From e79403de8597abbcac6508af0542bbf9fa1a2416 Mon Sep 17 00:00:00 2001
From: CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com>
Date: Wed, 27 May 2026 08:22:51 +0000
Subject: [PATCH] kernel-5.14.0-710.el9

* Wed May 27 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-710.el9]
- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (Abhi Das) [RHEL-171801] {CVE-2025-38653}
- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172166]
- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172166]
Resolves: RHEL-171801, RHEL-172166

Signed-off-by: CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com>
---
 Makefile.rhelver |  2 +-
 kernel.changelog |  8 ++++++++
 kernel.spec      | 15 +++++++++++----
 sources          |  6 +++---
 4 files changed, 23 insertions(+), 8 deletions(-)

diff --git a/Makefile.rhelver b/Makefile.rhelver
index a52265ad7..bc27377f6 100644
--- a/Makefile.rhelver
+++ b/Makefile.rhelver
@@ -12,7 +12,7 @@ RHEL_MINOR = 9
 #
 # Use this spot to avoid future merge conflicts.
 # Do not trim this comment.
-RHEL_RELEASE = 709
+RHEL_RELEASE = 710
 
 #
 # ZSTREAM
diff --git a/kernel.changelog b/kernel.changelog
index d5fca6bad..8e3fea5b3 100644
--- a/kernel.changelog
+++ b/kernel.changelog
@@ -1,3 +1,11 @@
+* Wed May 27 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-710.el9]
+- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-171801] {CVE-2025-38653}
+- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-171801] {CVE-2025-38653}
+- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (Abhi Das) [RHEL-171801] {CVE-2025-38653}
+- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172166]
+- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172166]
+Resolves: RHEL-171801, RHEL-172166
+
 * Mon May 25 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-709.el9]
 - netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173885] {CVE-2026-43116}
 - xfs: fix remote xattr valuelblk check (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
diff --git a/kernel.spec b/kernel.spec
index 84a8b9bae..52b906530 100644
--- a/kernel.spec
+++ b/kernel.spec
@@ -176,15 +176,15 @@ Summary: The Linux kernel
 # define buildid .local
 %define specversion 5.14.0
 %define patchversion 5.14
-%define pkgrelease 709
+%define pkgrelease 710
 %define kversion 5
-%define tarfile_release 5.14.0-709.el9
+%define tarfile_release 5.14.0-710.el9
 # This is needed to do merge window version magic
 %define patchlevel 14
 # This allows pkg_release to have configurable %%{?dist} tag
-%define specrelease 709%{?buildid}%{?dist}
+%define specrelease 710%{?buildid}%{?dist}
 # This defines the kabi tarball version
-%define kabiversion 5.14.0-709.el9
+%define kabiversion 5.14.0-710.el9
 
 #
 # End of genspec.sh variables
@@ -3753,6 +3753,13 @@ fi
 #
 #
 %changelog
+* Wed May 27 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-710.el9]
+- proc: fix type confusion in pde_set_flags() (Abhi Das) [RHEL-171801] {CVE-2025-38653}
+- proc: fix missing pde_set_flags() for net proc files (Abhi Das) [RHEL-171801] {CVE-2025-38653}
+- proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al (Abhi Das) [RHEL-171801] {CVE-2025-38653}
+- crypto: authenc - Correctly pass EINPROGRESS back up to the caller (Vladislav Dronov) [RHEL-172166]
+- crypto: authenc - Fix sleep in atomic context in decrypt_tail (Vladislav Dronov) [RHEL-172166]
+
 * Mon May 25 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-709.el9]
 - netfilter: ctnetlink: ensure safe access to master conntrack (Florian Westphal) [RHEL-173885] {CVE-2026-43116}
 - xfs: fix remote xattr valuelblk check (CKI Backport Bot) [RHEL-174056] {CVE-2026-43158}
diff --git a/sources b/sources
index 8cabdbfde..cc7d0b9ff 100644
--- a/sources
+++ b/sources
@@ -1,3 +1,3 @@
-SHA512 (linux-5.14.0-709.el9.tar.xz) = e28e0933111a1e91f75386baed7ae12a1ba5546378a8b7458d56b67598bad2b4326f10124d55e7bfeee717c0845cfae500d236d53c3886155a5d16eb2237861b
-SHA512 (kernel-abi-stablelists-5.14.0-709.el9.tar.bz2) = 01aeaa638f39325d2d10c531d643bba3376957af59dbcff66690593f665b5597463a8e0474ac358cc66c398bf3ce35ebaae13b73a105871e9d7dddfdd39e6602
-SHA512 (kernel-kabi-dw-5.14.0-709.el9.tar.bz2) = 40f7ce5d685881006a85260eace7c8c306222aad2633404336e6b055de9d715f3d3e6db9cd4db65cf90b2cc3101f3e4fa3749503856d28cf65346bccf98997be
+SHA512 (linux-5.14.0-710.el9.tar.xz) = 4d1884e8d957dc0a507d7b71ea4ad874e7b9602176ee91defaaf2b53a991271648735e52453a1573187a4334b8105eb1da0f8691d1374b587d93c128f4423d68
+SHA512 (kernel-abi-stablelists-5.14.0-710.el9.tar.bz2) = 3e0ce33f9579445358b60e782cf97a5cbb7d6bb20ac495fdf56bb1c59c4c010194198f0bf18867ce506d473493e069324075ff6c1de2043a3e019188c1c1b862
+SHA512 (kernel-kabi-dw-5.14.0-710.el9.tar.bz2) = 418b8db9aa33bd3a41107ab7fbd9850ff1c2045b8eb838b764988160a9a4335c17a6b464277a3638c973a00da0b01dfcbb193686df4ac87d73c2a2df505f7b60