[El-errata] ELSA-2022-6460 Moderate: Oracle Linux 8 kernel security, bug fix, and enhancement update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Thu Sep 15 01:49:13 UTC 2022


Oracle Linux Security Advisory ELSA-2022-6460

http://linux.oracle.com/errata/ELSA-2022-6460.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-4.18.0-372.26.1.0.1.el8_6.x86_64.rpm
kernel-4.18.0-372.26.1.0.1.el8_6.x86_64.rpm
kernel-abi-stablelists-4.18.0-372.26.1.0.1.el8_6.noarch.rpm
kernel-core-4.18.0-372.26.1.0.1.el8_6.x86_64.rpm
kernel-cross-headers-4.18.0-372.26.1.0.1.el8_6.x86_64.rpm
kernel-debug-4.18.0-372.26.1.0.1.el8_6.x86_64.rpm
kernel-debug-core-4.18.0-372.26.1.0.1.el8_6.x86_64.rpm
kernel-debug-devel-4.18.0-372.26.1.0.1.el8_6.x86_64.rpm
kernel-debug-modules-4.18.0-372.26.1.0.1.el8_6.x86_64.rpm
kernel-debug-modules-extra-4.18.0-372.26.1.0.1.el8_6.x86_64.rpm
kernel-devel-4.18.0-372.26.1.0.1.el8_6.x86_64.rpm
kernel-doc-4.18.0-372.26.1.0.1.el8_6.noarch.rpm
kernel-headers-4.18.0-372.26.1.0.1.el8_6.x86_64.rpm
kernel-modules-4.18.0-372.26.1.0.1.el8_6.x86_64.rpm
kernel-modules-extra-4.18.0-372.26.1.0.1.el8_6.x86_64.rpm
kernel-tools-4.18.0-372.26.1.0.1.el8_6.x86_64.rpm
kernel-tools-libs-4.18.0-372.26.1.0.1.el8_6.x86_64.rpm
perf-4.18.0-372.26.1.0.1.el8_6.x86_64.rpm
python3-perf-4.18.0-372.26.1.0.1.el8_6.x86_64.rpm
kernel-tools-libs-devel-4.18.0-372.26.1.0.1.el8_6.x86_64.rpm

aarch64:
bpftool-4.18.0-372.26.1.0.1.el8_6.aarch64.rpm
kernel-cross-headers-4.18.0-372.26.1.0.1.el8_6.aarch64.rpm
kernel-headers-4.18.0-372.26.1.0.1.el8_6.aarch64.rpm
kernel-tools-4.18.0-372.26.1.0.1.el8_6.aarch64.rpm
kernel-tools-libs-4.18.0-372.26.1.0.1.el8_6.aarch64.rpm
perf-4.18.0-372.26.1.0.1.el8_6.aarch64.rpm
python3-perf-4.18.0-372.26.1.0.1.el8_6.aarch64.rpm
kernel-tools-libs-devel-4.18.0-372.26.1.0.1.el8_6.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/kernel-4.18.0-372.26.1.0.1.el8_6.src.rpm

Related CVEs:

CVE-2022-21123
CVE-2022-21125
CVE-2022-21166




Description of changes:

[4.18.0-372.26.1.0.1.el8_6.OL8]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15-11.0.5
debug: lockdown kgdb [Orabug: 34270802] {CVE-2022-21499}

[4.18.0-372.26.1_6]
- drm/amd/display: Ignore First MST Sideband Message Return Error (Mika Penttilä) [2109826 2089853]
- ASoC: SOF: topology: read back control data from DSP (Jaroslav Kysela) [2117732 2065575]
- ASoC: SOF: Drop ctrl_type parameter for snd_sof_ipc_set_get_comp_data() (Jaroslav Kysela) [2117732 2065575]
- ASoC: SOF: control: Do not handle control notification with component type (Jaroslav Kysela) [2117732 2065575]
- ASoC: SOF: sof-audio: Drop the cmd member from struct snd_sof_control (Jaroslav Kysela) [2117732 2065575]
- ASoC: SOF: Drop ctrl_cmd parameter for snd_sof_ipc_set_get_comp_data() (Jaroslav Kysela) [2117732 2065575]
- ASoC: SOF: topology: Set control_data->cmd alongside scontrol->cmd (Jaroslav Kysela) [2117732 2065575]
- ASoC: SOF: Drop ipc_cmd parameter for snd_sof_ipc_set_get_comp_data() (Jaroslav Kysela) [2117732 2065575]
- ASoC: SOF: ipc: Rename send parameter in snd_sof_ipc_set_get_comp_data() (Jaroslav Kysela) [2117732 2065575]
- cgroup: Use css_tryget() instead of css_tryget_online() in task_get_css() (Vratislav Bendel) [2120776 2111491]
- platform/x86/intel: Fix 'rmmod pmt_telemetry' panic (Prarit Bhargava) [2091079 2080426]
- KVM: x86/mmu: make apf token non-zero to fix bug (Vitaly Kuznetsov) [2105340 2096201]
- dommu/vt-d: Make DMAR_UNITS_SUPPORTED a config setting (Jerry Snitselaar) [2112983 2095498]

[4.18.0-372.25.1_6]
- redhat: add missing ybz numbers to changelog (Augusto Caringi)
- block: limit request dispatch loop duration (Ming Lei) [2110772 2005082]
- NLM: Defend against file_lock changes after vfs_test_lock() (Benjamin Coddington) [2102099 2094884]
- x86/speculation/mmio: Print SMT warning (Waiman Long) [2110388 2090252] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
- KVM: x86/speculation: Disable Fill buffer clear within guests (Waiman Long) [2110388 2090252] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
- x86/speculation/mmio: Reuse SRBDS mitigation for SBDS (Waiman Long) [2110388 2090252] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
- x86/speculation/srbds: Update SRBDS mitigation selection (Waiman Long) [2110388 2090252] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
- x86/speculation/mmio: Add sysfs reporting for Processor MMIO Stale Data (Waiman Long) [2110388 2090252] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
- x86/speculation/mmio: Enable CPU Fill buffer clearing on idle (Waiman Long) [2110388 2090252] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
- x86/bugs: Group MDS, TAA & Processor MMIO Stale Data mitigations (Waiman Long) [2110388 2090252] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
- x86/speculation/mmio: Add mitigation for Processor MMIO Stale Data (Waiman Long) [2110388 2090252] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
- x86/speculation: Add a common function for MD_CLEAR mitigation update (Waiman Long) [2110388 2090252] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
- x86/speculation/mmio: Enumerate Processor MMIO Stale Data bug (Waiman Long) [2110388 2090252] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
- Documentation: Add documentation for Processor MMIO Stale Data (Waiman Long) [2110388 2090252] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
- x86/tsx: Disable TSX development mode at boot (Waiman Long) [2110388 2090252] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
- x86/tsx: Use MSR_TSX_CTRL to clear CPUID bits (Waiman Long) [2110388 2090252] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
- x86/tsx: Clear CPUID bits when TSX always force aborts (Waiman Long) [2110388 2090252] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
- cpu/speculation: Add prototype for cpu_show_srbds() (Waiman Long) [2110388 2090252] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
- x86/cpu: Move arch_smt_update() to a neutral place (Waiman Long) [2110388 2090252] {CVE-2022-21123 CVE-2022-21125 CVE-2022-21166}
- ice: Ignore error message when setting same promiscuous mode (Petr Oros) [2118580 2100683]
- ice: Fix clearing of promisc mode with bridge over bond (Petr Oros) [2118580 2100683]
- ice: Ignore EEXIST when setting promisc mode (Petr Oros) [2118580 2100683]
- ice: Fix double VLAN error when entering promisc mode (Petr Oros) [2118580 2100683]
- ice: Fix promiscuous mode not turning off (Petr Oros) [2117026 2088787]
- ice: Introduce enabling promiscuous mode on multiple VF's (Petr Oros) [2117026 2088787]
- ice: do not setup vlan for loopback VSI (Petr Oros) [2118582 2103845]
- ice: check (DD | EOF) bits on Rx descriptor rather than (EOP | RS) (Petr Oros) [2118582 2103845]
- ice: Fix max VLANs available for VF (Petr Oros) [2118581 2112298]
- ice: change devlink code to read NVM in blocks (Petr Oros) [2118583 2093904]
- ice: Fix memory corruption in VF driver (Petr Oros) [2102359 2037937]
- ice: Fix queue config fail handling (Petr Oros) [2102359 2037937]
- ice: Sync VLAN filtering features for DVM (Petr Oros) [2102359 2037937]
- ice: Fix PTP TX timestamp offset calculation (Petr Oros) [2102359 2037937]
- ice: Fix interrupt moderation settings getting cleared (Petr Oros) [2102359 2037937]
- ice: fix possible under reporting of ethtool Tx and Rx statistics (Petr Oros) [2102359 2037937]
- ice: allow creating VFs for !CONFIG_NET_SWITCHDEV (Petr Oros) [2102359 2037937]
- ice: add trace events for tx timestamps (Petr Oros) [2102359 2037937]
- ice: fix return value check in ice_gnss.c (Petr Oros) [2102359 2037937]
- ice: remove PF pointer from ice_check_vf_init (Petr Oros) [2102359 2037937]
- ice: introduce ice_virtchnl.c and ice_virtchnl.h (Petr Oros) [2102359 2037937]
- ice: cleanup long lines in ice_sriov.c (Petr Oros) [2102359 2037937]
- ice: introduce ICE_VF_RESET_LOCK flag (Petr Oros) [2102359 2037937]
- ice: introduce ICE_VF_RESET_NOTIFY flag (Petr Oros) [2102359 2037937]
- ice: convert ice_reset_vf to take flags (Petr Oros) [2102359 2037937]
- ice: convert ice_reset_vf to standard error codes (Petr Oros) [2102359 2037937]
- ice: make ice_reset_all_vfs void (Petr Oros) [2102359 2037937]
- ice: drop is_vflr parameter from ice_reset_all_vfs (Petr Oros) [2102359 2037937]
- ice: move reset functionality into ice_vf_lib.c (Petr Oros) [2102359 2037937]
- ice: fix a long line warning in ice_reset_vf (Petr Oros) [2102359 2037937]
- ice: introduce VF operations structure for reset flows (Petr Oros) [2102359 2037937]
- ice: fix incorrect dev_dbg print mistaking 'i' for vf->vf_id (Petr Oros) [2102359 2037937]
- ice: introduce ice_vf_lib.c, ice_vf_lib.h, and ice_vf_lib_private.h (Petr Oros) [2102359 2037937]
- ice: use ice_is_vf_trusted helper function (Petr Oros) [2102359 2037937]
- ice: log an error message when eswitch fails to configure (Petr Oros) [2102359 2037937]
- ice: cleanup error logging for ice_ena_vfs (Petr Oros) [2102359 2037937]
- ice: move ice_set_vf_port_vlan near other .ndo ops (Petr Oros) [2102359 2037937]
- ice: refactor spoofchk control code in ice_sriov.c (Petr Oros) [2102359 2037937]
- ice: rename ICE_MAX_VF_COUNT to avoid confusion (Petr Oros) [2102359 2037937]
- ice: remove unused definitions from ice_sriov.h (Petr Oros) [2102359 2037937]
- ice: convert vf->vc_ops to a const pointer (Petr Oros) [2102359 2037937]
- ice: remove circular header dependencies on ice.h (Petr Oros) [2102359 2037937]
- ice: rename ice_virtchnl_pf.c to ice_sriov.c (Petr Oros) [2102359 2037937]
- ice: rename ice_sriov.c to ice_vf_mbx.c (Petr Oros) [2102359 2037937]
- ice: Fix FV offset searching (Petr Oros) [2102359 2037937]
- ice: Add support for outer dest MAC for ADQ tunnels (Petr Oros) [2102359 2037937]
- ice: avoid XDP checks in ice_clean_tx_irq() (Petr Oros) [2102359 2037937]
- ice: change 'can't set link' message to dbg level (Petr Oros) [2102359 2037937]
- ice: Add slow path offload stats on port representor in switchdev (Petr Oros) [2102359 2037937]
- ice: Add support for inner etype in switchdev (Petr Oros) [2102359 2037937]
- ice: convert VF storage to hash table with krefs and RCU (Petr Oros) [2102359 2037937]
- ice: introduce VF accessor functions (Petr Oros) [2102359 2037937]
- ice: factor VF variables to separate structure (Petr Oros) [2102359 2037937]
- ice: convert ice_for_each_vf to include VF entry iterator (Petr Oros) [2102359 2037937]
- ice: use ice_for_each_vf for iteration during removal (Petr Oros) [2102359 2037937]
- ice: remove checks in ice_vc_send_msg_to_vf (Petr Oros) [2102359 2037937]
- ice: move VFLR acknowledge during ice_free_vfs (Petr Oros) [2102359 2037937]
- ice: move clear_malvf call in ice_free_vfs (Petr Oros) [2102359 2037937]
- ice: pass num_vfs to ice_set_per_vf_res() (Petr Oros) [2102359 2037937]
- ice: store VF pointer instead of VF ID (Petr Oros) [2102359 2037937]
- ice: refactor unwind cleanup in eswitch mode (Petr Oros) [2102359 2037937]
- ice: add TTY for GNSS module for E810T device (Petr Oros) [2102359 2037937]
- ice: Simplify tracking status of RDMA support (Petr Oros) [2102359 2037937]
- ice: Add ability for PF admin to enable VF VLAN pruning (Petr Oros) [2102359 2037937]
- ice: Add support for 802.1ad port VLANs VF (Petr Oros) [2102359 2037937]
- ice: Advertise 802.1ad VLAN filtering and offloads for PF netdev (Petr Oros) [2102359 2037937]
- ice: Support configuring the device to Double VLAN Mode (Petr Oros) [2102359 2037937]
- ice: Add support for VIRTCHNL_VF_OFFLOAD_VLAN_V2 (Petr Oros) [2102359 2037937]
- ice: Add hot path support for 802.1Q and 802.1ad VLAN offloads (Petr Oros) [2102359 2037937]
- ice: Add outer_vlan_ops and VSI specific VLAN ops implementations (Petr Oros) [2102359 2037937]
- ice: Adjust naming for inner VLAN operations (Petr Oros) [2102359 2037937]
- ice: Use the proto argument for VLAN ops (Petr Oros) [2102359 2037937]
- ice: Refactor vf->port_vlan_info to use ice_vlan (Petr Oros) [2102359 2037937]
- ice: Introduce ice_vlan struct (Petr Oros) [2102359 2037937]
- ice: Add new VSI VLAN ops (Petr Oros) [2102359 2037937]
- ice: Add helper function for adding VLAN 0 (Petr Oros) [2102359 2037937]
- ice: Refactor spoofcheck configuration functions (Petr Oros) [2102359 2037937]
- Revert 'ice: Allow to pass VLAN tagged packets to VF when port VLAN is configured' (Petr Oros) [2102359 2037937]
- Revert 'ice: Do not enable VLAN pruning when spoofchk is enabled' (Petr Oros) [2102359 2037937]
- ice: Remove likely for napi_complete_done (Petr Oros) [2102359 2037937]
- ice: add support for DSCP QoS for IDC (Petr Oros) [2102359 2037937]
- ice: respect metadata on XSK Rx to skb (Petr Oros) [2102359 2037937]
- ice: don't reserve excessive XDP_PACKET_HEADROOM on XSK Rx to skb (Petr Oros) [2102359 2037937]
- ice: respect metadata in legacy-rx/ice_construct_skb() (Petr Oros) [2102359 2037937]
- ice: Fix broken IFF_ALLMULTI handling (Petr Oros) [2102359 2037937]
- iavf: Fix VLAN_V2 addition/rejection (Petr Oros) [2118707 2115618]
- iavf: Fix deadlock in initialization (Petr Oros) [2118705 2054656]
- scsi: qla2xxx: Fix erroneous mailbox timeout after PCI error injection (Nilesh Javali) [2110768 2044160]
- sched/deadline: Fix BUG_ON condition for deboosted tasks (Phil Auld) [2117410 2111860]

[4.18.0-372.24.1_6]
- powerpc/64: Move paca allocation later in boot (Desnes A. Nunes do Rosario) [2092241 2016335]
- powerpc/prom: fix early DEBUG messages (Desnes A. Nunes do Rosario) [2092241 2016335]
- powerpc: Set crashkernel offset to mid of RMA region (Desnes A. Nunes do Rosario) [2092241 2016335]
- hv_balloon: rate-limit 'Unhandled message' warning (Vitaly Kuznetsov) [2117050 2087270]
- powerpc: Enable execve syscall exit tracepoint (Steve Best) [2106662 2095521]
- ice: Fix VSIs unable to share unicast MAC (Petr Oros) [2111936 2080033]

[4.18.0-372.23.1_6]
- drivers/base: fix userspace break from using bin_attributes for cpumap and cpulist (Phil Auld) [2112030 2089715]
- iavf: Fix issue with MAC address of VF shown as zero (Petr Oros) [2102360 2037938]
- iavf: Remove non-inclusive language (Petr Oros) [2102360 2037938]
- iavf: Fix incorrect use of assigning iavf_status to int (Petr Oros) [2102360 2037938]
- iavf: stop leaking iavf_status as 'errno' values (Petr Oros) [2102360 2037938]
- iavf: Add usage of new virtchnl format to set default MAC (Petr Oros) [2102360 2037938]
- iavf: refactor processing of VLAN V2 capability message (Petr Oros) [2102360 2037938]
- iavf: Add support for 50G/100G in AIM algorithm (Petr Oros) [2102360 2037938]
- iavf: remove redundant ret variable (Petr Oros) [2102360 2037938]
- iavf: Remove useless DMA-32 fallback configuration (Petr Oros) [2102360 2037938]
- pidfd: fix a poll race when setting exit_state (Oleg Nesterov) [2107643 2044587]
- fork: fix pidfd_poll()'s return type (Oleg Nesterov) [2107643 2044587]
- pidfd: add polling support (Oleg Nesterov) [2107643 2044587]
- kabi: introduce the kabi_aux_*() helpers (Oleg Nesterov) [2107643 2044587]

[4.18.0-372.22.1_6]
- mm/memcg: Free percpu stats memory of dying memcg's (Waiman Long) [2110039 2004037]

[4.18.0-372.21.1_6]
- KVM: x86/mmu: Don't advance iterator after restart due to yielding (Nico Pache) [2081013 2058907]
- RHEL-only: KVM: selftests: Fix AArch64 compilation (Paul Lai) [2107655 2071997]
- x86/fpu: KVM: Set the base guest FPU uABI size to sizeof(struct kvm_xsave) (Paul Lai) [2107652 2092066]
- KVM: x86: Use ERR_PTR_USR() to return -EFAULT as a __user pointer (Paul Lai) [2088288 2074679]
- KVM: x86: add system attribute to retrieve full set of supported xsave states (Paul Lai) [2088288 2074679]
- KVM: x86: Add a helper to retrieve userspace address from kvm_device_attr (Paul Lai) [2088288 2074679]
- tools: arch: x86: pull in pvclock headers (Paul Lai) [2088288 2074679]
- KVM: x86: Expose TSC offset controls to userspace (Paul Lai) [2088288 2074679]
- KVM: x86: Refactor tsc synchronization code (Paul Lai) [2088288 2074679]
- selftests: kvm: move vm_xsave_req_perm call to amx_test (Paul Lai) [2088288 2074679]
- RHEL-only: KVM: selftests: Remove unused modes (Andrew Jones) [2107655 2071997]
- tools headers UAPI: Sync linux/kvm.h with the kernel sources (Paul Lai) [2088287 1918929]
- kvm: selftests: sync uapi/linux/kvm.h with Linux header (Paul Lai) [2088287 1918929]
- kvm: selftests: conditionally build vm_xsave_req_perm() (Paul Lai) [2088287 1918929]
- x86/kvm/fpu: Remove kvm_vcpu_arch.guest_supported_xcr0 (Paul Lai) [2088287 1918929]
- x86/kvm/fpu: Limit guest user_xfeatures to supported bits of XCR0 (Paul Lai) [2088287 1918929]
- KVM: x86/cpuid: Exclude unpermitted xfeatures sizes at KVM_GET_SUPPORTED_CPUID (Paul Lai) [2088287 1918929]
- KVM: x86: Move CPUID.(EAX=0x12,ECX=1) mangling to __kvm_update_cpuid_runtime() (Paul Lai) [2088287 1918929]
- KVM: x86/cpuid: Clear XFD for component i if the base feature is missing (Paul Lai) [2088287 1918929]
- KVM: x86: Do runtime CPUID update before updating vcpu->arch.cpuid_entries (Paul Lai) [2088287 1918929]
- x86/fpu: Fix inline prefix warnings (Paul Lai) [2088287 1918929]
- selftest: kvm: Add amx selftest (Paul Lai) [2088287 1918929]
- selftest: kvm: Move struct kvm_x86_state to header (Paul Lai) [2088287 1918929]
- selftest: kvm: Reorder vcpu_load_state steps for AMX (Paul Lai) [2088287 1918929]
- kvm: x86: Disable interception for IA32_XFD on demand (Paul Lai) [2088287 1918929]
- x86/fpu: Provide fpu_sync_guest_vmexit_xfd_state() (Paul Lai) [2088287 1918929]
- kvm: selftests: Add support for KVM_CAP_XSAVE2 (Paul Lai) [2088287 1918929]
- kvm: x86: Add support for getting/setting expanded xstate buffer (Paul Lai) [2088287 1918929]
- x86/fpu: Add uabi_size to guest_fpu (Paul Lai) [2088287 1918929]
- kvm: x86: Add CPUID support for Intel AMX (Paul Lai) [2088287 1918929]
- kvm: x86: Add XCR0 support for Intel AMX (Paul Lai) [2088287 1918929]
- kvm: x86: Disable RDMSR interception of IA32_XFD_ERR (Paul Lai) [2088287 1918929]
- kvm: x86: Emulate IA32_XFD_ERR for guest (Paul Lai) [2088287 1918929]
- kvm: x86: Intercept #NM for saving IA32_XFD_ERR (Paul Lai) [2088287 1918929]
- x86/fpu: Prepare xfd_err in struct fpu_guest (Paul Lai) [2088287 1918929]
- kvm: x86: Add emulation for IA32_XFD (Paul Lai) [2088287 1918929]
- x86/fpu: Provide fpu_update_guest_xfd() for IA32_XFD emulation (Paul Lai) [2088287 1918929]
- kvm: x86: Enable dynamic xfeatures at KVM_SET_CPUID2 (Paul Lai) [2088287 1918929]
- x86/fpu: Provide fpu_enable_guest_xfd_features() for KVM (Paul Lai) [2088287 1918929]
- x86/fpu: Add guest support to xfd_enable_feature() (Paul Lai) [2088287 1918929]
- x86/fpu: Make XFD initialization in __fpstate_reset() a function argument (Paul Lai) [2088287 1918929]
- kvm: x86: Exclude unpermitted xfeatures at KVM_GET_SUPPORTED_CPUID (Paul Lai) [2088287 1918929]
- kvm: x86: Fix xstate_required_size() to follow XSTATE alignment rule (Paul Lai) [2088287 1918929]
- x86/fpu: Prepare guest FPU for dynamically enabled FPU features (Paul Lai) [2088287 1918929]
- x86/fpu: Extend fpu_xstate_prctl() with guest permissions (Paul Lai) [2088287 1918929]
- kvm: selftests: move ucall declarations into ucall_common.h (Paul Lai) [2088287 1918929]
- kvm: selftests: move base kvm_util.h declarations to kvm_util_base.h (Paul Lai) [2088287 1918929]
- cpuid: kvm_find_kvm_cpuid_features() should be declared 'static' (Paul Lai) [2088287 1918929]
- KVM: x86: Make sure KVM_CPUID_FEATURES really are KVM_CPUID_FEATURES (Paul Lai) [2088287 1918929]
- KVM: x86: Add helper to consolidate core logic of SET_CPUID{2} flows (Paul Lai) [2088287 1918929]
- tools arch x86: Sync the msr-index.h copy with the kernel sources (Andrew Jones) [2107655 2071997]

[4.18.0-372.20.1.el8_6]
- powerpc/pseries: Fix use after free in remove_phb_dynamic() (Steve Best) [2081250 2073707]
- mt76: mt7921: Fix the error handling path of mt7921_pci_probe() (Íñigo Huguet) [2101684 2096758]
- mt76: mt7921e: fix possible probe failure after reboot (Íñigo Huguet) [2095654 2078877]
- x86/apic/vector: Fix ordering in vector assignment (Frank Ramsay) [2084646 2076607]




More information about the El-errata mailing list