repair dwarves causes kernel compilation to fail --- kernel.spec | 8 +++++++- ...ir-dwarves-causes-kernel-compilation-to-fail.patch | 11 +++++++++++ 2 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 repair-dwarves-causes-kernel-compilation-to-fail.patch diff --git a/kernel.spec b/kernel.spec index baf47ff..a93179f 100644 --- a/kernel.spec +++ b/kernel.spec @@ -1,5 +1,6 @@ # We have to override the new %%install behavior because, well... the kernel is special. %global __spec_install_pre %{___build_pre} +%define anolis_release .0.1 # At the time of this writing (2019-03), RHEL8 packages use w2.xzdio # compression for rpms (xz, level 2). @@ -41,7 +42,7 @@ %define pkgrelease 553.27.1.el8_10 # allow pkg_release to have configurable %%{?dist} tag -%define specrelease 553.27.1%{?dist} +%define specrelease 553.27.1%{anolis_release}%{?dist} %define pkg_release %{specrelease}%{?buildid} @@ -544,6 +545,7 @@ Source4001: rpminspect.yaml # empty final patch to facilitate testing of kernel patches Patch999999: linux-kernel-test.patch +Patch1000: repair-dwarves-causes-kernel-compilation-to-fail.patch # END OF PATCH DEFINITIONS @@ -1101,6 +1103,7 @@ mv linux-%{specversion}-%{pkgrelease} linux-%{KVERREL} cd linux-%{KVERREL} ApplyOptionalPatch linux-kernel-test.patch +%patch1000 -p0 -b .repair-dwarves-causes-kernel-compilation-to-fail # END OF PATCH APPLICATIONS @@ -2696,6 +2699,9 @@ fi # # %changelog +* Wed Nov 06 2024 Xiaoping Liu - 4.18.0-553.27.1.0.1 +- kernel:repair dwarves causes kernel compilation to fail + * Thu Oct 17 2024 Denys Vlasenko [4.18.0-553.27.1.el8_10] - lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (Waiman Long) [RHEL-62139] {CVE-2024-47668} - bonding: fix xfrm real_dev null pointer dereference (Hangbin Liu) [RHEL-57239] {CVE-2024-44989} diff --git a/repair-dwarves-causes-kernel-compilation-to-fail.patch b/repair-dwarves-causes-kernel-compilation-to-fail.patch new file mode 100644 index 0000000..74f4020 --- /dev/null +++ b/repair-dwarves-causes-kernel-compilation-to-fail.patch @@ -0,0 +1,11 @@ +--- Makefile.orig 2022-10-07 22:45:37.000000000 +0800 ++++ Makefile 2023-02-22 15:37:33.069118145 +0800 +@@ -378,7 +378,7 @@ + STRIP = $(CROSS_COMPILE)strip + OBJCOPY = $(CROSS_COMPILE)objcopy + OBJDUMP = $(CROSS_COMPILE)objdump +-PAHOLE = pahole ++PAHOLE = pahole --skip_encoding_btf_enum64 + RESOLVE_BTFIDS = $(objtree)/tools/bpf/resolve_btfids/resolve_btfids + LEX = flex + YACC = bison -- Gitee