ALASKERNEL-5.4-2024-066

fpregs_state_valid in arch/x86/include/asm/fpu/internal.h in the Linux kernel before 5.4.2, when GCC 9 is used, allows context-dependent attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact because of incorrect fpu_fpregs_owner_ctx caching, as demonstrated by mishandling of signal-based non-cooperative preemption in Go 1.14 prereleases on amd64, aka CID-59c4bd853abc. (CVE-2019-19602)

In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5. (CVE-2019-19965)

aarch64:
    kernel-5.4.20-12.75.amzn2.aarch64
    kernel-headers-5.4.20-12.75.amzn2.aarch64
    kernel-debuginfo-common-aarch64-5.4.20-12.75.amzn2.aarch64
    perf-5.4.20-12.75.amzn2.aarch64
    perf-debuginfo-5.4.20-12.75.amzn2.aarch64
    python-perf-5.4.20-12.75.amzn2.aarch64
    python-perf-debuginfo-5.4.20-12.75.amzn2.aarch64
    kernel-tools-5.4.20-12.75.amzn2.aarch64
    kernel-tools-devel-5.4.20-12.75.amzn2.aarch64
    kernel-tools-debuginfo-5.4.20-12.75.amzn2.aarch64
    kernel-devel-5.4.20-12.75.amzn2.aarch64
    kernel-debuginfo-5.4.20-12.75.amzn2.aarch64

i686:
    kernel-headers-5.4.20-12.75.amzn2.i686

src:
    kernel-5.4.20-12.75.amzn2.src

x86_64:
    kernel-5.4.20-12.75.amzn2.x86_64
    kernel-headers-5.4.20-12.75.amzn2.x86_64
    kernel-debuginfo-common-x86_64-5.4.20-12.75.amzn2.x86_64
    perf-5.4.20-12.75.amzn2.x86_64
    perf-debuginfo-5.4.20-12.75.amzn2.x86_64
    python-perf-5.4.20-12.75.amzn2.x86_64
    python-perf-debuginfo-5.4.20-12.75.amzn2.x86_64
    kernel-tools-5.4.20-12.75.amzn2.x86_64
    kernel-tools-devel-5.4.20-12.75.amzn2.x86_64
    kernel-tools-debuginfo-5.4.20-12.75.amzn2.x86_64
    kernel-devel-5.4.20-12.75.amzn2.x86_64
    kernel-debuginfo-5.4.20-12.75.amzn2.x86_64