[5.4.17-2136.330.7.1.el7uek] - KVM: x86: Add BHI_NO [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Mitigate KVM by default [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Add BHI mitigation knob [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Enumerate Branch History Injection bug [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Define SPEC_CTRL_BHI_DIS_S [Orabug: 36384803] {CVE-2024-2201} - x86/bhi: Add support for clearing branch history at syscall entry [Orabug: 36384803] {CVE-2024-2201} - x86/cpufeature: Add missing leaf enumeration [Orabug: 36384803] {CVE-2024-2201} - KVM: x86: Use a switch statement and macros in __feature_translate [Orabug: 36384803] {CVE-2024-2201} - KVM: x86: Advertise CPUID.:EDX[5:0] to userspace [Orabug: 36384803] {CVE-2024-2201} - KVM: x86: Update KVM-only leaf handling to allow for 100% KVM-only leafs [Orabug: 36384803] {CVE-2024-2201} - x86/bugs: Use sysfs_emit [Orabug: 36384803] {CVE-2024-2201} - Documentation/hw-vuln: Update spectre doc [Orabug: 36384803] {CVE-2024-2201} - x86/speculation: Reorder SRSO and GDS functions [Orabug: 36384803] {CVE-2024-2201} - KVM: x86: Mask off unsupported and unknown bits of IA32_ARCH_CAPABILITIES [Orabug: 36384803] {CVE-2024-2201} - KVM: x86: Move reverse CPUID helpers to separate header file [Orabug: 36384803] {CVE-2024-2201} - KVM: x86: Fix implicit enum conversion goof in scattered reverse CPUID code [Orabug: 36384803] {CVE-2024-2201} - KVM: x86: Add support for reverse CPUID lookup of scattered features [Orabug: 36384803] {CVE-2024-2201} - x86/msr: Define new bits in TSX_FORCE_ABORT MSR [Orabug: 36384803] {CVE-2024-2201} - objtool: Add asm version of STACK_FRAME_NON_STANDARD [Orabug: 36384803] {CVE-2024-2201} - objtool: Only include valid definitions depending on source file type [Orabug: 36384803] {CVE-2024-2201} [5.4.17-2136.330.7.el7uek] - Revert quot;x86/mm/ident_map: Use gbpages only where full GB page should be mapped.quot; [Orabug: 36409910] - arm64: dts: qcom: sdm845: fix USB DP/DM HS PHY interrupts - arm64: dts: qcom: add PDC interrupt controller for SDM845 - hv_netvsc: Register VF in netvsc_probe if NET_DEVICE_REGISTER missed - hv_netvsc: use netif_is_bond_master instead of open code - netfilter: nft_ct: fix l3num expectations with inet pseudo family [5.4.17-2136.330.6.el7uek] - eVM: x86: Drop kvm SRCU lock in kvm_vcpu_update_apicv [Orabug: 36329600] - KVM: x86: Handle APICv updates for APIC quot;modequot; changes via request [Orabug: 36329600] - blk-mq: fix system hang while doing cpu offline on domU [Orabug: 36366420] [5.4.17-2136.330.5.el7uek] - afs: Fix endless loop in directory parsing - netfilter: nf_tables: allow NFPROTO_INET in nft__validate - netfilter: nf_tables: set dormant flag on hook register failure - scsi: megaraid_sas: Correct value passed to scsi_device_lookup [Orabug: 36345168] [5.4.17-2136.330.4.el7uek] - Revert quot;crypto: api - Disallow identical driver namesquot; [Orabug: 36361379] - Fix null ptr in rds_tcp_recv_path [Orabug: 35587415] - net/rds: print PPID/COMM of process doing user reset on RDS connection [Orabug: 36248461] [5.4.17-2136.330.3.el7uek] - uek: kabi: Add two new exported kABI symbols for ACFS and EDV [Orabug: 36251861] - mm: avoid conflict between MADV_DOEXEC and upstream advice values [Orabug: 36334309] [5.4.17-2136.330.2.el7uek] - LTS tag: v5.4.269 - bpf: Add map and need_defer parameters to .map_fd_put_ptr - of: gpio unittest kfree wrong object - of: unittest: fix EXPECT text for gpio hog errors - net: bcmgenet: Fix EEE implementation - Revert quot;Revert quot;mtd: rawnand: gpmi: Fix setting busy timeout settingquot;quot; - netfilter: nf_tables: fix pointer math issue in nft_byteorder_eval [Orabug: 36229438] {CVE-2024-0607} - lsm: new security_file_ioctl_compat hook - drm/msm/dsi: Enable runtime PM - PM: runtime: Have devm_pm_runtime_enable handle pm_runtime_dont_use_autosuspend - PM: runtime: add devm_pm_runtime_enable helper - nilfs2: fix potential bug in end_buffer_async_write - sched/membarrier: reduce the ability to hammer on sys_membarrier - net: prevent mss overflow in skb_segment - netfilter: ipset: Missing gc cancellations fixed - netfilter: ipset: fix performance regression in swap operation - KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache - mips: Fix max_mapnr being uninitialized on early stages - arch, mm: remove stale mentions of DISCONIGMEM - bus: moxtet: Add spi device table - tracing: Inform kmemleak of saved_cmdlines allocation - pmdomain: core: Move the unused cleanup to a _sync initcall - can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt - irqchip/irq-brcmstb-l2: Add write memory barrier before exit - nfp: flower: prevent re-adding mac index for bonded port - nfp: use correct macro for LengthSelect in BAR config - nilfs2: fix hang in nilfs_lookup_dirty_data_buffers - nilfs2: fix data corruption in dsync block recovery for small block sizes - ALSA: hda/conexant: Add quirk for SWS JS201D - mmc: slot-gpio: Allow non-sleeping GPIO ro - x86/mm/ident_map: Use gbpages only where full GB page should be mapped. - x86/Kconfig: Transmeta Crusoe is CPU family 5, not 6 - serial: max310x: improve crystal stable clock detection - serial: max310x: set default value when reading clock ready bit - ring-buffer: Clean ring_buffer_poll_wait error return - iio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC - staging: iio: ad5933: fix type mismatch regression - tracing: Fix wasted memory in saved_cmdlines logic - ext4: fix double-free of blocks due to wrong extents moved_len - misc: fastrpc: Mark all sessions as invalid in cb_remove - binder: signal epoll threads of self-work - ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL - xen-netback: properly sync TX responses - nfc: nci: free rx_data_reassembly skb on NCI device cleanup - kbuild: Fix changing ELF file type for output of gen_btf for big endian - firewire: core: correct documentation of fw_csr_string kernel API - scsi: Revert quot;scsi: fcoe: Fix potential deadlock on amp;fip-gt;ctlr_lockquot; - i2c: i801: Fix block process call transactions - i2c: i801: Remove i801_set_block_buffer_mode - usb: f_mass_storage: forbid async queue when shutdown happen - USB: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT - HID: wacom: Do not register input devices until after hid_hw_start - HID: wacom: generic: Avoid reporting a serial of "0" to userspace - mm/writeback: fix possible divide-by-zero in wb_dirty_limits, again - tracing/trigger: Fix to return error if failed to alloc snapshot - i40e: Fix waiting for queues of all VSIs to be disabled - MIPS: Add "memory" clobber to csum_ipv6_magic inline assembler - ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work - spi: ppc4xx: Drop write-only variable - of: unittest: Fix compile in the non-dynamic case - of: unittest: add overlay gpio test to catch gpio hog problem - btrfs: send: return EOPNOTSUPP on unknown flags - btrfs: forbid deleting live subvol qgroup - btrfs: forbid creating subvol qgroups - netfilter: nft_set_rbtree: skip end interval element from gc - net: stmmac: xgmac: fix a typo of register name in DPP safety handling - net: stmmac: xgmac: use #define for string constants - vhost: use kzalloc instead of kmalloc followed by memset [Orabug: 36192400] {CVE-2024-0340} - Input: atkbd - skip ATKBD_CMD_SETLEDS when skipping ATKBD_CMD_GETID - USB: serial: cp210x: add ID for IMST iM871A-USB - USB: serial: option: add Fibocom FM101-GL variant - USB: serial: qcserial: add new usb-id for Dell Wireless DW5826e - net/af_iucv: clean up a try_then_request_module - netfilter: nft_ct: reject direction for ct id - netfilter: nft_compat: restrict match/target protocol to u16 - netfilter: nft_compat: reject unused compat flag - ppp_async: limit MRU to 64K - tipc: Check the bearer type before calling tipc_udp_nl_bearer_add - rxrpc: Fix response to PING RESPONSE ACKs to a dead call - inet: read sk-gt;sk_family once in inet_recv_error - hwmon: Fix bogus core_id to attr name mapping - hwmon: Fix out-of-bounds memory access - hwmon: mutex for tach reading - atm: idt77252: fix a memleak in open_card_ubr0 - selftests: net: avoid just another constant wait - net: stmmac: xgmac: fix handling of DPP safety error for DMA channels - phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP - dmaengine: fix is_slave_direction return false when DMA_DEV_TO_DEV - phy: renesas: rcar-gen3-usb2: Fix returning wrong error code - dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA - dmaengine: fsl-qdma: Fix a memory leak related to the status queue DMA - bonding: remove print in bond_verify_device_path - HID: apple: Add 2021 magic keyboard FN key mapping - HID: apple: Swap the Fn and Left Control keys on Apple keyboards - HID: apple: Add support for the 2021 Magic Keyboard path - af_unix: fix lockdep positive in sk_diag_dump_icons - net: ipv4: fix a memleak in ip_setup_cork - netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations - netfilter: nf_log: replace BUG_ON by WARN_ON_ONCE when putting logger - llc: call sock_orphan at release time - ipv6: Ensure natural alignment of const ipv6 loopback and router addresses - ixgbe: Fix an error handling path in ixgbe_read_iosf_sb_reg_x550 - ixgbe: Refactor overtemp event handling - ixgbe: Refactor returning internal error codes - ixgbe: Remove non-inclusive language - net: remove unneeded break - scsi: isci: Fix an error code problem in isci_io_request_build - wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update - perf: Fix the nr_addr_filters fix - drm/amdgpu: Release "adev-gt;pm.fw" before return in "amdgpu_device_need_post" - ceph: fix deadlock or deadcode of misusing dget - blk-mq: fix IO hang from sbitmap wakeup race - virtio_net: Fix quot;#8216;%d#8217; directive writing between 1 and 11 bytes into a region of size 10quot; warnings - libsubcmd: Fix memory leak in uniq - PCI/AER: Decode Requester ID when no error info found - fs/kernfs/dir: obey S_ISGID - usb: hub: Replace hardcoded quirk value with BIT macro - PCI: switchtec: Fix stdev_release crash after surprise hot remove - PCI: Only override AMD USB controller if required - mfd: ti_am335x_tscadc: Fix TI SoC dependencies - i3c: master: cdns: Update maximum prescaler value for i2c clock - um: net: Fix return type of uml_net_start_xmit - um: Don"t use vfprintf for os_info - um: Fix naming clash between UML and scheduler - leds: trigger: panic: Don"t register panic notifier if creating the trigger failed - drm/amdgpu: Drop "fence" check in "to_amdgpu_amdkfd_fence" - drm/amdgpu: Let KFD sync with VM fences - clk: mmp: pxa168: Fix memory leak in pxa168_clk_init - clk: hi3620: Fix memory leak in hi3620_mmc_clk_init - drm/msm/dpu: Ratelimit framedone timeout msgs - media: ddbridge: fix an error code problem in ddb_probe - IB/ipoib: Fix mcast list locking - drm/exynos: Call drm_atomic_helper_shutdown at shutdown/unbind time - ALSA: hda: Intel: add HDA_ARL PCI ID support - PCI: add INTEL_HDA_ARL to pci_ids.h - media: rockchip: rga: fix swizzling for RGB formats - media: stk1160: Fixed high volume of stk1160_dbg messages - drm/mipi-dsi: Fix detach call without attach - drm/framebuffer: Fix use of uninitialized variable - drm/drm_file: fix use of uninitialized variable - RDMA/IPoIB: Fix error code return in ipoib_mcast_join - fast_dput: handle underflows gracefully - ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument - f2fs: fix to check return value of f2fs_reserve_new_block - wifi: cfg80211: free beacon_ies when overridden from hidden BSS - wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift - wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices - arm64: dts: qcom: msm8998: Fix "out-ports" is a required property - arm64: dts: qcom: msm8996: Fix "in-ports" is a required property - md: Whenassemble the array, consult the superblock of the freshest device - block: prevent an integer overflow in bvec_try_merge_hw_page - ARM: dts: imx23/28: Fix the DMA controller node name - ARM: dts: imx23-sansa: Use preferred i2c-gpios properties - ARM: dts: imx27-apf27dev: Fix LED name - ARM: dts: imx25/27: Pass timing0 - ARM: dts: imx1: Fix sram node - ARM: dts: imx27: Fix sram node - ARM: dts: imx: Use flash at 0 ,0 pattern - ARM: dts: imx25/27-eukrea: Fix RTC node name - ARM: dts: rockchip: fix rk3036 hdmi ports node - scsi: libfc: Fix up timeout error in fc_fcp_rec_error - scsi: libfc: Don"t schedule abort twice - wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus - ARM: dts: imx7s: Fix nand-controller #size-cells - ARM: dts: imx7s: Fix lcdif compatible - ARM: dts: imx7d: Fix coresight funnel ports - bonding: return -ENOMEM instead of BUG in alb_upper_dev_walk - PCI: Add no PM reset quirk for NVIDIA Spectrum devices - scsi: lpfc: Fix possible file string name overflow when updating firmware - selftests/bpf: Fix pyperf180 compilation failure with clang18 - selftests/bpf: satisfy compiler by having explicit return in btf test - wifi: rt2x00: restart beacon queue when hardware reset - ext4: avoid online resizing failures due to oversized flex bg - ext4: remove unnecessary check from alloc_flex_gd - ext4: unify the type of flexbg_size to unsigned int - ext4: fix inconsistent between segment fstrim and full fstrim - ecryptfs: Reject casefold directory inodes - SUNRPC: Fix a suspicious RCU usage warning - KVM: s390: fix setting of fpc register - s390/ptrace: handle setting of fpc register correctly - jfs: fix array-index-out-of-bounds in diNewExt - rxrpc_find_service_conn_rcu: fix the usage of read_seqbegin_or_lock - afs: fix the usage of read_seqbegin_or_lock in afs_find_server* - crypto: stm32/crc32 - fix parsing list of devices - pstore/ram: Fix crash when setting number of cpus to an odd number - jfs: fix uaf in jfs_evict_inode - jfs: fix array-index-out-of-bounds in dbAdjTree - jfs: fix slab-out-of-bounds Read in dtSearch - UBSAN: array-index-out-of-bounds in dtSplitRoot - FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree - ACPI: extlog: fix NULL pointer dereference check - PNP: ACPI: fix fortify warning - ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop - audit: Send netlink ACK before setting connection in auditd_set - regulator: core: Only increment use_count when enable_count changes - perf/core: Fix narrow startup race when creating the perf nr_addr_filters sysfs file - x86/mce: Mark fatal MCE"s page as poison to avoid panic in the kdump kernel - powerpc/lib: Validate size for vector operations - powerpc: pmd_move_must_withdraw is only needed for CONFIG_TRANSPARENT_HUGEPAGE - powerpc/mm: Fix build failures due to arch_reserved_kernel_pages - powerpc: Fix build error due to is_valid_bugaddr - powerpc/mm: Fix null-pointer dereference in pgtable_cache_add - x86/entry/ia32: Ensure s32 is sign extended to s64 - tick/sched: Preserve number of idle sleeps across CPU hotplug events - mips: Call lose_fpu before initializing fcr31 in mips_set_personality_nan - spi: bcm-qspi: fix SFDP BFPT read by usig mspi read - gpio: eic-sprd: Clear interrupt after set the interrupt type - drm/exynos: gsc: minor fix for loop iteration in gsc_runtime_resume - drm/exynos: fix accidental on-stack copy of exynos_drm_plane - drm/bridge: nxp-ptn3460: simplify some error checking - drm/bridge: nxp-ptn3460: fix i2c_master_send error checking - drm: Don"t unref the same fb many times by mistake due to deadlock handling - gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04 - netfilter: nf_tables: reject QUEUE/DROP verdict parameters [Orabug: 36251144] {CVE-2024-1086} - rbd: don"t move requests to the running list on errors - btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args - btrfs: don"t warn if discard range is not aligned to sector - btrfs: tree-checker: fix inline ref size in error messages - btrfs: ref-verify: free ref cache before clearing mount opt - net: fec: fix the unhandled context fault from smmu - fjes: fix memleaks in fjes_hw_setup - netfilter: nf_tables: validate NFPROTO_* family - netfilter: nf_tables: restrict anonymous set and map names to 16 bytes - net/mlx5e: fix a double-free in arfs_create_groups - net/mlx5: Use kfree in arfs_create_groups - net/mlx5: DR, Use the right GVMI number for drop action - netlink: fix potential sleeping issue in mqueue_flush_file - tcp: Add memory barrier to tcp_push - afs: Hide silly-rename files from userspace - tracing: Ensure visibility when inserting an element into tracing_map - net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv - llc: Drop support for ETH_P_TR_802_2. - llc: make llc_ui_sendmsg more robust against bonding changes - vlan: skip nested type that is not IFLA_VLAN_QOS_MAPPING - net/smc: fix illegal rmb_desc access in SMC-D connection dump - x86/CPU/AMD: Fix disabling XSAVES on AMD family 0x17 due to erratum - powerpc: Use always instead of always-y in for crtsavres.o - fs: move S_ISGID stripping into the vfs_* helpers - fs: add mode_strip_sgid helper - mtd: spinand: macronix: Fix MX35LFxGE4AD page size - block: Remove special-casing of compound pages - rename: fix the locking of subdirectories - ubifs: ubifs_symlink: Fix memleak of inode-gt;i_link in error path - nouveau/vmm: don"t set addr on the fail path to avoid warning - mmc: core: Use mrq.sbc in close-ended ffu - arm64: dts: qcom: sdm845: fix USB wakeup interrupt types - parisc/firmware: Fix F-extend for PDC addresses - rpmsg: virtio: Free driver_override when rpmsg_remove - hwrng: core - Fix page fault dead lock on mmap-ed hwrng - PM: hibernate: Enforce ordering during image compression/decompression - crypto: api - Disallow identical driver names - ext4: allow for the last group to be marked as trimmed - serial: sc16is7xx: add check for unsupported SPI modes during probe - spi: introduce SPI_MODE_X_MASK macro - serial: sc16is7xx: set safe default SPI clock frequency - units: add the HZ macros - units: change from "L" to "UL" - units: Add Watt units - PCI: mediatek: Clear interrupt status before dispatching handler [5.4.17-2136.330.1.el7uek] - mm: hwpoison: handle non-anonymous THP correctly [Orabug: 36223690] - mm,hwpoison: unify THP handling for hard and soft offline [Orabug: 36223690] - mm: hwpoison: remove the unnecessary THP check [Orabug: 36223690]