From 6f2357c87ba0f89287eb3db28cb139ab38d12ef6 Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <dvlasenk@redhat.com>
Date: Wed, 4 Sep 2024 17:34:07 +0200
Subject: [PATCH] kernel-rt-4.18.0-553.21.1.rt7.362.el8_10
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* Wed Sep 04 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.21.1.rt7.362.el8_10]
- [rt] build kernel-rt-4.18.0-553.21.1.rt7.362.el8_10 [RHEL-53529]
- s390/dasd: fix error recovery leading to data corruption on ESE devices (Mete Durlu) [RHEL-55874]
- protect the fetch of ->fd[fd] in do_dup2() from mispredictions (CKI Backport Bot) [RHEL-55123] {CVE-2024-42265}
- net: openvswitch: fix overwriting ct original tuple for ICMPv6 (cki-backport-bot) [RHEL-44207] {CVE-2024-38558}
- mlxsw: thermal: Fix out-of-bounds memory accesses (CKI Backport Bot) [RHEL-38375] {CVE-2021-47441}
- USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (CKI Backport Bot) [RHEL-47552] {CVE-2024-40904}
- ipvs: properly dereference pe in ip_vs_add_service (Phil Sutter) [RHEL-54903] {CVE-2024-42322}
- net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket (CKI Backport Bot) [RHEL-53702] {CVE-2024-42246}
- drm/amdgpu: change vm->task_info handling (Michel Dänzer) [RHEL-49379] {CVE-2024-41008}
- drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() (Michel Dänzer) [RHEL-45036] {CVE-2024-39471}
- drm/amdgpu: add error handle to avoid out-of-bounds (Michel Dänzer) [RHEL-45036] {CVE-2024-39471}
- drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (Michel Dänzer) [RHEL-52845] {CVE-2024-42228}
Resolves: RHEL-53529, RHEL-38376, RHEL-53705, RHEL-44208, RHEL-52849, RHEL-54906, RHEL-45037, RHEL-49380, RHEL-47553

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
---
 kernel.spec | 20 +++++++++++++++++---
 sources     |  2 +-
 2 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/kernel.spec b/kernel.spec
index 9878984..1d2e85c 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -38,10 +38,10 @@
 # define buildid .local
 
 %define specversion 4.18.0
-%define pkgrelease 553.20.1.rt7.361.el8_10
+%define pkgrelease 553.21.1.rt7.362.el8_10
 
 # allow pkg_release to have configurable %%{?dist} tag
-%define specrelease 553.20.1.rt7.361%{?dist}
+%define specrelease 553.21.1.rt7.362%{?dist}
 
 %define pkg_release %{specrelease}%{?buildid}
 
@@ -148,7 +148,7 @@
 # The preempt RT patch level
 %global rttag .rt7
 # realtimeN
-%global rtbuild .361
+%global rtbuild .362
 %define with_doc 0
 %define with_headers 0
 %define with_cross_headers 0
@@ -2699,6 +2699,20 @@ fi
 #
 #
 %changelog
+* Wed Sep 04 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.21.1.rt7.362.el8_10]
+- [rt] build kernel-rt-4.18.0-553.21.1.rt7.362.el8_10 [RHEL-53529]
+- s390/dasd: fix error recovery leading to data corruption on ESE devices (Mete Durlu) [RHEL-55874]
+- protect the fetch of ->fd[fd] in do_dup2() from mispredictions (CKI Backport Bot) [RHEL-55123] {CVE-2024-42265}
+- net: openvswitch: fix overwriting ct original tuple for ICMPv6 (cki-backport-bot) [RHEL-44207] {CVE-2024-38558}
+- mlxsw: thermal: Fix out-of-bounds memory accesses (CKI Backport Bot) [RHEL-38375] {CVE-2021-47441}
+- USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (CKI Backport Bot) [RHEL-47552] {CVE-2024-40904}
+- ipvs: properly dereference pe in ip_vs_add_service (Phil Sutter) [RHEL-54903] {CVE-2024-42322}
+- net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket (CKI Backport Bot) [RHEL-53702] {CVE-2024-42246}
+- drm/amdgpu: change vm->task_info handling (Michel Dänzer) [RHEL-49379] {CVE-2024-41008}
+- drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() (Michel Dänzer) [RHEL-45036] {CVE-2024-39471}
+- drm/amdgpu: add error handle to avoid out-of-bounds (Michel Dänzer) [RHEL-45036] {CVE-2024-39471}
+- drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (Michel Dänzer) [RHEL-52845] {CVE-2024-42228}
+
 * Thu Aug 29 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.20.1.rt7.361.el8_10]
 - [rt] build kernel-rt-4.18.0-553.20.1.rt7.361.el8_10 [RHEL-53529]
 - KVM: arm64: Disassociate vcpus from redistributor region on teardown (Shaoqin Huang) [RHEL-48417] {CVE-2024-40989}
diff --git a/sources b/sources
index 18cebd1..a05b6cc 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (linux-4.18.0-553.20.1.rt7.361.el8_10.tar.xz) = c68205a50f2d487e79f6b47e40d1ab617ff747e37a4b7f5753c5cdc950bb674e2dee4816e8c2990e78541a46bab84ad3a0101c1f177422ec6034f73ec4f329df
+SHA512 (linux-4.18.0-553.21.1.rt7.362.el8_10.tar.xz) = 61f154b92522c487262a8387e0ff361651a9dd6af99b7a35ce61a7e802b7f562b8c3075aa93117370ef2312b0f288abe097a5d654765e3b798d44bd729768e6e