[ANNOUNCE] Release v4.4.302-cip70


Nobuhiro Iwamatsu
 

[ANNOUNCE] Release v4.4.302-cip70

Hi all,

CIP kernel team has released Linux kernel v4.4.302-cip70.
This applies the required fixes for 4.4.y up to 4.9.320 of the 4.9.y tree.
You can get this release via the git tree at:

v4.4.302-cip70:
repository:
https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git
branch:
linux-4.4.y-cip
commit hash:
42722e64d359f47f84e170ac99e4b2dd2d04865b
Fixed CVEs:
CVE-2022-23038: xen/grant-table: add gnttab_try_end_foreign_access()
CVE-2022-23039: xen/gntalloc: don't use gnttab_query_foreign_access()
CVE-2022-23036: xen/grant-table: add gnttab_try_end_foreign_access()
CVE-2022-23037: xen/netfront: don't use gnttab_query_foreign_access() for mapped status
CVE-2022-0001: x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE
CVE-2022-0002: x86/speculation: Rename RETPOLINE_AMD to RETPOLINE_LFENCE
CVE-2021-26401: x86/speculation: Use generic retpoline by default on AMD
CVE-2022-23040: xen/xenbus: don't let xenbus_grant_ring() remove grants in error case
CVE-2022-23042: xen/netfront: react properly to failing gnttab_end_foreign_access_ref()
CVE-2022-1199: ax25: Fix NULL pointer dereference in ax25_kill_by_device
CVE-2021-4149: btrfs: unlock newly allocated extent buffer after error
CVE-2022-26490: nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION
CVE-2022-28356: llc: fix netdevice reference leaks in llc_ui_bind()
CVE-2022-1016: netfilter: nf_tables: initialize registers in nft_do_chain()
CVE-2022-1198: drivers: hamradio: 6pack: fix UAF bug caused by mod_timer()
CVE-2022-1353: af_key: add __GFP_ZERO flag for compose_sadb_supported in function pfkey_register
CVE-2022-28390: can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path
CVE-2022-30594: ptrace: Check PTRACE_O_SUSPEND_SECCOMP permission on PTRACE_SEIZE
CVE-2022-2380: video: fbdev: sm712fb: Fix crash in smtcfb_read()
CVE-2022-33981: floppy: disable FDRAWCMD by default
CVE-2022-1974: nfc: replace improper check device_is_registered() in netlink related functions
CVE-2022-1975: NFC: netlink: fix sleep in atomic bug when firmware download timeout
CVE-2022-1734: nfc: nfcmrvl: main: reorder destructive operations in nfcmrvl_nci_unregister_dev to avoid bugs
CVE-2022-1836: floppy: disable FDRAWCMD by default
CVE-2022-1652: floppy: use a statically allocated error counter
CVE-2022-1729: perf: Fix sys_perf_event_open() race against self
CVE-2022-0494: block-map: add __GFP_ZERO flag for alloc_page in function bio_copy_kern
CVE-2022-1184: ext4: verify dir block before splitting it
CVE-2022-32981: powerpc/32: Fix overread/overwrite of thread_struct via ptrace
CVE-2022-32296: tcp: increase source port perturb table to 2^16
CVE-2022-1011: fuse: fix pipe buffer lifetime for direct_io
CVE-2022-1012: secure_seq: use the 64 bits of the siphash for port offset calculation
added commits:
CIP: Bump version suffix to -cip70 after merge from stable

Best regards,
Nobuhiro

Join cip-dev@lists.cip-project.org to automatically receive all group messages.