| Name: | kernel |
|---|---|
| Version: | 4.18.0 |
| Release: | 305.7.1.el8_4 |
| Architecture: | x86_64 |
| Group: | System Environment/Kernel |
| Size: | 0 |
| License: | GPLv2 and Redistributable, no modification permitted |
| RPM: | kernel-4.18.0-305.7.1.el8_4.x86_64.rpm |
| Source RPM: | kernel-4.18.0-305.7.1.el8_4.src.rpm |
| Build Date: | Wed Jun 30 2021 |
| Build Host: | host-100-100-224-44.blddevtest1iad.osdevelopmeniad.oraclevcn.com |
| Vendor: | Oracle America |
| URL: | http://www.kernel.org/ |
| Summary: | The Linux kernel, based on version 4.18.0, heavily modified with backports |
| Description: | This is the package which provides the Linux kernel for Red Hat Enterprise Linux. It is based on upstream Linux at version 4.18.0 and maintains kABI compatibility of a set of approved symbols, however it is heavily modified with backports and fixes pulled from newer upstream Linux kernel releases. This means this is not a 4.18.0 kernel anymore: it includes several components which come from newer upstream linux versions, while maintaining a well tested and stable core. Some of the components/backports that may be pulled in are: changes like updates to the core kernel (eg.: scheduler, cgroups, memory management, security fixes and features), updates to block layer, supported filesystems, major driver updates for supported hardware in Red Hat Enterprise Linux, enhancements for enterprise customers, etc. |
- Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15-11.0.5.el8
- net: zero-initialize tc skb extension on allocation (Ivan Vecera) [1965457 1946986]
- net/sched: cls_flower: fix only mask bit check in the validate_ct_state (Ivan Vecera) [1965457 1946986]
- net: cls_api: Fix uninitialised struct field bo->unlocked_driver_cb (Ivan Vecera) [1965457 1946986]
- net/sched: act_api: fix miss set post_ct for ovs after do conntrack in act_ct (Ivan Vecera) [1965457 1946986]
- net/sched: cls_flower: validate ct_state for invalid and reply flags (Ivan Vecera) [1965457 1946986]
- flow_dissector: fix TTL and TOS dissection on IPv4 fragments (Paolo Abeni) [1963952 1950288]
- Revert "sctp: Fix SHUTDOWN CTSN Ack in the peer restart case" (Xin Long) [1965632 1953839]
- sctp: do asoc update earlier in sctp_sf_do_dupcook_b (Xin Long) [1965632 1953839]
- sctp: do asoc update earlier in sctp_sf_do_dupcook_a (Xin Long) [1965632 1953839]
- Bluetooth: verify AMP hci_chan before amp_destroy (Gopal Tiwari) [1962544 1962546] {CVE-2021-33034}
- x86/kvm: Unify kvm_pv_guest_cpu_reboot() with kvm_guest_cpu_offline() (Lenny Szubowicz) [1964930 1934273]
- x86/kvm: Disable all PV features on crash (Lenny Szubowicz) [1964930 1934273]
- x86/kvm: Disable kvmclock on all CPUs on shutdown (Lenny Szubowicz) [1964930 1934273]
- x86/kvm: Teardown PV features on boot CPU as well (Lenny Szubowicz) [1964930 1934273]
- x86/kvm: Fix pr_info() for async PF setup/teardown (Lenny Szubowicz) [1964930 1934273]
- net/sched: act_ct: Fix ct template allocation for zone 0 (Marcelo Ricardo Leitner) [1965150 1881824]
- openvswitch: fix stack OOB read while fragmenting IPv4 packets (Davide Caratti) [1963940 1924608]
- net/sched: sch_frag: fix stack OOB read while fragmenting IPv4 packets (Davide Caratti) [1963940 1924608]
- net/sched: act_ct: fix wild memory access when clearing fragments (Davide Caratti) [1963940 1924608]
- net: Treat __napi_schedule_irqoff() as __napi_schedule() on PREEMPT_RT (Ivan Vecera)
- redhat/configs: Add CONFIG_SYSTEM_REVOCATION_KEYS and CONFIG_SYSTEM_REVOCATION_LIST (Vladis Dronov) [1965270 1893793] {CVE-2020-26541}
- certs: add 'x509_revocation_list' to gitignore (Vladis Dronov) [1965270 1893793] {CVE-2020-26541}
- integrity: Load mokx variables into the blacklist keyring (Vladis Dronov) [1965270 1893793] {CVE-2020-26541}
- certs: Add ability to preload revocation certs (Vladis Dronov) [1965270 1893793] {CVE-2020-26541}
- certs: Move load_system_certificate_list to a common function (Vladis Dronov) [1965270 1893793] {CVE-2020-26541}
- certs: Add EFI_CERT_X509_GUID support for dbx entries (Vladis Dronov) [1965270 1893793] {CVE-2020-26541}
- net/sched: cls_api: increase max_reclassify_loop (Davide Caratti) [1965148 1955136]
- dm writecache: fix performance degradation in ssd mode (Mike Snitzer) [1962241 1961859]
- scsi: fnic: Use scsi_host_busy_iter() to traverse commands (Ewan D. Milne) [1961705 1949250]
- scsi: fnic: Kill 'exclude_id' argument to fnic_cleanup_io() (Ewan D. Milne) [1961705 1949250]
- gfs2: report "already frozen/thawed" errors (Bob Peterson) [1961849 1932236] - gfs2: move freeze glock outside the make_fs_rw and _ro functions (Bob Peterson) [1961849 1932236] - gfs2: Add common helper for holding and releasing the freeze glock (Bob Peterson) [1961849 1932236] - gfs2: in signal_our_withdraw wait for unfreeze of _this_ fs only (Bob Peterson) [1961849 1932236] - gfs2: Don't freeze the file system during unmount (Bob Peterson) [1961849 1932236] - gfs2: Fix regression in freeze_go_sync (Bob Peterson) [1961849 1932236] - gfs2: The freeze glock should never be frozen (Bob Peterson) [1961849 1932236] - gfs2: When freezing gfs2, use GL_EXACT and not GL_NOCACHE (Bob Peterson) [1961849 1932236] - gfs2: read-only mounts should grab the sd_freeze_gl glock (Bob Peterson) [1961849 1932236] - gfs2: freeze should work on read-only mounts (Bob Peterson) [1961849 1932236] - gfs2: Abort gfs2_freeze if io error is seen (Bob Peterson) [1961849 1932236] - CI: Disable result checking for realtime check (Veronika Kabatova) - CI: Explicitly disable result checking for private CI (Veronika Kabatova) - CI: Rename variable (Veronika Kabatova) - CI: Update builder containers (Veronika Kabatova)
- vmxnet3: Set the default of vxlan overlay offload to disabled (Cathy Avery) [1960702 1941714]
- Revert "uio: use request_threaded_irq instead" (Vitaly Kuznetsov) [1952952 1946644] - drm/ast: Set format registers in primary plane's update (Lyude Paul) [1952900 1923857] - net/sched: act_ct: clear post_ct if doing ct_clear (Marcelo Ricardo Leitner) [1956458 1941889] - md/raid1: properly indicate failure when ending a failed write request (Nigel Croxon) [1955188 1954588] - nitro_enclaves: Fix stale file descriptors on failed usercopy (Vitaly Kuznetsov) [1956379 1953717]
- net/mlx5e: Allow to match on MPLS parameters only for MPLS over UDP (Alaa Hleihel) [1952061 1936742] - net/mlx5e: Reject tc rules which redirect from a VF to itself (Alaa Hleihel) [1952065 1932839] - net/mlx5: CT: Add support for matching on ct_state inv and rel flags (Alaa Hleihel) [1952062 1942681] - KVM: VMX: Don't use vcpu->run->internal.ndata as an array index (Jon Maloy) [1954221 1954219] - tools/power turbostat: Revert "[tools] tools/power turbostat: Enable accumulate RAPL display" (Prarit Bhargava) [1952987 1944699]
- ALSA: usb-audio: fix NULL ptr dereference in usb_audio_probe (Jaroslav Kysela) [1954545 1870724] - ALSA: usb-audio: fix use after free in usb_audio_disconnect (Jaroslav Kysela) [1954545 1870724] - ALSA: usb-audio: Disable USB autosuspend properly in setup_disable_autosuspend() (Jaroslav Kysela) [1954545 1870724] - selinux: fix deadlock in security_set_bools() (Ondrej Mosnacek) [1945123 1924230] - geneve: do not modify the shared tunnel info when PMTU triggers an ICMP reply (Antoine Tenart) [1944667 1941753] - vxlan: do not modify the shared tunnel info when PMTU triggers an ICMP reply (Antoine Tenart) [1944667 1941753] - redhat: switch to zstream (Jan Stancek)
- perf/x86/intel/uncore: Remove uncore extra PCI dev HSWEP_PCI_PCU_3 (Michael Petlan) [1950388]
- mm: Revert "remove the account_page_dirtied export" (Waiman Long) [1941257] - Revert "[netdrv] net/broadcom: Clean broadcom code from driver versions" (Jonathan Toppins) [1940842]