[ol8_baseos_latest] kernel-4.18.0-553.97.1.el8_10.x86_64

This is the package which provides the Linux kernel for Red Hat Enterprise
Linux. It is based on upstream Linux at version 4.18.0 and maintains kABI
compatibility of a set of approved symbols, however it is heavily modified with
backports and fixes pulled from newer upstream Linux kernel releases. This means
this is not a 4.18.0 kernel anymore: it includes several components which come
from newer upstream linux versions, while maintaining a well tested and stable
core. Some of the components/backports that may be pulled in are: changes like
updates to the core kernel (eg.: scheduler, cgroups, memory management, security
fixes and features), updates to block layer, supported filesystems, major driver
updates for supported hardware in Red Hat Enterprise Linux, enhancements for
enterprise customers, etc.

Changelog (Show File list) (Show related packages)

• Mon Jan 26 2026 EL Errata <el-errata_ww@oracle.com> [4.18.0-553.97.1.el8_10.OL8]

  - Update Oracle Linux certificates (Kevin Lyons)
  - Disable signing for aarch64 (Ilya Okomin)
  - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
  - Update x509.genkey [Orabug: 24817676]
  - Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.3
  - Remove upstream reference during boot (Kevin Lyons) [Orabug: 34750652]
  - Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985772]

• Tue Jan 20 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.97.1.el8_10]

  - ASoC: Intel: bytcr_rt5640: Fix invalid quirk input mapping (CKI Backport Bot) [RHEL-129107] {CVE-2025-40154}

• Sat Jan 17 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.96.1.el8_10]

  - Bluetooth: hci_event: call disconnect callback before deleting conn (CKI Backport Bot) [RHEL-137039] {CVE-2023-53673}
  - drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE (CKI Backport Bot) [RHEL-134423] {CVE-2025-40277}
  - xen: delay xen_hvm_init_time_ops() if kdump is boot on vcpu>=32 (John J Coleman) [RHEL-111354]
  - xen: Fix x86 sched_clock() interface for xen (John J Coleman) [RHEL-111354]
  - x86/xen/time: Output xen sched_clock time from 0 (John J Coleman) [RHEL-111354]

• Thu Jan 15 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.95.1.el8_10]

  - NFSv4: Check for delegation validity in nfs_start_delegation_return_locked() (Olga Kornievskaia) [RHEL-132819]
  - vsock: Ignore signal/timeout on connect() if already established (CKI Backport Bot) [RHEL-139273] {CVE-2025-40248}
  - scsi: lpfc: avoid crashing in lpfc_nlp_get() if lpfc_nodelist was freed (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Fix reusing an ndlp that is marked NLP_DROPPED during FLOGI (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Avoid potential ndlp use-after-free in dev_loss_tmo_callbk (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Prevent failure to reregister with NVMe transport after PRLI retry (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Fix lpfc_check_sli_ndlp() handling for GEN_REQUEST64 commands (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Handle duplicate D_IDs in ndlp search-by D_ID routine (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Ignore ndlp rport mismatch in dev_loss_tmo callbk (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Modify handling of ADISC based on ndlp state and RPI registration (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Delete NLP_TARGET_REMOVE flag due to obsolete usage (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Prevent NDLP reference count underflow in dev_loss_tmo callback (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Check devloss callbk done flag for potential stale NDLP ptrs (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Fix kref imbalance on fabric ndlps from dev_loss_tmo handler (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Update PRLO handling in direct attached topology (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Fix unsolicited FLOGI kref imbalance when in direct attached topology (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Fix handling of fully recovered fabric node in dev_loss callbk (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Add condition to delete ndlp object after sending BLS_RJT to an ABTS (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Remove NLP_RCV_PLOGI early return during RSCN processing for ndlps (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Allow lpfc_plogi_confirm_nport() logic to execute for Fabric nodes (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Fix list_entry null check warning in lpfc_cmpl_els_plogi() (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Fix possible file string name overflow when updating firmware (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Validate ELS LS_ACC completion payload (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Remove extra ndlp kref decrement in FLOGI cmpl for loop topology (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Revise NPIV ELS unsol rcv cmpl logic to drop ndlp based on nlp_state (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Fix double free in lpfc_cmpl_els_logo_acc() caused by lpfc_nlp_not_used() (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Move scsi_host_template outside dynamically allocated/freed phba (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Fill in missing ndlp kref puts in error paths (Ewan D. Milne) [RHEL-32324]
  - scsi: lpfc: Fix kasan slab-out-of-bounds error in lpfc_unreg_login (Ewan D. Milne) [RHEL-32324]

• Tue Jan 13 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.94.1.el8_10]

  - net: atlantic: fix fragment overflow handling in RX path (CKI Backport Bot) [RHEL-139482] {CVE-2025-68301}
  - smb: client: let recv_done verify data_offset, data_length and remaining_data_length (Paulo Alcantara) [RHEL-131387] {CVE-2025-39933}
  - smb: client: Fix use-after-free in cifs_fill_dirent (CKI Backport Bot) [RHEL-134369] {CVE-2025-38051}

• Thu Jan 08 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.93.1.el8_10]

  - mm: compaction: update the COMPACT[STALL|FAIL] events properly (Lucas Oakley) [RHEL-132449]
  - drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies (Mika Penttilä) [RHEL-125456] {CVE-2025-40096}
  - drm/i915: mark requests for GuC virtual engines to avoid use-after-free (CKI Backport Bot) [RHEL-124682] {CVE-2023-53552}

• Tue Jan 06 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.92.1.el8_10]

  - libceph: fix potential use-after-free in have_mon_and_osd_map() (CKI Backport Bot) [RHEL-137395] {CVE-2025-68285}
  - media: rc: fix races with imon_disconnect() (Kate Hsuan) [RHEL-124396] {CVE-2025-39993}
  - media: imon: fix a race condition in send_packet() (Kate Hsuan) [RHEL-124396]
  - media: imon: reorganize serialization (Kate Hsuan) [RHEL-124396]
  - media: imon: drop references only after device is no longer used (Kate Hsuan) [RHEL-124396]
  - media: rc: Add support for another iMON 0xffdc device (Kate Hsuan) [RHEL-124396]

• Tue Dec 23 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.91.1.el8_10]

  - gfs2: Do not cancel internal demote requests (Andreas Gruenbacher) [RHEL-135355]
  - gfs2: run_queue cleanup (Andreas Gruenbacher) [RHEL-135355]
  - gfs2: simplify finish_xmote (Andreas Gruenbacher) [RHEL-135355]
  - gfs2: Get rid of unnecessary test_and_set_bit (Andreas Gruenbacher) [RHEL-135355]
  - gfs2: Retries missing in gfs2_{rename,exchange} (Andreas Gruenbacher) [RHEL-135355]
  - gfs2: glock cancelation flag fix (Andreas Gruenbacher) [RHEL-135355]
  - gfs2: Minor do_xmote cancelation fix (Andreas Gruenbacher) [RHEL-135355]
  - sctp: avoid NULL dereference when chunk data buffer is missing (CKI Backport Bot) [RHEL-133999] {CVE-2025-40240}
  - redhat: introduce RELEASE_LOCALVERSION variable (Jan Stancek)
  - cifs: fix automount with passwords that contain commas (Paulo Alcantara) [RHEL-125963]
  - perf/x86/intel/ds: Fix the conversion from TSC to perf time (Anubhav Shelat) [RHEL-127171]
  - perf/x86/intel/pebs: Fix PEBS timestamps overwritten (Anubhav Shelat) [RHEL-127171]
  - ceph: fix client race condition where r_parent becomes stale before sending message (Alex Markuze) [RHEL-120226]
  - ceph: fix client race condition validating r_parent before applying state (Alex Markuze) [RHEL-120226]
  - blk-mq: setup queue ->tag_set before initializing hctx (Ming Lei) [RHEL-30744]
  - blk-mq: add helper for checking if one CPU is mapped to specified hctx (Ming Lei) [RHEL-30744]
  - blk-mq: don't schedule block kworker on isolated CPUs (Ming Lei) [RHEL-30744]
  - sched/isolation: add cpu_is_isolated() API (Ming Lei) [RHEL-30744]

• Sat Dec 13 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.90.1.el8_10]

  - NFSv4: xattr handlers should check for absent nfs filehandles (Scott Mayhew) [RHEL-129945]

• Sat Nov 29 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.89.1.el8_10]

  - mm: memcg: use READ_ONCE()/WRITE_ONCE() to access stock->cached (Radostin Stoyanov) [RHEL-122774]
  - mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required() (Radostin Stoyanov) [RHEL-122774] {CVE-2023-53401}
  - mm/memcg: revert ("mm/memcg: optimize user context object stock access") (Radostin Stoyanov) [RHEL-122774] {CVE-2023-53401}
  - gfs2: Add proper lockspace locking (Andreas Gruenbacher) [RHEL-88660]
  - gfs2: do_xmote cleanup (Andreas Gruenbacher) [RHEL-88660]