[ol8_MODRHCK] kernel-4.18.0-553.134.1.0.1.el8_10.x86_64

Name:	kernel
Version:	4.18.0
Release:	553.134.1.0.1.el8_10
Architecture:	x86_64
Group:	System Environment/Kernel
Size:	0
License:	GPLv2 and Redistributable, no modification permitted
RPM:	kernel-4.18.0-553.134.1.0.1.el8_10.x86_64.rpm
Source RPM:	kernel-4.18.0-553.134.1.0.1.el8_10.src.rpm
Build Date:	Wed Jun 17 2026
Build Host:	build-ol8-x86_64.oracle.com
Vendor:	Oracle America
URL:	http://www.kernel.org/
Summary:	The Linux kernel, based on version 4.18.0, heavily modified with backports
Description:	This is the package which provides the Linux kernel for Red Hat Enterprise Linux. It is based on upstream Linux at version 4.18.0 and maintains kABI compatibility of a set of approved symbols, however it is heavily modified with backports and fixes pulled from newer upstream Linux kernel releases. This means this is not a 4.18.0 kernel anymore: it includes several components which come from newer upstream linux versions, while maintaining a well tested and stable core. Some of the components/backports that may be pulled in are: changes like updates to the core kernel (eg.: scheduler, cgroups, memory management, security fixes and features), updates to block layer, supported filesystems, major driver updates for supported hardware in Red Hat Enterprise Linux, enhancements for enterprise customers, etc.

Changelog (Show File list) (Show related packages)

Tue Jun 16 2026 EL Errata <el-errata_ww@oracle.com> [4.18.0-553.134.1.0.1.el8_10.OL8]

- scsi: core: Restrict legal sdev_state transitions via sysfs (Uday Shankar) [Orabug: 37778230]

Tue Jun 16 2026 EL Errata <el-errata_ww@oracle.com> [4.18.0-553.134.1.el8_10.OL8]

- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985772]

Tue Jun 16 2026 EL Errata <el-errata_ww@oracle.com> [4.18.0-553.134.1.el8_10.OL8]

- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985772]

Fri Jun 12 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.134.1.el8_10]

- wifi: mac80211: remove station if connection prep fails (Jose Ignacio Tornos Martinez) [RHEL-180120] {CVE-2026-46125}
- wifi: mac80211: drop stray 'static' from fast-RX rx_result (CKI Backport Bot) [RHEL-180058] {CVE-2026-46152}
- Bluetooth: hci_event: fix potential UAF in SSP passkey handlers (CKI Backport Bot) [RHEL-179360] {CVE-2026-46056}
- netfilter: flowtable: strictly check for maximum number of actions (Florian Westphal) [RHEL-176909] {CVE-2026-43329}
- netfilter: nf_tables_offload: add nft_flow_action_entry_next() and use it (Florian Westphal) [RHEL-176909] {CVE-2026-43329}
- mptcp: fix slab-use-after-free in __inet_lookup_established (Davide Caratti) [RHEL-171500] {CVE-2026-31669}
- xen/privcmd: fix double free via VMA splitting (Vitaly Kuznetsov) [RHEL-172482] {CVE-2026-31787}
- wifi: brcmfmac: validate bsscfg indices in IF events (CKI Backport Bot) [RHEL-173853] {CVE-2026-43110}

Wed Jun 10 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.133.1.el8_10]

- Buffer overflow in drivers/xen/sys-hypervisor.c (CKI Backport Bot) [RHEL-172504] {CVE-2026-31786}

Wed Jun 10 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.132.1.el8_10]

- ip6_tunnel: clear skb2->cb[] in ip4ip6_err() (Guillaume Nault) [RHEL-172640] {CVE-2026-43037}
- dlm: fix buffer overflow from negative len in dlm_search_rsb_tree (Alexander Aring) [RHEL-173986] {CVE-2026-43125}
- dlm: validate length in dlm_search_rsb_tree (Alexander Aring) [RHEL-173986] {CVE-2026-43125}

Fri Jun 05 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.131.1.el8_10]

- RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() (Kamal Heib) [RHEL-179982] {CVE-2026-46181}
- nvme: nvme-fc: Ensure ->ioerr_work is cancelled in nvme_fc_delete_ctrl() (Ewan D. Milne) [RHEL-178447]
- ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() (Guillaume Nault) [RHEL-172664] {CVE-2026-43038}
- ALSA: 6fire: Fix leftover global pointers after probe failures (Jaroslav Kysela) [RHEL-172963]
- ALSA: 6fire: Cover the whole probe and disconnect calls with register_mutex (Jaroslav Kysela) [RHEL-172963]
- ALSA: 6fire: fix use-after-free on disconnect (Jaroslav Kysela) [RHEL-172963] {CVE-2026-31581}
- ALSA: 6fire: Release resources at card release (Jaroslav Kysela) [RHEL-172963] {CVE-2024-53239}

Wed Jun 03 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.130.1.el8_10]

- RDMA/rxe: Fix double free in rxe_srq_from_init (Kamal Heib) [RHEL-179702] {CVE-2026-45852}
- md: uninitialized start_time in md_clone_bio() causes bogus IO accounting (Nigel Croxon) [RHEL-170384]

Tue Jun 02 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.129.1.el8_10]

- smb: client: reject userspace cifs.spnego descriptions (Paulo Alcantara) [RHEL-178938] {CVE-2026-46243}

Fri May 29 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.128.1.el8_10]

- smb: client: fix OOB reads parsing symlink error response (Paulo Alcantara) [RHEL-171465] {CVE-2026-31613}
- geneve: Suppress list corruption splat in geneve_destroy_tunnels(). (Antoine Tenart) [RHEL-168961]
- geneve: Fix use-after-free in geneve_find_dev(). (Antoine Tenart) [RHEL-168961] {CVE-2025-21858}
- netfilter: nf_tables: release flowtable after rcu grace period on error (Florian Westphal) [RHEL-160514] {CVE-2026-23392}