[ANNOUNCE] Release v4.19.325-cip121

[ANNOUNCE] Release v4.19.325-cip121

[Ulrich Hecht]

Hi,

the CIP kernel team has released Linux kernel v4.19.325-cip121. The linux-4.19.y-cip tree's base version has been updated to v4.19-st5. The trees are up-to-date with kernel 5.4.293.

You can get this release via the git tree or as a tarball from https://mirrors.edge.kernel.org/pub/linux/kernel/projects/cip/4.19/

  v4.19.325-cip121:
    repository:
      https://git.kernel.org/pub/scm/linux/kernel/git/cip/linux-cip.git
    branch:
      linux-4.19.y-cip
    commit hash:
      3237eeb37d4b43b59ddbb9d45fcce28a18e43e68
    Fixed CVEs:
      CVE-2021-47352: virtio-net: Add validation for used length
      CVE-2024-50154: tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink().
      CVE-2025-21681: openvswitch: fix lockup on tx to unregistering netdev with carrier
      CVE-2025-23140: misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error
      CVE-2025-23142: sctp: detect and prevent references to a freed transport in sendmsg
      CVE-2025-23150: ext4: fix off-by-one error in do_split
      CVE-2025-23157: media: venus: hfi_parser: add check to avoid out of bound access
      CVE-2025-23158: media: venus: hfi: add check to handle incorrect queue size
      CVE-2025-23159: media: venus: hfi: add a check to handle OOB in sfr region
      CVE-2025-23163: net: vlan: don't propagate flags on open
      CVE-2025-37738: ext4: ignore xattrs past end
      CVE-2025-37740: jfs: add sanity check for agwidth in dbMount
      CVE-2025-37741: jfs: Prevent copying of nlink with value 0 from disk inode
      CVE-2025-37749: net: ppp: Add bound checking for skb data on ppp_sync_txmung
      CVE-2025-37757: tipc: fix memory leak in tipc_link_xmit
      CVE-2025-37758: ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe()
      CVE-2025-37780: isofs: Prevent the use of too small fid
      CVE-2025-37781: i2c: cros-ec-tunnel: defer probe if parent EC is not present
      CVE-2025-37785: ext4: fix OOB read when checking dotdot dir
      CVE-2025-37789: net: openvswitch: fix nested key length validation in the set() action
      CVE-2025-37792: Bluetooth: btrtl: Prevent potential NULL dereference
      CVE-2025-37794: wifi: mac80211: Purge vif txq in ieee80211_do_stop()
      CVE-2025-37796: wifi: at76c50x: fix use after free access in at76_disconnect
      CVE-2025-37797: net_sched: hfsc: Fix a UAF vulnerability in class handling
      CVE-2025-37810: usb: dwc3: gadget: check that event count does not exceed event buffer length
      CVE-2025-37817: mcb: fix a double free bug in chameleon_parse_gdd()
      CVE-2025-37823: net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too
      CVE-2025-37824: tipc: fix NULL pointer dereference in tipc_mon_reinit_self()
      CVE-2025-37829: cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate()
      CVE-2025-37838: HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition
      CVE-2025-37839: jbd2: remove wrong sb->s_sequence check
      CVE-2025-37840: mtd: rawnand: brcmnand: fix PM resume warning
      CVE-2025-37841: pm: cpupower: bench: Prevent NULL dereference on malloc failure
      CVE-2025-37851: fbdev: omapfb: Add 'plane' value check
      CVE-2025-37857: scsi: st: Fix array overflow in st_setup()
      CVE-2025-37858: fs/jfs: Prevent integer overflow in AG size calculation
      CVE-2025-37862: HID: pidff: Fix null pointer dereference in pidff_find_fields
      CVE-2025-37881: usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev()
      CVE-2025-37892: mtd: inftlcore: Add error check for inftl_read_oob()
      CVE-2025-37940: ftrace: Add cond_resched() to ftrace_graph_set_hash()
      CVE-2025-37982: wifi: wl1251: fix memory leak in wl1251_tx_work
      CVE-2025-37983: qibfs: fix _another_ leak
      CVE-2025-37989: net: phy: leds: fix memory leak

Best regards,
Ulrich Hecht