-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2024-6b7d840efe 2024-04-05 23:09:38.915563 -------------------------------------------------------------------------------- Name : kernel Product : Fedora 40 Version : 6.8.4 Release : 300.fc40 URL : https://www.kernel.org/ Summary : The Linux kernel Description : The kernel meta package -------------------------------------------------------------------------------- Update Information: The 6.8.3 stable kernel rebase contains improved hardware support, new features, and a number of important fixes across the tree. The 6.8.2 stable kernel update contains a number of important fixes across the tree. -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 4 2024 Justin M. Forbes <jforbes@xxxxxxxxxxxxxxxxx> [6.8.4-0] - Linux v6.8.4 * Wed Apr 3 2024 Justin M. Forbes <jforbes@xxxxxxxxxxxxxxxxx> [6.8.3-0] - Fix up redhat directory for stable reabses (Justin M. Forbes) - Add some CVE fixes for 6.8.3 (Justin M. Forbes) - Add bug to BugsFixed (Justin M. Forbes) - Revert "Bluetooth: hci_qca: Set BDA quirk bit if fwnode exists in DT" (Johan Hovold) - Config updates for stable (Justin M. Forbes) - Linux v6.8.3 * Tue Mar 26 2024 Justin M. Forbes <jforbes@xxxxxxxxxxxxxxxxx> [6.8.2-0] - xfs: fix SEEK_HOLE/DATA for regions with active COW extents (Dave Chinner) - redhat: make libperf-devel require libperf %{version}-%{release} (Jan Stancek) - kernel.spec: drop custom mode also for System.map ghost entry (Jan Stancek) - kernel.spec: fix libperf-debuginfo content (Jan Stancek) - redhat/kernel.spec.template: enable cross for base/RT (Peter Robinson) - redhat/kernel.spec.template: Fix cross compiling (Peter Robinson) - Add more bugs to BugsFixed (Justin M. Forbes) - Add bug to BugsFixed (Justin M. Forbes) - Turn on CONFIG_READ_ONLY_THP_FOR_FS for Fedora (Justin M. Forbes) - Change fedora-stable-release.sh to use git am (Justin M. Forbes) - drivers/firmware: skip simpledrm if nvidia-drm.modeset=1 is set (Javier Martinez Canillas) - Revert libcpupower soname bump for F38/39 (Justin M. Forbes) - Fix up requires for UKI (Justin M. Forbes) - drm/amd: Flush GFXOFF requests in prepare stage (Mario Limonciello) - Linux v6.8.2 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2269883 - CONFIG_READ_ONLY_THP_FOR_FS is unset https://bugzilla.redhat.com/show_bug.cgi?id=2269883 [ 2 ] Bug #2270879 - CVE-2024-26643 kernel: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout https://bugzilla.redhat.com/show_bug.cgi?id=2270879 [ 3 ] Bug #2270880 - CVE-2024-26643 kernel: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2270880 [ 4 ] Bug #2270881 - CVE-2024-26642 kernel: netfilter: nf_tables: disallow anonymous set with timeout flag https://bugzilla.redhat.com/show_bug.cgi?id=2270881 [ 5 ] Bug #2270882 - CVE-2024-26642 kernel: netfilter: nf_tables: disallow anonymous set with timeout flag [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2270882 [ 6 ] Bug #2271784 - Bluetooth: hci0: command tx timeout https://bugzilla.redhat.com/show_bug.cgi?id=2271784 [ 7 ] Bug #2272444 - CVE-2024-26653 kernel: usb: misc: ljca: Fix double free in error handling path https://bugzilla.redhat.com/show_bug.cgi?id=2272444 [ 8 ] Bug #2272445 - CVE-2024-26653 kernel: usb: misc: ljca: Fix double free in error handling path [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2272445 [ 9 ] Bug #2272446 - CVE-2024-26654 kernel: ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs https://bugzilla.redhat.com/show_bug.cgi?id=2272446 [ 10 ] Bug #2272447 - CVE-2024-26654 kernel: ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2272447 [ 11 ] Bug #2272530 - CVE-2024-26655 kernel: posix-clock: memory leak in posix_clock_open() https://bugzilla.redhat.com/show_bug.cgi?id=2272530 [ 12 ] Bug #2272531 - CVE-2024-26655 kernel: Fix memory leak in posix_clock_open() [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2272531 [ 13 ] Bug #2272596 - Kernel null pointer dereference in 6.7.11 and 6.8.2 https://bugzilla.redhat.com/show_bug.cgi?id=2272596 [ 14 ] Bug #2272687 - CVE-2024-26657 kernel: drm/sched: fix null-ptr-deref in init entity https://bugzilla.redhat.com/show_bug.cgi?id=2272687 [ 15 ] Bug #2272688 - CVE-2024-26657 kernel: drm/sched: fix null-ptr-deref in init entity [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2272688 [ 16 ] Bug #2272692 - CVE-2024-26656 kernel: drm/amdgpu: use-after-free vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=2272692 [ 17 ] Bug #2272693 - CVE-2024-26656 kernel: drm/amdgpu: fix use-after-free bug [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2272693 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-6b7d840efe' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- package-announce@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-announce-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue