[ol10_appstream] kernel-headers-6.12.0-55.40.1.0.1.el10_0.aarch64

Name:	kernel-headers
Version:	6.12.0
Release:	55.40.1.0.1.el10_0
Architecture:	aarch64
Group:	Unspecified
Size:	7229437
License:	((GPL-2.0-only WITH Linux-syscall-note) OR BSD-2-Clause) AND ((GPL-2.0-only WITH Linux-syscall-note) OR BSD-3-Clause) AND ((GPL-2.0-only WITH Linux-syscall-note) OR CDDL-1.0) AND ((GPL-2.0-only WITH Linux-syscall-note) OR Linux-OpenIB) AND ((GPL-2.0-only WITH Linux-syscall-note) OR MIT) AND ((GPL-2.0-or-later WITH Linux-syscall-note) OR BSD-3-Clause) AND ((GPL-2.0-or-later WITH Linux-syscall-note) OR MIT) AND 0BSD AND BSD-2-Clause AND (BSD-2-Clause OR Apache-2.0) AND BSD-3-Clause AND BSD-3-Clause-Clear AND CC0-1.0 AND GFDL-1.1-no-invariants-or-later AND GPL-1.0-or-later AND (GPL-1.0-or-later OR BSD-3-Clause) AND (GPL-1.0-or-later WITH Linux-syscall-note) AND GPL-2.0-only AND (GPL-2.0-only OR Apache-2.0) AND (GPL-2.0-only OR BSD-2-Clause) AND (GPL-2.0-only OR BSD-3-Clause) AND (GPL-2.0-only OR CDDL-1.0) AND (GPL-2.0-only OR GFDL-1.1-no-invariants-or-later) AND (GPL-2.0-only OR GFDL-1.2-no-invariants-only) AND (GPL-2.0-only WITH Linux-syscall-note) AND GPL-2.0-or-later AND (GPL-2.0-or-later OR BSD-2-Clause) AND (GPL-2.0-or-later OR BSD-3-Clause) AND (GPL-2.0-or-later OR CC-BY-4.0) AND (GPL-2.0-or-later WITH GCC-exception-2.0) AND (GPL-2.0-or-later WITH Linux-syscall-note) AND ISC AND LGPL-2.0-or-later AND (LGPL-2.0-or-later OR BSD-2-Clause) AND (LGPL-2.0-or-later WITH Linux-syscall-note) AND LGPL-2.1-only AND (LGPL-2.1-only OR BSD-2-Clause) AND (LGPL-2.1-only WITH Linux-syscall-note) AND LGPL-2.1-or-later AND (LGPL-2.1-or-later WITH Linux-syscall-note) AND (Linux-OpenIB OR GPL-2.0-only) AND (Linux-OpenIB OR GPL-2.0-only OR BSD-2-Clause) AND Linux-man-pages-copyleft AND MIT AND (MIT OR Apache-2.0) AND (MIT OR GPL-2.0-only) AND (MIT OR GPL-2.0-or-later) AND (MIT OR LGPL-2.1-only) AND (MPL-1.1 OR GPL-2.0-only) AND (X11 OR GPL-2.0-only) AND (X11 OR GPL-2.0-or-later) AND Zlib AND (copyleft-next-0.3.1 OR GPL-2.0-or-later)
RPM:	kernel-headers-6.12.0-55.40.1.0.1.el10_0.aarch64.rpm
Source RPM:	kernel-6.12.0-55.40.1.0.1.el10_0.src.rpm
Build Date:	Mon Oct 20 2025
Build Host:	build-ol10-aarch64.oracle.com
Vendor:	Oracle America
URL:	https://www.kernel.org/
Summary:	Header files for the Linux kernel for use by glibc
Description:	Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package.

Changelog (Show File list) (Show related packages)

Mon Oct 20 2025 Codrin Pruteanu <codrin.pruteanu@oracle.com> [6.12.0-55.40.1.0.1.el10_0.OL10]

- nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985782]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5.el9
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates
- Update module name for cryptographic module [Orabug: 37400433]

Sat Oct 11 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-55.40.1.el10_0]

- scsi: lpfc: Fix buffer free/clear order in deferred receive path (CKI Backport Bot) [RHEL-119125] {CVE-2025-39841}
- efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare (CKI Backport Bot) [RHEL-118460] {CVE-2025-39817}
- ibmveth: Add multi buffers rx replenishment hcall support (Mamatha Inamdar) [RHEL-116192]
- net: ibmveth: Reset the adapter when unexpected states are detected (Mamatha Inamdar) [RHEL-116192]
- SUNRPC: call xs_sock_process_cmsg for all cmsg (Olga Kornievskaia) [RHEL-110813]
- sunrpc: fix client side handling of tls alerts (Olga Kornievskaia) [RHEL-110813] {CVE-2025-38571}
- s390/pci: Do not try re-enabling load/store if device is disabled (CKI Backport Bot) [RHEL-114447]
- s390/pci: Fix stale function handles in error handling (CKI Backport Bot) [RHEL-114447]
- s390/hypfs: Enable limited access during lockdown (CKI Backport Bot) [RHEL-114430]
- s390/hypfs: Avoid unnecessary ioctl registration in debugfs (CKI Backport Bot) [RHEL-114430]
- ibmvnic: Use ndo_get_stats64 to fix inaccurate SAR reporting (Mamatha Inamdar) [RHEL-114438]
- ibmvnic: Fix hardcoded NUM_RX_STATS/NUM_TX_STATS with dynamic sizeof (Mamatha Inamdar) [RHEL-114438]
- ibmvnic: Add stat for tx direct vs tx batched (Mamatha Inamdar) [RHEL-114438]
- ipv6: reject malicious packets in ipv6_gso_segment() (CKI Backport Bot) [RHEL-113248] {CVE-2025-38572}
- enic: fix incorrect MTU comparison in enic_change_mtu() (John Meneghini) [RHEL-108265]
- net/enic: Allow at least 8 RQs to always be used (John Meneghini) [RHEL-108265]
- enic: get max rq & wq entries supported by hw, 16K queues (John Meneghini) [RHEL-106602]
- enic: cleanup of enic wq request completion path (John Meneghini) [RHEL-106602]
- enic: added enic_wq.c and enic_wq.h (John Meneghini) [RHEL-106602]
- enic: remove unused function cq_enet_wq_desc_dec (John Meneghini) [RHEL-106602]
- enic: enable rq extended cq support (John Meneghini) [RHEL-106602]
- enic: enic rq extended cq defines (John Meneghini) [RHEL-106602]
- enic: enic rq code reorg (John Meneghini) [RHEL-106602]
- enic: Move function from header file to c file (John Meneghini) [RHEL-106602]
- enic: add dependency on Page Pool (John Meneghini) [RHEL-106602]
- enic: remove copybreak tunable (John Meneghini) [RHEL-106602]
- enic: Use the Page Pool API for RX (John Meneghini) [RHEL-106602]
- enic: Simplify RX handler function (John Meneghini) [RHEL-106602]
- enic: Move RX functions to their own file (John Meneghini) [RHEL-106602]
- enic: Fix typo in comment in table indexed by link speed (John Meneghini) [RHEL-106602]
- enic: Obtain the Link speed only after the link comes up (John Meneghini) [RHEL-106602]
- enic: Move RX coalescing set function (John Meneghini) [RHEL-106602]
- enic: Move kdump check into enic_adjust_resources() (John Meneghini) [RHEL-106602]
- enic: Move enic resource adjustments to separate function (John Meneghini) [RHEL-106602]
- enic: Adjust used MSI-X wq/rq/cq/interrupt resources in a more robust way (John Meneghini) [RHEL-106602]
- enic: Allocate arrays in enic struct based on VIC config (John Meneghini) [RHEL-106602]
- enic: Save resource counts we read from HW (John Meneghini) [RHEL-106602]
- enic: Make MSI-X I/O interrupts come after the other required ones (John Meneghini) [RHEL-106602]
- enic: Create enic_wq/rq structures to bundle per wq/rq data (John Meneghini) [RHEL-106602]
- scsi: fnic: Fix missing DMA mapping error in fnic_send_frame() (John Meneghini) [RHEL-111542]
- scsi: fnic: Set appropriate logging level for log message (John Meneghini) [RHEL-111542]
- scsi: fnic: Add and improve logs in FDMI and FDMI ABTS paths (John Meneghini) [RHEL-111542]
- scsi: fnic: Turn off FDMI ACTIVE flags on link down (John Meneghini) [RHEL-111542]
- scsi: fnic: Fix crash in fnic_wq_cmpl_handler when FDMI times out (John Meneghini) [RHEL-111542]
- scsi: fnic: Remove unnecessary spinlock locking and unlocking (John Meneghini) [RHEL-111539]
- scsi: fnic: Replace fnic->lock_flags with local flags (John Meneghini) [RHEL-111539]
- scsi: fnic: Replace use of sizeof with standard usage (John Meneghini) [RHEL-111539]
- scsi: fnic: Fix indentation and remove unnecessary parenthesis (John Meneghini) [RHEL-111539]
- scsi: fnic: Remove unnecessary debug print (John Meneghini) [RHEL-111539]
- scsi: fnic: Propagate SCSI error code from fnic_scsi_drv_init() (John Meneghini) [RHEL-111539]
- scsi: fnic: Test for memory allocation failure and return error code (John Meneghini) [RHEL-111539]
- scsi: fnic: Return appropriate error code from failure of scsi drv init (John Meneghini) [RHEL-111539]
- scsi: fnic: Return appropriate error code for mem alloc failure (John Meneghini) [RHEL-111539]
- scsi: fnic: Remove always-true IS_FNIC_FCP_INITIATOR macro (John Meneghini) [RHEL-111539]
- scsi: fnic: Fix use of uninitialized value in debug message (John Meneghini) [RHEL-111539]
- scsi: fnic: Delete incorrect debugfs error handling (John Meneghini) [RHEL-111539]
- scsi: fnic: Remove unnecessary else to fix warning in FDLS FIP (John Meneghini) [RHEL-111539]
- scsi: fnic: Remove extern definition from .c files (John Meneghini) [RHEL-111539]
- scsi: fnic: Remove unnecessary else and unnecessary break in FDLS (John Meneghini) [RHEL-111539]
- scsi: fnic: Increment driver version (John Meneghini) [RHEL-111539]
- scsi: fnic: Add support to handle port channel RSCN (John Meneghini) [RHEL-111539]
- scsi: fnic: Code cleanup (John Meneghini) [RHEL-111539]
- scsi: fnic: Add stats and related functionality (John Meneghini) [RHEL-111539]
- scsi: fnic: Modify fnic interfaces to use FDLS (John Meneghini) [RHEL-111539]
- scsi: fnic: Modify IO path to use FDLS (John Meneghini) [RHEL-111539]
- scsi: fnic: Add functionality in fnic to support FDLS (John Meneghini) [RHEL-111539]
- scsi: fnic: Add and integrate support for FIP (John Meneghini) [RHEL-111539]
- scsi: fnic: Add and integrate support for FDMI (John Meneghini) [RHEL-111539]
- scsi: fnic: Add Cisco hardware model names (John Meneghini) [RHEL-111539]
- scsi: fnic: Add support for unsolicited requests and responses (John Meneghini) [RHEL-111539]
- scsi: fnic: Add support for target based solicited requests and responses (John Meneghini) [RHEL-111539]
- scsi: fnic: Add support for fabric based solicited requests and responses (John Meneghini) [RHEL-111539]
- scsi: fnic: Add headers and definitions for FDLS (John Meneghini) [RHEL-111539]
- scsi: fnic: Replace shost_printk() with dev_info()/dev_err() (John Meneghini) [RHEL-111539]
- eventpoll: Fix semi-unbounded recursion (CKI Backport Bot) [RHEL-111056] {CVE-2025-38614}
- mm/memory-tier: fix abstract distance calculation overflow (Rafael Aquini) [RHEL-109447]
- KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush (CKI Backport Bot) [RHEL-104737] {CVE-2025-38351}

Sat Oct 04 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-55.39.1.el10_0]

- wifi: ath12k: Decrement TID on RX peer frag setup error handling (CKI Backport Bot) [RHEL-114712] {CVE-2025-39761}
- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (CKI Backport Bot) [RHEL-114695] {CVE-2025-38729}
- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (CKI Backport Bot) [RHEL-114695]
- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (CKI Backport Bot) [RHEL-114695] {CVE-2025-39757}
- HID: core: Harden s32ton() against conversion to 0 bits (CKI Backport Bot) [RHEL-111037] {CVE-2025-38556}
- HID: stop exporting hid_snto32() (CKI Backport Bot) [RHEL-111037] {CVE-2025-38556}
- HID: simplify snto32() (CKI Backport Bot) [RHEL-111037] {CVE-2025-38556}
- cxl: core/region - ignore interleave granularity when ways=1 (John W. Linville) [RHEL-107595]

Tue Sep 30 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-55.38.1.el10_0]

- hv_netvsc: Fix panic during namespace deletion with VF (Maxim Levitsky) [RHEL-114930]
- RDMA/mana_ib: Fix DSCP value in modify QP (Maxim Levitsky) [RHEL-114930]
- net: mana: Handle Reset Request from MANA NIC (Maxim Levitsky) [RHEL-114930]
- net: mana: Set tx_packets to post gso processing packet count (Maxim Levitsky) [RHEL-114930]
- net: mana: Handle unsupported HWC commands (Maxim Levitsky) [RHEL-114930]
- net: mana: Add handler for hardware servicing events (Maxim Levitsky) [RHEL-114930]
- net: mana: Expose additional hardware counters for drop and TC via ethtool. (Maxim Levitsky) [RHEL-114930]
- hv_netvsc: Set VF priv_flags to IFF_NO_ADDRCONF before open to prevent IPv6 addrconf (Maxim Levitsky) [RHEL-114930]
- net: mana: Record doorbell physical address in PF mode (Maxim Levitsky) [RHEL-114930]
- net: mana: Add support for Multi Vports on Bare metal (Maxim Levitsky) [RHEL-114930]
- net: mana: Switch to page pool for jumbo frames (Maxim Levitsky) [RHEL-114930]
- net: mana: Add metadata support for xdp mode (Maxim Levitsky) [RHEL-114930]
- RDMA/mana_ib: Handle net event for pointing to the current netdev (Maxim Levitsky) [RHEL-114930]
- net: mana: Change the function signature of mana_get_primary_netdev_rcu (Maxim Levitsky) [RHEL-114930]
- RDMA/mana_ib: Ensure variable err is initialized (Maxim Levitsky) [RHEL-114930]
- net: mana: Add debug logs in MANA network driver (Maxim Levitsky) [RHEL-114930]
- hv_netvsc: Use VF's tso_max_size value when data path is VF (Maxim Levitsky) [RHEL-114930]
- net: mana: Allow tso_max_size to go up-to GSO_MAX_SIZE (Maxim Levitsky) [RHEL-114930]
- RDMA/mana_ib: request error CQEs when supported (Maxim Levitsky) [RHEL-114930]
- RDMA/mana_ib: Query feature_flags bitmask from FW (Maxim Levitsky) [RHEL-114930]
- net: mana: Support holes in device list reply msg (Maxim Levitsky) [RHEL-114930]
- RDMA/mana_ib: Allocate PAGE aligned doorbell index (Maxim Levitsky) [RHEL-114930]
- hv_netvsc: Link queues to NAPIs (Maxim Levitsky) [RHEL-114930]
- sctp: linearize cloned gso packets in sctp_rcv (CKI Backport Bot) [RHEL-113339] {CVE-2025-38718}
- nfsd: don't ignore the return code of svc_proc_register() (Olga Kornievskaia) [RHEL-93626] {CVE-2025-22026}
- smb: client: fix session setup against servers that require SPN (Paulo Alcantara) [RHEL-107110]
- smb: client: allow parsing zero-length AV pairs (Paulo Alcantara) [RHEL-107110]
- RDMA/cxgb4: Notify rdma stack for IB_EVENT_QP_LAST_WQE_REACHED event (CKI Backport Bot) [RHEL-100817]

Wed Sep 24 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-55.37.1.el10_0]

- selftests: tls: add tests for zero-length records (Sabrina Dubroca) [RHEL-114331] {CVE-2025-39682}
- tls: fix handling of zero-length records on the rx_list (Sabrina Dubroca) [RHEL-114331] {CVE-2025-39682}
- fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (Audra Mitchell) [RHEL-110313] {CVE-2025-38396}

Mon Sep 22 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-55.36.1.el10_0]

- io_uring/futex: ensure io_futex_wait() cleans up properly on failure (CKI Backport Bot) [RHEL-114341] {CVE-2025-39698}
- ice: use fixed adapter index for E825C embedded devices (CKI Backport Bot) [RHEL-111792]
- ice: use DSN instead of PCI BDF for ice_adapter index (CKI Backport Bot) [RHEL-111792]
- tcp: drop secpath at the same time as we currently drop dst (Sabrina Dubroca) [RHEL-82133]

Fri Sep 19 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-55.35.1.el10_0]

- cifs: Fix reading into an ITER_FOLIOQ from the smbdirect code (Paulo Alcantara) [RHEL-111177]
- cifs: Fix the smbd_response slab to allow usercopy (Paulo Alcantara) [RHEL-111177] {CVE-2025-38523}
- smb: client: let smbd_post_send_iter() respect the peers max_send_size and transmit all data (Paulo Alcantara) [RHEL-111177]
- smb: client: fix max_sge overflow in smb_extract_folioq_to_rdma() (Paulo Alcantara) [RHEL-111177]
- smb: client: make use of common smbdirect_socket_parameters (Paulo Alcantara) [RHEL-111177]
- smb: smbdirect: introduce smbdirect_socket_parameters (Paulo Alcantara) [RHEL-111177]
- smb: client: make use of common smbdirect_socket (Paulo Alcantara) [RHEL-111177]
- smb: smbdirect: add smbdirect_socket.h (Paulo Alcantara) [RHEL-111177]
- smb: client: make use of common smbdirect.h (Paulo Alcantara) [RHEL-111177]
- smb: smbdirect: add smbdirect.h with public structures (Paulo Alcantara) [RHEL-111177]
- smb: client: make use of common smbdirect_pdu.h (Paulo Alcantara) [RHEL-111177]
- smb: smbdirect: add smbdirect_pdu.h with protocol definitions (Paulo Alcantara) [RHEL-111177]
- s390/sclp: Fix SCCB present check (CKI Backport Bot) [RHEL-113561] {CVE-2025-39694}
- net: stmmac: fix TSO DMA API usage causing oops (Izabela Bakollari) [RHEL-105352]
- smb: client: fix use-after-free in cifs_oplock_break (CKI Backport Bot) [RHEL-111198] {CVE-2025-38527}

Mon Sep 15 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-55.34.1.el10_0]

- sunrpc: fix handling of server side tls alerts (Olga Kornievskaia) [RHEL-111073] {CVE-2025-38566}
- i40e: When removing VF MAC filters, only check PF-set MAC (CKI Backport Bot) [RHEL-109771]
- usb: dwc3: gadget: check that event count does not exceed event buffer length (CKI Backport Bot) [RHEL-107659] {CVE-2025-37810}

Tue Sep 09 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.33.1.el10_0]

- xfrm: interface: fix use-after-free after changing collect_md xfrm interface (CKI Backport Bot) [RHEL-109530] {CVE-2025-38500}
- idpf: convert control queue mutex to a spinlock (CKI Backport Bot) [RHEL-106061] {CVE-2025-38392}
- eth: bnxt: fix missing ring index trim on error path (CKI Backport Bot) [RHEL-104564] {CVE-2025-37873}
- tcp: Correct signedness in skb remaining space calculation (CKI Backport Bot) [RHEL-107844] {CVE-2025-38463}
- ipv6: mcast: Delay put pmc->idev in mld_del_delrec() (CKI Backport Bot) [RHEL-111154] {CVE-2025-38550}
- redhat: selftests/bpf: Add cpuv4 variant (Viktor Malik) [RHEL-109928]
- i40e: report VF tx_dropped with tx_errors instead of tx_discards (Dennis Chen) [RHEL-105138] {CVE-2025-38200}
- use uniform permission checks for all mount propagation changes (Ian Kent) [RHEL-107306] {CVE-2025-38498}
- do_change_type(): refuse to operate on unmounted/not ours mounts (Ian Kent) [RHEL-107306] {CVE-2025-38498}
- ublk: make sure ubq->canceling is set when queue is frozen (Ming Lei) [RHEL-99437] {CVE-2025-22068}
- net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM JIRA: https://issues.redhat.com/browse/RHEL-109821 Y-JIRA: https://issues.redhat.com/browse/RHEL-79173 (Jakub Ramaseuski)
- scsi: lpfc: Use memcpy() for BIOS version (Ewan D. Milne) [RHEL-105936] {CVE-2025-38332}
- net: introduce per netns packet chains (Paolo Abeni) [RHEL-88923]

Tue Sep 09 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.32.1.el10_0]

- posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (CKI Backport Bot) [RHEL-112784] {CVE-2025-38352}