| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 28 Dec 2017 16:59:08 +0000
From: Ben Hutchings <ben@...adent.org.uk>
To: linux-kernel@...r.kernel.org, stable@...r.kernel.org
CC: torvalds@...ux-foundation.org, Guenter Roeck <linux@...ck-us.net>,
akpm@...ux-foundation.org
Subject: [PATCH 3.2 00/94] 3.2.97-rc1 review
This is the start of the stable review cycle for the 3.2.97 release.
There are 94 patches in this series, which will be posted as responses
to this one. If anyone has any issues with these being applied, please
let me know.
Responses should be made by Mon Jan 1 17:00:00 UTC 2018.
Anything received after that time might be too late.
All the patches have also been committed to the linux-3.2.y-rc branch of
https://git.kernel.org/pub/scm/linux/kernel/git/bwh/linux-stable-rc.git .
A shortlog and diffstat can be found below.
Ben.
-------------
Al Viro (3):
Bluetooth: bnep: bnep_add_connection() should verify that it's dealing with l2cap socket
[71bb99a02b32b4cc4265118e85f6035ca72923f0]
Bluetooth: cmtp: cmtp_add_connection() should verify that it's dealing with l2cap socket
[96c26653ce65bf84f3212f8b00d4316c1efcbf4c]
more bio_map_user_iov() leak fixes
[2b04e8f6bbb196cab4b232af0f8d48ff2c7a8058]
Alan Stern (8):
USB: core: prevent malicious bNumInterfaces overflow
[48a4ff1c7bb5a32d2e396b03132d20d552c0eca7]
USB: dummy-hcd: Fix deadlock caused by disconnect detection
[ab219221a5064abfff9f78c323c4a257b16cdb81]
USB: dummy-hcd: Fix erroneous synchronization change
[7dbd8f4cabd96db5a50513de9d83a8105a5ffc81]
USB: dummy-hcd: fix infinite-loop resubmission bug
[0173a68bfb0ad1c72a6ee39cc485aa2c97540b98]
USB: gadgetfs, dummy-hcd, net2280: fix locking for callbacks
[f16443a034c7aa359ddf6f0f9bc40d01ca31faea]
USB: gadgetfs: Fix crash caused by inadequate synchronization
[520b72fc64debf8a86c3853b8e486aa5982188f0]
USB: gadgetfs: fix copy_to_user while holding spinlock
[6e76c01e71551cb221c1f3deacb9dcd9a7346784]
usb-storage: unusual_devs entry to fix write-access regression for Seagate external drives
[113f6eb6d50cfa5e2a1cdcf1678b12661fa272ab]
Andreas Engel (1):
USB: serial: cp210x: add support for ELV TFD500
[c496ad835c31ad639b6865714270b3003df031f6]
Andreas Gruenbacher (1):
vfs: Return -ENXIO for negative SEEK_HOLE / SEEK_DATA offsets
[fc46820b27a2d9a46f7e90c9ceb4a64a1bc5fab8]
Andrew Honig (1):
KVM: VMX: remove I/O port 0x80 bypass on Intel hosts
[d59d51f088014f25c2562de59b9abff4f42a7468]
Andrey Konovalov (2):
uwb: ensure that endpoint is interrupt
[70e743e4cec3733dc13559f6184b35d358b9ef3f]
uwb: properly check kthread_run return value
[bbf26183b7a6236ba602f4d6a2f7cade35bba043]
Ashish Samant (1):
ocfs2: fstrim: Fix start offset of first cluster group during fstrim
[105ddc93f06ebe3e553f58563d11ed63dbcd59f0]
Baruch Siach (1):
spi: uapi: spidev: add missing ioctl header
[a2b4a79b88b24c49d98d45a06a014ffd22ada1a4]
Ben Hutchings (2):
ipsec: Fix aborted xfrm policy dump crash
[1137b5e2529a8f5ca8ee709288ecba3e68044df2]
security: Fix mode test in selinux_ptrace_access_check()
[69f594a38967f4540ce7a29b3fd214e68a8330bd]
Bin Liu (1):
usb: gadget: fix spinlock dead lock in gadgetfs
[d246dcb2331c5783743720e6510892eb1d2801d9]
Boqun Feng (2):
kvm/x86: Avoid async PF preempting the kernel incorrectly
[a2b7861bb33b2538420bb5d8554153484d3f961f]
kvm/x86: Handle async PF in RCU read-side critical sections
[b862789aa5186d5ea3a024b7cfe0f80c3a38b980]
Borislav Petkov (1):
x86/oprofile/ppro: Do not use __this_cpu*() in preemptible context
[a743bbeef27b9176987ec0cb7f906ab0ab52d1da]
Casey Schaufler (1):
lsm: fix smack_inode_removexattr and xattr_getsecurity memleak
[57e7ba04d422c3d41c8426380303ec9b7533ded9]
Colin Ian King (1):
staging: iio: ade7759: fix signed extension bug on shift of a u8
[13ffe9a26df4e156363579b25c904dd0b1e31bfb]
Craig Gallek (1):
tun/tap: sanitize TUNSETSNDBUF input
[93161922c658c714715686cd0cf69b090cb9bf1d]
Dan Carpenter (1):
tile: array underflow in setup_maxnodemem()
[637f23abca87d26e091e0d6647ec878d97d2c6cd]
David Herrmann (1):
Bluetooth: hidp: verify l2cap sockets
[b3916db32c4a3124eee9f3742a2f4723731d7602]
Dmitry Fleytman (1):
usb: Increase quirk delay for USB devices
[b2a542bbb3081dbd64acc8929c140d196664c406]
Dmitry Torokhov (1):
Input: uinput - avoid FF flush when destroying device
[e8b95728f724797f958912fd9b765a695595d3a6]
Eric Biggers (13):
FS-Cache: fix dereference of NULL user_key_payload
[d124b2c53c7bee6569d2a2d0b18b4a1afde00134]
KEYS: add missing permission check for request_key() destination
[4dca6ea1d9432052afb06baf2e3ae78188a4410b]
KEYS: don't revoke uninstantiated key in request_key_auth_new()
[f7b48cf08fa63a68b59c2894806ee478216d7f91]
KEYS: encrypted: fix dereference of NULL user_key_payload
[13923d0865ca96312197962522e88bc0aedccd74]
KEYS: fix cred refcount leak in request_key_auth_new()
[44d8143340a99b167c74365e844516b73523c087]
KEYS: fix key refcount leak in keyctl_assume_authority()
[884bee0215fcc239b30c062c37ca29077005e064]
KEYS: fix key refcount leak in keyctl_read_key()
[7fc0786d956d9e59b68d282be9b156179846ea3d]
KEYS: prevent creating a different user's keyrings
[237bbd29f7a049d310d907f4b2716a7feef9abf3]
KEYS: trusted: fix writing past end of buffer in trusted_read()
[a3c812f7cfd80cf51e8f5b7034f7418f6beb56c1]
KEYS: trusted: sanitize all key material
[ee618b4619b72527aaed765f0f0b74072b281159]
crypto: hmac - require that the underlying hash algorithm is unkeyed
[af3ff8045bbf3e32f1a448542e73abb4c8ceb6f1]
crypto: salsa20 - fix blkcipher_walk API usage
[ecaaab5649781c5a0effdaf298a925063020500e]
ecryptfs: fix dereference of NULL user_key_payload
[f66665c09ab489a11ca490d6a82df57cfc1bea3e]
Eric Dumazet (1):
tcp: fix tcp_mtu_probe() vs highest_sack
[2b7cda9c35d3b940eb9ce74b30bbd5eb30db493d]
Ethan Zhao (1):
sched/sysctl: Check user input value of sysctl_sched_time_avg
[5ccba44ba118a5000cccc50076b0344632459779]
Felipe Balbi (1):
usb: quirks: add quirk for WORLDE MINI MIDI keyboard
[2811501e6d8f5747d08f8e25b9ecf472d0dc4c7d]
Geert Uytterhoeven (2):
sh: sh7722: remove nonexistent GPIO_PTQ7 to fix pinctrl registration
[b78412b8300a8453b78d2c1b0b925b66493bb011]
sh: sh7757: remove nonexistent GPIO_PT[JLNQ]7_RESV to fix pinctrl registration
[d8ce38f69843a56da044e56b6c16aecfbc3c6e39]
Gerald Schaefer (1):
s390/mm: fix write access check in gup_huge_pmd()
[ba385c0594e723d41790ecfb12c610e6f90c7785]
Gleb Natapov (1):
KVM: Do not take reference to mm during async #PF
[62c49cc976af84cb0ffcb5ec07ee88da1a94e222]
Guillaume Nault (6):
l2tp: check ps->sock before running pppol2tp_session_ioctl()
[5903f594935a3841137c86b9d5b75143a5b7121c]
l2tp: don't use l2tp_tunnel_find() in l2tp_ip and l2tp_ip6
[8f7dc9ae4a7aece9fbc3e6637bdfa38b36bcdf09]
l2tp: fix l2tp_eth module loading
[9f775ead5e570e7e19015b9e4e2f3dd6e71a5935]
l2tp: hold socket before dropping lock in l2tp_ip{, 6}_recv()
[a3c18422a4b4e108bcf6a2328f48867e1003fd95]
l2tp: hold tunnel in pppol2tp_connect()
[f9e56baf03f9d36043a78f16e3e8b2cfd211e09e]
l2tp: hold tunnel socket when handling control frames in l2tp_ip and l2tp_ip6
[94d7ee0baa8b764cf64ad91ed69464c1a6a0066b]
Haozhong Zhang (1):
KVM: nVMX: fix guest CR4 loading when emulating L2 to L1 exit
[8eb3f87d903168bdbd1222776a6b1e281f50513e]
Henryk Heisig (1):
USB: serial: option: add support for TP-Link LTE module
[837ddc4793a69b256ac5e781a5e729b448a8d983]
Herbert Xu (1):
crypto: shash - Fix zero-length shash ahash digest crash
[b61907bb42409adf9b3120f741af7c57dd7e3db2]
Jean Delvare (1):
kernel/params.c: align add_sysfs_param documentation with code
[630cc2b30a42c70628368a412beb4a5e5dd71abe]
Jeffrey Chu (1):
USB: serial: ftdi_sio: add id for Cypress WICED dev board
[a6c215e21b0dc5fe9416dce90f9acc2ea53c4502]
Jim Dickerson (1):
usb: pci-quirks.c: Corrected timeout values used in handshake
[114ec3a6f9096d211a4aff4277793ba969a62c73]
Joerg Roedel (1):
iommu/amd: Finish TLB flush in amd_iommu_unmap()
[ce76353f169a6471542d999baf3d29b121dce9c0]
Johannes Thumshirn (1):
scsi: libiscsi: fix shifting of DID_REQUEUE host byte
[eef9ffdf9cd39b2986367bc8395e2772bc1284ba]
Kazuya Mizuguchi (1):
usb: renesas_usbhs: Fix DMAC sequence for receiving zero-length packet
[29c7f3e68eec4ae94d85ad7b5dfdafdb8089f513]
Konstantin Khlebnikov (1):
Smack: remove unneeded NULL-termination from securtity label
[da1b63566c469bf3e2b24182114422e16b1aa34c]
LEROY Christophe (1):
crypto: talitos - fix sha224
[afd62fa26343be6445479e75de9f07092a061459]
Maksim Salau (1):
usb: cdc_acm: Add quirk for Elatec TWN3
[765fb2f181cad669f2beb87842a05d8071f2be85]
Mark Rutland (1):
ARM: 8720/1: ensure dump_instr() checks addr_limit
[b9dd05c7002ee0ca8b676428b2268c26399b5e31]
Martin K. Petersen (1):
scsi: sd: Implement blacklist option for WRITE SAME w/ UNMAP
[28a0bc4120d38a394499382ba21d6965a67a3703]
Mathias Nyman (1):
xhci: fix finding correct bus_state structure for USB 3.1 hosts
[5a838a13c9b4e5dd188b7a6eaeb894e9358ead0c]
Michael S. Tsirkin (1):
macvtap: fix TUNSETSNDBUF values > 64k
[3ea79249e81e5ed051f2e6480cbde896d99046e8]
Mohamed Ghannam (1):
dccp: CVE-2017-8824: use-after-free in DCCP code
[69c64866ce072dea1d1e59a0d61e0f66c0dffb76]
Nicolas Dichtel (1):
net: enable interface alias removal via rtnl
[2459b4c635858094df78abb9ca87d99f89fe8ca5]
Oleg Nesterov (1):
ptrace: change __ptrace_unlink() to clear ->ptrace under ->siglock
[1333ab03150478df8d6f5673a91df1e50dc6ab97]
Oswald Buddenhagen (1):
MIPS: AR7: Ensure that serial ports are properly set up
[b084116f8587b222a2c5ef6dcd846f40f24b9420]
Stefan Mätje (1):
can: esd_usb2: Fix can_dlc value for received RTR, frames
[72d92e865d1560723e1957ee3f393688c49ca5bf]
Stefano Brivio (1):
scsi: lpfc: Don't return internal MBXERR_ERROR code from probe function
[5c756065e47dc3e84b00577bd109f0a8e69903d7]
Steffen Maier (1):
scsi: zfcp: fix erp_action use-before-initialize in REC action trace
[ab31fd0ce65ec93828b617123792c1bb7c6dcc42]
Takashi Iwai (9):
ALSA: caiaq: Fix stray URB at probe error path
[99fee508245825765ff60155fed43f970ff83a8f]
ALSA: seq: Avoid invalid lockdep class warning
[3510c7aa069aa83a2de6dab2b41401a198317bdc]
ALSA: seq: Fix OSS sysex delivery in OSS emulation
[132d358b183ac6ad8b3fea32ad5e0663456d18d1]
ALSA: seq: Fix copy_from_user() call inside lock
[5803b023881857db32ffefa0d269c90280a67ee0]
ALSA: seq: Fix nested rwsem annotation for lockdep splat
[1f20f9ff57ca23b9f5502fca85ce3977e8496cb1]
ALSA: timer: Add missing mutex lock for compat ioctls
[79fb0518fec8c8b4ea7f1729f54f293724b3dbb0]
ALSA: timer: Limit max instances per timer
[9b7d869ee5a77ed4a462372bb89af622e705bfb8]
ALSA: timer: Protect the whole snd_timer_close() with open race
[9984d1b5835ca29fc7025186a891ee7398d21cc7]
ALSA: usx2y: Suppress kernel warning at page allocation failures
[7682e399485fe19622b6fd82510b1f4551e48a25]
Wanpeng Li (1):
KVM: Fix stack-out-of-bounds read in write_mmio
[e39d200fa5bf5b94a0948db0dae44c1b73b84a56]
Willem de Bruijn (1):
packet: only test po->has_vnet_hdr once in packet_snd
[da7c9561015e93d10fe6aab73e9288e0d09d65a6]
Xin Long (1):
sctp: fix a type cast warnings that causes a_rwnd gets the wrong value
[f6fc6bc0b8e0bb13a210bd7386ffdcb1a5f30ef1]
Yoshihiro Shimoda (2):
usb: renesas_usbhs: fix the BCLR setting condition for non-DCP pipe
[6124607acc88fffeaadf3aacfeb3cc1304c87387]
usb: renesas_usbhs: fix usbhsf_fifo_clear() for RX direction
[0a2ce62b61f2c76d0213edf4e37aaf54a8ddf295]
Makefile | 4 +-
arch/arm/kernel/traps.c | 28 ++++++---
arch/mips/ar7/platform.c | 1 +
arch/s390/mm/gup.c | 7 +--
arch/sh/include/cpu-sh4/cpu/sh7722.h | 2 +-
arch/sh/include/cpu-sh4/cpu/sh7757.h | 8 +--
arch/tile/kernel/setup.c | 3 +-
arch/x86/crypto/salsa20_glue.c | 7 ---
arch/x86/include/asm/kvm_para.h | 4 +-
arch/x86/kernel/kvm.c | 22 +++----
arch/x86/kvm/svm.c | 2 +-
arch/x86/kvm/vmx.c | 7 +--
arch/x86/kvm/x86.c | 8 +--
arch/x86/oprofile/op_model_ppro.c | 4 +-
crypto/hmac.c | 6 +-
crypto/salsa20_generic.c | 7 ---
crypto/shash.c | 13 ++--
drivers/crypto/talitos.c | 4 +-
drivers/input/ff-core.c | 13 +++-
drivers/input/misc/uinput.c | 18 ++++++
drivers/iommu/amd_iommu.c | 1 +
drivers/net/can/usb/esd_usb2.c | 2 +-
drivers/net/macvtap.c | 6 +-
drivers/net/tun.c | 4 ++
drivers/s390/scsi/zfcp_aux.c | 5 ++
drivers/s390/scsi/zfcp_erp.c | 18 +++---
drivers/s390/scsi/zfcp_scsi.c | 5 ++
drivers/scsi/libiscsi.c | 2 +-
drivers/scsi/lpfc/lpfc_init.c | 1 +
drivers/scsi/scsi_scan.c | 3 +
drivers/scsi/sd.c | 14 ++++-
drivers/staging/iio/meter/ade7759.c | 2 +-
drivers/usb/class/cdc-acm.c | 3 +
drivers/usb/core/config.c | 6 +-
drivers/usb/core/hub.c | 2 +-
drivers/usb/core/quirks.c | 4 ++
drivers/usb/gadget/dummy_hcd.c | 56 +++++++++++++----
drivers/usb/gadget/inode.c | 72 ++++++++++++++++-----
drivers/usb/host/pci-quirks.c | 8 +--
drivers/usb/host/xhci.h | 2 +-
drivers/usb/renesas_usbhs/fifo.c | 23 +++++--
drivers/usb/serial/cp210x.c | 1 +
drivers/usb/serial/ftdi_sio.c | 2 +
drivers/usb/serial/ftdi_sio_ids.h | 7 +++
drivers/usb/serial/option.c | 2 +
drivers/usb/storage/unusual_devs.h | 7 +++
drivers/uwb/hwa-rc.c | 2 +
drivers/uwb/uwbd.c | 12 ++--
fs/bio.c | 14 +++--
fs/ecryptfs/ecryptfs_kernel.h | 25 +++++---
fs/ecryptfs/keystore.c | 9 ++-
fs/fscache/object-list.c | 7 +++
fs/ocfs2/alloc.c | 24 +++++--
fs/read_write.c | 4 +-
fs/xattr.c | 2 +-
include/crypto/internal/hash.h | 8 +++
include/linux/input.h | 1 +
include/linux/key.h | 2 +
include/linux/spi/spidev.h | 1 +
include/net/bluetooth/l2cap.h | 1 +
include/net/tcp.h | 6 +-
include/scsi/scsi_device.h | 1 +
include/scsi/scsi_devinfo.h | 1 +
include/sound/seq_kernel.h | 3 +-
include/sound/seq_virmidi.h | 1 +
include/sound/timer.h | 2 +
include/trace/events/kvm.h | 7 ++-
kernel/params.c | 2 +-
kernel/ptrace.c | 3 +-
kernel/sysctl.c | 3 +-
net/bluetooth/bnep/core.c | 3 +
net/bluetooth/cmtp/core.c | 3 +
net/bluetooth/hidp/core.c | 2 +
net/bluetooth/l2cap_sock.c | 6 ++
net/core/rtnetlink.c | 5 +-
net/dccp/proto.c | 5 ++
net/ipv4/tcp_output.c | 3 +-
net/l2tp/l2tp_eth.c | 51 +--------------
net/l2tp/l2tp_ip.c | 20 +++---
net/l2tp/l2tp_ppp.c | 10 ++-
net/packet/af_packet.c | 4 +-
net/sctp/sm_sideeffect.c | 4 +-
net/xfrm/xfrm_user.c | 3 +-
security/keys/encrypted-keys/encrypted.c | 7 +++
security/keys/internal.h | 2 +-
security/keys/key.c | 2 +
security/keys/keyctl.c | 8 +--
security/keys/keyring.c | 23 ++++---
security/keys/process_keys.c | 9 ++-
security/keys/request_key.c | 46 +++++++++++---
security/keys/request_key_auth.c | 69 ++++++++++-----------
security/keys/trusted.c | 71 ++++++++++-----------
security/selinux/hooks.c | 2 +-
security/smack/smack_lsm.c | 57 ++++++++---------
sound/core/hrtimer.c | 1 +
sound/core/seq/oss/seq_oss_midi.c | 4 +-
sound/core/seq/oss/seq_oss_readq.c | 29 +++++++++
sound/core/seq/oss/seq_oss_readq.h | 2 +
sound/core/seq/seq_clientmgr.c | 2 +-
sound/core/seq/seq_virmidi.c | 27 +++++---
sound/core/timer.c | 103 +++++++++++++++++++++----------
sound/core/timer_compat.c | 17 ++++-
sound/usb/caiaq/device.c | 12 +++-
sound/usb/usx2y/usb_stream.c | 6 +-
104 files changed, 769 insertions(+), 416 deletions(-)
--
Ben Hutchings
The two most common things in the universe are hydrogen and stupidity.
Powered by blists - more mailing lists