[ol8_baseos_latest] kernel-4.18.0-553.47.1.el8_10.x86_64

This is the package which provides the Linux kernel for Red Hat Enterprise
Linux. It is based on upstream Linux at version 4.18.0 and maintains kABI
compatibility of a set of approved symbols, however it is heavily modified with
backports and fixes pulled from newer upstream Linux kernel releases. This means
this is not a 4.18.0 kernel anymore: it includes several components which come
from newer upstream linux versions, while maintaining a well tested and stable
core. Some of the components/backports that may be pulled in are: changes like
updates to the core kernel (eg.: scheduler, cgroups, memory management, security
fixes and features), updates to block layer, supported filesystems, major driver
updates for supported hardware in Red Hat Enterprise Linux, enhancements for
enterprise customers, etc.

Changelog (Show File list) (Show related packages)

• Wed Apr 02 2025 Darren Archibald <darren.archibald@oracle.com> [4.18.0-553.47.1.el8_10.OL8]

  - Update Oracle Linux certificates (Kevin Lyons)
  - Disable signing for aarch64 (Ilya Okomin)
  - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
  - Update x509.genkey [Orabug: 24817676]
  - Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
  - Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]

• Thu Mar 20 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.47.1.el8_10]

  - nfs: don't invalidate dentries on transient errors (Scott Mayhew) [RHEL-78136]
  - ethtool: runtime-resume netdev parent before ethtool ioctl ops (John J Coleman) [RHEL-78156]
  - bpf: Use raw_spinlock_t in ringbuf (Viktor Malik) [RHEL-79911] {CVE-2024-50138}

• Thu Mar 13 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.46.1.el8_10]

  - s390/pci: Fix handling of isolated VFs (Mete Durlu) [RHEL-81934]
  - s390/pci: Pull search for parent PF out of zpci_iov_setup_virtfn() (Mete Durlu) [RHEL-81934]
  - s390/pci: Fix SR-IOV for PFs initially in standby (Mete Durlu) [RHEL-81934]
  - x86/mm: Fix VDSO and VVAR placement on 5-level paging machines (Herton R. Krzesinski) [RHEL-62832]
  - arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array (CKI Backport Bot) [RHEL-82720] {CVE-2025-21785}
  - nouveau/fence: handle cross device fences properly (Dave Airlie) [RHEL-80085]

• Thu Mar 06 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.45.1.el8_10]

  - gve: trigger RX NAPI instead of TX NAPI in gve_xsk_wakeup (Joshua Washington) [RHEL-73269]
  - gve: process XSK TX descriptors as part of RX NAPI (Joshua Washington) [RHEL-73269]
  - gve: guard XSK operations on the existence of queues (Joshua Washington) [RHEL-73269]
  - gve: Fix an edge case for TSO skb validity check (Joshua Washington) [RHEL-73269]
  - gve: Fix XDP TX completion handling when counters overflow (Joshua Washington) [RHEL-73269]
  - gve: Clear napi->skb before dev_kfree_skb_any() (Joshua Washington) [RHEL-73269] {CVE-2024-40937}
  - gve: ignore nonrelevant GSO type bits when processing TSO headers (Joshua Washington) [RHEL-73269]
  - can: bcm: Fix UAF in bcm_proc_show() (CKI Backport Bot) [RHEL-80733] {CVE-2023-52922}
  - gfs2: glock holder GL_NOPID fix (Andreas Gruenbacher) [RHEL-80694]
  - gfs2: Decode missing glock flags in tracepoints (Andreas Gruenbacher) [RHEL-80694]
  - net/smc: support ipv4 mapped ipv6 addr client for smc-r v2 (Mete Durlu) [RHEL-79810]
  - net: smc: fix spurious error message from __sock_release() (Mete Durlu) [RHEL-79812]

• Wed Mar 05 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.44.1.el8_10]

  - HID: core: zero-initialize the report buffer (CKI Backport Bot) [RHEL-81825] {CVE-2024-50302}
  - ALSA: usb-audio: Fix a DMA to stack memory bug (Jaroslav Kysela) [RHEL-81786]
  - ALSA: usb-audio: Fix for sampling rates support for Mbox3 (Jaroslav Kysela) [RHEL-81786]
  - ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (Jaroslav Kysela) [RHEL-81786] {CVE-2024-53197}
  - ALSA: usb-audio: Add sampling rates support for Mbox3 (Jaroslav Kysela) [RHEL-81786]

• Thu Feb 27 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.43.1.el8_10]

  - s390/module: fix loading modules with a lot of relocations (Mete Durlu) [RHEL-78999]
  - s390/module: Use s390_kernel_write() for late relocations (Mete Durlu) [RHEL-78999]
  - locking/atomic: Make test_and_*_bit() ordered on failure (Herton R. Krzesinski) [RHEL-69894]
  - pps: Fix a use-after-free (Michal Schmidt) [RHEL-77971]
  - KVM: s390: Change virtual to physical address access in diag 0x258 handler (Thomas Huth) [RHEL-68323 RHEL-65229]
  - KVM: s390: gaccess: Check if guest address is in memslot (Thomas Huth) [RHEL-68323 RHEL-65229]
  - KVM: s390: Fix SORTL and DFLTCC instruction format error in __insn32_query (Thomas Huth) [RHEL-68323 RHEL-65229]
  - s390/uv: Panic for set and remove shared access UVC errors (Thomas Huth) [RHEL-68323 RHEL-65229]
  - KVM: s390: vsie: Use virt_to_phys for crypto control block (Thomas Huth) [RHEL-68323 RHEL-65229]
  - KVM: s390: vsie: Use virt_to_phys for facility control block (Thomas Huth) [RHEL-68323 RHEL-65229]
  - scsi: megaraid_sas: Fix for a potential deadlock (Tomas Henzl) [RHEL-21984] {CVE-2024-57807}
  - net/mlx5: Reload auxiliary devices in pci error handlers (Benjamin Poirier) [RHEL-78756]
  - net/mlx5: Suspend auxiliary devices only in case of PCI device suspend (Benjamin Poirier) [RHEL-78756]

• Thu Feb 20 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.42.1.el8_10]

  - net: skb: exclude the single page frag cache for too small alloc (Paolo Abeni) [RHEL-66261]
  - NFSD: Reset cb_seq_status after NFS4ERR_DELAY (Olga Kornievskaia) [RHEL-79458]
  - mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() (Seiji Nishikawa) [RHEL-64950]
  - scsi: st: Don't set pos_unknown just after device recognition (John Meneghini) [RHEL-78415]
  - ovl: fix use inode directly in rcu-walk mode (Miklos Szeredi) [RHEL-76161]
  - RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP (Kamal Heib) [RHEL-75826]

• Fri Feb 14 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.41.1.el8_10]

  - virtio-net: correctly enable callback during start_xmit (Laurent Vivier) [RHEL-72886]
  - dm snapshot: fix lockup in dm_exception_table_exit (Benjamin Marzinski) [RHEL-76230 RHEL-34599]

• Thu Feb 06 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.40.1.el8_10]

  - media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (Desnes Nunes) [RHEL-69571] {CVE-2024-53104}

• Fri Jan 31 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.39.1.el8_10]

  - gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (Andreas Gruenbacher) [RHEL-73915]