[ol8_MODRHCK] kernel-debug-core-4.18.0-553.71.1.0.1.el8_10.x86_64

Name:	kernel-debug-core
Version:	4.18.0
Release:	553.71.1.0.1.el8_10
Architecture:	x86_64
Group:	System Environment/Kernel
Size:	120127111
License:	GPLv2 and Redistributable, no modification permitted
RPM:	kernel-debug-core-4.18.0-553.71.1.0.1.el8_10.x86_64.rpm
Source RPM:	kernel-4.18.0-553.71.1.0.1.el8_10.src.rpm
Build Date:	Mon Aug 25 2025
Build Host:	build-ol8-x86_64.oracle.com
Vendor:	Oracle America
URL:	http://www.kernel.org/
Summary:	The Linux kernel compiled with extra debugging enabled
Description:	The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. This variant of the kernel has numerous debugging options enabled. It should only be installed when trying to gather additional information on kernel bugs, as some of these options impact performance noticably.

Changelog (Show File list) (Show related packages)

Mon Aug 25 2025 David Sloboda <david.x.sloboda@oracle.com> [4.18.0-553.71.1.0.1.el8_10.OL8]

- scsi: core: Restrict legal sdev_state transitions via sysfs (Uday Shankar) [Orabug: 37778230]

Mon Aug 25 2025 Codrin Pruteanu <codrin.pruteanu@oracle.com> [4.18.0-553.71.1.el8_10.OL8]

- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985772]

Fri Aug 15 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.71.1.el8_10]

- udp: Fix memory accounting leak. (Xin Long) [RHEL-104084] {CVE-2025-22058}
- i40e: fix MMIO write access to an invalid page in i40e_clear_hw (Dennis Chen) [RHEL-106041] {CVE-2025-38200}
- gfs2: Don't clear sb->s_fs_info in gfs2_sys_fs_add (Andrew Price) [RHEL-88072]
- gfs2: Remove unnecessary NULL check before free_percpu() (Andreas Gruenbacher) [RHEL-88072]
- gfs2: replace sd_aspace with sd_inode (Andreas Gruenbacher) [RHEL-88072]
- writeback: fix false warning in inode_to_wb() (Andreas Gruenbacher) [RHEL-88072]
- gfs2: No more self recovery (Andreas Gruenbacher) [RHEL-104232]
- gfs2: Get rid of gfs2_glock_queue_put in signal_our_withdraw (Andreas Gruenbacher) [RHEL-104232]
- gfs2: Fix withdraw race (Andreas Gruenbacher) [RHEL-104232]

Tue Aug 12 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.70.1.el8_10]

- i2c/designware: Fix an initialization issue (CKI Backport Bot) [RHEL-106617] {CVE-2025-38380}
- Bluetooth: hci_core: Fix use-after-free in vhci_flush() (David Marlin) [RHEL-103246] {CVE-2025-38250}
- net_sched: ets: Fix double list add in class with netem as child qdisc (Xin Long) [RHEL-104717] {CVE-2025-37914}
- sch_ets: make est_qlen_notify() idempotent (Xin Long) [RHEL-104717]
- drm/vkms: Fix use after free and double free on init error (CKI Backport Bot) [RHEL-99402] {CVE-2025-22097}
- s390/pci: Do not try re-enabling load/store if device is disabled (Mete Durlu) [RHEL-105600]
- s390/pci: Fix stale function handles in error handling (Mete Durlu) [RHEL-105600]

Thu Aug 07 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.69.1.el8_10]

- Revert "sch_htb: make htb_qlen_notify() idempotent" (Denys Vlasenko) [RHEL-108140]
- Revert "sch_drr: make drr_qlen_notify() idempotent" (Denys Vlasenko) [RHEL-108140]
- Revert "sch_qfq: make qfq_qlen_notify() idempotent" (Denys Vlasenko) [RHEL-108140]
- Revert "codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()" (Denys Vlasenko) [RHEL-108140]
- Revert "sch_htb: make htb_deactivate() idempotent" (Denys Vlasenko) [RHEL-108140]
- Revert "net/sched: Always pass notifications when child class becomes empty" (Denys Vlasenko) [RHEL-108140]
- Revert "sch_cbq: make cbq_qlen_notify() idempotent" (Denys Vlasenko) [RHEL-108140]

Mon Aug 04 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.68.1.el8_10]

- ipv6: mcast: extend RCU protection in igmp6_send() (Hangbin Liu) [RHEL-102392] {CVE-2025-21759}
- md/md-bitmap: move bitmap_{start, end}write to md upper layer (Nigel Croxon) [RHEL-57991]
- md/raid5: implement pers->bitmap_sector() (Nigel Croxon) [RHEL-57991]
- md: add a new callback pers->bitmap_sector() (Nigel Croxon) [RHEL-57991]
- md/md-bitmap: remove the last parameter for bimtap_ops->endwrite() (Nigel Croxon) [RHEL-57991]
- md/md-bitmap: factor behind write counters out from bitmap_{start/end}write() (Nigel Croxon) [RHEL-57991]
- md/raid5: recheck if reshape has finished with device_lock held (Nigel Croxon) [RHEL-57991]
- md/md-linear: enable io accounting (Nigel Croxon) [RHEL-59928]
- md/md-multipath: enable io accounting (Nigel Croxon) [RHEL-59928]
- md/raid10: switch to use md_account_bio() for io accounting (Nigel Croxon) [RHEL-59928]
- md/raid1: switch to use md_account_bio() for io accounting (Nigel Croxon) [RHEL-59928]
- raid5: fix missing io accounting in raid5_align_endio() (Nigel Croxon) [RHEL-59928]
- md: also clone new io if io accounting is disabled (Nigel Croxon) [RHEL-59928]
- sch_cbq: make cbq_qlen_notify() idempotent (Ivan Vecera) [RHEL-93376]
- net/sched: Always pass notifications when child class becomes empty (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_htb: make htb_deactivate() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_qfq: make qfq_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_drr: make drr_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_htb: make htb_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- can: peak_usb: fix use after free bugs (CKI Backport Bot) [RHEL-99447] {CVE-2021-47670}
- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (CKI Backport Bot) [RHEL-103141] {CVE-2025-38159}
- net/ipv6: release expired exception dst cached in socket (Guillaume Nault) [RHEL-105794] {CVE-2024-56644}

Thu Jul 31 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.67.1.el8_10]

- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (Rafael Aquini) [RHEL-101233] {CVE-2025-38085}
- mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma (Rafael Aquini) [RHEL-101233] {CVE-2025-38085}
- mm/khugepaged: fix GUP-fast interaction by sending IPI (Rafael Aquini) [RHEL-101233] {CVE-2025-38085}
- mm/khugepaged: take the right locks for page table retraction (Rafael Aquini) [RHEL-101233] {CVE-2025-38085}
- mm/khugepaged: unify collapse pmd clear, flush and free (Rafael Aquini) [RHEL-101233] {CVE-2025-38085}
- padata: fix UAF in padata_reorder (Waiman Long) [RHEL-101398] {CVE-2025-21727}
- redhat: update BUILD_TARGET to rhel-8.10.0-z-test-pesign (Jan Stancek)
- ftrace: Clean up hash direct_functions on register failures (Gregory Bell) [RHEL-103912]

Mon Jul 28 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.66.1.el8_10]

- net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (Xin Long) [RHEL-105415] {CVE-2025-38001}
- sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (Xin Long) [RHEL-105415] {CVE-2025-38000}
- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (CKI Backport Bot) [RHEL-105415] {CVE-2025-37890}
- sch_hfsc: make hfsc_qlen_notify() idempotent (Xin Long) [RHEL-105415]
- crypto: algif_hash - fix double free in hash_accept (CKI Backport Bot) [RHEL-102223] {CVE-2025-38079}
- Revert "smb: client: fix TCP timers deadlock after rmmod" (Paulo Alcantara) [RHEL-100698] {CVE-2025-22077}
- Revert "smb: client: Fix netns refcount imbalance causing leaks and use-after-free" (Paulo Alcantara) [RHEL-100698]
- smb: client: Fix netns refcount imbalance causing leaks and use-after-free (Paulo Alcantara) [RHEL-100698]
- smb: client: fix TCP timers deadlock after rmmod (Paulo Alcantara) [RHEL-100698] {CVE-2024-54680}
- smb: client: Fix use-after-free of network namespace. (Paulo Alcantara) [RHEL-100698] {CVE-2024-53095}
- smb: client: fix warning in generic_ip_connect() (Paulo Alcantara) [RHEL-100698]
- net: tipc: fix refcount warning in tipc_aead_encrypt (Xin Long) [RHEL-103079]
- net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done (CKI Backport Bot) [RHEL-103079] {CVE-2025-38052}
- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (CKI Backport Bot) [RHEL-99013] {CVE-2025-22020}
- HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (CKI Backport Bot) [RHEL-98837] {CVE-2025-21928}

Thu Jul 24 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.65.1.el8_10]

- x86/alternatives: avoid mapping FIX_TEXT_POKE1 page when it is not required (Rafael Aquini) [RHEL-95422]
- ext4: avoid resizing to a partial cluster size (CKI Backport Bot) [RHEL-101423] {CVE-2022-50020}

Wed Jul 23 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.64.1.el8_10]

- sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (CKI Backport Bot) [RHEL-100387] {CVE-2025-21919}
- NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN (Benjamin Coddington) [RHEL-86256]
- ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead (CKI Backport Bot) [RHEL-102133] {CVE-2022-49977}
- wifi: iwlwifi: limit printed string from FW file (CKI Backport Bot) [RHEL-99367] {CVE-2025-21905}
- workqueue: Disable printk_deferred_{enter,exit} in RT kernel (Waiman Long) [RHEL-80292]
- workqueue: Make show_pwq() use run-length encoding (Waiman Long) [RHEL-80292]
- workqueue: Introduce show_one_worker_pool and show_one_workqueue. (Waiman Long) [RHEL-80292]
- workqueue: fix state-dump console deadlock (Waiman Long) [RHEL-80292]