-
Tue Apr 29 2025 Darren Archibald <darren.archibald@oracle.com> [4.18.0-553.51.1.el8_10.OL8]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
-
Thu Apr 24 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.51.1.el8_10]
- x86/xen: use the whole RCX when picking the right hypercall function (Vitaly Kuznetsov) [RHEL-87072]
- Revert "usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB" (Desnes Nunes) [RHEL-87280]
-
Thu Apr 10 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.50.1.el8_10]
- perf debug: Set debug_peo_args and redirect_to_stderr variable to correct values in perf_quiet_option() (Michael Petlan) [RHEL-82119]
- ALSA: usb-audio: Fix out of bounds reads when finding clock sources (Jarod Wilson) [RHEL-86737] {CVE-2024-53150}
- scsi: storvsc: Set correct data length for sending SCSI command without payload (Cathy Avery) [RHEL-83052]
- ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (Michal Schmidt) [RHEL-85852]
- ice: avoid the PTP hardware semaphore in gettimex64 path (Michal Schmidt) [RHEL-85852]
- ice: add ice_adapter for shared data across PFs on the same NIC (Michal Schmidt) [RHEL-85852]
-
Thu Apr 03 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.49.1.el8_10]
- net/mlx5: Fix error path in multi-packet WQE transmit (CKI Backport Bot) [RHEL-84244]
- redhat: drop Y issues from changelog (Jan Stancek)
- md/md-bitmap: fix writing non bitmap changes local to RHEL (Nigel Croxon) [RHEL-80673]
- md/md-bitmap: fix writing non bitmap pages (Nigel Croxon) [RHEL-80673]
- md-bitmap: use %pD to print the file name in md_bitmap_file_kick (Nigel Croxon) [RHEL-80673]
- md-bitmap: initialize variables at declaration time in md_bitmap_file_unmap (Nigel Croxon) [RHEL-80673]
- md-bitmap: set BITMAP_WRITE_ERROR in write_sb_page (Nigel Croxon) [RHEL-80673]
- raid1: update discard granularity when adding new disk (Nigel Croxon) [RHEL-71499]
- x86/xen: remove hypercall page (Vitaly Kuznetsov) [RHEL-70666] {CVE-2024-53241}
- x86/xen: use new hypercall functions instead of hypercall page (Vitaly Kuznetsov) [RHEL-70666] {CVE-2024-53241}
-
Thu Mar 27 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.48.1.el8_10]
- rhel-8.10: gate kernel on kernel-qe tests results not cki ones (Bruno Goncalves)
- gfs2: skip if we cannot defer delete (Andreas Gruenbacher) [RHEL-76208]
- gfs2: remove redundant warnings (Andreas Gruenbacher) [RHEL-76208]
- gfs2: minor evict fix (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Prevent inode creation race (2) (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Fix additional unlikely request cancelation race (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Fix request cancelation bug (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Check for empty queue in run_queue (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Remove more dead code in add_to_queue (Andreas Gruenbacher) [RHEL-76208]
- gfs2: remove dead code in add_to_queue (Su Hui) [RHEL-76208]
- gfs2: Remove LM_FLAG_PRIORITY flag (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Replace GIF_DEFER_DELETE with GLF_DEFER_DELETE (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Add GLF_PENDING_REPLY flag (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Remove and replace gfs2_glock_queue_work (Andreas Gruenbacher) [RHEL-76208]
- gfs2: do_xmote fixes (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Clear flags when withdraw prevents xmote (Bob Peterson) [RHEL-76208]
- gfs2: fix a deadlock on withdraw-during-mount (Bob Peterson) [RHEL-76208]
- gfs2: gfs2_evict_inode clarification (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Remove misleading comments in gfs2_evict_inode (Andreas Gruenbacher) [RHEL-76208]
-
Thu Mar 20 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.47.1.el8_10]
- nfs: don't invalidate dentries on transient errors (Scott Mayhew) [RHEL-78136]
- ethtool: runtime-resume netdev parent before ethtool ioctl ops (John J Coleman) [RHEL-78156]
- bpf: Use raw_spinlock_t in ringbuf (Viktor Malik) [RHEL-79911] {CVE-2024-50138}
-
Thu Mar 13 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.46.1.el8_10]
- s390/pci: Fix handling of isolated VFs (Mete Durlu) [RHEL-81934]
- s390/pci: Pull search for parent PF out of zpci_iov_setup_virtfn() (Mete Durlu) [RHEL-81934]
- s390/pci: Fix SR-IOV for PFs initially in standby (Mete Durlu) [RHEL-81934]
- x86/mm: Fix VDSO and VVAR placement on 5-level paging machines (Herton R. Krzesinski) [RHEL-62832]
- arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (CKI Backport Bot) [RHEL-82720] {CVE-2025-21785}
- nouveau/fence: handle cross device fences properly (Dave Airlie) [RHEL-80085]
-
Thu Mar 06 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.45.1.el8_10]
- gve: trigger RX NAPI instead of TX NAPI in gve_xsk_wakeup (Joshua Washington) [RHEL-73269]
- gve: process XSK TX descriptors as part of RX NAPI (Joshua Washington) [RHEL-73269]
- gve: guard XSK operations on the existence of queues (Joshua Washington) [RHEL-73269]
- gve: Fix an edge case for TSO skb validity check (Joshua Washington) [RHEL-73269]
- gve: Fix XDP TX completion handling when counters overflow (Joshua Washington) [RHEL-73269]
- gve: Clear napi->skb before dev_kfree_skb_any() (Joshua Washington) [RHEL-73269] {CVE-2024-40937}
- gve: ignore nonrelevant GSO type bits when processing TSO headers (Joshua Washington) [RHEL-73269]
- can: bcm: Fix UAF in bcm_proc_show() (CKI Backport Bot) [RHEL-80733] {CVE-2023-52922}
- gfs2: glock holder GL_NOPID fix (Andreas Gruenbacher) [RHEL-80694]
- gfs2: Decode missing glock flags in tracepoints (Andreas Gruenbacher) [RHEL-80694]
- net/smc: support ipv4 mapped ipv6 addr client for smc-r v2 (Mete Durlu) [RHEL-79810]
- net: smc: fix spurious error message from __sock_release() (Mete Durlu) [RHEL-79812]
-
Wed Mar 05 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.44.1.el8_10]
- HID: core: zero-initialize the report buffer (CKI Backport Bot) [RHEL-81825] {CVE-2024-50302}
- ALSA: usb-audio: Fix a DMA to stack memory bug (Jaroslav Kysela) [RHEL-81786]
- ALSA: usb-audio: Fix for sampling rates support for Mbox3 (Jaroslav Kysela) [RHEL-81786]
- ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (Jaroslav Kysela) [RHEL-81786] {CVE-2024-53197}
- ALSA: usb-audio: Add sampling rates support for Mbox3 (Jaroslav Kysela) [RHEL-81786]
-
Thu Feb 27 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.43.1.el8_10]
- s390/module: fix loading modules with a lot of relocations (Mete Durlu) [RHEL-78999]
- s390/module: Use s390_kernel_write() for late relocations (Mete Durlu) [RHEL-78999]
- locking/atomic: Make test_and_*_bit() ordered on failure (Herton R. Krzesinski) [RHEL-69894]
- pps: Fix a use-after-free (Michal Schmidt) [RHEL-77971]
- KVM: s390: Change virtual to physical address access in diag 0x258 handler (Thomas Huth) [RHEL-68323 RHEL-65229]
- KVM: s390: gaccess: Check if guest address is in memslot (Thomas Huth) [RHEL-68323 RHEL-65229]
- KVM: s390: Fix SORTL and DFLTCC instruction format error in __insn32_query (Thomas Huth) [RHEL-68323 RHEL-65229]
- s390/uv: Panic for set and remove shared access UVC errors (Thomas Huth) [RHEL-68323 RHEL-65229]
- KVM: s390: vsie: Use virt_to_phys for crypto control block (Thomas Huth) [RHEL-68323 RHEL-65229]
- KVM: s390: vsie: Use virt_to_phys for facility control block (Thomas Huth) [RHEL-68323 RHEL-65229]
- scsi: megaraid_sas: Fix for a potential deadlock (Tomas Henzl) [RHEL-21984] {CVE-2024-57807}
- net/mlx5: Reload auxiliary devices in pci error handlers (Benjamin Poirier) [RHEL-78756]
- net/mlx5: Suspend auxiliary devices only in case of PCI device suspend (Benjamin Poirier) [RHEL-78756]