[ol10_codeready_builder] kernel-cross-headers-6.12.0-124.16.1.el10_1.x86_64

Name:	kernel-cross-headers
Version:	6.12.0
Release:	124.16.1.el10_1
Architecture:	x86_64
Group:	Unspecified
Size:	33958677
License:	((GPL-2.0-only WITH Linux-syscall-note) OR BSD-2-Clause) AND ((GPL-2.0-only WITH Linux-syscall-note) OR BSD-3-Clause) AND ((GPL-2.0-only WITH Linux-syscall-note) OR CDDL-1.0) AND ((GPL-2.0-only WITH Linux-syscall-note) OR Linux-OpenIB) AND ((GPL-2.0-only WITH Linux-syscall-note) OR MIT) AND ((GPL-2.0-or-later WITH Linux-syscall-note) OR BSD-3-Clause) AND ((GPL-2.0-or-later WITH Linux-syscall-note) OR MIT) AND 0BSD AND BSD-2-Clause AND (BSD-2-Clause OR Apache-2.0) AND BSD-3-Clause AND BSD-3-Clause-Clear AND CC0-1.0 AND GFDL-1.1-no-invariants-or-later AND GPL-1.0-or-later AND (GPL-1.0-or-later OR BSD-3-Clause) AND (GPL-1.0-or-later WITH Linux-syscall-note) AND GPL-2.0-only AND (GPL-2.0-only OR Apache-2.0) AND (GPL-2.0-only OR BSD-2-Clause) AND (GPL-2.0-only OR BSD-3-Clause) AND (GPL-2.0-only OR CDDL-1.0) AND (GPL-2.0-only OR GFDL-1.1-no-invariants-or-later) AND (GPL-2.0-only OR GFDL-1.2-no-invariants-only) AND (GPL-2.0-only WITH Linux-syscall-note) AND GPL-2.0-or-later AND (GPL-2.0-or-later OR BSD-2-Clause) AND (GPL-2.0-or-later OR BSD-3-Clause) AND (GPL-2.0-or-later OR CC-BY-4.0) AND (GPL-2.0-or-later WITH GCC-exception-2.0) AND (GPL-2.0-or-later WITH Linux-syscall-note) AND ISC AND LGPL-2.0-or-later AND (LGPL-2.0-or-later OR BSD-2-Clause) AND (LGPL-2.0-or-later WITH Linux-syscall-note) AND LGPL-2.1-only AND (LGPL-2.1-only OR BSD-2-Clause) AND (LGPL-2.1-only WITH Linux-syscall-note) AND LGPL-2.1-or-later AND (LGPL-2.1-or-later WITH Linux-syscall-note) AND (Linux-OpenIB OR GPL-2.0-only) AND (Linux-OpenIB OR GPL-2.0-only OR BSD-2-Clause) AND Linux-man-pages-copyleft AND MIT AND (MIT OR Apache-2.0) AND (MIT OR GPL-2.0-only) AND (MIT OR GPL-2.0-or-later) AND (MIT OR LGPL-2.1-only) AND (MPL-1.1 OR GPL-2.0-only) AND (X11 OR GPL-2.0-only) AND (X11 OR GPL-2.0-or-later) AND Zlib AND (copyleft-next-0.3.1 OR GPL-2.0-or-later)
RPM:	kernel-cross-headers-6.12.0-124.16.1.el10_1.x86_64.rpm
Source RPM:	kernel-6.12.0-124.16.1.el10_1.src.rpm
Build Date:	Tue Dec 02 2025
Build Host:	build-ol10-x86_64.oracle.com
Vendor:	Oracle America
URL:	https://www.kernel.org/
Summary:	Header files for the Linux kernel for use by cross-glibc
Description:	Kernel-cross-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the cross-glibc package.

Changelog (Show File list) (Show related packages)

Mon Dec 01 2025 Craig Guiller <craig.guiller@oracle.com> [6.12.0-124.16.1.el10_1.OL10]

- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985782]
- Disable UKI signing [Orabug: 36571828]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5.el9
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
- Add Oracle Linux IMA certificates
- Update module name for cryptographic module [Orabug: 37400433]
- Clean git history at setup stage

Sat Nov 22 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-124.16.1.el10_1]

- bpf: Fix metadata_dst leak __bpf_redirect_neigh_v{4,6} (Xin Long) [RHEL-125759]
- mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory (CKI Backport Bot) [RHEL-119161] {CVE-2025-39883}

Thu Nov 20 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-124.15.1.el10_1]

- nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm() (CKI Backport Bot) [RHEL-125623] {CVE-2025-38724}
- wifi: mt76: free pending offchannel tx frames on wcid cleanup (Jose Ignacio Tornos Martinez) [RHEL-123070]
- wifi: mt76: do not add non-sta wcid entries to the poll list (Jose Ignacio Tornos Martinez) [RHEL-123070]
- wifi: mt76: fix linked list corruption (Jose Ignacio Tornos Martinez) [RHEL-123070] {CVE-2025-39918}

Wed Nov 19 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-124.14.1.el10_1]

- ublk: make sure ubq->canceling is set when queue is frozen (Ming Lei) [RHEL-99436] {CVE-2025-22068}
- e1000e: fix heap overflow in e1000_set_eeprom (Corinna Vinschen) [RHEL-123127] {CVE-2025-39898}
- i40e: add mask to apply valid bits for itr_idx (Michal Schmidt) [RHEL-123811]
- i40e: add max boundary check for VF filters (Michal Schmidt) [RHEL-123811] {CVE-2025-39968}
- i40e: fix validation of VF state in get resources (Michal Schmidt) [RHEL-123811] {CVE-2025-39969}
- i40e: fix input validation logic for action_meta (Michal Schmidt) [RHEL-123811] {CVE-2025-39970}
- i40e: fix idx validation in config queues msg (Michal Schmidt) [RHEL-123811] {CVE-2025-39971}
- i40e: fix idx validation in i40e_validate_queue_map (Michal Schmidt) [RHEL-123811] {CVE-2025-39972}
- i40e: add validation for ring_len param (Michal Schmidt) [RHEL-123811] {CVE-2025-39973}
- nvme-multipath: Skip nr_active increments in RETRY disposition (Ewan D. Milne) [RHEL-123689]

Thu Nov 13 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-124.13.1.el10_1]

- NFSv4: handle ERR_GRACE on delegation recalls (Olga Kornievskaia) [RHEL-127623]
- nfsd: nfserr_jukebox in nlm_fopen should lead to a retry (Olga Kornievskaia) [RHEL-127623]
- Revert "SUNRPC: Don't allow waiting for exiting tasks" (Scott Mayhew) [RHEL-110051]
- smb: client: get rid of d_drop() in cifs_do_rename() (Paulo Alcantara) [RHEL-124955]
- smb: client: fix wrong index reference in smb2_compound_op() (Paulo Alcantara) [RHEL-124955]
- smb: client: handle unlink(2) of files open by different clients (Paulo Alcantara) [RHEL-124955]
- smb: client: fix filename matching of deferred files (Paulo Alcantara) [RHEL-124955]
- fs/smb: Fix inconsistent refcnt update (Paulo Alcantara) [RHEL-124955] {CVE-2025-39819}
- ice: don't leave device non-functional if Tx scheduler config fails (Petr Oros) [RHEL-116535]

Tue Nov 11 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-124.12.1.el10_1]

- tcp: Don't call reqsk_fastopen_remove() in tcp_conn_request(). (Antoine Tenart) [RHEL-120672]
- tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). (Antoine Tenart) [RHEL-120672] {CVE-2025-39955}
- NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (CKI Backport Bot) [RHEL-113613] {CVE-2025-39730}

Thu Nov 06 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-124.11.1.el10_1]

- of_numa: fix uninitialized memory nodes causing kernel panic (Charles Mirabile) [RHEL-123154] {CVE-2025-39903}
- redhat: use the same cert as UKI's to sign addons (Li Tian) [RHEL-124734]
- ibmveth: Add multi buffers rx replenishment hcall support (Mamatha Inamdar) [RHEL-116193]
- net: ibmveth: Reset the adapter when unexpected states are detected (Mamatha Inamdar) [RHEL-116193]
- ibmvnic: Increase max subcrq indirect entries with fallback (Mamatha Inamdar) [RHEL-116189]
- redhat: enable TDX host config (Paolo Bonzini) [RHEL-27145]
- KVM/TDX: Explicitly do WBINVD when no more TDX SEAMCALLs (Paolo Bonzini) [RHEL-27145]
- x86/virt/tdx: Update the kexec section in the TDX documentation (Paolo Bonzini) [RHEL-27145]
- x86/virt/tdx: Remove the !KEXEC_CORE dependency (Paolo Bonzini) [RHEL-27145]
- x86/kexec: Disable kexec/kdump on platforms with TDX partial write erratum (Paolo Bonzini) [RHEL-27145]
- x86/virt/tdx: Mark memory cache state incoherent when making SEAMCALL (Paolo Bonzini) [RHEL-27145]
- x86/sme: Use percpu boolean to control WBINVD during kexec (Paolo Bonzini) [RHEL-27145]
- x86/kexec: Consolidate relocate_kernel() function parameters (Paolo Bonzini) [RHEL-27145]
- x86/paravirt: Remove the WBINVD callback (Paolo Bonzini) [RHEL-27145]
- x86/kexec: Use typedef for relocate_kernel_fn function prototype (Paolo Bonzini) [RHEL-27145]
- x86/kexec: Cope with relocate_kernel() not being at the start of the page (Paolo Bonzini) [RHEL-27145]
- kexec_core: Add and update comments regarding the KEXEC_JUMP flow (Paolo Bonzini) [RHEL-27145]
- x86/kexec: Mark machine_kexec() with __nocfi (Paolo Bonzini) [RHEL-27145]
- x86/kexec: Fix location of relocate_kernel with -ffunction-sections (Paolo Bonzini) [RHEL-27145]
- x86/kexec: Fix stack and handling of re-entry point for ::preserve_context (Paolo Bonzini) [RHEL-27145]
- x86/kexec: Use correct swap page in swap_pages function (Paolo Bonzini) [RHEL-27145]
- x86/kexec: Ensure preserve_context flag is set on return to kernel (Paolo Bonzini) [RHEL-27145]
- x86/kexec: Disable global pages before writing to control page (Paolo Bonzini) [RHEL-27145]
- x86: Fix build regression with CONFIG_KEXEC_JUMP enabled (Paolo Bonzini) [RHEL-27145]
- x86/kexec: Mark relocate_kernel page as ROX instead of RWX (Paolo Bonzini) [RHEL-27145]
- x86/kexec: Clean up register usage in relocate_kernel() (Paolo Bonzini) [RHEL-27145]
- x86/kexec: Eliminate writes through kernel mapping of relocate_kernel page (Paolo Bonzini) [RHEL-27145]
- x86/kexec: Drop page_list argument from relocate_kernel() (Paolo Bonzini) [RHEL-27145]
- x86/kexec: Add data section to relocate_kernel (Paolo Bonzini) [RHEL-27145]
- x86/kexec: Move relocate_kernel to kernel .data section (Paolo Bonzini) [RHEL-27145]
- x86/kexec: Invoke copy of relocate_kernel() instead of the original (Paolo Bonzini) [RHEL-27145]
- x86/kexec: Copy control page into place in machine_kexec_prepare() (Paolo Bonzini) [RHEL-27145]
- x86/kexec: Allocate PGD for x86_64 transition page tables separately (Paolo Bonzini) [RHEL-27145]
- x86/kexec: Only swap pages for ::preserve_context mode (Paolo Bonzini) [RHEL-27145]
- x86/kexec: Use named labels in swap_pages in relocate_kernel_64.S (Paolo Bonzini) [RHEL-27145]
- x86/kexec: Clean up and document register use in relocate_kernel_64.S (Paolo Bonzini) [RHEL-27145]
- x86/kexec: Restore GDT on return from ::preserve_context kexec (Paolo Bonzini) [RHEL-27145]

Sat Nov 01 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-124.10.1.el10_1]

- wifi: cfg80211: fix use-after-free in cmp_bss() (CKI Backport Bot) [RHEL-122880] {CVE-2025-39864}
- selftests: tls: test skb copy under mem pressure and OOB (CKI Backport Bot) [RHEL-120380] {CVE-2025-39946}
- tls: make sure to abort the stream if headers are bogus (CKI Backport Bot) [RHEL-120380] {CVE-2025-39946}
- ixgbe: fix ixgbe_orom_civd_info struct layout (Michal Schmidt) [RHEL-119079]
- ice: fix Rx page leak on multi-buffer frames (Petr Oros) [RHEL-116543]
- eventpoll: Fix semi-unbounded recursion (CKI Backport Bot) [RHEL-111055] {CVE-2025-38614}

Tue Oct 28 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-124.9.1.el10_1]

- platform/x86/intel: power-domains: Use topology_logical_package_id() for package ID (CKI Backport Bot) [RHEL-123290]
- smb: client: fix file open check in __cifs_unlink() (Paulo Alcantara) [RHEL-122417]
- smb: client: fix data loss due to broken rename(2) (Paulo Alcantara) [RHEL-122417]
- smb: client: fix compound alignment with encryption (Paulo Alcantara) [RHEL-122417]
- smb: client: fix race with concurrent opens in rename(2) (Paulo Alcantara) [RHEL-122417]
- smb: client: fix race with concurrent opens in unlink(2) (Paulo Alcantara) [RHEL-122417]
- use uniform permission checks for all mount propagation changes (Ian Kent) [RHEL-121702] {CVE-2025-38498}
- do_change_type(): refuse to operate on unmounted/not ours mounts (Ian Kent) [RHEL-121702] {CVE-2025-38498}
- cgroup/psi: Set of->priv to NULL upon file release (CKI Backport Bot) [RHEL-119143] {CVE-2025-39881}
- kernfs: Fix UAF in polling when open file is released (CKI Backport Bot) [RHEL-119143] {CVE-2025-39881}
- redhat: rpminspect: update emptyrpm list for kernel variants (Alexandra Hájková)
- scsi: lpfc: Fix buffer free/clear order in deferred receive path (CKI Backport Bot) [RHEL-119132] {CVE-2025-39841}
- efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare (CKI Backport Bot) [RHEL-118462] {CVE-2025-39817}
- wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() (CKI Backport Bot) [RHEL-117585] {CVE-2025-39849}
- xfs: do not propagate ENODATA disk errors into xattr code (Carlos Maiolino) [RHEL-115733]
- ipv6: sr: Fix MAC comparison to be constant-time (CKI Backport Bot) [RHEL-116387] {CVE-2025-39702}
- s390/ism: fix concurrency management in ism_cmd() (CKI Backport Bot) [RHEL-114500]
- s390/hypfs: Enable limited access during lockdown (CKI Backport Bot) [RHEL-114431]
- s390/hypfs: Avoid unnecessary ioctl registration in debugfs (CKI Backport Bot) [RHEL-114431]
- redhat/configs: Enable CONFIG_MITIGATION_VMSCAPE for x86 (Waiman Long) [RHEL-114276]
- x86/vmscape: Add old Intel CPUs to affected list (Waiman Long) [RHEL-114276] {CVE-2025-40300}
- x86/vmscape: Warn when STIBP is disabled with SMT (Waiman Long) [RHEL-114276] {CVE-2025-40300}
- x86/bugs: Move cpu_bugs_smt_update() down (Waiman Long) [RHEL-114276] {CVE-2025-40300}
- x86/vmscape: Enable the mitigation (Waiman Long) [RHEL-114276] {CVE-2025-40300}
- x86/vmscape: Add conditional IBPB mitigation (Waiman Long) [RHEL-114276] {CVE-2025-40300}
- x86/vmscape: Enumerate VMSCAPE bug (Waiman Long) [RHEL-114276] {CVE-2025-40300}
- Documentation/hw-vuln: Add VMSCAPE documentation (Waiman Long) [RHEL-114276] {CVE-2025-40300}
- RDMA/mana_ib: Fix DSCP value in modify QP (Maxim Levitsky) [RHEL-114931]
- net: mana: Handle Reset Request from MANA NIC (Maxim Levitsky) [RHEL-114931]
- net: mana: Set tx_packets to post gso processing packet count (Maxim Levitsky) [RHEL-114931]
- net: mana: Handle unsupported HWC commands (Maxim Levitsky) [RHEL-114931]
- net: mana: Add handler for hardware servicing events (Maxim Levitsky) [RHEL-114931]
- net: mana: Expose additional hardware counters for drop and TC via ethtool. (Maxim Levitsky) [RHEL-114931]
- mm: swap: fix potential buffer overflow in setup_clusters() (CKI Backport Bot) [RHEL-114862] {CVE-2025-39727}
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (CKI Backport Bot) [RHEL-114852] {CVE-2025-39751}
- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (Jaroslav Kysela) [RHEL-114693] {CVE-2025-38729}
- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (Jaroslav Kysela) [RHEL-114693]
- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (CKI Backport Bot) [RHEL-114693] {CVE-2025-39757}
- ibmvnic: Use ndo_get_stats64 to fix inaccurate SAR reporting (Mamatha Inamdar) [RHEL-114439]
- ibmvnic: Fix hardcoded NUM_RX_STATS/NUM_TX_STATS with dynamic sizeof (Mamatha Inamdar) [RHEL-114439]
- ibmvnic: Add stat for tx direct vs tx batched (Mamatha Inamdar) [RHEL-114439]
- vsock/virtio: Validate length in packet header before skb_put() (CKI Backport Bot) [RHEL-114301] {CVE-2025-39718}
- NFS: Fix a race when updating an existing write (CKI Backport Bot) [RHEL-113861] {CVE-2025-39697}

Fri Oct 17 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-124.8.1.el10_1]

- redhat: revert to using redhatsecureboot504 for RHEL UKI (Vitaly Kuznetsov) [RHEL-122226]