import OSE kernel-5.14.0-570.32.1.el9_6

2025-08-06 13:04:56 +00:00 · 2025-08-06 13:04:56 +00:00 · 2fd663d3b0
commit 2fd663d3b0
parent a4ed8b9ac8
5 changed files with 61 additions and 15 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,9 +1,7 @@
-SOURCES/kernel-abi-stablelists-5.14.0-570.30.1.el9_6.tar.bz2
-SOURCES/kernel-kabi-dw-5.14.0-570.30.1.el9_6.tar.bz2
-SOURCES/linux-5.14.0-570.30.1.el9_6.tar.xz
+SOURCES/kernel-abi-stablelists-5.14.0-570.32.1.el9_6.tar.bz2
+SOURCES/kernel-kabi-dw-5.14.0-570.32.1.el9_6.tar.bz2
+SOURCES/linux-5.14.0-570.32.1.el9_6.tar.xz
 SOURCES/nvidiagpuoot001.x509
-SOURCES/olima1.x509
-SOURCES/olimaca1.x509
 SOURCES/rheldup3.x509
 SOURCES/rhelima.x509
 SOURCES/rhelima_centos.x509
--- a/.kernel.metadata
+++ b/.kernel.metadata
@ -1,9 +1,7 @@
-bd055e645afd241ba1d20dc1b3616f71fef342ed SOURCES/kernel-abi-stablelists-5.14.0-570.30.1.el9_6.tar.bz2
-b36f8123a1f4f332d799bf62a97fce7a2c35531c SOURCES/kernel-kabi-dw-5.14.0-570.30.1.el9_6.tar.bz2
-406a2a0cc1ced265faffecf9cc33fff45c0f2e43 SOURCES/linux-5.14.0-570.30.1.el9_6.tar.xz
+7998fa30415656d00a05bae0f3044fcfd550d81d SOURCES/kernel-abi-stablelists-5.14.0-570.32.1.el9_6.tar.bz2
+2a916ddd87e94cec130b092d8c508c7af2b96b07 SOURCES/kernel-kabi-dw-5.14.0-570.32.1.el9_6.tar.bz2
+29cdf4fe7164805e5e70f264a689f9ff428b7c3f SOURCES/linux-5.14.0-570.32.1.el9_6.tar.xz
 4fff8080e88afffc06d8ef5004db8d53bb21237f SOURCES/nvidiagpuoot001.x509
-706ae01dd14efa38f0f565a3706acac19c78df02 SOURCES/olima1.x509
-6e3f0d61414c0b50f48dc2d4c3b3cd024e1c3a43 SOURCES/olimaca1.x509
 95b9b811c7b0a6c98b2eafc4e7d6d24f2cb63289 SOURCES/rheldup3.x509
 99e571f9de4188f3b5fdf1f84ff73f6cc4bb6a0e SOURCES/rhelima.x509
 61d5a223ff0c79189505abae77e0087c4b2d2b47 SOURCES/rhelima_centos.x509
--- a/SOURCES/Makefile.rhelver
+++ b/SOURCES/Makefile.rhelver
@ -12,7 +12,7 @@ RHEL_MINOR = 6
 #
 # Use this spot to avoid future merge conflicts.
 # Do not trim this comment.
-RHEL_RELEASE = 570.30.1
+RHEL_RELEASE = 570.32.1

 #
 # ZSTREAM
--- a/SOURCES/kernel.changelog
+++ b/SOURCES/kernel.changelog
@ -1,3 +1,29 @@
+* Mon Jul 28 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-570.32.1.el9_6]
+- net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (Davide Caratti) [RHEL-97522] {CVE-2025-38001 CVE-2025-37890}
+- sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (Davide Caratti) [RHEL-97522] {CVE-2025-38000}
+- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (Davide Caratti) [RHEL-97522] {CVE-2025-37890}
+- sch_hfsc: make hfsc_qlen_notify() idempotent (Ivan Vecera) [RHEL-97522]
+- HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (CKI Backport Bot) [RHEL-98847] {CVE-2025-21928}
+- HID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove() (CKI Backport Bot) [RHEL-98871] {CVE-2025-21929}
+Resolves: RHEL-97522, RHEL-98847, RHEL-98871
+
+* Sat Jul 26 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-570.31.1.el9_6]
+- Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() (David Marlin) [RHEL-95324] {CVE-2025-37918}
+- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (Desnes Nunes) [RHEL-99029] {CVE-2025-22020}
+- misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() (John W. Linville) [RHEL-97499] {CVE-2022-49788}
+- net: tipc: fix refcount warning in tipc_aead_encrypt (Xin Long) [RHEL-103087]
+- net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done (CKI Backport Bot) [RHEL-103087] {CVE-2025-38052}
+- md/raid1: Add check for missing source disk in process_checks() (CKI Backport Bot) [RHEL-97439]
+- net/sched: fix use-after-free in taprio_dev_notifier (CKI Backport Bot) [RHEL-101317] {CVE-2025-38087}
+- padata: avoid UAF for reorder_work (Rafael Aquini) [RHEL-97031] {CVE-2025-21727 CVE-2025-21726}
+- padata: fix UAF in padata_reorder (Rafael Aquini) [RHEL-97031] {CVE-2025-21727}
+- padata: add pd get/put refcnt helper (Rafael Aquini) [RHEL-97031] {CVE-2025-21727}
+- padata: fix sysfs store callback check (Rafael Aquini) [RHEL-97031] {CVE-2025-21727}
+- padata: Clean up in padata_do_multithreaded() (Rafael Aquini) [RHEL-97031] {CVE-2025-21727}
+- platform/x86: dell_rbu: Fix list usage (David Arcari) [RHEL-100908]
+- cifs: Fix integer overflow while processing closetimeo mount option (CKI Backport Bot) [RHEL-87900] {CVE-2025-21962}
+Resolves: RHEL-100908, RHEL-101317, RHEL-103087, RHEL-87900, RHEL-95324, RHEL-97031, RHEL-97439, RHEL-97499, RHEL-99029
+
 * Thu Jul 24 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-570.30.1.el9_6]
 - net_sched: hfsc: Fix a UAF vulnerability in class handling (Davide Caratti) [RHEL-95853] {CVE-2025-37797}
 Resolves: RHEL-95853
--- a/SPECS/kernel.spec
+++ b/SPECS/kernel.spec
@ -165,15 +165,15 @@ Summary: The Linux kernel
 # define buildid .local
 %define specversion 5.14.0
 %define patchversion 5.14
-%define pkgrelease 570.30.1
+%define pkgrelease 570.32.1
 %define kversion 5
-%define tarfile_release 5.14.0-570.30.1.el9_6
+%define tarfile_release 5.14.0-570.32.1.el9_6
 # This is needed to do merge window version magic
 %define patchlevel 14
 # This allows pkg_release to have configurable %%{?dist} tag
-%define specrelease 570.30.1%{?buildid}%{?dist}
+%define specrelease 570.32.1%{?buildid}%{?dist}
 # This defines the kabi tarball version
-%define kabiversion 5.14.0-570.30.1.el9_6
+%define kabiversion 5.14.0-570.32.1.el9_6

 #
 # End of genspec.sh variables
@ -3784,6 +3784,30 @@ fi
 #
 #
 %changelog
+* Mon Jul 28 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-570.32.1.el9_6]
+- net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (Davide Caratti) [RHEL-97522] {CVE-2025-38001 CVE-2025-37890}
+- sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (Davide Caratti) [RHEL-97522] {CVE-2025-38000}
+- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (Davide Caratti) [RHEL-97522] {CVE-2025-37890}
+- sch_hfsc: make hfsc_qlen_notify() idempotent (Ivan Vecera) [RHEL-97522]
+- HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (CKI Backport Bot) [RHEL-98847] {CVE-2025-21928}
+- HID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove() (CKI Backport Bot) [RHEL-98871] {CVE-2025-21929}
+
+* Sat Jul 26 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-570.31.1.el9_6]
+- Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue() (David Marlin) [RHEL-95324] {CVE-2025-37918}
+- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (Desnes Nunes) [RHEL-99029] {CVE-2025-22020}
+- misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() (John W. Linville) [RHEL-97499] {CVE-2022-49788}
+- net: tipc: fix refcount warning in tipc_aead_encrypt (Xin Long) [RHEL-103087]
+- net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done (CKI Backport Bot) [RHEL-103087] {CVE-2025-38052}
+- md/raid1: Add check for missing source disk in process_checks() (CKI Backport Bot) [RHEL-97439]
+- net/sched: fix use-after-free in taprio_dev_notifier (CKI Backport Bot) [RHEL-101317] {CVE-2025-38087}
+- padata: avoid UAF for reorder_work (Rafael Aquini) [RHEL-97031] {CVE-2025-21727 CVE-2025-21726}
+- padata: fix UAF in padata_reorder (Rafael Aquini) [RHEL-97031] {CVE-2025-21727}
+- padata: add pd get/put refcnt helper (Rafael Aquini) [RHEL-97031] {CVE-2025-21727}
+- padata: fix sysfs store callback check (Rafael Aquini) [RHEL-97031] {CVE-2025-21727}
+- padata: Clean up in padata_do_multithreaded() (Rafael Aquini) [RHEL-97031] {CVE-2025-21727}
+- platform/x86: dell_rbu: Fix list usage (David Arcari) [RHEL-100908]
+- cifs: Fix integer overflow while processing closetimeo mount option (CKI Backport Bot) [RHEL-87900] {CVE-2025-21962}
+
 * Thu Jul 24 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-570.30.1.el9_6]
 - net_sched: hfsc: Fix a UAF vulnerability in class handling (Davide Caratti) [RHEL-95853] {CVE-2025-37797}