[ol8_baseos_latest] kernel-debug-core-4.18.0-513.18.0.1.el8_9.x86_64

Name:	kernel-debug-core
Version:	4.18.0
Release:	513.18.0.1.el8_9
Architecture:	x86_64
Group:	System Environment/Kernel
Size:	119111351
License:	GPLv2 and Redistributable, no modification permitted
RPM:	kernel-debug-core-4.18.0-513.18.0.1.el8_9.x86_64.rpm
Source RPM:	kernel-4.18.0-513.18.0.1.el8_9.src.rpm
Build Date:	Thu Feb 22 2024
Build Host:	build-ol8-x86_64.oracle.com
Vendor:	Oracle America
URL:	http://www.kernel.org/
Summary:	The Linux kernel compiled with extra debugging enabled
Description:	The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. This variant of the kernel has numerous debugging options enabled. It should only be installed when trying to gather additional information on kernel bugs, as some of these options impact performance noticably.

Changelog (Show File list) (Show related packages)

Tue Feb 20 2024 Mridula Shastry <mridula.c.shastry@oracle.com> [4.18.0-513.18.0.1.el8_9.OL8]

- drivers: net: slip: fix NPD bug in sl_tx_timeout() {CVE-2022-41858}
- nfp: fix use-after-free in area_cache_get() {CVE-2022-3545}
- HID: check empty report_list in hid_validate_values() {CVE-2023-1073}
- Fix double fget() in vhost_net_set_backend() {CVE-2023-1838}
- can: af_can: fix NULL pointer dereference in can_rcv_filter {CVE-2023-2166}
- net: sched: sch_qfq: Fix UAF in qfq_dequeue() {CVE-2023-4921}
- perf: Disallow mis-matched inherited group reads {CVE-2023-5717}
- perf/core: Fix potential NULL deref {CVE-2023-5717}
- nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length {CVE-2023-6536 CVE-2023-6535 CVE-2023-6356}
- nvmet-tcp: fix a crash in nvmet_req_complete() {CVE-2023-6536 CVE-2023-6535 CVE-2023-6356}
- nvmet-tcp: remove boilerplate code {CVE-2023-6536 CVE-2023-6535 CVE-2023-6356}
- nvmet-tcp: Fix the H2C expected PDU len calculation {CVE-2023-6536 CVE-2023-6535 CVE-2023-6356}
- smb: client: fix potential OOB in cifs_dump_detail() {CVE-2023-6610}
- smb: client: fix potential OOB in smb2_dump_detail() {CVE-2023-6610}
- smb: client: fix OOB in smbCalcSize() {CVE-2023-6606}
- net: tls, update curr on splice as well {CVE-2024-0646}
- netfilter: nft_set_pipapo: skip inactive elements during set walk {CVE-2023-6817}
- Bluetooth: L2CAP: Fix use-after-free in l2cap_sock_ready_cb {CVE-2023-40283}
- igb: set max size RX buffer when store bad packet is enabled {CVE-2023-45871}

Tue Jan 09 2024 Mohith Kumar Thummaluru <mohith.k.kumar.thummaluru@oracle.com> [4.18.0-513.11.1.0.1.el8_9.OL8]

- scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress {CVE-2023-2162}
- af_unix: Fix null-ptr-deref in unix_stream_sendpage() {CVE-2023-4622}
- netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet {CVE-2023-42753}

Tue Nov 28 2023 Mridula Shastry <mridula.c.shastry@oracle.com> [4.18.0-513.9.1.el8_9.OL8]

- media: dvb-core: Fix use-after-free due to race at dvb_register_device() (Mauro Carvalho Chehab) {CVE-2022-45884}
- cifs: Fix UAF in cifs_demultiplex_thread() (Zhang Xiaoxu) {CVE-2023-1192}
- nvmet-tcp: Fix a possible UAF in queue intialization setup (Sagi Grimberg) {CVE-2023-5178}
- net: tun: fix bugs for oversize packet when napi frags enabled (Ziyang Xuan) {CVE-2023-3812}
- bpf: Fix incorrect verifier pruning due to missing register precision taints (Daniel Borkmann) (Andrii Nakryiko) {CVE-2023-2163}
- media: dvb-core: Fix use-after-free due to race condition at dvb_ca_en50221 (Hyunwoo Kim) {CVE-2022-45919}
- media: dvbdev: fix error logic at dvb_register_device() (Mauro Carvalho Chehab)
- media: dvbdev: Fix memleak in dvb_register_device (Dinghao Liu)
- media: dvb-core: Fix use-after-free due on race condition at dvb_net (Hyunwoo Kim} {CVE-2022-45886}

Wed Nov 15 2023 Darren Archibald <darren.archibald@oracle.com> [4.18.0-513.5.1.el8_9.OL8]

- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
- Drop not needed patch

Fri Sep 29 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.5.1.el8_9]

- redhat: list Z-Jiras in the changelog before Y-Jiras (Herton R. Krzesinski)
- Revert "mm, meminit: recalculate pcpu batch and high limits after init completes" (Chris von Recklinghausen) [RHEL-8539]
- Revert "mm,memory_hotplug: factor out adjusting present pages into adjust_present_page_count()" (Chris von Recklinghausen) [RHEL-8539]
- Revert "mm/page_alloc: move free_the_page" (Chris von Recklinghausen) [RHEL-8539]
- Revert "mm/page_alloc: allow high-order pages to be stored on the per-cpu lists" (Chris von Recklinghausen) [RHEL-8539]
- Revert "mm/page_alloc: fetch the correct pcp buddy during bulk free" (Chris von Recklinghausen) [RHEL-8539]
- Revert "mm/page_alloc: track range of active PCP lists during bulk free" (Chris von Recklinghausen) [RHEL-8539]
- Revert "mm/page_alloc: simplify how many pages are selected per pcp list during bulk free" (Chris von Recklinghausen) [RHEL-8539]
- Revert "mm/page_alloc: drain the requested list first during bulk free" (Chris von Recklinghausen) [RHEL-8539]
- Revert "mm/page_alloc: free pages in a single pass during bulk free" (Chris von Recklinghausen) [RHEL-8539]
- Revert "mm/page_alloc: do not prefetch buddies during bulk free" (Chris von Recklinghausen) [RHEL-8539]
- Revert "mm/page_alloc: check high-order pages for corruption during PCP operations" (Chris von Recklinghausen) [RHEL-8539]
- Revert "mm/page_alloc: fix incorrect PGFREE and PGALLOC for high-order page" (Chris von Recklinghausen) [RHEL-8539]

Wed Sep 27 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.4.1.el8_9]

- Revert "cnic: Use the bitmap API to allocate bitmaps" (Chris Leech) [RHEL-1950]
- Revert "cnic: don't pass bogus GFP_ flags to dma_alloc_coherent" (Chris Leech) [RHEL-1950]
- scsi: lpfc: Prevent use-after-free during rmmod with mapped NVMe rports (Paul Ely) [RHEL-2602]
- scsi: lpfc: Early return after marking final NLP_DROPPED flag in dev_loss_tmo (Paul Ely) [RHEL-2602]
- gfs2: Add quota_change type (Bob Peterson) [2224075]

Wed Sep 20 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.3.1.el8_9]

- drm/amd/display: fix the white screen issue when >= 64GB DRAM (Mika Penttilä) [2231934]
- gfs2: conversion deadlock do_promote bypass (Bob Peterson) [2225228]
- gfs2: do_promote cleanup (Andreas Gruenbacher) [2225228]
- gfs2: Make use of list_is_first (Andreas Gruenbacher) [2225228]

Fri Sep 15 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.2.1.el8_9]

- x86/cpu: Enable STIBP on AMD if Automatic IBRS is enabled (Waiman Long) [2227916]
- Documentation/hw-vuln: Document the interaction between IBRS and STIBP (Waiman Long) [2227916]
- x86/CPU/AMD: Make sure EFER[AIBRSE] is set (Waiman Long) [2227916]
- fs: don't audit the capability check in simple_xattr_list() (Andrey Albershteyn) [RHEL-863]

Wed Sep 06 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-513.1.1.el8_9]

- thunderbolt: Fix Thunderbolt 3 display flickering issue on 2nd hot plug onwards (Desnes Nunes) [2233974]
- mm/userfaultfd: don't consider uffd-wp bit of writable migration entries (Rafael Aquini) [2231554]
- mm/userfaultfd: fix uffd-wp handling for THP migration entries (Rafael Aquini) [2231554]
- mm/userfaultfd: fix uffd-wp special cases for fork() (Rafael Aquini) [2231554]
- mm/thp: simplify copying of huge zero page pmd when fork (Rafael Aquini) [2231554]

Fri Aug 25 2023 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-513.el8]

- redhat/configs: enable CONFIG_INET_DIAG_DESTROY (Andrea Claudi) [2230213]
- net/sched: cls_u32: Fix reference counter leak leading to overflow (Davide Caratti) [2225202] {CVE-2023-3609}
- cifs: fix bogus cifs_mount error handling in RHEL8 (Jeffrey Layton) [2215018]
- KVM: nVMX: add missing consistency checks for CR0 and CR4 (Ricardo Robaina) [2190257] {CVE-2023-30456}
- netfilter: snat: evict closing tcp entries on reply tuple collision (Florian Westphal) [2196717]
- tun: avoid double free in tun_free_netdev (Jon Maloy) [2156366 2156371] {CVE-2022-4744}
- net/sched: cls_fw: Fix improper refcount update leads to use-after-free (Davide Caratti) [2225103] {CVE-2023-3776}
- net/sched: sch_qfq: account for stab overhead in qfq_enqueue (Davide Caratti) [2225196] {CVE-2023-3611}
- net/sched: sch_qfq: reintroduce lmax bound check for MTU (Davide Caratti) [2225196]
- net/sched: sch_qfq: refactor parsing of netlink parameters (Davide Caratti) [2225196]
- net/sched: cls_route: No longer copy tcf_result on update to avoid use-after-free (Davide Caratti) [2225512] {CVE-2023-4128}
- net/sched: cls_fw: No longer copy tcf_result on update to avoid use-after-free (Davide Caratti) [2225512] {CVE-2023-4128}
- net/sched: cls_u32: No longer copy tcf_result on update to avoid use-after-free (Davide Caratti) [2225512] {CVE-2023-4128}
- scsi: lpfc: Remove reftag check in DIF paths (Paul Ely) [2229152]
- scsi: lpfc: Modify when a node should be put in device recovery mode during RSCN (Paul Ely) [2229152]
- scsi: lpfc: Make fabric zone discovery more robust when handling unsolicited LOGO (Paul Ely) [2229152]
- scsi: lpfc: Set Establish Image Pair service parameter only for Target Functions (Paul Ely) [2229152]
- scsi: lpfc: Revise ndlp kref handling for dev_loss_tmo_callbk and lpfc_drop_node (Paul Ely) [2229152]
- scsi: lpfc: Qualify ndlp discovery state when processing RSCN (Paul Ely) [2229152]
- gfs2: Fix freeze consistency check in gfs2_trans_add_meta (Andreas Gruenbacher) [2095340]
- gfs2: gfs2_freeze_lock_shared cleanup (Andreas Gruenbacher) [2095340]
- gfs2: Replace sd_freeze_state with SDF_FROZEN flag (Andreas Gruenbacher) [2095340]
- gfs2: Rework freeze / thaw logic (Andreas Gruenbacher) [2095340]
- gfs2: Rename SDF_{FS_FROZEN => FREEZE_INITIATOR} (Andreas Gruenbacher) [2095340]
- gfs2: Reconfiguring frozen filesystem already rejected (Andreas Gruenbacher) [2095340]
- gfs2: Rename gfs2_freeze_lock{ => _shared } (Andreas Gruenbacher) [2095340]
- gfs2: Rename the {freeze,thaw}_super callbacks (Andreas Gruenbacher) [2095340]
- gfs2: Rename remaining "transaction" glock references (Andreas Gruenbacher) [2095340]
- gfs2: init system threads before freeze lock (Bob Peterson) [2095340]
- net: mana: Use the correct WQE count for ringing RQ doorbell (Bandan Das) [2222573]
- net: mana: Batch ringing RX queue doorbell on receiving packets (Bandan Das) [2222573]
- net: mana: Add support for vlan tagging (Bandan Das) [2222573]
- net: mana: Fix perf regression: remove rx_cqes, tx_cqes counters (Bandan Das) [2222573]
- net: mana: Check if netdev/napi_alloc_frag returns single page (Bandan Das) [2222573]
- net: mana: Rename mana_refill_rxoob and remove some empty lines (Bandan Das) [2222573]
- net: mana: Add support for jumbo frame (Bandan Das) [2222573]
- net: mana: Enable RX path to handle various MTU sizes (Bandan Das) [2222573]
- net: mana: Refactor RX buffer allocation code to prepare for various MTU (Bandan Das) [2222573]
- net: mana: Use napi_build_skb in RX path (Bandan Das) [2222573]
- net: mana: Remove redundant pci_clear_master (Bandan Das) [2222573]
- net: mana: Add new MANA VF performance counters for easier troubleshooting (Bandan Das) [2222573]
- ice: Fix NULL pointer deref during VF reset (Petr Oros) [2227743]
- x86/kasan: Populate shadow for shared chunk of the CPU entry area (Rafael Aquini) [2232451]
- x86/kasan: Add helpers to align shadow addresses up and down (Rafael Aquini) [2232451]
- x86/kasan: Rename local CPU_ENTRY_AREA variables to shorten names (Rafael Aquini) [2232451]
- x86/mm: Populate KASAN shadow for entire per-CPU range of CPU entry area (Rafael Aquini) [2232451]
- x86/mm: Recompute physical address for every page of per-CPU CEA mapping (Rafael Aquini) [2232451]