| Name: | kernel |
|---|---|
| Version: | 4.18.0 |
| Release: | 553.123.1.0.1.el8_10 |
| Architecture: | x86_64 |
| Group: | System Environment/Kernel |
| Size: | 0 |
| License: | GPLv2 and Redistributable, no modification permitted |
| RPM: | kernel-4.18.0-553.123.1.0.1.el8_10.x86_64.rpm |
| Source RPM: | kernel-4.18.0-553.123.1.0.1.el8_10.src.rpm |
| Build Date: | Tue May 05 2026 |
| Build Host: | build-ol8-x86_64.oracle.com |
| Vendor: | Oracle America |
| URL: | http://www.kernel.org/ |
| Summary: | The Linux kernel, based on version 4.18.0, heavily modified with backports |
| Description: | This is the package which provides the Linux kernel for Red Hat Enterprise Linux. It is based on upstream Linux at version 4.18.0 and maintains kABI compatibility of a set of approved symbols, however it is heavily modified with backports and fixes pulled from newer upstream Linux kernel releases. This means this is not a 4.18.0 kernel anymore: it includes several components which come from newer upstream linux versions, while maintaining a well tested and stable core. Some of the components/backports that may be pulled in are: changes like updates to the core kernel (eg.: scheduler, cgroups, memory management, security fixes and features), updates to block layer, supported filesystems, major driver updates for supported hardware in Red Hat Enterprise Linux, enhancements for enterprise customers, etc. |
- scsi: core: Restrict legal sdev_state transitions via sysfs (Uday Shankar) [Orabug: 37778230]
- Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3 - Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652] - Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985772]
- crypto: algif_aead - snapshot IV for async AEAD requests (Herbert Xu) [RHEL-172187]
- crypto: algif_aead - Fix minimum RX size check for decryption (Herbert Xu) [RHEL-172187]
- crypto: authencesn - reject short ahash digests during instance creation (Herbert Xu) [RHEL-172187]
- crypto: authencesn - Fix src offset when decrypting in-place (Herbert Xu) [RHEL-172187]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Herbert Xu) [RHEL-172187] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Herbert Xu) [RHEL-172187] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Herbert Xu) [RHEL-172187]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Herbert Xu) [RHEL-172187] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Herbert Xu) [RHEL-172187] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Herbert Xu) [RHEL-172187]
- KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE (Paolo Bonzini) [RHEL-153727] {CVE-2026-23401}
- nvme: avoid double free special payload (Maurizio Lombardi) [RHEL-51303] {CVE-2024-41073}
- crypto: asymmetric_keys - prevent overflow in asymmetric_key_generate_id (CKI Backport Bot) [RHEL-166921] {CVE-2025-68724}
- net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end() (Jay Shin) [RHEL-166155] {CVE-2025-40252}
- kernel.h: Move ARRAY_SIZE() to a separate header (Jay Shin) [RHEL-166155] {CVE-2025-40252}
- nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (Scott Mayhew) [RHEL-167011] {CVE-2026-31402}
- gfs2: bufdata allocation race (Andreas Gruenbacher) [RHEL-160075] - gfs2: Get rid of gfs2_log_[un]lock helpers (Andreas Gruenbacher) [RHEL-160075] - gfs2: Avoid unnecessary transactions in evict_linked_inode (Andreas Gruenbacher) [RHEL-160075] - KVM: x86: Fix a semi theoretical bug in kvm_arch_async_page_present_queued() (Maxim Levitsky) [RHEL-152657] - KVM: x86: Don't clear async #PF queue when CR0.PG is disabled (e.g. on #SMI) (Maxim Levitsky) [RHEL-152657]
- s390/dasd: Copy detected format information to secondary device (Mete Durlu) [RHEL-161532]
- s390/dasd: Move quiesce state with pprc swap (Mete Durlu) [RHEL-161532]
- s390/dasd: Fix gendisk parent after copy pair swap (Mete Durlu) [RHEL-161532]
- redhat: kernel.spec: add missing sound/soc/sof/sof-audio.h to kernel-devel package (Jaroslav Kysela) [RHEL-152417]
- s390/virtio_ccw: Fix dma_parm pointer not set up (CKI Backport Bot) [RHEL-148307]
- dlm: fix recovery pending middle conversion (Alexander Aring) [RHEL-125538]
- dlm: check for undefined release_option values (Alexander Aring) [RHEL-136236]
- dlm: handle release_option as unsigned (Alexander Aring) [RHEL-136236]
- dlm: handle invalid lockspace member remove (Alexander Aring) [RHEL-136236]
- dlm: add new flag DLM_RELEASE_RECOVER for dlm_lockspace_release (Alexander Aring) [RHEL-136236]
- dlm: add new configfs entry release_recover for lockspace members (Alexander Aring) [RHEL-136236]
- dlm: add new RELEASE_RECOVER uevent attribute for release_lockspace (Alexander Aring) [RHEL-136236]
- dlm: use defines for force values in dlm_release_lockspace (Alexander Aring) [RHEL-136236]
- dlm: check for defined force value in dlm_lockspace_release (Alexander Aring) [RHEL-136236]
- dlm: disallow different configs nodeid storages (Alexander Aring) [RHEL-136236]
- dlm: prevent NPD when writing a positive value to event_done (Alexander Aring) [RHEL-136236] {CVE-2025-23131}
- dlm: Switch to using wait_event() (Alexander Aring) [RHEL-136236]
- scsi: qla2xxx: Fix improper freeing of purex item (CKI Backport Bot) [RHEL-159219] {CVE-2025-68741}
- ALSA: aloop: Fix racy access at PCM trigger (Jaroslav Kysela) [RHEL-150125] {CVE-2026-23191}
- ALSA: aloop: Introduce a function to get if access is interleaved mode (CKI Backport Bot) [RHEL-150125] {CVE-2026-23191}
- nvme-pci: do not directly handle subsys reset fallout (Maurizio Lombardi) [RHEL-136436]
- scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (CKI Backport Bot) [RHEL-150417] {CVE-2026-23193}
- nouveau: fix instmem race condition around ptr stores (Lyude Paul) [RHEL-111846] {CVE-2024-26984}
- s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump (Mete Durlu) [RHEL-157930]
- NFSv4/flexfiles: Fix layout merge mirror check. (Mike Snitzer) [RHEL-157242]
- flexfiles/pNFS: fix NULL checks on result of ff_layout_choose_ds_for_read (Mike Snitzer) [RHEL-157242]
- pnfs/flexfiles: retry getting layout segment for reads (Mike Snitzer) [RHEL-157242]
- pNFS/flexfiles: don't attempt pnfs on fatal DS errors (Mike Snitzer) [RHEL-157242]
- NFSv4/flexfiles: Fix handling of NFS level errors in I/O (Mike Snitzer) [RHEL-157242]
- flexfiles/pNFS: update stats on NFS4ERR_DELAY for v4.1 DSes (Mike Snitzer) [RHEL-157242]
- pNFS/flexfiles: Record the RPC errors in the I/O tracepoints (Mike Snitzer) [RHEL-157242]
- NFSv4/pnfs: Layoutreturn on close must handle fatal networking errors (Mike Snitzer) [RHEL-157242]
- NFSv4: Handle fatal ENETDOWN and ENETUNREACH errors (Mike Snitzer) [RHEL-157242]
- pNFS/flexfiles: Report ENETDOWN as a connection error (Mike Snitzer) [RHEL-157242]
- pNFS/flexfiles: Treat ENETUNREACH errors as fatal in containers (Mike Snitzer) [RHEL-157242]
- NFS: Treat ENETUNREACH errors as fatal in containers (Mike Snitzer) [RHEL-157242]
- NFS: Add a mount option to make ENETUNREACH errors fatal (Mike Snitzer) [RHEL-157242]
- NFSv4.1 another fix for EXCHGID4_FLAG_USE_PNFS_DS for DS server (Mike Snitzer) [RHEL-157242]
- SUNRPC: ECONNRESET might require a rebind (Mike Snitzer) [RHEL-157242]
- NFS/pNFS: Set the connect timeout for the pNFS flexfiles driver (Mike Snitzer) [RHEL-157242]
- SUNRPC: Don't override connect timeouts in rpc_clnt_add_xprt() (Mike Snitzer) [RHEL-157242]
- SUNRPC: Allow specification of TCP client connect timeout at setup (Mike Snitzer) [RHEL-157242]
- SUNRPC: Refactor and simplify connect timeout (Mike Snitzer) [RHEL-157242]
- SUNRPC: Set the TCP_SYNCNT to match the socket timeout (Mike Snitzer) [RHEL-157242]
- NFS: discard NFS_RPC_SWAPFLAGS and RPC_TASK_ROOTCREDS (Mike Snitzer) [RHEL-157242]
- NFS: O_DIRECT writes must check and adjust the file length (Mike Snitzer) [RHEL-156419]
- nfs: properly protect nfs_direct_req fields (Mike Snitzer) [RHEL-156419]
- pNFS: Fix the pnfs block driver's calculation of layoutget size (Mike Snitzer) [RHEL-156419]
- NFS: More fixes for nfs_direct_write_reschedule_io() (Mike Snitzer) [RHEL-156419]
- NFS: Use the correct commit info in nfs_join_page_group() (Mike Snitzer) [RHEL-156419]
- NFS: More O_DIRECT accounting fixes for error paths (Mike Snitzer) [RHEL-156419]
- NFS: Fix O_DIRECT locking issues (Mike Snitzer) [RHEL-156419]
- NFS: Fix error handling for O_DIRECT write scheduling (Mike Snitzer) [RHEL-156419]
- NFS: Fix a potential data corruption (Mike Snitzer) [RHEL-156419]
- NFS: Fix a use after free in nfs_direct_join_group() (Mike Snitzer) [RHEL-156419]
- NFS: Clean up O_DIRECT request allocation (Mike Snitzer) [RHEL-156419]
- NFS: add nfs_page_create and nfs_page_assign_page as backport prereq (Mike Snitzer) [RHEL-156419]
- nfs: only issue commit in DIO codepath if we have uncommitted data (Mike Snitzer) [RHEL-156419]
- nfs: always check dreq->error after a commit (Mike Snitzer) [RHEL-156419]
- nfs: add new nfs_direct_req tracepoint events (Mike Snitzer) [RHEL-156419]
- scsi: qla2xxx: Fix bsg_done() causing double free (Ewan D. Milne) [RHEL-153405] {CVE-2025-71238}
- netfilter: nf_tables: fix use-after-free in nf_tables_addchain() (Florian Westphal) [RHEL-153264] {CVE-2026-23231}
- ACPI: processor: idle: Return an error if both P_LVL{2,3} idle states are invalid (Mark Langsdorf) [RHEL-123942]