-
Tue Jun 10 2025 Craig Guiller <craig.guiller@oracle.com> [4.18.0-553.56.1.el8_10.OL8]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985772]
-
Sun Jun 01 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.56.1.el8_10]
- tools/power/x86_energy_perf_policy: Read energy_perf_bias from sysfs (David Arcari) [RHEL-86963]
- um: Fix out-of-bounds read in LDT setup (CKI Backport Bot) [RHEL-90261] {CVE-2022-49395}
-
Fri May 23 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.55.1.el8_10]
- sched/fair: Fix CPU bandwidth limit bypass during CPU hotplug (Phil Auld) [RHEL-85171]
-
Thu May 15 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.54.1.el8_10]
- ice: fix stats being updated by way too large values (CKI Backport Bot) [RHEL-70834]
- wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() (CKI Backport Bot) [RHEL-54802] {CVE-2024-43842}
- sched/rt: Fix race in push_rt_task (Phil Auld) [RHEL-84963]
-
Fri May 09 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.53.1.el8_10]
- net/mlx5: Always stop health timer during driver removal (Michal Schmidt) [RHEL-47712] {CVE-2024-40906}
- net/mlx5: Split function_setup() to enable and open functions (Michal Schmidt) [RHEL-47712]
- net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (Michal Schmidt) [RHEL-57117] {CVE-2024-44970}
- net/mlx5e: SHAMPO, Fix incorrect page release (Michal Schmidt) [RHEL-57117] {CVE-2024-46717}
- s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (Mete Durlu) [RHEL-88819]
- platform/x86: dell-wmi-sysman: Make init_bios_attributes() ACPI object parsing more robust (Jay Shin) [RHEL-88714]
- platform/x86: dell-wmi-sysman: Cleanup create_attributes_level_sysfs_files() (Jay Shin) [RHEL-88714]
- platform/x86: dell-wmi-sysman: Make sysman_init() return -ENODEV of the interfaces are not found (Jay Shin) [RHEL-88714]
- platform/x86: dell-wmi-sysman: Cleanup sysman_init() error-exit handling (Jay Shin) [RHEL-88714]
- platform/x86: dell-wmi-sysman: Fix release_attributes_data() getting called twice on init_bios_attributes() failure (Jay Shin) [RHEL-88714]
- platform/x86: dell-wmi-sysman: Make it safe to call exit_foo_attributes() multiple times (Jay Shin) [RHEL-88714]
- platform/x86: dell-wmi-sysman: Fix possible NULL pointer deref on exit (Jay Shin) [RHEL-88714]
- platform/x86: dell-wmi-sysman: Fix crash caused by calling kset_unregister twice (Jay Shin) [RHEL-88714]
- x86/kexec: Add EFI config table identity mapping for kexec kernel (Herton R. Krzesinski) [RHEL-71793]
- vsock: Orphan socket after transport release (Jay Shin) [RHEL-89099] {CVE-2025-21756}
- vsock: Keep the binding until socket destruction (Jay Shin) [RHEL-89099] {CVE-2025-21756}
- bpf, vsock: Invoke proto::close on close() (Jay Shin) [RHEL-89099] {CVE-2025-21756}
-
Thu May 01 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.52.1.el8_10.gfd1b]
- netfilter: ipset: add missing range check in bitmap_ip_uadt (Florian Westphal) [RHEL-70268] {CVE-2024-53141}
- NFS: Extend rdirplus mount option with "force|none" (Benjamin Coddington) [RHEL-16285]
- idpf: trigger SW interrupt when exiting wb_on_itr mode (Michal Schmidt) [RHEL-73266]
- idpf: add support for SW triggered interrupts (Michal Schmidt) [RHEL-73266]
- idpf: fix VF dynamic interrupt ctl register initialization (Michal Schmidt) [RHEL-73266]
- idpf: enable WB_ON_ITR (Michal Schmidt) [RHEL-73266]
- redhat: require recent enough linux-firmware for qed (Denys Vlasenko) [RHEL-6342]
- gfs2: deallocate inodes in gfs2_create_inode (Andreas Gruenbacher) [RHEL-7875]
- gfs2: Move GIF_ALLOC_FAILED check out of gfs2_ea_dealloc (Andreas Gruenbacher) [RHEL-7875]
- gfs2: Move gfs2_dinode_dealloc (Andreas Gruenbacher) [RHEL-7875]
- gfs2: Don't reread inodes unnecessarily (Andreas Gruenbacher) [RHEL-7875]
- gfs2: gfs2_create_inode error handling fix (Andreas Gruenbacher) [RHEL-7875]
- gfs2: No longer use 'extern' in function declarations (Andreas Gruenbacher) [RHEL-7875]
- hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() (CKI Backport Bot) [RHEL-63668] {CVE-2022-49011}
-
Thu Apr 24 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.51.1.el8_10]
- x86/xen: use the whole RCX when picking the right hypercall function (Vitaly Kuznetsov) [RHEL-87072]
- Revert "usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB" (Desnes Nunes) [RHEL-87280]
-
Thu Apr 10 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.50.1.el8_10]
- perf debug: Set debug_peo_args and redirect_to_stderr variable to correct values in perf_quiet_option() (Michael Petlan) [RHEL-82119]
- ALSA: usb-audio: Fix out of bounds reads when finding clock sources (Jarod Wilson) [RHEL-86737] {CVE-2024-53150}
- scsi: storvsc: Set correct data length for sending SCSI command without payload (Cathy Avery) [RHEL-83052]
- ice: fold ice_ptp_read_time into ice_ptp_gettimex64 (Michal Schmidt) [RHEL-85852]
- ice: avoid the PTP hardware semaphore in gettimex64 path (Michal Schmidt) [RHEL-85852]
- ice: add ice_adapter for shared data across PFs on the same NIC (Michal Schmidt) [RHEL-85852]
-
Thu Apr 03 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.49.1.el8_10]
- net/mlx5: Fix error path in multi-packet WQE transmit (CKI Backport Bot) [RHEL-84244]
- redhat: drop Y issues from changelog (Jan Stancek)
- md/md-bitmap: fix writing non bitmap changes local to RHEL (Nigel Croxon) [RHEL-80673]
- md/md-bitmap: fix writing non bitmap pages (Nigel Croxon) [RHEL-80673]
- md-bitmap: use %pD to print the file name in md_bitmap_file_kick (Nigel Croxon) [RHEL-80673]
- md-bitmap: initialize variables at declaration time in md_bitmap_file_unmap (Nigel Croxon) [RHEL-80673]
- md-bitmap: set BITMAP_WRITE_ERROR in write_sb_page (Nigel Croxon) [RHEL-80673]
- raid1: update discard granularity when adding new disk (Nigel Croxon) [RHEL-71499]
- x86/xen: remove hypercall page (Vitaly Kuznetsov) [RHEL-70666] {CVE-2024-53241}
- x86/xen: use new hypercall functions instead of hypercall page (Vitaly Kuznetsov) [RHEL-70666] {CVE-2024-53241}
-
Thu Mar 27 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.48.1.el8_10]
- rhel-8.10: gate kernel on kernel-qe tests results not cki ones (Bruno Goncalves)
- gfs2: skip if we cannot defer delete (Andreas Gruenbacher) [RHEL-76208]
- gfs2: remove redundant warnings (Andreas Gruenbacher) [RHEL-76208]
- gfs2: minor evict fix (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Prevent inode creation race (2) (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Fix additional unlikely request cancelation race (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Fix request cancelation bug (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Check for empty queue in run_queue (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Remove more dead code in add_to_queue (Andreas Gruenbacher) [RHEL-76208]
- gfs2: remove dead code in add_to_queue (Su Hui) [RHEL-76208]
- gfs2: Remove LM_FLAG_PRIORITY flag (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Replace GIF_DEFER_DELETE with GLF_DEFER_DELETE (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Add GLF_PENDING_REPLY flag (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Remove and replace gfs2_glock_queue_work (Andreas Gruenbacher) [RHEL-76208]
- gfs2: do_xmote fixes (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Clear flags when withdraw prevents xmote (Bob Peterson) [RHEL-76208]
- gfs2: fix a deadlock on withdraw-during-mount (Bob Peterson) [RHEL-76208]
- gfs2: gfs2_evict_inode clarification (Andreas Gruenbacher) [RHEL-76208]
- gfs2: Remove misleading comments in gfs2_evict_inode (Andreas Gruenbacher) [RHEL-76208]