kernel-4.18.0-553.142.1.el8_10

* Thu Jul 09 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.142.1.el8_10]
- KVM: x86: Fix shadow paging use-after-free due to unexpected role (Paolo Bonzini) [RHEL-192411] {CVE-2026-53359}
- KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (Aidan Wallace) [RHEL-186618] {CVE-2026-46113}
- KVM: x86/mmu: pull call to drop_large_spte() into __link_shadow_page() (Paolo Bonzini) [RHEL-186618]
- KVM: x86/mmu: Always pass 0 for @quadrant when gptes are 8 bytes (Aidan Wallace) [RHEL-186618]
- KVM: x86/mmu: Derive shadow MMU page role from parent (Aidan Wallace) [RHEL-186618]
- KVM: x86/mmu: Stop passing "direct" to mmu_alloc_root() (Aidan Wallace) [RHEL-186618]
- KVM: x86/mmu: Use a bool for direct (Aidan Wallace) [RHEL-186618]
- netfilter: bridge: make ebt_snat ARP rewrite writable (CKI Backport Bot) [RHEL-182341]
- net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (CKI Backport Bot) [RHEL-182996] {CVE-2025-71066}
- iommu/vt-d: track SVA mm for kernel page table flush notification (Jerry Snitselaar) [RHEL-150534] {CVE-2025-71089}
- iommu/amd: track SVA mm for kernel page table flush notification (Jerry Snitselaar) [RHEL-150534] {CVE-2025-71089}
- x86/mm: flush IOMMU before freeing kernel page table pages (Jerry Snitselaar) [RHEL-150534] {CVE-2025-71089}
- iommu/sva: add kernel page table IOTLB flush notification (Jerry Snitselaar) [RHEL-150534] {CVE-2025-71089}
- iommu/vt-d: Fix incorrect cache invalidation for mm notification (Jerry Snitselaar) [RHEL-150534] {CVE-2025-71089}
- net: atm: fix crash due to unvalidated vcc pointer in sigd_send() (CKI Backport Bot) [RHEL-167045] {CVE-2026-31411}
Resolves: RHEL-150534, RHEL-167045, RHEL-182341, RHEL-182996, RHEL-186618, RHEL-192411

Signed-off-by: CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com>
This commit is contained in:
CKI KWF Bot 2026-07-09 07:57:06 +00:00
parent aab8709b40
commit 2d09a8a878
2 changed files with 22 additions and 5 deletions

View File

@ -49,10 +49,10 @@
# define buildid .local
%define specversion 4.18.0
%define pkgrelease 553.141.1.el8_10
%define pkgrelease 553.142.1.el8_10
# allow pkg_release to have configurable %%{?dist} tag
%define specrelease 553.141.1%{?dist}
%define specrelease 553.142.1%{?dist}
%define pkg_release %{specrelease}%{?buildid}
@ -2723,6 +2723,23 @@ fi
#
#
%changelog
* Thu Jul 09 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.142.1.el8_10]
- KVM: x86: Fix shadow paging use-after-free due to unexpected role (Paolo Bonzini) [RHEL-192411] {CVE-2026-53359}
- KVM: x86: Fix shadow paging use-after-free due to unexpected GFN (Aidan Wallace) [RHEL-186618] {CVE-2026-46113}
- KVM: x86/mmu: pull call to drop_large_spte() into __link_shadow_page() (Paolo Bonzini) [RHEL-186618]
- KVM: x86/mmu: Always pass 0 for @quadrant when gptes are 8 bytes (Aidan Wallace) [RHEL-186618]
- KVM: x86/mmu: Derive shadow MMU page role from parent (Aidan Wallace) [RHEL-186618]
- KVM: x86/mmu: Stop passing "direct" to mmu_alloc_root() (Aidan Wallace) [RHEL-186618]
- KVM: x86/mmu: Use a bool for direct (Aidan Wallace) [RHEL-186618]
- netfilter: bridge: make ebt_snat ARP rewrite writable (CKI Backport Bot) [RHEL-182341]
- net/sched: ets: Always remove class from active list before deleting in ets_qdisc_change (CKI Backport Bot) [RHEL-182996] {CVE-2025-71066}
- iommu/vt-d: track SVA mm for kernel page table flush notification (Jerry Snitselaar) [RHEL-150534] {CVE-2025-71089}
- iommu/amd: track SVA mm for kernel page table flush notification (Jerry Snitselaar) [RHEL-150534] {CVE-2025-71089}
- x86/mm: flush IOMMU before freeing kernel page table pages (Jerry Snitselaar) [RHEL-150534] {CVE-2025-71089}
- iommu/sva: add kernel page table IOTLB flush notification (Jerry Snitselaar) [RHEL-150534] {CVE-2025-71089}
- iommu/vt-d: Fix incorrect cache invalidation for mm notification (Jerry Snitselaar) [RHEL-150534] {CVE-2025-71089}
- net: atm: fix crash due to unvalidated vcc pointer in sigd_send() (CKI Backport Bot) [RHEL-167045] {CVE-2026-31411}
* Mon Jul 06 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [4.18.0-553.141.1.el8_10]
- fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath (CKI Backport Bot) [RHEL-189506] {CVE-2026-43112}

View File

@ -1,3 +1,3 @@
SHA512 (linux-4.18.0-553.141.1.el8_10.tar.xz) = 83f6361c48d11db1cd4f0455bf589935359d1822b7a3d420aa86b852829bd9e43d9161051c96269424aaa1e76bdf2273ff467d101e05175f46ba6ec79fe067a7
SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = 4127184e7f0514c4155082264c4860514376e41a2f785eff9a803f21c53c63df735d81144adbde73fb6ad61d72927cf34e7921c8a27fc30c634dbab6abc07e97
SHA512 (kernel-kabi-dw-4.18.0-553.tar.bz2) = 0ce37894e01e0baa13417384c4b65d6029549bb56b30d9ec59b44421eb700dff96ecfb19247572750f053552c48cc17f212fbc1b8bc3f7899e29452c580015dc
SHA512 (linux-4.18.0-553.142.1.el8_10.tar.xz) = 2abebaf7f3632b81d85c472fbcdbae573f0d315f22ca696e08d49ab44c3ef94ae152469c230baafa3ceaa6dba20a8707f03404d16e6f0dc906710f8faa5a92f1
SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = 8ca9a2d31327b8055d7f453d50b1add087d965d9710aa34435cdd7b269b353291bd88bcace761d425c810415020e16d4e0b2f6459eda244a2910d55cda105199
SHA512 (kernel-kabi-dw-4.18.0-553.tar.bz2) = b6be5b304d8443bc08f281987eb92dc3eafcf6e13de1a824eb4a6b24b48e4b7c8506462e32dd9acbffa5e7cbf8e51374fb4914751700b9a2fc6c5cc7f7734e74