[ol10_baseos_latest] kernel-debug-core-6.12.0-55.28.1.0.1.el10_0.x86_64

Name:	kernel-debug-core
Version:	6.12.0
Release:	55.28.1.0.1.el10_0
Architecture:	x86_64
Group:	Unspecified
Size:	105154189
License:	((GPL-2.0-only WITH Linux-syscall-note) OR BSD-2-Clause) AND ((GPL-2.0-only WITH Linux-syscall-note) OR BSD-3-Clause) AND ((GPL-2.0-only WITH Linux-syscall-note) OR CDDL-1.0) AND ((GPL-2.0-only WITH Linux-syscall-note) OR Linux-OpenIB) AND ((GPL-2.0-only WITH Linux-syscall-note) OR MIT) AND ((GPL-2.0-or-later WITH Linux-syscall-note) OR BSD-3-Clause) AND ((GPL-2.0-or-later WITH Linux-syscall-note) OR MIT) AND 0BSD AND BSD-2-Clause AND (BSD-2-Clause OR Apache-2.0) AND BSD-3-Clause AND BSD-3-Clause-Clear AND CC0-1.0 AND GFDL-1.1-no-invariants-or-later AND GPL-1.0-or-later AND (GPL-1.0-or-later OR BSD-3-Clause) AND (GPL-1.0-or-later WITH Linux-syscall-note) AND GPL-2.0-only AND (GPL-2.0-only OR Apache-2.0) AND (GPL-2.0-only OR BSD-2-Clause) AND (GPL-2.0-only OR BSD-3-Clause) AND (GPL-2.0-only OR CDDL-1.0) AND (GPL-2.0-only OR GFDL-1.1-no-invariants-or-later) AND (GPL-2.0-only OR GFDL-1.2-no-invariants-only) AND (GPL-2.0-only WITH Linux-syscall-note) AND GPL-2.0-or-later AND (GPL-2.0-or-later OR BSD-2-Clause) AND (GPL-2.0-or-later OR BSD-3-Clause) AND (GPL-2.0-or-later OR CC-BY-4.0) AND (GPL-2.0-or-later WITH GCC-exception-2.0) AND (GPL-2.0-or-later WITH Linux-syscall-note) AND ISC AND LGPL-2.0-or-later AND (LGPL-2.0-or-later OR BSD-2-Clause) AND (LGPL-2.0-or-later WITH Linux-syscall-note) AND LGPL-2.1-only AND (LGPL-2.1-only OR BSD-2-Clause) AND (LGPL-2.1-only WITH Linux-syscall-note) AND LGPL-2.1-or-later AND (LGPL-2.1-or-later WITH Linux-syscall-note) AND (Linux-OpenIB OR GPL-2.0-only) AND (Linux-OpenIB OR GPL-2.0-only OR BSD-2-Clause) AND Linux-man-pages-copyleft AND MIT AND (MIT OR Apache-2.0) AND (MIT OR GPL-2.0-only) AND (MIT OR GPL-2.0-or-later) AND (MIT OR LGPL-2.1-only) AND (MPL-1.1 OR GPL-2.0-only) AND (X11 OR GPL-2.0-only) AND (X11 OR GPL-2.0-or-later) AND Zlib AND (copyleft-next-0.3.1 OR GPL-2.0-or-later)
RPM:	kernel-debug-core-6.12.0-55.28.1.0.1.el10_0.x86_64.rpm
Source RPM:	kernel-6.12.0-55.28.1.0.1.el10_0.src.rpm
Build Date:	Thu Aug 21 2025
Build Host:	build-ol10-x86_64.oracle.com
Vendor:	Oracle America
URL:	https://www.kernel.org/
Summary:	The Linux kernel compiled with PREEMPT_RT enabled
Description:	The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. This variant of the kernel has numerous debugging options enabled. It should only be installed when trying to gather additional information on kernel bugs, as some of these options impact performance noticably.

Changelog (Show File list) (Show related packages)

Wed Aug 20 2025 Alex Burmashev <alexander.burmashev@oracle.com> [6.12.0-55.28.1.0.1.el10_0.OL10]

- nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985782]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5.el9
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates
- Update module name for cryptographic module [Orabug: 37400433]

Wed Aug 20 2025 Alex Burmashev <alexander.burmashev@oracle.com> [6.12.0-55.28.1.el10_0]

- Conflict with xdp-tools < 1.5.4
- Bump internal version to 55.28.1
- tls: always refresh the queue when reading sock - CVE-2025-38471
- selftests: net: bpf_offload: add 'libbpf_global' to ignored maps
- selftests: net: fix error message in bpf_offload
- selftests: net: add more info to error in bpf_offload
- net: fix udp gso skb_segment after pull from frag_list - CVE-2025-38124
- powerpc/pseries/vas: Add close() callback in vas_vm_ops struct
- s390/pci: Serialize device addition and removal
- s390/pci: Allow re-add of a reserved but not yet removed device
- s390/pci: Prevent self deletion in disable_slot()
- s390/pci: Remove redundant bus removal and disable from zpci_release_device()
- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs
- s390/pci: Fix missing check for zpci_create_device() error return
- s390/pci: Fix potential double remove of hotplug slot
- s390/topology: Improve topology detection
- Bluetooth: hci_core: Fix use-after-free in vhci_flush() - CVE-2025-38250
- selftests/bpf: Adjust data size to have ETH_HLEN - CVE-2025-21867
- bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() - CVE-2025-21867
- i2c/designware: Fix an initialization issue - CVE-2025-38380

Thu Aug 14 2025 Alex Burmashev <alexander.burmashev@oracle.com> [6.12.0-55.27.1.el10_0]

- Bump internal version to 55.27.1
- Fix includes for mm: fix copy_vma() error handling for hugetlb mappings
- Revert sch_htb: make htb_qlen_notify() idempotent
- Revert sch_drr: make drr_qlen_notify() idempotent
- Revert sch_qfq: make qfq_qlen_notify() idempotent
- Revert codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()
- Revert sch_htb: make htb_deactivate() idempotent
- Revert net/sched: Always pass notifications when child class becomes empty
- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds - CVE-2025-38159
- Documentation: Fix pci=config_acs= example
- PCI/ACS: Fix 'pci=config_acs=' parameter
- Revert "smb: client: fix TCP timers deadlock after rmmod" - CVE-2025-22077
- Revert smb: client: Fix netns refcount imbalance causing leaks and use-after-free 
- smb: client: Fix netns refcount imbalance causing leaks and use-after-free
- wifi: ath12k: fix invalid access to memory - CVE-2025-38292
- x86/CPU/AMD: Terminate the erratum_1386_microcode array - CVE-2024-56721
- crypto: algif_hash - fix double free in hash_accept - CVE-2025-38079
- net/sched: Always pass notifications when child class becomes empty - CVE-2025-38350
- sch_htb: make htb_deactivate() idempotent - CVE-2025-38350
- codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() - CVE-2025-38350
- sch_qfq: make qfq_qlen_notify() idempotent - CVE-2025-38350
- sch_drr: make drr_qlen_notify() idempotent - CVE-2025-38350
- sch_htb: make htb_qlen_notify() idempotent - CVE-2025-38350
- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race - CVE-2025-38085
- mm/hugetlb: unshare page tables during VMA split, not before - CVE-2025-38084
- tools/testing/vma: add missing function stub
- mm: fix copy_vma() error handling for hugetlb mappings
- PCI: Use downstream bridges for distributing resources
- PCI/pwrctrl: Cancel outstanding rescan work when unregistering - CVE-2025-38137
- bnxt_en: Skip MAC loopback selftest if it is unsupported by FW
- bnxt_en: Skip PHY loopback ethtool selftest if unsupported by FW

Thu Aug 07 2025 Alex Burmashev <alexander.burmashev@oracle.com> [6.12.0-55.25.1.el10_0]

- Bump internal version to 55.25.1
- net_sched: hfsc: Address reentrant enqueue adding class to eltree twice - CVE-2025-38001
- sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() - CVE-2025-38000
- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc - CVE-2025-37890
- sch_hfsc: make hfsc_qlen_notify() idempotent
- RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem - CVE-2025-38022
- RDMA/core: Fix use-after-free when rename device name - CVE-2025-22085
- nvme-tcp: sanitize request list handling - CVE-2025-38264
- net: tipc: fix refcount warning in tipc_aead_encrypt
- net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done - CVE-2025-38052
- tcp: adjust rcvq_space after updating scaling ratio
- ext4: avoid journaling sb update on error if journal is destroying - CVE-2025-22113
- ext4: define ext4_journal_destroy wrapper - CVE-2025-22113
- HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() - CVE-2025-21928
- HID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove() - CVE-2025-21929
- usb: hub: Fix flushing of delayed work used for post resume purposes
- usb: hub: Fix flushing and scheduling of delayed work that tunes runtime pm
- usb: hub: fix detection of high tier USB3 devices behind suspended hubs
- net/sched: fix use-after-free in taprio_dev_notifier - CVE-2025-38087
- net: ch9200: fix uninitialised access during mii_nway_restart - CVE-2025-38086
- padata: avoid UAF for reorder_work - CVE-2025-21726
- padata: fix UAF in padata_reorder - CVE-2025-21727
- padata: add pd get/put refcnt helper
- padata: fix sysfs store callback check
- padata: Clean up in padata_do_multithreaded()
- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove -CVE-2025-22020

Tue Jul 29 2025 Alex Burmashev <alexander.burmashev@oracle.com> [6.12.0-55.24.1.el10_0]

- Bump internal version to 55.24.1
- net_sched: hfsc: Fix a UAF vulnerability in class handling - CVE-2025-37797
- ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() - CVE-2025-22121
- ext4: introduce ITAIL helper - CVE-2025-22121
- net/mdiobus: Fix potential out-of-bounds clause 45 read/write access - CVE-2025-38110
- powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() - CVE-2025-38088
- powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap - CVE-2025-38088
- net/mlx5: Fill out devlink dev info only for PFs
- RDMA/mlx5: Fix page_size variable overflow - CVE-2025-22091
- ACPI: CPPC: Fix _CPC register setting issue

Tue Jul 22 2025 Alex Burmashev <alexander.burmashev@oracle.com> [6.12.0-55.22.1.el10_0]

- Bump internal version to 55.22.1
- mm/huge_memory: fix dereferencing invalid pmd migration entry - CVE-2025-37958
- i2c: tegra: check msg length in SMBUS block read
- s390/virtio_ccw: Don't allocate/assign airqs for non-existing queues
- sunrpc: handle SVC_GARBAGE during svc auth processing as auth error - CVE-2025-38089
- media: uvcvideo: Announce the user our deprecation intentions
- media: uvcvideo: Allow changing noparam on the fly
- media: uvcvideo: Invert default value for nodrop module param
- media: uvcvideo: Propagate buf->error to userspace
- media: uvcvideo: Flush the control cache when we get an event
- media: uvcvideo: Annotate lock requirements for uvc_ctrl_set
- media: uvcvideo: Remove dangling pointers - CVE-2024-58002
- media: uvcvideo: Remove redundant NULL assignment
- media: uvcvideo: Only save async fh if success
- media: uvcvideo: Fix double free in error path - CVE-2024-57980
- wifi: iwlwifi: limit printed string from FW file - CVE-2025-21905

Tue Jul 15 2025 Alex Burmashev <alexander.burmashev@oracle.com> [6.12.0-55.21.1.el10_0]

- Bump internal version to 55.21.1
- ice, irdma: fix an off by one in error handling code
- irdma: free iwdev->rf after removing MSI-X
- ice: Fix signedness bug in ice_init_interrupt_scheme()
- ice: init flow director before RDMA
- ice: simplify VF MSI-X managing
- ice: enable_rdma devlink param
- ice: treat dyn_allowed only as suggestion
- ice, irdma: move interrupts code to irdma
- ice: get rid of num_lan_msix field
- ice: remove splitting MSI-X between features
- ice: devlink PF MSI-X max and min parameter
- ice: ice_probe: init ice_adapter after HW init
- ice: minor: rename goto labels from err to unroll
- ice: split ice_init_hw() out from ice_init_dev()
- ice: c827: move wait for FW to ice_init_hw()
- exfat: fix random stack corruption after get_block - CVE-2025-22036

Mon Jul 07 2025 Alex Burmashev <alexander.burmashev@oracle.com> [6.12.0-55.20.1.el10_0]

- Bump internal version to 55.20.1
- Adjust page_pool: Track DMA-mapped pages and unmap them when destroying the pool
- Adjust dm mpath: Interface for explicit probing of active paths
- x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes - CVE-2025-21991
- page_pool: Track DMA-mapped pages and unmap them when destroying the pool
- page_pool: Move pp_magic check into helper functions
- scsi: storvsc: Explicitly set max_segment_size to UINT_MAX
- vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp - CVE-2025-37799
- dm mpath: replace spin_lock_irqsave with spin_lock_irq
- dm-mpath: Don't grab work_mutex while probing paths
- dm mpath: Interface for explicit probing of active paths
- dm: Allow .prepare_ioctl to handle ioctls directly
- ipv6: mcast: extend RCU protection in igmp6_send() - CVE-2025-21759

Tue Jul 01 2025 Alex Burmashev <alexander.burmashev@oracle.com> [6.12.0-55.19.1.el10_0]

- Clean git history at setup stage
- Prevent kABI check error for BLK_CGROUP_PUNT_BIO
- Bump internal version to 55.19.1
- ibmvnic: Use kernel helpers for hex dumps
- eth: bnxt: fix truesize for mb-xdp-pass case
- ice: Avoid setting default Rx VSI twice in switchdev setup
- ice: Fix deinitializing VF in error path
- ice: add E830 HW VF mailbox message limit support
- block/Kconfig: Allow selecting BLK_CGROUP_PUNT_BIO

Tue Jun 24 2025 Alex Burmashev <alexander.burmashev@oracle.com> [6.12.0-55.18.1.el10_0]

- Import config changes from Centos Stream kernel kernel-6.12.0-77.el10
- Bump internal version to 55.18.1
- drm/i915/dp_mst: Handle error during DSC BW overhead/slice calculation
- sched/rt: Fix race in push_rt_task MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit
- mm/vmalloc: combine all TLB flush operations of KASAN shadow virtual address into one operation - upstream CVE-2024-56559
- block: make sure ->nr_integrity_segments is cloned in blk_rq_prep_clone
- proc: fix UAF in proc_get_inode() CVE-2025-21999
- ext4: ignore xattrs past end CVE-2025-37738
- nvme-fabrics: handle zero MAXCMD without closing the connection
- ext4: fix off-by-one error in do_split CVE-2025-23150
- r8169: disable RTL8126 ZRX-DC timeout
- r8169: enable RTL8168H/RTL8168EP/RTL8168FP ASPM support
- vmxnet3: unregister xdp rxq info in the reset path
- block: fix 'kmem_cache of name 'bio-108' already exists'
- ice: implement low latency PHY timer updates
- ice: check low latency PHY timer update firmware capability
- ice: add lock to protect low latency interface
- ice: rename TS_LL_READ* macros to REG_LL_PROXY_H_*
- ice: use read_poll_timeout_atomic in ice_read_phy_tstamp_ll_e810
- cifs: Fix integer overflow while processing acdirmax mount option CVE-2025-21963
- smb: client: fix UAF in decryption with multichannel CVE-2025-37750
- sched/fair: Fix CPU bandwidth limit bypass during CPU hotplug
- keys: Fix UAF in key_put() CVE-2025-21893
- ndisc: use RCU protection in ndisc_alloc_skb() CVE-2025-21764
- ipv6: use RCU protection in ip6_default_advmss() CVE-2025-21765
- net: add dev_net_rcu() helper CVE-2025-21765
- vfio/pci: Align huge faults to order
- Bluetooth: L2CAP: Fix corrupted list in hci_chan_del CVE-2025-21969
- Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd CVE-2025-21969
- cifs: Fix integer overflow while processing closetimeo mount option CVE-2025-21962
- ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up CVE-2025-21887
- wifi: cfg80211: init wiphy_work before allocating rfkill fails CVE-2025-21979
- wifi: cfg80211: cancel wiphy_work before freeing wiphy CVE-2025-21979
- net: fix geneve_opt length integer overflow CVE-2025-22055
- vsock/virtio: discard packets if the transport changes CVE-2025-21669
- net: gso: fix ownership in __udp_gso_segment CVE-2025-21926
- xsk: fix an integer overflow in xp_create_and_assign_umem() CVE-2025-21997
- wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi CVE-2025-37943
- sched/fair: Fix potential memory corruption in child_cfs_rq_on_list CVE-2025-21919
- drm/i915/display: Use joined pipes in dsc helpers for slices, bpp - upstream
- drm/i915/display: Use joined pipes in intel_mode_valid_max_plane_size - upstream
- drm/i915/display: Use joined pipes in intel_dp_joiner_needs_dsc - upstream
- drm/i915/display: Simplify intel_joiner_num_pipes and it's usage - upstream
- drm/i915/display: Check whether platform supports joiner - upstream
- Revert drm/i915/dp_mst: Handle error during DSC BW overhead/slice
- Revert drm/i915/dp_mst: Don't require DSC hblank quirk for a non-DSC
- drm/mgag200: Added support for the new device G200eH5 - upstream
- cifs: Fix integer overflow while processing acregmax mount option CVE-2025-21964
- ext4: fix OOB read when checking dotdot dir CVE-2025-37785
- vsock: Orphan socket after transport release CVE-2025-21756
- vsock: Keep the binding until socket destruction CVE-2025-21756
- bpf, vsock: Invoke proto::close on close() CVE-2025-21756
- idpf: call set_real_num_queues in idpf_open
- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format CVE-2024-53104
- redhat: enable CONFIG_WERROR=y
- redhat: don't enforce WERROR for 3rd-party OOT kmods
- redhat: make ENABLE_WERROR enable also KVM_WERROR
- fortify: Hide run-time copy size from value range tracking
- resolve_btfids: Fix compiler warnings
- ixgbe: fix media cage present detection for E610 device
- ixgbe: fix media type detection for E610 device
- ixgbevf: Add support for Intel(R) E610 device
- PCI: Add PCI_VDEVICE_SUB helper macro
- ixgbe: Enable link management in E610 device
- ixgbe: Clean up the E610 link management related code
- ixgbe: Add ixgbe_x540 multiple header inclusion protection
- ixgbe: Add support for EEPROM dump in E610 device
- ixgbe: Add support for NVM handling in E610 device
- ixgbe: Add link management support for E610 device
- ixgbe: Add support for E610 device capabilities detection
- ixgbe: Add support for E610 FW Admin Command Interface
- smb: client: don't retry IO on failed negprotos with soft mounts - pick from MR
- scsi: core: Fix command pass through retry regression - cherry pick from MR
- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature CVE-2025-21966
- ice: stop storing XDP verdict within ice_rx_buf
- ice: gather page_count()'s of each frag right before XDP prog call
- ice: put Rx buffers after being done with current frame
- iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() CVE-2025-21993
- smb: client: fix regression with guest option
- pnfs/flexfiles: retry getting layout segment for reads
- nfs: fix incorrect error handling in LOCALIO
- nfs: probe for LOCALIO when v3 client reconnects to server
- nfs: probe for LOCALIO when v4 client reconnects to server
- nfs/localio: remove redundant code and simplify LOCALIO enablement
- nfs_common: add nfs_localio trace events
- nfs_common: track all open nfsd_files per LOCALIO nfs_client
- nfs_common: rename nfslocalio nfs_uuid_lock to nfs_uuids_lock
- nfsd: nfsd_file_acquire_local no longer returns GC'd nfsd_file
- nfsd: rename nfsd_serv_ prefixed methods and variables with nfsd_net_
- nfsd: update percpu_ref to manage references on nfsd_net
- nfs: cache all open LOCALIO nfsd_file(s) in client
- nfs_common: move localio_lock to new lock member of nfs_uuid_t
- nfs_common: rename functions that invalidate LOCALIO nfs_clients
- nfsd: add nfsd_file_{get,put} to 'nfs_to' nfsd_localio_operations
- nfs/localio: add direct IO enablement with sync and async IO support
- ice: ensure periodic output start time is in the future
- ice: fix PHY Clock Recovery availability check
- ice: Drop auxbus use for PTP to finalize ice_adapter move
- ice: Use ice_adapter for PTP shared data instead of auxdev
- ice: Initial support for E825C hardware in ice_adapter
- ice: Add ice_get_ctrl_ptp() wrapper to simplify the code
- ice: Introduce ice_get_phy_model() wrapper
- ice: Enable 1PPS out from CGU for E825C products
- ice: Read SDP section from NVM for pin definitions
- ice: Disable shared pin on E810 on setfunc
- ice: Cache perout/extts requests and check flags
- ice: Align E810T GPIO to other products
- ice: Add SDPs support for E825C
- ice: Implement ice_ptp_pin_desc
- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() - modified CVE-2025-21927
- scsi: storvsc: Set correct data length for sending SCSI command without payload
- smb: client: fix chmod(2) regression with ATTR_READONLY
- mm/hugetlb: fix hugepage allocation for interleaved memory nodes
- net: mana: use ethtool string helpers
- net: mana: cleanup mana struct after debugfs_remove() - upstream
- net: mana: Cleanup "mana" debugfs dir after cleanup of all children
- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs
- net: mana: Fix memory leak in mana_gd_setup_irqs
- net :mana :Request a V2 response version for MANA_QUERY_GF_STAT
- net: mana: Enable debugfs files for MANA device
- net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024
- net: mana: Add get_link and get_link_ksettings in ethtool