Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

kernel-debug-core-5.14.0-427.42.1.el9_4 RPM for s390x

From AlmaLinux 9.4 BaseOS for s390x

Name: kernel-debug-core Distribution: AlmaLinux
Version: 5.14.0 Vendor: AlmaLinux
Release: 427.42.1.el9_4 Build date: Fri Nov 1 19:28:12 2024
Group: Unspecified Build host: s390x-builder02.almalinux.org
Size: 67093468 Source RPM: kernel-5.14.0-427.42.1.el9_4.src.rpm
Packager: AlmaLinux Packaging Team <packager@almalinux.org>
Url: https://www.kernel.org/
Summary: The Linux kernel compiled for zfcpdump usage
The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system.  The kernel handles the basic functions
of the operating system:  memory allocation, process allocation, device
input and output, etc.

This variant of the kernel has numerous debugging options enabled.
It should only be installed when trying to gather additional information
on kernel bugs, as some of these options impact performance noticably.

Provides

Requires

License

((GPL-2.0-only WITH Linux-syscall-note) OR BSD-2-Clause) AND ((GPL-2.0-only WITH Linux-syscall-note) OR BSD-3-Clause) AND ((GPL-2.0-only WITH Linux-syscall-note) OR CDDL-1.0) AND ((GPL-2.0-only WITH Linux-syscall-note) OR Linux-OpenIB) AND ((GPL-2.0-only WITH Linux-syscall-note) OR MIT) AND ((GPL-2.0-or-later WITH Linux-syscall-note) OR BSD-3-Clause) AND ((GPL-2.0-or-later WITH Linux-syscall-note) OR MIT) AND Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND BSD-3-Clause-Clear AND GFDL-1.1-no-invariants-or-later AND GPL-1.0-or-later AND (GPL-1.0-or-later OR BSD-3-Clause) AND (GPL-1.0-or-later WITH Linux-syscall-note) AND GPL-2.0-only AND (GPL-2.0-only OR Apache-2.0) AND (GPL-2.0-only OR BSD-2-Clause) AND (GPL-2.0-only OR BSD-3-Clause) AND (GPL-2.0-only OR CDDL-1.0) AND (GPL-2.0-only OR GFDL-1.1-no-invariants-or-later) AND (GPL-2.0-only OR GFDL-1.2-no-invariants-only) AND (GPL-2.0-only WITH Linux-syscall-note) AND GPL-2.0-or-later AND (GPL-2.0-or-later OR BSD-2-Clause) AND (GPL-2.0-or-later OR BSD-3-Clause) AND (GPL-2.0-or-later OR CC-BY-4.0) AND (GPL-2.0-or-later WITH GCC-exception-2.0) AND (GPL-2.0-or-later WITH Linux-syscall-note) AND ISC AND LGPL-2.0-or-later AND (LGPL-2.0-or-later OR BSD-2-Clause) AND (LGPL-2.0-or-later WITH Linux-syscall-note) AND LGPL-2.1-only AND (LGPL-2.1-only OR BSD-2-Clause) AND (LGPL-2.1-only WITH Linux-syscall-note) AND LGPL-2.1-or-later AND (LGPL-2.1-or-later WITH Linux-syscall-note) AND (Linux-OpenIB OR GPL-2.0-only) AND (Linux-OpenIB OR GPL-2.0-only OR BSD-2-Clause) AND Linux-man-pages-copyleft AND MIT AND (MIT OR GPL-2.0-only) AND (MIT OR GPL-2.0-or-later) AND (MIT OR LGPL-2.1-only) AND (MPL-1.1 OR GPL-2.0-only) AND (X11 OR GPL-2.0-only) AND (X11 OR GPL-2.0-or-later) AND Zlib

Changelog

* Fri Oct 18 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.42.1.el9_4]
  - redhat/configs: Add CONFIG_MITIGATION_SPECTRE_BHI (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
  - x86/bugs: Fix BHI retpoline check (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
  - x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
  - x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
  - x86/bugs: Clarify that syscall hardening isn't a BHI mitigation (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
  - x86/bugs: Fix BHI handling of RRSBA (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
  - x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
  - x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
  - x86/bugs: Fix BHI documentation (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
  - x86/bugs: Fix return type of spectre_bhi_state() (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
  - x86/bugs: Make CONFIG_SPECTRE_BHI_ON the default (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
  - KVM: x86: Add BHI_NO (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
  - x86/bhi: Mitigate KVM by default (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
  - x86/bhi: Add BHI mitigation knob (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
  - x86/bhi: Enumerate Branch History Injection (BHI) bug (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
  - x86/bhi: Define SPEC_CTRL_BHI_DIS_S (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
  - x86/bhi: Add support for clearing branch history at syscall entry (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
  - x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
  - perf/x86/amd/lbr: Use freeze based on availability (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
  - Documentation/kernel-parameters: Add spec_rstack_overflow to mitigations=off (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
  - KVM: x86: Use a switch statement and macros in __feature_translate() (Maxim Levitsky) [RHEL-45492 RHEL-32430]
  - KVM: x86: Advertise CPUID.(EAX=7,ECX=2):EDX[5:0] to userspace (Maxim Levitsky) [RHEL-45492 RHEL-32430]
  - x86/entry/32: Convert do_fast_syscall_32() to bool return type (Prarit Bhargava) [RHEL-45492 RHEL-25415]
  - x86/entry: Add do_SYSENTER_32() prototype (Prarit Bhargava) [RHEL-45492 RHEL-25415]
  - x86/bugs: Reset speculation control settings on init (Prarit Bhargava) [RHEL-45492 RHEL-25415]
  - mpls: Reduce skb re-allocations due to skb_cow() (Guillaume Nault) [RHEL-61696 RHEL-55145]
  - scsi: core: Fix unremoved procfs host directory regression (Ewan D. Milne) [RHEL-39539 RHEL-39601 RHEL-33543 RHEL-35000] {CVE-2024-26935}
  - tty: Fix out-of-bound vmalloc access in imageblit (Andrew Halaney) [RHEL-42095 RHEL-24205] {CVE-2021-47383}
  - block: initialize integrity buffer to zero before writing it to media (Ming Lei) [RHEL-54769 RHEL-54768] {CVE-2024-43854}
  - block: cleanup bio_integrity_prep (Ming Lei) [RHEL-54769 RHEL-25988]
  - block: refactor to use helper (Ming Lei) [RHEL-54769 RHEL-25988]
  - ceph: fix cap ref leak via netfs init_request (Patrick Donnelly) [RHEL-62666 RHEL-61459]
  - redhat/configs: Enable CONFIG_OCTEON_EP_VF (CKI Backport Bot) [RHEL-61744 RHEL-25860]
  - octeon_ep_vf: add ethtool support (CKI Backport Bot) [RHEL-61744 RHEL-25860]
  - octeon_ep_vf: add Tx/Rx processing and interrupt support (CKI Backport Bot) [RHEL-61744 RHEL-25860]
  - octeon_ep_vf: add support for ndo ops (CKI Backport Bot) [RHEL-61744 RHEL-25860]
  - octeon_ep_vf: add Tx/Rx ring resource setup and cleanup (CKI Backport Bot) [RHEL-61744 RHEL-25860]
  - octeon_ep_vf: add VF-PF mailbox communication. (CKI Backport Bot) [RHEL-61744 RHEL-25860]
  - octeon_ep_vf: add hardware configuration APIs (CKI Backport Bot) [RHEL-61744 RHEL-25860]
  - octeon_ep_vf: Add driver framework and device initialization (CKI Backport Bot) [RHEL-61744 RHEL-25860]
  - octeon_ep: support firmware notifications for VFs (CKI Backport Bot) [RHEL-61744 RHEL-25860]
  - octeon_ep: control net framework to support VF offloads (CKI Backport Bot) [RHEL-61744 RHEL-25860]
  - octeon_ep: PF-VF mailbox version support (CKI Backport Bot) [RHEL-61744 RHEL-25860]
  - octeon_ep: add PF-VF mailbox communication (CKI Backport Bot) [RHEL-61744 RHEL-25860]
  - x86/mm/ident_map: Use gbpages only where full GB page should be mapped. (Chris von Recklinghausen) [RHEL-62209 RHEL-26268]
  - netfilter: nfnetlink_queue: un-break NF_REPEAT (Phil Sutter) [RHEL-62299]
* Fri Oct 11 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.41.1.el9_4]
  - iommu/amd: Fix panic accessing amd_iommu_enable_faulting (Jerry Snitselaar) [RHEL-55507 RHEL-37320 RHEL-40344]
  - iommu/vt-d: Allocate DMAR fault interrupts locally (Jerry Snitselaar) [RHEL-55507 RHEL-28780]
  - netfilter: nft_inner: validate mandatory meta and payload (Phil Sutter) [RHEL-47488 RHEL-47486] {CVE-2024-39504}
  - netfilter: flowtable: initialise extack before use (CKI Backport Bot) [RHEL-58546 RHEL-58544] {CVE-2024-45018}
  - ext4: do not create EA inode under buffer lock (Carlos Maiolino) [RHEL-48285 RHEL-48282] {CVE-2024-40972}
  - ext4: fold quota accounting into ext4_xattr_inode_lookup_create() (Carlos Maiolino) [RHEL-48285 RHEL-48282] {CVE-2024-40972}
  - ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() (Carlos Maiolino) [RHEL-48519 RHEL-48517] {CVE-2024-40998}
  - ext4: turn quotas off if mount failed after enabling quotas (Carlos Maiolino) [RHEL-48519 RHEL-48517] {CVE-2024-40998}
  - mptcp: fix data re-injection from stale subflow (Davide Caratti) [RHEL-59920 RHEL-32669] {CVE-2024-26826}
  - xfs: add bounds checking to xlog_recover_process_data (CKI Backport Bot) [RHEL-50864 RHEL-50862] {CVE-2024-41014}
  - af_unix: Suppress false-positive lockdep splat for spin_lock() in __unix_gc(). (Davide Caratti) [RHEL-42771 RHEL-33410]
  - af_unix: Fix garbage collector racing against connect() (Davide Caratti) [RHEL-42771 RHEL-33410] {CVE-2024-26923}
  - af_unix: fix lockdep positive in sk_diag_dump_icons() (Davide Caratti) [RHEL-42771 RHEL-33410]
  - xfs: don't walk off the end of a directory data block (CKI Backport Bot) [RHEL-50887 RHEL-50885] {CVE-2024-41013}
  - ipv6: prevent possible NULL dereference in rt6_probe() (Hangbin Liu) [RHEL-48161 RHEL-45826] {CVE-2024-40960}
  - mac802154: fix llsec key resources release in mac802154_llsec_key_del (Steve Best) [RHEL-42795 RHEL-34969] {CVE-2024-26961}
  - mptcp: ensure snd_una is properly initialized on connect (Florian Westphal) [RHEL-47945 RHEL-47943] {CVE-2024-40931}
  - USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (CKI Backport Bot) [RHEL-47560 RHEL-47558] {CVE-2024-40904}
  - nvme-multipath: fix io accounting on failover (John Meneghini) [RHEL-59646 RHEL-56635]
  - nvme: fix multipath batched completion accounting (John Meneghini) [RHEL-59646 RHEL-56635]
  - xfs: fix log recovery buffer allocation for the legacy h_size fixup (Bill O'Donnell) [RHEL-46481 RHEL-46479] {CVE-2024-39472}
  - tcp: add sanity checks to rx zerocopy (Paolo Abeni) [RHEL-58403 RHEL-29496] {CVE-2024-26640}
  - netpoll: Fix race condition in netpoll_owner_active (CKI Backport Bot) [RHEL-49373 RHEL-49371] {CVE-2024-41005}
  - wifi: mt76: mt7921s: fix potential hung tasks during chip recovery (CKI Backport Bot) [RHEL-48321 RHEL-48319] {CVE-2024-40977}
  - smb: client: fix hang in wait_for_response() for negproto (Jay Shin) [RHEL-61606 RHEL-57983]
  - NFSv4.1/pnfs: fix NFS with TLS in pnfs (Benjamin Coddington) [RHEL-61467 RHEL-34576]
  - ceph: remove the incorrect Fw reference check when dirtying pages (Xiubo Li) [RHEL-61415 RHEL-60255]
  - net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (Davide Caratti) [RHEL-48483 RHEL-44375] {CVE-2024-40995}
  - net/sched: taprio: extend minimum interval restriction to entire cycle too (Davide Caratti) [RHEL-44377 RHEL-44375] {CVE-2024-36244}
  - net/sched: taprio: make q->picos_per_byte available to fill_sched_entry() (Davide Caratti) [RHEL-44377 RHEL-44375] {CVE-2024-36244}
* Fri Oct 04 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.40.1.el9_4]
  - gfs2: Fix NULL pointer dereference in gfs2_log_flush (CKI Backport Bot) [RHEL-51561 RHEL-51559] {CVE-2024-42079}
  - net: stmmac: Separate C22 and C45 transactions for xgmac (CKI Backport Bot) [RHEL-60274 RHEL-6297]
  - dmaengine: idxd: Check for driver name match before sva user feature (Jerry Snitselaar) [RHEL-47239 RHEL-44836 RHEL-46619]
  - ceph: switch to corrected encoding of max_xattr_size in mdsmap (Xiubo Li) [RHEL-57609 RHEL-26722]
  - KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked (CKI Backport Bot) [RHEL-46428] {CVE-2024-39483}
  - vfs: don't mod negative dentry count when on shrinker list (Brian Foster) [RHEL-60567 RHEL-46609]
  - fs/dcache: Re-use value stored to dentry->d_flags instead of re-reading (Brian Foster) [RHEL-60567 RHEL-46609]
  - x86/bugs: Reverse instruction order of CLEAR_CPU_BUFFERS (Waiman Long) [RHEL-48713 RHEL-31226] {CVE-2023-28746}
  - Revert "x86/bugs: Use fixed addressing for VERW operand" (Waiman Long) [RHEL-48713 RHEL-31226] {CVE-2023-28746}
  - KVM/x86: Export RFDS_NO and RFDS_CLEAR to guests (Waiman Long) [RHEL-48713 RHEL-31226] {CVE-2023-28746}
  - redhat/configs: Enable x86 CONFIG_MITIGATION_RFDS (Waiman Long) [RHEL-48713 RHEL-31226] {CVE-2023-28746}
  - x86/rfds: Mitigate Register File Data Sampling (RFDS) (Waiman Long) [RHEL-48713 RHEL-31226] {CVE-2023-28746}
  - Documentation/hw-vuln: Add documentation for RFDS (Waiman Long) [RHEL-48713 RHEL-31226] {CVE-2023-28746}
  - x86/mmio: Disable KVM mitigation when X86_FEATURE_CLEAR_CPU_BUF is set (Waiman Long) [RHEL-48713 RHEL-31226] {CVE-2023-28746}
  - x86/bugs: Use fixed addressing for VERW operand (Waiman Long) [RHEL-48713 RHEL-31226] {CVE-2023-28746}
  - KVM/VMX: Move VERW closer to VMentry for MDS mitigation (Waiman Long) [RHEL-48713 RHEL-31226] {CVE-2023-28746}
  - KVM/VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH (Waiman Long) [RHEL-48713 RHEL-31226] {CVE-2023-28746}
  - x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key (Waiman Long) [RHEL-48713 RHEL-31226] {CVE-2023-28746}
  - x86/entry_32: Add VERW just before userspace transition (Waiman Long) [RHEL-48713 RHEL-31226] {CVE-2023-28746}
  - x86/entry_64: Add VERW just before userspace transition (Waiman Long) [RHEL-48713 RHEL-31226] {CVE-2023-28746}
  - x86/entry: Harden return-to-user (Prarit Bhargava) [RHEL-48713 RHEL-25415]
  - x86/entry: Optimize common_interrupt_return() (Prarit Bhargava) [RHEL-48713 RHEL-25415]
  - x86/bugs: Add asm helpers for executing VERW (Waiman Long) [RHEL-48713 RHEL-31226] {CVE-2023-28746}
  - sched: act_ct: take care of padding in struct zones_ht_key (Xin Long) [RHEL-55112 RHEL-50682] {CVE-2024-42272}
  - sched: act_ct: add netns into the key of tcf_ct_flow_table (Xin Long) [RHEL-55112 RHEL-28816]
  - dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (CKI Backport Bot) [RHEL-41361] {CVE-2024-35989}
  - hwmon: (w83792d) Fix NULL pointer dereference by removing unnecessary structure field (Steve Best) [RHEL-42115 RHEL-37721] {CVE-2021-47385}
* Fri Sep 27 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.39.1.el9_4]
  - mptcp: ensure snd_nxt is properly initialized on connect (cki-backport-bot) [RHEL-52474 RHEL-39867] {CVE-2024-36889}
  - ping: fix address binding wrt vrf (Antoine Tenart) [RHEL-57563 RHEL-50920]
  - net/mlx5: Add a timeout to acquire the command queue semaphore (Benjamin Poirier) [RHEL-44227 RHEL-44225] {CVE-2024-38556}
  - xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (CKI Backport Bot) [RHEL-48142 RHEL-48140] {CVE-2024-40959}
  - ionic: fix use after netif_napi_del() (Michal Schmidt) [RHEL-47636 RHEL-47634] {CVE-2024-39502}
  - ionic: clean interrupt before enabling queue to avoid credit race (Michal Schmidt) [RHEL-47636 RHEL-36065]
  - Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" (Benjamin Poirier) [RHEL-42391 RHEL-24466] {CVE-2023-52658}
  - tipc: Return non-zero value from tipc_udp_addr2str() on error (Xin Long) [RHEL-55075 RHEL-55074] {CVE-2024-42284}
  - x86: set FSRS automatically on AMD CPUs that have FSRM (Prarit Bhargava) [RHEL-56970 RHEL-25415]
* Fri Sep 20 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.38.1.el9_4]
  - module: avoid allocation if module is already present and ready (Donald Dutile) [RHEL-52417]
  - module: move early sanity checks into a helper (Donald Dutile) [RHEL-52417]
  - module: extract patient module check into helper (Donald Dutile) [RHEL-52417]
  - null_blk: Fix return value of nullb_device_power_store() (Ming Lei) [RHEL-58636 RHEL-39662]
  - null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (Ming Lei) [RHEL-58636 RHEL-39662]
  - net: sched: sch_multiq: fix possible OOB write in multiq_tune() (cki-backport-bot) [RHEL-43472] {CVE-2024-36978}
  - netfilter: nft_flow_offload: release dst in case direct xmit path is used (Florian Westphal) [RHEL-38520 RHEL-33469]
  - netfilter: nft_flow_offload: reset dst in route object after setting up flow (Florian Westphal) [RHEL-38520 RHEL-33469] {CVE-2024-27403}
  - netfilter: flowtable: simplify route logic (Florian Westphal) [RHEL-38520 RHEL-33469]
  - net: psample: fix uninitialized metadata. (Adrian Moreno) [RHEL-56909]
* Fri Sep 13 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.37.1.el9_4]
  - ARM: 9359/1: flush: check if the folio is reserved for no-mapping addresses (CKI Backport Bot) [RHEL-42783] {CVE-2024-26947}
  - powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV (Mamatha Inamdar) [RHEL-45537 RHEL-25055]
  - tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (Steve Best) [RHEL-40517 RHEL-39354] {CVE-2024-36016}
  - smb: client: set correct id, uid and cruid for multiuser automounts (Jay Shin) [RHEL-47260 RHEL-31245]
  - printk: printk.c: Disable per_console_kthreads on !CONFIG_PREEMPT_RT (Derek Barbosa) [RHEL-39064]
  - uio: Fix use-after-free in uio_open (Ricardo Robaina) [RHEL-41275 RHEL-26233] {CVE-2023-52439}
  - gpiolib: cdev: Fix use after free in lineinfo_changed_notify (Steve Best) [RHEL-43192 RHEL-39849] {CVE-2024-36899}
  - wifi: mac80211: Avoid address calculations via out of bounds array indexing (CKI Backport Bot) [RHEL-51287 RHEL-51285] {CVE-2024-41071}
  - Input: cyapa - add missing input core locking to suspend/resume functions (cki-backport-bot) [RHEL-44455] {CVE-2023-52884}
  - net: usb: lan78xx: reorder cleanup operations to avoid UAF bugs (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
  - lan78xx: Limit number of driver warning messages (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
  - lan78xx: Fix race condition in disconnect handling (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
  - lan78xx: Fix race conditions in suspend/resume handling (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
  - lan78xx: Fix partial packet errors on suspend/resume (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
  - lan78xx: Fix exception on link speed change (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
  - lan78xx: Add missing return code checks (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
  - lan78xx: Remove unused pause frame queue (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
  - lan78xx: Set flow control threshold to prevent packet loss (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
  - lan78xx: Remove unused timer (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
  - lan78xx: Fix white space and style issues (Jamie Bainbridge) [RHEL-34928 RHEL-33332]
  - sctp: fix association labeling in the duplicate COOKIE-ECHO case (CKI Backport Bot) [RHEL-56745 RHEL-48647]
  - ice: xsk: fix txq interrupt mapping (Petr Oros) [RHEL-52771 RHEL-15670]
  - ice: add missing WRITE_ONCE when clearing ice_rx_ring::xdp_prog (Petr Oros) [RHEL-52771 RHEL-15670]
  - ice: improve updating ice_{t,r}x_ring::xsk_pool (Petr Oros) [RHEL-52771 RHEL-15670]
  - ice: toggle netif_carrier when setting up XSK pool (Petr Oros) [RHEL-52771 RHEL-15670]
  - ice: modify error handling when setting XSK pool in ndo_bpf (Petr Oros) [RHEL-52771 RHEL-15670]
  - ice: replace synchronize_rcu with synchronize_net (Petr Oros) [RHEL-52771 RHEL-15670]
  - ice: don't busy wait for Rx queue disable in ice_qp_dis() (Petr Oros) [RHEL-52771 RHEL-15670]
  - ice: respect netif readiness in AF_XDP ZC related ndo's (Petr Oros) [RHEL-52771 RHEL-15670]
  - ice: remove af_xdp_zc_qps bitmap (Petr Oros) [RHEL-52771 RHEL-17486]
  - ice: reorder disabling IRQ and NAPI in ice_qp_dis (Petr Oros) [RHEL-52771 RHEL-17486]
  - ice: make ice_vsi_cfg_txq() static (Petr Oros) [RHEL-52771 RHEL-17486]
  - ice: make ice_vsi_cfg_rxq() static (Petr Oros) [RHEL-52771 RHEL-17486]
  - ice: make use of DEFINE_FLEX() for struct ice_aqc_add_tx_qgrp (Petr Oros) [RHEL-52771 RHEL-17486]
  - xdp: reflect tail increase for MEM_TYPE_XSK_BUFF_POOL (Petr Oros) [RHEL-52771 RHEL-38863]
  - ice: update xdp_rxq_info::frag_size for ZC enabled Rx queue (Petr Oros) [RHEL-52771 RHEL-38863]
  - intel: xsk: initialize skb_frag_t::bv_offset in ZC drivers (Petr Oros) [RHEL-52771 RHEL-38863]
  - ice: remove redundant xdp_rxq_info registration (Petr Oros) [RHEL-52771 RHEL-38863]
  - ice: work on pre-XDP prog frag count (Petr Oros) [RHEL-52771 RHEL-38863]
  - xsk: fix usage of multi-buffer BPF helpers for ZC XDP (Petr Oros) [RHEL-52771 RHEL-38863]
  - xsk: make xsk_buff_pool responsible for clearing xdp_buff::flags (Petr Oros) [RHEL-52771 RHEL-38863]
  - xsk: recycle buffer in case Rx queue was full (Petr Oros) [RHEL-52771 RHEL-38863]
  - overflow: add DEFINE_FLEX() for on-stack allocs (Petr Oros) [RHEL-52771 RHEL-30138]
  - overflow: Add struct_size_t() helper (Petr Oros) [RHEL-52771 RHEL-30138]
  - bpf, sockmap: Prevent lock inversion deadlock in map delete elem (Felix Maurer) [RHEL-41479 RHEL-30107] {CVE-2024-35895}
  - xfs: allow SECURE namespace xattrs to use reserved block pool (CKI Backport Bot) [RHEL-54443 RHEL-49806]
  - platform/x86/intel-uncore-freq: Don't present root domain on error (David Arcari) [RHEL-43291 RHEL-38558]
  - platform/x86/intel-uncore-freq: Increase minor number support (David Arcari) [RHEL-43291 RHEL-38558]
  - platform/x86/intel-uncore-freq: Process read/write blocked feature status (David Arcari) [RHEL-43291 RHEL-38558]
  - platform/x86/intel/tpmi: Move TPMI ID definition (Steve Best) [RHEL-43291 RHEL-35956]
  - ice: fix VSI lists confusion when adding VLANs (CKI Backport Bot) [RHEL-57778 RHEL-20571]
  - ice: fix accounting for filters shared by multiple VSIs (CKI Backport Bot) [RHEL-57778 RHEL-20571]
  - ice: fix accounting if a VLAN already exists (CKI Backport Bot) [RHEL-57778 RHEL-17486]
* Fri Sep 06 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.36.1.el9_4]
  - scsi: qla2xxx: Fix double free of fcport (Nilesh Javali) [RHEL-39547 RHEL-40034 RHEL-25184 RHEL-35020] {CVE-2024-26929}
  - scsi: qla2xxx: Fix double free of the ha->vp_map pointer (Nilesh Javali) [RHEL-39547 RHEL-41325 RHEL-25184 RHEL-35016] {CVE-2024-26930}
  - scsi: qla2xxx: Fix command flush on cable pull (Nilesh Javali) [RHEL-39547 RHEL-40029 RHEL-25184 RHEL-35012] {CVE-2024-26931}
  - net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket (Benjamin Coddington) [RHEL-53708 RHEL-53004] {CVE-2024-42246}
  - ice: Add netif_device_attach/detach into PF reset flow (CKI Backport Bot) [RHEL-56275 RHEL-56084]
  - wifi: mt76: replace skb_put with skb_put_zero (CKI Backport Bot) [RHEL-52368] {CVE-2024-42225}
  - cppc_cpufreq: Fix possible null pointer dereference (cki-backport-bot) [RHEL-44145] {CVE-2024-38573}
  - ring-buffer: Fix a race between readers and resize checks (cki-backport-bot) [RHEL-43920] {CVE-2024-38601}
  - fork: defer linking file vma until vma is fully initialized (Rafael Aquini) [RHEL-35617 RHEL-35022] {CVE-2024-27022}
  - ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (CKI Backport Bot) [RHEL-48393 RHEL-48391] {CVE-2024-40984}
  - KVM: x86/mmu: x86: Don't overflow lpage_info when checking attributes (Maxim Levitsky) [RHEL-41345 RHEL-32430] {CVE-2024-26991}
  - net/sched: act_mirred: don't override retval if we already lost the skb (Davide Caratti) [RHEL-42644 RHEL-31724] {CVE-2024-26739}
  - net/sched: act_mirred: Create function tcf_mirred_to_dev and improve readability (Davide Caratti) [RHEL-42644 RHEL-32137]
  - cpufreq: exit() callback is optional (cki-backport-bot) [RHEL-43848] {CVE-2024-38615}
  - gfs2: Fix potential glock use-after-free on unmount (Andreas Gruenbacher) [RHEL-44157 RHEL-44155] {CVE-2024-38570}
  - gfs2: simplify gdlm_put_lock with out_free label (Andreas Gruenbacher) [RHEL-44157 RHEL-44155] {CVE-2024-38570}
  - gfs2: Remove ill-placed consistency check (Andreas Gruenbacher) [RHEL-44157 RHEL-44155] {CVE-2024-38570}
  - wifi: nl80211: Avoid address calculations via out of bounds array indexing (Jose Ignacio Tornos Martinez) [RHEL-46505 RHEL-34696] {CVE-2024-38562}
* Fri Aug 30 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.35.1.el9_4]
  - usb-storage: alauda: Check whether the media is initialized (CKI Backport Bot) [RHEL-43716] {CVE-2024-38619}
  - ceph: force sending a cap update msg back to MDS for revoke op (Xiubo Li) [RHEL-55437]
  - ceph: periodically flush the cap releases (Xiubo Li) [RHEL-55437]
  - mm: avoid overflows in dirty throttling logic (Jay Shin) [RHEL-51848 RHEL-50004] {CVE-2024-42131}
  - Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" (Jay Shin) [RHEL-51701 RHEL-50004] {CVE-2024-42102}
  - mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again (Jay Shin) [RHEL-42628 RHEL-5619] {CVE-2024-26720}
  - net: fix out-of-bounds access in ops_init (Paolo Abeni) [RHEL-43188 RHEL-46610] {CVE-2024-36883}
  - nvme: avoid double free special payload (CKI Backport Bot) [RHEL-51311] {CVE-2024-41073}
  - kernfs: change kernfs_rename_lock into a read-write lock (Jay Shin) [RHEL-55253 RHEL-52956]
  - kernfs: Separate kernfs_pr_cont_buf and rename_lock (Jay Shin) [RHEL-55253 RHEL-52956]
  - kernfs: fix missing kernfs_iattr_rwsem locking (Jay Shin) [RHEL-55253 RHEL-52956]
  - kernfs: Use a per-fs rwsem to protect per-fs list of kernfs_super_info (Jay Shin) [RHEL-55253 RHEL-52956]
  - kernfs: Introduce separate rwsem to protect inode attributes (Jay Shin) [RHEL-55253 RHEL-52956]
  - xhci: Handle TD clearing for multiple streams case (CKI Backport Bot) [RHEL-47894 RHEL-47892] {CVE-2024-40927}
  - Bluetooth: af_bluetooth: Fix deadlock (Bastien Nocera) [RHEL-34161] {CVE-2024-26886}
  - xdp: Remove WARN() from __xdp_reg_mem_model() (CKI Backport Bot) [RHEL-51586] {CVE-2024-42082}
  - nfsd: don't take fi_lock in nfsd_break_deleg_cb() (Benjamin Coddington) [RHEL-42578 RHEL-34875]
  - nfsd: fix RELEASE_LOCKOWNER (Benjamin Coddington) [RHEL-42578 RHEL-34875] {CVE-2024-26629}
  - net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (CKI Backport Bot) [RHEL-43729 RHEL-43727]
  - net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (CKI Backport Bot) [RHEL-43729 RHEL-43727]
  - net: bridge: mst: fix vlan use-after-free (cki-backport-bot) [RHEL-43729] {CVE-2024-36979}
  - efivarfs: force RO when remounting if SetVariable is not supported (Pavel Reichl) [RHEL-42343 RHEL-26588] {CVE-2023-52463}
  - ACPI: arm64: export acpi_arch_thermal_cpufreq_pctg() (Charles Mirabile) [RHEL-34234 RHEL-1697]
  - ACPI: processor: reduce CPUFREQ thermal reduction pctg for Tegra241 (Charles Mirabile) [RHEL-34234 RHEL-1697]
  - ACPI: thermal: Add Thermal fast Sampling Period (_TFP) support (Scott Weaver) [RHEL-34234 RHEL-1697]
* Thu Aug 22 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.34.1.el9_4]
  - mm: prevent derefencing NULL ptr in pfn_section_valid() (Jarod Wilson) [RHEL-51140 RHEL-51138] {CVE-2024-41055}
  - mm, kmsan: fix infinite recursion due to RCU critical section (Jarod Wilson) [RHEL-51140 RHEL-51138] {CVE-2024-41055}
  - ppp: reject claimed-as-LCP but actually malformed packets (CKI Backport Bot) [RHEL-51061 RHEL-51059] {CVE-2024-41044}
  - x86: stop playing stack games in profile_pc() (CKI Backport Bot) [RHEL-51651] {CVE-2024-42096}
  - PCI/MSI: Fix UAF in msi_capability_init (CKI Backport Bot) [RHEL-51438] {CVE-2024-41096}
  - iommufd: Fix missing update of domains_itree after splitting iopt_area (Jerry Snitselaar) [RHEL-42518 RHEL-28780] {CVE-2023-52801}
  - mm: cachestat: fix folio read-after-free in cache walk (Nico Pache) [RHEL-41739 RHEL-5619] {CVE-2024-26630}
  - regmap: maple: Fix cache corruption in regcache_maple_drop() (Jaroslav Kysela) [RHEL-43179 RHEL-39706] {CVE-2024-36019}
  - mm: cachestat: fix two shmem bugs (Nico Pache) [RHEL-36912] {CVE-2024-35797}
  - kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address (Steve Best) [RHEL-42778 RHEL-34985] {CVE-2024-26946}
  - mm/hugetlb: fix missing hugetlb_lock for resv uncharge (Rafael Aquini) [RHEL-43132 RHEL-37467] {CVE-2024-36000}
  - rbd: don't assume rbd_is_lock_owner() for exclusive mappings (Ilya Dryomov) [RHEL-52675 RHEL-50366]
  - rbd: don't assume RBD_LOCK_STATE_LOCKED for exclusive mappings (Ilya Dryomov) [RHEL-52675 RHEL-50366]
  - rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (Ilya Dryomov) [RHEL-52675 RHEL-50366]
  - gpio: tegra186: Fix tegra186_gpio_is_accessible() check (Charles Mirabile) [RHEL-49347 RHEL-32452]
  - net/sched: Fix UAF when resolving a clash (CKI Backport Bot) [RHEL-51022 RHEL-51020] {CVE-2024-41040}
  - KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (Maxim Levitsky) [RHEL-41462 RHEL-32430] {CVE-2024-35791}
  - cxl/region: Fix memregion leaks in devm_cxl_add_region() (John W. Linville) [RHEL-47965 RHEL-23582] {CVE-2024-40936}
  - x86/coco: Require seeding RNG with RDRAND on CoCo systems (Lenny Szubowicz) [RHEL-42986 RHEL-37269] {CVE-2024-35875}
  - scsi: qedf: Ensure the copied buf is NUL terminated (cki-backport-bot) [RHEL-44203] {CVE-2024-38559}
* Fri Aug 16 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.33.1.el9_4]
  - bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (Kamal Heib) [RHEL-44287] {CVE-2024-38540}
  - netfilter: flowtable: validate pppoe header (Florian Westphal) [RHEL-44430 RHEL-33469] {CVE-2024-27016}
  - crypto: bcm - Fix pointer arithmetic (cki-backport-bot) [RHEL-44116] {CVE-2024-38579}
  - udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port(). (CKI Backport Bot) [RHEL-51035 RHEL-51033] {CVE-2024-41041}
  - netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (Florian Westphal) [RHEL-42832 RHEL-33985] {CVE-2024-27019}
  - netfilter: nf_tables: restrict tunnel object to NFPROTO_NETDEV (Florian Westphal) [RHEL-42832 RHEL-33985]
  - netfilter: nf_tables: NULL pointer dereference in nf_tables_updobj() (Florian Westphal) [RHEL-42832 RHEL-33985]
  - netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path (Florian Westphal) [RHEL-41802 RHEL-33985] {CVE-2024-26925}
  - netfilter: nf_tables: discard table flag update with pending basechain deletion (Florian Westphal) [RHEL-40231 RHEL-33985] {CVE-2024-35897}
  - netfilter: nf_tables: reject table flag and netdev basechain updates (Florian Westphal) [RHEL-40231 RHEL-33985]
  - netfilter: bridge: replace physindev with physinif in nf_bridge_info (Florian Westphal) [RHEL-42966 RHEL-37040] {CVE-2024-35839}
  - netfilter: propagate net to nf_bridge_get_physindev (Florian Westphal) [RHEL-42966 RHEL-37040] {CVE-2024-35839}
  - netfilter: nfnetlink_log: use proper helper for fetching physinif (Florian Westphal) [RHEL-42966 RHEL-37040] {CVE-2024-35839}
  - netfilter: nf_queue: remove excess nf_bridge variable (Florian Westphal) [RHEL-42966 RHEL-37040] {CVE-2024-35839}
  - netfilter: nft_limit: reject configurations that cause integer overflow (Florian Westphal) [RHEL-40065 RHEL-33985] {CVE-2024-26668}
  - scsi: qedi: Fix crash while reading debugfs attribute (CKI Backport Bot) [RHEL-48339] {CVE-2024-40978}
  - mm/huge_memory: don't unpoison huge_zero_folio (Aristeu Rozanski) [RHEL-47804] {CVE-2024-40914}
  - tipc: force a dst refcount before doing decryption (Xin Long) [RHEL-48375 RHEL-6118] {CVE-2024-40983}
  - netfilter: nft_set_rbtree: skip end interval element from gc (Florian Westphal) [RHEL-41265] {CVE-2024-26581}
  - nvmet: fix a possible leak when destroy a ctrl during qp establishment (CKI Backport Bot) [RHEL-52021 RHEL-52019 RHEL-52020] {CVE-2024-42152}
  - net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (CKI Backport Bot) [RHEL-51756] {CVE-2024-42110}
  - netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (Florian Westphal) [RHEL-40265 RHEL-33985] {CVE-2024-35898}
  - netfilter: br_netfilter: remove WARN traps (CKI Backport Bot) [RHEL-42882] {CVE-2024-27415}
  - netfilter: br_netfilter: skip conntrack input hook for promisc packets (CKI Backport Bot) [RHEL-42882] {CVE-2024-27415}
  - netfilter: bridge: confirm multicast packets before passing them up the stack (CKI Backport Bot) [RHEL-42882] {CVE-2024-27415}
  - netfilter: nf_conntrack_bridge: initialize err to 0 (CKI Backport Bot) [RHEL-42882] {CVE-2024-27415}
  - netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (Florian Westphal) [RHEL-42842 RHEL-33985] {CVE-2024-27020}
* Mon Aug 12 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.32.1.el9_4]
  - REDHAT: Makefile, dont reset dist-git-tmp if set (Lucas Zampieri)
  - net/mlx5e: Fix netif state handling (Benjamin Poirier) [RHEL-43872 RHEL-43870] {CVE-2024-38608}
  - net/mlx5e: Add wrapping for auxiliary_driver ops and remove unused args (Benjamin Poirier) [RHEL-43872 RHEL-43870] {CVE-2024-38608}
  - tun: add missing verification for short frame (Patrick Talbert) [RHEL-50202 RHEL-50203] {CVE-2024-41091}
  - tap: add missing verification for short frame (Patrick Talbert) [RHEL-50264 RHEL-50265] {CVE-2024-41090}
  - vfio/pci: Lock external INTx masking ops (Alex Williamson) [RHEL-43421 RHEL-30023] {CVE-2024-26810}
  - net: bridge: xmit: make sure we have at least eth header len bytes (cki-backport-bot) [RHEL-44299] {CVE-2024-38538}
  - KVM: arm64: Ensure target address is granule-aligned for range TLBI (Sebastian Ott) [RHEL-52248 RHEL-31215]
  - RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (cki-backport-bot) [RHEL-44250] {CVE-2024-38544}
  - NFSv4: Fix memory leak in nfs4_set_security_label (CKI Backport Bot) [RHEL-52082] {CVE-2024-41076}
  - md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING (Nigel Croxon) [RHEL-46421 RHEL-35393] {CVE-2024-39476}
  - KVM: s390: fix LPSWEY handling (CKI Backport Bot) [RHEL-50074]
  - cxl/port: Fix delete_endpoint() vs parent unregistration race (John W. Linville) [RHEL-39290 RHEL-23582] {CVE-2023-52771}
  - net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() (Petr Oros) [RHEL-49862 RHEL-17486] {CVE-2024-26855}
  - ice: fix LAG and VF lock dependency in ice_reset_vf() (Petr Oros) [RHEL-49820 RHEL-17486] {CVE-2024-36003}
  - net: wwan: iosm: Fix tainted pointer delete is case of region creation fail (Jose Ignacio Tornos Martinez) [RHEL-47992 RHEL-9429] {CVE-2024-40939}
  - wifi: cfg80211: Lock wiphy in cfg80211_get_station (CKI Backport Bot) [RHEL-47770] {CVE-2024-40911}
  - wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (CKI Backport Bot) [RHEL-47788] {CVE-2024-40912}
  - wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (CKI Backport Bot) [RHEL-47920] {CVE-2024-40929}
  - wifi: iwlwifi: mvm: don't read past the mfuart notifcation (CKI Backport Bot) [RHEL-48028] {CVE-2024-40941}
  - seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors (Hangbin Liu) [RHEL-48098 RHEL-45826] {CVE-2024-40957}
  - ipv6: fix possible race in __fib6_drop_pcpu_from() (Hangbin Liu) [RHEL-47572 RHEL-45826] {CVE-2024-40905}
  - redhat/configs: Enable CONFIG_DRM_MGAG200_DISABLE_WRITECOMBINE (Jocelyn Falempe) [RHEL-39581 RHEL-28760]
  - drm/mgag200: Add an option to disable Write-Combine (Jocelyn Falempe) [RHEL-39581 RHEL-28760]
  - drm/mgag200: Fix caching setup for remapped video memory (Scott Weaver) [RHEL-39581 RHEL-24102]
  - Revert "drm/mgag200: Flush the cache to improve latency" (Scott Weaver) [RHEL-39581 RHEL-28760]
  - net: psample: fix flag being set in wrong skb (Adrian Moreno) [RHEL-47275]
  - net: openvswitch: store sampling probability in cb. (Adrian Moreno) [RHEL-47275]
  - net: openvswitch: add psample action (Adrian Moreno) [RHEL-47275]
  - net: psample: allow using rate as probability (Adrian Moreno) [RHEL-47275]
  - net: psample: skip packet copy if no listeners (Adrian Moreno) [RHEL-47275]
  - net: psample: add user cookie (Adrian Moreno) [RHEL-47275]
  - i40e: fix: remove needless retries of NVM update (CKI Backport Bot) [RHEL-48169 RHEL-36692]
  - ice: Reject pin requests with unsupported flags (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: Don't process extts if PTP is disabled (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: Fix improper extts handling (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: stop destroying and reinitalizing Tx tracker during reset (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: factor out ice_ptp_rebuild_owner() (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: rename ice_ptp_tx_cfg_intr (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: don't check has_ready_bitmap in E810 functions (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: rename verify_cached to has_ready_bitmap (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: pass reset type to PTP reset functions (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: introduce PTP state machine (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: make RX HW timestamp reading code more reusable (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: Rename E822 to E82X (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: periodically kick Tx timestamp interrupt (Petr Oros) [RHEL-50388 RHEL-17486]
  - ice: Re-enable timestamping correctly after reset (Petr Oros) [RHEL-50388 RHEL-17486]
  - ptp: introduce helpers to adjust by scaled parts per million (Petr Oros) [RHEL-50388 RHEL-17486]
  - tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc (Andrew Halaney) [RHEL-42566 RHEL-24205] {CVE-2023-52880}
  - netfilter: complete validation of user input (Phil Sutter) [RHEL-47384 RHEL-37212] {CVE-2024-35962}
  - netfilter: validate user input for expected length (Phil Sutter) [RHEL-41668 RHEL-37212] {CVE-2024-35896}
  - scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (Ewan D. Milne) [RHEL-40051 RHEL-39719] {CVE-2024-36025}
  - x86/xen: Add some null pointer checking to smp.c (Vitaly Kuznetsov) [RHEL-37615 RHEL-33260] {CVE-2024-26908}
  - x86/xen: Fix memory leak in xen_smp_intr_init{_pv}() (Prarit Bhargava) [RHEL-37615 RHEL-25415]
* Fri Aug 09 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.31.1.el9_4]
  - net: fix __dst_negative_advice() race (CKI Backport Bot) [RHEL-46798] {CVE-2024-36971}
  - net: annotate data-races around sk->sk_dst_pending_confirm (CKI Backport Bot) [RHEL-46798] {CVE-2024-36971}
* Mon Aug 05 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.30.1.el9_4]
  - dmaengine: idxd: add a write() method for applications to submit work (Jerry Snitselaar) [RHEL-35840] {CVE-2024-21823}
  - dmaengine: idxd: add a new security check to deal with a hardware erratum (Jerry Snitselaar) [RHEL-35840] {CVE-2024-21823}
  - VFIO: Add the SPR_DSA and SPR_IAX devices to the denylist (Jerry Snitselaar) [RHEL-35840] {CVE-2024-21823}
  - tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer (Mark Salter) [RHEL-49538 RHEL-39308]
  - virtio: delete vq in vp_find_vqs_msix() when request_irq() fails (Jon Maloy) [RHEL-44467] {CVE-2024-37353}
  - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP (Izabela Bakollari) [RHEL-36271 RHEL-26682] {CVE-2024-26600}
  - eeprom: at24: fix memory corruption race condition (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
  - eeprom: at24: Probe for DDR3 thermal sensor in the SPD case (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
  - eeprom: at24: Use dev_err_probe for nvmem register failure (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
  - eeprom: at24: Add support for 24c1025 EEPROM (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
  - eeprom: at24: remove struct at24_client (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
  - at24: Support probing while in non-zero ACPI D state (CKI Backport Bot) [RHEL-42970] {CVE-2024-35848}
  - tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). (CKI Backport Bot) [RHEL-44439] {CVE-2024-37356}
  - cxl/region: Fix cxlr_pmem leaks (cki-backport-bot) [RHEL-44486] {CVE-2024-38391}
  - tls: fix missing memory barrier in tls_init (cki-backport-bot) [RHEL-44480] {CVE-2024-36489}
  - igc: avoid returning frame twice in XDP_REDIRECT (Corinna Vinschen) [RHEL-42714 RHEL-33266] {CVE-2024-26853}
  - ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound (Hangbin Liu) [RHEL-44404 RHEL-44402] {CVE-2024-33621}
  - ipvlan: add ipvlan_route_v6_outbound() helper (Davide Caratti) [RHEL-44404 RHEL-32205]
  - ipvlan: properly track tx_errors (Davide Caratti) [RHEL-44404 RHEL-32205]
  - wifi: nl80211: don't free NULL coalescing rule (Jose Ignacio Tornos Martinez) [RHEL-41698 RHEL-39754] {CVE-2024-36941}
  - wifi: iwlwifi: dbg-tlv: ensure NUL termination (Jose Ignacio Tornos Martinez) [RHEL-41658 RHEL-37028] {CVE-2024-35845}
  - mlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work (Ivan Vecera) [RHEL-41556 RHEL-37018] {CVE-2024-35852}
  - net: openvswitch: fix overwriting ct original tuple for ICMPv6 (cki-backport-bot) [RHEL-44215] {CVE-2024-38558}
  - wifi: iwlwifi: read txq->read_ptr under lock (Jose Ignacio Tornos Martinez) [RHEL-41520 RHEL-39799] {CVE-2024-36922}
  - wifi: cfg80211: check A-MSDU format more carefully (Jose Ignacio Tornos Martinez) [RHEL-38754 RHEL-37345] {CVE-2024-35937}
  - ice: fix memory corruption bug with suspend and rebuild (Petr Oros) [RHEL-49858 RHEL-17486] {CVE-2024-35911}
  - ipv6: prevent possible NULL deref in fib6_nh_init() (Hangbin Liu) [RHEL-48182 RHEL-45826] {CVE-2024-40961}
  - netns: Make get_net_ns() handle zero refcount net (Paolo Abeni) [RHEL-48117 RHEL-46610] {CVE-2024-40958}
  - net: do not leave a dangling sk pointer, when socket creation fails (Paolo Abeni) [RHEL-48072 RHEL-46610] {CVE-2024-40954}
  - net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool() (CKI Backport Bot) [RHEL-47902] {CVE-2024-40928}
  - net: netlink: af_netlink: Prevent empty skb by adding a check on len. (Ivan Vecera) [RHEL-43619 RHEL-30344] {CVE-2021-47606}
  - bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (CKI Backport Bot) [RHEL-46921] {CVE-2024-39487}
  - nfs: fix panic when nfs4_ff_layout_prepare_ds() fails (Benjamin Coddington) [RHEL-42732 RHEL-34875] {CVE-2024-26868}
  - efi: fix panic in kdump kernel (Steve Best) [RHEL-42920 RHEL-36998] {CVE-2024-35800}
  - ipv6: fix potential "struct net" leak in inet6_rtm_getaddr() (Hangbin Liu) [RHEL-41735 RHEL-31050] {CVE-2024-27417}
  - netfilter: nf_tables: do not compare internal table flags on updates (Florian Westphal) [RHEL-41682 RHEL-33985] {CVE-2024-27065}
  - ipv6: Fix potential uninit-value access in __ip6_make_skb() (Antoine Tenart) [RHEL-41466 RHEL-39786] {CVE-2024-36903}
  - netfilter: nf_tables: honor table dormant flag from netdev release event path (Florian Westphal) [RHEL-40056 RHEL-33985] {CVE-2024-36005}
  - cifs: fix underflow in parse_server_interfaces() (Paulo Alcantara) [RHEL-34636 RHEL-31245] {CVE-2024-26828}
  - drm/i915/audio: Fix audio time stamp programming for DP (CKI Backport Bot) [RHEL-45843]
  - platform/x86: wmi: Fix opening of char device (David Arcari) [RHEL-42548 RHEL-38260] {CVE-2023-52864}
  - platform/x86: wmi: remove unnecessary initializations (David Arcari) [RHEL-42548 RHEL-38260] {CVE-2023-52864}
  - rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (CKI Backport Bot) [RHEL-43170] {CVE-2024-36017}
  - netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain (Florian Westphal) [RHEL-40062 RHEL-33985] {CVE-2024-26808}
  - ipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr (Jiri Benc) [RHEL-39017 RHEL-32372] {CVE-2024-35969}
  - netfilter: nf_tables: flush pending destroy work before exit_net release (Florian Westphal) [RHEL-38765 RHEL-33985] {CVE-2024-35899}
  - vt: fix unicode buffer corruption when deleting characters (Andrew Halaney) [RHEL-42947 RHEL-24205] {CVE-2024-35823}
* Fri Jul 26 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.29.1.el9_4]
  - net: Avoid address overwrite in kernel_connect (Davide Caratti) [RHEL-45728 RHEL-30875]
  - net: replace calls to sock->ops->connect() with kernel_connect() (Davide Caratti) [RHEL-45728 RHEL-33410]
  - i40e: fix vf may be used uninitialized in this function warning (Kamal Heib) [RHEL-41638 RHEL-39704] {CVE-2024-36020}
  - cifs: translate network errors on send to -ECONNABORTED (Jay Shin) [RHEL-47047 RHEL-31245]
  - wifi: brcmfmac: pcie: handle randbuf allocation failure (Jose Ignacio Tornos Martinez) [RHEL-44132] {CVE-2024-38575}
  - wifi: iwlwifi: mvm: guard against invalid STA ID on removal (Jose Ignacio Tornos Martinez) [RHEL-43208 RHEL-39803] {CVE-2024-36921}
  - wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (Jose Ignacio Tornos Martinez) [RHEL-42906 RHEL-36809] {CVE-2024-35789}
  - wifi: iwlwifi: mvm: don't set the MFP flag for the GTK (Jose Ignacio Tornos Martinez) [RHEL-42886 RHEL-36900] {CVE-2024-27434}
  - wifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work (Jose Ignacio Tornos Martinez) [RHEL-42860 RHEL-35142] {CVE-2024-27052}
  - wifi: mt76: mt7925e: fix use-after-free in free_irq() (Jose Ignacio Tornos Martinez) [RHEL-42856 RHEL-35148] {CVE-2024-27049}
  - wifi: ath9k: delay all of ath9k_wmi_event_tasklet() until init is complete (Jose Ignacio Tornos Martinez) [RHEL-42743 RHEL-34187] {CVE-2024-26897}
  - wifi: ath10k: fix NULL pointer dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (Jose Ignacio Tornos Martinez) [RHEL-42383 RHEL-35199] {CVE-2023-52651}
  - net: core: reject skb_copy(_expand) for fraglist GSO skbs (Xin Long) [RHEL-41402 RHEL-39781] {CVE-2024-36929}
* Fri Jul 19 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.28.1.el9_4]
  - mlxbf_gige: call request_irq() after NAPI initialized (Kamal Heib) [RHEL-43012 RHEL-37179] {CVE-2024-35907}
  - mlxbf_gige: stop PHY during open() error paths (Kamal Heib) [RHEL-43012 RHEL-37179] {CVE-2024-35907}
  - mlxbf_gige: stop interface during shutdown (Kamal Heib) [RHEL-41708 RHEL-37244] {CVE-2024-35885}
  - net: amd-xgbe: Fix skb data length underflow (Ken Cox) [RHEL-43796 RHEL-43794] {CVE-2022-48743}
  - nfp: flower: handle acti_netdevs allocation failure (Ken Cox) [RHEL-42852 RHEL-35158] {CVE-2024-27046}
  - block: add check that partition length needs to be aligned with block size (Ming Lei) [RHEL-45501 RHEL-26616] {CVE-2023-52458}
  - nfsd: hold a lighter-weight client reference over CB_RECALL_ANY (Benjamin Coddington) [RHEL-45517 RHEL-31513]
  - NFSD: CREATE_SESSION must never cache NFS4ERR_DELAY replies (Benjamin Coddington) [RHEL-45517 RHEL-31513]
  - NFSD: Document the phases of CREATE_SESSION (Benjamin Coddington) [RHEL-45517 RHEL-31513]
  - NFSD: Fix the NFSv4.1 CREATE_SESSION operation (Benjamin Coddington) [RHEL-45517 RHEL-31513]
  - icmp: prevent possible NULL dereferences from icmp_build_probe() (Antoine Tenart) [RHEL-42974 RHEL-37002] {CVE-2024-35857}
  - NFSv4.1: fix handling NFS4ERR_DELAY when testing for session trunking (Scott Mayhew) [RHEL-45360 RHEL-24133]
  - RAS/AMD/ATL: Use system settings for MI300 DRAM to normalized address translation (Aristeu Rozanski) [RHEL-46335 RHEL-38634]
  - RAS/AMD/ATL: Fix MI300 bank hash (Aristeu Rozanski) [RHEL-46335 RHEL-38634]
  - net/ipv6: avoid possible UAF in ip6_route_mpath_notify() (Hangbin Liu) [RHEL-42689 RHEL-33271] {CVE-2024-26852}
  - epoll: be better about file lifetimes (Pavel Reichl) [RHEL-44091 RHEL-44083] {CVE-2024-38580}
  - scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (Dick Kennedy) [RHEL-40659 RHEL-40665 RHEL-24508 RHEL-39793] {CVE-2024-36924}
  - scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (Dick Kennedy) [RHEL-40659 RHEL-40669 RHEL-24508 RHEL-39887] {CVE-2024-36952}
  - bpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel (Viktor Malik) [RHEL-42640 RHEL-31726] {CVE-2024-26737}
  - can: j1939: j1939_netdev_start(): fix UAF for rx_kref of j1939_priv (Ken Cox) [RHEL-41489 RHEL-38415] {CVE-2021-47459}
  - wifi: ath11k: restore country code during resume (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
  - wifi: ath11k: refactor setting country code logic (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
  - bus: mhi: host: Add mhi_power_down_keep_dev() API to support system suspend/hibernation (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
  - net: qrtr: support suspend/hibernation (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
  - wifi: ath11k: support hibernation (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
  - wifi: ath11k: thermal: don't try to register multiple times (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
  - wifi: ath11k: fix warning on DMA ring capabilities event (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
  - wifi: ath11k: do not dump SRNG statistics during resume (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
  - wifi: ath11k: remove MHI LOOPBACK channels (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
  - wifi: ath11k: rearrange IRQ enable/disable in reset path (Jose Ignacio Tornos Martinez) [RHEL-46230 RHEL-12349]
* Mon Jul 15 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.27.1.el9_4]
  - drm/ast: Fix soft lockup (CKI Backport Bot) [RHEL-45716]
  - dm: call the resume method on internal suspend (Benjamin Marzinski) [RHEL-41838 RHEL-33217] {CVE-2024-26880}
  - KVM: arm64: Do not re-initialize the KVM lock (Sebastian Ott) [RHEL-37528 RHEL-36279]
  - KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() (Sebastian Ott) [RHEL-37528 RHEL-36279]
  - KVM: arm64: Fix host-programmed guest events in nVHE (Sebastian Ott) [RHEL-37528 RHEL-36279]
  - KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler (Sebastian Ott) [RHEL-37528 RHEL-36279]
  - KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() (Sebastian Ott) [RHEL-37528 RHEL-36279]
  - KVM: arm64: Fix double-free following kvm_pgtable_stage2_free_unlinked() (Sebastian Ott) [RHEL-37528 RHEL-36279]
  - octeontx2-af: Use separate handlers for interrupts (Kamal Heib) [RHEL-42846 RHEL-35170] {CVE-2024-27030}
  - Squashfs: check the inode number is not the invalid value of zero (Abhi Das) [RHEL-42811 RHEL-35098] {CVE-2024-26982}
  - net: fix sk_memory_allocated_{add|sub} vs softirqs (Paolo Abeni) [RHEL-36773 RHEL-34070]
  - tcp: sk_forced_mem_schedule() optimization (Paolo Abeni) [RHEL-36773 RHEL-34070]
  - net: make SK_MEMORY_PCPU_RESERV tunable (Paolo Abeni) [RHEL-36773 RHEL-34070]
  - ext4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found() (Pavel Reichl) [RHEL-42655 RHEL-31690] {CVE-2024-26773}
  - scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() (John Meneghini) [RHEL-42528 RHEL-38200] {CVE-2023-52809}
  - KVM: x86/mmu: Retry fault before acquiring mmu_lock if mapping is changing (Maxim Levitsky) [RHEL-43388]
  - s390/cpum_cf: make crypto counters upward compatible across machine types (Tobias Huschle) [RHEL-40398 RHEL-36047]
  - RAS: enable CONFIG_RAS_FMPM (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS: Avoid build errors when CONFIG_DEBUG_FS=n (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS/AMD/FMPM: Safely handle saved records of various sizes (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS/AMD/FMPM: Avoid NULL ptr deref in get_saved_records() (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - Merge tag 'edac_updates_for_v6.9' of git://git.kernel.org/pub/scm/linux/kernel/git/ras/ras (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS/AMD/FMPM: Fix off by one when unwinding on error (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS/AMD/FMPM: Add debugfs interface to print record entries (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS/AMD/FMPM: Save SPA values (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS: Export helper to get ras_debugfs_dir (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS/AMD/ATL: Fix bit overflow in denorm_addr_df4_np2() (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS: Introduce a FRU memory poison manager (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - x86/cpu/amd: Provide a separate accessor for Node ID (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS/AMD/ATL: Add MI300 row retirement support (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - Documentation: Move RAS section to admin-guide (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS/AMD/ATL: Add MI300 DRAM to normalized address translation support (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS/AMD/ATL: Fix array overflow in get_logical_coh_st_fabric_id_mi300() (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - RAS/AMD/ATL: Add MI300 support (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - Documentation: RAS: Add index and address translation section (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
  - cpu/SMT: Make SMT control more robust against enumeration failures (Aristeu Rozanski) [RHEL-36212 RHEL-17008]
* Fri Jul 05 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.26.1.el9_4]
  - net: ena: Fix incorrect descriptor free behavior (Kamal Heib) [RHEL-39217 RHEL-37430] {CVE-2024-35958}
  - tcp: Use refcount_inc_not_zero() in tcp_twsk_unique(). (Guillaume Nault) [RHEL-41749 RHEL-39837] {CVE-2024-36904}
  - mm/mglru: Revert "don't sync disk for each aging cycle" (Waiman Long) [RHEL-44418]
  - tipc: fix UAF in error path (Xin Long) [RHEL-34848 RHEL-34280] {CVE-2024-36886}
  - selftest/cgroup: Update test_cpuset_prs.sh to match changes (Waiman Long) [RHEL-45139]
  - cgroup/cpuset: Make cpuset.cpus.exclusive independent of cpuset.cpus (Waiman Long) [RHEL-45139]
  - cgroup/cpuset: Delay setting of CS_CPU_EXCLUSIVE until valid partition (Waiman Long) [RHEL-45139]
  - selftest/cgroup: Fix test_cpuset_prs.sh problems reported by test robot (Waiman Long) [RHEL-45139]
  - cgroup/cpuset: Fix remote root partition creation problem (Waiman Long) [RHEL-45139]
  - cgroup/cpuset: Optimize isolated partition only generate_sched_domains() calls (Waiman Long) [RHEL-45139]
  - cgroup/cpuset: Fix retval in update_cpumask() (Waiman Long) [RHEL-45139]
  - cgroup/cpuset: Fix a memory leak in update_exclusive_cpumask() (Waiman Long) [RHEL-45139]
  - ice: implement AQ download pkg retry (Petr Oros) [RHEL-38907 RHEL-17318]
  - redhat: include resolve_btfids in kernel-devel (Viktor Malik) [RHEL-43426 RHEL-40707]
  - blk-cgroup: fix list corruption from resetting io stat (cki-backport-bot) [RHEL-44977] {CVE-2024-38663}
  - misc: rtsx: do clear express reg every SD_INT (David Arcari) [RHEL-39985 RHEL-33706]
  - misc: rtsx: Fix rts5264 driver status incorrect when card removed (David Arcari) [RHEL-39985 RHEL-33706]
  - netfilter: tproxy: bail out if IP has been disabled on the device (cki-backport-bot) [RHEL-44371] {CVE-2024-36270}
  - lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (cki-backport-bot) [RHEL-44263 RHEL-44261] {CVE-2024-38543}
  - r8169: Fix possible ring buffer corruption on fragmented Tx packets. (cki-backport-bot) [RHEL-44039] {CVE-2024-38586}
  - net: micrel: Fix receiving the timestamp in the frame for lan8841 (cki-backport-bot) [RHEL-43996] {CVE-2024-38593}
  - vt: fix memory overlapping when deleting chars in the buffer (Waiman Long) [RHEL-43379 RHEL-27780] {CVE-2022-48627}
  - net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map (Kamal Heib) [RHEL-42728 RHEL-34192] {CVE-2024-26858}
  - locking/atomic: Make test_and_*_bit() ordered on failure (Paolo Bonzini) [RHEL-45896]
  - mm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index (Rafael Aquini) [RHEL-42659 RHEL-31840] {CVE-2024-26783}
  - can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock (Jose Ignacio Tornos Martinez) [RHEL-42379 RHEL-31530] {CVE-2023-52638}
  - ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow in hns_dsaf_ge_srst_by_port() (Ken Cox) [RHEL-42226 RHEL-38715] {CVE-2021-47548}
* Mon Jul 01 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.25.1.el9_4]
  - nvme: fix reconnection fail due to reserved tag allocation (Maurizio Lombardi) [RHEL-42896 RHEL-36896] {CVE-2024-27435}
  - net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg (cki-backport-bot) [RHEL-43625] {CVE-2021-47596}
  - scsi: sg: Avoid race in error handling & drop bogus warn (Ewan D. Milne) [RHEL-36106 RHEL-35659]
  - scsi: sg: Avoid sg device teardown race (Ewan D. Milne) [RHEL-36106 RHEL-35659]
  - netfilter: nf_tables: use timestamp to check for set element timeout (Florian Westphal) [RHEL-38032 RHEL-33985] {CVE-2024-27397}
  - netfilter: nft_set_rbtree: Remove unused variable nft_net (Florian Westphal) [RHEL-38032 RHEL-33985]
  - netfilter: nft_set_rbtree: prefer sync gc to async worker (Florian Westphal) [RHEL-38032 RHEL-33985]
  - netfilter: nft_set_rbtree: rename gc deactivate+erase function (Florian Westphal) [RHEL-38032 RHEL-33985]
  - netfilter: nf_tables: de-constify set commit ops function argument (Florian Westphal) [RHEL-38032 RHEL-33985]
  - octeontx2-af: avoid off-by-one read from userspace (Kamal Heib) [RHEL-40486 RHEL-39873] {CVE-2024-36957}
* Sun Jun 23 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.24.1.el9_4]
  - net/bnx2x: Prevent access to a freed page in page_pool (Michal Schmidt) [RHEL-43272 RHEL-23117]
  - bnx2x: new flag for track HW resource allocation (Michal Schmidt) [RHEL-43272 RHEL-23117]
  - bnx2x: fix page fault following EEH recovery (Michal Schmidt) [RHEL-43272 RHEL-23117]
  - bnx2x: fix pci device refcount leak in bnx2x_vf_is_pcie_pending() (Michal Schmidt) [RHEL-43272 RHEL-23117]
  - bnx2x: fix potential memory leak in bnx2x_tpa_stop() (Michal Schmidt) [RHEL-43272 RHEL-23117]
  - xen-netfront: Add missing skb_mark_for_recycle (Vitaly Kuznetsov) [RHEL-37626 RHEL-36573] {CVE-2024-27393}
  - tools/power/turbostat: Fix uncore frequency file string (David Arcari) [RHEL-34953 RHEL-29239]
  - tools/power turbostat: Expand probe_intel_uncore_frequency() (David Arcari) [RHEL-34953 RHEL-29239]
  - net/mlx5e: fix a potential double-free in fs_any_create_groups (Kamal Heib) [RHEL-38972 RHEL-37093] {CVE-2023-52667}
  - crypto: qat - Fix typo (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (Vladis Dronov) [RHEL-38546 RHEL-35816] {CVE-2024-26974}
  - crypto: qat - specify firmware files for 402xx (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - validate slices count returned by FW (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - improve error logging to be consistent across features (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - improve error message in adf_get_arbiter_mapping() (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - implement dh fallback for primes > 4K (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - Fix spelling mistake "Invalide" -> "Invalid" (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - Avoid -Wflex-array-member-not-at-end warnings (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - implement interface for live migration (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - add interface for live migration (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - add bank save and restore flows (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - expand CSR operations for QAT GEN4 devices (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - rename get_sla_arr_of_type() (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - relocate CSR access code (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - move PFVF compat checker to a function (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - relocate and rename 4xxx PF2VM definitions (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - adf_get_etr_base() helper (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - redhat/configs: Add CONFIG_CRYPTO_DEV_QAT_420XX (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - make ring to service map common for QAT GEN4 (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - fix ring to service map for dcc in 420xx (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - fix ring to service map for dcc in 4xxx (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - fix comment structure (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - remove unnecessary description from comment (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - remove double initialization of value (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - avoid division by zero (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - removed unused macro in adf_cnv_dbgfs.c (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - remove unused macros in qat_comp_alg.c (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - uninitialized variable in adf_hb_error_inject_write() (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - Documentation: qat: fix auto_reset section (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - resolve race condition during AER recovery (Vladis Dronov) [RHEL-38546 RHEL-35816] {CVE-2024-26974}
  - crypto: qat - change SLAs cleanup flow at shutdown (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - improve aer error reset handling (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - limit heartbeat notifications (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - add auto reset on error (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - add fatal error notification (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - re-enable sriov after pf reset (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - update PFVF protocol for recovery (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - disable arbitration before reset (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - add fatal error notify method (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - add heartbeat error simulator (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - use kcalloc_node() instead of kzalloc_node() (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - avoid memcpy() overflow warning (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - fix arbiter mapping generation algorithm for QAT 402xx (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - generate dynamically arbiter mappings (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - add support for ring pair level telemetry (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - add support for device telemetry (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - add admin msgs for telemetry (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - include pci.h for GET_DEV() (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - add support for 420xx devices (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - move fw config related structures (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - relocate portions of qat_4xxx code (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - change signature of uof_get_num_objs() (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - crypto: qat - relocate and rename get_service_enabled() (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - seq_file: add helper macro to define attribute for rw file (Vladis Dronov) [RHEL-38546 RHEL-35816]
  - minmax: Introduce {min,max}_array() (Vladis Dronov) [RHEL-38546 RHEL-35816]
* Fri Jun 14 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.23.1.el9_4]
  - net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context (Kamal Heib) [RHEL-34050 RHEL-30492] {CVE-2023-52626}
  - blk-mq: add helper for checking if one CPU is mapped to specified hctx (Ming Lei) [RHEL-38595 RHEL-36684]
  - net/sched: flower: Add lock protection when remove filter handle (Petr Oros) [RHEL-35672 RHEL-33379]
  - Bluetooth: Avoid potential use-after-free in hci_error_reset (David Marlin) [RHEL-33913 RHEL-31828] {CVE-2024-26801}
  - net: hns3: do not allow call hns3_nic_net_open repeatedly (Jose Ignacio Tornos Martinez) [RHEL-38933 RHEL-37707] {CVE-2021-47400}
  - tmpfs: fix Documentation of noswap and huge mount options (Nico Pache) [RHEL-38252 RHEL-31975]
  - shmem: add support to ignore swap (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
  - shmem: update documentation (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
  - shmem: skip page split if we're not reclaiming (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
  - shmem: move reclaim check early on writepages() (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
  - shmem: set shmem_writepage() variables early (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
  - shmem: remove check for folio lock on writepage() (Chris von Recklinghausen) [RHEL-38252 RHEL-31975]
  - ice: Add automatic VF reset on Tx MDD events (Petr Oros) [RHEL-39083 RHEL-36317]
  - net/ipv6: SKB symmetric hash should incorporate transport ports (Ivan Vecera) [RHEL-37641 RHEL-36218]
  - ipv6: sr: fix memleak in seg6_hmac_init_algo (Hangbin Liu) [RHEL-37669 RHEL-37511]
  - ipv6: sr: fix missing sk_buff release in seg6_input_core (Hangbin Liu) [RHEL-37669 RHEL-37511]
  - ipv6: sr: fix invalid unregister error path (Hangbin Liu) [RHEL-37669 RHEL-37511]
  - ipv6: sr: fix incorrect unregister order (Hangbin Liu) [RHEL-37669 RHEL-37511]
  - ipv6: sr: add missing seg6_local_exit (Hangbin Liu) [RHEL-37669 RHEL-37511]
  - block: fix q->blkg_list corruption during disk rebind (Ming Lei) [RHEL-36687 RHEL-33577]
  - ice: fix uninitialized dplls mutex usage (Petr Oros) [RHEL-36716 RHEL-36283]
  - ice: fix pin phase adjust updates on PF reset (Petr Oros) [RHEL-36716 RHEL-36283]
  - ice: fix dpll periodic work data updates on PF reset (Petr Oros) [RHEL-36716 RHEL-36283]
  - ice: fix dpll and dpll_pin data access on PF reset (Petr Oros) [RHEL-36716 RHEL-36283]
  - ice: fix dpll input pin phase_adjust value updates (Petr Oros) [RHEL-36716 RHEL-36283]
  - ice: fix connection state of DPLL and out pin (Petr Oros) [RHEL-36716 RHEL-36283]
  - redhat: remove the merge subtrees script (Derek Barbosa)
  - redhat: rhdocs: delete .get_maintainer.conf (Derek Barbosa)
  - redhat: rhdocs: Remove the rhdocs directory (Derek Barbosa)
  - net/mlx5: Properly link new fs rules into the tree (Kamal Heib) [RHEL-38954 RHEL-37422] {CVE-2024-35960}
  - smb: client: fix UAF in smb2_reconnect_server() (Jay Shin) [RHEL-28943 RHEL-40177 RHEL-37273 RHEL-7986] {CVE-2024-35870}
  - smb: client: remove extra @chan_count check in __cifs_put_smb_ses() (Jay Shin) [RHEL-28943 RHEL-31245]
  - RHEL: enable CONFIG_AMD_ATL (Aristeu Rozanski) [RHEL-36220 RHEL-26704]
  - EDAC/amd64: Use new AMD Address Translation Library (Aristeu Rozanski) [RHEL-36220 RHEL-26704]
  - RAS: Introduce AMD Address Translation Library (Aristeu Rozanski) [RHEL-36220 RHEL-26704]
* Mon Jun 10 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.22.1.el9_4]
  - dpll: fix dpll_pin_on_pin_register() for multiple parent pins (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: indent DPLL option type by a tab (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: fix dpll_xa_ref_*_del() for multiple registrations (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: spec: use proper enum for pin capabilities attribute (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: move all dpll<>netdev helpers to dpll code (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: fix build failure due to rcu_dereference_check() on unknown type (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: rely on rcu for netdev_dpll_pin() (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: fix possible deadlock during netlink dump operation (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: check that pin is registered in __dpll_pin_unregister() (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: move xa_erase() call in to match dpll_pin_alloc() error path order (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: expose fractional frequency offset value to user (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: allocate pin ids in cycle (Petr Oros) [RHEL-36572 RHEL-32098]
  - dpll: remove leftover mode_supported() op and use mode_get() instead (Petr Oros) [RHEL-36572 RHEL-32098]
  - Documentation: dpll: wrap DPLL_CMD_PIN_GET output in a code block (Petr Oros) [RHEL-36572 RHEL-32098]
  - Documentation: dpll: Fix code blocks (Petr Oros) [RHEL-36572 RHEL-32098]
  - MAINTAINERS: adjust header file entry in DPLL SUBSYSTEM (Petr Oros) [RHEL-36572 RHEL-32098]
  - netdev: Remove unneeded semicolon (Petr Oros) [RHEL-36572 RHEL-32098]
  - netlink: add variable-length / auto integers (Petr Oros) [RHEL-36572 RHEL-30145]
  - netlink: allow be16 and be32 types in all uint policy checks (Ivan Vecera) [RHEL-36572 RHEL-30656]
  - net: netlink: recommend policy range validation (Ivan Vecera) [RHEL-36572 RHEL-30344]
  - netlink: add nla be16/32 types to minlen array (Ivan Vecera) [RHEL-36572 RHEL-30344]
  - netlink: introduce bigendian integer types (Michal Schmidt) [RHEL-36572 RHEL-30344]
  - netlink: introduce NLA_POLICY_MAX_BE (Ivan Vecera) [RHEL-36572 RHEL-30344]
  - ice: use irq_update_affinity_hint() (Michal Schmidt) [RHEL-38512 RHEL-35293]
  - x86/tsc: Defer marking TSC unstable to a worker (Wander Lairson Costa) [RHEL-9296 RHEL-19514]
  - x86/smpboot: Make TSC synchronization function call based (David Arcari) [RHEL-9296 RHEL-19514]
  - Bluetooth: hci_core: Remove le_restart_scan work (David Marlin) [RHEL-38524 RHEL-30099]
  - hwmon: (coretemp) Enlarge per package core count limit (David Arcari) [RHEL-35447 RHEL-22705]
  - hwmon: (coretemp) Fix bogus core_id to attr name mapping (David Arcari) [RHEL-35447 RHEL-22705]
  - hwmon: (coretemp) Fix out-of-bounds memory access (David Arcari) [RHEL-35447 RHEL-22705]
  - perf: arm_cspmu: Reject events meant for other PMUs (Michael Petlan) [RHEL-34991 RHEL-25824]
  - smb: client: refresh referral without acquiring refpath_lock (Jay Shin) [RHEL-38904 RHEL-7986]
  - smb: client: guarantee refcounted children from parent session (Jay Shin) [RHEL-38904 RHEL-7986]
  - smb3: show beginning time for per share stats (Jay Shin) [RHEL-38904 RHEL-31245]
  - smb: client: fix mount when dns_resolver key is not available (Jay Shin) [RHEL-38904 RHEL-31245]
  - smb: client: get rid of dfs code dep in namespace.c (Jay Shin) [RHEL-38904 RHEL-31245]
  - smb: client: get rid of dfs naming in automount code (Jay Shin) [RHEL-38904 RHEL-31245]
  - smb: client: rename cifs_dfs_ref.c to namespace.c (Jay Shin) [RHEL-38904 RHEL-31245]
  - smb: client: ensure to try all targets when finding nested links (Jay Shin) [RHEL-38904 RHEL-31245]
  - smb: client: introduce DFS_CACHE_TGT_LIST() (Jay Shin) [RHEL-38904 RHEL-31245]
  - smb: client: remove redundant pointer 'server' (Jay Shin) [RHEL-38904 RHEL-28739]
  - smb: client: fix parsing of source mount option (Jay Shin) [RHEL-38904 RHEL-28739]
  - integrity: eliminate unnecessary "Problem loading X.509 certificate" msg (Coiby Xu) [RHEL-39933 RHEL-12346]
* Mon Jun 03 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.21.1.el9_4]
  - drm/i915/display: Increase number of fast wake precharge pulses (Mika Penttilä) [RHEL-36534 RHEL-20439]
  - drm/i915/psr: Improve fast and IO wake lines calculation (Mika Penttilä) [RHEL-36534 RHEL-20439]
  - drm/i915/display: Make intel_dp_aux_fw_sync_len available for PSR code (Mika Penttilä) [RHEL-36534 RHEL-20439]
  - smb: client: improve DFS mount check (Jay Shin) [RHEL-36743 RHEL-28739]
  - net: mana: Fix Rx DMA datasize and skb_over_panic (Cathy Avery) [RHEL-37622 RHEL-9872]
* Thu May 23 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.20.1.el9_4]
  - ipv6: sr: fix possible use-after-free and null-ptr-deref (Hangbin Liu) [RHEL-33968 RHEL-31732] {CVE-2024-26735}
  - idpf: fix kernel panic on unknown packet types (Michal Schmidt) [RHEL-36145 RHEL-29035]
  - idpf: refactor some missing field get/prep conversions (Michal Schmidt) [RHEL-36145 RHEL-29035]
  - PCI: Fix pci_rh_check_status() call semantics (Luiz Capitulino) [RHEL-36541 RHEL-35032]
  - cxgb4: Properly lock TX queue for the selftest. (John B. Wyatt IV) [RHEL-36530 RHEL-31990 RHEL-9354]
* Mon May 20 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.19.1.el9_4]
  - x86/mce: Cleanup mce_usable_address() (Prarit Bhargava) [RHEL-33810 RHEL-25415]
  - x86/mce: Define amd_mce_usable_address() (Prarit Bhargava) [RHEL-33810 RHEL-25415]
  - x86/MCE/AMD: Split amd_mce_is_memory_error() (Prarit Bhargava) [RHEL-33810 RHEL-25415]
  - fs: sysfs: Fix reference leak in sysfs_break_active_protection() (Ewan D. Milne) [RHEL-35302 RHEL-35078] {CVE-2024-26993}
* Mon May 13 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.18.1.el9_4]
  - netfilter: nf_tables: disallow anonymous set with timeout flag (Phil Sutter) [RHEL-32971 RHEL-30082] {CVE-2024-26642}
  - netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout (Phil Sutter) [RHEL-33070 RHEL-30078] {CVE-2024-26643}
  - netfilter: nft_ct: fix l3num expectations with inet pseudo family (Phil Sutter) [RHEL-32963 RHEL-31345] {CVE-2024-26673}
  - netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations (Phil Sutter) [RHEL-32963 RHEL-31345] {CVE-2024-26673}
  - arm64: tlb: Fix TLBI RANGE operand (Shaoqin Huang) [RHEL-33412 RHEL-26259]
  - arm64/mm: Modify range-based tlbi to decrement scale (Shaoqin Huang) [RHEL-33412 RHEL-26259]
  - rh_messages.h: mark mlx5 on Bluefield-3 as unmaintained (Scott Weaver) [RHEL-35878 RHEL-33061]
  - net: ip_tunnel: prevent perpetual headroom growth (Guillaume Nault) [RHEL-33934 RHEL-31816] {CVE-2024-26804}
  - gitlab-ci: use zstream builder container image (Michael Hofmann)
  - selftests: net: gro fwd: update vxlan GRO test expectations (Antoine Tenart) [RHEL-30910 RHEL-19729]
  - udp: prevent local UDP tunnel packets from being GROed (Antoine Tenart) [RHEL-30910 RHEL-19729]
  - udp: do not transition UDP GRO fraglist partial checksums to unnecessary (Antoine Tenart) [RHEL-30910 RHEL-19729]
  - gro: fix ownership transfer (Antoine Tenart) [RHEL-30910 RHEL-19729]
  - udp: do not accept non-tunnel GSO skbs landing in a tunnel (Antoine Tenart) [RHEL-30910 RHEL-19729]
  - bpf, tcx: Get rid of tcx_link_const (Felix Maurer) [RHEL-33062 RHEL-28590]
  - selftests/bpf: Add additional mprog query test coverage (Felix Maurer) [RHEL-33062 RHEL-28590]
  - selftests/bpf: Make seen_tc* variable tests more robust (Felix Maurer) [RHEL-33062 RHEL-28590]
  - selftests/bpf: Test query on empty mprog and pass revision into attach (Felix Maurer) [RHEL-33062 RHEL-28590]
  - selftests/bpf: Adapt assert_mprog_count to always expect 0 count (Felix Maurer) [RHEL-33062 RHEL-28590]
  - selftests/bpf: Test bpf_mprog query API via libbpf and raw syscall (Felix Maurer) [RHEL-33062 RHEL-28590]
  - selftest/bpf: Add various selftests for program limits (Felix Maurer) [RHEL-33062 RHEL-28590]
  - bpf: Refuse unused attributes in bpf_prog_{attach,detach} (Felix Maurer) [RHEL-33062 RHEL-28590]
  - bpf: Handle bpf_mprog_query with NULL entry (Felix Maurer) [RHEL-33062 RHEL-28590]
  - net: Fix skb consume leak in sch_handle_egress (Felix Maurer) [RHEL-33062 RHEL-28590]
  - selftests/bpf: Add various more tcx test cases (Felix Maurer) [RHEL-33062 RHEL-28590]
  - selftests/bpf: Add test for detachment on empty mprog entry (Felix Maurer) [RHEL-33062 RHEL-28590]
  - tcx: Fix splat during dev unregister (Felix Maurer) [RHEL-33062 RHEL-28590]
  - tcx: Fix splat in ingress_destroy upon tcx_entry_free (Felix Maurer) [RHEL-33062 RHEL-28590]
  - selftests/bpf: Add mprog API tests for BPF tcx links (Felix Maurer) [RHEL-33062 RHEL-28590]
  - selftests/bpf: Add mprog API tests for BPF tcx opts (Felix Maurer) [RHEL-33062 RHEL-28590]
  - bpf: Add fd-based tcx multi-prog infra with link support (Felix Maurer) [RHEL-33062 RHEL-28590]
  - bpftool: Implement link show support for tcx (Artem Savkov) [RHEL-33062 RHEL-23643]
  - bpftool: Extend net dump with tcx progs (Artem Savkov) [RHEL-33062 RHEL-23643]
  - bpf: fix precision backtracking instruction iteration (Jay Shin) [RHEL-35230 RHEL-23643]
* Tue May 07 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.17.1.el9_4]
  - ceph: switch to use cap_delay_lock for the unlink delay list (Jay Shin) [RHEL-33003 RHEL-32997]
  - ceph: remove useless session parameter for check_caps() (Xiubo Li) [RHEL-33003 RHEL-19813]
  - ceph: flush the dirty caps immediatelly when quota is approaching (Xiubo Li) [RHEL-33003 RHEL-19813]
  - vhost: Add smp_rmb() in vhost_enable_notify() (Gavin Shan) [RHEL-31839 RHEL-26104]
  - vhost: Add smp_rmb() in vhost_vq_avail_empty() (Gavin Shan) [RHEL-31839 RHEL-26104]
  - iommu/vt-d: Support enforce_cache_coherency only for empty domains (Jerry Snitselaar) [RHEL-32793 RHEL-31083]
  - iommu/vt-d: Add MTL to quirk list to skip TE disabling (Jerry Snitselaar) [RHEL-32793 RHEL-31083]
  - iommu/vt-d: Make context clearing consistent with context mapping (Jerry Snitselaar) [RHEL-32793 RHEL-31083]
  - iommu/vt-d: Disable PCI ATS in legacy passthrough mode (Jerry Snitselaar) [RHEL-32793 RHEL-31083]
  - iommu/vt-d: Omit devTLB invalidation requests when TES=0 (Jerry Snitselaar) [RHEL-32793 RHEL-31083]
  - PCI/MSI: Prevent MSI hardware interrupt number truncation (Myron Stowe) [RHEL-33656 RHEL-21453]
* Fri Apr 26 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.16.1.el9_4]
  - memory: tegra: Skip SID programming if SID registers aren't set (Robert Foss) [RHEL-32675 RHEL-23656]
  - memory: tegra: Add SID override programming for MC clients (Robert Foss) [RHEL-32675 RHEL-23656]
  - iommu: Don't reserve 0-length IOVA region (Robert Foss) [RHEL-32675 RHEL-23656]
* Fri Apr 19 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.15.1.el9_4]
  - ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (Michal Schmidt) [RHEL-30110 RHEL-19000]
  - ice: avoid the PTP hardware semaphore in gettimex64 path (Michal Schmidt) [RHEL-30110 RHEL-19000]
  - ice: add ice_adapter for shared data across PFs on the same NIC (Michal Schmidt) [RHEL-30110 RHEL-19000]
  - crypto: iaa - mark tech preview (Vladis Dronov) [RHEL-32242 RHEL-29685]
  - crypto: iaa - Fix nr_cpus < nr_iaa case (Vladis Dronov) [RHEL-32242 RHEL-29685]
  - crypto: iaa - fix the missing CRYPTO_ALG_ASYNC in cra_flags (Vladis Dronov) [RHEL-32242 RHEL-29685]
  - crypto: iaa - Fix comp/decomp delay statistics (Vladis Dronov) [RHEL-32242 RHEL-29685]
  - crypto: iaa - Fix async_disable descriptor leak (Vladis Dronov) [RHEL-32242 RHEL-29685]
  - crypto: iaa - Remove unnecessary debugfs_create_dir() error check in iaa_crypto_debugfs_init() (Vladis Dronov) [RHEL-32242 RHEL-29685]
  - crypto: iaa - Remove header table code (Vladis Dronov) [RHEL-32242 RHEL-29685]
  - cgroup: cgroup-v1: do not exclude cgrp_dfl_root (Laurent Vivier) [RHEL-32716 RHEL-31381]
  - x86/sev: Harden #VC instruction emulation somewhat (Vitaly Kuznetsov) [RHEL-30030 RHEL-30031] {CVE-2024-25743 CVE-2024-25742}
* Fri Apr 12 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.14.1.el9_4]
  - crypto: dh - implement FIPS PCT (Vladis Dronov) [RHEL-27009 RHEL-25845]
  - crypto: tcrypt - add ffdhe2048(dh) test (Vladis Dronov) [RHEL-27009 RHEL-25845]
  - crypto: dh - Make public key test FIPS-only (Vladis Dronov) [RHEL-27009 RHEL-25845]
  - printk: allow disabling printk per-console device kthreads at boot (Luis Claudio R. Goncalves) [RHEL-30678 RHEL-17709]
  - mm, vmscan: remove ISOLATE_UNMAPPED (Nico Pache) [RHEL-29235 RHEL-28667]
  - trace-vmscan-postprocess: sync with tracepoints updates (Nico Pache) [RHEL-29235 RHEL-28667]
  - tracing: incorrect isolate_mote_t cast in mm_vmscan_lru_isolate (Nico Pache) [RHEL-29235 RHEL-28667]
  - mm/mglru: skip special VMAs in lru_gen_look_around() (Nico Pache) [RHEL-29235 RHEL-28667]
  - mm/mglru: reclaim offlined memcgs harder (Nico Pache) [RHEL-29235 RHEL-28667]
  - mm/mglru: try to stop at high watermarks (Nico Pache) [RHEL-29235 RHEL-28667]
  - mm/mglru: fix underprotected page cache (Nico Pache) [RHEL-29235 RHEL-28667]
  - mm: multi-gen LRU: reuse some legacy trace events (Nico Pache) [RHEL-29235 RHEL-28667]
  - mm: multi-gen LRU: improve design doc (Nico Pache) [RHEL-29235 RHEL-28667]
  - mm: multi-gen LRU: clean up sysfs code (Nico Pache) [RHEL-29235 RHEL-28667]
  - cpu/hotplug: Do not bail-out in DYING/STARTING sections (David Arcari) [RHEL-29673 RHEL-19514]
  - crypto: akcipher - Disable signing and decryption (Herbert Xu) [RHEL-29079 RHEL-17113] {CVE-2023-6240}
* Wed Apr 10 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.13.1.el9_4]
  - ice: fix enabling RX VLAN filtering (Petr Oros) [RHEL-28837]
* Fri Apr 05 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.12.1.el9_4]
  - mm/sparsemem: fix race in accessing memory_section->usage (Waiman Long) [RHEL-28877 RHEL-28878] {CVE-2023-52489}
  - Revert "[redhat] kabi: add symbol __scsi_execute to stablelist" (Ewan D. Milne) [RHEL-30725]
* Wed Apr 03 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.11.1.el9_4]
  - xfs: fix SEEK_HOLE/DATA for regions with active COW extents (Bill O'Donnell) [RHEL-29365]
* Tue Apr 02 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.10.1.el9_4]
  - NFS: remove sync_mode test from nfs_writepage_locked() (Jeffrey Layton) [RHEL-28630]
  - nfs: Remove writepage (Jeffrey Layton) [RHEL-28630]
* Mon Apr 01 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.9.1.el9_4]
  - blk-mq: don't schedule block kworker on isolated CPUs (Ming Lei) [RHEL-13920]
* Tue Mar 26 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.8.1.el9_4]
  - dm-integrity: align the outgoing bio in integrity_recheck (Benjamin Marzinski) [RHEL-29679]
  - dm-integrity: fix a memory leak when rechecking the data (Benjamin Marzinski) [RHEL-29679]
  - NFSv4: fairly test all delegations on a SEQ4_ revocation (Benjamin Coddington) [RHEL-7976]
* Mon Mar 25 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.7.1.el9_4]
  - NFS: Read unlock folio on nfs_page_create_from_folio() error (Benjamin Coddington) [RHEL-18029]
  - i40e: Fix VF MAC filter removal (Ivan Vecera) [RHEL-15701]
  - i40e: Fix firmware version comparison function (Ivan Vecera) [RHEL-15701]
  - i40e: disable NAPI right after disabling irqs when handling xsk_pool (Ivan Vecera) [RHEL-15701]
  - i40e: take into account XDP Tx queues when stopping rings (Ivan Vecera) [RHEL-15701]
  - i40e: avoid double calling i40e_pf_rxq_wait() (Ivan Vecera) [RHEL-15701]
  - i40e: Fix wrong mask used during DCB config (Ivan Vecera) [RHEL-15701]
  - i40e: Fix waiting for queues of all VSIs to be disabled (Ivan Vecera) [RHEL-15701]
  - i40e: Do not allow untrusted VF to remove administratively set MAC (Ivan Vecera) [RHEL-15701]
  - net: intel: fix old compiler regressions (Ivan Vecera) [RHEL-15701]
  - i40e: update xdp_rxq_info::frag_size for ZC enabled Rx queue (Ivan Vecera) [RHEL-15701]
  - i40e: set xdp_rxq_info::frag_size (Ivan Vecera) [RHEL-15701]
  - intel: xsk: initialize skb_frag_t::bv_offset in ZC drivers (Ivan Vecera) [RHEL-15701]
  - i40e: handle multi-buffer packets that are shrunk by xdp prog (Ivan Vecera) [RHEL-15701]
  - i40e: Include types.h to some headers (Ivan Vecera) [RHEL-15701]
  - i40e: Restore VF MSI-X state during PCI reset (Ivan Vecera) [RHEL-15701]
  - i40e: fix use-after-free in i40e_aqc_add_filters() (Ivan Vecera) [RHEL-15701]
  - i40e: Avoid unnecessary use of comma operator (Ivan Vecera) [RHEL-15701]
  - i40e: Fix VF disable behavior to block all traffic (Ivan Vecera) [RHEL-15701]
  - i40e: Fix filter input checks to prevent config with invalid values (Ivan Vecera) [RHEL-15701]
  - i40e: field get conversion (Ivan Vecera) [RHEL-15701]
  - i40e: field prep conversion (Ivan Vecera) [RHEL-15701]
  - intel: add bit macro includes where needed (Ivan Vecera) [RHEL-15701]
  - i40e: remove fake support of rx-frames-irq (Ivan Vecera) [RHEL-15701]
  - i40e: Fix ST code value for Clause 45 (Ivan Vecera) [RHEL-15701]
  - i40e: Fix unexpected MFS warning message (Ivan Vecera) [RHEL-15701]
  - i40e: Remove queue tracking fields from i40e_adminq_ring (Ivan Vecera) [RHEL-15701]
  - i40e: Remove AQ register definitions for VF types (Ivan Vecera) [RHEL-15701]
  - i40e: Delete unused and useless i40e_pf fields (Ivan Vecera) [RHEL-15701]
  - i40e: Fix adding unsupported cloud filters (Ivan Vecera) [RHEL-15701]
  - i40e: Delete unused i40e_mac_info fields (Ivan Vecera) [RHEL-15701]
  - i40e: Move inline helpers to i40e_prototype.h (Ivan Vecera) [RHEL-15701]
  - i40e: Remove VF MAC types (Ivan Vecera) [RHEL-15701]
  - i40e: Use helpers to check running FW and AQ API versions (Ivan Vecera) [RHEL-15701]
  - i40e: Add other helpers to check version of running firmware and AQ API (Ivan Vecera) [RHEL-15701]
  - i40e: Move i40e_is_aq_api_ver_ge helper (Ivan Vecera) [RHEL-15701]
  - i40e: Initialize hardware capabilities at single place (Ivan Vecera) [RHEL-15701]
  - i40e: Consolidate hardware capabilities (Ivan Vecera) [RHEL-15701]
  - i40e: Use DECLARE_BITMAP for flags field in i40e_hw (Ivan Vecera) [RHEL-15701]
  - i40e: Use DECLARE_BITMAP for flags and hw_features fields in i40e_pf (Ivan Vecera) [RHEL-15701]
  - i40e: Remove _t suffix from enum type names (Ivan Vecera) [RHEL-15701]
  - i40e: Remove unused flags (Ivan Vecera) [RHEL-15701]
  - i40e: add an error code check in i40e_vsi_setup (Ivan Vecera) [RHEL-15701]
  - i40e: increase max descriptors for XL710 (Ivan Vecera) [RHEL-15701]
  - i40e: Fix wrong check for I40E_TXR_FLAGS_WB_ON_ITR (Ivan Vecera) [RHEL-15701]
  - i40e: sync next_to_clean and next_to_process for programming status desc (Ivan Vecera) [RHEL-15701]
  - i40e: Fix I40E_FLAG_VF_VLAN_PRUNING value (Ivan Vecera) [RHEL-15701]
  - i40e: xsk: remove count_mask (Ivan Vecera) [RHEL-15701]
  - i40e: use scnprintf over strncpy+strncat (Ivan Vecera) [RHEL-15701]
  - intel: fix format warnings (Ivan Vecera) [RHEL-15701]
  - i40e: Refactor and rename i40e_read_pba_string() (Ivan Vecera) [RHEL-15701]
  - i40e: Split and refactor i40e_nvm_version_str() (Ivan Vecera) [RHEL-15701]
  - i40e: prevent crash on probe if hw registers have invalid values (Ivan Vecera) [RHEL-15701]
  - i40e: Move DDP specific macros and structures to i40e_ddp.c (Ivan Vecera) [RHEL-15701]
  - i40e: Remove circular header dependencies and fix headers (Ivan Vecera) [RHEL-15701]
  - i40e: Split i40e_osdep.h (Ivan Vecera) [RHEL-15701]
  - i40e: Move memory allocation structures to i40e_alloc.h (Ivan Vecera) [RHEL-15701]
  - i40e: Simplify memory allocation functions (Ivan Vecera) [RHEL-15701]
  - i40e: Refactor I40E_MDIO_CLAUSE* macros (Ivan Vecera) [RHEL-15701]
  - i40e: Move I40E_MASK macro to i40e_register.h (Ivan Vecera) [RHEL-15701]
  - i40e: Remove back pointer from i40e_hw structure (Ivan Vecera) [RHEL-15701]
  - i40e: Add rx_missed_errors for buffer exhaustion (Ivan Vecera) [RHEL-15701]
  - net: Tree wide: Replace xdp_do_flush_map() with xdp_do_flush(). (Ivan Vecera) [RHEL-15701]
  - i40e: fix potential memory leaks in i40e_remove() (Ivan Vecera) [RHEL-15701]
  - i40e: fix potential NULL pointer dereferencing of pf->vf i40e_sync_vsi_filters() (Ivan Vecera) [RHEL-15701]
  - i40e: fix misleading debug logs (Ivan Vecera) [RHEL-15701]
  - i40e: Replace one-element array with flex-array member in struct i40e_profile_aq_section (Ivan Vecera) [RHEL-15701]
  - i40e: Replace one-element array with flex-array member in struct i40e_section_table (Ivan Vecera) [RHEL-15701]
  - i40e: Replace one-element array with flex-array member in struct i40e_profile_segment (Ivan Vecera) [RHEL-15701]
  - i40e: Replace one-element array with flex-array member in struct i40e_package_header (Ivan Vecera) [RHEL-15701]
  - i40e: Remove unused function declarations (Ivan Vecera) [RHEL-15701]
  - i40e: remove i40e_status (Ivan Vecera) [RHEL-15701]
  - i40e: Fix an NULL vs IS_ERR() bug for debugfs_create_dir() (Ivan Vecera) [RHEL-15701]
  - i40e: xsk: add TX multi-buffer support (Ivan Vecera) [RHEL-15701]
  - i40e: xsk: add RX multi-buffer support (Ivan Vecera) [RHEL-15701]
  - i40e, xsk: fix comment typo (Ivan Vecera) [RHEL-15701]
  - i40e: remove unnecessary check for old MAC == new MAC (Ivan Vecera) [RHEL-15701]
  - i40e: fix i40e_setup_misc_vector() error handling (Ivan Vecera) [RHEL-15701]
  - i40e: fix accessing vsi->active_filters without holding lock (Ivan Vecera) [RHEL-15701]
  - i40e: Add support for VF to specify its primary MAC address (Ivan Vecera) [RHEL-15701]
  - i40e: fix registers dump after run ethtool adapter self test (Ivan Vecera) [RHEL-15701]
  - i40e: fix flow director packet filter programming (Ivan Vecera) [RHEL-15701]
  - i40e: add support for XDP multi-buffer Rx (Ivan Vecera) [RHEL-15701]
  - i40e: add xdp_buff to i40e_ring struct (Ivan Vecera) [RHEL-15701]
  - i40e: introduce next_to_process to i40e_ring (Ivan Vecera) [RHEL-15701]
  - i40e: use frame_sz instead of recalculating truesize for building skb (Ivan Vecera) [RHEL-15701]
  - i40e: Change size to truesize when using i40e_rx_buffer_flip() (Ivan Vecera) [RHEL-15701]
  - i40e: add pre-xdp page_count in rx_buffer (Ivan Vecera) [RHEL-15701]
  - i40e: change Rx buffer size for legacy-rx to support XDP multi-buffer (Ivan Vecera) [RHEL-15701]
  - i40e: consolidate maximum frame size calculation for vsi (Ivan Vecera) [RHEL-15701]
  - i40e: check vsi type before setting xdp_features flag (Ivan Vecera) [RHEL-15701]
  - drivers: net: turn on XDP features (Ivan Vecera) [RHEL-15701]
  - i40e: add xdp frags support to ndo_xdp_xmit (Ivan Vecera) [RHEL-15701]
  - dmaengine: idxd: Ensure safe user copy of completion record (Jerry Snitselaar) [RHEL-28511]
  - dmaengine: idxd: Remove shadow Event Log head stored in idxd (Jerry Snitselaar) [RHEL-28511]
  - dmaengine: idxd: Move dma_free_coherent() out of spinlocked context (Jerry Snitselaar) [RHEL-28511]
* Thu Mar 21 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.6.1.el9_4]
  - IB/hfi1: Fix sdma.h tx->num_descs off-by-one error (Daniel Vacek) [RHEL-26063]
  - ASoC: Intel: soc-acpi: rt713+rt1316, no sdw-dmic config (Jaroslav Kysela) [RHEL-26456]
  - hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed (Maxim Levitsky) [RHEL-26435]
  - hv_netvsc: Fix race condition between netvsc_probe and netvsc_remove (Maxim Levitsky) [RHEL-26435]
  - mlxsw: spectrum_acl_tcam: Fix stack corruption (Ivan Vecera) [RHEL-26463 RHEL-26465] {CVE-2024-26586}
* Tue Mar 19 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.5.1.el9_4]
  - i2c: i801: Fix block process call transactions (David Arcari) [RHEL-26479 RHEL-26481] {CVE-2024-26593}
  - sched/membarrier: reduce the ability to hammer on sys_membarrier (Wander Lairson Costa) [RHEL-23428 RHEL-23429] {CVE-2024-26602}
* Fri Mar 15 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.4.1.el9_4]
  - redhat/configs: enable pwr-mlxbf (Nirmala Dalvi) [RHEL-21119]
  - power: reset: pwr-mlxbf: support graceful reboot instead of emergency reset (Nirmala Dalvi) [RHEL-21119]
  - power: reset: use capital "OR" for multiple licenses in SPDX (Nirmala Dalvi) [RHEL-21119]
  - power: reset: pwr-mlxbf: change rst_pwr_hid and low_pwr_hid from global to local variables (Nirmala Dalvi) [RHEL-21119]
  - power: reset: pwr-mlxbf: add missing include (Nirmala Dalvi) [RHEL-21119]
  - power: reset: pwr-mlxbf: add BlueField SoC power control driver (Nirmala Dalvi) [RHEL-21119]
  - redhat/configs: enable pinctrl_mlxbf3 This driver is required to support the pinctrl device on the Bluefield-3 card. (Nirmala Dalvi) [RHEL-21115]
  - pinctrl: mlxbf3: Remove gpio_disable_free() (Nirmala Dalvi) [RHEL-21115]
  - pinctrl: use capital "OR" for multiple licenses in SPDX (Nirmala Dalvi) [RHEL-21115]
  - pinctrl: mlxbf3: set varaiable mlxbf3_pmx_funcs storage-class-specifier to static (Nirmala Dalvi) [RHEL-21115]
  - pinctrl: mlxbf3: Add pinctrl driver support (Nirmala Dalvi) [RHEL-21115]
  - redhat/configs: enable gpio_mlxbf3 (Nirmala Dalvi) [RHEL-21113]
  - gpio: mlxbf3: add an error code check in mlxbf3_gpio_probe (Nirmala Dalvi) [RHEL-21113]
  - gpio: mlxbf3: use capital "OR" for multiple licenses in SPDX (Nirmala Dalvi) [RHEL-21113]
  - gpio: mlxbf3: Support add_pin_ranges() (Nirmala Dalvi) [RHEL-21113]
  - gpio: mlxbf3: Add gpio driver support (Nirmala Dalvi) [RHEL-21113]
  - redhat/configs: enable mlxbf-pmc (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: mlxbf-pmc: Ignore unsupported performance blocks (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: mlxbf-pmc: mlxbf_pmc_event_list(): make size ptr optional (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: mlxbf-pmc: Cleanup signed/unsigned mix-up (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: mlxbf-pmc: Replace uintN_t with kernel-style types (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: mlxbf-pmc: Fix offset calculation for crspace events (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: Check devm_hwmon_device_register_with_groups() return value (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: Add null pointer checks for devm_kasprintf() (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: mlxbf-pmc: Add support for BlueField-3 (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: mlxbf-pmc: Fix reading of unprogrammed events (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: mlxbf-pmc: Fix potential buffer overflows (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: mlxbf-pmc: fix sscanf() error checking (Luiz Capitulino) [RHEL-21122]
  - platform/mellanox: mlxbf-pmc: fix kernel-doc notation (Luiz Capitulino) [RHEL-21122]
  - SUNRPC: Remove stale comments (Jeffrey Layton) [RHEL-22860]
  - NFSD: Remove BUG_ON in nfsd4_process_cb_update() (Jeffrey Layton) [RHEL-22860]
  - NFSD: Replace comment with lockdep assertion (Jeffrey Layton) [RHEL-22860]
  - NFSD: Remove unused @reason argument (Jeffrey Layton) [RHEL-22860]
  - NFSD: Add callback operation lifetime trace points (Jeffrey Layton) [RHEL-22860]
  - NFSD: Rename nfsd_cb_state trace point (Jeffrey Layton) [RHEL-22860]
  - NFSD: Replace dprintks in nfsd4_cb_sequence_done() (Jeffrey Layton) [RHEL-22860]
  - NFSD: Add nfsd_seq4_status trace event (Jeffrey Layton) [RHEL-22860]
  - NFSD: Retransmit callbacks after client reconnects (Jeffrey Layton) [RHEL-22860]
  - NFSD: Reschedule CB operations when backchannel rpc_clnt is shut down (Jeffrey Layton) [RHEL-22860]
  - NFSD: Convert the callback workqueue to use delayed_work (Jeffrey Layton) [RHEL-22860]
  - NFSD: Reset cb_seq_status after NFS4ERR_DELAY (Jeffrey Layton) [RHEL-22860]
  - NFSv4, NFSD: move enum nfs_cb_opnum4 to include/linux/nfs4.h (Jeffrey Layton) [RHEL-22860]
  - tls: fix use-after-free on failed backlog decryption (Sabrina Dubroca) [RHEL-26410 RHEL-26415] {CVE-2024-26584}
  - tls: separate no-async decryption request handling from async (Sabrina Dubroca) [RHEL-26410 RHEL-26415] {CVE-2024-26584}
  - tls: decrement decrypt_pending if no async completion will be called (Sabrina Dubroca) [RHEL-26416 RHEL-26421] {CVE-2024-26583}
  - net: tls: fix use-after-free with partial reads and async decrypt (Sabrina Dubroca) [RHEL-26398 RHEL-26401] {CVE-2024-26582}
  - net: tls: handle backlogging of crypto requests (Sabrina Dubroca) [RHEL-26410 RHEL-26415] {CVE-2024-26584}
  - tls: fix race between tx work scheduling and socket close (Sabrina Dubroca) [RHEL-26361 RHEL-26363] {CVE-2024-26585}
  - tls: fix race between async notify and socket close (Sabrina Dubroca) [RHEL-26416 RHEL-26421] {CVE-2024-26583}
  - net: tls: factor out tls_*crypt_async_wait() (Sabrina Dubroca) [RHEL-26416 RHEL-26421] {CVE-2024-26583}
  - i2c: mlxbf: Use devm_platform_get_and_ioremap_resource() (Luiz Capitulino) [RHEL-21116]
  - I2C: Explicitly include correct DT includes (Luiz Capitulino) [RHEL-21116]
  - i2c: mlxbf: Use dev_err_probe in probe function (Luiz Capitulino) [RHEL-21116]
  - i2c: Convert to platform remove callback returning void (Luiz Capitulino) [RHEL-21116]
  - i2c: mlxbf: depend on ACPI; clean away ifdeffage (Luiz Capitulino) [RHEL-21116]
  - i2c: mlxbf: remove device tree support (Luiz Capitulino) [RHEL-21116]
  - i2c: mlxbf: support BlueField-3 SoC (Luiz Capitulino) [RHEL-21116]
  - i2c: mlxbf: add multi slave functionality (Luiz Capitulino) [RHEL-21116]
  - i2c: mlxbf: support lock mechanism (Luiz Capitulino) [RHEL-21116]
  - i2c: mlxbf: Fix frequency calculation (Luiz Capitulino) [RHEL-21116]
  - i2c: mlxbf: Refactor _UID handling to use acpi_dev_uid_to_integer() (Luiz Capitulino) [RHEL-21116]
  -