diff --git a/changelog/security/2024-08-16-linux.md b/changelog/security/2024-08-16-linux.md new file mode 100644 index 00000000000..7e7d808e9ef --- /dev/null +++ b/changelog/security/2024-08-16-linux.md @@ -0,0 +1 @@ +- Linux ([CVE-2024-43877](https://nvd.nist.gov/vuln/detail/CVE-2024-43877), [CVE-2024-43876](https://nvd.nist.gov/vuln/detail/CVE-2024-43876), [CVE-2024-43875](https://nvd.nist.gov/vuln/detail/CVE-2024-43875), [CVE-2024-43873](https://nvd.nist.gov/vuln/detail/CVE-2024-43873), [CVE-2024-43871](https://nvd.nist.gov/vuln/detail/CVE-2024-43871), [CVE-2024-43881](https://nvd.nist.gov/vuln/detail/CVE-2024-43881), [CVE-2024-43880](https://nvd.nist.gov/vuln/detail/CVE-2024-43880), [CVE-2024-43879](https://nvd.nist.gov/vuln/detail/CVE-2024-43879), [CVE-2024-43869](https://nvd.nist.gov/vuln/detail/CVE-2024-43869), [CVE-2024-43870](https://nvd.nist.gov/vuln/detail/CVE-2024-43870), [CVE-2024-43856](https://nvd.nist.gov/vuln/detail/CVE-2024-43856), [CVE-2024-43860](https://nvd.nist.gov/vuln/detail/CVE-2024-43860), [CVE-2024-43859](https://nvd.nist.gov/vuln/detail/CVE-2024-43859), [CVE-2024-43858](https://nvd.nist.gov/vuln/detail/CVE-2024-43858), [CVE-2024-43833](https://nvd.nist.gov/vuln/detail/CVE-2024-43833), [CVE-2024-43832](https://nvd.nist.gov/vuln/detail/CVE-2024-43832), [CVE-2024-43831](https://nvd.nist.gov/vuln/detail/CVE-2024-43831), [CVE-2024-43830](https://nvd.nist.gov/vuln/detail/CVE-2024-43830), [CVE-2024-43829](https://nvd.nist.gov/vuln/detail/CVE-2024-43829), [CVE-2024-43828](https://nvd.nist.gov/vuln/detail/CVE-2024-43828), [CVE-2024-43855](https://nvd.nist.gov/vuln/detail/CVE-2024-43855), [CVE-2024-43854](https://nvd.nist.gov/vuln/detail/CVE-2024-43854), [CVE-2024-43853](https://nvd.nist.gov/vuln/detail/CVE-2024-43853), [CVE-2024-43851](https://nvd.nist.gov/vuln/detail/CVE-2024-43851), [CVE-2024-43850](https://nvd.nist.gov/vuln/detail/CVE-2024-43850), [CVE-2024-43849](https://nvd.nist.gov/vuln/detail/CVE-2024-43849), [CVE-2024-43847](https://nvd.nist.gov/vuln/detail/CVE-2024-43847), [CVE-2024-43846](https://nvd.nist.gov/vuln/detail/CVE-2024-43846), [CVE-2024-43845](https://nvd.nist.gov/vuln/detail/CVE-2024-43845), [CVE-2024-43842](https://nvd.nist.gov/vuln/detail/CVE-2024-43842), [CVE-2024-43841](https://nvd.nist.gov/vuln/detail/CVE-2024-43841), [CVE-2024-43839](https://nvd.nist.gov/vuln/detail/CVE-2024-43839), [CVE-2024-43837](https://nvd.nist.gov/vuln/detail/CVE-2024-43837), [CVE-2024-43834](https://nvd.nist.gov/vuln/detail/CVE-2024-43834), [CVE-2024-43825](https://nvd.nist.gov/vuln/detail/CVE-2024-43825), [CVE-2024-43823](https://nvd.nist.gov/vuln/detail/CVE-2024-43823), [CVE-2024-43821](https://nvd.nist.gov/vuln/detail/CVE-2024-43821), [CVE-2024-43818](https://nvd.nist.gov/vuln/detail/CVE-2024-43818), [CVE-2024-43817](https://nvd.nist.gov/vuln/detail/CVE-2024-43817), [CVE-2024-42321](https://nvd.nist.gov/vuln/detail/CVE-2024-42321), [CVE-2024-42322](https://nvd.nist.gov/vuln/detail/CVE-2024-42322), [CVE-2024-42288](https://nvd.nist.gov/vuln/detail/CVE-2024-42288), [CVE-2024-42297](https://nvd.nist.gov/vuln/detail/CVE-2024-42297), [CVE-2024-42296](https://nvd.nist.gov/vuln/detail/CVE-2024-42296), [CVE-2024-42295](https://nvd.nist.gov/vuln/detail/CVE-2024-42295), [CVE-2024-42294](https://nvd.nist.gov/vuln/detail/CVE-2024-42294), [CVE-2024-42292](https://nvd.nist.gov/vuln/detail/CVE-2024-42292), [CVE-2024-42320](https://nvd.nist.gov/vuln/detail/CVE-2024-42320), [CVE-2024-42318](https://nvd.nist.gov/vuln/detail/CVE-2024-42318), [CVE-2024-42291](https://nvd.nist.gov/vuln/detail/CVE-2024-42291), [CVE-2024-42316](https://nvd.nist.gov/vuln/detail/CVE-2024-42316), [CVE-2024-42315](https://nvd.nist.gov/vuln/detail/CVE-2024-42315), [CVE-2024-42314](https://nvd.nist.gov/vuln/detail/CVE-2024-42314), [CVE-2024-42313](https://nvd.nist.gov/vuln/detail/CVE-2024-42313), [CVE-2024-42311](https://nvd.nist.gov/vuln/detail/CVE-2024-42311), [CVE-2024-42310](https://nvd.nist.gov/vuln/detail/CVE-2024-42310), [CVE-2024-42309](https://nvd.nist.gov/vuln/detail/CVE-2024-42309), [CVE-2024-42308](https://nvd.nist.gov/vuln/detail/CVE-2024-42308), [CVE-2024-42290](https://nvd.nist.gov/vuln/detail/CVE-2024-42290), [CVE-2024-42307](https://nvd.nist.gov/vuln/detail/CVE-2024-42307), [CVE-2024-42306](https://nvd.nist.gov/vuln/detail/CVE-2024-42306), [CVE-2024-42305](https://nvd.nist.gov/vuln/detail/CVE-2024-42305), [CVE-2024-42304](https://nvd.nist.gov/vuln/detail/CVE-2024-42304), [CVE-2024-42303](https://nvd.nist.gov/vuln/detail/CVE-2024-42303), [CVE-2024-42302](https://nvd.nist.gov/vuln/detail/CVE-2024-42302), [CVE-2024-42301](https://nvd.nist.gov/vuln/detail/CVE-2024-42301), [CVE-2024-42299](https://nvd.nist.gov/vuln/detail/CVE-2024-42299), [CVE-2024-42298](https://nvd.nist.gov/vuln/detail/CVE-2024-42298), [CVE-2024-42289](https://nvd.nist.gov/vuln/detail/CVE-2024-42289), [CVE-2024-42284](https://nvd.nist.gov/vuln/detail/CVE-2024-42284), [CVE-2024-42283](https://nvd.nist.gov/vuln/detail/CVE-2024-42283), [CVE-2024-42281](https://nvd.nist.gov/vuln/detail/CVE-2024-42281), [CVE-2024-42280](https://nvd.nist.gov/vuln/detail/CVE-2024-42280), [CVE-2024-42279](https://nvd.nist.gov/vuln/detail/CVE-2024-42279), [CVE-2024-42278](https://nvd.nist.gov/vuln/detail/CVE-2024-42278), [CVE-2024-42277](https://nvd.nist.gov/vuln/detail/CVE-2024-42277), [CVE-2024-42287](https://nvd.nist.gov/vuln/detail/CVE-2024-42287), [CVE-2024-42286](https://nvd.nist.gov/vuln/detail/CVE-2024-42286), [CVE-2024-42285](https://nvd.nist.gov/vuln/detail/CVE-2024-42285), [CVE-2023-52889](https://nvd.nist.gov/vuln/detail/CVE-2023-52889), [CVE-2024-42276](https://nvd.nist.gov/vuln/detail/CVE-2024-42276), [CVE-2024-43867](https://nvd.nist.gov/vuln/detail/CVE-2024-43867), [CVE-2024-43866](https://nvd.nist.gov/vuln/detail/CVE-2024-43866), [CVE-2024-43864](https://nvd.nist.gov/vuln/detail/CVE-2024-43864), [CVE-2024-43863](https://nvd.nist.gov/vuln/detail/CVE-2024-43863), [CVE-2024-42312](https://nvd.nist.gov/vuln/detail/CVE-2024-42312), [CVE-2024-42274](https://nvd.nist.gov/vuln/detail/CVE-2024-42274), [CVE-2024-42273](https://nvd.nist.gov/vuln/detail/CVE-2024-42273), [CVE-2024-42272](https://nvd.nist.gov/vuln/detail/CVE-2024-42272), [CVE-2024-42271](https://nvd.nist.gov/vuln/detail/CVE-2024-42271), [CVE-2024-42270](https://nvd.nist.gov/vuln/detail/CVE-2024-42270), [CVE-2024-42269](https://nvd.nist.gov/vuln/detail/CVE-2024-42269), [CVE-2024-42268](https://nvd.nist.gov/vuln/detail/CVE-2024-42268), [CVE-2024-42267](https://nvd.nist.gov/vuln/detail/CVE-2024-42267), [CVE-2024-42265](https://nvd.nist.gov/vuln/detail/CVE-2024-42265), [CVE-2024-43908](https://nvd.nist.gov/vuln/detail/CVE-2024-43908), [CVE-2024-44931](https://nvd.nist.gov/vuln/detail/CVE-2024-44931), [CVE-2024-43914](https://nvd.nist.gov/vuln/detail/CVE-2024-43914), [CVE-2024-43912](https://nvd.nist.gov/vuln/detail/CVE-2024-43912), [CVE-2024-44935](https://nvd.nist.gov/vuln/detail/CVE-2024-44935), [CVE-2024-44934](https://nvd.nist.gov/vuln/detail/CVE-2024-44934), [CVE-2024-43909](https://nvd.nist.gov/vuln/detail/CVE-2024-43909), [CVE-2024-43905](https://nvd.nist.gov/vuln/detail/CVE-2024-43905), [CVE-2024-43903](https://nvd.nist.gov/vuln/detail/CVE-2024-43903), [CVE-2024-43902](https://nvd.nist.gov/vuln/detail/CVE-2024-43902), [CVE-2024-43900](https://nvd.nist.gov/vuln/detail/CVE-2024-43900), [CVE-2024-43907](https://nvd.nist.gov/vuln/detail/CVE-2024-43907), [CVE-2024-43906](https://nvd.nist.gov/vuln/detail/CVE-2024-43906), [CVE-2024-43897](https://nvd.nist.gov/vuln/detail/CVE-2024-43897), [CVE-2024-43894](https://nvd.nist.gov/vuln/detail/CVE-2024-43894), [CVE-2024-43893](https://nvd.nist.gov/vuln/detail/CVE-2024-43893), [CVE-2024-43892](https://nvd.nist.gov/vuln/detail/CVE-2024-43892), [CVE-2024-43890](https://nvd.nist.gov/vuln/detail/CVE-2024-43890), [CVE-2024-43889](https://nvd.nist.gov/vuln/detail/CVE-2024-43889), [CVE-2024-43895](https://nvd.nist.gov/vuln/detail/CVE-2024-43895), [CVE-2024-43883](https://nvd.nist.gov/vuln/detail/CVE-2024-43883), [CVE-2024-43861](https://nvd.nist.gov/vuln/detail/CVE-2024-43861), [CVE-2024-42259](https://nvd.nist.gov/vuln/detail/CVE-2024-42259), [CVE-2024-44942](https://nvd.nist.gov/vuln/detail/CVE-2024-44942), [CVE-2024-44941](https://nvd.nist.gov/vuln/detail/CVE-2024-44941), [CVE-2024-44940](https://nvd.nist.gov/vuln/detail/CVE-2024-44940), [CVE-2024-44938](https://nvd.nist.gov/vuln/detail/CVE-2024-44938), [CVE-2024-44939](https://nvd.nist.gov/vuln/detail/CVE-2024-44939), [CVE-2024-43898](https://nvd.nist.gov/vuln/detail/CVE-2024-43898), [CVE-2024-43882](https://nvd.nist.gov/vuln/detail/CVE-2024-43882)) diff --git a/changelog/updates/2024-08-19-linux-6.6.47-update.md b/changelog/updates/2024-08-19-linux-6.6.47-update.md new file mode 100644 index 00000000000..31138d9c370 --- /dev/null +++ b/changelog/updates/2024-08-19-linux-6.6.47-update.md @@ -0,0 +1 @@ +- Linux ([6.6.47](https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tag/?h=v6.6.47) (includes [6.6.46](https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tag/?h=v6.6.46), [6.6.45](https://lwn.net/Articles/985200), [6.6.44](https://lwn.net/Articles/984450))) diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/coreos-kernel-6.6.43.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/coreos-kernel-6.6.47.ebuild similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/coreos-kernel-6.6.43.ebuild rename to sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/coreos-kernel-6.6.47.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/coreos-modules-6.6.43.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/coreos-modules-6.6.47.ebuild similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/coreos-modules-6.6.43.ebuild rename to sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/coreos-modules-6.6.47.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/Manifest b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/Manifest index 556c9687550..2b6e03c6b88 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/Manifest +++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/Manifest @@ -1,2 +1,2 @@ DIST linux-6.6.tar.xz 140064536 BLAKE2B 5f02fd8696d42f7ec8c5fbadec8e7270bdcfcb1f9844a6c4db3e1fd461c93ce1ccda650ca72dceb4890ebcbbf768ba8fba0bce91efc49fbd2c307b04e95665f2 SHA512 458b2c34d46206f9b4ccbac54cc57aeca1eaecaf831bc441e59701bac6eadffc17f6ce24af6eadd0454964e843186539ac0d63295ad2cc32d112b60360c39a35 -DIST patch-6.6.43.xz 2470884 BLAKE2B 9529efc4c575df9df7d1463894ceec4d4ccdfa5401ac7ee6109bf5a5c079206073c66ff796dfe0b7308010ed7325123b4e9528c6b8e1cb91a0b7d401b2e53a0d SHA512 693dc595034707ce6992fa0c118f9ef8ba8841f563b89d1d53480485dad1934295c62c39aac83247de91760717a3fef1bbab02c98969e7c6ef934479f7ab604b +DIST patch-6.6.47.xz 2694732 BLAKE2B 6942d4f29fe6fca3cedbc5f1887fa35b525f44099ec6ef0b4dd0e9437e12e8f1ad30dbdf0bb531c991463ba33c97ad170f2de345c76342077da0298a90617a9c SHA512 689be6284807380288c8232f1497a54b16db823393306e7ffe93a2972b9f411aa4b64a02cd0b27502c60a86b683c38143f4966676b3abc579e09815ae4ff9dcf diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-6.6.43.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-6.6.47.ebuild similarity index 100% rename from sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-6.6.43.ebuild rename to sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-6.6.47.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/6.6/z0002-revert-pahole-flags.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/6.6/z0002-revert-pahole-flags.patch index fcbd2b650c1..2591ecf6e45 100644 --- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/6.6/z0002-revert-pahole-flags.patch +++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/6.6/z0002-revert-pahole-flags.patch @@ -1,18 +1,18 @@ diff --git a/init/Kconfig b/init/Kconfig -index 6d35728b94b2..9ae94bf60971 100644 +index e173364abd6c..cdc35682e03b 100644 --- a/init/Kconfig +++ b/init/Kconfig -@@ -1888,7 +1888,7 @@ config RUST - depends on !MODVERSIONS +@@ -1899,7 +1899,7 @@ config RUST depends on !GCC_PLUGINS depends on !RANDSTRUCT + depends on !SHADOW_CALL_STACK - depends on !DEBUG_INFO_BTF || PAHOLE_HAS_LANG_EXCLUDE + depends on !DEBUG_INFO_BTF help Enables Rust support in the kernel. diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug -index fa307f93fa2e..f18386d4712f 100644 +index da5513cfc125..f2b3aab6d4a1 100644 --- a/lib/Kconfig.debug +++ b/lib/Kconfig.debug @@ -394,15 +394,6 @@ config PAHOLE_HAS_BTF_TAG @@ -29,8 +29,8 @@ index fa307f93fa2e..f18386d4712f 100644 - using DEBUG_INFO_BTF_MODULES. - config DEBUG_INFO_BTF_MODULES - def_bool y - depends on DEBUG_INFO_BTF && MODULES && PAHOLE_HAS_SPLIT_BTF + bool "Generate BTF type information for kernel modules" + default y diff --git a/scripts/pahole-flags.sh b/scripts/pahole-flags.sh index 728d55190d97..c293941612e7 100755 --- a/scripts/pahole-flags.sh