From e5f5217f5d958167a24d59d6bb879d286073b51b Mon Sep 17 00:00:00 2001 From: CKI KWF Bot Date: Fri, 12 Jun 2026 22:21:40 +0000 Subject: [PATCH] kernel-rt-4.18.0-553.134.1.rt7.475.el8_10 * Fri Jun 12 2026 CKI KWF Bot [4.18.0-553.134.1.rt7.475.el8_10] - wifi: mac80211: remove station if connection prep fails (Jose Ignacio Tornos Martinez) [RHEL-180120] {CVE-2026-46125} - wifi: mac80211: drop stray 'static' from fast-RX rx_result (CKI Backport Bot) [RHEL-180058] {CVE-2026-46152} - Bluetooth: hci_event: fix potential UAF in SSP passkey handlers (CKI Backport Bot) [RHEL-179360] {CVE-2026-46056} - netfilter: flowtable: strictly check for maximum number of actions (Florian Westphal) [RHEL-176909] {CVE-2026-43329} - netfilter: nf_tables_offload: add nft_flow_action_entry_next() and use it (Florian Westphal) [RHEL-176909] {CVE-2026-43329} - mptcp: fix slab-use-after-free in __inet_lookup_established (Davide Caratti) [RHEL-171500] {CVE-2026-31669} - xen/privcmd: fix double free via VMA splitting (Vitaly Kuznetsov) [RHEL-172482] {CVE-2026-31787} - wifi: brcmfmac: validate bsscfg indices in IF events (CKI Backport Bot) [RHEL-173853] {CVE-2026-43110} Resolves: RHEL-171500, RHEL-172482, RHEL-173853, RHEL-176909, RHEL-179360, RHEL-180058, RHEL-180120 Signed-off-by: CKI KWF Bot --- kernel.spec | 16 +++++++++++++--- sources | 2 +- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/kernel.spec b/kernel.spec index 522b789..f6cedd7 100644 --- a/kernel.spec +++ b/kernel.spec @@ -38,10 +38,10 @@ # define buildid .local %define specversion 4.18.0 -%define pkgrelease 553.133.1.rt7.474.el8_10 +%define pkgrelease 553.134.1.rt7.475.el8_10 # allow pkg_release to have configurable %%{?dist} tag -%define specrelease 553.133.1.rt7.474%{?dist} +%define specrelease 553.134.1.rt7.475%{?dist} %define pkg_release %{specrelease}%{?buildid} @@ -148,7 +148,7 @@ # The preempt RT patch level %global rttag .rt7 # realtimeN -%global rtbuild .474 +%global rtbuild .475 %define with_doc 0 %define with_headers 0 %define with_cross_headers 0 @@ -2710,6 +2710,16 @@ fi # # %changelog +* Fri Jun 12 2026 CKI KWF Bot [4.18.0-553.134.1.rt7.475.el8_10] +- wifi: mac80211: remove station if connection prep fails (Jose Ignacio Tornos Martinez) [RHEL-180120] {CVE-2026-46125} +- wifi: mac80211: drop stray 'static' from fast-RX rx_result (CKI Backport Bot) [RHEL-180058] {CVE-2026-46152} +- Bluetooth: hci_event: fix potential UAF in SSP passkey handlers (CKI Backport Bot) [RHEL-179360] {CVE-2026-46056} +- netfilter: flowtable: strictly check for maximum number of actions (Florian Westphal) [RHEL-176909] {CVE-2026-43329} +- netfilter: nf_tables_offload: add nft_flow_action_entry_next() and use it (Florian Westphal) [RHEL-176909] {CVE-2026-43329} +- mptcp: fix slab-use-after-free in __inet_lookup_established (Davide Caratti) [RHEL-171500] {CVE-2026-31669} +- xen/privcmd: fix double free via VMA splitting (Vitaly Kuznetsov) [RHEL-172482] {CVE-2026-31787} +- wifi: brcmfmac: validate bsscfg indices in IF events (CKI Backport Bot) [RHEL-173853] {CVE-2026-43110} + * Wed Jun 10 2026 CKI KWF Bot [4.18.0-553.133.1.rt7.474.el8_10] - Buffer overflow in drivers/xen/sys-hypervisor.c (CKI Backport Bot) [RHEL-172504] {CVE-2026-31786} diff --git a/sources b/sources index 0f87e29..73a954b 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (linux-4.18.0-553.133.1.rt7.474.el8_10.tar.xz) = bc6ca869434289cd91d2c8cf60f0b2694ca5379e374a3ae95a864fb04ef53767d271d4b6262f4c3c137b3d1225a4feed3c1d6b5f7c9ea7dcc33e1b72718f9fc4 +SHA512 (linux-4.18.0-553.134.1.rt7.475.el8_10.tar.xz) = 052d6ce3168e20627f4cb926d8a6b5f540fcf6e2aae1d45f73b6be5a58ee64ac31a99f33ab239cd2feb35bf8d4b122941c2e38025e8921ecf63bfb29aabc0497