From: Ulrich Hecht <uli@fpond.eu>
To: "cip-dev@lists.cip-project.org" <cip-dev@lists.cip-project.org>,
"pavel@denx.de" <pavel@denx.de>,
"jan.kiszka@siemens.com" <jan.kiszka@siemens.com>,
"masami.ichikawa@cybertrust.co.jp"
<masami.ichikawa@cybertrust.co.jp>,
"chris.paterson2@renesas.com" <chris.paterson2@renesas.com>,
"nobuhiro1.iwamatsu@toshiba.co.jp"
<nobuhiro1.iwamatsu@toshiba.co.jp>
Subject: [ANNOUNCE] Release v4.19.325-cip121
Date: Wed, 11 Jun 2025 11:52:18 +0200 (CEST) [thread overview]
Message-ID: <890123726.143312.1749635538410@webmail.strato.de> (raw)
Hi,
the CIP kernel team has released Linux kernel v4.19.325-cip121. The linux-4.19.y-cip tree's base version has been updated to v4.19-st5. The trees are up-to-date with kernel 5.4.293.
You can get this release via the git tree or as a tarball from https://mirrors.edge.kernel.org/pub/linux/kernel/projects/cip/4.19/
v4.19.325-cip121:
repository:
https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git
branch:
linux-4.19.y-cip
commit hash:
3237eeb37d4b43b59ddbb9d45fcce28a18e43e68
Fixed CVEs:
CVE-2021-47352: virtio-net: Add validation for used length
CVE-2024-50154: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().
CVE-2025-21681: openvswitch: fix lockup on tx to unregistering netdev with carrier
CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error
CVE-2025-23142: sctp: detect and prevent references to a freed transport in sendmsg
CVE-2025-23150: ext4: fix off-by-one error in do_split
CVE-2025-23157: media: venus: hfi_parser: add check to avoid out of bound access
CVE-2025-23158: media: venus: hfi: add check to handle incorrect queue size
CVE-2025-23159: media: venus: hfi: add a check to handle OOB in sfr region
CVE-2025-23163: net: vlan: don't propagate flags on open
CVE-2025-37738: ext4: ignore xattrs past end
CVE-2025-37740: jfs: add sanity check for agwidth in dbMount
CVE-2025-37741: jfs: Prevent copying of nlink with value 0 from disk inode
CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung
CVE-2025-37757: tipc: fix memory leak in tipc_link_xmit
CVE-2025-37758: ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe()
CVE-2025-37780: isofs: Prevent the use of too small fid
CVE-2025-37781: i2c: cros-ec-tunnel: defer probe if parent EC is not present
CVE-2025-37785: ext4: fix OOB read when checking dotdot dir
CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action
CVE-2025-37792: Bluetooth: btrtl: Prevent potential NULL dereference
CVE-2025-37794: wifi: mac80211: Purge vif txq in ieee80211_do_stop()
CVE-2025-37796: wifi: at76c50x: fix use after free access in at76_disconnect
CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling
CVE-2025-37810: usb: dwc3: gadget: check that event count does not exceed event buffer length
CVE-2025-37817: mcb: fix a double free bug in chameleon_parse_gdd()
CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too
CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self()
CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()
CVE-2025-37838: HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition
CVE-2025-37839: jbd2: remove wrong sb->s_sequence check
CVE-2025-37840: mtd: rawnand: brcmnand: fix PM resume warning
CVE-2025-37841: pm: cpupower: bench: Prevent NULL dereference on malloc failure
CVE-2025-37851: fbdev: omapfb: Add 'plane' value check
CVE-2025-37857: scsi: st: Fix array overflow in st_setup()
CVE-2025-37858: fs/jfs: Prevent integer overflow in AG size calculation
CVE-2025-37862: HID: pidff: Fix null pointer dereference in pidff_find_fields
CVE-2025-37881: usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()
CVE-2025-37892: mtd: inftlcore: Add error check for inftl_read_oob()
CVE-2025-37940: ftrace: Add cond_resched() to ftrace_graph_set_hash()
CVE-2025-37982: wifi: wl1251: fix memory leak in wl1251_tx_work
CVE-2025-37983: qibfs: fix _another_ leak
CVE-2025-37989: net: phy: leds: fix memory leak
Best regards,
Ulrich Hecht
reply other threads:[~2025-06-11 9:52 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=890123726.143312.1749635538410@webmail.strato.de \
--to=uli@fpond.eu \
--cc=chris.paterson2@renesas.com \
--cc=cip-dev@lists.cip-project.org \
--cc=jan.kiszka@siemens.com \
--cc=masami.ichikawa@cybertrust.co.jp \
--cc=nobuhiro1.iwamatsu@toshiba.co.jp \
--cc=pavel@denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox