rpms/kernel
9
4
Fork 6
Code Issues Pull Requests Releases Activity
The Linux kernel
57 Commits 47 Branches 904 Tags 1.1 GiB
Shell 48.8%
C 41.1%
Python 10.1%
08f074dc92
Go to file
Andrew Lukoshko 08f074dc92 Bump version to 5.14.0-687.5.3 and add Dirty Frag + ptrace fixes 
Apply on a9-beta the same four local patches that were carried on
the a9 branch until upstream landed them via the CKI Backport Bot
in 5.14.0-611.55.1.el9_7. Blobs imported verbatim from a9 history:

  1100-xfrm-esp-avoid-in-place-decrypt-shared-skb-frags.patch
    CVE-2026-43284 -- el9 backport of upstream f4c50a4034e6.
  1101-rxrpc-linearize-paged-frags.patch
    CVE-2026-43500.
  1102-net-skbuff-propagate-shared-frag-marker.patch
    CVE-2026-46300 ("Fragnesia") -- v3 sibling to the xfrm/esp fix,
    propagates SKBFL_SHARED_FRAG through __pskb_copy_fclone(),
    skb_try_coalesce(), skb_shift(), skb_gro_receive() and
    skb_gro_receive_list().
  1103-ptrace-require-cap-on-mm-less-task.patch
    CVE-2026-46333; kABI-safe replacement for upstream 31e62c2ebbfd
    which would alter task_struct.

All four verified to apply with `patch -p1 -F0` against the
5.14.0-687.5.1.el9_8 source tree (offsets only, no fuzz, no
rejects). Release bumped 687.5.1 -> 687.5.3 with a single new
changelog stanza.
2026-05-19 17:53:35 +00:00
SOURCES Bump version to 5.14.0-687.5.3 and add Dirty Frag + ptrace fixes 2026-05-19 17:53:35 +00:00
SPECS Bump version to 5.14.0-687.5.3 and add Dirty Frag + ptrace fixes 2026-05-19 17:53:35 +00:00
.gitignore import CS kernel-5.14.0-687.5.1.el9_8 2026-04-14 21:11:57 +00:00
.kernel.metadata import CS kernel-5.14.0-687.5.1.el9_8 2026-04-14 21:11:57 +00:00