From 9a5bec281dc96ddee7b44aab2534f23df8c42217 Mon Sep 17 00:00:00 2001
From: Denys Vlasenko <dvlasenk@redhat.com>
Date: Mon, 4 Aug 2025 13:24:56 +0200
Subject: [PATCH] kernel-4.18.0-553.68.1.el8_10

* Mon Aug 04 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.68.1.el8_10]
- ipv6: mcast: extend RCU protection in igmp6_send() (Hangbin Liu) [RHEL-102392] {CVE-2025-21759}
- md/md-bitmap: move bitmap_{start, end}write to md upper layer (Nigel Croxon) [RHEL-57991]
- md/raid5: implement pers->bitmap_sector() (Nigel Croxon) [RHEL-57991]
- md: add a new callback pers->bitmap_sector() (Nigel Croxon) [RHEL-57991]
- md/md-bitmap: remove the last parameter for bimtap_ops->endwrite() (Nigel Croxon) [RHEL-57991]
- md/md-bitmap: factor behind write counters out from bitmap_{start/end}write() (Nigel Croxon) [RHEL-57991]
- md/raid5: recheck if reshape has finished with device_lock held (Nigel Croxon) [RHEL-57991]
- md/md-linear: enable io accounting (Nigel Croxon) [RHEL-59928]
- md/md-multipath: enable io accounting (Nigel Croxon) [RHEL-59928]
- md/raid10: switch to use md_account_bio() for io accounting (Nigel Croxon) [RHEL-59928]
- md/raid1: switch to use md_account_bio() for io accounting (Nigel Croxon) [RHEL-59928]
- raid5: fix missing io accounting in raid5_align_endio() (Nigel Croxon) [RHEL-59928]
- md: also clone new io if io accounting is disabled (Nigel Croxon) [RHEL-59928]
- sch_cbq: make cbq_qlen_notify() idempotent (Ivan Vecera) [RHEL-93376]
- net/sched: Always pass notifications when child class becomes empty (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_htb: make htb_deactivate() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_qfq: make qfq_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_drr: make drr_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_htb: make htb_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- can: peak_usb: fix use after free bugs (CKI Backport Bot) [RHEL-99447] {CVE-2021-47670}
- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (CKI Backport Bot) [RHEL-103141] {CVE-2025-38159}
- net/ipv6: release expired exception dst cached in socket (Guillaume Nault) [RHEL-105794] {CVE-2024-56644}
Resolves: RHEL-102392, RHEL-103141, RHEL-105794, RHEL-57991, RHEL-59928, RHEL-93376, RHEL-99447

Signed-off-by: Denys Vlasenko <dvlasenk@redhat.com>
---
 kernel.spec | 29 +++++++++++++++++++++++++++--
 sources     |  4 ++--
 2 files changed, 29 insertions(+), 4 deletions(-)

diff --git a/kernel.spec b/kernel.spec
index db2351e39..b1c40038d 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -38,10 +38,10 @@
 # define buildid .local
 
 %define specversion 4.18.0
-%define pkgrelease 553.67.1.el8_10
+%define pkgrelease 553.68.1.el8_10
 
 # allow pkg_release to have configurable %%{?dist} tag
-%define specrelease 553.67.1%{?dist}
+%define specrelease 553.68.1%{?dist}
 
 %define pkg_release %{specrelease}%{?buildid}
 
@@ -2705,6 +2705,31 @@ fi
 #
 #
 %changelog
+* Mon Aug 04 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.68.1.el8_10]
+- ipv6: mcast: extend RCU protection in igmp6_send() (Hangbin Liu) [RHEL-102392] {CVE-2025-21759}
+- md/md-bitmap: move bitmap_{start, end}write to md upper layer (Nigel Croxon) [RHEL-57991]
+- md/raid5: implement pers->bitmap_sector() (Nigel Croxon) [RHEL-57991]
+- md: add a new callback pers->bitmap_sector() (Nigel Croxon) [RHEL-57991]
+- md/md-bitmap: remove the last parameter for bimtap_ops->endwrite() (Nigel Croxon) [RHEL-57991]
+- md/md-bitmap: factor behind write counters out from bitmap_{start/end}write() (Nigel Croxon) [RHEL-57991]
+- md/raid5: recheck if reshape has finished with device_lock held (Nigel Croxon) [RHEL-57991]
+- md/md-linear: enable io accounting (Nigel Croxon) [RHEL-59928]
+- md/md-multipath: enable io accounting (Nigel Croxon) [RHEL-59928]
+- md/raid10: switch to use md_account_bio() for io accounting (Nigel Croxon) [RHEL-59928]
+- md/raid1: switch to use md_account_bio() for io accounting (Nigel Croxon) [RHEL-59928]
+- raid5: fix missing io accounting in raid5_align_endio() (Nigel Croxon) [RHEL-59928]
+- md: also clone new io if io accounting is disabled (Nigel Croxon) [RHEL-59928]
+- sch_cbq: make cbq_qlen_notify() idempotent (Ivan Vecera) [RHEL-93376]
+- net/sched: Always pass notifications when child class becomes empty (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
+- sch_htb: make htb_deactivate() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
+- codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
+- sch_qfq: make qfq_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
+- sch_drr: make drr_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
+- sch_htb: make htb_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
+- can: peak_usb: fix use after free bugs (CKI Backport Bot) [RHEL-99447] {CVE-2021-47670}
+- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (CKI Backport Bot) [RHEL-103141] {CVE-2025-38159}
+- net/ipv6: release expired exception dst cached in socket (Guillaume Nault) [RHEL-105794] {CVE-2024-56644}
+
 * Thu Jul 31 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.67.1.el8_10]
 - mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (Rafael Aquini) [RHEL-101233] {CVE-2025-38085}
 - mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma (Rafael Aquini) [RHEL-101233] {CVE-2025-38085}
diff --git a/sources b/sources
index 56a2c2a0c..f66b42947 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
-SHA512 (linux-4.18.0-553.67.1.el8_10.tar.xz) = ea674a7a6e956dbf2530489a63ac900b88accc4b5e916d4c068fc53a113c26dbedbb963841e5ca865356a4ba3348ab50acad8a9f6eed96e0810ca6b06c4796bd
-SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = 659fc9e01d070175b29b643de6ba5e7ab0e6c29643cef042702af222deef16402fa8aa8b59f0808e9228011a974d1e612e1e94f8f34c7708e3173e01daa27949
+SHA512 (linux-4.18.0-553.68.1.el8_10.tar.xz) = 9c81827467d8f5b4b4c649d5112671194bd70ca1a6a15f89d2e82b9c6fa91551052f769a2487ce3a7c2247c59c9ae210b6a6b419ac6f58af2669659209f47814
+SHA512 (kernel-abi-stablelists-4.18.0-553.tar.bz2) = 20ddf4ce4efd1e4299456a7c050a80999daa59b9d4db3c4f6c7f57bea45743f1abfc43f8bf2686b59920071df94627795310d762f2be62150b6d52d9b5a05f51
 SHA512 (kernel-kabi-dw-4.18.0-553.tar.bz2) = 79a9788af0c183f670166700354b6a188c176427a6230b8bfaa2cfdc6a4daa1418bbee98d80b7f6b3195043eeef1ffa6782d03b5a1733b65a90c22f66684941f