[PATCH 2/3] af_802154: Disable auto-loading as mitigation against local exploits
Forwarded: not-needed
Recent review has revealed several bugs in obscure protocol
implementations that can be exploited by local users for denial of
service or privilege escalation. We can mitigate the effect of any
remaining vulnerabilities in such protocols by preventing unprivileged
users from loading the modules, so that they are only exploitable on
systems where the administrator has chosen to load the protocol.
The 'af_802154' (IEEE 802.15.4) protocol is not widely used, was
not present in the 'lenny' kernel, and seems to receive only sporadic
maintenance. Therefore disable auto-loading.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic debian
Gbp-Pq: Name af_802154-Disable-auto-loading-as-mitigation-against.patch
Tweak gitignore for Debian pkg-kernel using git svn.
Forwarded: not-needed
[bwh: Tweak further for pure git]
Gbp-Pq: Topic debian
Gbp-Pq: Name gitignore.patch
linux (6.1.15-1) unstable; urgency=medium
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.13
- mptcp: sockopt: make 'tcp_fastopen_connect' generic
- mptcp: fix locking for setsockopt corner-case
- mptcp: deduplicate error paths on endpoint creation
- mptcp: fix locking for in-kernel listener creation
- btrfs: move the auto defrag code to defrag.c
- btrfs: lock the inode in shared mode before starting fiemap
- [x86] ASoC: amd: yc: Add DMI support for new acer/emdoor platforms
- [x86] ASoC: SOF: sof-audio: start with the right widget type
- ALSA: usb-audio: Add FIXED_RATE quirk for JBL Quantum610 Wireless
- [x86] ASoC: Intel: sof_rt5682: always set dpcm_capture for amplifiers
- ALSA: hda: Do not unset preset when cleaning up codec
- [x86] ASoC: amd: yc: Add Xiaomi Redmi Book Pro 15 2022 into DMI table
- bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself
- net/rose: Fix to not accept on connected socket
- net: stmmac: do not stop RX_CLK in Rx LPI state for qcs404 SoC
- [powerpc*] 64: Fix perf profiling asynchronous interrupt handlers
- fscache: Use clear_and_wake_up_bit() in fscache_create_volume_work()
- drm/nouveau/devinit/tu102-: wait for GFW_BOOT_PROGRESS == COMPLETED
- net: sched: sch: Bounds check priority
- nvme-fc: fix a missing queue put in nvmet_fc_ls_create_association
- nvme: clear the request_queue pointers on failure in
nvme_alloc_admin_tag_set
- nvme: clear the request_queue pointers on failure in nvme_alloc_io_tag_set
- drm/amd/display: Add missing brackets in calculation
- drm/amd/display: Adjust downscaling limits for dcn314
- drm/amd/display: Unassign does_plane_fit_in_mall function from dcn3.2
- drm/amd/display: Reset DMUB mailbox SW state after HW reset
- drm/amdgpu: enable HDP SD for gfx 11.0.3
- drm/amdgpu: Enable vclk dclk node for gc11.0.3
- drm/amd/display: Properly handle additional cases where DCN is not
supported
- ceph: move mount state enum to super.h
- ceph: blocklist the kclient when receiving corrupted snap trace
- of: reserved_mem: Have kmemleak ignore dynamically allocated reserved mem
- mm: shrinkers: fix deadlock in shrinker debugfs
- aio: fix mremap after fork null-deref
- vmxnet3: move rss code block under eop descriptor
- fbdev: Fix invalid page access after closing deferred I/O devices
- drm/amd/amdgpu: fix warning during suspend
- drm/amd/display: Fail atomic_check early on normalize_zpos error
- drm/vmwgfx: Stop accessing buffer objects which failed init
- drm/vmwgfx: Do not drop the reference to the handle too soon
- [arm64] mmc: meson-gx: fix SDIO mode if cap_sdio_irq isn't set
- mmc: sdio: fix possible resource leaks in some error paths
- mmc: mmc_spi: fix error handling in mmc_spi_probe()
- ALSA: hda: Fix codec device field initializan
- ALSA: hda/conexant: add a new hda codec SN6180
- ALSA: hda/realtek - fixed wrong gpio assigned
- ALSA: hda/realtek: fix mute/micmute LEDs don't work for a HP platform.
- ALSA: hda/realtek: Enable mute/micmute LEDs and speaker support for HP
Laptops
- ata: ahci: Add Tiger Lake UP{3,4} AHCI controller
- ata: libata-core: Disable READ LOG DMA EXT for Samsung MZ7LH
- hugetlb: check for undefined shift on 32 bit architectures
- nilfs2: fix underflow in second superblock position calculations
- mm/MADV_COLLAPSE: set EAGAIN on unexpected page refcount
- mm/filemap: fix page end in filemap_get_read_batch
- mm/migrate: fix wrongly apply write bit after mkdirty on sparc64
- freezer,umh: Fix call_usermode_helper_exec() vs SIGKILL
- Revert "mm: Always release pages to the buddy allocator in
memblock_free_late()."
- net: Fix unwanted sign extension in netdev_stats_to_stats64()
- revert "squashfs: harden sanity check in squashfs_read_xattr_id_table"
- [arm64,armhf] drm/vc4: crtc: Increase setup cost in core clock calculation
to handle extreme reduced blanking
- [arm64,armhf] drm/vc4: Fix YUV plane handling when planes are in different
buffers
- [x86] drm/i915/gen11: Wa_1408615072/Wa_1407596294 should be on GT list
- ice: fix lost multicast packets in promisc mode
- ixgbe: allow to increase MTU to 3K with XDP enabled
- i40e: add double of VLAN header when computing the max MTU
- net: bgmac: fix BCM5358 support by setting correct flags
- sctp: sctp_sock_filter(): avoid list_entry() on possibly empty list
- net/sched: tcindex: update imperfect hash filters respecting rcu
- ice: xsk: Fix cleaning of XDP_TX frames
- dccp/tcp: Avoid negative sk_forward_alloc by ipv6_pinfo.pktoptions.
- net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path
- net/sched: act_ctinfo: use percpu stats
- net: openvswitch: fix possible memory leak in ovs_meter_cmd_set()
- net: stmmac: fix order of dwmac5 FlexPPS parametrization sequence
- bnxt_en: Fix mqprio and XDP ring checking logic
- tracing: Make trace_define_field_ext() static
- net: stmmac: Restrict warning on disabling DMA store and fwd mode
- net: use a bounce buffer for copying skb->mark
- tipc: fix kernel warning when sending SYN message
- net: mpls: fix stale pointer if allocation fails during device rename
(CVE-2023-26545)
- igb: conditionalize I2C bit banging on external thermal sensor support
- igb: Fix PPS input and output using 3rd and 4th SDP
- ixgbe: add double of VLAN header when computing the max MTU
- ipv6: Fix datagram socket connection with DSCP.
- ipv6: Fix tcp socket connection with DSCP.
- mm/gup: add folio to list when folio_isolate_lru() succeed
- mm: extend max struct page size for kmsan
- i40e: Add checking for null for nlmsg_find_attr()
- net/sched: tcindex: search key must be 16 bits
- nvme-tcp: stop auth work after tearing down queues in error recovery
- nvme-rdma: stop auth work after tearing down queues in error recovery
- [x86] KVM: x86/pmu: Disable vPMU support on hybrid CPUs (host PMUs)
- [x86] kvm: initialize all of the kvm_debugregs structure before sending it
to userspace
- [x86] perf/x86: Refuse to export capabilities for hybrid PMUs
- alarmtimer: Prevent starvation by small intervals and SIG_IGN
- nvme-pci: refresh visible attrs for cmb attributes
- [x86] ASoC: SOF: Intel: hda-dai: fix possible stream_tag leak
- net: sched: sch: Fix off by one in htb_activate_prios()
https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.14
- [arm64,armhf] drm/etnaviv: don't truncate physical page address
- wifi: ath11k: fix warning in dma_free_coherent() of memory chunks while
recovery
- wifi: rtl8xxxu: gen2: Turn on the rate control
- drm/edid: Fix minimum bpc supported with DSC1.2 for HDMI sink
- sched/psi: Stop relying on timer_pending() for poll_work rescheduling
- random: always mix cycle counter in add_latent_entropy()
- scsi: libsas: Add smp_ata_check_ready_type()
- [arm64] scsi: hisi_sas: Fix SATA devices missing issue during I_T nexus
reset
- docs: perf: Fix PMU instance name of hisi-pcie-pmu
- [x86] KVM: x86: Fail emulation during EMULTYPE_SKIP on any exception
- [x86] KVM: SVM: Skip WRMSR fastpath on VM-Exit if next RIP isn't valid
- [x86] KVM: VMX: Execute IBPB on emulated VM-exit when guest has IBRS
(CVE-2022-2196)
- [x86] drm/i915: Remove __maybe_unused from mtl_info
- [x86] KVM: x86: fix deadlock for KVM_XEN_EVTCHN_RESET
- [powerpc*] 64s/radix: Fix RWX mapping with relocated kernel
- nfp: ethtool: support reporting link modes
- nfp: ethtool: fix the bug of setting unsupported port speed
- uaccess: Add speculation barrier to copy_from_user()
- [x86] alternatives: Introduce int3_emulate_jcc()
- [x86] alternatives: Teach text_poke_bp() to patch Jcc.d32 instructions
- [x86] static_call: Add support for Jcc tail-calls
- Bluetooth: btusb: Add more device IDs for WCN6855
- [powerpc*] vmlinux.lds: Define RUNTIME_DISCARD_EXIT
- [powerpc*] vmlinux.lds: Don't discard .rela* for relocatable builds
- wifi: mwifiex: Add missing compatible string for SD8787
- audit: update the mailing list in MAINTAINERS
- [x86] platform/x86: nvidia-wmi-ec-backlight: Add force module parameter
- ext4: Fix function prototype mismatch for ext4_feat_ktype
- bpf: add missing header file include
https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.15
- Fix XFRM-I support for nested ESP tunnels
- [arm64] dts: rockchip: reduce thermal limits on rk3399-pinephone-pro
- [arm64] dts: rockchip: drop unused LED mode property from rk3328-roc-cc
- [arm64] dts: rockchip: fix probe of analog sound card on rock-3a
- HID: elecom: add support for TrackBall 056E:011C
- HID: Ignore battery for Elan touchscreen on Asus TP420IA
- [amd64,arm64] ACPI: NFIT: fix a potential deadlock during NFIT teardown
- pinctrl: amd: Fix debug output for debounce time
- btrfs: send: limit number of clones and allocated memory size
- [x86] ASoC: rt715-sdca: fix clock stop prepare timeout issue
- [amd64] IB/hfi1: Assign npages earlier
- neigh: make sure used and confirmed times are valid
- HID: core: Fix deadloop in hid_apply_multiplier.
- [x86] ASoC: codecs: es8326: Fix DTS properties reading
- [x86] HID: Ignore battery for ELAN touchscreen 29DF on HP
- [x86] cpu: Add Lunar Lake M
- PM: sleep: Avoid using pr_cont() in the tasks freezing code
- bpf: bpf_fib_lookup should not return neigh in NUD_FAILED state
- net: Remove WARN_ON_ONCE(sk->sk_forward_alloc) from
sk_stream_kill_queues().
- vc_screen: don't clobber return value in vcs_read
- drm/amd/display: Move DCN314 DOMAIN power control to DMCUB
- drm/amd/display: Fix race condition in DPIA AUX transfer
- USB: serial: option: add support for VW/Skoda "Carstick LTE"
- usb: gadget: u_serial: Add null pointer check in gserial_resume
- usb: typec: pd: Remove usb_suspend_supported sysfs from sink PDO
- drm/amd/display: Properly reuse completion structure
- attr: add in_group_or_capable()
- fs: move should_remove_suid()
- attr: add setattr_should_drop_sgid()
- attr: use consistent sgid stripping checks
- fs: use consistent setgid checks in is_sxid()
- USB: core: Don't hold device lock while reading the "descriptors" sysfs
file
[ Salvatore Bonaccorso ]
* [rt] Update to 6.1.12-rt7
* Bump ABI to 6
[ Diederik de Haas ]
* [arm64,armhf] udeb: Add sound and speakup packages (Closes: #
1031289)
[ Cyril Brulebois ]
* udeb: Add qrtr_mhi to nic-wireless, for ath11k (Closes: #
1032140)
[dgit import unpatched linux 6.1.15-1]
projects / linux.git / log