[ol8_MODRHCK] kernel-debug-core-4.18.0-553.111.1.0.1.el8_10.x86_64

Name:	kernel-debug-core
Version:	4.18.0
Release:	553.111.1.0.1.el8_10
Architecture:	x86_64
Group:	System Environment/Kernel
Size:	120147094
License:	GPLv2 and Redistributable, no modification permitted
RPM:	kernel-debug-core-4.18.0-553.111.1.0.1.el8_10.x86_64.rpm
Source RPM:	kernel-4.18.0-553.111.1.0.1.el8_10.src.rpm
Build Date:	Mon Mar 09 2026
Build Host:	build-ol8-x86_64.oracle.com
Vendor:	Oracle America
URL:	http://www.kernel.org/
Summary:	The Linux kernel compiled with extra debugging enabled
Description:	The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. This variant of the kernel has numerous debugging options enabled. It should only be installed when trying to gather additional information on kernel bugs, as some of these options impact performance noticably.

Changelog (Show File list) (Show related packages)

Mon Mar 09 2026 EL Errata <el-errata_ww@oracle.com> [4.18.0-553.111.1.0.1.el8_10.OL8]

- scsi: core: Restrict legal sdev_state transitions via sysfs (Uday Shankar) [Orabug: 37778230]

Mon Mar 09 2026 EL Errata <el-errata_ww@oracle.com> [4.18.0-553.111.1.el8_10.OL8]

- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985772]

Sat Feb 28 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.111.1.el8_10]

- macvlan: fix possible UAF in macvlan_forward_source() (Hangbin Liu) [RHEL-144120] {CVE-2026-23001}

Thu Feb 26 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.110.1.el8_10]

- pNFS: fix a missing wake up while waiting on NFS_LAYOUT_DRAIN (Olga Kornievskaia) [RHEL-131922]
- fbcon: Avoid using FNTCHARCNT() and hard-coded built-in font charcount (Jocelyn Falempe) [RHEL-148636]
- audit: Use the new {get,put}_fs_pwd_pool() APIs to get/put pwd references (Waiman Long) [RHEL-146026]
- fs: Add a pool of extra fs->pwd references to fs_struct (Waiman Long) [RHEL-146026]
- ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (CKI Backport Bot) [RHEL-143535] {CVE-2025-71085}

Tue Feb 24 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.109.1.el8_10]

- migrate: correct lock ordering for hugetlb file folios (Luiz Capitulino) [RHEL-147261] {CVE-2026-23097}

Thu Feb 19 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.108.1.el8_10]
```
- autofs: dont trigger mount if it cant succeed (Ian Kent) [RHEL-134673]
```

Tue Feb 17 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.107.1.el8_10]

- autofs: use wake_up() instead of wake_up_interruptible(() (Ian Kent) [RHEL-143685]
- autofs: fix memory leak of waitqueues in autofs_catatonic_mode (Ian Kent) [RHEL-143685] {CVE-2023-54134}
- i40e: validate ring_len parameter against hardware-specific values (CKI Backport Bot) [RHEL-141709]
- xfs: set max_agbno to allow sparse alloc of last full inode chunk (Brian Foster) [RHEL-136693]
- audit: merge loops in __audit_inode_child() (Ricardo Robaina) [RHEL-140442]

Tue Feb 17 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.106.1.el8_10]

- bridge: mcast: Fix use-after-free during router port configuration (Mohammad Heib) [RHEL-138422] {CVE-2025-38248}
- net/sched: Enforce that teql can only be used as root qdisc (CKI Backport Bot) [RHEL-146992] {CVE-2026-23074}
- page_pool: Fix use-after-free in page_pool_recycle_in_ring (Marc Milgram) [RHEL-137838] {CVE-2025-38129}
- mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats (CKI Backport Bot) [RHEL-143189] {CVE-2025-68800}
- smc: Fix use-after-free in __pnet_find_base_ndev(). (Mete Durlu) [RHEL-126886] {CVE-2025-40064}

Sat Feb 07 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.105.1.el8_10]

- s390/ipl: Clear SBP flag when bootprog is set (Mete Durlu) [RHEL-145334]
- Bluetooth: hci_event: Fix checking conn for le_conn_complete_evt (David Marlin) [RHEL-137111] {CVE-2023-53762}
- Bluetooth: hci_sync: Fix UAF in hci_disconnect_all_sync (David Marlin) [RHEL-137111] {CVE-2023-53762}
- Bluetooth: hci_sync: Fix UAF on hci_abort_conn_sync (David Marlin) [RHEL-137111] {CVE-2023-53762}
- Bluetooth: hci_conn: Consolidate code for aborting connections (David Marlin) [RHEL-137111] {CVE-2023-53762}
- Bluetooth: Fix printing errors if LE Connection times out (David Marlin) [RHEL-137111] {CVE-2023-53762}
- Bluetooth: hci_conn: Fix not cleaning up on LE Connection failure (David Marlin) [RHEL-137111] {CVE-2023-53762}
- Bluetooth: hci_sync: hold hdev->lock when cleanup hci_conn (David Marlin) [RHEL-137111] {CVE-2023-53762}
- Bluetooth: Move hci_abort_conn to hci_conn.c (David Marlin) [RHEL-137111] {CVE-2023-53762}
- Bluetooth: mgmt: Fix using hci_conn_abort (David Marlin) [RHEL-137111] {CVE-2023-53762}
- Bluetooth: hci_conn: Fix hci_connect_le_sync (David Marlin) [RHEL-137111] {CVE-2023-53762}
- Bluetooth: hci_sync: Cleanup hci_conn if it cannot be aborted (David Marlin) [RHEL-137111] {CVE-2023-53762}
- Bluetooth: hci_event: Fix checking for invalid handle on error status (David Marlin) [RHEL-137111] {CVE-2023-53762}
- Bluetooth: call hci_le_conn_failed with hdev lock in hci_le_conn_failed (David Marlin) [RHEL-137111] {CVE-2023-53762}
- Bluetooth: hci_sync: fix undefined return of hci_disconnect_all_sync() (David Marlin) [RHEL-137111] {CVE-2023-53762}
- Bluetooth: hci_event: Ignore multiple conn complete events (David Marlin) [RHEL-137111] {CVE-2023-53762}
- Bluetooth: fix null ptr deref on hci_sync_conn_complete_evt (David Marlin) [RHEL-137111] {CVE-2023-53762}
- fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds (CKI Backport Bot) [RHEL-137678] {CVE-2025-40304}
- gfs2: Fix duplicate should_fault_in_pages() call (Andreas Gruenbacher) [RHEL-130505]
- smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match(). (Mete Durlu) [RHEL-130012] {CVE-2025-40168}

Wed Feb 04 2026 Alexandra Hájková <ahajkova@redhat.com> [4.18.0-553.104.1.el8_10]

- Revert "audit: Avoid excessive dput/dget in audit_context setup and reset paths" (Alexandra Hájková) [RHEL-145856]