From: Ulrich Hecht <uli@fpond.eu>
To: "cip-dev@lists.cip-project.org" <cip-dev@lists.cip-project.org>,
"pavel@denx.de" <pavel@denx.de>,
"jan.kiszka@siemens.com" <jan.kiszka@siemens.com>,
"masami.ichikawa@cybertrust.co.jp"
<masami.ichikawa@cybertrust.co.jp>,
"chris.paterson2@renesas.com" <chris.paterson2@renesas.com>,
"nobuhiro1.iwamatsu@toshiba.co.jp"
<nobuhiro1.iwamatsu@toshiba.co.jp>
Subject: [ANNOUNCE] Release v4.19.325-cip118
Date: Tue, 11 Mar 2025 14:18:21 +0100 (CET) [thread overview]
Message-ID: <550411128.4870384.1741699101645@webmail.strato.de> (raw)
Hi,
the CIP kernel team has released Linux kernel v4.19.325-cip118. The linux-4.19.y-cip tree's base version has been updated to v4.19-st2. The trees are up-to-date with kernel 5.4.290.
You can get this release via the git tree or as a tarball from https://mirrors.edge.kernel.org/pub/linux/kernel/projects/cip/4.19/
v4.19.325-cip118:
repository:
https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git
branch:
linux-4.19.y-cip
commit hash:
897293ec51a382f6f3534a971e06a3440c7c92ca
Fixed CVEs:
CVE-2023-35827: net: ravb: Fix possible UAF bug in ravb_remove
CVE-2023-52509: ravb: Fix use-after-free issue in ravb_tx_timeout_work()
CVE-2024-53124: net: fix data-races around sk->sk_forward_alloc
CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release()
CVE-2024-57892: ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv
CVE-2024-57904: iio: adc: at91: call input_free_device() on allocated iio_dev
CVE-2024-57906: iio: adc: ti-ads8688: fix information leak in triggered buffer
CVE-2024-57908: iio: imu: kmx61: fix information leak in triggered buffer
CVE-2024-57911: iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer
CVE-2024-57912: iio: pressure: zpa2326: fix information leak in triggered buffer
CVE-2024-57913: usb: gadget: f_fs: Remove WARN_ON in functionfs_bind
CVE-2024-57922: drm/amd/display: Add check for granularity in dml ceil/floor helpers
CVE-2024-57929: dm array: fix releasing a faulty array block twice in dm_array_cursor_end
CVE-2024-57948: mac802154: check local interfaces before deleting sdata list
CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current->nsproxy
CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current->nsproxy
CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy
CVE-2025-21664: dm thin: make get_first_thin use rcu-safe list first function
CVE-2025-21687: vfio/platform: check the bounds of read/write syscalls
CVE-2025-21689: USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb()
CVE-2025-21694: fs/proc: fix softlockup in __read_vmcore (part 2)
CVE-2025-21699: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag
CVE-2024-47707: ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev()
CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash()
Best regards,
Ulrich Hecht
reply other threads:[~2025-03-11 13:18 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=550411128.4870384.1741699101645@webmail.strato.de \
--to=uli@fpond.eu \
--cc=chris.paterson2@renesas.com \
--cc=cip-dev@lists.cip-project.org \
--cc=jan.kiszka@siemens.com \
--cc=masami.ichikawa@cybertrust.co.jp \
--cc=nobuhiro1.iwamatsu@toshiba.co.jp \
--cc=pavel@denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox