[ol8_baseos_latest] bpftool-4.18.0-553.123.1.el8_10.aarch64

Name:	bpftool
Version:	4.18.0
Release:	553.123.1.el8_10
Architecture:	aarch64
Group:	System Environment/Kernel
Size:	4044741
License:	GPLv2
RPM:	bpftool-4.18.0-553.123.1.el8_10.aarch64.rpm
Source RPM:	kernel-4.18.0-553.123.1.el8_10.src.rpm
Build Date:	Tue May 05 2026
Build Host:	build-ol8-aarch64.oracle.com
Vendor:	Oracle America
URL:	http://www.kernel.org/
Summary:	Inspection and simple manipulation of eBPF programs and maps
Description:	This package contains the bpftool, which allows inspection and simple manipulation of eBPF programs and maps.

Changelog (Show File list) (Show related packages)

Tue May 05 2026 EL Errata <el-errata_ww@oracle.com> [4.18.0-553.123.1.el8_10.OL8]

- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985772]

Mon May 04 2026 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.123.1.el8_10]

- crypto: algif_aead - snapshot IV for async AEAD requests (Herbert Xu) [RHEL-172187]
- crypto: algif_aead - Fix minimum RX size check for decryption (Herbert Xu) [RHEL-172187]
- crypto: authencesn - reject short ahash digests during instance creation (Herbert Xu) [RHEL-172187]
- crypto: authencesn - Fix src offset when decrypting in-place (Herbert Xu) [RHEL-172187]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Herbert Xu) [RHEL-172187] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Herbert Xu) [RHEL-172187] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Herbert Xu) [RHEL-172187]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Herbert Xu) [RHEL-172187] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Herbert Xu) [RHEL-172187] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Herbert Xu) [RHEL-172187]
- KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE (Paolo Bonzini) [RHEL-153727] {CVE-2026-23401}

Fri Apr 24 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.122.1.el8_10]

- nvme: avoid double free special payload (Maurizio Lombardi) [RHEL-51303] {CVE-2024-41073}
- crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id (CKI Backport Bot) [RHEL-166921] {CVE-2025-68724}
- net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end() (Jay Shin) [RHEL-166155] {CVE-2025-40252}
- kernel.h: Move ARRAY_SIZE() to a separate header (Jay Shin) [RHEL-166155] {CVE-2025-40252}

Wed Apr 15 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.121.1.el8_10]

- nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (Scott Mayhew) [RHEL-167011] {CVE-2026-31402}

Wed Apr 08 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.120.1.el8_10]

- gfs2: bufdata allocation race (Andreas Gruenbacher) [RHEL-160075]
- gfs2: Get rid of gfs2_log_[un]lock helpers (Andreas Gruenbacher) [RHEL-160075]
- gfs2: Avoid unnecessary transactions in evict_linked_inode (Andreas Gruenbacher) [RHEL-160075]
- KVM: x86: Fix a semi theoretical bug in kvm_arch_async_page_present_queued() (Maxim Levitsky) [RHEL-152657]
- KVM: x86: Don't clear async #PF queue when CR0.PG is disabled (e.g. on #SMI) (Maxim Levitsky) [RHEL-152657]

Tue Apr 07 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.119.1.el8_10]

- s390/dasd: Copy detected format information to secondary device (Mete Durlu) [RHEL-161532]
- s390/dasd: Move quiesce state with pprc swap (Mete Durlu) [RHEL-161532]
- s390/dasd: Fix gendisk parent after copy pair swap (Mete Durlu) [RHEL-161532]
- redhat: kernel.spec: add missing sound/soc/sof/sof-audio.h to kernel-devel package (Jaroslav Kysela) [RHEL-152417]
- s390/virtio_ccw: Fix dma_parm pointer not set up (CKI Backport Bot) [RHEL-148307]
- dlm: fix recovery pending middle conversion (Alexander Aring) [RHEL-125538]
- dlm: check for undefined release_option values (Alexander Aring) [RHEL-136236]
- dlm: handle release_option as unsigned (Alexander Aring) [RHEL-136236]
- dlm: handle invalid lockspace member remove (Alexander Aring) [RHEL-136236]
- dlm: add new flag DLM_RELEASE_RECOVER for dlm_lockspace_release (Alexander Aring) [RHEL-136236]
- dlm: add new configfs entry release_recover for lockspace members (Alexander Aring) [RHEL-136236]
- dlm: add new RELEASE_RECOVER uevent attribute for release_lockspace (Alexander Aring) [RHEL-136236]
- dlm: use defines for force values in dlm_release_lockspace (Alexander Aring) [RHEL-136236]
- dlm: check for defined force value in dlm_lockspace_release (Alexander Aring) [RHEL-136236]
- dlm: disallow different configs nodeid storages (Alexander Aring) [RHEL-136236]
- dlm: prevent NPD when writing a positive value to event_done (Alexander Aring) [RHEL-136236] {CVE-2025-23131}
- dlm: Switch to using wait_event() (Alexander Aring) [RHEL-136236]

Wed Apr 01 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.118.1.el8_10]

- scsi: qla2xxx: Fix improper freeing of purex item (CKI Backport Bot) [RHEL-159219] {CVE-2025-68741}
- ALSA: aloop: Fix racy access at PCM trigger (Jaroslav Kysela) [RHEL-150125] {CVE-2026-23191}
- ALSA: aloop: Introduce a function to get if access is interleaved mode (CKI Backport Bot) [RHEL-150125] {CVE-2026-23191}

Fri Mar 27 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.117.1.el8_10]

- nvme-pci: do not directly handle subsys reset fallout (Maurizio Lombardi) [RHEL-136436]
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (CKI Backport Bot) [RHEL-150417] {CVE-2026-23193}

Wed Mar 25 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.116.1.el8_10]

- nouveau: fix instmem race condition around ptr stores (Lyude Paul) [RHEL-111846] {CVE-2024-26984}
- s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump (Mete Durlu) [RHEL-157930]
- NFSv4/flexfiles: Fix layout merge mirror check. (Mike Snitzer) [RHEL-157242]
- flexfiles/pNFS: fix NULL checks on result of ff_layout_choose_ds_for_read (Mike Snitzer) [RHEL-157242]
- pnfs/flexfiles: retry getting layout segment for reads (Mike Snitzer) [RHEL-157242]
- pNFS/flexfiles: don't attempt pnfs on fatal DS errors (Mike Snitzer) [RHEL-157242]
- NFSv4/flexfiles: Fix handling of NFS level errors in I/O (Mike Snitzer) [RHEL-157242]
- flexfiles/pNFS: update stats on NFS4ERR_DELAY for v4.1 DSes (Mike Snitzer) [RHEL-157242]
- pNFS/flexfiles: Record the RPC errors in the I/O tracepoints (Mike Snitzer) [RHEL-157242]
- NFSv4/pnfs: Layoutreturn on close must handle fatal networking errors (Mike Snitzer) [RHEL-157242]
- NFSv4: Handle fatal ENETDOWN and ENETUNREACH errors (Mike Snitzer) [RHEL-157242]
- pNFS/flexfiles: Report ENETDOWN as a connection error (Mike Snitzer) [RHEL-157242]
- pNFS/flexfiles: Treat ENETUNREACH errors as fatal in containers (Mike Snitzer) [RHEL-157242]
- NFS: Treat ENETUNREACH errors as fatal in containers (Mike Snitzer) [RHEL-157242]
- NFS: Add a mount option to make ENETUNREACH errors fatal (Mike Snitzer) [RHEL-157242]
- NFSv4.1 another fix for EXCHGID4_FLAG_USE_PNFS_DS for DS server (Mike Snitzer) [RHEL-157242]
- SUNRPC: ECONNRESET might require a rebind (Mike Snitzer) [RHEL-157242]
- NFS/pNFS: Set the connect timeout for the pNFS flexfiles driver (Mike Snitzer) [RHEL-157242]
- SUNRPC: Don't override connect timeouts in rpc_clnt_add_xprt() (Mike Snitzer) [RHEL-157242]
- SUNRPC: Allow specification of TCP client connect timeout at setup (Mike Snitzer) [RHEL-157242]
- SUNRPC: Refactor and simplify connect timeout (Mike Snitzer) [RHEL-157242]
- SUNRPC: Set the TCP_SYNCNT to match the socket timeout (Mike Snitzer) [RHEL-157242]
- NFS: discard NFS_RPC_SWAPFLAGS and RPC_TASK_ROOTCREDS (Mike Snitzer) [RHEL-157242]
- NFS: O_DIRECT writes must check and adjust the file length (Mike Snitzer) [RHEL-156419]
- nfs: properly protect nfs_direct_req fields (Mike Snitzer) [RHEL-156419]
- pNFS: Fix the pnfs block driver's calculation of layoutget size (Mike Snitzer) [RHEL-156419]
- NFS: More fixes for nfs_direct_write_reschedule_io() (Mike Snitzer) [RHEL-156419]
- NFS: Use the correct commit info in nfs_join_page_group() (Mike Snitzer) [RHEL-156419]
- NFS: More O_DIRECT accounting fixes for error paths (Mike Snitzer) [RHEL-156419]
- NFS: Fix O_DIRECT locking issues (Mike Snitzer) [RHEL-156419]
- NFS: Fix error handling for O_DIRECT write scheduling (Mike Snitzer) [RHEL-156419]
- NFS: Fix a potential data corruption (Mike Snitzer) [RHEL-156419]
- NFS: Fix a use after free in nfs_direct_join_group() (Mike Snitzer) [RHEL-156419]
- NFS: Clean up O_DIRECT request allocation (Mike Snitzer) [RHEL-156419]
- NFS: add nfs_page_create and nfs_page_assign_page as backport prereq (Mike Snitzer) [RHEL-156419]
- nfs: only issue commit in DIO codepath if we have uncommitted data (Mike Snitzer) [RHEL-156419]
- nfs: always check dreq->error after a commit (Mike Snitzer) [RHEL-156419]
- nfs: add new nfs_direct_req tracepoint events (Mike Snitzer) [RHEL-156419]
- scsi: qla2xxx: Fix bsg_done() causing double free (Ewan D. Milne) [RHEL-153405] {CVE-2025-71238}
- netfilter: nf_tables: fix use-after-free in nf_tables_addchain() (Florian Westphal) [RHEL-153264] {CVE-2026-23231}
- ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (Mark Langsdorf) [RHEL-123942]

Mon Mar 23 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.115.1.el8_10]

- x86/microcode/AMD: Revert "Backport AMD microcode commits for better microcode loading support" (Waiman Long) [RHEL-155860]
- net/sched: cls_u32: use skb_header_pointer_careful() (Paolo Abeni) [RHEL-150398] {CVE-2026-23204}
- net: add skb_header_pointer_careful() helper (Paolo Abeni) [RHEL-150398]
- tcp: fix forever orphan socket caused by tcp_abort (Paolo Abeni) [RHEL-146187]
- xfs: fix minimum agno handling for xfs alloc modes in RHEL8 (Brian Foster) [RHEL-102464]
- xfs: fix uninitialized use of flags variable in xfs_alloc_vextent() (Brian Foster) [RHEL-102464]
- ipv4/tcp: do not use per netns ctl sockets (Davide Caratti) [RHEL-82523]
- tcp: use this_cpu_read(*X) instead of *this_cpu_ptr(X) (Davide Caratti) [RHEL-82523]
- macvlan: observe an RCU grace period in macvlan_common_newlink() error path (Hangbin Liu) [RHEL-150221]
- macvlan: fix error recovery in macvlan_common_newlink() (CKI Backport Bot) [RHEL-150221] {CVE-2026-23209}
- x86/uprobes: Fix XOL allocation failure for 32-bit tasks (Oleg Nesterov) [RHEL-96016]