Ben Hutchings
ff5ad5a3d1
propagate_one(): mnt_set_mountpoint() needs mount_lock
...
A similar issue to CVE-2020-12114.
2020-06-07 00:46:11 +01:00
Salvatore Bonaccorso
6e26711704
Add fixes for CVE-2019-3016
...
Cherry-pick 11 commits from the 4.19.118 including prerequisited to
adress CVE-2019-3016.
2020-06-06 10:35:47 +02:00
Salvatore Bonaccorso
789f116fbc
mm: Fix mremap not considering huge pmd devmap (CVE-2020-10757)
2020-06-05 12:34:34 +02:00
Salvatore Bonaccorso
50bf5b3b3d
kernel/relay.c: handle alloc_percpu returning NULL in relay_open (CVE-2019-19462)
2020-06-05 12:30:40 +02:00
Salvatore Bonaccorso
7fc7c96d6e
fs/binfmt_elf.c: allocate initialized memory in fill_thread_core_info() (CVE-2020-10732)
2020-06-03 07:42:07 +02:00
Salvatore Bonaccorso
2222852cc1
netlabel: cope with NULL catmap (CVE-2020-10711)
2020-06-02 20:27:49 +02:00
Salvatore Bonaccorso
888eb1f799
USB: gadget: fix illegal array access in binding with UDC (CVE-2020-13143)
2020-05-29 21:35:13 +02:00
Salvatore Bonaccorso
aefd886eef
scsi: sg: add sg_remove_request in sg_write (CVE-2020-12770)
2020-05-29 21:23:18 +02:00
Salvatore Bonaccorso
2fe68e87e7
USB: core: Fix free-while-in-use bug in the USB S-Glibrary (CVE-2020-12464)
2020-05-29 13:49:18 +02:00
Salvatore Bonaccorso
34284455a6
fs/namespace.c: fix mountpoint reference counter race (CVE-2020-12114)
2020-05-28 23:34:11 +02:00
Salvatore Bonaccorso
b3b40efebd
selinux: properly handle multiple messages in selinux_netlink_send() (CVE-2020-10751)
2020-05-28 23:02:50 +02:00
Salvatore Bonaccorso
65ba05e78d
blktrace: fix dereference after null check
2020-04-26 11:28:32 +02:00
Salvatore Bonaccorso
a5acdf855d
blktrace: Protect q->blk_trace with RCU (CVE-2019-19768)
2020-04-26 11:25:38 +02:00
Salvatore Bonaccorso
6fe845e460
net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup (CVE-2020-1749)
2020-04-26 11:20:05 +02:00
Salvatore Bonaccorso
79c0009334
net: ipv6: add net argument to ip6_dst_lookup_flow
2020-04-26 11:14:36 +02:00
Salvatore Bonaccorso
765258c0c8
Update commit message for f2fs patch to include note on backport
...
Gbp-Dch: Ignore
2020-04-26 11:13:27 +02:00
Salvatore Bonaccorso
cfa7bd0b02
f2fs: fix to avoid memory leakage in f2fs_listxattr (CVE-2020-0067)
2020-04-26 11:06:23 +02:00
Salvatore Bonaccorso
1e0b8b17f3
Update to 4.19.118
...
Cleanup debian/changelog file
Refresh "firmware: Remove redundant log messages from drivers" for context changes in 4.19.118
2020-04-23 20:41:14 +02:00
Salvatore Bonaccorso
5a1d3e0c9e
Update to 4.19.112
...
Drop "wimax: i2400: fix memory leak"
Drop "wimax: i2400: Fix memory leak in i2400m_op_rfkill_sw_toggle"
Cleanup debian/changelog file
2020-04-09 21:46:10 +02:00
Salvatore Bonaccorso
c9a94477f2
Drop "tools/lib/api/fs/fs.c: Fix misuse of strncpy()"
2020-03-21 09:18:29 +01:00
Salvatore Bonaccorso
ffc4ceb049
Update to 4.19.102
...
Drop "vfs: fix do_last() regression"
Cleanup debian/changelog file
2020-03-21 09:18:28 +01:00
Salvatore Bonaccorso
f003f0dba9
Update to 4.19.101
...
Cleanup debian/changelog file
Drop "random: try to actively add entropy rather than passively wait for it"
2020-03-21 09:18:28 +01:00
Salvatore Bonaccorso
c2975cd055
Update to 4.19.100
...
Add CVE id reference for CVE-2020-8428
Drop "libertas: Fix two buffer overflows at parsing bss descriptor"
Drop "do_last(): fetch directory ->i_mode and ->i_uid before it's too late"
Cleanup debian/changelog file
2020-03-21 09:18:28 +01:00
Salvatore Bonaccorso
0e1bc339a1
vfs: fix do_last() regression
2020-02-01 21:15:56 +01:00
Salvatore Bonaccorso
ff2a1c5362
do_last(): fetch directory ->i_mode and ->i_uid before it's too late (CVE-2020-8428)
2020-01-29 06:57:18 +01:00
Salvatore Bonaccorso
b712c4f536
Adjust CVE id in patch header for CVE-2019-19051 patch
...
Gbp-Dch: Ignore
2020-01-26 20:59:38 +01:00
Noah Meyerhans
428bd19863
random: try to actively add entropy rather than passively wait for it
...
Cherry pick 50ee7529ec45 from mainline. This addresses a lack of early entropy
in certain environments.
Closes : #948519
2020-01-20 12:44:37 -08:00
Ben Hutchings
56dd5fa07e
Add various security fixes not yet in 4.19-stable
...
All of these are already fixed in jessie, and upgrades shouldn't
regress.
2020-01-20 18:26:58 +00:00
Ben Hutchings
beb8c412e8
Merge branch 'buster-4.19.81' into 'buster'
...
Buster 4.19.81
See merge request kernel-team/linux!183
2019-11-25 01:06:06 +00:00
Ben Hutchings
1b0a012af5
debian/patches: Fix broken Subject fields in the perf script patches
...
The Origin and Bug-Debian fields were inserted in the middle of the
word-wrapped Subject fields in a few patches.
2019-11-24 19:17:51 +00:00
Noah Meyerhans
8c9e9430c2
Refresh remaining patches
2019-11-20 16:24:37 -08:00
Noah Meyerhans
62e5e3199d
Remove obsolete patches
2019-11-20 16:24:37 -08:00
Benjamin Poirier
016066336b
tools/perf: Add python3 support to scripts
2019-11-20 15:04:24 +09:00
Salvatore Bonaccorso
3e9a6acd20
ipv4: Return -ENETUNREACH if we can't create route but saddr is valid
...
Closes : #945023
2019-11-19 08:00:10 +01:00
Salvatore Bonaccorso
530030f117
ixgbe: Fix secpath usage for IPsec TX offload
...
Closes : #930443
2019-10-15 22:57:58 +02:00
Salvatore Bonaccorso
942d6ddd3f
KVM: coalesced_mmio: add bounds checking (CVE-2019-14821)
2019-09-19 17:16:06 +02:00
Salvatore Bonaccorso
78f0b2574a
vhost: make sure log_num < in_num (CVE-2019-14835)
2019-09-13 06:12:11 +02:00
Romain Perier
782d6ea880
ALSA: usb-audio: Fix a stack buffer overflow bug in check_input_term
...
(CVE-2019-15118)
2019-09-12 22:40:43 +02:00
Romain Perier
aa8fb19232
ALSA: usb-audio: Fix an OOB bug in parse_audio_mixer_unit
...
(CVE-2019-15117)
[carnil: Use 4.19.67-2+deb10u1 version for buster-security branch]
2019-09-12 22:40:21 +02:00
Salvatore Bonaccorso
e10bab8d2e
Reference assigned CVE id for CVE-2019-15538
...
Gbp-Dch: Ignore
2019-08-25 17:31:05 +02:00
Salvatore Bonaccorso
a065e442e2
xfs: fix missing ILOCK unlock when xfs_setattr_nonsize fails due to EDQUOT
2019-08-24 20:51:54 +02:00
Ben Hutchings
57f74f6573
netfilter: conntrack: Use consistent ct id hash calculation
...
This fixes a regression in 4.19.44.
2019-08-22 20:04:20 +01:00
Salvatore Bonaccorso
9bf2130b62
dm: disable DISCARD if the underlying storage no longer supports it
...
Closes : #934331
2019-08-21 21:41:04 +02:00
Ben Hutchings
0899b0f554
Update to 4.19.67
...
* Drop patches which have been applied to 4.19-stable
* Drop "Revert "net: stmmac: Send TSO packets always from Queue 0"" in
favour of upstream fix "net: stmmac: Re-work the queue selection for
TSO packets"
* Refresh patches that became fuzzy
2019-08-20 01:51:22 +01:00
Ben Hutchings
64c3754b90
Merge branch 'buster-security' into buster
...
* Accept revert of "[sh4]: Check for kprobe trap number before trying
to handle a kprobe trap" and update debian/changelog accordingly, as
sh4 is not a release architecture
* Keep "[arm64] Improve support for the Huawei TaiShan server platform"
which was reverted on the buster-security branch
2019-08-18 19:29:59 +01:00
Salvatore Bonaccorso
07a6d57831
Add patchset for CVE-2019-1125
2019-08-07 08:34:30 +02:00
Romain Perier
3b76691d24
Bluetooth: hci_uart: check for missing tty operations (CVE-2019-10207)
2019-08-05 18:57:05 +02:00
Romain Perier
ec64cb4c87
floppy: fix div-by-zero in setup_format_params (CVE-2019-14284)
...
This retrieves the patch from the linux-4.19.y branch and refreshes the
previous one "floppy: fix out-of-bounds read in copy_buffer", because
this is firstly "floppy: fix div-by-zero in setup_format_params" that is
applied upstream, then the one regarding out-of-bounds read in copy_buffer.
The one for CVE-2019-14283 was previously refreshed because it was not
applicable directly. Now both patches are synchronized with upstream and
applied in the same order.
2019-08-05 17:56:29 +02:00
Romain Perier
24c58d8c20
inet: switch IP ID generator to siphash (CVE-2019-10638)
2019-07-30 11:20:38 +02:00
Romain Perier
4962cdb584
floppy: fix out-of-bounds read in copy_buffer (CVE-2019-14283)
2019-07-30 11:14:00 +02:00