Name: | kernel |
---|---|
Version: | 4.18.0 |
Release: | 477.27.0.1.el8_8 |
Architecture: | x86_64 |
Group: | System Environment/Kernel |
Size: | 0 |
License: | GPLv2 and Redistributable, no modification permitted |
RPM: | kernel-4.18.0-477.27.0.1.el8_8.x86_64.rpm |
Source RPM: | kernel-4.18.0-477.27.0.1.el8_8.src.rpm |
Build Date: | Wed Sep 20 2023 |
Build Host: | build-ol8-x86_64.oracle.com |
Vendor: | Oracle America |
URL: | http://www.kernel.org/ |
Summary: | The Linux kernel, based on version 4.18.0, heavily modified with backports |
Description: | This is the package which provides the Linux kernel for Red Hat Enterprise Linux. It is based on upstream Linux at version 4.18.0 and maintains kABI compatibility of a set of approved symbols, however it is heavily modified with backports and fixes pulled from newer upstream Linux kernel releases. This means this is not a 4.18.0 kernel anymore: it includes several components which come from newer upstream linux versions, while maintaining a well tested and stable core. Some of the components/backports that may be pulled in are: changes like updates to the core kernel (eg.: scheduler, cgroups, memory management, security fixes and features), updates to block layer, supported filesystems, major driver updates for supported hardware in Red Hat Enterprise Linux, enhancements for enterprise customers, etc. |
- bluetooth: Perform careful capability checks in hci_sock_ioctl() {CVE-2023-2002} - ipvlan:Fix out-of-bounds caused by unclear skb->cb {CVE-2023-3090} - net/sched: cls_fw: Fix improper refcount update leads to use-after-free {CVE-2023-3776} - netfilter: nft_set_pipapo: fix improper element removal {CVE-2023-4004} - netfilter: nf_tables: prevent OOB access in nft_byteorder_eval {CVE-2023-35001} - net/sched: flower: fix possible OOB write in fl_set_geneve_opt() {CVE-2023-35788}
- Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM (Tamás Koczka) {CVE-2022-42896} - net/sched: tcindex: update imperfect hash filters respecting rcu (Jamal Hadi Salim) {CVE-2023-1281} - net/sched: tcindex: search key must be 16 bits (Jamal Hadi Salim) {CVE-2023-1281} - net/sched: Retire tcindex classifier (Jamal Hadi Salim) {CVE-2023-1829} - xfs: verify buffer contents when we skip log replay (Darrick J. Wong) {CVE-2023-2124} - i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() (Wei Chen) {CVE-2023-2194} - perf: Fix check before add_event_to_groups() in perf_group_detach() (Budimir Markovic) {CVE-2023-2235}
- net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() (Hangyu Hua) {CVE-2023-28466}
- Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3 - Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
- netfilter: nf_tables: deactivate anonymous set from preparation phase (Florian Westphal) [2196147 2196146] {CVE-2023-32233}
- redhat/configs: Fix incorrect configs location and content (Vladis Dronov) - wifi: iwlwifi: mvm: protect TXQ list manipulation (Jose Ignacio Tornos Martinez) [2183471 2152168] - wifi: iwlwifi: mvm: fix mvmtxq->stopped handling (Jose Ignacio Tornos Martinez) [2183471 2152168] - migrate: grab the compound head in migration_entry_wait_on_locked (Nico Pache) [2189629 2188249] - redhat/configs: Fix DEBUG_BLK_CGROUP and BFQ_CGROUP_DEBUG configs (Vladis Dronov) - redhat: switch release to zstream (Lucas Zampieri)
- crypto: drbg - Only fail when jent is unavailable in FIPS mode (Vladis Dronov) [2181730 2175712] - crypto: jitter - permanent and intermittent health errors (Vladis Dronov) [2181730 2175712] - crypto: jitter - quit sample collection loop upon RCT failure (Vladis Dronov) [2181730 2175712] - crypto: jitter - don't limit ->health_failure check to FIPS mode (Vladis Dronov) [2181730 2175712] - crypto: jitter - drop kernel-doc notation (Vladis Dronov) [2181730 2175712] - qede: avoid uninitialized entries in coal_entry array (Michal Schmidt) [2176104 2160054] - qede: fix interrupt coalescing configuration (Jonathan Toppins) [2176104 2160054] - crypto: qat - add support for 402xx devices (Vladis Dronov) [2176850 2144529] - crypto: qat - drop log level of msg in get_instance_node() (Vladis Dronov) [2176850 2144529] - crypto: qat - fix out-of-bounds read (Vladis Dronov) [2176850 2144529] - Documentation: qat: change kernel version (Vladis Dronov) [2176850 2144529] - crypto: qat - add qat_zlib_deflate (Vladis Dronov) [2176850 2144529] - crypto: qat - extend buffer list logic interface (Vladis Dronov) [2176850 2144529] - crypto: qat - fix spelling mistakes from 'bufer' to 'buffer' (Vladis Dronov) [2176850 2144529] - crypto: qat - add resubmit logic for decompression (Vladis Dronov) [2176850 2144529] - crypto: acomp - define max size for destination (Vladis Dronov) [2176850 2144529] - crypto: qat - enable deflate for QAT GEN4 (Vladis Dronov) [2176850 2144529] - crypto: qat - expose deflate through acomp api for QAT GEN2 (Vladis Dronov) [2176850 2144529] - crypto: qat - rename and relocate GEN2 config function (Vladis Dronov) [2176850 2144529] - crypto: qat - relocate qat_algs_alloc_flags() (Vladis Dronov) [2176850 2144529] - crypto: qat - relocate backlog related structures (Vladis Dronov) [2176850 2144529] - crypto: qat - extend buffer list interface (Vladis Dronov) [2176850 2144529] - crypto: qat - generalize crypto request buffers (Vladis Dronov) [2176850 2144529] - crypto: qat - change bufferlist logic interface (Vladis Dronov) [2176850 2144529] - crypto: qat - rename bufferlist functions (Vladis Dronov) [2176850 2144529] - crypto: qat - relocate bufferlist logic (Vladis Dronov) [2176850 2144529] - crypto: qat - Use helper to set reqsize (Vladis Dronov) [2176850 2144529] - crypto: kpp - Add helper to set reqsize (Vladis Dronov) [2176850 2144529] - crypto: qat - fix error return code in adf_probe (Vladis Dronov) [2176850 2144529] - crypto: qat - remove ADF_STATUS_PF_RUNNING flag from probe (Vladis Dronov) [2176850 2144529] - sched/core: Fix arch_scale_freq_tick() on tickless systems (Phil Auld) [2188067 2184083]
- dm: fix __send_duplicate_bios() to always allow for splitting IO (Benjamin Marzinski) [2184429] - dm: fix improper splitting for abnormal bios (Benjamin Marzinski) [2184429]
- ovl: fail on invalid uid/gid mapping at copy up (Miklos Szeredi) [2165342] {CVE-2023-0386}
- redhat/configs: Put CONFIG_SFC_* to a proper location (Vladis Dronov) - redhat/configs: Put CONFIG_SEV_GUEST to a proper location (Vladis Dronov) - Reinstate "GFS2: free disk inode which is deleted by remote node -V2" (Bob Peterson) [2181343]