From 5bdbf03a1e83ca22a2af27f2bd00d6f522cd188a Mon Sep 17 00:00:00 2001 From: AlmaLinux RelEng Bot Date: Mon, 22 Jun 2026 06:37:38 -0400 Subject: [PATCH] import CS git kernel-4.18.0-553.137.1.el8_10 --- .gitignore | 2 +- .kernel.metadata | 6 +++--- SPECS/kernel.spec | 20 ++++++++++++++++++-- 3 files changed, 22 insertions(+), 6 deletions(-) diff --git a/.gitignore b/.gitignore index 4ef0825..8d8b45c 100644 --- a/.gitignore +++ b/.gitignore @@ -2,7 +2,7 @@ SOURCES/centossecureboot201.cer SOURCES/centossecurebootca2.cer SOURCES/kernel-abi-stablelists-4.18.0-553.tar.bz2 SOURCES/kernel-kabi-dw-4.18.0-553.tar.bz2 -SOURCES/linux-4.18.0-553.136.1.el8_10.tar.xz +SOURCES/linux-4.18.0-553.137.1.el8_10.tar.xz SOURCES/redhatsecureboot302.cer SOURCES/redhatsecureboot303.cer SOURCES/redhatsecureboot501.cer diff --git a/.kernel.metadata b/.kernel.metadata index 1ce3a87..13aa5ba 100644 --- a/.kernel.metadata +++ b/.kernel.metadata @@ -1,8 +1,8 @@ 2ba40bf9138b48311e5aa1b737b7f0a8ad66066f SOURCES/centossecureboot201.cer bfdb3d7cffc43f579655af5155d50c08671d95e5 SOURCES/centossecurebootca2.cer -a5326803e0dbf4c80d7f51725008c49be53e103c SOURCES/kernel-abi-stablelists-4.18.0-553.tar.bz2 -cea2a2edb1e0c93be150cba27929ad19acf709c3 SOURCES/kernel-kabi-dw-4.18.0-553.tar.bz2 -8b8aeeb1d7548da0c52c160339589bcdd50ab930 SOURCES/linux-4.18.0-553.136.1.el8_10.tar.xz +bb7d4bbbd1393e2b627aab61aaa91391ad242d4c SOURCES/kernel-abi-stablelists-4.18.0-553.tar.bz2 +fe101aded575c0f2888b021e9575ff8bf2b2bcbd SOURCES/kernel-kabi-dw-4.18.0-553.tar.bz2 +7d1942313819f9a71a4d327c7a71758d2114f901 SOURCES/linux-4.18.0-553.137.1.el8_10.tar.xz 13e5cd3f856b472fde80a4deb75f4c18dfb5b255 SOURCES/redhatsecureboot302.cer e89890ca0ded2f9058651cc5fa838b78db2e6cc2 SOURCES/redhatsecureboot303.cer ba0b760e594ff668ee72ae348adf3e49b97f75fb SOURCES/redhatsecureboot501.cer diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec index 9f0c20f..53ff208 100644 --- a/SPECS/kernel.spec +++ b/SPECS/kernel.spec @@ -38,10 +38,10 @@ # define buildid .local %define specversion 4.18.0 -%define pkgrelease 553.136.1.el8_10 +%define pkgrelease 553.137.1.el8_10 # allow pkg_release to have configurable %%{?dist} tag -%define specrelease 553.136.1%{?dist} +%define specrelease 553.137.1%{?dist} %define pkg_release %{specrelease}%{?buildid} @@ -2707,6 +2707,22 @@ fi # # %changelog +* Fri Jun 19 2026 CKI KWF Bot [4.18.0-553.137.1.el8_10] +- selinux: RHEL-only hotfix for execmem regression (Ondrej Mosnacek) [RHEL-179435] {CVE-2026-46054} +- selinux: fix overlayfs mmap() and mprotect() access checks (Ondrej Mosnacek) [RHEL-179435] {CVE-2026-46054} +- lsm: add backing_file LSM hooks (Ondrej Mosnacek) [RHEL-179435] {CVE-2026-46054} +- fs: prepare for adding LSM blob to backing_file (Ondrej Mosnacek) [RHEL-179435] {CVE-2026-46054} +- perf/core: Fix MMAP event path names with backing files (Ondrej Mosnacek) [RHEL-179435] +- fs: constify file ptr in backing_file accessor helpers (Ondrej Mosnacek) [RHEL-179435] {CVE-2026-46054} +- ovl: Fix nested backing file paths (Ondrej Mosnacek) [RHEL-179435] +- fs: store real path instead of fake path in backing file f_path (Ondrej Mosnacek) [RHEL-179435] +- fs: create helper file_user_path() for user displayed mapped file path (Ondrej Mosnacek) [RHEL-179435] +- fs: get mnt_writers count for an open backing file's real path (Ondrej Mosnacek) [RHEL-179435] +- fs: move cleanup from init_file() into its callers (Ondrej Mosnacek) [RHEL-179435] +- fs: use backing_file container for internal files with "fake" f_path (Ondrej Mosnacek) [RHEL-179435] +- fs: move kmem_cache_zalloc() into alloc_empty_file*() helpers (Ondrej Mosnacek) [RHEL-179435] +- ovl: pass layer mnt to ovl_open_realfile() (Ondrej Mosnacek) [RHEL-179435] + * Thu Jun 18 2026 CKI KWF Bot [4.18.0-553.136.1.el8_10] - net/sched: fix pedit partial COW leading to page cache corruption (Ivan Vecera) [RHEL-177582] {CVE-2026-46331} - net/sched: act_pedit: free pedit keys on bail from offset check (Ivan Vecera) [RHEL-177582] {CVE-2026-46331}