[PATCH 2/3] af_802154: Disable auto-loading as mitigation against local exploits
Forwarded: not-needed
Recent review has revealed several bugs in obscure protocol
implementations that can be exploited by local users for denial of
service or privilege escalation. We can mitigate the effect of any
remaining vulnerabilities in such protocols by preventing unprivileged
users from loading the modules, so that they are only exploitable on
systems where the administrator has chosen to load the protocol.
The 'af_802154' (IEEE 802.15.4) protocol is not widely used, was
not present in the 'lenny' kernel, and seems to receive only sporadic
maintenance. Therefore disable auto-loading.
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
Gbp-Pq: Topic debian
Gbp-Pq: Name af_802154-Disable-auto-loading-as-mitigation-against.patch
Tweak gitignore for Debian pkg-kernel using git svn.
Forwarded: not-needed
[bwh: Tweak further for pure git]
Gbp-Pq: Topic debian
Gbp-Pq: Name gitignore.patch
linux (6.1.4-1) unstable; urgency=medium
* New upstream stable update:
https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.3
- eventpoll: add EPOLL_URING_WAKE poll wakeup flag
- eventfd: provide a eventfd_signal_mask() helper
- io_uring: pass in EPOLL_URING_WAKE for eventfd signaling and wakeups
- nvme-pci: fix doorbell buffer value endianness
- nvme-pci: fix mempool alloc size
- nvme-pci: fix page size checks
- ACPI: resource: do IRQ override on XMG Core 15
- ACPI: resource: do IRQ override on Lenovo 14ALC7
- ACPI: resource: Add Asus ExpertBook B2502 to Asus quirks
- [x86] ACPI: video: Fix Apple GMUX backlight detection
- block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq
- ata: ahci: Fix PCS quirk application for suspend
- nvme: fix the NVME_CMD_EFFECTS_CSE_MASK definition
- soundwire: dmi-quirks: add quirk variant for LAPBC710 NUC15
- [arm64,armhf] phy: sun4i-usb: Introduce port2 SIDDQ quirk
- [arm64,armhf] phy: sun4i-usb: Add support for the H616 USB PHY
- [powerpc*] rtas: avoid device tree lookups in rtas_os_term()
- [powerpc*] rtas: avoid scheduling in rtas_os_term()
- NFSD: fix use-after-free in __nfs42_ssc_open() (CVE-2022-4379)
- kprobes: kretprobe events missing on 2-core KVM guest
- HID: multitouch: fix Asus ExpertBook P2 P2451FA trackpoint
- HID: plantronics: Additional PIDs for double volume key presses quirk
- futex: Fix futex_waitv() hrtimer debug object leak on kcalloc error
- rtmutex: Add acquire semantics for rtmutex lock acquisition slow path
- mm, mremap: fix mremap() expanding vma with addr inside vma
- mm/mempolicy: fix memory leak in set_mempolicy_home_node system call
- pstore: Properly assign mem_type property
- pstore/zone: Use GFP_ATOMIC to allocate zone buffer
- hfsplus: fix bug causing custom uid and gid being unable to be assigned
with mount
- [x86] ACPI: x86: s2idle: Force AMD GUID/_REV 2 on HP Elitebook 865
- [x86] ACPI: x86: s2idle: Stop using AMD specific codepath for Rembrandt+
- ovl: Use ovl mounter's fsuid and fsgid in ovl_link()
- ovl: update ->f_iocb_flags when ovl_change_flags() modifies ->f_flags
- ALSA: line6: correct midi status byte when receiving data from podxt
- ALSA: line6: fix stack overflow in line6_midi_transmit
- ALSA: hda/hdmi: Static PCM mapping again with AMD HDMI codecs
- pnode: terminate at peers of source
- md: fix a crash in mempool_free
- mm, compaction: fix fast_isolate_around() to stay within boundaries
- f2fs: should put a page when checking the summary info
- f2fs: allow to read node block after shutdown
- block: Do not reread partition table on exclusively open device
- mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING
- tpm: acpi: Call acpi_put_table() to fix memory leak
- tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak
- tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak
- SUNRPC: Don't leak netobj memory when gss_read_proxy_verf() fails
https://www.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.4
- drm/amdgpu: skip MES for S0ix as well since it's part of GFX
- drm/amdgpu: skip mes self test after s0i3 resume for MES IP v11.0
- media: stv0288: use explicitly signed char
- cxl/region: Fix memdev reuse check
- [arm64] Prohibit instrumentation on arch_stack_walk()
- jbd2: use the correct print format
- [x86] perf/x86/intel/uncore: Disable I/O stacks to PMU mapping on ICX-D
- [x86] perf/x86/intel/uncore: Clear attr_update properly
- [arm64] dts: qcom: sdm845-db845c: correct SPI2 pins drive strength
- [arm64] phy: qcom-qmp-combo: fix out-of-bounds clock access
- drm/amd/pm: update SMU13.0.0 reported maximum shader clock
- drm/amd/pm: correct SMU13.0.0 pstate profiling clock settings
- btrfs: fix uninitialized parent in insert_state
- btrfs: fix extent map use-after-free when handling missing device in
read_one_chunk
- btrfs: fix resolving backrefs for inline extent followed by prealloc
- [arm64] dts: qcom: sdm850-samsung-w737: correct I2C12 pins drive strength
- random: use rejection sampling for uniform bounded random integers
- [x86] fpu/xstate: Fix XSTATE_WARN_ON() to emit relevant diagnostics
- [arm64] dts: qcom: sdm850-lenovo-yoga-c630: correct I2C12 pins drive
strength
- cxl/region: Fix missing probe failure
- EDAC/mc_sysfs: Increase legacy channel support to 12
- [x86] MCE/AMD: Clear DFR errors found in THR handler
- random: add helpers for random numbers with given floor or range
- PM/devfreq: governor: Add a private governor_data for governor
- cpufreq: Init completion before kobject_init_and_add()
- ext2: unbugger ext2_empty_dir()
- bpf: Resolve fext program type when checking map compatibility
- ALSA: patch_realtek: Fix Dell Inspiron Plus 16
- ALSA: hda/realtek: Apply dual codec fixup for Dell Latitude laptops
- [x86] platform/x86: thinkpad_acpi: Fix max_brightness of thinklight
- [x86] platform/x86: ideapad-laptop: Revert "check for touchpad support in
_CFG"
- [x86] platform/x86: ideapad-laptop: Add new _CFG bit numbers for future
use
- [x86] platform/x86: ideapad-laptop: support for more special keys in WMI
- ACPI: video: Simplify __acpi_video_get_backlight_type()
- ACPI: video: Prefer native over vendor
- [x86] platform/x86: ideapad-laptop: Refactor ideapad_sync_touchpad_state()
- [x86] platform/x86: ideapad-laptop: Do not send KEY_TOUCHPAD* events on
probe / resume
- [x86] platform/x86: ideapad-laptop: Only toggle ps2 aux port on/off on
select models
- [x86] platform/x86: ideapad-laptop: Send KEY_TOUCHPAD_TOGGLE on some
models
- [x86] platform/x86: ideapad-laptop: Stop writing VPCCMD_W_TOUCHPAD at
probe time
- [x86] platform/x86: intel-uncore-freq: add Emerald Rapids support
- ALSA: hda/cirrus: Add extra 10 ms delay to allow PLL settle and lock.
- [x86] platform/x86: x86-android-tablets: Add Medion Lifetab S10346 data
- [x86] platform/x86: x86-android-tablets: Add Lenovo Yoga Tab 3 (YT3-X90F)
charger + fuel-gauge data
- [x86] platform/x86: x86-android-tablets: Add Advantech MICA-071 extra
button
- HID: Ignore HP Envy x360 eu0009nv stylus battery
- ALSA: usb-audio: Add new quirk FIXED_RATE for JBL Quantum810 Wireless
- fs: dlm: fix sock release if listen fails
- fs: dlm: retry accept() until -EAGAIN or error returns
- mptcp: netlink: fix some error return code
- mptcp: remove MPTCP 'ifdef' in TCP SYN cookies
- mptcp: dedicated request sock for subflow in v6
- mptcp: use proper req destructor for IPv6
- dm cache: Fix ABBA deadlock between shrink_slab and
dm_cache_metadata_abort
- dm thin: Fix ABBA deadlock between shrink_slab and dm_pool_abort_metadata
- dm thin: Use last transaction's pmd->root when commit failed
- dm thin: resume even if in FAIL mode
- dm thin: Fix UAF in run_timer_softirq()
- dm integrity: Fix UAF in dm_integrity_dtr()
- dm cache: Fix UAF in destroy()
- dm cache: set needs_check flag after aborting metadata
- PCI/DOE: Fix maximum data object length miscalculation
- tracing/hist: Fix out-of-bound write on 'action_data.var_ref_idx'
- perf/core: Call LSM hook after copying perf_event_attr
- [x86] KVM: VMX: Resume guest immediately when injecting #GP on ECREATE
- [x86] KVM: nVMX: Inject #GP, not #UD, if "generic" VMXON CR0/CR4 check
fails
- [x86] KVM: x86: fix APICv/x2AVIC disabled when vm reboot by itself
- [x86] KVM: nVMX: Properly expose ENABLE_USR_WAIT_PAUSE control to L1
- [x86] microcode/intel: Do not retry microcode reloading on the APs
- [x86] ftrace/x86: Add back ftrace_expected for ftrace bug reports
- [x86] kprobes: Fix kprobes instruction boudary check with CONFIG_RETHUNK
- [x86] kprobes: Fix optprobe optimization check with CONFIG_RETHUNK
- tracing: Fix race where eprobes can be called before the event
- [powerpc*] ftrace: fix syscall tracing on PPC64_ELF_ABI_V1
- tracing: Fix complicated dependency of CONFIG_TRACER_MAX_TRACE
- tracing/hist: Fix wrong return value in parse_action_params()
- tracing/probes: Handle system names with hyphens
- tracing: Fix issue of missing one synthetic field
- tracing: Fix infinite loop in tracing_read_pipe on overflowed
print_trace_line
- media: dvb-core: Fix double free in dvb_register_device()
- media: dvb-core: Fix UAF due to refcount races at releasing
(CVE-2022-41218)
- cifs: fix confusing debug message
- cifs: fix missing display of three mount options
- cifs: set correct tcon status after initial tree connect
- cifs: set correct ipc status after initial tree connect
- cifs: set correct status of tcon ipc when reconnecting
- drm/amdgpu: fix mmhub register base coding error
- block: mq-deadline: Fix dd_finish_request() for zoned devices
- block: mq-deadline: Do not break sequential write streams to zoned HDDs
- md/bitmap: Fix bitmap chunk size overflow issues
- efi: Add iMac Pro 2017 to uefi skip cert quirk
- ipmi: fix long wait in unload when IPMI disconnect
- mtd: spi-nor: Check for zero erase size in spi_nor_find_best_erase_type()
- ima: Fix a potential NULL pointer access in ima_restore_measurement_list
- ipmi: fix use after free in _ipmi_destroy_user()
- mtd: spi-nor: gigadevice: gd25q256: replace gd25q256_default_init with
gd25q256_post_bfpt
- ima: Fix memory leak in __ima_inode_hash()
- PCI: Fix pci_device_is_present() for VFs by checking PF
- PCI/sysfs: Fix double free in error path
- [riscv64] kexec: Fix memory leak of fdt buffer
- [riscv64] kexec: Fix memory leak of elf header buffer
- [riscv64] stacktrace: Fixup ftrace_graph_ret_addr retp argument
- [riscv64] mm: notify remote harts about mmu cache updates
- [x86] crypto: ccp - Add support for TEE for PCI ID 0x14CA
- driver core: Fix bus_type.match() error handling in __driver_attach()
- bus: mhi: host: Fix race between channel preparation and M0 event
- [arm64] phy: qcom-qmp-combo: fix sdm845 reset
- [arm64] phy: qcom-qmp-combo: fix sc8180x reset
- [amd64] iommu/amd: Fix ivrs_acpihid cmdline parsing code
- [amd64] iommu/amd: Fix ill-formed ivrs_ioapic, ivrs_hpet and ivrs_acpihid
options
- hugetlb: really allocate vma lock for all sharable vmas
- [armhf] remoteproc: core: Do pm_relax when in RPROC_OFFLINE state
- device_cgroup: Roll back to original exceptions after copy failure
- drm/connector: send hotplug uevent on connector cleanup
- drm/vmwgfx: Validate the box size for the snooped cursor (CVE-2022-36280)
- [x86] drm/mgag200: Fix PLL setup for G200_SE_A rev >=4
- [arm64,armhf] drm/etnaviv: move idle mapping reaping into separate
function
- [x86] drm/i915/dsi: fix VBT send packet port selection for dual link DSI
- [arm64,armhf] drm/etnaviv: reap idle mapping if it doesn't match the
softpin address
- ext4: silence the warning when evicting inode with dioread_nolock
- ext4: add inode table check in __ext4_get_inode_loc to aovid possible
infinite loop
- ext4: remove trailing newline from ext4_msg() message
- ext4: correct inconsistent error msg in nojournal mode
- fs: ext4: initialize fsdata in pagecache_write()
- ext4: fix use-after-free in ext4_orphan_cleanup
- ext4: fix undefined behavior in bit shift for ext4_check_flag_values
- ext4: add EXT4_IGET_BAD flag to prevent unexpected bad inode
- ext4: add helper to check quota inums
- ext4: fix bug_on in __es_tree_search caused by bad quota inode
- ext4: fix reserved cluster accounting in __es_remove_extent()
- ext4: journal_path mount options should follow links
- ext4: check and assert if marking an no_delete evicting inode dirty
- ext4: fix bug_on in __es_tree_search caused by bad boot loader inode
- ext4: don't allow journal inode to have encrypt flag
- ext4: disable fast-commit of encrypted dir operations
- ext4: fix leaking uninitialized memory in fast-commit journal
- ext4: don't set up encryption key during jbd2 transaction
- ext4: add missing validation of fast-commit record lengths
- ext4: fix unaligned memory access in ext4_fc_reserve_space()
- ext4: fix off-by-one errors in fast-commit block filling
- ext4: fix uninititialized value in 'ext4_evict_inode'
- ext4: init quota for 'old.inode' in 'ext4_rename'
- ext4: don't fail GETFSUUID when the caller provides a long buffer
- ext4: fix delayed allocation bug in ext4_clu_mapped for bigalloc + inline
- ext4: fix corruption when online resizing a 1K bigalloc fs
- ext4: fix error code return to user-space in ext4_get_branch()
- ext4: fix bad checksum after online resize
- ext4: dont return EINVAL from GETFSUUID when reporting UUID length
- ext4: fix corrupt backup group descriptors after online resize
- ext4: avoid BUG_ON when creating xattrs
- ext4: fix deadlock due to mbcache entry corruption
- ext4: fix kernel BUG in 'ext4_write_inline_data_end()'
- ext4: fix inode leak in ext4_xattr_inode_create() on an error path
- ext4: initialize quota before expanding inode in setproject ioctl
- ext4: avoid unaccounted block allocation when expanding inode
- ext4: allocate extended attribute value in vmalloc area
- [x86] drm/i915/ttm: consider CCS for backup objects
- drm/amd/display: Add DCN314 display SG Support
- drm/amdgpu: handle polaris10/11 overlap asics (v2)
- drm/amdgpu: make display pinning more flexible (v2)
- [x86] drm/i915: improve the catch-all evict to handle lock contention
- [x86] drm/i915/migrate: Account for the reserved_space
- drm/amd/pm: add missing SMU13.0.0 mm_dpm feature mapping
- drm/amd/pm: add missing SMU13.0.7 mm_dpm feature mapping
- drm/amd/pm: bump SMU13.0.0 driver_if header to version 0x34
- drm/amd/pm: correct the fan speed retrieving in PWM for some SMU13 asics
[ Salvatore Bonaccorso ]
* Set ABI to 1
* Refresh "security,perf: Allow further restriction of perf_event_open"
[ Diederik de Haas ]
* [arm64] Enable CRYPTO_POLYVAL_ARM64_CE as module
[ Emanuele Rocca ]
* [arm64] drivers/hwtracing/coresight: Enable CORESIGHT,
CORESIGHT_SOURCE_ETM4X and CORESIGHT_TRBE as modules (Closes: #
1014743)
[ Miguel Bernal Marin ]
* [x86] Enable Intel Vendor Specific Extended Capabilities Driver,
with Intel Platform Monitoring Technology and Intel Software Defined
Silicon Driver as modules (Closes: #
1027953)
- Enable CONFIG_INTEL_VSEC.
- Enable CONFIG_INTEL_SDSI.
- Enable CONFIG_INTEL_PMT_TELEMETRY.
- Enable CONFIG_INTEL_PMT_CRASHLOG.
[dgit import unpatched linux 6.1.4-1]
projects / linux.git / log