[ol8_MODRHCK] kernel-debug-devel-4.18.0-553.70.1.0.1.el8_10.x86_64

Name:	kernel-debug-devel
Version:	4.18.0
Release:	553.70.1.0.1.el8_10
Architecture:	x86_64
Group:	System Environment/Kernel
Size:	56574938
License:	GPLv2 and Redistributable, no modification permitted
RPM:	kernel-debug-devel-4.18.0-553.70.1.0.1.el8_10.x86_64.rpm
Source RPM:	kernel-4.18.0-553.70.1.0.1.el8_10.src.rpm
Build Date:	Mon Aug 18 2025
Build Host:	build-ol8-x86_64.oracle.com
Vendor:	Oracle America
URL:	http://www.kernel.org/
Summary:	Development package for building kernel modules to match the debug kernel
Description:	This package provides kernel headers and makefiles sufficient to build modules against the debug kernel package.

Changelog (Show File list) (Show related packages)

Mon Aug 18 2025 Craig Guiller <craig.guiller@oracle.com> [4.18.0-553.70.1.0.1.el8_10.OL8]

- scsi: core: Restrict legal sdev_state transitions via sysfs (Uday Shankar) [Orabug: 37778230]

Mon Aug 18 2025 Codrin Pruteanu <codrin.pruteanu@oracle.com> [4.18.0-553.70.1.el8_10.OL8]

- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985772]

Tue Aug 12 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.70.1.el8_10]

- i2c/designware: Fix an initialization issue (CKI Backport Bot) [RHEL-106617] {CVE-2025-38380}
- Bluetooth: hci_core: Fix use-after-free in vhci_flush() (David Marlin) [RHEL-103246] {CVE-2025-38250}
- net_sched: ets: Fix double list add in class with netem as child qdisc (Xin Long) [RHEL-104717] {CVE-2025-37914}
- sch_ets: make est_qlen_notify() idempotent (Xin Long) [RHEL-104717]
- drm/vkms: Fix use after free and double free on init error (CKI Backport Bot) [RHEL-99402] {CVE-2025-22097}
- s390/pci: Do not try re-enabling load/store if device is disabled (Mete Durlu) [RHEL-105600]
- s390/pci: Fix stale function handles in error handling (Mete Durlu) [RHEL-105600]

Thu Aug 07 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.69.1.el8_10]

- Revert "sch_htb: make htb_qlen_notify() idempotent" (Denys Vlasenko) [RHEL-108140]
- Revert "sch_drr: make drr_qlen_notify() idempotent" (Denys Vlasenko) [RHEL-108140]
- Revert "sch_qfq: make qfq_qlen_notify() idempotent" (Denys Vlasenko) [RHEL-108140]
- Revert "codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()" (Denys Vlasenko) [RHEL-108140]
- Revert "sch_htb: make htb_deactivate() idempotent" (Denys Vlasenko) [RHEL-108140]
- Revert "net/sched: Always pass notifications when child class becomes empty" (Denys Vlasenko) [RHEL-108140]
- Revert "sch_cbq: make cbq_qlen_notify() idempotent" (Denys Vlasenko) [RHEL-108140]

Mon Aug 04 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.68.1.el8_10]

- ipv6: mcast: extend RCU protection in igmp6_send() (Hangbin Liu) [RHEL-102392] {CVE-2025-21759}
- md/md-bitmap: move bitmap_{start, end}write to md upper layer (Nigel Croxon) [RHEL-57991]
- md/raid5: implement pers->bitmap_sector() (Nigel Croxon) [RHEL-57991]
- md: add a new callback pers->bitmap_sector() (Nigel Croxon) [RHEL-57991]
- md/md-bitmap: remove the last parameter for bimtap_ops->endwrite() (Nigel Croxon) [RHEL-57991]
- md/md-bitmap: factor behind write counters out from bitmap_{start/end}write() (Nigel Croxon) [RHEL-57991]
- md/raid5: recheck if reshape has finished with device_lock held (Nigel Croxon) [RHEL-57991]
- md/md-linear: enable io accounting (Nigel Croxon) [RHEL-59928]
- md/md-multipath: enable io accounting (Nigel Croxon) [RHEL-59928]
- md/raid10: switch to use md_account_bio() for io accounting (Nigel Croxon) [RHEL-59928]
- md/raid1: switch to use md_account_bio() for io accounting (Nigel Croxon) [RHEL-59928]
- raid5: fix missing io accounting in raid5_align_endio() (Nigel Croxon) [RHEL-59928]
- md: also clone new io if io accounting is disabled (Nigel Croxon) [RHEL-59928]
- sch_cbq: make cbq_qlen_notify() idempotent (Ivan Vecera) [RHEL-93376]
- net/sched: Always pass notifications when child class becomes empty (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_htb: make htb_deactivate() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_qfq: make qfq_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_drr: make drr_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_htb: make htb_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- can: peak_usb: fix use after free bugs (CKI Backport Bot) [RHEL-99447] {CVE-2021-47670}
- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (CKI Backport Bot) [RHEL-103141] {CVE-2025-38159}
- net/ipv6: release expired exception dst cached in socket (Guillaume Nault) [RHEL-105794] {CVE-2024-56644}

Thu Jul 31 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.67.1.el8_10]

- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (Rafael Aquini) [RHEL-101233] {CVE-2025-38085}
- mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma (Rafael Aquini) [RHEL-101233] {CVE-2025-38085}
- mm/khugepaged: fix GUP-fast interaction by sending IPI (Rafael Aquini) [RHEL-101233] {CVE-2025-38085}
- mm/khugepaged: take the right locks for page table retraction (Rafael Aquini) [RHEL-101233] {CVE-2025-38085}
- mm/khugepaged: unify collapse pmd clear, flush and free (Rafael Aquini) [RHEL-101233] {CVE-2025-38085}
- padata: fix UAF in padata_reorder (Waiman Long) [RHEL-101398] {CVE-2025-21727}
- redhat: update BUILD_TARGET to rhel-8.10.0-z-test-pesign (Jan Stancek)
- ftrace: Clean up hash direct_functions on register failures (Gregory Bell) [RHEL-103912]

Mon Jul 28 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.66.1.el8_10]

- net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (Xin Long) [RHEL-105415] {CVE-2025-38001}
- sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (Xin Long) [RHEL-105415] {CVE-2025-38000}
- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (CKI Backport Bot) [RHEL-105415] {CVE-2025-37890}
- sch_hfsc: make hfsc_qlen_notify() idempotent (Xin Long) [RHEL-105415]
- crypto: algif_hash - fix double free in hash_accept (CKI Backport Bot) [RHEL-102223] {CVE-2025-38079}
- Revert "smb: client: fix TCP timers deadlock after rmmod" (Paulo Alcantara) [RHEL-100698] {CVE-2025-22077}
- Revert "smb: client: Fix netns refcount imbalance causing leaks and use-after-free" (Paulo Alcantara) [RHEL-100698]
- smb: client: Fix netns refcount imbalance causing leaks and use-after-free (Paulo Alcantara) [RHEL-100698]
- smb: client: fix TCP timers deadlock after rmmod (Paulo Alcantara) [RHEL-100698] {CVE-2024-54680}
- smb: client: Fix use-after-free of network namespace. (Paulo Alcantara) [RHEL-100698] {CVE-2024-53095}
- smb: client: fix warning in generic_ip_connect() (Paulo Alcantara) [RHEL-100698]
- net: tipc: fix refcount warning in tipc_aead_encrypt (Xin Long) [RHEL-103079]
- net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done (CKI Backport Bot) [RHEL-103079] {CVE-2025-38052}
- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (CKI Backport Bot) [RHEL-99013] {CVE-2025-22020}
- HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (CKI Backport Bot) [RHEL-98837] {CVE-2025-21928}

Thu Jul 24 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.65.1.el8_10]

- x86/alternatives: avoid mapping FIX_TEXT_POKE1 page when it is not required (Rafael Aquini) [RHEL-95422]
- ext4: avoid resizing to a partial cluster size (CKI Backport Bot) [RHEL-101423] {CVE-2022-50020}

Wed Jul 23 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.64.1.el8_10]

- sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (CKI Backport Bot) [RHEL-100387] {CVE-2025-21919}
- NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN (Benjamin Coddington) [RHEL-86256]
- ftrace: Fix NULL pointer dereference in is_ftrace_trampoline when ftrace is dead (CKI Backport Bot) [RHEL-102133] {CVE-2022-49977}
- wifi: iwlwifi: limit printed string from FW file (CKI Backport Bot) [RHEL-99367] {CVE-2025-21905}
- workqueue: Disable printk_deferred_{enter,exit} in RT kernel (Waiman Long) [RHEL-80292]
- workqueue: Make show_pwq() use run-length encoding (Waiman Long) [RHEL-80292]
- workqueue: Introduce show_one_worker_pool and show_one_workqueue. (Waiman Long) [RHEL-80292]
- workqueue: fix state-dump console deadlock (Waiman Long) [RHEL-80292]

Thu Jul 17 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.63.1.el8_10]

- tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). (Guillaume Nault) [RHEL-66324] {CVE-2024-50154}
- net: ch9200: fix uninitialised access during mii_nway_restart (CKI Backport Bot) [RHEL-101200] {CVE-2025-38086}
- mm/swapfile: add cond_resched() in get_swap_pages() (Nico Pache) [RHEL-80401] {CVE-2023-52932}
- dlm: fix possible lkb_resource null dereference (Alexander Aring) [RHEL-64452]
- fs: dlm: handle -EINVAL as log_error() (Alexander Aring) [RHEL-64452]
- redhat/configs: enable CONFIG_RH_KABI_STABLE_ASM_OFFSETS (Čestmír Kalina) [RHEL-90099]
- kabi: freeze stablelist and stackprotector-related constants (Čestmír Kalina) [RHEL-90099]
- kabi: add redhat/kabi/asm-offsets (Čestmír Kalina) [RHEL-90099]
- kabi: add RH_KABI_ASSERT_EQ_CONST{,EXPR} (Čestmír Kalina) [RHEL-90099]