From 084a853110ad4f36c592d7e7e462b3a0b9322500 Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <dvlasenk@redhat.com>
Date: Mon, 4 Aug 2025 13:34:42 +0200
Subject: [PATCH] kernel-rt-4.18.0-553.68.1.rt7.409.el8_10

* Mon Aug 04 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.68.1.rt7.409.el8_10]
- ipv6: mcast: extend RCU protection in igmp6_send() (Hangbin Liu) [RHEL-102392] {CVE-2025-21759}
- md/md-bitmap: move bitmap_{start, end}write to md upper layer (Nigel Croxon) [RHEL-57991]
- md/raid5: implement pers->bitmap_sector() (Nigel Croxon) [RHEL-57991]
- md: add a new callback pers->bitmap_sector() (Nigel Croxon) [RHEL-57991]
- md/md-bitmap: remove the last parameter for bimtap_ops->endwrite() (Nigel Croxon) [RHEL-57991]
- md/md-bitmap: factor behind write counters out from bitmap_{start/end}write() (Nigel Croxon) [RHEL-57991]
- md/raid5: recheck if reshape has finished with device_lock held (Nigel Croxon) [RHEL-57991]
- md/md-linear: enable io accounting (Nigel Croxon) [RHEL-59928]
- md/md-multipath: enable io accounting (Nigel Croxon) [RHEL-59928]
- md/raid10: switch to use md_account_bio() for io accounting (Nigel Croxon) [RHEL-59928]
- md/raid1: switch to use md_account_bio() for io accounting (Nigel Croxon) [RHEL-59928]
- raid5: fix missing io accounting in raid5_align_endio() (Nigel Croxon) [RHEL-59928]
- md: also clone new io if io accounting is disabled (Nigel Croxon) [RHEL-59928]
- sch_cbq: make cbq_qlen_notify() idempotent (Ivan Vecera) [RHEL-93376]
- net/sched: Always pass notifications when child class becomes empty (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_htb: make htb_deactivate() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_qfq: make qfq_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_drr: make drr_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_htb: make htb_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- can: peak_usb: fix use after free bugs (CKI Backport Bot) [RHEL-99447] {CVE-2021-47670}
- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (CKI Backport Bot) [RHEL-103141] {CVE-2025-38159}
- net/ipv6: release expired exception dst cached in socket (Guillaume Nault) [RHEL-105794] {CVE-2024-56644}
Resolves: RHEL-102392, RHEL-103141, RHEL-105794, RHEL-57991, RHEL-59928, RHEL-93376, RHEL-99447

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
---
 kernel.spec | 31 ++++++++++++++++++++++++++++---
 sources     |  2 +-
 2 files changed, 29 insertions(+), 4 deletions(-)

diff --git a/kernel.spec b/kernel.spec
index f3fdac0..9f573d2 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -38,10 +38,10 @@
 # define buildid .local
 
 %define specversion 4.18.0
-%define pkgrelease 553.67.1.rt7.408.el8_10
+%define pkgrelease 553.68.1.rt7.409.el8_10
 
 # allow pkg_release to have configurable %%{?dist} tag
-%define specrelease 553.67.1.rt7.408%{?dist}
+%define specrelease 553.68.1.rt7.409%{?dist}
 
 %define pkg_release %{specrelease}%{?buildid}
 
@@ -148,7 +148,7 @@
 # The preempt RT patch level
 %global rttag .rt7
 # realtimeN
-%global rtbuild .408
+%global rtbuild .409
 %define with_doc 0
 %define with_headers 0
 %define with_cross_headers 0
@@ -2708,6 +2708,31 @@ fi
 #
 #
 %changelog
+* Mon Aug 04 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.68.1.rt7.409.el8_10]
+- ipv6: mcast: extend RCU protection in igmp6_send() (Hangbin Liu) [RHEL-102392] {CVE-2025-21759}
+- md/md-bitmap: move bitmap_{start, end}write to md upper layer (Nigel Croxon) [RHEL-57991]
+- md/raid5: implement pers->bitmap_sector() (Nigel Croxon) [RHEL-57991]
+- md: add a new callback pers->bitmap_sector() (Nigel Croxon) [RHEL-57991]
+- md/md-bitmap: remove the last parameter for bimtap_ops->endwrite() (Nigel Croxon) [RHEL-57991]
+- md/md-bitmap: factor behind write counters out from bitmap_{start/end}write() (Nigel Croxon) [RHEL-57991]
+- md/raid5: recheck if reshape has finished with device_lock held (Nigel Croxon) [RHEL-57991]
+- md/md-linear: enable io accounting (Nigel Croxon) [RHEL-59928]
+- md/md-multipath: enable io accounting (Nigel Croxon) [RHEL-59928]
+- md/raid10: switch to use md_account_bio() for io accounting (Nigel Croxon) [RHEL-59928]
+- md/raid1: switch to use md_account_bio() for io accounting (Nigel Croxon) [RHEL-59928]
+- raid5: fix missing io accounting in raid5_align_endio() (Nigel Croxon) [RHEL-59928]
+- md: also clone new io if io accounting is disabled (Nigel Croxon) [RHEL-59928]
+- sch_cbq: make cbq_qlen_notify() idempotent (Ivan Vecera) [RHEL-93376]
+- net/sched: Always pass notifications when child class becomes empty (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
+- sch_htb: make htb_deactivate() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
+- codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
+- sch_qfq: make qfq_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
+- sch_drr: make drr_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
+- sch_htb: make htb_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
+- can: peak_usb: fix use after free bugs (CKI Backport Bot) [RHEL-99447] {CVE-2021-47670}
+- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (CKI Backport Bot) [RHEL-103141] {CVE-2025-38159}
+- net/ipv6: release expired exception dst cached in socket (Guillaume Nault) [RHEL-105794] {CVE-2024-56644}
+
 * Thu Jul 31 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.67.1.rt7.408.el8_10]
 - redhat: deprecate RTBZ (Alexandra Hájková)
 - mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (Rafael Aquini) [RHEL-101233] {CVE-2025-38085}
diff --git a/sources b/sources
index 306c5ad..261e648 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (linux-4.18.0-553.67.1.rt7.408.el8_10.tar.xz) = 86418132890748dc3723725fbcd4640d33430a44fdf5bfe2dd0ca9f9c981729d9e94f824996c6af73bbcdeac6105aaa19daacd80d50539b146e5284013b45be2
+SHA512 (linux-4.18.0-553.68.1.rt7.409.el8_10.tar.xz) = 4743f57107f0fe6a5aa5227890d0f538d8701c01445a19c0974bd73dbebb02f5c5de953574909bcc06cd2570a12a52bb0658eb8b307628430efe028f8a382b1d