Description
[4.1.12-124.46.3]
- mwifiex: fix possible heap overflow in mwifiex_process_country_ie() (Ganapathi Bhat) [Orabug: 30781859] {CVE-2019-14895} {CVE-2019-14895}
- ext4: fix ext4_empty_dir() for directories with holes (Jan Kara) [Orabug: 31265320] {CVE-2019-19037} {CVE-2019-19037}
- netlabel: cope with NULL catmap (Paolo Abeni) [Orabug: 31350493] {CVE-2020-10711}
- scsi: mptfusion: Fix double fetch bug in ioctl (Dan Carpenter) [Orabug: 31350941] {CVE-2020-12652}
- scsi: mptfusion: Add bounds check in mptctl_hp_targetinfo() (Dan Carpenter) [Orabug: 31350941] {CVE-2020-12652}
- USB: core: Fix free-while-in-use bug in the USB S-Glibrary (Alan Stern) [Orabug: 31350967] {CVE-2020-12464}
- drivers: usb: core: Minimize irq disabling in usb_sg_cancel() (David Mosberger) [Orabug: 31350967] {CVE-2020-12464}
- drivers: usb: core: Don't disable irqs in usb_sg_wait() during URB submit. (David Mosberger) [Orabug: 31350967] {CVE-2020-12464}
- ext4: work around deleting a file with i_nlink == 0 safely (Theodore Ts'o) [Orabug: 31351014] {CVE-2019-19447}
- xen/events: avoid removing an event channel while handling it (Juergen Gross) [Orabug: 31984319]
- xen: fix GCC warning and remove duplicate EVTCHN_ROW/EVTCHN_COL usage (Josh Abraham) [Orabug: 31984319]
- ext4: fix fencepost in s_first_meta_bg validation (Theodore Ts'o) [Orabug: 32197511]
- dm crypt: Allow unaligned bio buffer lengths for skcipher devices (Sudhakar Panneerselvam) [Orabug: 32202000]
- sched/fair: Don't free p->numa_faults with concurrent readers (Jann Horn) [Orabug: 32212524] {CVE-2019-20934}
- netfilter: nf_conntrack_h323: lost .data_len definition for Q.931/ipv6 (Vasily Averin) [Orabug: 32222844] {CVE-2020-14305}
- perf/core: Fix race in the perf_mmap_close() function (Jiri Olsa) [Orabug: 32233360] {CVE-2020-14351}
- ext4: fix calculation of meta_bg descriptor backups (Andy Leiserson) [Orabug: 32245133]