[ol8_MODRHCK] kernel-debug-core-4.18.0-553.80.1.0.1.el8_10.x86_64

Name:	kernel-debug-core
Version:	4.18.0
Release:	553.80.1.0.1.el8_10
Architecture:	x86_64
Group:	System Environment/Kernel
Size:	120129649
License:	GPLv2 and Redistributable, no modification permitted
RPM:	kernel-debug-core-4.18.0-553.80.1.0.1.el8_10.x86_64.rpm
Source RPM:	kernel-4.18.0-553.80.1.0.1.el8_10.src.rpm
Build Date:	Mon Oct 20 2025
Build Host:	build-ol8-x86_64.oracle.com
Vendor:	Oracle America
URL:	http://www.kernel.org/
Summary:	The Linux kernel compiled with extra debugging enabled
Description:	The kernel package contains the Linux kernel (vmlinuz), the core of any Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc. This variant of the kernel has numerous debugging options enabled. It should only be installed when trying to gather additional information on kernel bugs, as some of these options impact performance noticably.

Changelog (Show File list) (Show related packages)

Mon Oct 20 2025 Codrin Pruteanu <codrin.pruteanu@oracle.com> [4.18.0-553.80.1.0.1.el8_10.OL8]

- scsi: core: Restrict legal sdev_state transitions via sysfs (Uday Shankar) [Orabug: 37778230]

Mon Oct 20 2025 Codrin Pruteanu <codrin.pruteanu@oracle.com> [4.18.0-553.80.1.el8_10.OL8]

- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
- Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
- Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985772]

Thu Oct 09 2025 Alexandra Hájková <ahajkova@redhat.com> [4.18.0-553.80.1.el8_10]

- block: remove some blk_mq_hw_ctx debugfs entries (Ricardo Robaina) [RHEL-8816]
- blk-mq: Remove the hctx 'run' debugfs attribute (Ricardo Robaina) [RHEL-8816]
- block: remove debugfs blk_mq_ctx dispatched/merged/completed attributes (Ricardo Robaina) [RHEL-8816]
- ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control (CKI Backport Bot) [RHEL-114840] {CVE-2025-39751}
- crypto: seqiv - Handle EBUSY correctly (CKI Backport Bot) [RHEL-117228] {CVE-2023-53373}
- ALSA: usb-audio: Validate UAC3 power domain descriptors, too (Jaroslav Kysela) [RHEL-114681] {CVE-2025-38729}
- ALSA: usb-audio: Fix size validation in convert_chmap_v3() (Jaroslav Kysela) [RHEL-114681]
- ALSA: usb-audio: Validate UAC3 cluster segment descriptors (Jaroslav Kysela) [RHEL-114681] {CVE-2025-39757}

Thu Oct 02 2025 Alexandra Hájková <ahajkova@redhat.com> [4.18.0-553.79.1.el8_10]

- Bluetooth: L2CAP: Fix use-after-free (CKI Backport Bot) [RHEL-116277] {CVE-2023-53305}
- KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 (CKI Backport Bot) [RHEL-109748] {CVE-2022-50228}

Thu Sep 25 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.78.1.el8_10]

- mm/migrate: set swap entry values of THP tail pages properly. (Luiz Capitulino) [RHEL-101302]
- smb: client: fix use-after-free in cifs_oplock_break (Paulo Alcantara) [RHEL-111190] {CVE-2025-38527}
- NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() (CKI Backport Bot) [RHEL-113603] {CVE-2025-39730}

Thu Sep 18 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.77.1.el8_10]

- net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (CKI Backport Bot) [RHEL-109847] {CVE-2025-37797}
- net_sched: hfsc: Fix a UAF vulnerability in class handling (CKI Backport Bot) [RHEL-109847] {CVE-2025-37797}
- net: openvswitch: Fix the dead loop of MPLS parse (Aaron Conole) [RHEL-95609]
- sctp: linearize cloned gso packets in sctp_rcv (CKI Backport Bot) [RHEL-113329] {CVE-2025-38718}
- firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails (Charles Mirabile) [RHEL-109394] {CVE-2022-50087}
- nfsd: don't ignore the return code of svc_proc_register() (Olga Kornievskaia) [RHEL-111639] {CVE-2025-22026}

Sun Sep 14 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.76.1.el8_10]

- HID: core: Harden s32ton() against conversion to 0 bits (CKI Backport Bot) [RHEL-111027] {CVE-2025-38556}
- HID: stop exporting hid_snto32() (CKI Backport Bot) [RHEL-111027] {CVE-2025-38556}
- HID: simplify snto32() (CKI Backport Bot) [RHEL-111027] {CVE-2025-38556}
- HID: core: fix shift-out-of-bounds in hid_report_raw_event (CKI Backport Bot) [RHEL-111027] {CVE-2025-38556}
- use uniform permission checks for all mount propagation changes (Ian Kent) [RHEL-107299] {CVE-2025-38498}
- do_change_type(): refuse to operate on unmounted/not ours mounts (Ian Kent) [RHEL-107299] {CVE-2025-38498}
- xfs: make sure sb_fdblocks is non-negative (Pavel Reichl) [RHEL-104193]
- vsock: Fix transport_* TOCTOU (CKI Backport Bot) [RHEL-105991] {CVE-2025-38461}

Tue Sep 09 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.75.1.el8_10]

- Revert "module, async: async_synchronize_full() on module init iff async is used" (Herton R. Krzesinski) [RHEL-99812]
- mm/page_alloc: make sure free_pcppages_bulk() bails when given count < 0 (Rafael Aquini) [RHEL-85453]
- sch_cbq: make cbq_qlen_notify() idempotent (Ivan Vecera) [RHEL-93376]
- net/sched: ets: use old 'nbands' while purging unused classes (Ivan Vecera) [RHEL-107541] {CVE-2025-38350}
- net_sched: sch_ets: implement lockless ets_dump() (Ivan Vecera) [RHEL-107541] {CVE-2025-38350}
- net/sched: Always pass notifications when child class becomes empty (Ivan Vecera) [RHEL-93376] {CVE-2025-38350}
- net_sched: ets: fix a race in ets_qdisc_change() (Ivan Vecera) [RHEL-107541] {CVE-2025-38107}
- sch_htb: make htb_deactivate() idempotent (Ivan Vecera) [RHEL-93376] {CVE-2025-37953}
- codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (Ivan Vecera) [RHEL-93376] {CVE-2025-37798}
- sch_qfq: make qfq_qlen_notify() idempotent (Ivan Vecera) [RHEL-93376] {CVE-2025-38350}
- sch_drr: make drr_qlen_notify() idempotent (Ivan Vecera) [RHEL-93376] {CVE-2025-38350}
- sch_htb: make htb_qlen_notify() idempotent (Ivan Vecera) [RHEL-93376] {CVE-2025-37932}
- idpf: convert control queue mutex to a spinlock (CKI Backport Bot) [RHEL-106049] {CVE-2025-38392}
- drm/framebuffer: Acquire internal references on GEM handles (Anusha Srivatsa) [RHEL-106684] {CVE-2025-38449}
- drm/gem: Acquire references on GEM handles for framebuffers (Anusha Srivatsa) [RHEL-106684] {CVE-2025-38449}
- tracing: Disable interrupt or preemption before acquiring arch_spinlock_t (partial) (Luis Claudio R. Goncalves) [RHEL-95713]
- vmxnet3: disable rx data ring on dma allocation failure (Michal Schmidt) [RHEL-106160]
- xfs: fix error returns from xfs_bmapi_write (Carlos Maiolino) [RHEL-93655]
- xfs: handle nimaps=0 from xfs_bmapi_write in xfs_alloc_file_space (Carlos Maiolino) [RHEL-93655]
- net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull (CKI Backport Bot) [RHEL-112239] {CVE-2023-53125}
- net: usb: smsc75xx: Limit packet length to skb->len (CKI Backport Bot) [RHEL-112239] {CVE-2023-53125}
- PCI: Support BAR sizes up to 8TB (Myron Stowe) [RHEL-106671]

Sun Sep 07 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.74.1.el8_10]

- posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (Oleg Nesterov) [RHEL-112775] {CVE-2025-38352}

Thu Aug 28 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.73.1.el8_10]

- ACPI: resource: Honor MADT INT_SRC_OVR settings for IRQ1 on AMD Zen (Jay Shin) [RHEL-108360]
- ACPI: resource: Always use MADT override IRQ settings for all legacy non i8042 IRQs (Jay Shin) [RHEL-108360]
- s390/pci: Allow automatic recovery with minimal driver support (Mete Durlu) [RHEL-110234]
- bpf: Don't use tnum_range on array range checking for poke descriptors (CKI Backport Bot) [RHEL-109298] {CVE-2022-49985}
- s390/ism: fix concurrency management in ism_cmd() (Mete Durlu) [RHEL-110208]