From 95d698d60cf309e783126a7360aed9b2e26463a1 Mon Sep 17 00:00:00 2001 From: CKI KWF Bot Date: Tue, 30 Jun 2026 11:24:31 +0000 Subject: [PATCH] kernel-5.14.0-720.el9 * Tue Jun 30 2026 CKI KWF Bot [5.14.0-720.el9] - KVM: s390: Add capability that forwards operation exceptions (Christoph Schlameuss) [RHEL-136478] - KVM: s390: Add KVM capability for ESA mode guests (Mircea Dragan) [RHEL-136478] - KVM: s390: vsie: Allow non-zarch guests (Mircea Dragan) [RHEL-136478] - KVM: s390: vsie: Accommodate ESA prefix pages (Mircea Dragan) [RHEL-136478] - KVM: s390: vsie: Disable some bits when in ESA mode (Mircea Dragan) [RHEL-136478] - KVM: s390: only deliver service interrupt with payload (Mircea Dragan) [RHEL-136478] - KVM: s390: vsie: retry SIE when unable to get vsie_page (Mircea Dragan) [RHEL-136478] - KVM: s390: vsie: Check alignment of BSCA header (Mircea Dragan) [RHEL-136478] - net/sched: fix pedit partial COW leading to page cache corruption (Ivan Vecera) [RHEL-177395] {CVE-2026-46331} - KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry (CKI Backport Bot) [RHEL-183964] {CVE-2026-46316} - sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (CKI Backport Bot) [RHEL-179859] {CVE-2026-46227} - kallsyms/bpf: rename __bpf_address_lookup() to bpf_address_lookup() (Anubhav Shelat) [RHEL-164306] - kallsyms: clean up modname and modbuildid initialization in kallsyms_lookup_buildid() (Anubhav Shelat) [RHEL-164306] - net: atm: fix crash due to unvalidated vcc pointer in sigd_send() (CKI Backport Bot) [RHEL-167748] {CVE-2026-31411} Resolves: RHEL-136478, RHEL-164306, RHEL-167748, RHEL-177395, RHEL-179859, RHEL-183964 Signed-off-by: CKI KWF Bot --- Makefile.rhelver | 2 +- kernel.changelog | 17 +++++++++++++++++ kernel.spec | 24 ++++++++++++++++++++---- sources | 6 +++--- 4 files changed, 41 insertions(+), 8 deletions(-) diff --git a/Makefile.rhelver b/Makefile.rhelver index f5173e357..da4a2adeb 100644 --- a/Makefile.rhelver +++ b/Makefile.rhelver @@ -12,7 +12,7 @@ RHEL_MINOR = 9 # # Use this spot to avoid future merge conflicts. # Do not trim this comment. -RHEL_RELEASE = 719 +RHEL_RELEASE = 720 # # ZSTREAM diff --git a/kernel.changelog b/kernel.changelog index c9dd319a3..9ef243ec5 100644 --- a/kernel.changelog +++ b/kernel.changelog @@ -1,3 +1,20 @@ +* Tue Jun 30 2026 CKI KWF Bot [5.14.0-720.el9] +- KVM: s390: Add capability that forwards operation exceptions (Christoph Schlameuss) [RHEL-136478] +- KVM: s390: Add KVM capability for ESA mode guests (Mircea Dragan) [RHEL-136478] +- KVM: s390: vsie: Allow non-zarch guests (Mircea Dragan) [RHEL-136478] +- KVM: s390: vsie: Accommodate ESA prefix pages (Mircea Dragan) [RHEL-136478] +- KVM: s390: vsie: Disable some bits when in ESA mode (Mircea Dragan) [RHEL-136478] +- KVM: s390: only deliver service interrupt with payload (Mircea Dragan) [RHEL-136478] +- KVM: s390: vsie: retry SIE when unable to get vsie_page (Mircea Dragan) [RHEL-136478] +- KVM: s390: vsie: Check alignment of BSCA header (Mircea Dragan) [RHEL-136478] +- net/sched: fix pedit partial COW leading to page cache corruption (Ivan Vecera) [RHEL-177395] {CVE-2026-46331} +- KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry (CKI Backport Bot) [RHEL-183964] {CVE-2026-46316} +- sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (CKI Backport Bot) [RHEL-179859] {CVE-2026-46227} +- kallsyms/bpf: rename __bpf_address_lookup() to bpf_address_lookup() (Anubhav Shelat) [RHEL-164306] +- kallsyms: clean up modname and modbuildid initialization in kallsyms_lookup_buildid() (Anubhav Shelat) [RHEL-164306] +- net: atm: fix crash due to unvalidated vcc pointer in sigd_send() (CKI Backport Bot) [RHEL-167748] {CVE-2026-31411} +Resolves: RHEL-136478, RHEL-164306, RHEL-167748, RHEL-177395, RHEL-179859, RHEL-183964 + * Mon Jun 29 2026 CKI KWF Bot [5.14.0-719.el9] - redhat: sign centos kernel and UKIs with 800 certs (Jan Stancek) [RHEL-186905] - crypto: tegra - Return ENOMEM when input buffer allocation fails for ccm (Vladislav Dronov) [RHEL-182565] diff --git a/kernel.spec b/kernel.spec index 2d88294d0..606c685d4 100644 --- a/kernel.spec +++ b/kernel.spec @@ -176,15 +176,15 @@ Summary: The Linux kernel # define buildid .local %define specversion 5.14.0 %define patchversion 5.14 -%define pkgrelease 719 +%define pkgrelease 720 %define kversion 5 -%define tarfile_release 5.14.0-719.el9 +%define tarfile_release 5.14.0-720.el9 # This is needed to do merge window version magic %define patchlevel 14 # This allows pkg_release to have configurable %%{?dist} tag -%define specrelease 719%{?buildid}%{?dist} +%define specrelease 720%{?buildid}%{?dist} # This defines the kabi tarball version -%define kabiversion 5.14.0-719.el9 +%define kabiversion 5.14.0-720.el9 # # End of genspec.sh variables @@ -3753,6 +3753,22 @@ fi # # %changelog +* Tue Jun 30 2026 CKI KWF Bot [5.14.0-720.el9] +- KVM: s390: Add capability that forwards operation exceptions (Christoph Schlameuss) [RHEL-136478] +- KVM: s390: Add KVM capability for ESA mode guests (Mircea Dragan) [RHEL-136478] +- KVM: s390: vsie: Allow non-zarch guests (Mircea Dragan) [RHEL-136478] +- KVM: s390: vsie: Accommodate ESA prefix pages (Mircea Dragan) [RHEL-136478] +- KVM: s390: vsie: Disable some bits when in ESA mode (Mircea Dragan) [RHEL-136478] +- KVM: s390: only deliver service interrupt with payload (Mircea Dragan) [RHEL-136478] +- KVM: s390: vsie: retry SIE when unable to get vsie_page (Mircea Dragan) [RHEL-136478] +- KVM: s390: vsie: Check alignment of BSCA header (Mircea Dragan) [RHEL-136478] +- net/sched: fix pedit partial COW leading to page cache corruption (Ivan Vecera) [RHEL-177395] {CVE-2026-46331} +- KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry (CKI Backport Bot) [RHEL-183964] {CVE-2026-46316} +- sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (CKI Backport Bot) [RHEL-179859] {CVE-2026-46227} +- kallsyms/bpf: rename __bpf_address_lookup() to bpf_address_lookup() (Anubhav Shelat) [RHEL-164306] +- kallsyms: clean up modname and modbuildid initialization in kallsyms_lookup_buildid() (Anubhav Shelat) [RHEL-164306] +- net: atm: fix crash due to unvalidated vcc pointer in sigd_send() (CKI Backport Bot) [RHEL-167748] {CVE-2026-31411} + * Mon Jun 29 2026 CKI KWF Bot [5.14.0-719.el9] - redhat: sign centos kernel and UKIs with 800 certs (Jan Stancek) [RHEL-186905] - crypto: tegra - Return ENOMEM when input buffer allocation fails for ccm (Vladislav Dronov) [RHEL-182565] diff --git a/sources b/sources index b2d14cefa..af0d1b0ae 100644 --- a/sources +++ b/sources @@ -1,3 +1,3 @@ -SHA512 (linux-5.14.0-719.el9.tar.xz) = df457aa92bfcd30f96f96b409828adda8a9eec954672faa1fcd70f64c17bb7ee64b84cfa1d6647cedd6e0cf21bc3d956db8eb4f487420211004732845dfd4d78 -SHA512 (kernel-abi-stablelists-5.14.0-719.el9.tar.bz2) = 25a70ff0a6a901d0699001094c9635e001d1ea8a74ef6ce2cf819acec41c3bce0367166e4f50d0098acc54f9f0035b41bcb4ffa7689f2343b56b148caa474de4 -SHA512 (kernel-kabi-dw-5.14.0-719.el9.tar.bz2) = 2d8dbb0a356bf58c6e001a9578d8ce7de97c1f465df9cae43d0465be085de3e783d79971b6b1bbb11ea9a5eef13578fb2c16b76dbf1213d25c79544f24ff1143 +SHA512 (linux-5.14.0-720.el9.tar.xz) = 0b7aeac124233ef44755ca578b488b512c9a02a21f18b36030b42d488922dbf4190e938bd7d60182a6a71f9fe881b03e276e535f970ac3a3e2336497633a4bc9 +SHA512 (kernel-abi-stablelists-5.14.0-720.el9.tar.bz2) = 4bba55b1c78038ec405398dfaa0ef56eccd24822f27c02787d7c021f4babcc93286fd47b0432f53f61b37952292bb77a8d83078b28e93dadef22c78a5f5a7b55 +SHA512 (kernel-kabi-dw-5.14.0-720.el9.tar.bz2) = 242e02484a8ed544b0375d2bd178ece26b07f791220b45d81a9ec158a2db432a4258647eacfaa8e2b1a60524562c4e5d2f7e1ebcc151385ad37729bcf6ff41f1