* [ANNOUNCE] Release v4.19.325-cip125
@ 2025-10-21 9:31 Ulrich Hecht
0 siblings, 0 replies; only message in thread
From: Ulrich Hecht @ 2025-10-21 9:31 UTC (permalink / raw)
To: cip-dev@lists.cip-project.org, pavel@denx.de,
jan.kiszka@siemens.com, masami.ichikawa@cybertrust.co.jp,
chris.paterson2@renesas.com, nobuhiro1.iwamatsu@toshiba.co.jp
Hi,
the CIP kernel team has released Linux kernel v4.19.325-cip125. The linux-4.19.y-cip tree's base version has been updated to v4.19-st9. The trees are up-to-date with kernel 5.4.300.
You can get this release via the git tree or as a tarball from https://mirrors.edge.kernel.org/pub/linux/kernel/projects/cip/4.19/
v4.19.325-cip125:
repository:
https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git
branch:
linux-4.19.y-cip
commit hash:
d68802a940fe1efb4315cbd06f2fc8d9c861aec3
Fixed CVEs:
CVE-2023-52935: mm/khugepaged: fix ->anon_vma race
CVE-2025-21861: mm/migrate_device: don't add folio to be freed to LRU in migrate_device_finalize()
CVE-2025-23143: net: Fix null-ptr-deref by sock_lock_init_class_and_name() and rmmod.
CVE-2025-37968: iio: light: opt3001: fix deadlock due to concurrent flag access
CVE-2025-39839: batman-adv: fix OOB read/write in network-coding decode
CVE-2025-39846: pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region()
CVE-2025-39847: ppp: fix memory leak in pad_compress_skb
CVE-2025-39848: ax25: properly unshare skbs in ax25_kiss_rcv()
CVE-2025-39853: i40e: Fix potential invalid access when MAC list is empty
CVE-2025-39860: Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen()
CVE-2025-39869: dmaengine: ti: edma: Fix memory allocation size for queue_priority_map
CVE-2025-39876: net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable()
CVE-2025-39883: mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory
CVE-2025-39885: ocfs2: fix recursive semaphore deadlock in fiemap call
CVE-2025-39891: wifi: mwifiex: Initialize the chan_stats array to zero
CVE-2025-39898: e1000e: fix heap overflow in e1000_set_eeprom
CVE-2025-39902: mm/slub: avoid accessing metadata when pointer is invalid in object_err()
CVE-2025-39911: i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path
CVE-2025-39920: pcmcia: Add error handling for add_interval() in do_validate_mem()
CVE-2025-39923: dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees
CVE-2025-39937: net: rfkill: gpio: Fix crash due to dereferencering uninitialized pointer
CVE-2025-39945: cnic: Fix use-after-free bugs in cnic_delete_task
CVE-2025-39953: cgroup: split cgroup_destroy_wq into 3 workqueues
CVE-2025-39955: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect().
CVE-2025-39967: fbcon: fix integer overflow in fbcon_do_set_font
CVE-2025-39968: i40e: add max boundary check for VF filters
CVE-2025-39970: i40e: fix input validation logic for action_meta
CVE-2025-39972: i40e: fix idx validation in i40e_validate_queue_map
CVE-2025-39973: i40e: add validation for ring_len param
CVE-2025-39985: can: mcba_usb: populate ndo_change_mtu() to prevent buffer overflow
CVE-2025-39986: can: sun4i_can: populate ndo_change_mtu() to prevent buffer overflow
CVE-2025-39987: can: hi311x: populate ndo_change_mtu() to prevent buffer overflow
Best regards,
Ulrich Hecht
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2025-10-21 9:32 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-10-21 9:31 [ANNOUNCE] Release v4.19.325-cip125 Ulrich Hecht
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox