From 8ced754fdfaa468ffdffff52faa5cc8e3ac01db3 Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <dvlasenk@redhat.com>
Date: Thu, 17 Oct 2024 19:16:21 +0200
Subject: [PATCH] kernel-4.18.0-553.27.1.el8_10

* Thu Oct 17 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.27.1.el8_10]
- lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (Waiman Long) [RHEL-62139] {CVE-2024-47668}
- bonding: fix xfrm real_dev null pointer dereference (Hangbin Liu) [RHEL-57239] {CVE-2024-44989}
- bonding: fix null pointer deref in bond_ipsec_offload_ok (Hangbin Liu) [RHEL-57233] {CVE-2024-44990}
- bpf: Fix overrunning reservations in ringbuf (Viktor Malik) [RHEL-49414] {CVE-2024-41009}
- xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CKI Backport Bot) [RHEL-49309] {CVE-2022-48773}
- tty: tty_io: update timestamps on all device nodes (Aristeu Rozanski) [RHEL-55257]
- tty: use 64-bit timstamp (Aristeu Rozanski) [RHEL-55257]
- ELF: fix kernel.randomize_va_space double read (Rafael Aquini) [RHEL-60669] {CVE-2024-46826}
- xfrm: set dst dev to blackhole_netdev instead of loopback_dev in ifdown (Xin Long) [RHEL-58100]
- loopback: fix lockdep splat (Xin Long) [RHEL-58100]
- blackhole_netdev: use blackhole_netdev to invalidate dst entries (Xin Long) [RHEL-58100]
- loopback: create blackhole net device similar to loopack. (Xin Long) [RHEL-58100]
Resolves: RHEL-49309, RHEL-49414, RHEL-55257, RHEL-57233, RHEL-57239, RHEL-58100, RHEL-60669, RHEL-62139

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
---
 kernel.spec | 18 ++++++++++++++++--
 sources     |  4 ++--
 2 files changed, 18 insertions(+), 4 deletions(-)

diff --git a/kernel.spec b/kernel.spec
index e335c95bb..baf47ff8f 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -38,10 +38,10 @@
 # define buildid .local
 
 %define specversion 4.18.0
-%define pkgrelease 553.26.1.el8_10
+%define pkgrelease 553.27.1.el8_10
 
 # allow pkg_release to have configurable %%{?dist} tag
-%define specrelease 553.26.1%{?dist}
+%define specrelease 553.27.1%{?dist}
 
 %define pkg_release %{specrelease}%{?buildid}
 
@@ -2696,6 +2696,20 @@ fi
 #
 #
 %changelog
+* Thu Oct 17 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.27.1.el8_10]
+- lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (Waiman Long) [RHEL-62139] {CVE-2024-47668}
+- bonding: fix xfrm real_dev null pointer dereference (Hangbin Liu) [RHEL-57239] {CVE-2024-44989}
+- bonding: fix null pointer deref in bond_ipsec_offload_ok (Hangbin Liu) [RHEL-57233] {CVE-2024-44990}
+- bpf: Fix overrunning reservations in ringbuf (Viktor Malik) [RHEL-49414] {CVE-2024-41009}
+- xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create (CKI Backport Bot) [RHEL-49309] {CVE-2022-48773}
+- tty: tty_io: update timestamps on all device nodes (Aristeu Rozanski) [RHEL-55257]
+- tty: use 64-bit timstamp (Aristeu Rozanski) [RHEL-55257]
+- ELF: fix kernel.randomize_va_space double read (Rafael Aquini) [RHEL-60669] {CVE-2024-46826}
+- xfrm: set dst dev to blackhole_netdev instead of loopback_dev in ifdown (Xin Long) [RHEL-58100]
+- loopback: fix lockdep splat (Xin Long) [RHEL-58100]
+- blackhole_netdev: use blackhole_netdev to invalidate dst entries (Xin Long) [RHEL-58100]
+- loopback: create blackhole net device similar to loopack. (Xin Long) [RHEL-58100]
+
 * Wed Oct 09 2024 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.26.1.el8_10]
 - nouveau: lock the client object tree. (Abdiel Janulgue) [RHEL-35118] {CVE-2024-27062}
 - cifs: fix deadlock between reconnect and lease break (Paulo Alcantara) [RHEL-58037]
diff --git a/sources b/sources
index 195fde473..6eb596399 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
-SHA512 (linux-4.18.0-553.26.1.el8_10.tar.xz) = 500617aff15055e72de39c1dd8175d0293c31d453b59d27daac8c5967037c5b25e777f155ca366a67cbba1a5b544cc57589e0791bcca387ab549f827ba2d1576
-SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = e0fa8058da162474c32db56ed996d7704ab55ee8da7fd4e1c7608cbb3b5336da80fe01d10ef0af51c03491cfcbaa2b408dcfb30c0a5f2227859487f91438b735
+SHA512 (linux-4.18.0-553.27.1.el8_10.tar.xz) = 84ff193761ebf620f8b64e626cb716b78d395361f58c825dd7839ea45f781e91c97083c01be3462c6d4125fc76249d758fc7284f752d62f65e493d68fbf2daf0
+SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = cbd22d0f1051f34f2c7d62306e2cebb34139e7ef27cebccc645e3b668a385eea12f0c1e0d9b59a9da06451c82ca9520d711687fea10863756375fa138e3f78f5
 SHA512 (kernel-kabi-dw-4.18.0-553.tar.bz2) = 8a671ed3c9b7f4b25fd4e594b62bc4a26474cb705d3ed22ca376618b3c7962fc72ace1ffd02c9c3a192d9d2c449d38228809542d7f16ebad16f8127020eb2faf