[ANNOUNCE] Release v4.19.325-cip118

public inbox for cip-dev@lists.cip-project.org
 help / color / mirror / Atom feed

* [ANNOUNCE] Release v4.19.325-cip118
@ 2025-03-11 13:18 Ulrich Hecht
  0 siblings, 0 replies; only message in thread
From: Ulrich Hecht @ 2025-03-11 13:18 UTC (permalink / raw)
  To: cip-dev@lists.cip-project.org, pavel@denx.de,
	jan.kiszka@siemens.com, masami.ichikawa@cybertrust.co.jp,
	chris.paterson2@renesas.com, nobuhiro1.iwamatsu@toshiba.co.jp

Hi,

the CIP kernel team has released Linux kernel v4.19.325-cip118. The linux-4.19.y-cip tree's base version has been updated to v4.19-st2. The trees are up-to-date with kernel 5.4.290.

You can get this release via the git tree or as a tarball from https://mirrors.edge.kernel.org/pub/linux/kernel/projects/cip/4.19/

  v4.19.325-cip118:
    repository:
      https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git
    branch:
      linux-4.19.y-cip
    commit hash:
      897293ec51a382f6f3534a971e06a3440c7c92ca
    Fixed CVEs:
      CVE-2023-35827: net: ravb: Fix possible UAF bug in ravb_remove
      CVE-2023-52509: ravb: Fix use-after-free issue in ravb_tx_timeout_work()
      CVE-2024-53124: net: fix data-races around sk->sk_forward_alloc
      CVE-2024-56631: scsi: sg: Fix slab-use-after-free read in sg_release()
      CVE-2024-57892: ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv
      CVE-2024-57904: iio: adc: at91: call input_free_device() on allocated iio_dev
      CVE-2024-57906: iio: adc: ti-ads8688: fix information leak in triggered buffer
      CVE-2024-57908: iio: imu: kmx61: fix information leak in triggered buffer
      CVE-2024-57911: iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer
      CVE-2024-57912: iio: pressure: zpa2326: fix information leak in triggered buffer
      CVE-2024-57913: usb: gadget: f_fs: Remove WARN_ON in functionfs_bind
      CVE-2024-57922: drm/amd/display: Add check for granularity in dml ceil/floor helpers
      CVE-2024-57929: dm array: fix releasing a faulty array block twice in dm_array_cursor_end
      CVE-2024-57948: mac802154: check local interfaces before deleting sdata list
      CVE-2025-21638: sctp: sysctl: auth_enable: avoid using current->nsproxy
      CVE-2025-21639: sctp: sysctl: rto_min/max: avoid using current->nsproxy
      CVE-2025-21640: sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy
      CVE-2025-21664: dm thin: make get_first_thin use rcu-safe list first function
      CVE-2025-21687: vfio/platform: check the bounds of read/write syscalls
      CVE-2025-21689: USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb()
      CVE-2025-21694: fs/proc: fix softlockup in __read_vmcore (part 2)
      CVE-2025-21699: gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag
      CVE-2024-47707: ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev()
      CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash()

Best regards,
Ulrich Hecht


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2025-03-11 13:18 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-03-11 13:18 [ANNOUNCE] Release v4.19.325-cip118 Ulrich Hecht

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox