+1
−1
+20
−16
Loading
Merge tag 'ASB-2023-11-05_4.14-stable' of...
Merge tag 'ASB-2023-11-05_4.14-stable' of https://android.googlesource.com/kernel/common into android13-4.14-msmnile https://source.android.com/docs/security/bulletin/2023-11-01 * tag 'ASB-2023-11-05_4.14-stable' of https://android.googlesource.com/kernel/common: Linux 4.14.328 Bluetooth: hci_event: Fix using memcmp when comparing keys Bluetooth: hci_sock: Correctly bounds check and pad HCI_MON_NEW_INDEX name Bluetooth: hci_sock: fix slab oob read in create_monitor_event gpio: vf610: set value before the direction to avoid a glitch s390/pci: fix iommu bitmap allocation perf: Disallow mis-matched inherited group reads USB: serial: option: add Fibocom to DELL custom modem FM101R-GL USB: serial: option: add entry for Sierra EM9191 with new firmware USB: serial: option: add Telit LE910C4-WWX 0x1035 composition ACPI: irq: Fix incorrect return value in acpi_register_gsi() Revert "pinctrl: avoid unsafe code pattern in find_pinctrl()" mmc: core: Capture correct oemid-bits for eMMC cards sky2: Make sure there is at least one frag_addr available wifi: cfg80211: avoid leaking stack data into trace wifi: mac80211: allow transmitting EAPOL frames with tainted key Bluetooth: hci_core: Fix build warnings Bluetooth: Avoid redundant authentication HID: holtek: fix slab-out-of-bounds Write in holtek_kbd_input_event tracing: relax trace_event_eval_update() execution with cond_resched() ata: libata-eh: Fix compilation warning in ata_eh_link_report() gpio: timberdale: Fix potential deadlock on &tgpio->lock overlayfs: set ctime when setting mtime and atime i2c: mux: Avoid potential false error message in i2c_mux_add_adapter btrfs: initialize start_slot in btrfs_log_prealloc_extents ARM: dts: ti: omap: Fix noisy serial with overrun-throttle-ms for mapphone i40e: prevent crash on probe if hw registers have invalid values net: usb: smsc95xx: Fix an error code in smsc95xx_reset() net: rfkill: gpio: prevent value glitch during probe net: ipv6: fix return value check in esp_remove_trailer net: ipv4: fix return value check in esp_remove_trailer xfrm: fix a data-race in xfrm_gen_index() netfilter: nft_payload: fix wrong mac header matching KVM: x86: Mask LVTPC when handling a PMI regmap: fix NULL deref on lookup nfc: nci: fix possible NULL pointer dereference in send_acknowledge() Bluetooth: avoid memcmp() out of bounds warning Bluetooth: hci_event: Fix coding style Bluetooth: vhci: Fix race when opening vhci device Bluetooth: Fix a refcnt underflow problem for hci_conn Bluetooth: Reject connection with the device which has same BD_ADDR Bluetooth: hci_event: Ignore NULL link key usb: hub: Guard against accesses to uninitialized BOS descriptors x86/cpu: Fix AMD erratum #1485 on Zen4-based CPUs usb: gadget: ncm: Handle decoding of multiple NTB's in unwrap call usb: gadget: udc-xilinx: replace memcpy with memcpy_toio pinctrl: avoid unsafe code pattern in find_pinctrl() cgroup: Remove duplicates in cgroup v1 tasks file Input: xpad - add PXN V900 support Input: powermate - fix use-after-free in powermate_config_complete ceph: fix incorrect revoked caps assert in ceph_fill_file_size() mcb: remove is_added flag from mcb_device struct iio: pressure: ms5611: ms5611_prom_is_valid false negative bug iio: pressure: bmp280: Fix NULL pointer exception usb: musb: Modify the "HWVers" register address usb: musb: Get the musb_qh poniter after musb_giveback net: usb: dm9601: fix uninitialized variable use in dm9601_mdio_read usb: xhci: xhci-ring: Use sysdev for mapping bounce buffer workqueue: Override implicit ordered attribute in workqueue_apply_unbound_cpumask() nfc: nci: assert requested protocol is valid ixgbe: fix crash with empty VF macvlan list drm/vmwgfx: fix typo of sizeof argument ieee802154: ca8210: Fix a potential UAF in ca8210_probe drm: etvnaviv: fix bad backport leading to warning HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect RDMA/cxgb4: Check skb value for failure to allocate Linux 4.14.327 xen/events: replace evtchn_rwlock with RCU rtnetlink: Reject negative ifindexes in RTM_NEWLINK Revert "rtnetlink: Reject negative ifindexes in RTM_NEWLINK" parisc: Restore __ldcw_align for PA-RISC 2.0 processors RDMA/mlx5: Fix NULL string error RDMA/cma: Fix truncation compilation warning in make_cma_ports gpio: aspeed: fix the GPIO number passed to pinctrl_gpio_set_config() IB/mlx4: Fix the size of a buffer in add_port_entries() cpupower: add Makefile dependencies for install targets sctp: update hb timer immediately after users change hb_interval sctp: update transport state when processing a dupcook packet tcp: fix delayed ACKs for MSS boundary condition net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() modpost: add missing else to the "of" check scsi: target: core: Fix deadlock due to recursive locking regmap: rbtree: Fix wrong register marked as in-cache when creating new node drivers/net: process the result of hdlc_open() and add call of hdlc_close() in uhdlc_close() wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet ubi: Refuse attaching if mtd's erasesize is 0 wifi: mwifiex: Fix tlv_buf_left calculation scsi: zfcp: Fix a double put in zfcp_port_enqueue() media: dvb: symbol fixup for dvb_attach() - again ata: libata: disallow dev-initiated LPM transitions to unsupported states net/sched: sch_hfsc: Ensure inner classes have fsc curve ext4: fix rec_len verify error vc_screen: reload load of struct vc_data pointer in vcs_write() to avoid UAF fs: binfmt_elf_efpic: fix personality for ELF-FDPIC ata: libata-sata: increase PMP SRST timeout to 10s ata: libata-core: Fix port and device removal ata: libata-core: Fix ata_port_request_pm() locking btrfs: properly report 0 avail for very full file systems i2c: i801: unregister tco_pdev in i801_probe() error path ata: libata-scsi: ignore reserved bits for REPORT SUPPORTED OPERATION CODES nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() serial: 8250_port: Check IRQ data before use watchdog: iTCO_wdt: Set NO_REBOOT if the watchdog is not already running watchdog: iTCO_wdt: No need to stop the timer in probe ata: libahci: clear pending interrupt status ata: ahci: Drop pointless VPRINTK() calls and convert the remaining ones fbdev/sh7760fb: Depend on FB=y ata: libata-eh: do not clear ATA_PFLAG_EH_PENDING in ata_eh_reset() ring-buffer: Avoid softlockup in ring_buffer_resize() selftests/ftrace: Correctly enable event in instance-event.tc parisc: irq: Make irq_stack_union static to avoid sparse warning parisc: iosapic.c: Fix sparse warnings parisc: sba: Fix compile warning wrt list of SBA devices xtensa: boot/lib: fix function prototypes xtensa: boot: don't add include-dirs clk: tegra: fix error return case for recalc_rate i2c: mux: demux-pinctrl: check the return value of devm_kstrdup() gpio: tb10x: Fix an error handling path in tb10x_gpio_probe() team: fix null-ptr-deref when team device type is changed dccp: fix dccp_v4_err()/dccp_v6_err() again powerpc/perf/hv-24x7: Update domain value check ipv4: fix null-deref in ipv4_link_failure NFS/pNFS: Report EINVAL errors from connect() to the server Conflicts: kernel/events/core.c Change-Id: Idd943ad7328420dab2fd1510193d9254be9f56f4