From Salvatore Bonaccorso@21:1/5 to All on Sun Dec 19 00:20:02 2021
XPost: linux.debian.kernel
Hi
I would like to upload linux version 5.15.5-2 to unstable later today.
It does not contain rebases to newer 5.15.y version, which will follow
later. The update cherry-picks a couple of fixes which were present in
5.15.7, 5.15.8 and queued for 5.15.11:
* atlantic: Fix OOB read and write in hw_atl_utils_fw_rpc_wait
(CVE-2021-43975)
* fget: check that the fd still exists after getting a ref to it
(CVE-2021-4083)
* USB: gadget: detect too-big endpoint 0 requests (CVE-2021-39685)
* USB: gadget: zero allocate endpoint 0 buffers (CVE-2021-39685)
* [x86] Revert "drm/i915: Implement Wa_1508744258" (Closes: #1001128)
* nfsd: fix use-after-free due to delegation race (Closes: #988044)
* bpf: Fix kernel address leakage in atomic fetch
* bpf: Fix signed bounds propagation after mov32
* bpf: Make 32->64 bounds propagation slightly more robust
* bpf: Fix kernel address leakage in atomic cmpxchg's r0 aux reg