From f2db184188cf9111f56fb1fd3e87ad4532199b7e Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <dvlasenk@redhat.com>
Date: Thu, 18 Sep 2025 23:10:01 +0200
Subject: [PATCH] kernel-rt-4.18.0-553.77.1.rt7.418.el8_10

* Thu Sep 18 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.77.1.rt7.418.el8_10]
- net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (CKI Backport Bot) [RHEL-109847] {CVE-2025-37797}
- net_sched: hfsc: Fix a UAF vulnerability in class handling (CKI Backport Bot) [RHEL-109847] {CVE-2025-37797}
- net: openvswitch: Fix the dead loop of MPLS parse (Aaron Conole) [RHEL-95609]
- sctp: linearize cloned gso packets in sctp_rcv (CKI Backport Bot) [RHEL-113329] {CVE-2025-38718}
- firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails (Charles Mirabile) [RHEL-109394] {CVE-2022-50087}
- nfsd: don't ignore the return code of svc_proc_register() (Olga Kornievskaia) [RHEL-111639] {CVE-2025-22026}
Resolves: RHEL-109394, RHEL-109847, RHEL-111639, RHEL-113329, RHEL-95609

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
---
 kernel.spec | 14 +++++++++++---
 sources     |  2 +-
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/kernel.spec b/kernel.spec
index f8ac5d1..48c2d1c 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -38,10 +38,10 @@
 # define buildid .local
 
 %define specversion 4.18.0
-%define pkgrelease 553.76.1.rt7.417.el8_10
+%define pkgrelease 553.77.1.rt7.418.el8_10
 
 # allow pkg_release to have configurable %%{?dist} tag
-%define specrelease 553.76.1.rt7.417%{?dist}
+%define specrelease 553.77.1.rt7.418%{?dist}
 
 %define pkg_release %{specrelease}%{?buildid}
 
@@ -148,7 +148,7 @@
 # The preempt RT patch level
 %global rttag .rt7
 # realtimeN
-%global rtbuild .417
+%global rtbuild .418
 %define with_doc 0
 %define with_headers 0
 %define with_cross_headers 0
@@ -2708,6 +2708,14 @@ fi
 #
 #
 %changelog
+* Thu Sep 18 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.77.1.rt7.418.el8_10]
+- net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (CKI Backport Bot) [RHEL-109847] {CVE-2025-37797}
+- net_sched: hfsc: Fix a UAF vulnerability in class handling (CKI Backport Bot) [RHEL-109847] {CVE-2025-37797}
+- net: openvswitch: Fix the dead loop of MPLS parse (Aaron Conole) [RHEL-95609]
+- sctp: linearize cloned gso packets in sctp_rcv (CKI Backport Bot) [RHEL-113329] {CVE-2025-38718}
+- firmware: arm_scpi: Ensure scpi_info is not assigned if the probe fails (Charles Mirabile) [RHEL-109394] {CVE-2022-50087}
+- nfsd: don't ignore the return code of svc_proc_register() (Olga Kornievskaia) [RHEL-111639] {CVE-2025-22026}
+
 * Mon Sep 15 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.76.1.rt7.417.el8_10]
 - HID: core: Harden s32ton() against conversion to 0 bits (CKI Backport Bot) [RHEL-111027] {CVE-2025-38556}
 - HID: stop exporting hid_snto32() (CKI Backport Bot) [RHEL-111027] {CVE-2025-38556}
diff --git a/sources b/sources
index 102ee56..50cc5ce 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (linux-4.18.0-553.76.1.rt7.417.el8_10.tar.xz) = 9a7cb0f72cda88d112e619de19a8132b2cb154bbf3c35b5e51b0028e6b0816bb86f75aaa8376bcf1700cd110a2003f88dfb411e77812001a9f76ab406a3a98a8
+SHA512 (linux-4.18.0-553.77.1.rt7.418.el8_10.tar.xz) = 31decb6eb009c427c09c3293fcc6be191e69575be35ac6382443f13f598cbf7ba786a0ba512ee90cfcf80d3c8e1ed1b389b170e632794cc3fc72efa94f1a64ef