[ol8_baseos_latest] kernel-4.18.0-477.21.1.el8_8.x86_64

Name:	kernel
Version:	4.18.0
Release:	477.21.1.el8_8
Architecture:	x86_64
Group:	System Environment/Kernel
Size:	0
License:	GPLv2 and Redistributable, no modification permitted
RPM:	kernel-4.18.0-477.21.1.el8_8.x86_64.rpm
Source RPM:	kernel-4.18.0-477.21.1.el8_8.src.rpm
Build Date:	Wed Aug 09 2023
Build Host:	build-ol8-x86_64.oracle.com
Vendor:	Oracle America
URL:	http://www.kernel.org/
Summary:	The Linux kernel, based on version 4.18.0, heavily modified with backports
Description:	This is the package which provides the Linux kernel for Red Hat Enterprise Linux. It is based on upstream Linux at version 4.18.0 and maintains kABI compatibility of a set of approved symbols, however it is heavily modified with backports and fixes pulled from newer upstream Linux kernel releases. This means this is not a 4.18.0 kernel anymore: it includes several components which come from newer upstream linux versions, while maintaining a well tested and stable core. Some of the components/backports that may be pulled in are: changes like updates to the core kernel (eg.: scheduler, cgroups, memory management, security fixes and features), updates to block layer, supported filesystems, major driver updates for supported hardware in Red Hat Enterprise Linux, enhancements for enterprise customers, etc.

Changelog (Show File list) (Show related packages)

Tue Aug 08 2023 Nagappan Ramasamy Palaniappan <nagappan.ramasamy.palaniappan@oracle.com> [4.18.0-477.21.1.el8_8.OL8]

- Bluetooth: L2CAP: Fix accepting connection request for invalid SPSM (Tamás Koczka) {CVE-2022-42896}
- net/sched: tcindex: update imperfect hash filters respecting rcu (Jamal Hadi Salim) {CVE-2023-1281}
- net/sched: tcindex: search key must be 16 bits (Jamal Hadi Salim) {CVE-2023-1281}
- net/sched: Retire tcindex classifier (Jamal Hadi Salim) {CVE-2023-1829}
- xfs: verify buffer contents when we skip log replay (Darrick J. Wong) {CVE-2023-2124}
- i2c: xgene-slimpro: Fix out-of-bounds bug in xgene_slimpro_i2c_xfer() (Wei Chen) {CVE-2023-2194}
- perf: Fix check before add_event_to_groups() in perf_group_detach() (Budimir Markovic) {CVE-2023-2235}

Wed Jul 19 2023 Mridula Shastry <mridula.c.shastry@oracle.com> [4.18.0-477.15.1.el8_8.OL8]

- net: tls: fix possible race condition between do_tls_getsockopt_conf() and do_tls_setsockopt_conf() (Hangyu Hua) {CVE-2023-28466}

Tue May 30 2023 Kevin Lyons <kevin.x.lyons@oracle.com> [4.18.0-477.13.1.el8_8.OL8]

- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]

Thu May 18 2023 Lucas Zampieri <lzampier@redhat.com> [4.18.0-477.13.1.el8_8]

- netfilter: nf_tables: deactivate anonymous set from preparation phase (Florian Westphal) [2196147 2196146] {CVE-2023-32233}

Wed May 17 2023 Lucas Zampieri <lzampier@redhat.com> [4.18.0-477.12.1.el8_8]

- redhat/configs: Fix incorrect configs location and content (Vladis Dronov)
- wifi: iwlwifi: mvm: protect TXQ list manipulation (Jose Ignacio Tornos Martinez) [2183471 2152168]
- wifi: iwlwifi: mvm: fix mvmtxq->stopped handling (Jose Ignacio Tornos Martinez) [2183471 2152168]
- migrate: grab the compound head in migration_entry_wait_on_locked (Nico Pache) [2189629 2188249]
- redhat/configs: Fix DEBUG_BLK_CGROUP and BFQ_CGROUP_DEBUG configs (Vladis Dronov)
- redhat: switch release to zstream (Lucas Zampieri)

Tue May 09 2023 Lucas Zampieri <lzampier@redhat.com> [4.18.0-477.11.1.el8_8]

- crypto: drbg - Only fail when jent is unavailable in FIPS mode (Vladis Dronov) [2181730 2175712]
- crypto: jitter - permanent and intermittent health errors (Vladis Dronov) [2181730 2175712]
- crypto: jitter - quit sample collection loop upon RCT failure (Vladis Dronov) [2181730 2175712]
- crypto: jitter - don't limit ->health_failure check to FIPS mode (Vladis Dronov) [2181730 2175712]
- crypto: jitter - drop kernel-doc notation (Vladis Dronov) [2181730 2175712]
- qede: avoid uninitialized entries in coal_entry array (Michal Schmidt) [2176104 2160054]
- qede: fix interrupt coalescing configuration (Jonathan Toppins) [2176104 2160054]
- crypto: qat - add support for 402xx devices (Vladis Dronov) [2176850 2144529]
- crypto: qat - drop log level of msg in get_instance_node() (Vladis Dronov) [2176850 2144529]
- crypto: qat - fix out-of-bounds read (Vladis Dronov) [2176850 2144529]
- Documentation: qat: change kernel version (Vladis Dronov) [2176850 2144529]
- crypto: qat - add qat_zlib_deflate (Vladis Dronov) [2176850 2144529]
- crypto: qat - extend buffer list logic interface (Vladis Dronov) [2176850 2144529]
- crypto: qat - fix spelling mistakes from 'bufer' to 'buffer' (Vladis Dronov) [2176850 2144529]
- crypto: qat - add resubmit logic for decompression (Vladis Dronov) [2176850 2144529]
- crypto: acomp - define max size for destination (Vladis Dronov) [2176850 2144529]
- crypto: qat - enable deflate for QAT GEN4 (Vladis Dronov) [2176850 2144529]
- crypto: qat - expose deflate through acomp api for QAT GEN2 (Vladis Dronov) [2176850 2144529]
- crypto: qat - rename and relocate GEN2 config function (Vladis Dronov) [2176850 2144529]
- crypto: qat - relocate qat_algs_alloc_flags() (Vladis Dronov) [2176850 2144529]
- crypto: qat - relocate backlog related structures (Vladis Dronov) [2176850 2144529]
- crypto: qat - extend buffer list interface (Vladis Dronov) [2176850 2144529]
- crypto: qat - generalize crypto request buffers (Vladis Dronov) [2176850 2144529]
- crypto: qat - change bufferlist logic interface (Vladis Dronov) [2176850 2144529]
- crypto: qat - rename bufferlist functions (Vladis Dronov) [2176850 2144529]
- crypto: qat - relocate bufferlist logic (Vladis Dronov) [2176850 2144529]
- crypto: qat - Use helper to set reqsize (Vladis Dronov) [2176850 2144529]
- crypto: kpp - Add helper to set reqsize (Vladis Dronov) [2176850 2144529]
- crypto: qat - fix error return code in adf_probe (Vladis Dronov) [2176850 2144529]
- crypto: qat - remove ADF_STATUS_PF_RUNNING flag from probe (Vladis Dronov) [2176850 2144529]
- sched/core: Fix arch_scale_freq_tick() on tickless systems (Phil Auld) [2188067 2184083]

Wed Apr 05 2023 Lucas Zampieri <lzampier@redhat.com> [4.18.0-477.10.1.el8_8]

- dm: fix __send_duplicate_bios() to always allow for splitting IO (Benjamin Marzinski) [2184429]
- dm: fix improper splitting for abnormal bios (Benjamin Marzinski) [2184429]

Tue Apr 04 2023 Lucas Zampieri <lzampier@redhat.com> [4.18.0-477.9.1.el8_8]

- ovl: fail on invalid uid/gid mapping at copy up (Miklos Szeredi) [2165342] {CVE-2023-0386}

Mon Apr 03 2023 Lucas Zampieri <lzampier@redhat.com> [4.18.0-477.8.1.el8_8]

- redhat/configs: Put CONFIG_SFC_* to a proper location (Vladis Dronov)
- redhat/configs: Put CONFIG_SEV_GUEST to a proper location (Vladis Dronov)
- Reinstate "GFS2: free disk inode which is deleted by remote node -V2" (Bob Peterson) [2181343]

Thu Mar 30 2023 Patrick Talbert <ptalbert@redhat.com> [4.18.0-477.7.1.el8_8]

- iavf: fix hang on reboot with ice (Stefan Assmann) [2181811]
- iavf: Fix race condition between iavf_shutdown and iavf_remove (Stefan Assmann) [2181811]
- net/ulp: use consistent error code when blocking ULP (Sabrina Dubroca) [2176955 2176956] {CVE-2023-0461}
- net/ulp: prevent ULP without clone op from entering the LISTEN status (Sabrina Dubroca) [2176955 2176956] {CVE-2023-0461}
- lockd: lockd server-side shouldn't set fl_ops (Jeffrey Layton) [2179329]
- NFS: Correct timing for assigning access cache timestamp (Benjamin Coddington) [2180851]
- Switch to z-stream for 8.8 for CKI pipelines (Michael Hofmann)