rpms/kernel
8
2
Fork 6
Code Issues Pull Requests Releases Activity

import OL kernel-6.12.0-55.38.1.0.1.el10_0

Browse Source
This commit is contained in:
eabdullin 2025-10-08 12:03:48 +00:00
parent c7ac1db885
commit 788c87c26e
10 changed files with 1012 additions and 422 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.gitignore vendored
View File

@ -1,7 +1,6 @@
fedoraimaca.x509
kernel-abi-stablelists-6.12.0-55.37.1.el10_0.tar.xz
kernel-kabi-dw-6.12.0-55.37.1.el10_0.tar.xz
linux-6.12.0-55.37.1.el10_0.tar.xz
kernel-abi-stablelists-6.12.0-55.38.1.el10_0.tar.xz
kernel-kabi-dw-6.12.0-55.38.1.el10_0.tar.xz
linux-6.12.0-55.38.1.el10_0.tar.xz
nvidiagpuoot001.x509
olima1.x509
olimaca1.x509

2
Makefile.rhelver
View File

@ -12,7 +12,7 @@ RHEL_MINOR = 0
#
# Use this spot to avoid future merge conflicts.
# Do not trim this comment.
RHEL_RELEASE = 55.37.1
RHEL_RELEASE = 55.38.1
#
# RHEL_REBASE_NUM

44
bug37756650-nvme-pci-remove-two-deallocate-zeroes-quirks.patch Normal file
View File

@ -0,0 +1,44 @@
From b0de5456e201c475d6a860ceeb3ed8ee2923695a Mon Sep 17 00:00:00 2001
From: Keith Busch <kbusch@kernel.org>
Date: Mon, 2 Dec 2024 09:45:48 -0800
Subject: [PATCH] nvme-pci: remove two deallocate zeroes quirks
The quirk was initially used as a signal to set the discard_zeroes_data
queue limit because there were some use cases that relied on that
behavior. The queue limit no longer exists as every user of it has been
converted to use the write zeroes operation instead.
The quirk now means to use a discard command as an alias to a write
zeroes request. Two of the devices previously using the quirk support
the write zeroes command directly, so these don't need or want to use
discard when the desired operation is to write zeroes.
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Keith Busch <kbusch@kernel.org>
Orabug: 37756650
Modified-by: Alex Burmashev <alexander.burmashev@oracle.com>
Signed-off-by: Alex Burmashev <alexander.burmashev@oracle.com>
---
drivers/nvme/host/pci.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/drivers/nvme/host/pci.c b/drivers/nvme/host/pci.c
index 4c644bb7f06927..9535e35ef18a56 100644
--- a/drivers/nvme/host/pci.c
+++ b/drivers/nvme/host/pci.c
@@ -3588,12 +3588,10 @@ static const struct pci_device_id nvme_id_table[] = {
NVME_QUIRK_DEALLOCATE_ZEROES, },
{ PCI_VDEVICE(INTEL, 0x0a54), /* Intel P4500/P4600 */
.driver_data = NVME_QUIRK_STRIPE_SIZE |
- NVME_QUIRK_DEALLOCATE_ZEROES |
NVME_QUIRK_IGNORE_DEV_SUBNQN |
NVME_QUIRK_BOGUS_NID, },
{ PCI_VDEVICE(INTEL, 0x0a55), /* Dell Express Flash P4600 */
- .driver_data = NVME_QUIRK_STRIPE_SIZE |
- NVME_QUIRK_DEALLOCATE_ZEROES, },
+ .driver_data = NVME_QUIRK_STRIPE_SIZE, },
{ PCI_VDEVICE(INTEL, 0xf1a5), /* Intel 600P/P3100 */
.driver_data = NVME_QUIRK_NO_DEEPEST_PS |
NVME_QUIRK_MEDIUM_PRIO_SQ |

0
check-kabi Executable file → Normal file
View File

445
kernel.changelog
View File

@ -1,3 +1,448 @@
* Tue Sep 30 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-55.38.1.el10_0]
- hv_netvsc: Fix panic during namespace deletion with VF (Maxim Levitsky) [RHEL-114930]
- RDMA/mana_ib: Fix DSCP value in modify QP (Maxim Levitsky) [RHEL-114930]
- net: mana: Handle Reset Request from MANA NIC (Maxim Levitsky) [RHEL-114930]
- net: mana: Set tx_packets to post gso processing packet count (Maxim Levitsky) [RHEL-114930]
- net: mana: Handle unsupported HWC commands (Maxim Levitsky) [RHEL-114930]
- net: mana: Add handler for hardware servicing events (Maxim Levitsky) [RHEL-114930]
- net: mana: Expose additional hardware counters for drop and TC via ethtool. (Maxim Levitsky) [RHEL-114930]
- hv_netvsc: Set VF priv_flags to IFF_NO_ADDRCONF before open to prevent IPv6 addrconf (Maxim Levitsky) [RHEL-114930]
- net: mana: Record doorbell physical address in PF mode (Maxim Levitsky) [RHEL-114930]
- net: mana: Add support for Multi Vports on Bare metal (Maxim Levitsky) [RHEL-114930]
- net: mana: Switch to page pool for jumbo frames (Maxim Levitsky) [RHEL-114930]
- net: mana: Add metadata support for xdp mode (Maxim Levitsky) [RHEL-114930]
- RDMA/mana_ib: Handle net event for pointing to the current netdev (Maxim Levitsky) [RHEL-114930]
- net: mana: Change the function signature of mana_get_primary_netdev_rcu (Maxim Levitsky) [RHEL-114930]
- RDMA/mana_ib: Ensure variable err is initialized (Maxim Levitsky) [RHEL-114930]
- net: mana: Add debug logs in MANA network driver (Maxim Levitsky) [RHEL-114930]
- hv_netvsc: Use VF's tso_max_size value when data path is VF (Maxim Levitsky) [RHEL-114930]
- net: mana: Allow tso_max_size to go up-to GSO_MAX_SIZE (Maxim Levitsky) [RHEL-114930]
- RDMA/mana_ib: request error CQEs when supported (Maxim Levitsky) [RHEL-114930]
- RDMA/mana_ib: Query feature_flags bitmask from FW (Maxim Levitsky) [RHEL-114930]
- net: mana: Support holes in device list reply msg (Maxim Levitsky) [RHEL-114930]
- RDMA/mana_ib: Allocate PAGE aligned doorbell index (Maxim Levitsky) [RHEL-114930]
- hv_netvsc: Link queues to NAPIs (Maxim Levitsky) [RHEL-114930]
- sctp: linearize cloned gso packets in sctp_rcv (CKI Backport Bot) [RHEL-113339] {CVE-2025-38718}
- nfsd: don't ignore the return code of svc_proc_register() (Olga Kornievskaia) [RHEL-93626] {CVE-2025-22026}
- smb: client: fix session setup against servers that require SPN (Paulo Alcantara) [RHEL-107110]
- smb: client: allow parsing zero-length AV pairs (Paulo Alcantara) [RHEL-107110]
- RDMA/cxgb4: Notify rdma stack for IB_EVENT_QP_LAST_WQE_REACHED event (CKI Backport Bot) [RHEL-100817]
Resolves: RHEL-100817, RHEL-107110, RHEL-113339, RHEL-114930, RHEL-93626
* Wed Sep 24 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-55.37.1.el10_0]
- selftests: tls: add tests for zero-length records (Sabrina Dubroca) [RHEL-114331] {CVE-2025-39682}
- tls: fix handling of zero-length records on the rx_list (Sabrina Dubroca) [RHEL-114331] {CVE-2025-39682}
- fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass (Audra Mitchell) [RHEL-110313] {CVE-2025-38396}
Resolves: RHEL-110313, RHEL-114331
* Mon Sep 22 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-55.36.1.el10_0]
- io_uring/futex: ensure io_futex_wait() cleans up properly on failure (CKI Backport Bot) [RHEL-114341] {CVE-2025-39698}
- ice: use fixed adapter index for E825C embedded devices (CKI Backport Bot) [RHEL-111792]
- ice: use DSN instead of PCI BDF for ice_adapter index (CKI Backport Bot) [RHEL-111792]
- tcp: drop secpath at the same time as we currently drop dst (Sabrina Dubroca) [RHEL-82133]
Resolves: RHEL-111792, RHEL-114341, RHEL-82133
* Fri Sep 19 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-55.35.1.el10_0]
- cifs: Fix reading into an ITER_FOLIOQ from the smbdirect code (Paulo Alcantara) [RHEL-111177]
- cifs: Fix the smbd_response slab to allow usercopy (Paulo Alcantara) [RHEL-111177] {CVE-2025-38523}
- smb: client: let smbd_post_send_iter() respect the peers max_send_size and transmit all data (Paulo Alcantara) [RHEL-111177]
- smb: client: fix max_sge overflow in smb_extract_folioq_to_rdma() (Paulo Alcantara) [RHEL-111177]
- smb: client: make use of common smbdirect_socket_parameters (Paulo Alcantara) [RHEL-111177]
- smb: smbdirect: introduce smbdirect_socket_parameters (Paulo Alcantara) [RHEL-111177]
- smb: client: make use of common smbdirect_socket (Paulo Alcantara) [RHEL-111177]
- smb: smbdirect: add smbdirect_socket.h (Paulo Alcantara) [RHEL-111177]
- smb: client: make use of common smbdirect.h (Paulo Alcantara) [RHEL-111177]
- smb: smbdirect: add smbdirect.h with public structures (Paulo Alcantara) [RHEL-111177]
- smb: client: make use of common smbdirect_pdu.h (Paulo Alcantara) [RHEL-111177]
- smb: smbdirect: add smbdirect_pdu.h with protocol definitions (Paulo Alcantara) [RHEL-111177]
- s390/sclp: Fix SCCB present check (CKI Backport Bot) [RHEL-113561] {CVE-2025-39694}
- net: stmmac: fix TSO DMA API usage causing oops (Izabela Bakollari) [RHEL-105352]
- smb: client: fix use-after-free in cifs_oplock_break (CKI Backport Bot) [RHEL-111198] {CVE-2025-38527}
Resolves: RHEL-105352, RHEL-111177, RHEL-111198, RHEL-113561
* Mon Sep 15 2025 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [6.12.0-55.34.1.el10_0]
- sunrpc: fix handling of server side tls alerts (Olga Kornievskaia) [RHEL-111073] {CVE-2025-38566}
- i40e: When removing VF MAC filters, only check PF-set MAC (CKI Backport Bot) [RHEL-109771]
- usb: dwc3: gadget: check that event count does not exceed event buffer length (CKI Backport Bot) [RHEL-107659] {CVE-2025-37810}
Resolves: RHEL-107659, RHEL-109771, RHEL-111073
* Tue Sep 09 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.33.1.el10_0]
- xfrm: interface: fix use-after-free after changing collect_md xfrm interface (CKI Backport Bot) [RHEL-109530] {CVE-2025-38500}
- idpf: convert control queue mutex to a spinlock (CKI Backport Bot) [RHEL-106061] {CVE-2025-38392}
- eth: bnxt: fix missing ring index trim on error path (CKI Backport Bot) [RHEL-104564] {CVE-2025-37873}
- tcp: Correct signedness in skb remaining space calculation (CKI Backport Bot) [RHEL-107844] {CVE-2025-38463}
- ipv6: mcast: Delay put pmc->idev in mld_del_delrec() (CKI Backport Bot) [RHEL-111154] {CVE-2025-38550}
- redhat: selftests/bpf: Add cpuv4 variant (Viktor Malik) [RHEL-109928]
- i40e: report VF tx_dropped with tx_errors instead of tx_discards (Dennis Chen) [RHEL-105138] {CVE-2025-38200}
- use uniform permission checks for all mount propagation changes (Ian Kent) [RHEL-107306] {CVE-2025-38498}
- do_change_type(): refuse to operate on unmounted/not ours mounts (Ian Kent) [RHEL-107306] {CVE-2025-38498}
- ublk: make sure ubq->canceling is set when queue is frozen (Ming Lei) [RHEL-99437] {CVE-2025-22068}
- net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM JIRA: https://issues.redhat.com/browse/RHEL-109821 Y-JIRA: https://issues.redhat.com/browse/RHEL-79173 (Jakub Ramaseuski)
- scsi: lpfc: Use memcpy() for BIOS version (Ewan D. Milne) [RHEL-105936] {CVE-2025-38332}
- net: introduce per netns packet chains (Paolo Abeni) [RHEL-88923]
Resolves: RHEL-104564, RHEL-105138, RHEL-105936, RHEL-106061, RHEL-107306, RHEL-107844, RHEL-109530, RHEL-109928, RHEL-111154, RHEL-88923, RHEL-99437
* Tue Sep 09 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.32.1.el10_0]
- posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (CKI Backport Bot) [RHEL-112784] {CVE-2025-38352}
Resolves: RHEL-112784
* Sun Aug 31 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.31.1.el10_0]
- sched/fair: Adhere to place_entity() constraints (Phil Auld) [RHEL-91404]
- sched/fair: Fix update_cfs_group() vs DELAY_DEQUEUE (Phil Auld) [RHEL-91404]
- sched/fair: Fix EEVDF entity placement bug causing scheduling lag (Phil Auld) [RHEL-91404]
- sched/fair: optimize the PLACE_LAG when se->vlag is zero (Phil Auld) [RHEL-91404]
- net/sched: ets: use old 'nbands' while purging unused classes (Ivan Vecera) [RHEL-107544] {CVE-2025-38350}
- net/sched: Always pass notifications when child class becomes empty (Ivan Vecera) [RHEL-93365] {CVE-2025-38350}
- net_sched: ets: fix a race in ets_qdisc_change() (Ivan Vecera) [RHEL-107544] {CVE-2025-38107}
- sch_htb: make htb_deactivate() idempotent (Ivan Vecera) [RHEL-93365] {CVE-2025-37953}
- codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (Ivan Vecera) [RHEL-93365] {CVE-2025-37798}
- sch_qfq: make qfq_qlen_notify() idempotent (Ivan Vecera) [RHEL-93365] {CVE-2025-38350}
- sch_drr: make drr_qlen_notify() idempotent (Ivan Vecera) [RHEL-93365] {CVE-2025-38350}
- sch_htb: make htb_qlen_notify() idempotent (Ivan Vecera) [RHEL-93365] {CVE-2025-37932}
- drm/vkms: Fix use after free and double free on init error (Jocelyn Falempe) [RHEL-99432] {CVE-2025-22097}
- Revert "cxl/acpi: Fix load failures due to single window creation failure" (John W. Linville) [RHEL-85055]
- udmabuf: fix a buf size overflow issue during udmabuf creation (Lyude Paul) [RHEL-99760] {CVE-2025-37803}
- drm/framebuffer: Acquire internal references on GEM handles (Mika Penttilä) [RHEL-106710] {CVE-2025-38449}
- drm/gem: Acquire references on GEM handles for framebuffers (Mika Penttilä) [RHEL-106710] {CVE-2025-38449}
- nvme/ioctl: don't warn on vectorized uring_cmd with fixed buffer (Maurizio Lombardi) [RHEL-109753]
- nvme-ioctl: fix leaked requests on mapping error (Maurizio Lombardi) [RHEL-109753]
Resolves: RHEL-106710, RHEL-107544, RHEL-109753, RHEL-85055, RHEL-91404, RHEL-93365, RHEL-99432, RHEL-99760
* Sun Aug 24 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.30.1.el10_0]
- net_sched: hfsc: Fix a potential UAF in hfsc_dequeue() too (CKI Backport Bot) [RHEL-107641] {CVE-2025-37823}
- s390/pci: Fix zpci_bus_is_isolated_vf() for non-VFs (Mete Durlu) [RHEL-95537]
- s390/pci: Fix handling of isolated VFs (CKI Backport Bot) [RHEL-84462]
- s390/pci: Pull search for parent PF out of zpci_iov_setup_virtfn() (CKI Backport Bot) [RHEL-84462]
- s390/pci: Fix SR-IOV for PFs initially in standby (CKI Backport Bot) [RHEL-84462]
- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (CKI Backport Bot) [RHEL-104285] {CVE-2025-38211}
- udp: Fix memory accounting leak. (CKI Backport Bot) [RHEL-104102] {CVE-2025-22058}
- udp: Fix multiple wraparounds of sk->sk_rmem_alloc. (Xin Long) [RHEL-104102]
- ext4: only dirty folios when data journaling regular files (CKI Backport Bot) [RHEL-106815] {CVE-2025-38220}
- tipc: Fix use-after-free in tipc_conn_close(). (CKI Backport Bot) [RHEL-106660] {CVE-2025-38464}
- vsock: Fix transport_* TOCTOU (CKI Backport Bot) [RHEL-106015] {CVE-2025-38461}
- netfilter: nf_conntrack: fix crash due to removal of uninitialised entry (CKI Backport Bot) [RHEL-106442] {CVE-2025-38472}
Resolves: RHEL-104102, RHEL-104285, RHEL-106015, RHEL-106442, RHEL-106660, RHEL-106815, RHEL-107641, RHEL-84462, RHEL-95537
* Sun Aug 17 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.29.1.el10_0]
- ice: fix eswitch code memory leak in reset scenario (CKI Backport Bot) [RHEL-108153] {CVE-2025-38417}
- net/sched: Abort __tc_modify_qdisc if parent class does not exist (CKI Backport Bot) [RHEL-107896]
- net_sched: ets: Fix double list add in class with netem as child qdisc (CKI Backport Bot) [RHEL-104727] {CVE-2025-37914}
- sch_ets: make est_qlen_notify() idempotent (Ivan Vecera) [RHEL-104727]
- i40e: fix MMIO write access to an invalid page in i40e_clear_hw (Dennis Chen) [RHEL-106047] {CVE-2025-38200}
- cxgb4: use port number to set mac addr (CKI Backport Bot) [RHEL-79668]
Resolves: RHEL-104727, RHEL-106047, RHEL-107896, RHEL-108153, RHEL-79668
* Mon Aug 11 2025 Julio Faracco <jfaracco@redhat.com> [6.12.0-55.28.1.el10_0]
- tls: always refresh the queue when reading sock (CKI Backport Bot) [RHEL-106091] {CVE-2025-38471}
- selftests: net: bpf_offload: add 'libbpf_global' to ignored maps (Hangbin Liu) [RHEL-105901]
- selftests: net: fix error message in bpf_offload (Hangbin Liu) [RHEL-105901]
- selftests: net: add more info to error in bpf_offload (Hangbin Liu) [RHEL-105901]
- net: fix udp gso skb_segment after pull from frag_list (Guillaume Nault) [RHEL-103035] {CVE-2025-38124}
- powerpc/pseries/vas: Add close() callback in vas_vm_ops struct (Mamatha Inamdar) [RHEL-87181]
- s390/pci: Serialize device addition and removal (CKI Backport Bot) [RHEL-100158]
- s390/pci: Allow re-add of a reserved but not yet removed device (CKI Backport Bot) [RHEL-100158]
- s390/pci: Prevent self deletion in disable_slot() (CKI Backport Bot) [RHEL-100158]
- s390/pci: Remove redundant bus removal and disable from zpci_release_device() (CKI Backport Bot) [RHEL-100158]
- s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs (CKI Backport Bot) [RHEL-100158]
- s390/pci: Fix missing check for zpci_create_device() error return (CKI Backport Bot) [RHEL-100158]
- s390/pci: Fix potential double remove of hotplug slot (CKI Backport Bot) [RHEL-100158]
- s390/topology: Improve topology detection (CKI Backport Bot) [RHEL-92096]
- Bluetooth: hci_core: Fix use-after-free in vhci_flush() (CKI Backport Bot) [RHEL-103270] {CVE-2025-38250}
- redhat: Mark kernel incompatible with xdp-tools<1.5.4 (Felix Maurer) [RHEL-100447]
- selftests/bpf: Adjust data size to have ETH_HLEN (Felix Maurer) [RHEL-100447] {CVE-2025-21867}
- bpf, test_run: Fix use-after-free issue in eth_skb_pkt_type() (Felix Maurer) [RHEL-100447] {CVE-2025-21867}
- i2c/designware: Fix an initialization issue (CKI Backport Bot) [RHEL-106626] {CVE-2025-38380}
Resolves: RHEL-100158, RHEL-100447, RHEL-103035, RHEL-103270, RHEL-105901, RHEL-106091, RHEL-106626, RHEL-87181, RHEL-92096
* Fri Aug 08 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.27.1.el10_0]
- Revert "sch_htb: make htb_qlen_notify() idempotent" (Jan Stancek) [RHEL-108141]
- Revert "sch_drr: make drr_qlen_notify() idempotent" (Jan Stancek) [RHEL-108141]
- Revert "sch_qfq: make qfq_qlen_notify() idempotent" (Jan Stancek) [RHEL-108141]
- Revert "codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()" (Jan Stancek) [RHEL-108141]
- Revert "sch_htb: make htb_deactivate() idempotent" (Jan Stancek) [RHEL-108141]
- Revert "net/sched: Always pass notifications when child class becomes empty" (Jan Stancek) [RHEL-108141]
Resolves: RHEL-108141
* Sun Aug 03 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.26.1.el10_0]
- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (CKI Backport Bot) [RHEL-103169] {CVE-2025-38159}
- Documentation: Fix pci=config_acs= example (Steve Dunnagan) [RHEL-102663]
- PCI/ACS: Fix 'pci=config_acs=' parameter (Steve Dunnagan) [RHEL-102663]
- Revert "smb: client: fix TCP timers deadlock after rmmod" (Paulo Alcantara) [RHEL-106417] {CVE-2025-22077}
- Revert "smb: client: Fix netns refcount imbalance causing leaks and use-after-free" (Paulo Alcantara) [RHEL-106417]
- smb: client: Fix netns refcount imbalance causing leaks and use-after-free (Paulo Alcantara) [RHEL-106417]
- wifi: ath12k: fix invalid access to memory (CKI Backport Bot) [RHEL-103228] {CVE-2025-38292}
- x86/CPU/AMD: Terminate the erratum_1386_microcode array (CKI Backport Bot) [RHEL-104884] {CVE-2024-56721}
- crypto: algif_hash - fix double free in hash_accept (CKI Backport Bot) [RHEL-102247] {CVE-2025-38079}
- net/sched: Always pass notifications when child class becomes empty (CKI Backport Bot) [RHEL-93365] {CVE-2025-38350}
- sch_htb: make htb_deactivate() idempotent (CKI Backport Bot) [RHEL-93365] {CVE-2025-38350}
- codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (CKI Backport Bot) [RHEL-93365] {CVE-2025-38350}
- sch_qfq: make qfq_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93365] {CVE-2025-38350}
- sch_drr: make drr_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93365] {CVE-2025-38350}
- sch_htb: make htb_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93365] {CVE-2025-38350}
- redhat: update BUILD_TARGET to use rhel-10.0-z-test-pesign (Jan Stancek)
- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (Rafael Aquini) [RHEL-101263] {CVE-2025-38085}
- mm/hugetlb: unshare page tables during VMA split, not before (Rafael Aquini) [RHEL-101298] {CVE-2025-38084}
- tools/testing/vma: add missing function stub (Rafael Aquini) [RHEL-101298]
- mm: fix copy_vma() error handling for hugetlb mappings (Rafael Aquini) [RHEL-101298]
- PCI: Use downstream bridges for distributing resources (Jennifer Berringer) [RHEL-102664]
- PCI/pwrctrl: Cancel outstanding rescan work when unregistering (Myron Stowe) [RHEL-103212] {CVE-2025-38137}
- bnxt_en: Skip MAC loopback selftest if it is unsupported by FW (CKI Backport Bot) [RHEL-82538]
- bnxt_en: Skip PHY loopback ethtool selftest if unsupported by FW (CKI Backport Bot) [RHEL-82538]
Resolves: RHEL-101263, RHEL-101298, RHEL-102247, RHEL-102663, RHEL-102664, RHEL-103169, RHEL-103212, RHEL-103228, RHEL-104884, RHEL-106417, RHEL-82538, RHEL-93365
* Mon Jul 28 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.25.1.el10_0]
- net_sched: hfsc: Address reentrant enqueue adding class to eltree twice (Ivan Vecera) [RHEL-97533] {CVE-2025-38001}
- sch_hfsc: Fix qlen accounting bug when using peek in hfsc_enqueue() (Davide Caratti) [RHEL-97533] {CVE-2025-38000}
- net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc (Ivan Vecera) [RHEL-97533] {CVE-2025-37890}
- sch_hfsc: make hfsc_qlen_notify() idempotent (Ivan Vecera) [RHEL-97533]
- RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device" problem (Michal Schmidt) [RHEL-99060] {CVE-2025-38022}
- RDMA/core: Fix use-after-free when rename device name (Michal Schmidt) [RHEL-99060] {CVE-2025-22085}
- nvme-tcp: sanitize request list handling (CKI Backport Bot) [RHEL-103235] {CVE-2025-38264}
- net: tipc: fix refcount warning in tipc_aead_encrypt (Xin Long) [RHEL-103097]
- net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done (CKI Backport Bot) [RHEL-103097] {CVE-2025-38052}
- tcp: adjust rcvq_space after updating scaling ratio (Guillaume Nault) [RHEL-101775]
- ext4: avoid journaling sb update on error if journal is destroying (CKI Backport Bot) [RHEL-93608] {CVE-2025-22113}
- ext4: define ext4_journal_destroy wrapper (CKI Backport Bot) [RHEL-93608] {CVE-2025-22113}
- HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() (CKI Backport Bot) [RHEL-98862] {CVE-2025-21928}
- HID: intel-ish-hid: Fix use-after-free issue in hid_ishtp_cl_remove() (CKI Backport Bot) [RHEL-98886] {CVE-2025-21929}
- usb: hub: Fix flushing of delayed work used for post resume purposes (Desnes Nunes) [RHEL-104681]
- usb: hub: Fix flushing and scheduling of delayed work that tunes runtime pm (Desnes Nunes) [RHEL-104681]
- usb: hub: fix detection of high tier USB3 devices behind suspended hubs (Desnes Nunes) [RHEL-104681]
- net/sched: fix use-after-free in taprio_dev_notifier (CKI Backport Bot) [RHEL-101322] {CVE-2025-38087}
- net: ch9200: fix uninitialised access during mii_nway_restart (CKI Backport Bot) [RHEL-101224] {CVE-2025-38086}
- padata: avoid UAF for reorder_work (Waiman Long) [RHEL-97040] {CVE-2025-21726}
- padata: fix UAF in padata_reorder (Waiman Long) [RHEL-97040] {CVE-2025-21727}
- padata: add pd get/put refcnt helper (Waiman Long) [RHEL-97040]
- padata: fix sysfs store callback check (Waiman Long) [RHEL-97040]
- padata: Clean up in padata_do_multithreaded() (Waiman Long) [RHEL-97040]
- memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove (CKI Backport Bot) [RHEL-99041] {CVE-2025-22020}
Resolves: RHEL-101224, RHEL-101322, RHEL-101775, RHEL-103097, RHEL-103235, RHEL-104681, RHEL-93608, RHEL-97040, RHEL-97533, RHEL-98862, RHEL-98886, RHEL-99041, RHEL-99060
* Wed Jul 23 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.24.1.el10_0]
- net_sched: hfsc: Fix a UAF vulnerability in class handling (CKI Backport Bot) [RHEL-95867] {CVE-2025-37797}
Resolves: RHEL-95867
* Sun Jul 20 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.23.1.el10_0]
- ext4: fix out-of-bound read in ext4_xattr_inode_dec_ref_all() (CKI Backport Bot) [RHEL-93570] {CVE-2025-22121}
- ext4: introduce ITAIL helper (CKI Backport Bot) [RHEL-93570] {CVE-2025-22121}
- net/mdiobus: Fix potential out-of-bounds clause 45 read/write access (CKI Backport Bot) [RHEL-102097] {CVE-2025-38110}
- powerpc/vas: Return -EINVAL if the offset is non-zero in mmap() (Mamatha Inamdar) [RHEL-101307] {CVE-2025-38088}
- powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap (Mamatha Inamdar) [RHEL-101307] {CVE-2025-38088}
- net/mlx5: Fill out devlink dev info only for PFs (CKI Backport Bot) [RHEL-93772]
- RDMA/mlx5: Fix page_size variable overflow (CKI Backport Bot) [RHEL-99325] {CVE-2025-22091}
- ACPI: CPPC: Fix _CPC register setting issue (Mark Langsdorf) [RHEL-85317]
Resolves: RHEL-101307, RHEL-102097, RHEL-85317, RHEL-93570, RHEL-93772, RHEL-99325
* Sun Jul 13 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.22.1.el10_0]
- mm/huge_memory: fix dereferencing invalid pmd migration entry (Luiz Capitulino) [RHEL-96384] {CVE-2025-37958}
- i2c: tegra: check msg length in SMBUS block read (Steve Dunnagan) [RHEL-99824]
- s390/virtio_ccw: Don't allocate/assign airqs for non-existing queues (CKI Backport Bot) [RHEL-87558]
- sunrpc: handle SVC_GARBAGE during svc auth processing as auth error (CKI Backport Bot) [RHEL-101331] {CVE-2025-38089}
- media: uvcvideo: Announce the user our deprecation intentions (Desnes Nunes) [RHEL-98779]
- media: uvcvideo: Allow changing noparam on the fly (Desnes Nunes) [RHEL-98779]
- media: uvcvideo: Invert default value for nodrop module param (Desnes Nunes) [RHEL-98779]
- media: uvcvideo: Propagate buf->error to userspace (Desnes Nunes) [RHEL-98779]
- media: uvcvideo: Flush the control cache when we get an event (Desnes Nunes) [RHEL-98779]
- media: uvcvideo: Annotate lock requirements for uvc_ctrl_set (Desnes Nunes) [RHEL-98779]
- media: uvcvideo: Remove dangling pointers (Desnes Nunes) [RHEL-98779] {CVE-2024-58002}
- media: uvcvideo: Remove redundant NULL assignment (Desnes Nunes) [RHEL-98779]
- media: uvcvideo: Only save async fh if success (Desnes Nunes) [RHEL-98779]
- media: uvcvideo: Fix double free in error path (CKI Backport Bot) [RHEL-98805] {CVE-2024-57980}
- wifi: iwlwifi: limit printed string from FW file (CKI Backport Bot) [RHEL-99396] {CVE-2025-21905}
Resolves: RHEL-101331, RHEL-87558, RHEL-96384, RHEL-98779, RHEL-98805, RHEL-99396, RHEL-99824
* Sun Jul 06 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.21.1.el10_0]
- ice, irdma: fix an off by one in error handling code (Petr Oros) [RHEL-80558]
- irdma: free iwdev->rf after removing MSI-X (Petr Oros) [RHEL-80558]
- ice: Fix signedness bug in ice_init_interrupt_scheme() (Petr Oros) [RHEL-80558]
- ice: init flow director before RDMA (Petr Oros) [RHEL-80558]
- ice: simplify VF MSI-X managing (Petr Oros) [RHEL-80558]
- ice: enable_rdma devlink param (Petr Oros) [RHEL-80558]
- ice: treat dyn_allowed only as suggestion (Petr Oros) [RHEL-80558]
- ice, irdma: move interrupts code to irdma (Petr Oros) [RHEL-80558]
- ice: get rid of num_lan_msix field (Petr Oros) [RHEL-80558]
- ice: remove splitting MSI-X between features (Petr Oros) [RHEL-80558]
- ice: devlink PF MSI-X max and min parameter (Petr Oros) [RHEL-80558]
- ice: ice_probe: init ice_adapter after HW init (Petr Oros) [RHEL-80558]
- ice: minor: rename goto labels from err to unroll (Petr Oros) [RHEL-80558]
- ice: split ice_init_hw() out from ice_init_dev() (Petr Oros) [RHEL-80558]
- ice: c827: move wait for FW to ice_init_hw() (Petr Oros) [RHEL-80558]
- exfat: fix random stack corruption after get_block (CKI Backport Bot) [RHEL-99441] {CVE-2025-22036}
Resolves: RHEL-80558, RHEL-99441
* Mon Jun 30 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.20.1.el10_0]
- x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (CKI Backport Bot) [RHEL-99007] {CVE-2025-21991}
- page_pool: Track DMA-mapped pages and unmap them when destroying the pool (Toke Høiland-Jørgensen) [RHEL-84148]
- page_pool: Move pp_magic check into helper functions (Toke Høiland-Jørgensen) [RHEL-84148]
- scsi: storvsc: Explicitly set max_segment_size to UINT_MAX (Ewan D. Milne) [RHEL-97172]
- vmxnet3: Fix malformed packet sizing in vmxnet3_process_xdp (CKI Backport Bot) [RHEL-97116] {CVE-2025-37799}
- dm mpath: replace spin_lock_irqsave with spin_lock_irq (Benjamin Marzinski) [RHEL-89484]
- dm-mpath: Don't grab work_mutex while probing paths (Benjamin Marzinski) [RHEL-89484]
- dm mpath: Interface for explicit probing of active paths (Benjamin Marzinski) [RHEL-89484]
- dm: Allow .prepare_ioctl to handle ioctls directly (Benjamin Marzinski) [RHEL-89484]
- ipv6: mcast: extend RCU protection in igmp6_send() (CKI Backport Bot) [RHEL-94685] {CVE-2025-21759}
- net: add dev_net_rcu() helper (Hangbin Liu) [RHEL-94685]
Resolves: RHEL-84148, RHEL-89484, RHEL-94685, RHEL-97116, RHEL-97172, RHEL-99007
* Sun Jun 22 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.19.1.el10_0]
- ibmvnic: Use kernel helpers for hex dumps (CKI Backport Bot) [RHEL-89031] {CVE-2025-22104}
- eth: bnxt: fix truesize for mb-xdp-pass case (CKI Backport Bot) [RHEL-88329] {CVE-2025-21961}
- ice: Avoid setting default Rx VSI twice in switchdev setup (Petr Oros) [RHEL-88309]
- ice: Fix deinitializing VF in error path (Petr Oros) [RHEL-88309] {CVE-2025-21883}
- ice: add E830 HW VF mailbox message limit support (Petr Oros) [RHEL-88309]
- block/Kconfig: Allow selecting BLK_CGROUP_PUNT_BIO (Ming Lei) [RHEL-87376]
Resolves: RHEL-87376, RHEL-88309, RHEL-88329, RHEL-89031
* Mon Jun 16 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.18.1.el10_0]
- sched/rt: Fix race in push_rt_task (Phil Auld) [RHEL-91792]
- mm/vmalloc: combine all TLB flush operations of KASAN shadow virtual address into one operation (Luiz Capitulino) [RHEL-86954] {CVE-2024-56559}
- block: make sure ->nr_integrity_segments is cloned in blk_rq_prep_clone (Ming Lei) [RHEL-92013]
- proc: fix UAF in proc_get_inode() (CKI Backport Bot) [RHEL-86810] {CVE-2025-21999}
- ext4: ignore xattrs past end (CKI Backport Bot) [RHEL-94260] {CVE-2025-37738}
- nvme-fabrics: handle zero MAXCMD without closing the connection (Maurizio Lombardi) [RHEL-94205]
- ext4: fix off-by-one error in do_split (CKI Backport Bot) [RHEL-93645] {CVE-2025-23150}
- r8169: disable RTL8126 ZRX-DC timeout (CKI Backport Bot) [RHEL-93482]
- r8169: enable RTL8168H/RTL8168EP/RTL8168FP ASPM support (CKI Backport Bot) [RHEL-93482]
Resolves: RHEL-86810, RHEL-86954, RHEL-91792, RHEL-92013, RHEL-93482, RHEL-93645, RHEL-94205, RHEL-94260
* Sun Jun 08 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.17.1.el10_0]
- vmxnet3: unregister xdp rxq info in the reset path (CKI Backport Bot) [RHEL-92473]
- block: fix 'kmem_cache of name 'bio-108' already exists' (Ming Lei) [RHEL-89955]
- ice: implement low latency PHY timer updates (Petr Oros) [RHEL-89810]
- ice: check low latency PHY timer update firmware capability (Petr Oros) [RHEL-89810]
- ice: add lock to protect low latency interface (Petr Oros) [RHEL-89810]
- ice: rename TS_LL_READ* macros to REG_LL_PROXY_H_* (Petr Oros) [RHEL-89810]
- ice: use read_poll_timeout_atomic in ice_read_phy_tstamp_ll_e810 (Petr Oros) [RHEL-89810]
- cifs: Fix integer overflow while processing acdirmax mount option (Paulo Alcantara) [RHEL-87945] {CVE-2025-21963}
- smb: client: fix UAF in decryption with multichannel (CKI Backport Bot) [RHEL-94463] {CVE-2025-37750}
- sched/fair: Fix CPU bandwidth limit bypass during CPU hotplug (Phil Auld) [RHEL-86346]
- keys: Fix UAF in key_put() (CKI Backport Bot) [RHEL-86853] {CVE-2025-21893}
- ndisc: use RCU protection in ndisc_alloc_skb() (Xin Long) [RHEL-89556] {CVE-2025-21764}
- ipv6: use RCU protection in ip6_default_advmss() (Xin Long) [RHEL-89556] {CVE-2025-21765}
- net: add dev_net_rcu() helper (Xin Long) [RHEL-89556] {CVE-2025-21765}
- vfio/pci: Align huge faults to order (Alex Williamson) [RHEL-93762]
- Bluetooth: L2CAP: Fix corrupted list in hci_chan_del (David Marlin) [RHEL-87894] {CVE-2025-21969}
- Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd (CKI Backport Bot) [RHEL-87894] {CVE-2025-21969}
- cifs: Fix integer overflow while processing closetimeo mount option (CKI Backport Bot) [RHEL-87904] {CVE-2025-21962}
- ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up (CKI Backport Bot) [RHEL-93459] {CVE-2025-21887}
- wifi: cfg80211: init wiphy_work before allocating rfkill fails (CKI Backport Bot) [RHEL-87935] {CVE-2025-21979}
- wifi: cfg80211: cancel wiphy_work before freeing wiphy (CKI Backport Bot) [RHEL-87935] {CVE-2025-21979}
Resolves: RHEL-86346, RHEL-86853, RHEL-87894, RHEL-87904, RHEL-87935, RHEL-87945, RHEL-89556, RHEL-89810, RHEL-89955, RHEL-92473, RHEL-93459, RHEL-93762, RHEL-94463
* Tue Jun 03 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.16.1.el10_0]
- net: fix geneve_opt length integer overflow (Guillaume Nault) [RHEL-87980] {CVE-2025-22055}
- vsock/virtio: discard packets if the transport changes (Jon Maloy) [RHEL-86874] {CVE-2025-21669}
Resolves: RHEL-86874, RHEL-87980
* Fri May 30 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.15.1.el10_0]
- net: gso: fix ownership in __udp_gso_segment (CKI Backport Bot) [RHEL-88518] {CVE-2025-21926}
- xsk: fix an integer overflow in xp_create_and_assign_umem() (CKI Backport Bot) [RHEL-87915] {CVE-2025-21997}
- wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi (CKI Backport Bot) [RHEL-93269] {CVE-2025-37943}
Resolves: RHEL-87915, RHEL-88518, RHEL-93269
* Mon May 26 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.14.1.el10_0]
- sched/fair: Fix potential memory corruption in child_cfs_rq_on_list (CKI Backport Bot) [RHEL-88323] {CVE-2025-21919}
- drm/i915/dp_mst: Don't require DSC hblank quirk for a non-DSC compatible mode (Jocelyn Falempe) [RHEL-88536]
- drm/i915/dp_mst: Handle error during DSC BW overhead/slice calculation (Jocelyn Falempe) [RHEL-88536]
- drm/i915/display: Use joined pipes in dsc helpers for slices, bpp (Jocelyn Falempe) [RHEL-88536]
- drm/i915/display: Use joined pipes in intel_mode_valid_max_plane_size (Jocelyn Falempe) [RHEL-88536]
- drm/i915/display: Use joined pipes in intel_dp_joiner_needs_dsc (Jocelyn Falempe) [RHEL-88536]
- drm/i915/display: Simplify intel_joiner_num_pipes and its usage (Jocelyn Falempe) [RHEL-88536]
- drm/i915/display: Check whether platform supports joiner (Jocelyn Falempe) [RHEL-88536]
- Revert "drm/i915/dp_mst: Handle error during DSC BW overhead/slice calculation" (Jocelyn Falempe) [RHEL-88536]
- Revert "drm/i915/dp_mst: Don't require DSC hblank quirk for a non-DSC compatible mode" (Jocelyn Falempe) [RHEL-88536]
- drm/mgag200: Added support for the new device G200eH5 (Jocelyn Falempe) [RHEL-88909]
- cifs: Fix integer overflow while processing acregmax mount option (CKI Backport Bot) [RHEL-87925] {CVE-2025-21964}
- ext4: fix OOB read when checking dotdot dir (CKI Backport Bot) [RHEL-87991] {CVE-2025-37785}
Resolves: RHEL-87925, RHEL-87991, RHEL-88323, RHEL-88536, RHEL-88909
* Sun May 18 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.13.1.el10_0]
- gitlab-ci: use rhel10.0 builder image (Michael Hofmann)
- vsock: Orphan socket after transport release (Jay Shin) [RHEL-89161] {CVE-2025-21756}
- vsock: Keep the binding until socket destruction (Jay Shin) [RHEL-89161] {CVE-2025-21756}
- bpf, vsock: Invoke proto::close on close() (Jay Shin) [RHEL-89161] {CVE-2025-21756}
- idpf: call set_real_num_queues in idpf_open (CKI Backport Bot) [RHEL-79479]
- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (CKI Backport Bot) [RHEL-89591] {CVE-2024-53104}
- redhat: enable CONFIG_WERROR=y (Jan Stancek) [RHEL-89564]
- redhat: don't enforce WERROR for 3rd-party OOT kmods (Jan Stancek) [RHEL-89564]
- redhat: make ENABLE_WERROR enable also KVM_WERROR (Jan Stancek) [RHEL-89564]
- fortify: Hide run-time copy size from value range tracking (Jan Stancek) [RHEL-89564]
- resolve_btfids: Fix compiler warnings (Jan Stancek) [RHEL-89564]
- ixgbe: fix media type detection for E610 device (Corinna Vinschen) [RHEL-85810]
- ixgbevf: Add support for Intel(R) E610 device (Corinna Vinschen) [RHEL-85810]
- PCI: Add PCI_VDEVICE_SUB helper macro (Corinna Vinschen) [RHEL-85810]
- ixgbe: fix media cage present detection for E610 device (Corinna Vinschen) [RHEL-85810]
- ixgbe: Enable link management in E610 device (Corinna Vinschen) [RHEL-85810]
- ixgbe: Clean up the E610 link management related code (Corinna Vinschen) [RHEL-85810]
- ixgbe: Add ixgbe_x540 multiple header inclusion protection (Corinna Vinschen) [RHEL-85810]
- ixgbe: Add support for EEPROM dump in E610 device (Corinna Vinschen) [RHEL-85810]
- ixgbe: Add support for NVM handling in E610 device (Corinna Vinschen) [RHEL-85810]
- ixgbe: Add link management support for E610 device (Corinna Vinschen) [RHEL-85810]
- ixgbe: Add support for E610 device capabilities detection (Corinna Vinschen) [RHEL-85810]
- ixgbe: Add support for E610 FW Admin Command Interface (Corinna Vinschen) [RHEL-85810]
- smb: client: don't retry IO on failed negprotos with soft mounts (Jay Shin) [RHEL-85525]
Resolves: RHEL-79479, RHEL-85525, RHEL-85810, RHEL-89161, RHEL-89564, RHEL-89591
* Mon May 12 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.12.1.el10_0]
- scsi: core: Fix command pass through retry regression (Ewan D. Milne) [RHEL-77121]
- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (CKI Backport Bot) [RHEL-86903] {CVE-2025-21966}
- ice: stop storing XDP verdict within ice_rx_buf (Petr Oros) [RHEL-86860]
- ice: gather page_count()'s of each frag right before XDP prog call (Petr Oros) [RHEL-86860]
- ice: put Rx buffers after being done with current frame (Petr Oros) [RHEL-86860]
- iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (CKI Backport Bot) [RHEL-86847] {CVE-2025-21993}
Resolves: RHEL-77121, RHEL-86847, RHEL-86860, RHEL-86903
* Thu Apr 24 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.11.1.el10_0]
- smb: client: fix regression with guest option (Jay Shin) [RHEL-83861]
- pnfs/flexfiles: retry getting layout segment for reads (Benjamin Coddington) [RHEL-87770]
- nfs: fix incorrect error handling in LOCALIO (Benjamin Coddington) [RHEL-87770]
- nfs: probe for LOCALIO when v3 client reconnects to server (Benjamin Coddington) [RHEL-87770]
- nfs: probe for LOCALIO when v4 client reconnects to server (Benjamin Coddington) [RHEL-87770]
- nfs/localio: remove redundant code and simplify LOCALIO enablement (Benjamin Coddington) [RHEL-87770]
- nfs_common: add nfs_localio trace events (Benjamin Coddington) [RHEL-87770]
- nfs_common: track all open nfsd_files per LOCALIO nfs_client (Benjamin Coddington) [RHEL-87770]
- nfs_common: rename nfslocalio nfs_uuid_lock to nfs_uuids_lock (Benjamin Coddington) [RHEL-87770]
- nfsd: nfsd_file_acquire_local no longer returns GC'd nfsd_file (Benjamin Coddington) [RHEL-87770]
- nfsd: rename nfsd_serv_ prefixed methods and variables with nfsd_net_ (Benjamin Coddington) [RHEL-87770]
- nfsd: update percpu_ref to manage references on nfsd_net (Benjamin Coddington) [RHEL-87770]
- nfs: cache all open LOCALIO nfsd_file(s) in client (Benjamin Coddington) [RHEL-87770]
- nfs_common: move localio_lock to new lock member of nfs_uuid_t (Benjamin Coddington) [RHEL-87770]
- nfs_common: rename functions that invalidate LOCALIO nfs_clients (Benjamin Coddington) [RHEL-87770]
- nfsd: add nfsd_file_{get,put} to 'nfs_to' nfsd_localio_operations (Benjamin Coddington) [RHEL-87770]
- nfs/localio: add direct IO enablement with sync and async IO support (Benjamin Coddington) [RHEL-87770]
- ice: ensure periodic output start time is in the future (Petr Oros) [RHEL-86858]
- ice: fix PHY Clock Recovery availability check (Petr Oros) [RHEL-86858]
- ice: Drop auxbus use for PTP to finalize ice_adapter move (Petr Oros) [RHEL-86858]
- ice: Use ice_adapter for PTP shared data instead of auxdev (Petr Oros) [RHEL-86858]
- ice: Initial support for E825C hardware in ice_adapter (Petr Oros) [RHEL-86858]
- ice: Add ice_get_ctrl_ptp() wrapper to simplify the code (Petr Oros) [RHEL-86858]
- ice: Introduce ice_get_phy_model() wrapper (Petr Oros) [RHEL-86858]
- ice: Enable 1PPS out from CGU for E825C products (Petr Oros) [RHEL-86858]
- ice: Read SDP section from NVM for pin definitions (Petr Oros) [RHEL-86858]
- ice: Disable shared pin on E810 on setfunc (Petr Oros) [RHEL-86858]
- ice: Cache perout/extts requests and check flags (Petr Oros) [RHEL-86858]
- ice: Align E810T GPIO to other products (Petr Oros) [RHEL-86858]
- ice: Add SDPs support for E825C (Petr Oros) [RHEL-86858]
- ice: Implement ice_ptp_pin_desc (Petr Oros) [RHEL-86858]
- nvme-tcp: fix potential memory corruption in nvme_tcp_recv_pdu() (Chris Leech) [RHEL-86922] {CVE-2025-21927}
- scsi: storvsc: Set correct data length for sending SCSI command without payload (Cathy Avery) [RHEL-83216]
- smb: client: fix chmod(2) regression with ATTR_READONLY (Jan Stancek) [RHEL-82677]
- mm/hugetlb: fix hugepage allocation for interleaved memory nodes (CKI Backport Bot) [RHEL-85441]
Resolves: RHEL-82677, RHEL-83216, RHEL-83861, RHEL-85441, RHEL-86858, RHEL-86922, RHEL-87770
* Thu Apr 17 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.10.1.el10_0]
- net: mana: use ethtool string helpers (Maxim Levitsky) [RHEL-85943]
- net: mana: cleanup mana struct after debugfs_remove() (Maxim Levitsky) [RHEL-85943]
- net: mana: Cleanup "mana" debugfs dir after cleanup of all children (Maxim Levitsky) [RHEL-85943]
- net: mana: Fix irq_contexts memory leak in mana_gd_setup_irqs (Maxim Levitsky) [RHEL-85943]
- net: mana: Fix memory leak in mana_gd_setup_irqs (Maxim Levitsky) [RHEL-85943]
- net :mana :Request a V2 response version for MANA_QUERY_GF_STAT (Maxim Levitsky) [RHEL-85943]
- net: mana: Enable debugfs files for MANA device (Maxim Levitsky) [RHEL-85943]
- net: mana: Add get_link and get_link_ksettings in ethtool (Maxim Levitsky) [RHEL-85943]
- net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (Maxim Levitsky) [RHEL-85943]
- redhat: drop Y issues from changelog (Jan Stancek)
Resolves: RHEL-85943
* Tue Mar 25 2025 Jan Stancek <jstancek@redhat.com> [6.12.0-55.9.1.el10_0]
- af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK (Davide Caratti) [RHEL-80306] {CVE-2024-57901}
- redhat: kabi: update stablelist checksums (Čestmír Kalina) [RHEL-80552]

864
kernel.spec
View File

File diff suppressed because it is too large Load Diff

24
olkmod_signing_key.pem Normal file
View File

@ -0,0 +1,24 @@
-----BEGIN CERTIFICATE-----
MIIEETCCAvmgAwIBAgIJANw8y5k9b7SaMA0GCSqGSIb3DQEBCwUAMIGeMQswCQYD
VQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEXMBUGA1UEBwwOUmVkd29vZCBT
aG9yZXMxGzAZBgNVBAoMEk9yYWNsZSBDb3Jwb3JhdGlvbjEVMBMGA1UECwwMT3Jh
Y2xlIExpbnV4MS0wKwYDVQQDDCRPcmFjbGUgTGludXggUkhDSyBNb2R1bGUgU2ln
bmluZyBLZXkwHhcNMTYwNTA5MjMzNjA4WhcNMjYwNTA3MjMzNjA4WjCBnjELMAkG
A1UEBhMCVVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFzAVBgNVBAcMDlJlZHdvb2Qg
U2hvcmVzMRswGQYDVQQKDBJPcmFjbGUgQ29ycG9yYXRpb24xFTATBgNVBAsMDE9y
YWNsZSBMaW51eDEtMCsGA1UEAwwkT3JhY2xlIExpbnV4IFJIQ0sgTW9kdWxlIFNp
Z25pbmcgS2V5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6bUDNNZ
jIqgsqgspwBIQ18keDxQeGnWgubZZhHrQU3GpeSRPM4lNTHc+UjMjNXrv/CENZdv
4cETRsxT1VFhGG3CvkbQdzc8v4JOQvWSSJqmViPa1eC+yGaMRnGcFXzKsHiTLA4y
WMjpJnVowFkwTzscRBlN0AysUg/hT/74DE0oqVnlCJNynqccNWpx8MtNRD55ay9A
73yJinYES14rXcU3QbJoO0ZxtRz83ZACDUGX0GORT3+NbB0RK0sttogzA3eLvxKw
umWsWZAHmTuHdWgUjSqqZr34VNLPVcsTHAW8X4bq6rRVcB2lMJ3kJfDP8BJyTn99
37UmA+/ld47cnwIDAQABo1AwTjAdBgNVHQ4EFgQU3ZlbFVwZs6fD73cHuWniX5Y5
Zm4wHwYDVR0jBBgwFoAU3ZlbFVwZs6fD73cHuWniX5Y5Zm4wDAYDVR0TBAUwAwEB
/zANBgkqhkiG9w0BAQsFAAOCAQEAF7nfhWfsk4uEDquLj7nJE0wPlVvllVDugzOk
R15pnQ7P+HTyz3sLaLJE4N5oWt6pFzDGDYEtPeoMCn1l447tX179Nf5SMZba9ut8
3Vxbe7jAn9sQO7ArQR1swf1r101Me4+1oHq7rxPRizOOXrKeEvf5NSAUbSzzXfz6
TEp21KTIQO7MjqpsKshRQbpPeiReaYy3A6gJftun5xekP04QTLZVBR4dL7tvZf0S
y9SjVg158lONXHfjBekyYTzSFBn/7v+AS8S+cAGRfYteE0Syxl7zJt3GUoEWau/e
kXHT+hd/hkdSQKZZWZo1380M1pVZZAvntLRBU6IN9SswafhiVg==
-----END CERTIFICATE-----

35
olkmod_signing_key1.pem Normal file
View File

@ -0,0 +1,35 @@
-----BEGIN CERTIFICATE-----
MIIGBjCCA+6gAwIBAgIUf99zHRXkhhuQepjkXdIfz1kNGiwwDQYJKoZIhvcNAQEL
BQAwgZ4xKTAnBgNVBAMMIE9yYWNsZSBMaW51eCBEcml2ZXIgU2lnbmluZyBDQSAx
MQswCQYDVQQGEwJ1czEVMBMGA1UEBwwMUmVkd29vZCBDaXR5MRswGQYDVQQKDBJP
cmFjbGUgQ29ycG9yYXRpb24xGzAZBgNVBAsMEk9yYWNsZSBDb3Jwb3JhdGlvbjET
MBEGA1UECAwKQ2FsaWZvcm5pYTAeFw0yNTA1MDIwOTIzNDFaFw0zNjA0MTIyMTEw
MjlaMGcxLDAqBgNVBAMMI09yYWNsZSBMaW51eCBEcml2ZXIgU2lnbmluZyAoa2V5
IDEpMQswCQYDVQQGEwJ1czEVMBMGA1UEBwwMUmVkd29vZCBDaXR5MRMwEQYDVQQI
DApDYWxpZm9ybmlhMIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA5dMQ
z4EwgCYLrxJCYTn0H5yncdJREDgAgkne3nQAmtJjfcoKNqRxieK5j1KjloF3Qvjt
c5gITvjpne1UrHTodPF9qpJrFieDPb9+CMUGg/R/gk20PofKa5+DhTMyeIEpBOa7
P6/OdCGiwaGI85Js6JMnNX2YKerehKB44zVfiNmddn7T/3y2QFFNj3VH62tC4XNt
wZLCHnnO0JzOcZht5KA1JsITSLkT6/o//SZLpaNSAQkkanymdvszV5b0PDu4A0Fi
5Ch41Akset2kAlpRoRBaVVdNhqKDyzsGRFyzHD57EyyY4M6H3yh2T6SPPOTUOKgn
tcBfnFuijl2K/d87cnky1v1XzrvZqLzRz11ksLmZrUHZZ3PWfq2EndG8OiO4PdcF
sF4nd20yuUywW4nj5iZT5h6f8P06C62ILe+dJWNzpGm6JgyYvTnHoUXjoQR+TLs/
WY1l1N2uf3lc5rkof4g+Ckh/6uI1k5XfyHIzw8Z9wEOliUvHXq/8TVZ653IMmfC8
gIrIMNOXONMdG7ReTnsr9z7ckv/dYKbW1gWtyY8o92N3dLuYb8MpfvCHkVF5ItUR
52ay2wOQ1tDlfLUiU21yiglyW4rKanH6mrLd4mM8cphnPvRpZ9SM0qykwHrNqKOA
m9p0AwIf1zmUL6boX/Xd+6zM2HAXOPMS1EGjA6MCAwEAAaNyMHAwDAYDVR0TAQH/
BAIwADALBgNVHQ8EBAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwMwHQYDVR0OBBYE
FDUwOWM0ZjZkYmZjMGUyODhjOGM4MB8GA1UdIwQYMBaAFGM2NDkzM2I4OWUzNTYw
ZmVhNWQzMA0GCSqGSIb3DQEBCwUAA4ICAQAmZbUs5P2HGRHt4W/QhGyfxxa/Go8K
6a1VZlh71OURsbQ42ZDCfrYgw8LtDPqx7ySlUlkjDcc7ZvRh6RzLyn+ARIohhKNH
PpEzIpOGm5P4zqY9R36STRSgCDl9iCNlk8pGKzqEIT+aCaZUWF+7NcFgePFDuN9W
FX5tXhxEqqn8rmvGMQ3ZtodxIJb6ksKz6j/JWnuvcD4EgI1ykyc8MAtIm2/qVmPQ
IofwXo6yL6ygT5K7cMsrte4EbzrHvuhuz89RHDmwmgB6XmZCWBOGYrO7lza2Yx0C
/m4LcUHPW6XgrtkvIcLST90Ng9fp8EQl7Rp3med0K83kdwKUt7Ju9aPze049tuTQ
QoHsIHDgsExK4wXUayHNgNNr8lMFm42gTB2DqP9F/Ihq7YhIdfXbOsVdS38Il9+Y
8RWI87H+0mAxsv2RnaNkEbmd+2vY9j1ebHyblN59mxDEY+h3W7v402ay01Ia2Lnw
szOAPq6AKZdfi0nan6zunurwEGKGeF4+Gr42RlA0Pcu1ZltBQVuMhvkO1wKZ5vO6
MNR7swI0fH6VsyUms8wQbR85MCJg0MhpzRKw0g0Ka+c4nF1c4EmU4GaIbCNfzJy+
68wdJDHhX+sbD7+AJBQ9i6TmtbPIGKNDHh9cMIXs+jMRtia/ZCYEsOOO5B+xrawF
JuZ4rgQv9ghmhQ==
-----END CERTIFICATE-----

7
sources
View File

@ -1,7 +1,6 @@
SHA512 (fedoraimaca.x509) = e04809394f4472c17e86d7024dee34f03fb68e82a85502fd5b00535202c72e57626a8376b2cf991b7e1e46404aa5ab8d189ebf320e0dd37d49e7efbc925c7a2e
SHA512 (kernel-abi-stablelists-6.12.0-55.37.1.el10_0.tar.xz) = 6fee4a7489cd6ee6048a2299bb42052b0dad0f40d9edd6f9412286728ddc25e5fd491605c7f176284cce339660d0d2585c02e20b3460ebdef08152a70cb81c33
SHA512 (kernel-kabi-dw-6.12.0-55.37.1.el10_0.tar.xz) = 95e56376dcb6f68300626e83bc60ca36443866f04e600f0a3eeb459435ee1f1cc3287d578209d5c1522fa0cc3e5a0c7999d573e46c9070bc0001e49c9fb8f9aa
SHA512 (linux-6.12.0-55.37.1.el10_0.tar.xz) = 76d83cd7f97c3cc16ee9db023cc59e758c5a6cecddf6dd5594e1776327fb1c10de62ad38db0ed8d0e3c8075bb85626ee77d6d887563b4b92bc6d5d5ca6d2b753
SHA512 (kernel-abi-stablelists-6.12.0-55.38.1.el10_0.tar.xz) = 0bb942deb31811aa507e57c8a3b59e0a3f3155065ceb556dd5d669d4cdccad15de847f146148bcbab1177ddd9dc53aebfbc312c8f3e12c37492073c4c9029254
SHA512 (kernel-kabi-dw-6.12.0-55.38.1.el10_0.tar.xz) = f0421c45eef03b4ada447fb0bcc8ad994bf75ec01bf03816675fa01e71f32566aaaa4053a74dfe387df86a8ad0954717bbdea90e7ae31c345e44c4e3a00c5224
SHA512 (linux-6.12.0-55.38.1.el10_0.tar.xz) = 2115832b9106082ee500163f223d32165132ece86266f20ceef01e3acf53a51694d34f71803bd7f99de6c0ba3c66688c45fabc74e8aa1dff16370ab25e1d3c72
SHA512 (nvidiagpuoot001.x509) = b42f836e1cfa07890cb6ca13de9c3950e306c9ec7686c4c09f050bb68869f5d82962b2cd5f3aa0eb7a0f3a3ae54e9c480eafbac5df53aa92c295ff511a8c59fe
SHA512 (olima1.x509) = 123c26c1d698cc8523845c6e1103b9c72abf855acd225d37baf1f3388a47f912166d6d786fb367fe46de39e011b586ad7f3963aa2e8923da30a6ea9ae0d76ad3
SHA512 (olimaca1.x509) = 3a779415fad29d6f7250ec97ab1f0a5eb62c351b724feee06b22e17f065bf74a558f32cc524d3222c4485635ae5b9cd5287855c94010fe743b51a4d954340c4c

6
x509.genkey.rhel
View File

@ -5,9 +5,9 @@ prompt = no
x509_extensions = myexts
[ req_distinguished_name ]
O = Red Hat
CN = Red Hat Enterprise Linux kernel signing key
emailAddress = secalert@redhat.com
O = Oracle America, Inc.,c=US
CN = Oracle CA Server
emailAddress = support@oracle.com
[ myexts ]
basicConstraints=critical,CA:FALSE