From 5110882113efc7f651e38df13cdcdcf14eec7030 Mon Sep 17 00:00:00 2001
From: CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com>
Date: Mon, 4 May 2026 08:28:37 +0000
Subject: [PATCH] kernel-5.14.0-701.el9

* Mon May 04 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-701.el9]
- crypto: algif_aead - snapshot IV for async AEAD requests (Herbert Xu) [RHEL-172207]
- crypto: algif_aead - Fix minimum RX size check for decryption (Herbert Xu) [RHEL-172207]
- crypto: authencesn - reject short ahash digests during instance creation (Herbert Xu) [RHEL-172207]
- crypto: authencesn - Fix src offset when decrypting in-place (Herbert Xu) [RHEL-172207]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Herbert Xu) [RHEL-172207] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Herbert Xu) [RHEL-172207] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Herbert Xu) [RHEL-172207]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Herbert Xu) [RHEL-172207] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Herbert Xu) [RHEL-172207] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Herbert Xu) [RHEL-172207]
- usbip: validate number_of_packets in usbip_pack_ret_submit() (CKI Backport Bot) [RHEL-171433] {CVE-2026-31607}
- Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (CKI Backport Bot) [RHEL-171326] {CVE-2026-31408}
- redhat/configs: enable CONFIG_SCLP_OFB for s390x (Jan Polensky) [RHEL-169810]
- scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (Vitaly Kuznetsov) [RHEL-159283]
- s390/mm: Add missing secure storage access fixups for donated memory (Mete Durlu) [RHEL-168793]
- Revert "mm: pcp: increase pcp->free_count threshold to trigger free_high" (Luiz Capitulino) [RHEL-144961]
- audit: merge loops in __audit_inode_child() (Ricardo Robaina) [RHEL-145408]
- audit: Use kzalloc() instead of kmalloc()/memset() in audit_krule_to_data() (Ricardo Robaina) [RHEL-145408]
- audit: fix comment misindentation in audit.h (Ricardo Robaina) [RHEL-145408]
- audit: add a missing tab (Ricardo Robaina) [RHEL-145408]
- audit: fix typo in auditfilter.c comment (Ricardo Robaina) [RHEL-145408]
- audit: Replace deprecated strcpy() with strscpy() (Ricardo Robaina) [RHEL-145408]
- audit: fix indentation in audit_log_exit() (Ricardo Robaina) [RHEL-145408]
- audit: mark audit_log_vformat() with __printf() attribute (Ricardo Robaina) [RHEL-145408]
- auditsc: replace memcpy() with strscpy() (Ricardo Robaina) [RHEL-145408]
- audit: use fsnotify group lock helpers (Ricardo Robaina) [RHEL-145408]
- x86/kaslr: Recognize all ZONE_DEVICE users as physaddr consumers (Ricardo Robaina) [RHEL-144439]
- kaslr: rename physmem_end and PHYSMEM_END to direct_map_physmem_end (Ricardo Robaina) [RHEL-144439]
- arm64: Expose the end of the linear map in PHYSMEM_END (Ricardo Robaina) [RHEL-144439]
Resolves: RHEL-144439, RHEL-144961, RHEL-145408, RHEL-159283, RHEL-168793, RHEL-169810, RHEL-171326, RHEL-171433, RHEL-172207

Signed-off-by: CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com>
---
 Makefile.rhelver                  |  2 +-
 kernel-s390x-debug-rhel.config    |  2 +-
 kernel-s390x-rhel.config          |  2 +-
 kernel-s390x-zfcpdump-rhel.config |  2 +-
 kernel.changelog                  | 32 +++++++++++++++++++++++++
 kernel.spec                       | 39 +++++++++++++++++++++++++++----
 sources                           |  6 ++---
 7 files changed, 74 insertions(+), 11 deletions(-)

diff --git a/Makefile.rhelver b/Makefile.rhelver
index 28c518cee..e24661b3b 100644
--- a/Makefile.rhelver
+++ b/Makefile.rhelver
@@ -12,7 +12,7 @@ RHEL_MINOR = 9
 #
 # Use this spot to avoid future merge conflicts.
 # Do not trim this comment.
-RHEL_RELEASE = 700
+RHEL_RELEASE = 701
 
 #
 # ZSTREAM
diff --git a/kernel-s390x-debug-rhel.config b/kernel-s390x-debug-rhel.config
index d2bc4d8a2..8e4c77632 100644
--- a/kernel-s390x-debug-rhel.config
+++ b/kernel-s390x-debug-rhel.config
@@ -4750,7 +4750,7 @@ CONFIG_SCHEDSTATS=y
 CONFIG_SCHED_TOPOLOGY=y
 CONFIG_SCHED_TRACER=y
 CONFIG_SCLP_CONSOLE=y
-# CONFIG_SCLP_OFB is not set
+CONFIG_SCLP_OFB=y
 CONFIG_SCLP_TTY=y
 CONFIG_SCLP_VT220_CONSOLE=y
 CONFIG_SCLP_VT220_TTY=y
diff --git a/kernel-s390x-rhel.config b/kernel-s390x-rhel.config
index e18f2dbea..af4fa64b8 100644
--- a/kernel-s390x-rhel.config
+++ b/kernel-s390x-rhel.config
@@ -4729,7 +4729,7 @@ CONFIG_SCHEDSTATS=y
 CONFIG_SCHED_TOPOLOGY=y
 CONFIG_SCHED_TRACER=y
 CONFIG_SCLP_CONSOLE=y
-# CONFIG_SCLP_OFB is not set
+CONFIG_SCLP_OFB=y
 CONFIG_SCLP_TTY=y
 CONFIG_SCLP_VT220_CONSOLE=y
 CONFIG_SCLP_VT220_TTY=y
diff --git a/kernel-s390x-zfcpdump-rhel.config b/kernel-s390x-zfcpdump-rhel.config
index 356cf9046..605b77cba 100644
--- a/kernel-s390x-zfcpdump-rhel.config
+++ b/kernel-s390x-zfcpdump-rhel.config
@@ -4747,7 +4747,7 @@ CONFIG_SCHED_STACK_END_CHECK=y
 CONFIG_SCHED_TOPOLOGY=y
 CONFIG_SCHED_TRACER=y
 CONFIG_SCLP_CONSOLE=y
-# CONFIG_SCLP_OFB is not set
+CONFIG_SCLP_OFB=y
 CONFIG_SCLP_TTY=y
 CONFIG_SCLP_VT220_CONSOLE=y
 CONFIG_SCLP_VT220_TTY=y
diff --git a/kernel.changelog b/kernel.changelog
index aba8ef80d..796f8f353 100644
--- a/kernel.changelog
+++ b/kernel.changelog
@@ -1,3 +1,35 @@
+* Mon May 04 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-701.el9]
+- crypto: algif_aead - snapshot IV for async AEAD requests (Herbert Xu) [RHEL-172207]
+- crypto: algif_aead - Fix minimum RX size check for decryption (Herbert Xu) [RHEL-172207]
+- crypto: authencesn - reject short ahash digests during instance creation (Herbert Xu) [RHEL-172207]
+- crypto: authencesn - Fix src offset when decrypting in-place (Herbert Xu) [RHEL-172207]
+- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Herbert Xu) [RHEL-172207] {CVE-2026-31431}
+- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Herbert Xu) [RHEL-172207] {CVE-2026-23060}
+- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Herbert Xu) [RHEL-172207]
+- crypto: af_alg - limit RX SG extraction by receive buffer budget (Herbert Xu) [RHEL-172207] {CVE-2026-31677}
+- crypto: algif_aead - Revert to operating out-of-place (Herbert Xu) [RHEL-172207] {CVE-2026-31431}
+- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Herbert Xu) [RHEL-172207]
+- usbip: validate number_of_packets in usbip_pack_ret_submit() (CKI Backport Bot) [RHEL-171433] {CVE-2026-31607}
+- Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (CKI Backport Bot) [RHEL-171326] {CVE-2026-31408}
+- redhat/configs: enable CONFIG_SCLP_OFB for s390x (Jan Polensky) [RHEL-169810]
+- scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (Vitaly Kuznetsov) [RHEL-159283]
+- s390/mm: Add missing secure storage access fixups for donated memory (Mete Durlu) [RHEL-168793]
+- Revert "mm: pcp: increase pcp->free_count threshold to trigger free_high" (Luiz Capitulino) [RHEL-144961]
+- audit: merge loops in __audit_inode_child() (Ricardo Robaina) [RHEL-145408]
+- audit: Use kzalloc() instead of kmalloc()/memset() in audit_krule_to_data() (Ricardo Robaina) [RHEL-145408]
+- audit: fix comment misindentation in audit.h (Ricardo Robaina) [RHEL-145408]
+- audit: add a missing tab (Ricardo Robaina) [RHEL-145408]
+- audit: fix typo in auditfilter.c comment (Ricardo Robaina) [RHEL-145408]
+- audit: Replace deprecated strcpy() with strscpy() (Ricardo Robaina) [RHEL-145408]
+- audit: fix indentation in audit_log_exit() (Ricardo Robaina) [RHEL-145408]
+- audit: mark audit_log_vformat() with __printf() attribute (Ricardo Robaina) [RHEL-145408]
+- auditsc: replace memcpy() with strscpy() (Ricardo Robaina) [RHEL-145408]
+- audit: use fsnotify group lock helpers (Ricardo Robaina) [RHEL-145408]
+- x86/kaslr: Recognize all ZONE_DEVICE users as physaddr consumers (Ricardo Robaina) [RHEL-144439]
+- kaslr: rename physmem_end and PHYSMEM_END to direct_map_physmem_end (Ricardo Robaina) [RHEL-144439]
+- arm64: Expose the end of the linear map in PHYSMEM_END (Ricardo Robaina) [RHEL-144439]
+Resolves: RHEL-144439, RHEL-144961, RHEL-145408, RHEL-159283, RHEL-168793, RHEL-169810, RHEL-171326, RHEL-171433, RHEL-172207
+
 * Wed Apr 29 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-700.el9]
 - tools/power/x86/intel-speed-select: v1.25 release (David Arcari) [RHEL-128562]
 - tools/power/x86/intel-speed-select: Fix file descriptor leak in isolate_cpus() (David Arcari) [RHEL-128562]
diff --git a/kernel.spec b/kernel.spec
index 04f9e3ca2..419f67da0 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -176,15 +176,15 @@ Summary: The Linux kernel
 # define buildid .local
 %define specversion 5.14.0
 %define patchversion 5.14
-%define pkgrelease 700
+%define pkgrelease 701
 %define kversion 5
-%define tarfile_release 5.14.0-700.el9
+%define tarfile_release 5.14.0-701.el9
 # This is needed to do merge window version magic
 %define patchlevel 14
 # This allows pkg_release to have configurable %%{?dist} tag
-%define specrelease 700%{?buildid}%{?dist}
+%define specrelease 701%{?buildid}%{?dist}
 # This defines the kabi tarball version
-%define kabiversion 5.14.0-700.el9
+%define kabiversion 5.14.0-701.el9
 
 #
 # End of genspec.sh variables
@@ -3753,6 +3753,37 @@ fi
 #
 #
 %changelog
+* Mon May 04 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-701.el9]
+- crypto: algif_aead - snapshot IV for async AEAD requests (Herbert Xu) [RHEL-172207]
+- crypto: algif_aead - Fix minimum RX size check for decryption (Herbert Xu) [RHEL-172207]
+- crypto: authencesn - reject short ahash digests during instance creation (Herbert Xu) [RHEL-172207]
+- crypto: authencesn - Fix src offset when decrypting in-place (Herbert Xu) [RHEL-172207]
+- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Herbert Xu) [RHEL-172207] {CVE-2026-31431}
+- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Herbert Xu) [RHEL-172207] {CVE-2026-23060}
+- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Herbert Xu) [RHEL-172207]
+- crypto: af_alg - limit RX SG extraction by receive buffer budget (Herbert Xu) [RHEL-172207] {CVE-2026-31677}
+- crypto: algif_aead - Revert to operating out-of-place (Herbert Xu) [RHEL-172207] {CVE-2026-31431}
+- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Herbert Xu) [RHEL-172207]
+- usbip: validate number_of_packets in usbip_pack_ret_submit() (CKI Backport Bot) [RHEL-171433] {CVE-2026-31607}
+- Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing sock_hold (CKI Backport Bot) [RHEL-171326] {CVE-2026-31408}
+- redhat/configs: enable CONFIG_SCLP_OFB for s390x (Jan Polensky) [RHEL-169810]
+- scsi: storvsc: Handle PERSISTENT_RESERVE_IN truncation for Hyper-V vFC (Vitaly Kuznetsov) [RHEL-159283]
+- s390/mm: Add missing secure storage access fixups for donated memory (Mete Durlu) [RHEL-168793]
+- Revert "mm: pcp: increase pcp->free_count threshold to trigger free_high" (Luiz Capitulino) [RHEL-144961]
+- audit: merge loops in __audit_inode_child() (Ricardo Robaina) [RHEL-145408]
+- audit: Use kzalloc() instead of kmalloc()/memset() in audit_krule_to_data() (Ricardo Robaina) [RHEL-145408]
+- audit: fix comment misindentation in audit.h (Ricardo Robaina) [RHEL-145408]
+- audit: add a missing tab (Ricardo Robaina) [RHEL-145408]
+- audit: fix typo in auditfilter.c comment (Ricardo Robaina) [RHEL-145408]
+- audit: Replace deprecated strcpy() with strscpy() (Ricardo Robaina) [RHEL-145408]
+- audit: fix indentation in audit_log_exit() (Ricardo Robaina) [RHEL-145408]
+- audit: mark audit_log_vformat() with __printf() attribute (Ricardo Robaina) [RHEL-145408]
+- auditsc: replace memcpy() with strscpy() (Ricardo Robaina) [RHEL-145408]
+- audit: use fsnotify group lock helpers (Ricardo Robaina) [RHEL-145408]
+- x86/kaslr: Recognize all ZONE_DEVICE users as physaddr consumers (Ricardo Robaina) [RHEL-144439]
+- kaslr: rename physmem_end and PHYSMEM_END to direct_map_physmem_end (Ricardo Robaina) [RHEL-144439]
+- arm64: Expose the end of the linear map in PHYSMEM_END (Ricardo Robaina) [RHEL-144439]
+
 * Wed Apr 29 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-700.el9]
 - tools/power/x86/intel-speed-select: v1.25 release (David Arcari) [RHEL-128562]
 - tools/power/x86/intel-speed-select: Fix file descriptor leak in isolate_cpus() (David Arcari) [RHEL-128562]
diff --git a/sources b/sources
index 9696cedce..9130d2ce8 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
-SHA512 (linux-5.14.0-700.el9.tar.xz) = 9fde0b0ce0e0e7de22bd7b84ea36debe5df7e7395ccbbdca4ccedd27a3baa0033887fd9c1b644b4605b1803c094ca7a622aada34c00d10df26b298e2ca231f6f
-SHA512 (kernel-abi-stablelists-5.14.0-700.el9.tar.bz2) = 6c64757054f0b49e3fde4d8861264a24eb5a6502741211b0e5eb5d76053b3e32a556be1451b685dd6cc70a689e915924a44de7d8ef67565f9820a446714bbb20
-SHA512 (kernel-kabi-dw-5.14.0-700.el9.tar.bz2) = 4a851323601da6034759905decc7544c5db8caf5eb588267d40f4679eda5a58946906332af85e6eafa3b2167c7766ce4122431f6dcc9714f2b26418fbf558d50
+SHA512 (linux-5.14.0-701.el9.tar.xz) = 34e45a0fc34e5011be1e2d3256b336da896d46562da7e2e1028d212ab05640cdac8d201bf6963b31d8e40b2153d8efc1ab38058a2f61f731b77b80258dc71d30
+SHA512 (kernel-abi-stablelists-5.14.0-701.el9.tar.bz2) = 13741838a3003fbb7b39cba1fd410407f58aa35fff0826e6c7a08ef7b70ae81de56bec76904a0257891216ce71cc2c65655eab1fa003edabcc2d711c7c73cd45
+SHA512 (kernel-kabi-dw-5.14.0-701.el9.tar.bz2) = 1a4573ae4068343e6bed8b78b2c5b67e5545a3c3862e586a874a1fff73bc0ad6380d4c580ba4583d97d2514b130e8ec84af16419d4a998495a969acad4b1db81