[ol8_developer_UEKR6] kernel-uek-debug-5.4.17-2136.345.4.el8uek.aarch64

The kernel package contains the Linux kernel (vmlinuz), the core of any
Linux operating system.  The kernel handles the basic functions
of the operating system:  memory allocation, process allocation, device
input and output, etc.

This variant of the kernel has numerous debugging options enabled.
It should only be installed when trying to gather additional information
on kernel bugs, as some of these options impact performance noticably.

Changelog (Show File list) (Show related packages)

• Thu Jun 19 2025 Alok Tiwari <alok.a.tiwari@oracle.com> [5.4.17-2136.345.4.el8uek]

  - x86/its: BPF can crash in bpf_jit_comp.c when ITS is enabled (Alexandre Chartre)  [Orabug: 38043586]  
  - shmem: add support to ignore swap (Luis Chamberlain)  [Orabug: 38034040]  
  - shmem: update documentation (Luis Chamberlain)  [Orabug: 38034040]  
  - mm: hold the source mmap write lock when copying PTEs (Anthony Yznaga)  [Orabug: 38029050]  
  - mm: do not write protect COW mappings when preserving across exec (Anthony Yznaga)  [Orabug: 38029050]  
  - mm: differentiate copying PTEs for preservation from copying for fork (Anthony Yznaga)  [Orabug: 38029050]  
  - mm/fork: Pass new vma pointer into copy_page_range() (Peter Xu)  [Orabug: 38029050]  
  - xen/swiotlb: relax alignment requirements (Juergen Gross)  [Orabug: 37523168]  
  - Reapply "xen/swiotlb: add alignment check for dma buffers" (Harshvardhan Jha)  [Orabug: 37523168]

• Mon Jun 16 2025 Sherry Yang <sherry.yang@oracle.com> [5.4.17-2136.345.3.el8uek]

  - dmaengine: Revert "dmaengine: dmatest: Fix dmatest waiting less when interrupted" (Nathan Lynch)
  - nvme: unblock ctrl state transition for firmware update (Daniel Wagner)
  - memcg: always call cond_resched() after fn() (Breno Leitao)
  - ACPI: PPTT: Fix processor subtable walk (Jeremy Linton)
  - LTS tag: v5.4.293 (Sherry Yang)
  - MIPS: cm: Fix warning if MIPS_CM is disabled (Thomas Bogendoerfer)
  - crypto: atmel-sha204a - Set hwrng quality to lowest possible (Marek Behún)
  - comedi: jr3_pci: Fix synchronous deletion of timer (Ian Abbott)
  - md/raid1: Add check for missing source disk in process_checks() (Meir Elisha)
  - scsi: pm80xx: Set phy_attached to zero when device is gone (Igor Pylypiv)
  - ACPI PPTT: Fix coding mistakes in a couple of sizeof() calls (Jean-Marc Eurin)
  - selftests: ublk: fix test_stripe_04 (Ming Lei)
  - udmabuf: fix a buf size overflow issue during udmabuf creation (Xiaogang Chen)
  - KVM: s390: Don't use %pK through tracepoints (Thomas Weißschuh)
  - sched/isolation: Make CONFIG_CPU_ISOLATION depend on CONFIG_SMP (Oleg Nesterov)
  - ntb: reduce stack usage in idt_scan_mws (Arnd Bergmann)
  - qibfs: fix _another_ leak (Al Viro)
  - usb: gadget: aspeed: Add NULL pointer check in ast_vhub_init_dev() (Chenyuan Yang)
  - dmaengine: dmatest: Fix dmatest waiting less when interrupted (Vinicius Costa Gomes)
  - usb: host: max3421-hcd: Add missing spi_device_id table (Alexander Stein)
  - parisc: PDT: Fix missing prototype warning (Yu-Chun Lin)
  - clk: check for disabled clock-provider in of_clk_get_hw_from_clkspec() (Heiko Stuebner)
  - crypto: null - Use spin lock instead of mutex (Herbert Xu)
  - MIPS: cm: Detect CM quirks from device tree (Gregory CLEMENT)
  - USB: VLI disk crashes if LPM is used (Oliver Neukum)
  - usb: quirks: Add delay init quirk for SanDisk 3.2Gen1 Flash Drive (Miao Li)
  - usb: quirks: add DELAY_INIT quirk for Silicon Motion Flash Drive (Miao Li)
  - usb: dwc3: gadget: check that event count does not exceed event buffer length (Frode Isaksen)
  - USB: OHCI: Add quirk for LS7A OHCI controller (rev 0x02) (Huacai Chen)
  - usb: cdns3: Fix deadlock when using NCM gadget (Ralph Siemsen)
  - USB: serial: simple: add OWON HDS200 series oscilloscope support (Craig Hesling)
  - USB: serial: option: add Sierra Wireless EM9291 (Adam Xue)
  - USB: serial: ftdi_sio: add support for Abacus Electrics Optical Probe (Michael Ehrenreich)
  - serial: sifive: lock port in startup()/shutdown() callbacks (Ryo Takakura)
  - USB: storage: quirk for ADATA Portable HDD CH94 (Oliver Neukum)
  - mcb: fix a double free bug in chameleon_parse_gdd() (Haoxiang Li)
  - virtio_console: fix missing byte order handling for cols and rows (Halil Pasic)
  - net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (Cong Wang)
  - net_sched: hfsc: Fix a UAF vulnerability in class handling (Cong Wang)
  - tipc: fix NULL pointer dereference in tipc_mon_reinit_self() (Tung Nguyen)
  - net: phy: leds: fix memory leak (Qingfang Deng)
  - cpufreq: scpi: Fix null-ptr-deref in scpi_cpufreq_get_rate() (Henry Martin)
  - drm/amd/pm: Prevent division by zero (Denis Arefev)
  - misc: pci_endpoint_test: Fix displaying 'irq_type' after 'request_irq' error (Kunihiko Hayashi)
  - misc: pci_endpoint_test: Use INTX instead of LEGACY (Damien Le Moal)
  - PCI: Rename PCI_IRQ_LEGACY to PCI_IRQ_INTX (Bjorn Helgaas)
  - iio: adc: ad7768-1: Fix conversion result sign (Sergiu Cuciurean)
  - iio: adc: ad7768-1: Move setting of val a bit later to avoid unnecessary return value check (Jonathan Cameron)
  - net: dsa: mv88e6xxx: fix VTU methods for 6320 family (Marek Behún)
  - media: vim2m: print device name after registering device (Matthew Majewski)
  - ext4: fix OOB read when checking dotdot dir (Acs, Jakub)
  - ext4: optimize __ext4_check_dir_entry() (Theodore Ts'o)
  - ext4: don't over-report free space or inodes in statvfs (Theodore Ts'o)
  - ext4: code cleanup for ext4_statfs_project() (Chengguang Xu)
  - ext4: simplify checking quota limits in ext4_statfs() (Jan Kara)
  - platform/x86: ISST: Correct command storage data length (Srinivas Pandruvada)
  - MIPS: ds1287: Match ds1287_set_base_clock() function types (WangYuli)
  - MIPS: cevt-ds1287: Add missing ds1287.h include (WangYuli)
  - MIPS: dec: Declare which_prom() as static (WangYuli)
  - virtio-net: Add validation for used length (Xie Yongji)
  - RDMA/srpt: Support specifying the srpt_service_guid parameter (Bart Van Assche)
  - openvswitch: fix lockup on tx to unregistering netdev with carrier (Ilya Maximets)
  - net: openvswitch: fix race on port output (Felix Huettner)
  - mmc: cqhci: Fix checking of CQHCI_HALT state (Seunghwan Baek)
  - nvmet-fc: Remove unused functions (WangYuli)
  - usb: dwc3: support continuous runtime PM with dual role (Martin Kepplinger)
  - misc: pci_endpoint_test: Fix 'irq_type' to convey the correct type (Kunihiko Hayashi)
  - misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error (Kunihiko Hayashi)
  - tcp/dccp: Don't use timer_pending() in reqsk_queue_unlink(). (Kuniyuki Iwashima)
  - powerpc/prom_init: Use -ffreestanding to avoid a reference to bcmp (Nathan Chancellor)
  - kbuild: Add '-fno-builtin-wcslen' (Nathan Chancellor)
  - cpufreq: Reference count policy in cpufreq_update_limits() (Rafael J. Wysocki)
  - drm/sti: remove duplicate object names (Rolf Eike Beer)
  - drm/nouveau: prime: fix ttm_bo_delayed_delete oops (Chris Bainbridge)
  - drm/repaper: fix integer overflows in repeat functions (Nikita Zhandarovich)
  - module: sign with sha512 instead of sha1 by default (Thorsten Leemhuis)
  - perf/x86/intel/uncore: Fix the scale of IIO free running counters on SNR (Kan Liang)
  - perf/x86/intel: Allow to update user space GPRs from PEBS records (Dapeng Mi)
  - virtiofs: add filesystem context source name check (Xiangsheng Hou)
  - riscv: Avoid fortify warning in syscall_get_arguments() (Nathan Chancellor)
  - isofs: Prevent the use of too small fid (Edward Adam Davis)
  - i2c: cros-ec-tunnel: defer probe if parent EC is not present (Thadeu Lima de Souza Cascardo)
  - hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key (Vasiliy Kovalev)
  - btrfs: correctly escape subvol in btrfs_show_options() (Johannes Kimmel)
  - nfs: add missing selections of CONFIG_CRC32 (Eric Biggers)
  - nfs: move nfs_fhandle_hash to common include file (Jeff Layton)
  - NFSD: Constify @fh argument of knfsd_fh_hash() (Chuck Lever)
  - asus-laptop: Fix an uninitialized variable (Denis Arefev)
  - writeback: fix false warning in inode_to_wb() (Andreas Gruenbacher)
  - net: b53: enable BPDU reception for management port (Jonas Gorski)
  - net: openvswitch: fix nested key length validation in the set() action (Ilya Maximets)
  - Revert "wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()" (Johannes Berg)
  - Bluetooth: btrtl: Prevent potential NULL dereference (Dan Carpenter)
  - Bluetooth: hci_event: Fix sending MGMT_EV_DEVICE_FOUND for invalid address (Luiz Augusto von Dentz)
  - RDMA/usnic: Fix passing zero to PTR_ERR in usnic_ib_pci_probe() (Yue Haibing)
  - scsi: iscsi: Fix missing scsi_host_put() in error path (Miaoqian Lin)
  - wifi: wl1251: fix memory leak in wl1251_tx_work (Abdun Nihaal)
  - wifi: mac80211: Purge vif txq in ieee80211_do_stop() (Remi Pommarel)
  - wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue() (Remi Pommarel)
  - wifi: at76c50x: fix use after free access in at76_disconnect (Abdun Nihaal)
  - HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition (Kaixin Wang)
  - pwm: mediatek: always use bus clock for PWM on MT7622 (Daniel Golle)
  - Bluetooth: hci_uart: Fix another race during initialization (Arseniy Krasnov)
  - x86/e820: Fix handling of subpage regions when calculating nosave ranges in e820__register_nosave_regions() (Myrrh Periwinkle)
  - PCI: Fix reference leak in pci_alloc_child_bus() (Ma Ke)
  - of/irq: Fix device node refcount leakages in of_irq_init() (Zijun Hu)
  - of/irq: Fix device node refcount leakage in API irq_of_parse_and_map() (Zijun Hu)
  - of/irq: Fix device node refcount leakages in of_irq_count() (Zijun Hu)
  - ntb: use 64-bit arithmetic for the MSI doorbell mask (Fedor Pchelkin)
  - gpio: zynq: Fix wakeup source leaks on device unbind (Krzysztof Kozlowski)
  - ftrace: Add cond_resched() to ftrace_graph_set_hash() (zhoumin)
  - dm-integrity: set ti->error on memory allocation failure (Mikulas Patocka)
  - crypto: ccp - Fix check for the primary ASP device (Tom Lendacky)
  - thermal/drivers/rockchip: Add missing rk3328 mapping entry (Trevor Woerner)
  - sctp: detect and prevent references to a freed transport in sendmsg (Ricardo Cañuelo Navarro)
  - mm: add missing release barrier on PGDAT_RECLAIM_LOCKED unlock (Mathieu Desnoyers)
  - sparc/mm: disable preemption in lazy mmu mode (Ryan Roberts)
  - arm64: dts: mediatek: mt8173: Fix disp-pwm compatible string (Chen-Yu Tsai)
  - mtd: rawnand: Add status chack in r852_ready() (Wentao Liang)
  - mtd: inftlcore: Add error check for inftl_read_oob() (Wentao Liang)
  - lib: scatterlist: fix sg_split_phys to preserve original scatterlist offsets (T Pratham)
  - locking/lockdep: Decrease nr_unused_locks if lock unused in zap_class() (Boqun Feng)
  - jbd2: remove wrong sb->s_sequence check (Jan Kara)
  - i3c: Add NULL pointer check in i3c_master_queue_ibi() (Manjunatha Venkatesh)
  - ext4: fix off-by-one error in do_split (Artem Sadovnikov)
  - wifi: mac80211: fix integer overflow in hwmp_route_info_get() (Gavrilov Ilia)
  - net: dsa: mv88e6xxx: workaround RGMII transmit delay erratum for 6320 family (Marek Behún)
  - media: venus: hfi_parser: add check to avoid out of bound access (Vikash Garodia)
  - media: i2c: ov7251: Introduce 1 ms delay between regulators and en GPIO (Sakari Ailus)
  - media: i2c: ov7251: Set enable GPIO low in probe (Sakari Ailus)
  - media: v4l2-dv-timings: prevent possible overflow in v4l2_detect_gtf() (Karina Yankevich)
  - media: streamzap: prevent processing IR data on URB failure (Murad Masimov)
  - mtd: rawnand: brcmnand: fix PM resume warning (Kamal Dasu)
  - arm64: cputype: Add MIDR_CORTEX_A76AE (Douglas Anderson)
  - xenfs/xensyms: respect hypervisor's "next" indication (Jan Beulich)
  - media: siano: Fix error handling in smsdvb_module_init() (Yuan Can)
  - media: venus: hfi: add check to handle incorrect queue size (Vikash Garodia)
  - media: venus: hfi: add a check to handle OOB in sfr region (Vikash Garodia)
  - media: i2c: adv748x: Fix test pattern selection mask (Niklas Söderlund)
  - ext4: don't treat fhandle lookup of ea_inode as FS corruption (Jann Horn)
  - ext4: reject casefold inode flag without casefold feature (Eric Biggers)
  - bpf: support SKF_NET_OFF and SKF_LL_OFF on skb frags (Willem de Bruijn)
  - bpf: Add endian modifiers to fix endian warnings (Ben Dooks)
  - pwm: fsl-ftm: Handle clk_get_rate() returning 0 (Uwe Kleine-König)
  - pwm: mediatek: Prevent divide-by-zero in pwm_mediatek_config() (Josh Poimboeuf)
  - pwm: mediatek: Always use bus clock (Fabien Parent)
  - fbdev: omapfb: Add 'plane' value check (Leonid Arapov)
  - drm/mediatek: mtk_dpi: Explicitly manage TVD clock in power on/off (AngeloGioacchino Del Regno)
  - drm/amdkfd: Fix pqm_destroy_queue race with GPU reset (Philip Yang)
  - drm/amdkfd: clamp queue size to minimum (David Yat Sin)
  - drm: panel-orientation-quirks: Add new quirk for GPD Win 2 (Andrew Wyatt)
  - drm: panel-orientation-quirks: Add support for AYANEO 2S (Andrew Wyatt)
  - drm: allow encoder mode_set even when connectors change for crtc (Abhinav Kumar)
  - Bluetooth: hci_uart: fix race during initialization (Arseniy Krasnov)
  - tracing: fix return value in __ftrace_event_enable_disable for TRACE_REG_UNREGISTER (Gabriele Paoloni)
  - net: vlan: don't propagate flags on open (Stanislav Fomichev)
  - wifi: mt76: mt76x2u: add TP-Link TL-WDN6200 ID to device table (Icenowy Zheng)
  - scsi: st: Fix array overflow in st_setup() (Kai Mäkisara)
  - ext4: ignore xattrs past end (Bhupesh)
  - ext4: protect ext4_release_dquot against freezing (Ojaswin Mujoo)
  - ahci: add PCI ID for Marvell 88SE9215 SATA Controller (Daniel Kral)
  - ata: libata-eh: Do not use ATAPI DMA for a device limited to PIO mode (Niklas Cassel)
  - jfs: add sanity check for agwidth in dbMount (Edward Adam Davis)
  - jfs: Prevent copying of nlink with value 0 from disk inode (Edward Adam Davis)
  - fs/jfs: Prevent integer overflow in AG size calculation (Rand Deeb)
  - fs/jfs: cast inactags to s64 to prevent potential overflow (Rand Deeb)
  - page_pool: avoid infinite loop to schedule delayed worker (Jason Xing)
  - ALSA: usb-audio: Fix CME quirk for UF series keyboards (Ricard Wanderlof)
  - ALSA: hda: intel: Fix Optimus when GPU has no sound (Maxim Mikityanskiy)
  - HID: pidff: Fix null pointer dereference in pidff_find_fields (Tomasz Pakuła)
  - HID: pidff: Do not send effect envelope if it's empty (Tomasz Pakuła)
  - HID: pidff: Convert infinite length from Linux API to PID standard (Tomasz Pakuła)
  - xen/mcelog: Add __nonstring annotations for unterminated strings (Kees Cook)
  - perf: arm_pmu: Don't disable counter in armpmu_add() (Mark Rutland)
  - x86/cpu: Don't clear X86_FEATURE_LAHF_LM flag in init_amd_k8() on AMD when running in a virtual machine (Max Grobecker)
  - pm: cpupower: bench: Prevent NULL dereference on malloc failure (Zhongqiu Han)
  - net: ppp: Add bound checking for skb data on ppp_sync_txmung (Arnaud Lecomte)
  - ata: sata_sx4: Add error handling in pdc20621_i2c_read() (Wentao Liang)
  - ata: sata_sx4: Drop pointless VPRINTK() calls and convert the remaining ones (Hannes Reinecke)
  - tipc: fix memory leak in tipc_link_xmit (Tung Nguyen)
  - ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe() (Henry Martin)

• Fri Jun 13 2025 Sherry Yang <sherry.yang@oracle.com> [5.4.17-2136.345.2.el8uek]

  - x86/bhi: Do not set BHI_DIS_S in 32-bit mode (Pawan Gupta)  [Orabug: 37959995]
  - x86/bpf: Add IBHF call at end of classic BPF (Daniel Sneddon)  [Orabug: 37959995]
  - x86/bpf: Call branch history clearing sequence on exit (Daniel Sneddon)  [Orabug: 37959995]
  - certs: Reference revocation list for all keyrings (Eric Snowberg)  [Orabug: 38026794]

• Thu Jun 05 2025 Alok Tiwari <alok.a.tiwari@oracle.com> [5.4.17-2136.345.1.el8uek]

  - RDS: use get_user_pages_fast() in rdma_pin_pages() (Stephen Brennan)  [Orabug: 37973441]
  - x86/bugs: Enabling Retbleed and SRSO mitigation can taint the kernel (Alexandre Chartre)  [Orabug: 37959151]
  - selftest/x86/bugs: Add selftests for ITS (Pawan Gupta)  [Orabug: 37863727]  {CVE-2024-28956}
  - x86/its: Align RETs in BHB clear sequence to avoid thunking (Pawan Gupta)  [Orabug: 37863727]  {CVE-2024-28956}
  - x86/its: Add "vmexit" option to skip mitigation on some CPUs (Pawan Gupta)  [Orabug: 37863727]  {CVE-2024-28956}
  - x86/its: Enable Indirect Target Selection mitigation (Pawan Gupta)  [Orabug: 37863727]  {CVE-2024-28956}
  - x86/its: Add support for ITS-safe return thunk (Pawan Gupta)  [Orabug: 37863727]  {CVE-2024-28956}
  - x86/its: Add support for ITS-safe indirect thunk (Pawan Gupta)  [Orabug: 37863727]  {CVE-2024-28956}
  - x86/its: Enumerate Indirect Target Selection (ITS) bug (Pawan Gupta)  [Orabug: 37863727]  {CVE-2024-28956}
  - Documentation: x86/bugs/its: Add ITS documentation (Pawan Gupta)  [Orabug: 37863727]  {CVE-2024-28956}

• Wed May 21 2025 Sherry Yang <sherry.yang@oracle.com> [5.4.17-2136.344.4.el8uek]

  - certs: Add new Oracle Linux Driver Signing (key 1) certificate (Sherry Yang)  [Orabug: 37967555]

• Thu May 15 2025 Alok Tiwari <alok.a.tiwari@oracle.com> [5.4.17-2136.344.3.el8uek]

  - net/mlx5e: Don't call cleanup on profile rollback failure (Cosmin Ratiu) [Orabug: 37670859]
  - net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() (Elena Salomatkina) [Orabug: 37206299,37670859] {CVE-2024-50000}
  - net/mlx5: Fix error path in multi-packet WQE transmit (Gerd Bayer) [Orabug: 37206302,37670859] {CVE-2024-50001}
  - net/mlx5: Discard command completions in internal error (Akiva Goldberger) [Orabug: 36753438,37670859] {CVE-2024-38555}
  - net/mlx5e: fix a potential double-free in fs_any_create_groups (Dinghao Liu) [Orabug: 36802351,37670859] {CVE-2023-52667}
  - net/mlx5: Reclaim max 50K pages at once (Anand Khoje) [Orabug: 36275016]

• Thu May 08 2025 Alok Tiwari <alok.a.tiwari@oracle.com> [5.4.17-2136.344.2.el8uek]

  - LTS tag: v5.4.292 (Alok Tiwari)
  - jfs: add index corruption check to DT_GETPAGE() (Roman Smirnov)
  - tracing: Fix use-after-free in print_graph_function_flags during tracer switching (Tengda Wu) [Orabug: 37844202] {CVE-2025-22035}
  - mmc: sdhci-pxav3: set NEED_RSP_BUSY capability (Karel Balej)
  - ACPI: resource: Skip IRQ override on ASUS Vivobook 14 X1404VAP (Paul Menzel)
  - x86/mm: Fix flush_tlb_range() when used for zapping normal PMDs (Jann Horn) [Orabug: 37844275] {CVE-2025-22045}
  - x86/tsc: Always save/restore TSC sched_clock() on suspend/resume (Guilherme G. Piccoli)
  - ntb_perf: Delete duplicate dmaengine_unmap_put() call in perf_copy_chunk() (Markus Elfring)
  - can: flexcan: only change CAN state when link up in system PM (Haibo Chen)
  - arcnet: Add NULL check in com20020pci_probe() (Henry Martin) [Orabug: 37844303] {CVE-2025-22054}
  - net: dsa: mv88e6xxx: propperly shutdown PPU re-enable timer on destroy (David Oberhollenzer)
  - ipv6: fix omitted netlink attributes when using RTEXT_FILTER_SKIP_STATS (Fernando Fernandez Mancera)
  - vsock: avoid timeout during connect() if the socket is closing (Stefano Garzarella)
  - net_sched: skbprio: Remove overly strict queue assertions (Cong Wang) [Orabug: 37855375] {CVE-2025-38637}
  - netlabel: Fix NULL pointer exception caused by CALIPSO on IPv4 sockets (Debin Zhu) [Orabug: 37844344] {CVE-2025-22063}
  - ntb: intel: Fix using link status DB's (Nikita Shubin)
  - ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (Yajun Deng)
  - spufs: fix a leak in spufs_create_context() (Al Viro) [Orabug: 37844365] {CVE-2025-22071}
  - spufs: fix a leak on spufs_new_file() failure (Al Viro) [Orabug: 37844378] {CVE-2025-22073}
  - hwmon: (nct6775-core) Fix out of bounds access for NCT679{8,9} (Tasos Sahanidis)
  - can: statistics: use atomic access in hot path (Oliver Hartkopp)
  - locking/semaphore: Use wake_q to wake up processes outside lock critical section (Waiman Long)
  - sched/deadline: Use online cpus for validating runtime (Shrikanth Hegde)
  - affs: don't write overlarge OFS data block size fields (Simon Tatham)
  - affs: generate OFS sequence numbers starting at 1 (Simon Tatham)
  - wifi: iwlwifi: fw: allocate chained SG tables for dump (Johannes Berg)
  - sched/smt: Always inline sched_smt_active() (Josh Poimboeuf)
  - octeontx2-af: Fix mbox INTR handler when num VFs > 64 (Geetha Sowjanya)
  - ring-buffer: Fix bytes_dropped calculation issue (Feng Yang)
  - objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() (Josh Poimboeuf) [Orabug: 37976879] {CVE-2025-37937}
  - fs/procfs: fix the comment above proc_pid_wchan() (Bart Van Assche)
  - perf python: Check if there is space to copy all the event (Arnaldo Carvalho de Melo)
  - perf python: Decrement the refcount of just created event on failure (Arnaldo Carvalho de Melo)
  - perf python: Fixup description of sample.id event member (Arnaldo Carvalho de Melo)
  - ocfs2: validate l_tree_depth to avoid out-of-bounds access (Vasiliy Kovalev) [Orabug: 37844394] {CVE-2025-22079}
  - kexec: initialize ELF lowest address to ULONG_MAX (Sourabh Jain)
  - perf units: Fix insufficient array space (Arnaldo Carvalho de Melo)
  - iio: accel: mma8452: Ensure error return on failure to matching oversampling ratio (Jonathan Cameron)
  - coresight: catu: Fix number of pages while using 64k pages (Ilkka Koskinen)
  - isofs: fix KMSAN uninit-value bug in do_isofs_readdir() (Qasim Ijaz)
  - x86/dumpstack: Fix inaccurate unwinding from exception stacks due to misplaced assignment (Jann Horn)
  - mfd: sm501: Switch to BIT() to mitigate integer overflows (Nikita Zhandarovich)
  - RDMA/mlx5: Fix mlx5_poll_one() cur_qp update flow (Patrisious Haddad) [Orabug: 37844422] {CVE-2025-22086}
  - power: supply: max77693: Fix wrong conversion of charge input threshold value (Artur Weber)
  - x86/entry: Fix ORC unwinder for PUSH_REGS with save_ret=1 (Jann Horn)
  - clk: amlogic: g12a: fix mmc A peripheral clock (Jerome Brunet)
  - clk: amlogic: gxbb: drop non existing 32k clock parent (Jerome Brunet)
  - clk: amlogic: g12b: fix cluster A parent data (Jerome Brunet)
  - IB/mad: Check available slots before posting receive WRs (Maher Sanalla)
  - clk: rockchip: rk3328: fix wrong clk_ref_usb3otg parent (Peter Geis)
  - pinctrl: renesas: rza2: Fix missing of_node_put() call (Fabrizio Castro)
  - lib: 842: Improve error handling in sw842_compress() (Tanya Agarwal)
  - clk: amlogic: gxbb: drop incorrect flag on 32k clock (Jerome Brunet)
  - fbdev: sm501fb: Add some geometry checks. (Danila Chernetsov)
  - mdacon: rework dependency list (Arnd Bergmann)
  - fbdev: au1100fb: Move a variable assignment behind a null pointer check (Markus Elfring)
  - PCI: pciehp: Don't enable HPIE when resuming in poll mode (Ilpo Järvinen)
  - PCI: Remove stray put_device() in pci_register_host_bridge() (Dan Carpenter)
  - PCI/portdrv: Only disable pciehp interrupts early when needed (Feng Tang)
  - PCI/ASPM: Fix link state exit during switch upstream function removal (Daniel Stodden) [Orabug: 37844108] {CVE-2024-58093}
  - drm/mediatek: mtk_hdmi: Fix typo for aud_sampe_size member (AngeloGioacchino Del Regno)
  - ALSA: hda/realtek: Always honor no_shutup_pins (Takashi Iwai)
  - perf/ring_buffer: Allow the EPOLLRDNORM flag for poll (Tao Chen)
  - lockdep: Don't disable interrupts on RT in disable_irq_nosync_lockdep.*() (Sebastian Andrzej Siewior)
  - PM: sleep: Fix handling devices with direct_complete set on errors (Rafael J. Wysocki)
  - thermal: int340x: Add NULL check for adev (Chenyuan Yang) [Orabug: 37844584] {CVE-2025-23136}
  - EDAC/ie31200: Fix the error path order of ie31200_init() (Qiuxu Zhuo)
  - EDAC/ie31200: Fix the DIMM size mask for several SoCs (Qiuxu Zhuo)
  - EDAC/ie31200: Fix the size of EDAC_MC_LAYER_CHIP_SELECT layer (Qiuxu Zhuo)
  - selinux: Chain up tool resolving errors in install_policy.sh (Tim Schumacher)
  - x86/platform: Only allow CONFIG_EISA for 32-bit (Arnd Bergmann)
  - x86/fpu: Avoid copying dynamic FP state from init_task in arch_dup_task_struct() (Benjamin Berg)
  - cpufreq: governor: Fix negative 'idle_time' handling in dbs_update() (Jie Zhan)
  - x86/mm/pat: cpa-test: fix length for CPA_ARRAY test (Mike Rapoport)
  - memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (Luo Qiu) [Orabug: 37844141] {CVE-2025-22020}
  - net: usb: qmi_wwan: add Telit Cinterion FE990B composition (Fabio Porcedda)
  - net: usb: qmi_wwan: add Telit Cinterion FN990B composition (Fabio Porcedda)
  - tty: serial: 8250: Add some more device IDs (Cameron Williams)
  - counter: stm32-lptimer-cnt: fix error handling when enabling (Fabrice Gasnier)
  - netfilter: socket: Lookup orig tuple for IPv6 SNAT (Maxim Mikityanskiy) [Orabug: 37844145] {CVE-2025-22021}
  - ARM: Remove address checking for MMUless devices (Yanjun Yang)
  - ARM: 9351/1: fault: Add "cut here" line for prefetch aborts (Kees Cook)
  - ARM: 9350/1: fault: Implement copy_from_kernel_nofault_allowed() (Kees Cook)
  - atm: Fix NULL pointer dereference (Minjoong Kim) [Orabug: 37838897] {CVE-2025-22018}
  - HID: hid-plantronics: Add mic mute mapping and generalize quirks (Terry Junge)
  - ALSA: usb-audio: Add quirk for Plantronics headsets to fix control names (Terry Junge)
  - drm/radeon: fix uninitialized size issue in radeon_vce_cs_parse() (Nikita Zhandarovich) [Orabug: 37828196] {CVE-2025-21996}
  - batman-adv: Ignore own maximum aggregation size during RX (Sven Eckelmann)
  - ARM: shmobile: smp: Enforce shmobile_smp_* alignment (Geert Uytterhoeven)
  - mmc: atmel-mci: Add missing clk_disable_unprepare() (Gu Bowen)
  - drm/v3d: Don't run jobs that have errors flagged in its fence (Maíra Canal)
  - i2c: omap: fix IRQ storms (Andreas Kemnade)
  - net/neighbor: add missing policy for NDTPA_QUEUE_LENBYTES (Lin Ma)
  - net: atm: fix use after free in lec_send() (Dan Carpenter) [Orabug: 37828221] {CVE-2025-22004}
  - ipv6: Set errno after ip_fib_metrics_init() in ip6_route_info_create(). (Kuniyuki Iwashima)
  - ipv6: Fix memleak of nhc_pcpu_rth_output in fib_check_nh_v6_gw(). (Kuniyuki Iwashima) [Orabug: 37828229] {CVE-2025-22005}
  - Bluetooth: Fix error code in chan_alloc_skb_cb() (Dan Carpenter) [Orabug: 37828235] {CVE-2025-22007}
  - RDMA/hns: Fix wrong value of max_sge_rd (Junxian Huang)
  - RDMA/bnxt_re: Avoid clearing VLAN_ID mask in modify qp path (Saravanan Vajravel)
  - xfrm_output: Force software GSO only in tunnel mode (Cosmin Ratiu)
  - firmware: imx-scu: fix OF node leak in .probe() (Joe Hattori)
  - i2c: sis630: Fix an error handling path in sis630_probe() (Christophe Jaillet)
  - i2c: ali15x3: Fix an error handling path in ali15x3_probe() (Christophe Jaillet)
  - i2c: ali1535: Fix an error handling path in ali1535_probe() (Christophe Jaillet)
  - ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (Christophe Jaillet)
  - drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (Ivan Abramov)
  - qlcnic: fix memory leak issues in qlcnic_sriov_common.c (Haoxiang Li)
  - drm/amd/display: Assign normalized_pix_clk when color depth = 14 (Alex Hung) [Orabug: 37828049] {CVE-2025-21956}
  - drm/atomic: Filter out redundant DPMS calls (Ville Syrjälä)
  - x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (Florent Revest) [Orabug: 37828167] {CVE-2025-21991}
  - USB: serial: option: match on interface class for Telit FN990B (Johan Hovold)
  - USB: serial: option: fix Telit Cinterion FE990A name (Fabio Porcedda)
  - USB: serial: option: add Telit Cinterion FE990B compositions (Fabio Porcedda)
  - USB: serial: ftdi_sio: add support for Altera USB Blaster 3 (Boon Khai Ng)
  - block: fix 'kmem_cache of name 'bio-108' already exists' (Ming Lei)
  - drm/nouveau: Do not override forced connector status (Thomas Zimmermann)
  - x86/irq: Define trace events conditionally (Arnd Bergmann)
  - fuse: don't truncate cached, mutated symlink (Miklos Szeredi)
  - nvme: only allow entering LIVE from CONNECTING state (Daniel Wagner)
  - sctp: Fix undefined behavior in left shift operation (Yu-Chun Lin)
  - nvmet-rdma: recheck queue state is LIVE in state lock in recv done (Ruozhu Li)
  - ASoC: rsnd: don't indicate warning on rsnd_kctrl_accept_runtime() (Kuninori Morimoto)
  - s390/cio: Fix CHPID "configure" attribute caching (Peter Oberparleiter)
  - HID: ignore non-functional sensor in HP 5MP Camera (Chia-Lin Kao) [Orabug: 37828174] {CVE-2025-21992}
  - HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (Zhang Lixu)
  - ACPI: resource: IRQ override for Eluktronics MECH-17 (Gannon Kolding)
  - scsi: qla1280: Fix kernel oops when debug level > 2 (Magnus Lindholm) [Orabug: 37828056] {CVE-2025-21957}
  - iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (Chengen Du) [Orabug: 37828181] {CVE-2025-21993}
  - powercap: call put_device() on an error path in powercap_register_control_type() (Joe Hattori)
  - hrtimers: Mark is_migration_base() with __always_inline (Andy Shevchenko)
  - nvme-fc: go straight to connecting state when initializing (Daniel Wagner)
  - net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices (Carolina Jubran)
  - netfilter: nft_exthdr: fix offset with ipv4_find_option() (Alexey Kashavkin)
  - net_sched: Prevent creation of classes with TC_H_ROOT (Cong Wang) [Orabug: 37828110] {CVE-2025-21971}
  - ipvs: prevent integer overflow in do_ip_vs_get_ctl() (Dan Carpenter)
  - netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() (Kohei Enju) [Orabug: 37828064] {CVE-2025-21959}
  - Drivers: hv: vmbus: Don't release fb_mmio resource in vmbus_free_mmio() (Michael Kelley)
  - drivers/hv: Replace binary semaphore with mutex (Davidlohr Bueso)
  - netpoll: hold rcu read lock in __netpoll_send_skb() (Breno Leitao)
  - netpoll: netpoll_send_skb() returns transmit status (Eric Dumazet)
  - netpoll: move netpoll_send_skb() out of line (Eric Dumazet)
  - netpoll: remove dev argument from netpoll_send_skb_on_dev() (Eric Dumazet)
  - netpoll: Fix use correct return type for ndo_start_xmit() (Yunjian Wang)
  - pinctrl: bcm281xx: Fix incorrect regmap max_registers value (Artur Weber)
  - sched/isolation: Prevent boot crash when the boot CPU is nohz_full (Oleg Nesterov)
  - clockevents/drivers/i8253: Fix stop sequence for timer 0 (David Woodhouse)

• Thu May 01 2025 Sherry Yang <sherry.yang@oracle.com> [5.4.17-2136.344.1.el8uek]

  - RDS: avoid using offlined CPU during reconnect (Arumugam Kolappan) [Orabug: 37800559]
  - x86/microcode/AMD: Clean the cache if update did not load microcode (Boris Ostrovsky) [Orabug: 37800729]
  - x86/microcode/AMD: Add finalize_late_load() microcode_op (Boris Ostrovsky) [Orabug: 37800729]
  - x86/microcode/AMD: Extend the SHA check to Zen5, block loading of any unreleased standalone Zen5 microcode patches (Borislav Petkov) [Orabug: 37800729]
  - x86/microcode/AMD: Add some forgotten models to the SHA check (Borislav Petkov) [Orabug: 37800729]
  - x86/microcode/AMD: Load only SHA256-checksummed patches (Borislav Petkov) [Orabug: 37800729]
  - x86/microcode/AMD: Flush patch buffer mapping after application (Borislav Petkov) [Orabug: 37800729]
  - x86/microcode/AMD: Stash BSP's CPUID(1).EAX and patch size (Boris Ostrovsky) [Orabug: 37800729]
  - nvme: fix deadlock between reset and scan (Bitao Hu) [Orabug: 37861518]

• Thu Apr 17 2025 Sherry Yang <sherry.yang@oracle.com> [5.4.17-2136.343.5.el8uek]

  - sctp: sysctl: auth_enable: avoid using current->nsproxy (Matthieu Baerts) [Orabug: 37497283,37846673] {CVE-2025-21638}
  - sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (Matthieu Baerts) [Orabug: 37497303,37846668] {CVE-2025-21640}
  - uek-rpm: remove .el7 from shim version (Samasth Norway Ananda) [Orabug: 37834734]

• Fri Apr 11 2025 Alok Tiwari <alok.a.tiwari@oracle.com> [5.4.17-2136.343.4.el8uek]

  - bpf: Use preempt_count() directly in bpf_send_signal_common() (Hou Tao)
  - Revert "sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy" (Magali Lemes)
  - jfs: fix slab-out-of-bounds read in ea_get() (Qasim Ijaz) [Orabug: 37855411] {CVE-2025-39735}
  - serial: 8250_dma: terminate correct DMA in tx_dma_flush() (John Keeping)
  - Revert "sctp: sysctl: auth_enable: avoid using current->nsproxy" (Magali Lemes)
  - net: usb: usbnet: restore usb%d name exception for local mac addresses (Dominique Martinet)
  - vlan: fix memory leak in vlan_newlink() (Eric Dumazet)
  - rds: ib: Fix NULL ptr deref in rds_ib_cq_follow_affinity (Håkon Bugge) [Orabug: 37747826]