Kernel, XFSProgs, Microcode_CTL, and more for Oracle Linux

Oracle Linux 6315 Published One week ago by Philipp Esselbach

News

ELBA-2025-20228 Oracle Linux 9 Unbreakable Enterprise kernel bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-20228

http://linux.oracle.com/errata/ELBA-2025-20228.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-6.12.0-0.20.20.el9uek.x86_64.rpm
kernel-uek-core-6.12.0-0.20.20.el9uek.x86_64.rpm
kernel-uek-debug-6.12.0-0.20.20.el9uek.x86_64.rpm
kernel-uek-debug-core-6.12.0-0.20.20.el9uek.x86_64.rpm
kernel-uek-debug-devel-6.12.0-0.20.20.el9uek.x86_64.rpm
kernel-uek-debug-modules-6.12.0-0.20.20.el9uek.x86_64.rpm
kernel-uek-debug-modules-core-6.12.0-0.20.20.el9uek.x86_64.rpm
kernel-uek-debug-modules-deprecated-6.12.0-0.20.20.el9uek.x86_64.rpm
kernel-uek-debug-modules-desktop-6.12.0-0.20.20.el9uek.x86_64.rpm
kernel-uek-debug-modules-extra-6.12.0-0.20.20.el9uek.x86_64.rpm
kernel-uek-debug-modules-extra-netfilter-6.12.0-0.20.20.el9uek.x86_64.rpm
kernel-uek-debug-modules-usb-6.12.0-0.20.20.el9uek.x86_64.rpm
kernel-uek-debug-modules-wireless-6.12.0-0.20.20.el9uek.x86_64.rpm
kernel-uek-devel-6.12.0-0.20.20.el9uek.x86_64.rpm
kernel-uek-doc-6.12.0-0.20.20.el9uek.noarch.rpm
kernel-uek-modules-6.12.0-0.20.20.el9uek.x86_64.rpm
kernel-uek-modules-core-6.12.0-0.20.20.el9uek.x86_64.rpm
kernel-uek-modules-deprecated-6.12.0-0.20.20.el9uek.x86_64.rpm
kernel-uek-modules-desktop-6.12.0-0.20.20.el9uek.x86_64.rpm
kernel-uek-modules-extra-6.12.0-0.20.20.el9uek.x86_64.rpm
kernel-uek-modules-extra-netfilter-6.12.0-0.20.20.el9uek.x86_64.rpm
kernel-uek-modules-usb-6.12.0-0.20.20.el9uek.x86_64.rpm
kernel-uek-modules-wireless-6.12.0-0.20.20.el9uek.x86_64.rpm

aarch64:
kernel-uek-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek-core-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek-debug-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek-debug-core-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek-debug-devel-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek-debug-modules-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek-debug-modules-core-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek-debug-modules-deprecated-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek-debug-modules-desktop-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek-debug-modules-extra-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek-debug-modules-extra-netfilter-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek-debug-modules-usb-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek-debug-modules-wireless-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek-devel-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek-modules-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek-modules-extra-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek-modules-core-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek-modules-deprecated-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek-modules-desktop-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek-modules-extra-netfilter-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek-modules-usb-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek-modules-wireless-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek64k-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek64k-core-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek64k-modules-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek64k-modules-core-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek64k-modules-deprecated-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek64k-modules-desktop-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek64k-modules-extra-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek64k-modules-extra-netfilter-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek64k-modules-usb-6.12.0-0.20.20.el9uek.aarch64.rpm
kernel-uek64k-modules-wireless-6.12.0-0.20.20.el9uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kernel-uek-6.12.0-0.20.20.el9uek.src.rpm

Description of changes:

[6.12.0-0.20.20]
- block: prevent calls to should_fail_bio() optimized by gcc (Prasad Singamsetty) [Orabug: 37782458]

[6.12.0-0.20.19]
- uek-rpm: switch to new secureboot certificates and upgrade shim (Samasth Norway Ananda) [Orabug: 37764000]
- rds: ib: Fix racy send affinity work cancellation (Hakon Bugge) [Orabug: 37607468]
- uek: kabi: Update kABI files and enable the kABI checker (Yifei Liu) [Orabug: 37670742]
- rds: ib: Do not attempt to insert RDMA exthdr twice (Hakon Bugge) [Orabug: 37688884]
- RDMA/cma: Fix workqueue crash in cma_netevent_work_handler (Sharath Srinivasan) [Orabug: 37712584]
- perf probe: Improve log for long event name failure (Leo Yan) [Orabug: 37752600]
- perf probe: Check group string length (Leo Yan) [Orabug: 37752600]
- perf probe: Use the MAX_EVENT_NAME_LEN macro (Leo Yan) [Orabug: 37752600]
- uek-rpm: install the perf exec dir (Stephen Brennan) [Orabug: 37757733]
- uek: kabi: add kABI padding to struct module in include/linux/module.h (Sherry Yang) [Orabug: 37762627]
- Revert uek: kabi: add kABI padding to include/uapi/linux/perf_event.h (Yifei Liu) [Orabug: 37740310]
- Move the padding location to be prior to frags[MAX_SKB_FRAGS] (Yifei Liu) [Orabug: 37734888]
- uek: kabi: add kABI padding to napi_struct in include/linux/netdevice.h (Yifei Liu) [Orabug: 37734849]
- perf dso: fix dso__is_kallsyms() check (Stephen Brennan) [Orabug: 37724378]
- uek-rpm: use find instead of ls for removing modules (Harshit Mogalapalli) [Orabug: 37721662]
- Special case SHM_HUGETLB allocation using mlock ulimit (Prakash Sangappa) [Orabug: 37704635]
- uek-rpm: update firmware dependency to latest .38 version (Samasth Norway Ananda) [Orabug: 37693355]
- rds: ib: Make traffic_class visible to user-space (Hakon Bugge) [Orabug: 37617864]
- rds: ib: Remove incorrect update of the path record sl and qos_class fields (Hakon Bugge) [Orabug: 37617864]
- Revert rds: ib: Make sure receives are posted before connection is up (Gerd Rausch) [Orabug: 37577031]
- mm: lru: add VM_WARN_ON_ONCE_FOLIO to lru maintenance function (Muchun Song) [Orabug: 37405594]
- mm: memcontrol: use obj_cgroup APIs to charge the LRU pages (Muchun Song) [Orabug: 37405594]
- mm: memcontrol: introduce memcg_reparent_ops (Muchun Song) [Orabug: 37405594]
- mm: memcontrol: make all the callers of {folio,page}_memcg() safe (Muchun Song) [Orabug: 37405594]
- mm: thp: make split queue lock safe when LRU pages are reparented (Muchun Song) [Orabug: 37405594]
- mm: vmscan: rework move_pages_to_lru() (Muchun Song) [Orabug: 37405594]
- mm: memcontrol: make lruvec lock safe when LRU pages are reparented (Muchun Song) [Orabug: 37405594]
- mm: memcontrol: prepare objcg API for non-kmem usage (Muchun Song) [Orabug: 37405594]
- mm: rename unlock_page_lruvec{_irq, _irqrestore} to lruvec_unlock{_irq, _irqrestore} (Muchun Song) [Orabug: 37405594]
- mm: memcontrol: remove dead code and comments (Muchun Song) [Orabug: 37405594]

[6.12.0-0.20.18]
- LTS version: v6.12.20 (Jack Vogel)
- fs/netfs/read_collect: add to next->prev_donated (Max Kellermann)
- HID: apple: disable Fn key handling on the Omoton KB066 (Alex Henrie)
- nvme-fc: rely on state transitions to handle connectivity loss (Daniel Wagner)
- Bluetooth: L2CAP: Fix corrupted list in hci_chan_del (Luiz Augusto von Dentz)
- tools/sched_ext: Add helper to check task migration state (Andrea Righi)
- sched_ext: selftests/dsp_local_on: Fix selftest on UP systems (Andrea Righi)
- smb: client: Fix match_session bug preventing session reuse (Henrique Carvalho)
- smb3: add support for IAKerb (Steve French)
- mm/hugetlb: wait for hugetlb folios to be freed (Ge Yang)
- i2c: sis630: Fix an error handling path in sis630_probe() (Christophe JAILLET)
- i2c: ali15x3: Fix an error handling path in ali15x3_probe() (Christophe JAILLET)
- i2c: ali1535: Fix an error handling path in ali1535_probe() (Christophe JAILLET)
- x86/vmware: Parse MP tables for SEV-SNP enabled guests under VMware hypervisors (Ajay Kaher)
- cifs: Fix integer overflow while processing closetimeo mount option (Murad Masimov)
- cifs: Fix integer overflow while processing actimeo mount option (Murad Masimov)
- cifs: Fix integer overflow while processing acdirmax mount option (Murad Masimov)
- cifs: Fix integer overflow while processing acregmax mount option (Murad Masimov)
- block: change blk_mq_add_to_batch() third argument type to bool (Shinichiro Kawasaki)
- scripts: generate_rust_analyzer: add uapi crate (Tamir Duberstein)
- scripts: generate_rust_analyzer: add missing include_dirs (Tamir Duberstein)
- scripts: generate_rust_analyzer: add missing macros deps (Tamir Duberstein)
- drm/i915: Increase I915_PARAM_MMAP_GTT_VERSION version to indicate support for partial mmaps (Jose Roberto de Souza)
- ASoC: codecs: wm0010: Fix error handling path in wm0010_spi_probe() (Christophe JAILLET)
- nvme: move error logging from nvme_end_req() to __nvme_end_req() (Shinichiro Kawasaki)
- drm/xe/pm: Temporarily disable D3Cold on BMG (Rodrigo Vivi)
- drm/xe/userptr: Fix an incorrect assert (Thomas Hellstrom)
- drm/xe: Release guc ids before cancelling work (Tejas Upadhyay)
- drm/xe: cancel pending job timer before freeing scheduler (Tejas Upadhyay)
- ASoC: rt722-sdca: add missing readable registers (Bard Liao)
- rust: init: add missing newline to pr_info! calls (Alban Kurti)
- ASoC: cs42l43: Fix maximum ADC Volume (Charles Keepax)
- drm/gma500: Add NULL check for pci_gfx_root in mid_get_vbt_data() (Ivan Abramov)
- rust: error: add missing newline to pr_warn! calls (Alban Kurti)
- ASoC: ops: Consistently treat platform_max as control value (Charles Keepax)
- sched_ext: Validate prev_cpu in scx_bpf_select_cpu_dfl() (Andrea Righi)
- net: phy: nxp-c45-tja11xx: add TJA112XB SGMII PCS restart errata (Andrei Botila)
- net: phy: nxp-c45-tja11xx: add TJA112X PHY configuration errata (Andrei Botila)
- smb: client: fix regression with guest option (Paulo Alcantara)
- qlcnic: fix memory leak issues in qlcnic_sriov_common.c (Haoxiang Li)
- Fix mmu notifiers for range-based invalidates (Piotr Jaroszynski)
- arm64: mm: Populate vmemmap at the page level if not section aligned (Zhenhua Huang)
- dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature (Kent Overstreet)
- netmem: prevent TX of unreadable skbs (Mina Almasry)
- ASoC: amd: yc: Support mic on another Lenovo ThinkPad E16 Gen 2 model (Thomas Mizrahi)
- ASoC: Intel: sof_sdw: Fix unlikely uninitialized variable use in create_sdw_dailinks() (Peter Ujfalusi)
- clk: samsung: gs101: fix synchronous external abort in samsung_clk_save() (Peter Griffin)
- clk: samsung: update PLL locktime for PLL142XX used on FSD platform (Varada Pavani)
- ksmbd: prevent connection release during oplock break notification (Namjae Jeon)
- ksmbd: fix use-after-free in ksmbd_free_work_struct (Namjae Jeon)
- drm/amd/display: Fix slab-use-after-free on hdcp_work (Mario Limonciello)
- drm/amd/display: Assign normalized_pix_clk when color depth = 14 (Alex Hung)
- drm/amd/display: Restore correct backlight brightness after a GPU reset (Mario Limonciello)
- drm/amd/display: fix missing .is_two_pixels_per_container (Aliaksei Urbanski)
- drm/amd/display: fix default brightness (Mario Limonciello)
- drm/amd/display: Disable unneeded hpd interrupts during dm_init (Leo Li)
- drm/amdgpu/display: Allow DCC for video formats on GFX12 (David Rosca)
- drm/amd/amdkfd: Evict all queues even HWS remove queue failed (Yifan Zha)
- drm/amdgpu: NULL-check BOs backing store when determining GFX12 PTE flags (Natalie Vock)
- drm/dp_mst: Fix locking when skipping CSN before topology probing (Imre Deak)
- drm/atomic: Filter out redundant DPMS calls (Ville Syrjala)
- drm/panic: fix overindented list items in documentation (Miguel Ojeda)
- drm/panic: use div_ceil to clean Clippy warning (Miguel Ojeda)
- drm/i915/cdclk: Do cdclk post plane programming later (Ville Syrjala)
- spi: microchip-core: prevent RX overflows when transmit size > FIFO size (Conor Dooley)
- x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes (Florent Revest)
- rust: init: fix Zeroable implementation for Option and Option (Benno Lossin)
- rust: Disallow BTF generation with Rust + LTO (Matthew Maurer)
- rust: alloc: satisfy POSIX alignment requirement (Tamir Duberstein)
- rust: remove leftover mentions of the alloc crate (Miguel Ojeda)
- rust: lockdep: Remove support for dynamically allocated LockClassKeys (Mitchell Levy)
- USB: serial: option: match on interface class for Telit FN990B (Johan Hovold)
- USB: serial: option: fix Telit Cinterion FE990A name (Fabio Porcedda)
- USB: serial: option: add Telit Cinterion FE990B compositions (Fabio Porcedda)
- USB: serial: ftdi_sio: add support for Altera USB Blaster 3 (Boon Khai Ng)
- Input: i8042 - swap old quirk combination with new quirk for more devices (Werner Sembach)
- Input: i8042 - swap old quirk combination with new quirk for several devices (Werner Sembach)
- Input: i8042 - add required quirks for missing old boardnames (Werner Sembach)
- Input: i8042 - swap old quirk combination with new quirk for NHxxRZQ (Werner Sembach)
- Input: xpad - rename QH controller to Legion Go S (Antheas Kapenekakis)
- Input: xpad - add support for TECNO Pocket Go (Antheas Kapenekakis)
- Input: xpad - add support for ZOTAC Gaming Zone (Antheas Kapenekakis)
- Input: xpad - add multiple supported devices (Pavel Rojtberg)
- Input: xpad - add 8BitDo SN30 Pro, Hyperkin X91 and Gamesir G7 SE controllers (Nilton Perim Neto)
- Input: iqs7222 - preserve system status register (Jeff LaBundy)
- Input: ads7846 - fix gpiod allocation (H. Nikolaus Schaller)
- Input: goodix-berlin - fix vddio regulator references (Luca Weiss)
- cifs: Throw -EOPNOTSUPP error on unsupported reparse point type from parse_reparse_point() (Pali Rohar)
- cifs: Validate content of WSL reparse point buffers (Pali Rohar)
- vhost: return task creation error instead of NULL (Keith Busch)
- block: fix kmem_cache of name bio-108 already exists (Ming Lei)
- net: Handle napi_schedule() calls from non-interrupt (Frederic Weisbecker)
- drm/nouveau: Do not override forced connector status (Thomas Zimmermann)
- mptcp: safety check before fallback (Matthieu Baerts (NGI0))
- perf/x86/rapl: Add support for Intel Arrow Lake U (Aaron Ma)
- x86/irq: Define trace events conditionally (Arnd Bergmann)
- x86/of: Dont use DTB for SMP setup if ACPI is enabled (Dmytro Maluka)
- perf/x86/intel: Use better start period for frequency mode (Kan Liang)
- drm/vkms: Round fixp2int conversion in lerp_u16 (Harry Wentland)
- ASoC: SOF: Intel: dont check number of sdw links when set dmic_fixup (Bard Liao)
- ASoC: dapm-graph: set fill colour of turned on nodes (Nicolas Frattaroli)
- fuse: dont truncate cached, mutated symlink (Miklos Szeredi)
- ASoC: tas2764: Set the SDOUT polarity correctly (Hector Martin)
- ASoC: tas2764: Fix power control mask (Hector Martin)
- ASoC: tas2770: Fix volume scale (Hector Martin)
- phy: ti: gmii-sel: Do not use syscon helper to build regmap (Andrew Davis)
- nvme: only allow entering LIVE from CONNECTING state (Daniel Wagner)
- sctp: Fix undefined behavior in left shift operation (Yu-Chun Lin)
- cifs: Treat unhandled directory name surrogate reparse points as mount directory nodes (Pali Rohar)
- apple-nvme: Release power domains when probe fails (Hector Martin)
- nvmet-rdma: recheck queue state is LIVE in state lock in recv done (Ruozhu Li)
- nvme-pci: quirk Acer FA100 for non-uniqueue identifiers (Christopher Lentocha)
- io-wq: backoff when retrying worker creation (Uday Shankar)
- net: wwan: mhi_wwan_mbim: Silence sequence number glitch errors (Stephan Gerhold)
- ASoC: SOF: amd: Handle IPC replies before FW_BOOT_COMPLETE (Cristian Ciocaltea)
- ASoC: SOF: amd: Add post_fw_run_delay ACP quirk (Cristian Ciocaltea)
- ALSA: hda: hda-intel: add Panther Lake-H support (Pierre-Louis Bossart)
- ASoC: SOF: Intel: pci-ptl: Add support for PTL-H (Peter Ujfalusi)
- ALSA: hda: intel-dsp-config: Add PTL-H support (Pierre-Louis Bossart)
- PCI: pci_ids: add INTEL_HDA_PTL_H (Pierre-Louis Bossart)
- ASoC: SOF: Intel: hda: add softdep pre to snd-hda-codec-hdmi module (Terry Cheong)
- ASoC: arizona/madera: use fsleep() in up/down DAPM event delays. (Vitaly Rodionov)
- ASoC: rsnd: adjust convert rate limitation (Kuninori Morimoto)
- ASoC: rsnd: dont indicate warning on rsnd_kctrl_accept_runtime() (Kuninori Morimoto)
- ASoC: rsnd: indicate unsupported clock rate (Kuninori Morimoto)
- ALSA: hda/realtek: Limit mic boost on Positivo ARN50 (Edson Juliano Drosdeck)
- ASoC: simple-card-utils.c: add missing dlc->of_node (Kuninori Morimoto)
- ASoC: Intel: soc-acpi-intel-mtl-match: declare adr as ull (Bard Liao)
- ASoC: Intel: sof_sdw: Add quirk for Asus Zenbook S14 (Richard Fitzgerald)
- ASoC: Intel: sof_sdw: Add lookup of quirk using PCI subsystem ID (Richard Fitzgerald)
- selftests/bpf: Fix invalid flag of recv() (Jiayuan Chen)
- drm/tests: hdmi: Fix recursive locking (Maxime Ripard)
- drm/tests: hdmi: Reorder DRM entities variables assignment (Maxime Ripard)
- drm/tests: hdmi: Remove redundant assignments (Maxime Ripard)
- Bluetooth: L2CAP: Fix slab-use-after-free Read in l2cap_send_cmd (Luiz Augusto von Dentz)
- Xen/swiotlb: mark xen_swiotlb_fixup() __init (Jan Beulich)
- arm64: amu: Delay allocating cpumask for AMU FIE support (Beata Michalska)
- LoongArch: KVM: Set host with kernel mode when switch to VM mode (Bibo Mao)
- LoongArch: Fix kernel_page_present() for KPRANGE/XKPRANGE (Huacai Chen)
- thermal/cpufreq_cooling: Remove structure member documentation (Daniel Lezcano)
- s390/cio: Fix CHPID configure attribute caching (Peter Oberparleiter)
- platform/x86: int3472: Call reset GPIO enable for INT347E (Sakari Ailus)
- platform/x86: int3472: Use correct type for polarity, call it gpio_flags (Sakari Ailus)
- platform/x86: thinkpad_acpi: Support for V9 DYTC platform profiles (Mark Pearson)
- platform/x86: thinkpad_acpi: Fix invalid fan speed on ThinkPad X120e (Sybil Isabel Dorsett)
- sched: Clarify wake_up_q()s write to task->wake_q.next (Jann Horn)
- objtool: Ignore dangling jump table entries (Josh Poimboeuf)
- btrfs: fix two misuses of folio_shift() (Matthew Wilcox (Oracle))
- HID: apple: fix up the F6 key on the Omoton KB066 keyboard (Alex Henrie)
- HID: hid-apple: Apple Magic Keyboard a3203 USB-C support (Ievgen Vovk)
- selftests/cgroup: use bash in test_cpuset_v1_hp.sh (Bharadwaj Raju)
- HID: topre: Fix n-key rollover on Realforce R3S TKL boards (Daniel Brackenbury)
- HID: intel-ish-hid: ipc: Add Panther Lake PCI device IDs (Zhang Lixu)
- usb: phy: generic: Use proper helper for property detection (Alexander Stein)
- HID: hid-steam: Fix issues with disabling both gamepad mode and lizard mode (Vicki Pfau)
- HID: ignore non-functional sensor in HP 5MP Camera (Chia-Lin Kao (AceLan))
- HID: intel-ish-hid: Send clock sync message immediately after reset (Zhang Lixu)
- HID: intel-ish-hid: fix the length of MNG_SYNC_FW_CLOCK in doorbell (Zhang Lixu)
- sched_ext: selftests/dsp_local_on: Fix sporadic failures (Tejun Heo)
- selftests: always check mask returned by statmount(2) (Miklos Szeredi)
- vboxsf: fix building with GCC 15 (Brahmajit Das)
- alpha/elf: Fix misc/setarch test of util-linux by removing 32bit support (Eric W. Biederman)
- smb: client: fix noisy when tree connecting to DFS interlink targets (Paulo Alcantara)
- ACPI: resource: IRQ override for Eluktronics MECH-17 (Gannon Kolding)
- scsi: qla1280: Fix kernel oops when debug level > 2 (Magnus Lindholm)
- scsi: ufs: core: Fix error return with query response (Seunghui Lee)
- scsi: core: Use GFP_NOIO to avoid circular locking dependency (Rik van Riel)
- drm/amd/display: Fix out-of-bound accesses (Alex Hung)
- platform/x86/intel: pmc: fix ltr decode in pmc_core_ltr_show() (Dmitry Kandybka)
- sched/debug: Provide slice length for fair tasks (Christian Loehle)
- iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic() (Chengen Du)
- futex: Pass in task to futex_queue() (Jens Axboe)
- btrfs: avoid starting new transaction when cleaning qgroup during subvolume drop (Filipe Manana)
- powercap: call put_device() on an error path in powercap_register_control_type() (Joe Hattori)
- hrtimers: Mark is_migration_base() with __always_inline (Andy Shevchenko)
- nvme-fc: do not ignore connectivity loss during connecting (Daniel Wagner)
- nvme-fc: go straight to connecting state when initializing (Daniel Wagner)
- net/mlx5e: Prevent bridge link show failure for non-eswitch-allowed devices (Carolina Jubran)
- net/mlx5: Bridge, fix the crash caused by LAG state check (Jianbo Liu)
- net/mlx5: Lag, Check shared fdb before creating MultiPort E-Switch (Shay Drory)
- net/mlx5: Fix incorrect IRQ pool usage when releasing IRQs (Shay Drory)
- net/mlx5: HWS, Rightsize bwc matcher priority (Vlad Dogaru)
- Revert openvswitch: switch to per-action label counting in conntrack (Xin Long)
- net: openvswitch: remove misbehaving actions length check (Ilya Maximets)
- gre: Fix IPv6 link-local address generation. (Guillaume Nault)
- netfilter: nft_exthdr: fix offset with ipv4_find_option() (Alexey Kashavkin)
- net_sched: Prevent creation of classes with TC_H_ROOT (Cong Wang)
- ipvs: prevent integer overflow in do_ip_vs_get_ctl() (Dan Carpenter)
- netfilter: nf_conncount: Fully initialize struct nf_conncount_tuple in insert_tree() (Kohei Enju)
- rtase: Fix improper release of ring list entries in rtase_sw_reset (Justin Lai)
- selftests: bonding: fix incorrect mac address (Hangbin Liu)
- bonding: fix incorrect MAC address setting to receive NS messages (Hangbin Liu)
- net: mctp: unshare packets when reassembling (Matt Johnston)
- net: switchdev: Convert blocking notification chain to a raw one (Amit Cohen)
- eth: bnxt: fix memory leak in queue reset (Taehee Yoo)
- bnxt_en: handle tpa_info in queue API implementation (David Wei)
- bnxt_en: refactor tpa_info alloc/free into helpers (David Wei)
- eth: bnxt: use page pool for head frags (Jakub Kicinski)
- eth: bnxt: fix kernel panic in the bnxt_get_queue_stats{rx | tx} (Taehee Yoo)
- eth: bnxt: do not update checksum in bnxt_xdp_build_skb() (Taehee Yoo)
- eth: bnxt: do not use BNXT_VNIC_NTUPLE unconditionally in queue restart logic (Taehee Yoo)
- eth: bnxt: return fail if interface is down in bnxt_queue_mem_alloc() (Taehee Yoo)
- eth: bnxt: fix truesize for mb-xdp-pass case (Taehee Yoo)
- net/mlx5: handle errors in mlx5_chains_create_table() (Wentao Liang)
- Drivers: hv: vmbus: Dont release fb_mmio resource in vmbus_free_mmio() (Michael Kelley)
- fbdev: hyperv_fb: Allow graceful removal of framebuffer (Saurabh Sengar)
- fbdev: hyperv_fb: Simplify hvfb_putmem (Saurabh Sengar)
- fbdev: hyperv_fb: Fix hang in kdump kernel when on Hyper-V Gen 2 VMs (Michael Kelley)
- drm/hyperv: Fix address space leak when Hyper-V DRM device is removed (Michael Kelley)
- netpoll: hold rcu read lock in __netpoll_send_skb() (Breno Leitao)
- net: mctp i2c: Copy headers if cloned (Matt Johnston)
- net: mctp i3c: Copy headers if cloned (Matt Johnston)
- net: dsa: mv88e6xxx: Verify after ATU Load ops (Joseph Huang)
- net/mlx5: Fill out devlink dev info only for PFs (Jiri Pirko)
- Revert Bluetooth: hci_core: Fix sleeping function called from invalid context (Luiz Augusto von Dentz)
- Bluetooth: hci_event: Fix enabling passive scanning (Luiz Augusto von Dentz)
- wifi: cfg80211: cancel wiphy_work before freeing wiphy (Miri Korenblit)
- wifi: mac80211: dont queue sdata::work for a non-running sdata (Miri Korenblit)
- wifi: iwlwifi: mvm: fix PNVM timeout for non-MSI-X platforms (Emmanuel Grumbach)
- sched: address a potential NULL pointer dereference in the GRED scheduler. (Jun Yang)
- netfilter: nf_tables: make destruction work queue pernet (Florian Westphal)
- netfilter: nf_conncount: garbage collection is not skipped when jiffies wrap around (Nicklas Bo Jensen)
- ice: Fix switchdev slow-path in LAG (Marcin Szycik)
- ice: fix memory leak in aRFS after reset (Grzegorz Nitka)
- ice: do not configure destination override for switchdev (Larysa Zaremba)
- netfilter: nft_ct: Use __refcount_inc() for per-CPU nft_ct_pcpu_template. (Sebastian Andrzej Siewior)
- pinctrl: nuvoton: npcm8xx: Add NULL check in npcm8xx_gpio_fw (Charles Han)
- pinctrl: bcm281xx: Fix incorrect regmap max_registers value (Artur Weber)
- fbdev: hyperv_fb: iounmap() the correct memory when removing a device (Michael Kelley)
- userfaultfd: fix PTE unmapping stack-allocated PTE copies (Suren Baghdasaryan)
- mm: fix kernel BUG when userfaultfd_move encounters swapcache (Barry Song)
- mm/slab/kvfree_rcu: Switch to WQ_MEM_RECLAIM wq (Uladzislau Rezki (Sony))

[6.12.0-0.19.17]
- rds/ib: avoid scq/rcq polling during rds connection shutdown (Arumugam Kolappan) [Orabug: 37440575]
- uek: kabi: add kABI padding to include/net/page_pool/types.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to nclude/linux/skbuff.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/linux/ethtool.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/net/tcp.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/net/sch_generic.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/linux/netlink.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/linux/inetdevice.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/linux/ipv6.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/linux/net.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/linux/netdevice.h and include/linux/netdev_rx_queue.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/linux/netfilter/x_tables.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/net/dcbnl.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/net/devlink.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/net/dst.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/net/dst_ops.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/net/fib_rules.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/net/flow.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/net/genetlink.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/net/inet_hashtables.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/net/ip6_fib.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/net/ip_tunnels.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/net/l3mdev.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/net/lwtunnel.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/net/neighbour.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/net/netns/xfrm.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/net/rtnetlink.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/net/sch_generic.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/net/sock.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/net/switchdev.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/net/tls.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/net/xdp.h (Yifei Liu) [Orabug: 37681321]
- uek: kabi: add kABI padding to include/net/xfrm.h (Yifei Liu) [Orabug: 37681321]
- UEK8 kABI padding addition for include/linux/swap.h (Anthony Yznaga) [Orabug: 37688615]
- UEK8 kABI padding addition for include/linux/dma-buf.h (Anthony Yznaga) [Orabug: 37688615]
- UEK8 kABI padding addition for include/linux/dma-map_ops.h (Anthony Yznaga) [Orabug: 37688615]
- UEK8 kABI padding addition for include/linux/memremap.h (Anthony Yznaga) [Orabug: 37688615]
- UEK8 kABI padding addition for include/linux/mm_types.h (Anthony Yznaga) [Orabug: 37688615]
- UEK8 kABI padding addition for include/linux/mmu_notifier.h (Anthony Yznaga) [Orabug: 37688615]
- UEK8 kABI padding addition for include/linux/mmzone.h (Anthony Yznaga) [Orabug: 37688615]
- UEK8 kABI padding addition for include/linux/user_namespace.h (Anthony Yznaga) [Orabug: 37688615]
- uek: kabi: add paddings in different domains (Saeed Mirzamohammadi) [Orabug: 37704304]
- uek: kabi: add kABI padding to data structures in include/net/udp_tunnel.h (Qing Huang) [Orabug: 37704599]
- uek: kabi: add kABI padding to data structures in include/linux/phy.h (Qing Huang) [Orabug: 37704599]
- block: make sure ->nr_integrity_segments is cloned in blk_rq_prep_clone (Ming Lei) [Orabug: 37705235]
- uek: kabi: add kABI padding to data structures in net/core/dev.h (Qing Huang) [Orabug: 37729381]
- uek: kabi: add kABI padding to data structures in include/net/xdp.h (Qing Huang) [Orabug: 37729381]
- Update README with UEK Text Description (Somasundaram Krishnasamy) [Orabug: 37577134]

ELBA-2025-20225 Oracle Linux 9 xfsprogs bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-20225

http://linux.oracle.com/errata/ELBA-2025-20225.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
xfsprogs-6.12.0-1.0.1.el9.i686.rpm
xfsprogs-6.12.0-1.0.1.el9.x86_64.rpm
xfsprogs-devel-6.12.0-1.0.1.el9.i686.rpm
xfsprogs-devel-6.12.0-1.0.1.el9.x86_64.rpm
xfsprogs-xfs_scrub-6.12.0-1.0.1.el9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//xfsprogs-6.12.0-1.0.1.el9.src.rpm

Description of changes:

[6.12.0-1.0.1]
- Add mkfs configuration files for OL.
- Add mkfs.xmem script.
- Enable background online fsck services by default. Users must set autofsck=1 on their filesystems.
- Rebase atop latest upstream.

[6.11.0-1]
- Update to the latest upstream version
- Related: rhbz#2319902

[6.10.1-1]
- Update to latest upstream version
- Fix C++ compilation errors in xfs_fs.h
- Related: rhbz#2309693, rhbz#2308609

ELBA-2025-20224 Oracle Linux 9 libbpf bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-20224

http://linux.oracle.com/errata/ELBA-2025-20224.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
libbpf-1.5.0-2.0.1.el9.x86_64.rpm
libbpf-devel-1.5.0-2.0.1.el9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//libbpf-1.5.0-2.0.1.el9.src.rpm

Description of changes:

[2:1.5.0-2.0.1]
- Modify specific kernel-headers dependency, tarball naming [Orabug: 36062915]

[2:1.5.0-2]
- Rebase to released RHEL 10 Beta kernel
- Resolves: RHEL-36077

[2:1.5.0-1]
- Rebase to upstream kernel 6.10
- keep FD_CLOEXEC flag when dup()'ing FD
- Resolves: RHEL-37631

[2:1.4.0-3]
- Bump release for June 2024 mass rebuild

[2:1.4.0-1]
- Rebuild from latest RHEL 10.0 Beta source tree
- Resolves: RHEL-30627

[2:1.2.0-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild

[2:1.2.0-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild

[2:1.2.0-1]
- release 1.2.0-1

[2:1.1.0-4]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild

[2:1.1.0-3]
- Migrate license to SPDX

[2:1.1.0-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild

[2:1.1.0-1]
- release 1.1.0-1

ELBA-2025-20223 Oracle Linux 9 microcode_ctl bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-20223

http://linux.oracle.com/errata/ELBA-2025-20223.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
microcode_ctl-20240910-1.0.2.el9_5.noarch.rpm
microcode_ctl-20240910-1.0.2.el9_5.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//microcode_ctl-20240910-1.0.2.el9_5.src.rpm

Description of changes:

[4:20240910-1.0.2]
- enable use with ueknext and UEK8 kernels

[4:20240910-1.0.1]
- don't bother calling dracut if virtualized [Orabug: 35710094]
- ensure UEK also rebuilds initramfs [Orabug: 34280058]
- add support for UEK7 kernels
- enable early update for 06-4f-01
- remove no longer appropriate caveats for 06-2d-07 and 06-55-04
- enable early and late load on RHCK

[4:20240910-1]
- Update Intel CPU microcode to microcode-20240910 release, addresses
- Addresses CVE-2024-23984, CVE-2024-24853, CVE-2024-24968, CVE-2024-24980,
CVE-2024-25939 (RHEL-58057):
- Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in
intel-06-8c-01/intel-ucode/06-8c-01) from revision 0xb6 up to 0xb8;
- Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xf4 up
to 0xf6;
- Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xf4 up
to 0xf6;
- Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xf4 up
to 0xf6;
- Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xf4 up
to 0xf6;
- Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)
microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from
revision 0xfa up to 0xfc;
- Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xf6 up
to 0xf8;
- Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xf4 up
to 0xf6;
- Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xf6 up
to 0xf8;
- Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xfc up
to 0x100;
- Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision
0x5003605 up to 0x5003707;
- Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x7002802
up to 0x7002904;
- Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003d1
up to 0xd0003e7;
- Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000290
up to 0x10002b0;
- Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xc4
up to 0xc6;
- Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x36 up
to 0x38;
- Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x50 up
to 0x52;
- Update of 06-96-01/0x01 (EHL B1) microcode from revision 0x19 up
to 0x1a;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision
0x35 up to 0x36;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-97-02) from revision 0x35 up to 0x36;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x35 up to 0x36;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x35 up to 0x36;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-97-05) from revision 0x35 up to 0x36;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x35
up to 0x36;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x35 up to 0x36;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x35 up to 0x36;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision
0x433 up to 0x434;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in
intel-ucode/06-9a-03) from revision 0x433 up to 0x434;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
intel-ucode/06-9a-04) from revision 0x433 up to 0x434;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x433
up to 0x434;
- Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xfa up
to 0xfc;
- Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xfa
up to 0xfc;
- Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xfa
up to 0xfc;
- Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xfa
up to 0xfe;
- Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode from revision
0xfa up to 0xfc;
- Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x5e up
to 0x62;
- Update of 06-aa-04/0xe6 (MTL-H/U C0) microcode from revision 0x1c
up to 0x1f;
- Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x123 up
to 0x129;
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision
0x4121 up to 0x4122;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-02) from revision 0x4121 up to 0x4122;
- Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) from
revision 0x4121 up to 0x4122;
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-03) from revision 0x4121 up to 0x4122;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4121
up to 0x4122;
- Update of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) from
revision 0x4121 up to 0x4122;
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-08) from revision 0x4121 up to 0x4122;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-08) from revision 0x4121 up to 0x4122;
- Update of 06-ba-08/0xe0 microcode from revision 0x4121 up to 0x4122;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-02) from revision 0x35 up to 0x36;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-02) from revision 0x35 up to 0x36;
- Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x35 up
to 0x36;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02)
from revision 0x35 up to 0x36;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-05) from revision 0x35 up to 0x36;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-05) from revision 0x35 up to 0x36;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05)
from revision 0x35 up to 0x36;
- Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x35 up
to 0x36;
- Update of 06-be-00/0x19 (ADL-N A0) microcode from revision 0x17 up
to 0x1a (old pf 0x11).

[4:20240531-1]
- Update Intel CPU microcode to microcode-20240531 release, addresses
CVE-2023-22655, CVE-2023-23583. CVE-2023-28746, CVE-2023-38575,
CVE-2023-39368, CVE-2023-42667, CVE-2023-43490, CVE-2023-45733,
CVE-2023-46103, CVE-2023-49141 (RHEL-30861, RHEL-30864, RHEL-30867,
RHEL-30870, RHEL-30873, RHEL-41094, RHEL-41109):
- Addition of 06-aa-04/0xe6 (MTL-H/U C0) microcode at revision 0x1c;
- Addition of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-02) at
revision 0x4121;
- Addition of 06-ba-08/0xe0 microcode (in intel-ucode/06-ba-03) at
revision 0x4121;
- Addition of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-08) at revision 0x4121;
- Addition of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-08) at revision 0x4121;
- Addition of 06-ba-08/0xe0 microcode at revision 0x4121;
- Addition of 06-cf-01/0x87 (EMR-SP A0) microcode at revision
0x21000230;
- Addition of 06-cf-02/0x87 (EMR-SP A1) microcode (in
intel-ucode/06-cf-01) at revision 0x21000230;
- Addition of 06-cf-01/0x87 (EMR-SP A0) microcode (in
intel-ucode/06-cf-02) at revision 0x21000230;
- Addition of 06-cf-02/0x87 (EMR-SP A1) microcode at revision
0x21000230;
- Removal of 06-8f-04/0x10 microcode at revision 0x2c000290;
- Removal of 06-8f-04/0x87 (SPR-SP E0/S1) microcode at revision
0x2b0004d0;
- Removal of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-04) at revision 0x2c000290;
- Removal of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-04) at revision 0x2b0004d0;
- Removal of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-04) at
revision 0x2c000290;
- Removal of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-04) at revision 0x2b0004d0;
- Removal of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-04) at revision 0x2b0004d0;
- Removal of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
intel-ucode/06-8f-04) at revision 0x2c000290;
- Removal of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-04) at revision 0x2b0004d0;
- Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in
intel-06-8c-01/intel-ucode/06-8c-01) from revision 0xb4 up to 0xb6;
- Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)
microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from
revision 0xf8 up to 0xfa;
- Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xf4 up
to 0xf8;
- Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xf4 up
to 0xf6;
- Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xf4 up
to 0xf6;
- Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xfa up
to 0xfc;
- Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000181
up to 0x1000191;
- Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003604
up to 0x4003605;
- Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision
0x5003604 up to 0x5003605;
- Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x7002703
up to 0x7002802;
- Update of 06-56-05/0x10 (BDX-NS A0/A1, HWL A1) microcode from revision
0xe000014 up to 0xe000015;
- Update of 06-5f-01/0x01 (DNV B0) microcode from revision 0x38 up
to 0x3e;
- Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003b9
up to 0xd0003d1;
- Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000268
up to 0x1000290;
- Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x3e up
to 0x42;
- Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x22 up
to 0x24;
- Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xc2
up to 0xc4;
- Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x34 up
to 0x36;
- Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x4e up
to 0x50;
- Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-05) from
revision 0x2c000290 up to 0x2c000390;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode from revision
0x2c000290 up to 0x2c000390;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode from revision 0x2b0004d0
up to 0x2b0005c0;
- Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-05) from
revision 0x2c000290 up to 0x2c000390;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0;
- Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
intel-ucode/06-8f-05) from revision 0x2c000290 up to 0x2c000390;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0004d0 up to 0x2b0005c0;
- Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-06) from
revision 0x2c000290 up to 0x2c000390;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-06) from revision 0x2c000290 up to 0x2c000390;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0;
- Update of 06-8f-06/0x10 microcode from revision 0x2c000290 up to
0x2c000390;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode from revision 0x2b0004d0
up to 0x2b0005c0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0;
- Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
intel-ucode/06-8f-06) from revision 0x2c000290 up to 0x2c000390;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0004d0 up to 0x2b0005c0;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision
0x2b0004d0 up to 0x2b0005c0;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0004d0 up to 0x2b0005c0;
- Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) from
revision 0x2c000290 up to 0x2c000390;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-08) from revision 0x2c000290 up to 0x2c000390;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0;
- Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) from
revision 0x2c000290 up to 0x2c000390;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0004d0 up to 0x2b0005c0;
- Update of 06-8f-08/0x10 (SPR-HBM B3) microcode from revision
0x2c000290 up to 0x2c000390;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision
0x2b0004d0 up to 0x2b0005c0;
- Update of 06-96-01/0x01 (EHL B1) microcode from revision 0x17 up
to 0x19;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision
0x32 up to 0x35;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-97-02) from revision 0x32 up to 0x35;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x32 up to 0x35;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x32 up to 0x35;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-97-05) from revision 0x32 up to 0x35;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x32
up to 0x35;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x32 up to 0x35;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x32 up to 0x35;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision
0x430 up to 0x433;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in
intel-ucode/06-9a-03) from revision 0x430 up to 0x433;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
intel-ucode/06-9a-04) from revision 0x430 up to 0x433;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x430
up to 0x433;
- Update of 06-9a-04/0x40 (AZB A0) microcode from revision 0x5 up
to 0x7;
- Update of 06-9c-00/0x01 (JSL A0/A1) microcode from revision 0x24000024
up to 0x24000026;
- Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xf8 up
to 0xfa;
- Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xf8
up to 0xfa;
- Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xf8
up to 0xfa;
- Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xf8
up to 0xfa;
- Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode from revision
0xf8 up to 0xfa;
- Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x5d up
to 0x5e;
- Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x11d up
to 0x123;
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision
0x411c up to 0x4121;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-02) from revision 0x411c up to 0x4121;
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-03) from revision 0x411c up to 0x4121;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x411c
up to 0x4121;
- Update of 06-be-00/0x11 (ADL-N A0) microcode from revision 0x12 up
to 0x17;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-02) from revision 0x32 up to 0x35;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-02) from revision 0x32 up to 0x35;
- Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x32 up
to 0x35;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02)
from revision 0x32 up to 0x35;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-05) from revision 0x32 up to 0x35;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-05) from revision 0x32 up to 0x35;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05)
from revision 0x32 up to 0x35;
- Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x32 up
to 0x35.

[4:20231009-1]
- Update Intel CPU microcode to microcode-20231009 release, addresses
CVE-2023-23583:
- Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in
intel-06-8c-01/intel-ucode/06-8c-01) from revision 0xac up to 0xb4;
- Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd0003a5
up to 0xd0003b9;
- Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000230
up to 0x1000268;
- Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xbc
up to 0xc2;
- Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x2c up
to 0x34;
- Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x46 up
to 0x4e;
- Update of 06-8f-04/0x10 microcode from revision 0x2c000271 up to
0x2c000290;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode from revision
0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-04) from revision 0x2c000271 up to 0x2c000290;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-04) from
revision 0x2c000271 up to 0x2c000290;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
intel-ucode/06-8f-04) from revision 0x2c000271 up to 0x2c000290;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-04) from revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-05) from
revision 0x2c000271 up to 0x2c000290;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode from revision
0x2c000271 up to 0x2c000290;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode from revision 0x2b0004b1
up to 0x2b0004d0;
- Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-05) from
revision 0x2c000271 up to 0x2c000290;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
intel-ucode/06-8f-05) from revision 0x2c000271 up to 0x2c000290;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-05) from revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-06) from
revision 0x2c000271 up to 0x2c000290;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-06) from revision 0x2c000271 up to 0x2c000290;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-06/0x10 microcode from revision 0x2c000271 up to
0x2c000290;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode from revision 0x2b0004b1
up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
intel-ucode/06-8f-06) from revision 0x2c000271 up to 0x2c000290;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-06) from revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision
0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) from
revision 0x2c000271 up to 0x2c000290;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-08) from revision 0x2c000271 up to 0x2c000290;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) from
revision 0x2c000271 up to 0x2c000290;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b0004b1 up to 0x2b0004d0;
- Update of 06-8f-08/0x10 (SPR-HBM B3) microcode from revision
0x2c000271 up to 0x2c000290;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision
0x2b0004b1 up to 0x2b0004d0;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision
0x2e up to 0x32;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-97-02) from revision 0x2e up to 0x32;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x2e up to 0x32;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x2e up to 0x32;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-97-05) from revision 0x2e up to 0x32;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x2e
up to 0x32;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x2e up to 0x32;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x2e up to 0x32;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision
0x42c up to 0x430;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in
intel-ucode/06-9a-03) from revision 0x42c up to 0x430;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
intel-ucode/06-9a-04) from revision 0x42c up to 0x430;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x42c
up to 0x430;
- Update of 06-9a-04/0x40 (AZB A0) microcode from revision 0x4 up
to 0x5;
- Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x59 up
to 0x5d;
- Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x119 up
to 0x11d;
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision
0x4119 up to 0x411c;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-02) from revision 0x4119 up to 0x411c;
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-03) from revision 0x4119 up to 0x411c;
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4119
up to 0x411c;
- Update of 06-be-00/0x11 (ADL-N A0) microcode from revision 0x11 up
to 0x12;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-02) from revision 0x2e up to 0x32;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-02) from revision 0x2e up to 0x32;
- Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x2e up
to 0x32;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02)
from revision 0x2e up to 0x32;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-05) from revision 0x2e up to 0x32;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-05) from revision 0x2e up to 0x32;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05)
from revision 0x2e up to 0x32;
- Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x2e up
to 0x32.

[4:20230808-2]
- Add support for the new, more correct, variant of dracut's default
$fw_dir path in dracut_99microcode_ctl-fw_dir_override_module_init.sh.

[4:20230808-1]
- Update Intel CPU microcode to microcode-20230808 release, addresses
CVE-2022-40982, CVE-2022-41804, CVE-2023-23908 (#2213124, #2223992, #2230677,
- Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006f05 up
to 0x2007006;
- Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in
intel-06-8c-01/intel-ucode/06-8c-01) from revision 0xaa up to 0xac;
- Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xf2 up
to 0xf4;
- Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xf2 up
to 0xf4;
- Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xf2 up
to 0xf4;
- Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xf2 up
to 0xf4;
- Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)
microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from
revision 0xf6 up to 0xf8;
- Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xf2 up
to 0xf4;
- Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xf2 up
to 0xf4;
- Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xf2 up
to 0xf4;
- Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xf2 up
to 0xf4;
- Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xf8 up
to 0xfa;
- Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000171
up to 0x1000181;
- Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003501
up to 0x4003604;
- Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision
0x5003501 up to 0x5003604;
- Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x7002601
up to 0x7002703;
- Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd000390
up to 0xd0003a5;
- Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xba
up to 0xbc;
- Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x2a up
to 0x2c;
- Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x44 up
to 0x46;
- Update of 06-8f-04/0x10 microcode from revision 0x2c0001d1 up to
0x2c000271;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-04) from revision 0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-04) from revision 0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-04) from
revision 0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-04) from revision 0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-04) from revision 0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
intel-ucode/06-8f-04) from revision 0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-04) from revision 0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-05) from
revision 0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-05) from revision 0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode from revision 0x2b000461
up to 0x2b0004b1;
- Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-05) from
revision 0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-05) from revision 0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-05) from revision 0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
intel-ucode/06-8f-05) from revision 0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-05) from revision 0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-06) from
revision 0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-06) from revision 0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-06) from revision 0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-06) from revision 0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-06/0x10 microcode from revision 0x2c0001d1 up to
0x2c000271;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode from revision 0x2b000461
up to 0x2b0004b1;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-06) from revision 0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
intel-ucode/06-8f-06) from revision 0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-06) from revision 0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) from
revision 0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-08) from revision 0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) from
revision 0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000461 up to 0x2b0004b1;
- Update of 06-8f-08/0x10 (SPR-HBM B3) microcode from revision
0x2c0001d1 up to 0x2c000271;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision
0x2b000461 up to 0x2b0004b1;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision
0x2c up to 0x2e;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-97-02) from revision 0x2c up to 0x2e;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x2c up to 0x2e;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x2c up to 0x2e;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-97-05) from revision 0x2c up to 0x2e;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x2c
up to 0x2e;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x2c up to 0x2e;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x2c up to 0x2e;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision
0x42a up to 0x42c;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in
intel-ucode/06-9a-03) from revision 0x42a up to 0x42c;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
intel-ucode/06-9a-04) from revision 0x42a up to 0x42c;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x42a
up to 0x42c;
- Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xf6 up
to 0xf8;
- Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xf6
up to 0xf8;
- Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xf6
up to 0xf8;
- Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xf6
up to 0xf8;
- Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode from revision
0xf6 up to 0xf8;
- Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x58 up
to 0x59;
- Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x113 up
to 0x119;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-02) from revision 0x2c up to 0x2e;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-02) from revision 0x2c up to 0x2e;
- Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x2c up
to 0x2e;
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02)
from revision 0x2c up to 0x2e;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-05) from revision 0x2c up to 0x2e;
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-05) from revision 0x2c up to 0x2e;
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05)
from revision 0x2c up to 0x2e;
- Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x2c up
to 0x2e;
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode from revision
0x4112 up to 0x4119 (old pf 0xc0);
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-02) from revision 0x4112 up to 0x4119 (old pf 0xc0);
- Update of 06-ba-02/0xe0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-03) from revision 0x4112 up to 0x4119 (old pf 0xc0);
- Update of 06-ba-03/0xe0 (RPL-U 2+8 Q0) microcode from revision 0x4112
up to 0x4119 (old pf 0xc0);
- Update of 06-be-00/0x11 (ADL-N A0) microcode from revision 0x10 up
to 0x11 (old pf 0x1).

[4:20230516-1]
- Update Intel CPU microcode to microcode-20230516 release (#2213124):
- Addition of 06-be-00/0x01 (ADL-N A0) microcode at revision 0x10;
- Addition of 06-9a-04/0x40 (AZB A0) microcode at revision 0x4;
- Update of 06-55-04/0xb7 (SKX-D/SP/W/X H0/M0/M1/U0) microcode (in
intel-06-55-04/intel-ucode/06-55-04) from revision 0x2006e05 up
to 0x2006f05;
- Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in
intel-06-8c-01/intel-ucode/06-8c-01) from revision 0xa6 up to 0xaa;
- Update of 06-8e-09/0x10 (AML-Y 2+2 H0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xf0 up
to 0xf2;
- Update of 06-8e-09/0xc0 (KBL-U/U 2+3e/Y H0/J1) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-09) from revision 0xf0 up
to 0xf2;
- Update of 06-8e-0a/0xc0 (CFL-U 4+3e D0, KBL-R Y0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0a) from revision 0xf0 up
to 0xf2;
- Update of 06-8e-0b/0xd0 (WHL-U W0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0b) from revision 0xf0 up
to 0xf2;
- Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)
microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from
revision 0xf4 up to 0xf6;
- Update of 06-9e-09/0x2a (KBL-G/H/S/X/Xeon E3 B0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-09) from revision 0xf0 up
to 0xf2;
- Update of 06-9e-0a/0x22 (CFL-H/S/Xeon E U0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0a) from revision 0xf0 up
to 0xf2;
- Update of 06-9e-0b/0x02 (CFL-E/H/S B0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0b) from revision 0xf0 up
to 0xf2;
- Update of 06-9e-0c/0x22 (CFL-H/S/Xeon E P0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0c) from revision 0xf0 up
to 0xf2;
- Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xf4 up
to 0xf8;
- Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x1000161
up to 0x1000171;
- Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003303
up to 0x4003501;
- Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision
0x5003303 up to 0x5003501;
- Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x7002503
up to 0x7002601;
- Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd000389
up to 0xd000390;
- Update of 06-6c-01/0x10 (ICL-D B0) microcode from revision 0x1000211
up to 0x1000230;
- Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xb8
up to 0xba;
- Update of 06-8a-01/0x10 (LKF B2/B3) microcode from revision 0x32 up
to 0x33;
- Update of 06-8c-02/0xc2 (TGL-R C0) microcode from revision 0x28 up
to 0x2a;
- Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x42 up
to 0x44;
- Update of 06-8f-04/0x10 microcode from revision 0x2c000170 up to
0x2c0001d1;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode from revision
0x2b000181 up to 0x2b000461;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-04) from revision 0x2c000170 up to 0x2c0001d1;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-04) from revision 0x2b000181 up to 0x2b000461;
- Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-04) from
revision 0x2c000170 up to 0x2c0001d1;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-04) from revision 0x2b000181 up to 0x2b000461;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-04) from revision 0x2b000181 up to 0x2b000461;
- Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
intel-ucode/06-8f-04) from revision 0x2c000170 up to 0x2c0001d1;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-04) from revision 0x2b000181 up to 0x2b000461;
- Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-05) from
revision 0x2c000170 up to 0x2c0001d1;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-05) from revision 0x2b000181 up to 0x2b000461;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode from revision
0x2c000170 up to 0x2c0001d1;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode from revision 0x2b000181
up to 0x2b000461;
- Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-05) from
revision 0x2c000170 up to 0x2c0001d1;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-05) from revision 0x2b000181 up to 0x2b000461;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-05) from revision 0x2b000181 up to 0x2b000461;
- Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
intel-ucode/06-8f-05) from revision 0x2c000170 up to 0x2c0001d1;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-05) from revision 0x2b000181 up to 0x2b000461;
- Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-06) from
revision 0x2c000170 up to 0x2c0001d1;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-06) from revision 0x2b000181 up to 0x2b000461;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-06) from revision 0x2c000170 up to 0x2c0001d1;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-06) from revision 0x2b000181 up to 0x2b000461;
- Update of 06-8f-06/0x10 microcode from revision 0x2c000170 up to
0x2c0001d1;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode from revision 0x2b000181
up to 0x2b000461;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-06) from revision 0x2b000181 up to 0x2b000461;
- Update of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
intel-ucode/06-8f-06) from revision 0x2c000170 up to 0x2c0001d1;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-06) from revision 0x2b000181 up to 0x2b000461;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000181 up to 0x2b000461;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000181 up to 0x2b000461;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000181 up to 0x2b000461;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode from revision
0x2b000181 up to 0x2b000461;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-07) from revision 0x2b000181 up to 0x2b000461;
- Update of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) from
revision 0x2c000170 up to 0x2c0001d1;
- Update of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000181 up to 0x2b000461;
- Update of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-08) from revision 0x2c000170 up to 0x2c0001d1;
- Update of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000181 up to 0x2b000461;
- Update of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) from
revision 0x2c000170 up to 0x2c0001d1;
- Update of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000181 up to 0x2b000461;
- Update of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-08) from revision 0x2b000181 up to 0x2b000461;
- Update of 06-8f-08/0x10 (SPR-HBM B3) microcode from revision
0x2c000170 up to 0x2c0001d1;
- Update of 06-8f-08/0x87 (SPR-SP E5/S3) microcode from revision
0x2b000181 up to 0x2b000461;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision
0x429 up to 0x42a;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in
intel-ucode/06-9a-03) from revision 0x429 up to 0x42a;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
intel-ucode/06-9a-04) from revision 0x429 up to 0x42a;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x429
up to 0x42a;
- Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xf4 up
to 0xf6;
- Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xf4
up to 0xf6;
- Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xf4
up to 0xf6;
- Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xf4
up to 0xf6;
- Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode from revision
0xf4 up to 0xf6;
- Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x57 up
to 0x58;
- Update of 06-b7-01/0x32 (RPL-S B0) microcode from revision 0x112 up
to 0x113;
- Update of 06-ba-02/0xc0 (RPL-H 6+8/P 6+8 J0) microcode from revision
0x410e up to 0x4112;
- Update of 06-ba-03/0xc0 (RPL-U 2+8 Q0) microcode (in
intel-ucode/06-ba-02) from revision 0x410e up to 0x4112;
- Update of 06-ba-02/0xc0 (RPL-H 6+8/P 6+8 J0) microcode (in
intel-ucode/06-ba-03) from revision 0x410e up to 0x4112;
- Update of 06-ba-03/0xc0 (RPL-U 2+8 Q0) microcode from revision 0x410e
up to 0x4112.

[4:20230214-4]
- Avoid spurious find failures due to calls on directories that may not exist
(#2225681).

[4:20230214-3]
- Force locale to C in check_caveats, reload_microcode, and update_ucode
(#2218104).

[4:20230214-2]
- Cleanup the dangling symlinks in update_ucode (#2213022).

[4:20230214-1]
- Update Intel CPU microcode to microcode-20230214 release, addresses
CVE-2022-21216, CVE-2022-33196, CVE-2022-33972, CVE-2022-38090 (#2171237,
- Addition of 06-6c-01/0x10 (ICL-D B0) microcode at revision 0x1000211;
- Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode at revision
0x2b000181;
- Addition of 06-8f-04/0x10 microcode at revision 0x2c000170;
- Addition of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-04) at revision 0x2b000181;
- Addition of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-04) at revision 0x2c000170;
- Addition of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-04) at revision 0x2b000181;
- Addition of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-04) at
revision 0x2c000170;
- Addition of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-04) at revision 0x2b000181;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-04) at revision 0x2b000181;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
intel-ucode/06-8f-04) at revision 0x2c000170;
- Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-05) at revision 0x2b000181;
- Addition of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-05) at
revision 0x2c000170;
- Addition of 06-8f-05/0x87 (SPR-SP E2) microcode at revision
0x2b000181;
- Addition of 06-8f-05/0x10 (SPR-HBM B1) microcode at revision
0x2c000170;
- Addition of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-05) at revision 0x2b000181;
- Addition of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-05) at
revision 0x2c000170;
- Addition of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-05) at revision 0x2b000181;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-05) at revision 0x2b000181;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
intel-ucode/06-8f-05) at revision 0x2c000170;
- Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-06) at revision 0x2b000181;
- Addition of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-06) at
revision 0x2c000170;
- Addition of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-06) at revision 0x2b000181;
- Addition of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-06) at revision 0x2c000170;
- Addition of 06-8f-06/0x87 (SPR-SP E3) microcode at revision
0x2b000181;
- Addition of 06-8f-06/0x10 microcode at revision 0x2c000170;
- Addition of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-06) at revision 0x2b000181;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-06) at revision 0x2b000181;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode (in
intel-ucode/06-8f-06) at revision 0x2c000170;
- Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-07) at revision 0x2b000181;
- Addition of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-07) at revision 0x2b000181;
- Addition of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-07) at revision 0x2b000181;
- Addition of 06-8f-07/0x87 (SPR-SP E4/S2) microcode at revision
0x2b000181;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode (in
intel-ucode/06-8f-07) at revision 0x2b000181;
- Addition of 06-8f-04/0x87 (SPR-SP E0/S1) microcode (in
intel-ucode/06-8f-08) at revision 0x2b000181;
- Addition of 06-8f-04/0x10 microcode (in intel-ucode/06-8f-08) at
revision 0x2c000170;
- Addition of 06-8f-05/0x87 (SPR-SP E2) microcode (in
intel-ucode/06-8f-08) at revision 0x2b000181;
- Addition of 06-8f-05/0x10 (SPR-HBM B1) microcode (in
intel-ucode/06-8f-08) at revision 0x2c000170;
- Addition of 06-8f-06/0x87 (SPR-SP E3) microcode (in
intel-ucode/06-8f-08) at revision 0x2b000181;
- Addition of 06-8f-06/0x10 microcode (in intel-ucode/06-8f-08) at
revision 0x2c000170;
- Addition of 06-8f-07/0x87 (SPR-SP E4/S2) microcode (in
intel-ucode/06-8f-08) at revision 0x2b000181;
- Addition of 06-8f-08/0x87 (SPR-SP E5/S3) microcode at revision
0x2b000181;
- Addition of 06-8f-08/0x10 (SPR-HBM B3) microcode at revision
0x2c000170;
- Addition of 06-b7-01/0x32 (RPL-S S0) microcode at revision 0x112;
- Addition of 06-ba-02/0xc0 microcode at revision 0x410e;
- Addition of 06-ba-03/0xc0 microcode (in intel-ucode/06-ba-02) at
revision 0x410e;
- Addition of 06-ba-02/0xc0 microcode (in intel-ucode/06-ba-03) at
revision 0x410e;
- Addition of 06-ba-03/0xc0 microcode at revision 0x410e;
- Update of 06-8c-01/0x80 (TGL-UP3/UP4 B1) microcode (in
intel-06-8c-01/intel-ucode/06-8c-01) from revision 0xa4 up to 0xa6;
- Update of 06-8e-0c/0x94 (AML-Y 4+2 V0, CML-U 4+2 V0, WHL-U V0)
microcode (in intel-06-8e-9e-0x-dell/intel-ucode/06-8e-0c) from
revision 0xf0 up to 0xf4;
- Update of 06-9e-0d/0x22 (CFL-H/S/Xeon E R0) microcode (in
intel-06-8e-9e-0x-dell/intel-ucode/06-9e-0d) from revision 0xf0 up
to 0xf4;
- Update of 06-55-03/0x97 (SKX-SP B1) microcode from revision 0x100015e
up to 0x1000161;
- Update of 06-55-06/0xbf (CLX-SP B0) microcode from revision 0x4003302
up to 0x4003303;
- Update of 06-55-07/0xbf (CLX-SP/W/X B1/L1) microcode from revision
0x5003302 up to 0x5003303;
- Update of 06-55-0b/0xbf (CPX-SP A1) microcode from revision 0x7002501
up to 0x7002503;
- Update of 06-6a-06/0x87 (ICX-SP D0) microcode from revision 0xd000375
up to 0xd000389;
- Update of 06-7a-01/0x01 (GLK B0) microcode from revision 0x3c up
to 0x3e;
- Update of 06-7a-08/0x01 (GLK-R R0) microcode from revision 0x20 up
to 0x22;
- Update of 06-7e-05/0x80 (ICL-U/Y D1) microcode from revision 0xb2
up to 0xb8;
- Update of 06-8a-01/0x10 (LKF B2/B3) microcode from revision 0x31 up
to 0x32;
- Update of 06-8d-01/0xc2 (TGL-H R0) microcode from revision 0x40 up
to 0x42;
- Update of 06-96-01/0x01 (EHL B1) microcode from revision 0x16 up
to 0x17;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode from revision
0x22 up to 0x2c (old pf 0x3);
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-97-02) from revision 0x22 up to 0x2c (old pf 0x3);
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x22 up to 0x2c (old pf 0x3);
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-02)
from revision 0x22 up to 0x2c (old pf 0x3);
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-97-05) from revision 0x22 up to 0x2c (old pf 0x3);
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode from revision 0x22
up to 0x2c (old pf 0x3);
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x22 up to 0x2c (old pf 0x3);
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-97-05)
from revision 0x22 up to 0x2c (old pf 0x3);
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode from revision
0x421 up to 0x429;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode (in
intel-ucode/06-9a-03) from revision 0x421 up to 0x429;
- Update of 06-9a-03/0x80 (ADL-P 6+8/U 9W L0/R0) microcode (in
intel-ucode/06-9a-04) from revision 0x421 up to 0x429;
- Update of 06-9a-04/0x80 (ADL-P 2+8 R0) microcode from revision 0x421
up to 0x429;
- Update of 06-9c-00/0x01 (JSL A0/A1) microcode from revision 0x24000023
up to 0x24000024;
- Update of 06-a5-02/0x20 (CML-H R1) microcode from revision 0xf0 up
to 0xf4;
- Update of 06-a5-03/0x22 (CML-S 6+2 G1) microcode from revision 0xf0
up to 0xf4;
- Update of 06-a5-05/0x22 (CML-S 10+2 Q0) microcode from revision 0xf0
up to 0xf4;
- Update of 06-a6-00/0x80 (CML-U 6+2 A0) microcode from revision 0xf0
up to 0xf4;
- Update of 06-a6-01/0x80 (CML-U 6+2 v2 K1) microcode from revision
0xf0 up to 0xf4;
- Update of 06-a7-01/0x02 (RKL-S B0) microcode from revision 0x54 up
to 0x57;
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-02) from revision 0x22 up to 0x2c (old pf 0x3);
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-02) from revision 0x22 up to 0x2c (old pf 0x3);
- Update of 06-bf-02/0x07 (ADL C0) microcode from revision 0x22 up to
0x2c (old pf 0x3);
- Update of 06-bf-05/0x07 (ADL C0) microcode (in intel-ucode/06-bf-02)
from revision 0x22 up to 0x2c (old pf 0x3);
- Update of 06-97-02/0x07 (ADL-HX/S 8+8 C0) microcode (in
intel-ucode/06-bf-05) from revision 0x22 up to 0x2c (old pf 0x3);
- Update of 06-97-05/0x07 (ADL-S 6+0 K0) microcode (in
intel-ucode/06-bf-05) from revision 0x22 up to 0x2c (old pf 0x3);
- Update of 06-bf-02/0x07 (ADL C0) microcode (in intel-ucode/06-bf-05)
from revision 0x22 up to 0x2c (old pf 0x3);
- Update of 06-bf-05/0x07 (ADL C0) microcode from revision 0x22 up to
0x2c (old pf 0x3).

ELBA-2025-20222 Oracle Linux 9 ipmctl bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-20222

http://linux.oracle.com/errata/ELBA-2025-20222.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
ipmctl-03.00.00.0485-1.0.1.el9.x86_64.rpm
libipmctl5-03.00.00.0485-1.0.1.el9.x86_64.rpm
libipmctl5-devel-03.00.00.0485-1.0.1.el9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//ipmctl-03.00.00.0485-1.0.1.el9.src.rpm

Description of changes:

[03.00.00.0485-1.0.1]
- Update to 03.00.00.0485

[03.00.00.0468-1.0.1]
- Update to 03.00.00.0468

ELBA-2025-20221 Oracle Linux 9 dwarves bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-20221

http://linux.oracle.com/errata/ELBA-2025-20221.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
dwarves-1.28-1.el9.x86_64.rpm
libdwarves1-1.28-1.el9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//dwarves-1.28-1.el9.src.rpm

Description of changes:

[1.28-1]
- Build new dwarves release, depends on libbpf-devel v1.5 [Orabug: 37277258]

[1.27-2]
- Backport upstream bugfixes for clang builds
Resolves: RHEL-54022

[1.27-1]
- Resolves: RHEL-30780
- New release: v1.26
- When expanding types using 'pahole -E' do it for union and struct typedefs and for enums too.
- Print number of holes, bit holes and bit paddings in class member types.
- Introduce --contains_enumerator=ENUMERATOR_NAME:
- Fix pretty printing using DWARF, waiting for a CU with both class (-C) and a specified "type_enum".
- Add support for DW_TAG_constant in the DWARF loader, first seen in Go DWARF.
- Fix loading DW_TAG_subroutine_type generated by the Go compiler.
- Fix loading of 32-bit signed enums from BTF.
- Add 'pahole --btf_features' to allow consumers to specify an opt-in set of features they want to use in BTF encoding.
- Parallelize loading BTF and DWARF, speeding up a bit btfdiff.
- Do type expansion to cover "private" types and enumerations in btfdiff.
- New release: v1.27
- Reproducible parallel builds: multiple runs with different number of loading/encoding threads produce the same result.
- Inject kfunc decl tags into BTF from the BTF IDs ELF section in the Linux kernel vmlinux file.
- Sanitize unsupported DWARF int type with greater-than-16 byte, as BTF doesn't support it.
- Initial support for BTF_KIND_DECL_TAG in the BTF loader, adding support in pfunct output.
- Fix hole discovery with inheritance in C++.

[1.25-1]
- Resolves: rhbz#2190484
- Build with system libbpf
- New release: v1.25
- Support for DW_TAG_unspecified_type more generally.
- Make sure struct member offsets are in ascending order. Rust BTF needs this.
- Support C atomic types (DW_TAG_atomic_type).
- Initial support for DW_TAG_LLVM_annotation, used for BTF type tags, for __rcu, __user, etc
- Exclude functions with the same name (static functions in different CUs), inconsistent prototypes or not following calling convention.
- Allow generation of BTF for optimized functions, those that end with a .isra*, .constprop*.
- Support 'pahole --lang=/--lang_exclude=asm'
- Support --compile from DWARF in addition to from BTF.
- Exclude RUST CUs in 'btfdiff', as those are not yet being BTF encoded.

ELBA-2025-20220 Oracle Linux 9 dtrace bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-20220

http://linux.oracle.com/errata/ELBA-2025-20220.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
dtrace-2.0.2-5.el9.x86_64.rpm
dtrace-devel-2.0.2-5.el9.x86_64.rpm
dtrace-testsuite-2.0.2-5.el9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//dtrace-2.0.2-5.el9.src.rpm

Description of changes:

[2.0.2-1]
- Translators to support kernels 6.10 and later.
- FBT return probe argument support.
- The print() action is augmented with type information. (Alan Maguire)
- Support to discover and trace USDT probes after a tracing session has
started. (Eugene Loh, Nick Alcock)
- USDT probe argument support (translated types, mapping). (Nick Alcock)
- Installation locations are now configurable. (Nick Alcock)
- Valgrind is no longer a required build dependency. (Nick Alcock)
- Self-grabs have been improved. (Nick Alcock)
- New provider: rawfbt. (Kris Van Hees)
- Various bug fixes. (Nick Alcock, Eugene Loh, Alan Maguire, Kris Van Hees)
- Various testsuite fixes and improvements.
(Nick Alcock, Sam James, Eugene Loh, Kris Van Hees)
- Various code improvements. (Nick Alcock, Eugene Loh, Kris Van Hees)
[Orabug: 37274251]

[2.0.1-1]
- Implement FBT probes with fentry/fexit tracepoints
- Provide argument info for FBT probes.
- Provide pre-generated translator files sets. [Orabug: 36504847]

[2.0.0-1.14]
- Implement provider: io. (Eugene Loh, Kris Van Hees)
- Implement actions: print(). (Alan Maguire)
- Implement subroutines: link_ntop(), cleanpath(). (Eugene Loh)
- Implement options: -xcpu, -xaggpercpu. (Eugene Loh)
- Improve providers: pid (offset-based probes) and rawtp (arg info).
- Improve options: -xlockmem (improve default). (Eugene Loh)
- Ensure USDT probes can survive dtprobed restarts. (Nick Alcock)
- Improve USDT probe creation/deletion. (Nick Alcock)
- Improve support for DTrace with upstream kernels. (Nick Alcock)
- Improve support for compiling DTrace in older environments. (Kris Van Hees)
- Add support for aggregations of stacks. (Eugene Loh)
- Improve lexer parsing (top-level wildcard ambiguities and numerals).
(Nick Alcock)
- Fix END probe execution with multiple tracers. (Nick Alcock)
- Preemptive BPF program execution for DTrace probes is not allowed.
- Buffer overrun fix for systems with non-sequential online CPU ids.
(Kris Van Hees, Nick Alcock) [Orabug: 36356681]
- Various bug fixes. (Nick Alcock, Eugene Loh, Kris Van Hees)
- Various testsuite fixes and improvements.
(Nick Alcock, Eugene Loh, Kris Van Hees)
- Various code improvements. (Nick Alcock, Eugene Loh, Kris Van Hees)
[Orabug: 36329725]

[2.0.0-1.13.2]
- Support using DTrace with upstream kernels.
- Implement provider: ip.
- Implement actions: trunc(), pcap().
- Implement subroutines: inet_ntoa6().
- Implement subroutines: inet_ntop(). (Eugene Loh)
- Support modules.builtin.ranges for builtin module-symbol association.
- Provide a BTF-to-CTF convertor to provide (limited) kernel type information
when CTF is not available.
- Remove dependency on waitfd(). (Nick Alcock)
- Various testsuite fixes and improvements.
(Nick Alcock, Eugene Loh, Kris Van Hees)
- Various code improvements. (Nick Alcock, Eugene Loh, Kris Van Hees)

[2.0.0-1.13.1]
- Restart dtprobed when upgrading DTrace.
- Report and clean up orphaned tracing events after each test.

[2.0.0-1.13]
- Full support for is-enabled USDT probes. (Nick Alcock)
- Report error on programs that exceed aggsize or dynvarsize.
- Support for drop counters for principal, speculation, and aggregation buffers
and for dynamic variables.
- Implement probe: proc:::signal-clear.
- Implement provider: sched (partial implementation).
- Implement provider: lockstat (for kernels >= 5.10.0 and UEK6 with fix).
- Support NULL strings. (Eugene Loh)
- Support uregs[] on older kernels. (Eugene Loh)
- New option: lonknommap. (Nick Alcock)
- Support for USDT probes in programs in different fs namespaces. (Nick Alcock)
- Support for USDT probes in non-PIE executables. (Nick Alcock)
- Fix dtprobed to support DOF that exceeds 64KiB. (Nick Alcock)
[Orabug: 35411920]
- Do not modify input files with dtrace -G if unchanged. (Steven Sistare)
[Orbug: 35417184]
- Various testsuite fixes and improvements.
(Nick Alcock, Eugene Loh, Kris Van Hees) [Orabug: 35435195]
- Various code improvements. (Nick Alcock, Eugene Loh, Kris Van Hees)
[Orabug: 35435195]

[2.0.0-1.12]
- Fix evaluation order of bcopy() arguments and lift non-alloca restriction
on the source address. (Eugene Loh, Kris Van Hees)
- Implement actions: clear(), tracemem(). (Kris Van Hees, Eugene Loh)
- Implement subroutines: copyout(), copyinstr(). (Kris Van Hees, Eugene Loh)
- Implement options: switchrate, aggrate.
- Implement provider: cpc. (Eugene Loh)
- Implement provider: proc.
- Implement built-in variable: uregs. (Eugene Loh)
- Increase strtab maximum size.
- Support using indirect load instructions for pointers to alloca()'d and
DTrace managed memory. (Kris Van Hees, Eugene Loh)
- Fix arg0 and arg1 for profile-* and tick-* probes. (Eugene Loh)
- Implement runtime bounds checking for scalar array access. (Eugene Loh)
- Updated manpage and moved to dtrace.8.
- Support arbitrary address pointers for basename(), dirname(), strchr(),
strrchr(), and inet_ntoa(). (Eugene Loh) [Orabug: 34857846]
- Add runtime bounds checking for scalar array access. (Eugene Loh)
[Orabug: 35045463]
- Various testsuite fixes and improvements. [Orabug: 34829509]
- Various code improvements. [Orabug: 34829509]

ELBA-2025-20219 Oracle Linux 9 snapper bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-20219

http://linux.oracle.com/errata/ELBA-2025-20219.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
libsnapper-devel-0.8.7-4.el9.x86_64.rpm
libsnapper4-0.8.7-4.el9.x86_64.rpm
pam_snapper-0.8.7-4.el9.x86_64.rpm
snapper-0.8.7-4.el9.x86_64.rpm
snapper-testsuite-0.8.7-4.el9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//snapper-0.8.7-4.el9.src.rpm

Description of changes:

[ 0.8.7-4]
- Rebuild on OL9 [Orabug: 33797194]
- Fix testsuite [Orabug: 33797194]

[ 0.8.7-3]
- Disabled zypp plugin [Orabug: 31175643]

[ 0.8.7-2]
- Enable selinux support [Orabug: 31175643]

ELBA-2025-20218 Oracle Linux 9 dnf-plugins-extras bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-20218

http://linux.oracle.com/errata/ELBA-2025-20218.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
python3-dnf-plugin-kickstart-4.0.15-3.0.1.el9.noarch.rpm
python3-dnf-plugin-showvars-4.0.15-3.0.1.el9.noarch.rpm
python3-dnf-plugin-snapper-4.0.15-3.0.1.el9.noarch.rpm
python3-dnf-plugins-extras-common-4.0.15-3.0.1.el9.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//dnf-plugins-extras-4.0.15-3.0.1.el9.src.rpm

Description of changes:

[4.0.15-3.0.1]
- Disable unneeded plugins [Orabug: 33797671]
- Build for OL9 [Orabug: 33797671]

[4.0.15-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild

[4.0.15-2]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild

[4.0.15-1]
- Update to 4.0.15
- Add symlink for man pages of offline-upgrade and offline-distrosync commands (RhBug:1917378)
- system-upgrade: Handle empty transaction on download (RhBug:1917639)

[4.0.13-5]
- Rebuilt for Python 3.10

[4.0.13-4]
- add Provides for offline-upgrade and offline-distrosync commands

[4.0.13-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild

[4.0.13-2]
- Set minimun dnf version to 4.4.3

[4.0.13-1]
- Update to 4.0.13
- system-upgrade: Use Transaction Store/Replay
- system-upgrade: Pretty-print the state json

[4.0.12-1]
- Update Cmake to pull translations from weblate
- Drop Python 2 support
- README: Add Installation, Contribution, etc
- Add the DNF_SYSTEM_UPGRADE_NO_REBOOT env variable to control system-upgrade reboot.
- [system-upgrade] Upgrade groups and environments (RhBug:1845562,1860408)

[4.0.10-5]
- spec: Fix building with new cmake macros
- Drop python 2 support

[4.0.10-4]
- Second attempt - Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild

[4.0.10-3]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild

[4.0.10-2]
- Rebuilt for Python 3.9

ELBA-2025-20217 Oracle Linux 9 btrfs-progs bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-20217

http://linux.oracle.com/errata/ELBA-2025-20217.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
btrfs-progs-6.12.0-0.el9.x86_64.rpm
btrfs-progs-devel-6.12.0-0.el9.x86_64.rpm
libbtrfs-6.12.0-0.el9.x86_64.rpm
libbtrfsutil-6.12.0-0.el9.x86_64.rpm
python3-btrfsutil-6.12.0-0.el9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//btrfs-progs-6.12.0-0.el9.src.rpm

Description of changes:

[6.12.0-0.el9]
- btrfs-progs: upstream release v6.12.0

ELBA-2025-20216 Oracle Linux 9 adaptivemm bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-20216

http://linux.oracle.com/errata/ELBA-2025-20216.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
adaptivemm-2.1.0-2.el9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//adaptivemm-2.1.0-2.el9.src.rpm

Description of changes:

[2.1.0-2]
- Rebuild to v2.1.0 for OL8, OL9, and OL10
- v2.1.0 adds a module to look for possible memory leaks

[2.1.0-1]
- Add module to look for possible memory leaks

ELBA-2025-20215 Oracle Linux 9 iproute bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-20215

http://linux.oracle.com/errata/ELBA-2025-20215.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
iproute-6.8.0-2.el9_5.x86_64.rpm
iproute-devel-6.8.0-2.el9_5.x86_64.rpm
iproute-tc-6.8.0-2.el9_5.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//iproute-6.8.0-2.el9_5.src.rpm

Description of changes:

[6.8.0-2.el9]
- ip: netconf: fix overzealous error checking [Orabug: 37718915]

[6.8.0-1.el9]
- Updates to iproute-6.8.0-1.el9 for 9.4

[6.2.0-6.el9]
- Fix nvr for rhel-9.4 GA (Andrea Claudi)

[6.2.0-5.1.el9]
- man: ip-link.8: add a note for gso_ipv4_max_size (Andrea Claudi)
- iplink: add gso and gro max_size attributes for ipv4 (Andrea Claudi)
- Update kernel headers (Andrea Claudi)
- ss: Add support for dumping TCP bound-inactive sockets. (Andrea Claudi)

[6.2.0-5.el9]
- tc: add missing separator (Andrea Claudi)
- u32: fix TC_U32_TERMINAL printing (Andrea Claudi)

[6.2.0-4.el9]
- Fix NVR, %autorelease not working (Andrea Claudi)

[6.2.0-3.el9]
- mptcp: add support for implicit flag (Wen Liang) [2109135]

[6.2.0-2.el9]
- macvlan: Add bclim parameter (Andrea Claudi) [2186945]
- Update kernel headers (Andrea Claudi) [2186945]

[6.2.0-1.el9]
- New version 6.2.0 (Andrea Claudi) [RHEL-428]

OLAMSA-2025-0003 Important: Oracle Linux 8 OLAM2.2 Security Update

Oracle Linux Security Advisory OLAMSA-2025-0003

http://linux.oracle.com/errata/OLAMSA-2025-0003.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
ol-automation-manager-2.2.0-31.el8.x86_64.rpm
ol-automation-manager-cli-2.2.0-31.el8.noarch.rpm
python311-olamkit-2.2.0-31.el8.noarch.rpm
python3.11-aiohttp-3.9.3-1.0.3.el8.x86_64.rpm
python3.11-django-4.2.17-1.0.1.el8.noarch.rpm
python3.11-requests-2.31.0-1.0.3.el8.noarch.rpm
python3.11-jinja2-3.1.3-1.0.4.el8.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//ol-automation-manager-2.2.0-31.el8.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//python-aiohttp-3.9.3-1.0.3.el8.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//python-django-4.2.17-1.0.1.el8.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//python-requests-2.31.0-1.0.3.el8.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//python-jinja2-3.1.3-1.0.4.el8.src.rpm

Related CVEs:

CVE-2025-26699
CVE-2024-52304
CVE-2024-35195
CVE-2025-27516
CVE-2024-39689

Description of changes:

ol-automation-manager
[2.2.0-31.el8]
- Remove restart on failure option for receptor-awx.service

[2.2.0-30.el8]
- OLAM-708 Apply patch for CVE-2025-27516
- OLAM-719 Apply patch for CVE-2025-26699

[2.2.0-29.el8]
- OLAM-677 Apply patch for CVE-2024-52304

[2.2.0-28.el8]
- OLAM-676 Apply patch for CVE-2024-35195 (requests-2.28.1 and requests-2.31.0 patched)

[2.2.0-27.el8]
- OLAM-502 Upgrade certifi 2025.1.31 to fix CVE-2024-39689

[2.2.0-26.el8]
- Adds restart on failure option for receptor-awx.service [Orabug: 37199481]

python-aiohttp
[3.9.3-1.0.3]
- OLAM-677 Apply patch for CVE-2024-52304

python-django
[4.2.17-1.0.1]
- Apply patch for CVE-2025-26699 [JIRA: OLAM-719]

python-requests
[2.31.0-1.0.3]
- OLAM-676 Apply patch for CVE-2024-35195

python-jinja2
[3.1.3-1.0.4]
- Apply patch for CVE-2025-27516 [JIRA: OLAM-708]1

ELSA-2025-20270 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2025-20270

http://linux.oracle.com/errata/ELSA-2025-20270.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-5.15.0-307.178.5.el9uek.x86_64.rpm
kernel-uek-5.15.0-307.178.5.el9uek.x86_64.rpm
kernel-uek-core-5.15.0-307.178.5.el9uek.x86_64.rpm
kernel-uek-debug-5.15.0-307.178.5.el9uek.x86_64.rpm
kernel-uek-debug-core-5.15.0-307.178.5.el9uek.x86_64.rpm
kernel-uek-debug-devel-5.15.0-307.178.5.el9uek.x86_64.rpm
kernel-uek-debug-modules-5.15.0-307.178.5.el9uek.x86_64.rpm
kernel-uek-debug-modules-extra-5.15.0-307.178.5.el9uek.x86_64.rpm
kernel-uek-devel-5.15.0-307.178.5.el9uek.x86_64.rpm
kernel-uek-doc-5.15.0-307.178.5.el9uek.noarch.rpm
kernel-uek-modules-5.15.0-307.178.5.el9uek.x86_64.rpm
kernel-uek-modules-extra-5.15.0-307.178.5.el9uek.x86_64.rpm
kernel-uek-container-5.15.0-307.178.5.el9uek.x86_64.rpm
kernel-uek-container-debug-5.15.0-307.178.5.el9uek.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kernel-uek-5.15.0-307.178.5.el9uek.src.rpm

Related CVEs:

CVE-2024-35972
CVE-2024-40919
CVE-2024-41079
CVE-2024-44984
CVE-2024-46842
CVE-2024-50155
CVE-2024-50215
CVE-2024-53209
CVE-2024-53213
CVE-2024-56656
CVE-2024-56660
CVE-2024-56760

Description of changes:

[5.15.0-307.178.5.el9uek]
- net/mlx5: DR, prevent potential error pointer dereference (Dan Carpenter) [Orabug: 37434242] {CVE-2024-56660}
- uek-rpm: Set CONFIG_IP6_NF_IPTABLES for ol9/ol8 container kernels (Jonah Palmer) [Orabug: 37703179]
- net: hsr: fix fill_frame_info() regression vs VLAN packets (Eric Dumazet)
- f2fs: Introduce linear search for dentries (Daniel Lee)
- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (Marco Leogrande)
- net: loopback: Avoid sending IP packets without an Ethernet header (Ido Schimmel)
- x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0 (Andrew Cooper)
- sched: sch_cake: add bounds checks to host bulk flow fairness counts (Toke Høiland-Jørgensen)
- usb: atm: cxacru: fix a flaw in existing endpoint checks (Nikita Zhandarovich)
- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (Juergen Gross)
- x86/xen: add FRAME_END to xen_hypercall_hvm() (Juergen Gross)
- ocfs2: fix incorrect CPU endianness conversion causing mount failure (Heming Zhao)
- usb: dwc3: Set SUSPENDENABLE soon after phy init (Thinh Nguyen)
- Revert "btrfs: avoid monopolizing a core when activating a swap file" (Koichiro Den)
- Revert "media: uvcvideo: Require entities to have a non-zero unique ID" (Thadeu Lima de Souza Cascardo)
- netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (Cong Wang)

[5.15.0-307.178.4.el9uek]
- LTS version: v5.15.178 (Vijayendra Suman)
- Input: xpad - add support for wooting two he (arm) (Jack Greiner)
- Input: xpad - add unofficial Xbox 360 wireless receiver clone (Nilton Perim Neto)
- Input: atkbd - map F23 key to support default copilot shortcut (Mark Pearson)
- ALSA: usb-audio: Add delay quirk for USB Audio Device (Lianqin Hu)
- USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (Qasim Ijaz)
- wifi: iwlwifi: add a few rate index validity checks (Anjaneyulu)
- scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (Easwar Hariharan)
- ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (Ido Schimmel)
- platform/chrome: cros_ec_typec: Check for EC driver (Akihiko Odaki)
- fs/ntfs3: Additional check in ntfs_file_release (Konstantin Komarov)
- Bluetooth: RFCOMM: Fix not validating setsockopt user input (Luiz Augusto von Dentz)
- Bluetooth: SCO: Fix not validating setsockopt user input (Luiz Augusto von Dentz)
- vfio/platform: check the bounds of read/write syscalls (Alex Williamson)
- net: sched: fix ets qdisc OOB Indexing (Jamal Hadi Salim)
- gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (Andreas Gruenbacher)
- mptcp: don't always assume copied data in mptcp_cleanup_rbuf() (Paolo Abeni)
- regmap: detach regmap from dev on regmap_exit (Cosmin Tanislav)
- ASoC: samsung: Add missing depends on I2C (Charles Keepax)
- irqchip/sunxi-nmi: Add missing SKIP_WAKE flag (Philippe Simons)
- scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (Xiang Zhang)
- seccomp: Stub for !CONFIG_SECCOMP (Linus Walleij)
- ASoC: samsung: Add missing selects for MFD_WM8994 (Charles Keepax)
- ASoC: wm8994: Add depends on MFD core (Charles Keepax)

[5.15.0-307.177.3.el9uek]
- jbd2: increase maximum transaction size (Jan Kara) [Orabug: 37688920]
- net/mlx5e: Avoid WARN_ON when configuring MQPRIO with HTB offload enabled (Carolina Jubran) [Orabug: 37534698]
- net/mlx5e: Always start IPsec sequence number from 1 (Leon Romanovsky) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: Add support for clock_measure performance block (Shravan Kumar Ramani) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: Add support for monitoring cycle count (Shravan Kumar Ramani) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: incorrect type in assignment (Pei Xiao) [Orabug: 37534698]
- net/mlx5e: Disable loopback self-test on multi-PF netdev (Carolina Jubran) [Orabug: 37534698]
- net/mlx5: Unregister notifier on eswitch init failure (Cosmin Ratiu) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: Prevent stale command interrupt handling (Michal Wilczynski) [Orabug: 37534698]
- net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice (Jianbo Liu) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: fix lockdep warning (Luiz Capitulino) [Orabug: 37534698]
- net/mlx5: Fix bridge mode operations when there are no VFs (Benjamin Poirier) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: Add hw_reset() support for BlueField-3 SoC (Liming Sun) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: add dwcmshc_pltfm_data (Chen Wang) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: factor out code into dwcmshc_rk35xx_init (Chen Wang) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: factor out code for th1520_init() (Chen Wang) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: move two rk35xx functions (Chen Wang) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: add common bulk optional clocks support (Chen Wang) [Orabug: 37534698]
- net/mlx5e: Take state lock during tx timeout reporter (Dragos Tatulea) [Orabug: 37534698]
- net/mlx5: SD, Do not query MPIR register if no sd_group (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: Always drain health in shutdown callback (Shay Drory) [Orabug: 37534698]
- mmc: dw_mmc-bluefield: Add support for eMMC HW reset (Liming Sun) [Orabug: 37534698]
- mmc: dw_mmc: Add support for platform specific eMMC HW reset (Liming Sun) [Orabug: 37534698]
- net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (Dragos Tatulea) [Orabug: 37534698]
- net/mlx5e: SHAMPO, Fix incorrect page release (Dragos Tatulea) [Orabug: 37534698]
- net/mlx5: Do not query MPIR on embedded CPU function (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: Reload only IB representors upon lag disable/enable (Maher Sanalla) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: Add tuning support for Sophgo CV1800B and SG200X (Jisheng Zhang) [Orabug: 37534698]
- macsec: Detect if Rx skb is macsec-related for offloading devices that update md_dst (Rahul Rameshbabu) [Orabug: 37534698]
- macsec: Enable devices to advertise whether they update sk_buff md_dst during offloads (Rahul Rameshbabu) [Orabug: 37534698]
- net/mlx5e: Prevent deadlock while disabling aRFS (Carolina Jubran) [Orabug: 37534698]
- net/mlx5e: Use channel mdev reference instead of global mdev instance for coalescing (Rahul Rameshbabu) [Orabug: 37534698]
- net/mlx5: SD, Handle possible devcom ERR_PTR (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: Disallow SRIOV switchdev mode when in multi-PF netdev (Tariq Toukan) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: Implement SDHCI CQE support (Sergey Khimich) [Orabug: 37534698]
- mmc: cqhci: Add cqhci set_tran_desc() callback (Sergey Khimich) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: fix signedness bugs (Dan Carpenter) [Orabug: 37534698]
- net/mlx5e: Create EN core HW resources for all secondary devices (Tariq Toukan) [Orabug: 37534698]
- net/mlx5e: Create single netdev per SD group (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: SD, Add debugfs (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: SD, Add informative prints in kernel log (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: SD, Implement steering for primary and secondaries (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: SD, Implement devcom communication and primary election (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: SD, Implement basic query and instantiation (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: SD, Introduce SD lib (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: Add MPIR bit in mcam_access_reg (Tariq Toukan) [Orabug: 37534698]
- lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg (David Gow) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: Ignore unsupported performance blocks (Luiz Capitulino) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: mlxbf_pmc_event_list(): make size ptr optional (Luiz Capitulino) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: Add support for Sophgo CV1800B and SG2002 (Jisheng Zhang) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: Cleanup signed/unsigned mix-up (Shravan Kumar Ramani) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: Replace uintN_t with kernel-style types (Shravan Kumar Ramani) [Orabug: 37534698]
- net: macsec: revert the MAC address if mdo_upd_secy fails (Radu Pirea (NXP OSS)) [Orabug: 37534698]
- net: macsec: documentation for macsec_context and macsec_ops (Radu Pirea (NXP OSS)) [Orabug: 37534698]
- fortify: Do not cast to "unsigned char" (Kees Cook) [Orabug: 37534698]
- fortify: Use SIZE_MAX instead of (size_t)-1 (Kees Cook) [Orabug: 37534698]
- fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL (Kees Cook) [Orabug: 37534698]
- mmc: dw_mmc: Add driver callbacks for data read timeout (Mårten Lindahl) [Orabug: 37534698]
- mmc: dw_mmc-exynos: Add support for ARTPEC-8 (Mårten Lindahl) [Orabug: 37534698]
- mmc: dw_mmc: clean up a debug message (Dan Carpenter) [Orabug: 37534698]
- mmc: dw_mmc: exynos: use common_caps (John Keeping) [Orabug: 37534698]
- mmc: dw_mmc: add common capabilities to replace caps (John Keeping) [Orabug: 37534698]
- mmc: dw_mmc: Allow lower TMOUT value than maximum (Mårten Lindahl) [Orabug: 37534698]
- rds: Make sure transmit path and connection tear-down does not run concurrently (Håkon Bugge) [Orabug: 36441944]
- ice: always add legacy 32byte RXDID in supported_rxdids (Michal Schmidt) [Orabug: 36252756]
- ice: virtchnl rss hena support (Md Fahad Iqbal Polash) [Orabug: 36252756]
- ice: Add support Flex RXD (Michal Jaron) [Orabug: 36252756]

[5.15.0-307.177.2.el9uek]
- uek-rpm: Enable CONFIG_MICROSOFT_MANA as module in aarch64 (Vijayendra Suman) [Orabug: 37647393]
- rtc: add new RTC_FEATURE_ALARM_WAKEUP_ONLY feature (Alexandre Belloni) [Orabug: 37631796]
- thermal: core: Drop excessive lockdep_assert_held() calls (Rafael J. Wysocki) [Orabug: 37631796]
- thermal: core: Introduce thermal_cooling_device_update() (Rafael J. Wysocki) [Orabug: 37631796]
- thermal: core: Introduce thermal_cooling_device_present() (Rafael J. Wysocki) [Orabug: 37631796]
- thermal: sysfs: Reuse cdev->max_state (Viresh Kumar) [Orabug: 37631796]
- rtc: efi: Enable SET/GET WAKEUP services as optional (Shanker Donthineni) [Orabug: 37631796]
- rtc: efi: Add wakeup support (Riwen Lu) [Orabug: 37631796]
- rtc: efi: switch to RTC_FEATURE_UPDATE_INTERRUPT (Alexandre Belloni) [Orabug: 37631796]
- rtc: add BSM parameter (Alexandre Belloni) [Orabug: 37631796]
- rtc: add correction parameter (Alexandre Belloni) [Orabug: 37631796]
- rtc: add parameter ioctl (Alexandre Belloni) [Orabug: 37631796]
- rtc: expose correction feature (Alexandre Belloni) [Orabug: 37631796]
- rtc: add alarm related features (Alexandre Belloni) [Orabug: 37631796]
- rtc: efi: switch to devm_rtc_allocate_device (Alexandre Belloni) [Orabug: 37631796]
- cgroup: Make operations on the cgroup root_list RCU safe (Yafang Shao) [Orabug: 37621589]
- rds: ib: Avoid sleeping function inside RCU region by using sampled values instead (Håkon Bugge) [Orabug: 37586089]
- bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (Michael Chan) [Orabug: 37434220] {CVE-2024-56656}
- bnxt_en: Fix receive ring space parameters when XDP is active (Shravya KN) [Orabug: 37433562] {CVE-2024-53209}
- bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() (Aleksandr Mishin) [Orabug: 37070333] {CVE-2024-40919}
- bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() (Vikas Gupta) [Orabug: 37070270] {CVE-2024-35972}
- bnxt_en: Fix double DMA unmapping for XDP_REDIRECT (Somnath Kotur) [Orabug: 37070266] {CVE-2024-44984}

[5.15.0-307.177.1.el9uek]
- nvmet: always initialize cqe.result (Daniel Wagner) [Orabug: 36897348] {CVE-2024-41079}
- nvmet-auth: complete a request only after freeing the dhchap pointers (Maurizio Lombardi) [Orabug: 36897348] {CVE-2024-41079}
- scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info (Justin Tee) [Orabug: 37116505] {CVE-2024-46842}
- netdevsim: use cond_resched() in nsim_dev_trap_report_work() (Eric Dumazet) [Orabug: 37264120] {CVE-2024-50155}
- nvmet-auth: assign dh_key to NULL after kfree_sensitive (Vitaliy Shevtsov) [Orabug: 37268555] {CVE-2024-50215}
- net: usb: lan78xx: Fix double free issue with interrupt buffer allocation (Oleksij Rempel) [Orabug: 37433573] {CVE-2024-53213}
- PCI/MSI: Handle lack of irqdomain gracefully (Thomas Gleixner) [Orabug: 37452651] {CVE-2024-56760}
- selftests: rtnetlink: update netdevsim ipsec output format (Hangbin Liu) [Orabug: 37547931]
- netdevsim: print human readable IP address (Hangbin Liu) [Orabug: 37547931]
- uek: kabi: Fix build error for HIDE_INCLUDE macro (Saeed Mirzamohammadi) [Orabug: 37619141]
- Add __init annotation to pensando_efi_mem_reserve (Joseph Dobosenski) [Orabug: 37619785]

ELSA-2025-20270 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2025-20270

http://linux.oracle.com/errata/ELSA-2025-20270.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

aarch64:
bpftool-5.15.0-307.178.5.el9uek.aarch64.rpm
kernel-uek-5.15.0-307.178.5.el9uek.aarch64.rpm
kernel-uek-container-5.15.0-307.178.5.el9uek.aarch64.rpm
kernel-uek-container-debug-5.15.0-307.178.5.el9uek.aarch64.rpm
kernel-uek-core-5.15.0-307.178.5.el9uek.aarch64.rpm
kernel-uek-debug-5.15.0-307.178.5.el9uek.aarch64.rpm
kernel-uek-debug-core-5.15.0-307.178.5.el9uek.aarch64.rpm
kernel-uek-debug-devel-5.15.0-307.178.5.el9uek.aarch64.rpm
kernel-uek-debug-modules-5.15.0-307.178.5.el9uek.aarch64.rpm
kernel-uek-debug-modules-extra-5.15.0-307.178.5.el9uek.aarch64.rpm
kernel-uek-devel-5.15.0-307.178.5.el9uek.aarch64.rpm
kernel-uek-doc-5.15.0-307.178.5.el9uek.noarch.rpm
kernel-uek-modules-5.15.0-307.178.5.el9uek.aarch64.rpm
kernel-uek-modules-extra-5.15.0-307.178.5.el9uek.aarch64.rpm
kernel-uek64k-5.15.0-307.178.5.el9uek.aarch64.rpm
kernel-uek64k-core-5.15.0-307.178.5.el9uek.aarch64.rpm
kernel-uek64k-modules-5.15.0-307.178.5.el9uek.aarch64.rpm
kernel-uek64k-modules-extra-5.15.0-307.178.5.el9uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//kernel-uek-5.15.0-307.178.5.el9uek.src.rpm

Related CVEs:

CVE-2024-35972
CVE-2024-40919
CVE-2024-41079
CVE-2024-44984
CVE-2024-46842
CVE-2024-50155
CVE-2024-50215
CVE-2024-53209
CVE-2024-53213
CVE-2024-56656
CVE-2024-56660
CVE-2024-56760

Description of changes:

[5.15.0-307.178.5.el9uek]
- net/mlx5: DR, prevent potential error pointer dereference (Dan Carpenter) [Orabug: 37434242] {CVE-2024-56660}
- uek-rpm: Set CONFIG_IP6_NF_IPTABLES for ol9/ol8 container kernels (Jonah Palmer) [Orabug: 37703179]
- net: hsr: fix fill_frame_info() regression vs VLAN packets (Eric Dumazet)
- f2fs: Introduce linear search for dentries (Daniel Lee)
- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (Marco Leogrande)
- net: loopback: Avoid sending IP packets without an Ethernet header (Ido Schimmel)
- x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0 (Andrew Cooper)
- sched: sch_cake: add bounds checks to host bulk flow fairness counts (Toke Høiland-Jørgensen)
- usb: atm: cxacru: fix a flaw in existing endpoint checks (Nikita Zhandarovich)
- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (Juergen Gross)
- x86/xen: add FRAME_END to xen_hypercall_hvm() (Juergen Gross)
- ocfs2: fix incorrect CPU endianness conversion causing mount failure (Heming Zhao)
- usb: dwc3: Set SUSPENDENABLE soon after phy init (Thinh Nguyen)
- Revert "btrfs: avoid monopolizing a core when activating a swap file" (Koichiro Den)
- Revert "media: uvcvideo: Require entities to have a non-zero unique ID" (Thadeu Lima de Souza Cascardo)
- netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (Cong Wang)

[5.15.0-307.178.4.el9uek]
- LTS version: v5.15.178 (Vijayendra Suman)
- Input: xpad - add support for wooting two he (arm) (Jack Greiner)
- Input: xpad - add unofficial Xbox 360 wireless receiver clone (Nilton Perim Neto)
- Input: atkbd - map F23 key to support default copilot shortcut (Mark Pearson)
- ALSA: usb-audio: Add delay quirk for USB Audio Device (Lianqin Hu)
- USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (Qasim Ijaz)
- wifi: iwlwifi: add a few rate index validity checks (Anjaneyulu)
- scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (Easwar Hariharan)
- ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (Ido Schimmel)
- platform/chrome: cros_ec_typec: Check for EC driver (Akihiko Odaki)
- fs/ntfs3: Additional check in ntfs_file_release (Konstantin Komarov)
- Bluetooth: RFCOMM: Fix not validating setsockopt user input (Luiz Augusto von Dentz)
- Bluetooth: SCO: Fix not validating setsockopt user input (Luiz Augusto von Dentz)
- vfio/platform: check the bounds of read/write syscalls (Alex Williamson)
- net: sched: fix ets qdisc OOB Indexing (Jamal Hadi Salim)
- gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (Andreas Gruenbacher)
- mptcp: don't always assume copied data in mptcp_cleanup_rbuf() (Paolo Abeni)
- regmap: detach regmap from dev on regmap_exit (Cosmin Tanislav)
- ASoC: samsung: Add missing depends on I2C (Charles Keepax)
- irqchip/sunxi-nmi: Add missing SKIP_WAKE flag (Philippe Simons)
- scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (Xiang Zhang)
- seccomp: Stub for !CONFIG_SECCOMP (Linus Walleij)
- ASoC: samsung: Add missing selects for MFD_WM8994 (Charles Keepax)
- ASoC: wm8994: Add depends on MFD core (Charles Keepax)

[5.15.0-307.177.3.el9uek]
- jbd2: increase maximum transaction size (Jan Kara) [Orabug: 37688920]
- net/mlx5e: Avoid WARN_ON when configuring MQPRIO with HTB offload enabled (Carolina Jubran) [Orabug: 37534698]
- net/mlx5e: Always start IPsec sequence number from 1 (Leon Romanovsky) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: Add support for clock_measure performance block (Shravan Kumar Ramani) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: Add support for monitoring cycle count (Shravan Kumar Ramani) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: incorrect type in assignment (Pei Xiao) [Orabug: 37534698]
- net/mlx5e: Disable loopback self-test on multi-PF netdev (Carolina Jubran) [Orabug: 37534698]
- net/mlx5: Unregister notifier on eswitch init failure (Cosmin Ratiu) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: Prevent stale command interrupt handling (Michal Wilczynski) [Orabug: 37534698]
- net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice (Jianbo Liu) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: fix lockdep warning (Luiz Capitulino) [Orabug: 37534698]
- net/mlx5: Fix bridge mode operations when there are no VFs (Benjamin Poirier) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: Add hw_reset() support for BlueField-3 SoC (Liming Sun) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: add dwcmshc_pltfm_data (Chen Wang) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: factor out code into dwcmshc_rk35xx_init (Chen Wang) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: factor out code for th1520_init() (Chen Wang) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: move two rk35xx functions (Chen Wang) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: add common bulk optional clocks support (Chen Wang) [Orabug: 37534698]
- net/mlx5e: Take state lock during tx timeout reporter (Dragos Tatulea) [Orabug: 37534698]
- net/mlx5: SD, Do not query MPIR register if no sd_group (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: Always drain health in shutdown callback (Shay Drory) [Orabug: 37534698]
- mmc: dw_mmc-bluefield: Add support for eMMC HW reset (Liming Sun) [Orabug: 37534698]
- mmc: dw_mmc: Add support for platform specific eMMC HW reset (Liming Sun) [Orabug: 37534698]
- net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (Dragos Tatulea) [Orabug: 37534698]
- net/mlx5e: SHAMPO, Fix incorrect page release (Dragos Tatulea) [Orabug: 37534698]
- net/mlx5: Do not query MPIR on embedded CPU function (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: Reload only IB representors upon lag disable/enable (Maher Sanalla) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: Add tuning support for Sophgo CV1800B and SG200X (Jisheng Zhang) [Orabug: 37534698]
- macsec: Detect if Rx skb is macsec-related for offloading devices that update md_dst (Rahul Rameshbabu) [Orabug: 37534698]
- macsec: Enable devices to advertise whether they update sk_buff md_dst during offloads (Rahul Rameshbabu) [Orabug: 37534698]
- net/mlx5e: Prevent deadlock while disabling aRFS (Carolina Jubran) [Orabug: 37534698]
- net/mlx5e: Use channel mdev reference instead of global mdev instance for coalescing (Rahul Rameshbabu) [Orabug: 37534698]
- net/mlx5: SD, Handle possible devcom ERR_PTR (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: Disallow SRIOV switchdev mode when in multi-PF netdev (Tariq Toukan) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: Implement SDHCI CQE support (Sergey Khimich) [Orabug: 37534698]
- mmc: cqhci: Add cqhci set_tran_desc() callback (Sergey Khimich) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: fix signedness bugs (Dan Carpenter) [Orabug: 37534698]
- net/mlx5e: Create EN core HW resources for all secondary devices (Tariq Toukan) [Orabug: 37534698]
- net/mlx5e: Create single netdev per SD group (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: SD, Add debugfs (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: SD, Add informative prints in kernel log (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: SD, Implement steering for primary and secondaries (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: SD, Implement devcom communication and primary election (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: SD, Implement basic query and instantiation (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: SD, Introduce SD lib (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: Add MPIR bit in mcam_access_reg (Tariq Toukan) [Orabug: 37534698]
- lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg (David Gow) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: Ignore unsupported performance blocks (Luiz Capitulino) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: mlxbf_pmc_event_list(): make size ptr optional (Luiz Capitulino) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: Add support for Sophgo CV1800B and SG2002 (Jisheng Zhang) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: Cleanup signed/unsigned mix-up (Shravan Kumar Ramani) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: Replace uintN_t with kernel-style types (Shravan Kumar Ramani) [Orabug: 37534698]
- net: macsec: revert the MAC address if mdo_upd_secy fails (Radu Pirea (NXP OSS)) [Orabug: 37534698]
- net: macsec: documentation for macsec_context and macsec_ops (Radu Pirea (NXP OSS)) [Orabug: 37534698]
- fortify: Do not cast to "unsigned char" (Kees Cook) [Orabug: 37534698]
- fortify: Use SIZE_MAX instead of (size_t)-1 (Kees Cook) [Orabug: 37534698]
- fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL (Kees Cook) [Orabug: 37534698]
- mmc: dw_mmc: Add driver callbacks for data read timeout (Mårten Lindahl) [Orabug: 37534698]
- mmc: dw_mmc-exynos: Add support for ARTPEC-8 (Mårten Lindahl) [Orabug: 37534698]
- mmc: dw_mmc: clean up a debug message (Dan Carpenter) [Orabug: 37534698]
- mmc: dw_mmc: exynos: use common_caps (John Keeping) [Orabug: 37534698]
- mmc: dw_mmc: add common capabilities to replace caps (John Keeping) [Orabug: 37534698]
- mmc: dw_mmc: Allow lower TMOUT value than maximum (Mårten Lindahl) [Orabug: 37534698]
- rds: Make sure transmit path and connection tear-down does not run concurrently (Håkon Bugge) [Orabug: 36441944]
- ice: always add legacy 32byte RXDID in supported_rxdids (Michal Schmidt) [Orabug: 36252756]
- ice: virtchnl rss hena support (Md Fahad Iqbal Polash) [Orabug: 36252756]
- ice: Add support Flex RXD (Michal Jaron) [Orabug: 36252756]

[5.15.0-307.177.2.el9uek]
- uek-rpm: Enable CONFIG_MICROSOFT_MANA as module in aarch64 (Vijayendra Suman) [Orabug: 37647393]
- rtc: add new RTC_FEATURE_ALARM_WAKEUP_ONLY feature (Alexandre Belloni) [Orabug: 37631796]
- thermal: core: Drop excessive lockdep_assert_held() calls (Rafael J. Wysocki) [Orabug: 37631796]
- thermal: core: Introduce thermal_cooling_device_update() (Rafael J. Wysocki) [Orabug: 37631796]
- thermal: core: Introduce thermal_cooling_device_present() (Rafael J. Wysocki) [Orabug: 37631796]
- thermal: sysfs: Reuse cdev->max_state (Viresh Kumar) [Orabug: 37631796]
- rtc: efi: Enable SET/GET WAKEUP services as optional (Shanker Donthineni) [Orabug: 37631796]
- rtc: efi: Add wakeup support (Riwen Lu) [Orabug: 37631796]
- rtc: efi: switch to RTC_FEATURE_UPDATE_INTERRUPT (Alexandre Belloni) [Orabug: 37631796]
- rtc: add BSM parameter (Alexandre Belloni) [Orabug: 37631796]
- rtc: add correction parameter (Alexandre Belloni) [Orabug: 37631796]
- rtc: add parameter ioctl (Alexandre Belloni) [Orabug: 37631796]
- rtc: expose correction feature (Alexandre Belloni) [Orabug: 37631796]
- rtc: add alarm related features (Alexandre Belloni) [Orabug: 37631796]
- rtc: efi: switch to devm_rtc_allocate_device (Alexandre Belloni) [Orabug: 37631796]
- cgroup: Make operations on the cgroup root_list RCU safe (Yafang Shao) [Orabug: 37621589]
- rds: ib: Avoid sleeping function inside RCU region by using sampled values instead (Håkon Bugge) [Orabug: 37586089]
- bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (Michael Chan) [Orabug: 37434220] {CVE-2024-56656}
- bnxt_en: Fix receive ring space parameters when XDP is active (Shravya KN) [Orabug: 37433562] {CVE-2024-53209}
- bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() (Aleksandr Mishin) [Orabug: 37070333] {CVE-2024-40919}
- bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() (Vikas Gupta) [Orabug: 37070270] {CVE-2024-35972}
- bnxt_en: Fix double DMA unmapping for XDP_REDIRECT (Somnath Kotur) [Orabug: 37070266] {CVE-2024-44984}

[5.15.0-307.177.1.el9uek]
- nvmet: always initialize cqe.result (Daniel Wagner) [Orabug: 36897348] {CVE-2024-41079}
- nvmet-auth: complete a request only after freeing the dhchap pointers (Maurizio Lombardi) [Orabug: 36897348] {CVE-2024-41079}
- scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info (Justin Tee) [Orabug: 37116505] {CVE-2024-46842}
- netdevsim: use cond_resched() in nsim_dev_trap_report_work() (Eric Dumazet) [Orabug: 37264120] {CVE-2024-50155}
- nvmet-auth: assign dh_key to NULL after kfree_sensitive (Vitaliy Shevtsov) [Orabug: 37268555] {CVE-2024-50215}
- net: usb: lan78xx: Fix double free issue with interrupt buffer allocation (Oleksij Rempel) [Orabug: 37433573] {CVE-2024-53213}
- PCI/MSI: Handle lack of irqdomain gracefully (Thomas Gleixner) [Orabug: 37452651] {CVE-2024-56760}
- selftests: rtnetlink: update netdevsim ipsec output format (Hangbin Liu) [Orabug: 37547931]
- netdevsim: print human readable IP address (Hangbin Liu) [Orabug: 37547931]
- uek: kabi: Fix build error for HIDE_INCLUDE macro (Saeed Mirzamohammadi) [Orabug: 37619141]
- Add __init annotation to pensando_efi_mem_reserve (Joseph Dobosenski) [Orabug: 37619785]

ELSA-2025-3833 Important: Oracle Linux 9 gvisor-tap-vsock security update

Oracle Linux Security Advisory ELSA-2025-3833

http://linux.oracle.com/errata/ELSA-2025-3833.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
gvisor-tap-vsock-0.8.5-1.el9_5.x86_64.rpm

aarch64:
gvisor-tap-vsock-0.8.5-1.el9_5.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//gvisor-tap-vsock-0.8.5-1.el9_5.src.rpm

Related CVEs:

CVE-2025-22869

Description of changes:

[6:0.8.5-1]
- Fix CVE-2025-22869 by updating to 0.8.5
- Resolves: RHEL-81312

ELBA-2025-20229 Oracle Linux 9 linux-firmware bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-20229

http://linux.oracle.com/errata/ELBA-2025-20229.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
iwl1000-firmware-39.31.5.1-999.39.el9.noarch.rpm
iwl100-firmware-39.31.5.1-999.39.el9.noarch.rpm
iwl105-firmware-18.168.6.1-999.39.el9.noarch.rpm
iwl135-firmware-18.168.6.1-999.39.el9.noarch.rpm
iwl2000-firmware-18.168.6.1-999.39.el9.noarch.rpm
iwl2030-firmware-18.168.6.1-999.39.el9.noarch.rpm
iwl3160-firmware-25.30.13.0-999.39.el9.noarch.rpm
iwl3945-firmware-15.32.2.9-999.39.el9.noarch.rpm
iwl4965-firmware-228.61.2.24-999.39.el9.noarch.rpm
iwl5000-firmware-8.83.5.1_1-999.39.el9.noarch.rpm
iwl5150-firmware-8.24.2.2-999.39.el9.noarch.rpm
iwl6000-firmware-9.221.4.1-999.39.el9.noarch.rpm
iwl6000g2a-firmware-18.168.6.1-999.39.el9.noarch.rpm
iwl6000g2b-firmware-18.168.6.1-999.39.el9.noarch.rpm
iwl6050-firmware-41.28.5.1-999.39.el9.noarch.rpm
iwl7260-firmware-25.30.13.0-999.39.el9.noarch.rpm
iwlax2xx-firmware-20250319-999.39.el9.noarch.rpm
libertas-sd8686-firmware-20250319-999.39.git430633ec.el9.noarch.rpm
libertas-sd8787-firmware-20250319-999.39.git430633ec.el9.noarch.rpm
libertas-usb8388-firmware-20250319-999.39.git430633ec.el9.noarch.rpm
libertas-usb8388-olpc-firmware-20250319-999.39.git430633ec.el9.noarch.rpm
linux-firmware-20250319-999.39.git430633ec.el9.noarch.rpm
linux-firmware-core-20250319-999.39.git430633ec.el9.noarch.rpm
linux-firmware-whence-20250319-999.39.git430633ec.el9.noarch.rpm
liquidio-firmware-20250319-999.39.git430633ec.el9.noarch.rpm
netronome-firmware-20250319-999.39.git430633ec.el9.noarch.rpm

aarch64:
iwl1000-firmware-39.31.5.1-999.39.el9.noarch.rpm
iwl100-firmware-39.31.5.1-999.39.el9.noarch.rpm
iwl105-firmware-18.168.6.1-999.39.el9.noarch.rpm
iwl135-firmware-18.168.6.1-999.39.el9.noarch.rpm
iwl2000-firmware-18.168.6.1-999.39.el9.noarch.rpm
iwl2030-firmware-18.168.6.1-999.39.el9.noarch.rpm
iwl3160-firmware-25.30.13.0-999.39.el9.noarch.rpm
iwl3945-firmware-15.32.2.9-999.39.el9.noarch.rpm
iwl4965-firmware-228.61.2.24-999.39.el9.noarch.rpm
iwl5000-firmware-8.83.5.1_1-999.39.el9.noarch.rpm
iwl5150-firmware-8.24.2.2-999.39.el9.noarch.rpm
iwl6000-firmware-9.221.4.1-999.39.el9.noarch.rpm
iwl6000g2a-firmware-18.168.6.1-999.39.el9.noarch.rpm
iwl6000g2b-firmware-18.168.6.1-999.39.el9.noarch.rpm
iwl6050-firmware-41.28.5.1-999.39.el9.noarch.rpm
iwl7260-firmware-25.30.13.0-999.39.el9.noarch.rpm
iwlax2xx-firmware-20250319-999.39.el9.noarch.rpm
libertas-sd8686-firmware-20250319-999.39.git430633ec.el9.noarch.rpm
libertas-sd8787-firmware-20250319-999.39.git430633ec.el9.noarch.rpm
libertas-usb8388-firmware-20250319-999.39.git430633ec.el9.noarch.rpm
libertas-usb8388-olpc-firmware-20250319-999.39.git430633ec.el9.noarch.rpm
linux-firmware-20250319-999.39.git430633ec.el9.noarch.rpm
linux-firmware-core-20250319-999.39.git430633ec.el9.noarch.rpm
linux-firmware-whence-20250319-999.39.git430633ec.el9.noarch.rpm
liquidio-firmware-20250319-999.39.git430633ec.el9.noarch.rpm
netronome-firmware-20250319-999.39.git430633ec.el9.noarch.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//linux-firmware-20250319-999.39.git430633ec.el9.src.rpm

Description of changes:

[20250319-999.39.git430633ec.el9]
- Rebase to latest upstream [Orabug: 37729115]

ELBA-2025-20226 Oracle Linux 9 oraclelinux-release-el9 bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-20226

http://linux.oracle.com/errata/ELBA-2025-20226.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
oraclelinux-release-el9-1.0-19.el9.x86_64.rpm

aarch64:
oraclelinux-release-el9-1.0-19.el9.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//oraclelinux-release-el9-1.0-19.el9.src.rpm

Description of changes:

[1.0-19]
- Add disabled by default UEKR8 repositories [Orabug: 37596843]

ELSA-2025-20270 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2025-20270

http://linux.oracle.com/errata/ELSA-2025-20270.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-5.15.0-307.178.5.el8uek.x86_64.rpm
kernel-uek-5.15.0-307.178.5.el8uek.x86_64.rpm
kernel-uek-core-5.15.0-307.178.5.el8uek.x86_64.rpm
kernel-uek-debug-5.15.0-307.178.5.el8uek.x86_64.rpm
kernel-uek-debug-core-5.15.0-307.178.5.el8uek.x86_64.rpm
kernel-uek-debug-devel-5.15.0-307.178.5.el8uek.x86_64.rpm
kernel-uek-debug-modules-5.15.0-307.178.5.el8uek.x86_64.rpm
kernel-uek-debug-modules-extra-5.15.0-307.178.5.el8uek.x86_64.rpm
kernel-uek-devel-5.15.0-307.178.5.el8uek.x86_64.rpm
kernel-uek-doc-5.15.0-307.178.5.el8uek.noarch.rpm
kernel-uek-modules-5.15.0-307.178.5.el8uek.x86_64.rpm
kernel-uek-modules-extra-5.15.0-307.178.5.el8uek.x86_64.rpm
kernel-uek-container-5.15.0-307.178.5.el8uek.x86_64.rpm
kernel-uek-container-debug-5.15.0-307.178.5.el8uek.x86_64.rpm

aarch64:
bpftool-5.15.0-307.178.5.el8uek.aarch64.rpm
kernel-uek-5.15.0-307.178.5.el8uek.aarch64.rpm
kernel-uek-core-5.15.0-307.178.5.el8uek.aarch64.rpm
kernel-uek-debug-5.15.0-307.178.5.el8uek.aarch64.rpm
kernel-uek-debug-core-5.15.0-307.178.5.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.15.0-307.178.5.el8uek.aarch64.rpm
kernel-uek-debug-modules-5.15.0-307.178.5.el8uek.aarch64.rpm
kernel-uek-debug-modules-extra-5.15.0-307.178.5.el8uek.aarch64.rpm
kernel-uek-devel-5.15.0-307.178.5.el8uek.aarch64.rpm
kernel-uek-doc-5.15.0-307.178.5.el8uek.noarch.rpm
kernel-uek-modules-5.15.0-307.178.5.el8uek.aarch64.rpm
kernel-uek-modules-extra-5.15.0-307.178.5.el8uek.aarch64.rpm
kernel-uek-container-5.15.0-307.178.5.el8uek.aarch64.rpm
kernel-uek-container-debug-5.15.0-307.178.5.el8uek.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.15.0-307.178.5.el8uek.src.rpm

Related CVEs:

CVE-2024-35972
CVE-2024-40919
CVE-2024-41079
CVE-2024-44984
CVE-2024-46842
CVE-2024-50155
CVE-2024-50215
CVE-2024-53209
CVE-2024-53213
CVE-2024-56656
CVE-2024-56660
CVE-2024-56760

Description of changes:

[5.15.0-307.178.5.el8uek]
- net/mlx5: DR, prevent potential error pointer dereference (Dan Carpenter) [Orabug: 37434242] {CVE-2024-56660}
- uek-rpm: Set CONFIG_IP6_NF_IPTABLES for ol9/ol8 container kernels (Jonah Palmer) [Orabug: 37703179]
- net: hsr: fix fill_frame_info() regression vs VLAN packets (Eric Dumazet)
- f2fs: Introduce linear search for dentries (Daniel Lee)
- tools/testing/selftests/bpf/test_tc_tunnel.sh: Fix wait for server bind (Marco Leogrande)
- net: loopback: Avoid sending IP packets without an Ethernet header (Ido Schimmel)
- x86/static-call: Remove early_boot_irqs_disabled check to fix Xen PVH dom0 (Andrew Cooper)
- sched: sch_cake: add bounds checks to host bulk flow fairness counts (Toke Høiland-Jørgensen)
- usb: atm: cxacru: fix a flaw in existing endpoint checks (Nikita Zhandarovich)
- x86/xen: fix xen_hypercall_hvm() to not clobber %rbx (Juergen Gross)
- x86/xen: add FRAME_END to xen_hypercall_hvm() (Juergen Gross)
- ocfs2: fix incorrect CPU endianness conversion causing mount failure (Heming Zhao)
- usb: dwc3: Set SUSPENDENABLE soon after phy init (Thinh Nguyen)
- Revert "btrfs: avoid monopolizing a core when activating a swap file" (Koichiro Den)
- Revert "media: uvcvideo: Require entities to have a non-zero unique ID" (Thadeu Lima de Souza Cascardo)
- netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (Cong Wang)

[5.15.0-307.178.4.el8uek]
- LTS version: v5.15.178 (Vijayendra Suman)
- Input: xpad - add support for wooting two he (arm) (Jack Greiner)
- Input: xpad - add unofficial Xbox 360 wireless receiver clone (Nilton Perim Neto)
- Input: atkbd - map F23 key to support default copilot shortcut (Mark Pearson)
- ALSA: usb-audio: Add delay quirk for USB Audio Device (Lianqin Hu)
- USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (Qasim Ijaz)
- wifi: iwlwifi: add a few rate index validity checks (Anjaneyulu)
- scsi: storvsc: Ratelimit warning logs to prevent VM denial of service (Easwar Hariharan)
- ipv4: ip_tunnel: Fix suspicious RCU usage warning in ip_tunnel_find() (Ido Schimmel)
- platform/chrome: cros_ec_typec: Check for EC driver (Akihiko Odaki)
- fs/ntfs3: Additional check in ntfs_file_release (Konstantin Komarov)
- Bluetooth: RFCOMM: Fix not validating setsockopt user input (Luiz Augusto von Dentz)
- Bluetooth: SCO: Fix not validating setsockopt user input (Luiz Augusto von Dentz)
- vfio/platform: check the bounds of read/write syscalls (Alex Williamson)
- net: sched: fix ets qdisc OOB Indexing (Jamal Hadi Salim)
- gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (Andreas Gruenbacher)
- mptcp: don't always assume copied data in mptcp_cleanup_rbuf() (Paolo Abeni)
- regmap: detach regmap from dev on regmap_exit (Cosmin Tanislav)
- ASoC: samsung: Add missing depends on I2C (Charles Keepax)
- irqchip/sunxi-nmi: Add missing SKIP_WAKE flag (Philippe Simons)
- scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (Xiang Zhang)
- seccomp: Stub for !CONFIG_SECCOMP (Linus Walleij)
- ASoC: samsung: Add missing selects for MFD_WM8994 (Charles Keepax)
- ASoC: wm8994: Add depends on MFD core (Charles Keepax)

[5.15.0-307.177.3.el8uek]
- jbd2: increase maximum transaction size (Jan Kara) [Orabug: 37688920]
- net/mlx5e: Avoid WARN_ON when configuring MQPRIO with HTB offload enabled (Carolina Jubran) [Orabug: 37534698]
- net/mlx5e: Always start IPsec sequence number from 1 (Leon Romanovsky) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: Add support for clock_measure performance block (Shravan Kumar Ramani) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: Add support for monitoring cycle count (Shravan Kumar Ramani) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: incorrect type in assignment (Pei Xiao) [Orabug: 37534698]
- net/mlx5e: Disable loopback self-test on multi-PF netdev (Carolina Jubran) [Orabug: 37534698]
- net/mlx5: Unregister notifier on eswitch init failure (Cosmin Ratiu) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: Prevent stale command interrupt handling (Michal Wilczynski) [Orabug: 37534698]
- net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice (Jianbo Liu) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: fix lockdep warning (Luiz Capitulino) [Orabug: 37534698]
- net/mlx5: Fix bridge mode operations when there are no VFs (Benjamin Poirier) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: Add hw_reset() support for BlueField-3 SoC (Liming Sun) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: add dwcmshc_pltfm_data (Chen Wang) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: factor out code into dwcmshc_rk35xx_init (Chen Wang) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: factor out code for th1520_init() (Chen Wang) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: move two rk35xx functions (Chen Wang) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: add common bulk optional clocks support (Chen Wang) [Orabug: 37534698]
- net/mlx5e: Take state lock during tx timeout reporter (Dragos Tatulea) [Orabug: 37534698]
- net/mlx5: SD, Do not query MPIR register if no sd_group (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: Always drain health in shutdown callback (Shay Drory) [Orabug: 37534698]
- mmc: dw_mmc-bluefield: Add support for eMMC HW reset (Liming Sun) [Orabug: 37534698]
- mmc: dw_mmc: Add support for platform specific eMMC HW reset (Liming Sun) [Orabug: 37534698]
- net/mlx5e: SHAMPO, Fix invalid WQ linked list unlink (Dragos Tatulea) [Orabug: 37534698]
- net/mlx5e: SHAMPO, Fix incorrect page release (Dragos Tatulea) [Orabug: 37534698]
- net/mlx5: Do not query MPIR on embedded CPU function (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: Reload only IB representors upon lag disable/enable (Maher Sanalla) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: Add tuning support for Sophgo CV1800B and SG200X (Jisheng Zhang) [Orabug: 37534698]
- macsec: Detect if Rx skb is macsec-related for offloading devices that update md_dst (Rahul Rameshbabu) [Orabug: 37534698]
- macsec: Enable devices to advertise whether they update sk_buff md_dst during offloads (Rahul Rameshbabu) [Orabug: 37534698]
- net/mlx5e: Prevent deadlock while disabling aRFS (Carolina Jubran) [Orabug: 37534698]
- net/mlx5e: Use channel mdev reference instead of global mdev instance for coalescing (Rahul Rameshbabu) [Orabug: 37534698]
- net/mlx5: SD, Handle possible devcom ERR_PTR (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: Disallow SRIOV switchdev mode when in multi-PF netdev (Tariq Toukan) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: Implement SDHCI CQE support (Sergey Khimich) [Orabug: 37534698]
- mmc: cqhci: Add cqhci set_tran_desc() callback (Sergey Khimich) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: fix signedness bugs (Dan Carpenter) [Orabug: 37534698]
- net/mlx5e: Create EN core HW resources for all secondary devices (Tariq Toukan) [Orabug: 37534698]
- net/mlx5e: Create single netdev per SD group (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: SD, Add debugfs (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: SD, Add informative prints in kernel log (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: SD, Implement steering for primary and secondaries (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: SD, Implement devcom communication and primary election (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: SD, Implement basic query and instantiation (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: SD, Introduce SD lib (Tariq Toukan) [Orabug: 37534698]
- net/mlx5: Add MPIR bit in mcam_access_reg (Tariq Toukan) [Orabug: 37534698]
- lib: memcpy_kunit: Fix an invalid format specifier in an assertion msg (David Gow) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: Ignore unsupported performance blocks (Luiz Capitulino) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: mlxbf_pmc_event_list(): make size ptr optional (Luiz Capitulino) [Orabug: 37534698]
- mmc: sdhci-of-dwcmshc: Add support for Sophgo CV1800B and SG2002 (Jisheng Zhang) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: Cleanup signed/unsigned mix-up (Shravan Kumar Ramani) [Orabug: 37534698]
- platform/mellanox: mlxbf-pmc: Replace uintN_t with kernel-style types (Shravan Kumar Ramani) [Orabug: 37534698]
- net: macsec: revert the MAC address if mdo_upd_secy fails (Radu Pirea (NXP OSS)) [Orabug: 37534698]
- net: macsec: documentation for macsec_context and macsec_ops (Radu Pirea (NXP OSS)) [Orabug: 37534698]
- fortify: Do not cast to "unsigned char" (Kees Cook) [Orabug: 37534698]
- fortify: Use SIZE_MAX instead of (size_t)-1 (Kees Cook) [Orabug: 37534698]
- fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL (Kees Cook) [Orabug: 37534698]
- mmc: dw_mmc: Add driver callbacks for data read timeout (Mårten Lindahl) [Orabug: 37534698]
- mmc: dw_mmc-exynos: Add support for ARTPEC-8 (Mårten Lindahl) [Orabug: 37534698]
- mmc: dw_mmc: clean up a debug message (Dan Carpenter) [Orabug: 37534698]
- mmc: dw_mmc: exynos: use common_caps (John Keeping) [Orabug: 37534698]
- mmc: dw_mmc: add common capabilities to replace caps (John Keeping) [Orabug: 37534698]
- mmc: dw_mmc: Allow lower TMOUT value than maximum (Mårten Lindahl) [Orabug: 37534698]
- rds: Make sure transmit path and connection tear-down does not run concurrently (Håkon Bugge) [Orabug: 36441944]
- ice: always add legacy 32byte RXDID in supported_rxdids (Michal Schmidt) [Orabug: 36252756]
- ice: virtchnl rss hena support (Md Fahad Iqbal Polash) [Orabug: 36252756]
- ice: Add support Flex RXD (Michal Jaron) [Orabug: 36252756]

[5.15.0-307.177.2.el8uek]
- uek-rpm: Enable CONFIG_MICROSOFT_MANA as module in aarch64 (Vijayendra Suman) [Orabug: 37647393]
- rtc: add new RTC_FEATURE_ALARM_WAKEUP_ONLY feature (Alexandre Belloni) [Orabug: 37631796]
- thermal: core: Drop excessive lockdep_assert_held() calls (Rafael J. Wysocki) [Orabug: 37631796]
- thermal: core: Introduce thermal_cooling_device_update() (Rafael J. Wysocki) [Orabug: 37631796]
- thermal: core: Introduce thermal_cooling_device_present() (Rafael J. Wysocki) [Orabug: 37631796]
- thermal: sysfs: Reuse cdev->max_state (Viresh Kumar) [Orabug: 37631796]
- rtc: efi: Enable SET/GET WAKEUP services as optional (Shanker Donthineni) [Orabug: 37631796]
- rtc: efi: Add wakeup support (Riwen Lu) [Orabug: 37631796]
- rtc: efi: switch to RTC_FEATURE_UPDATE_INTERRUPT (Alexandre Belloni) [Orabug: 37631796]
- rtc: add BSM parameter (Alexandre Belloni) [Orabug: 37631796]
- rtc: add correction parameter (Alexandre Belloni) [Orabug: 37631796]
- rtc: add parameter ioctl (Alexandre Belloni) [Orabug: 37631796]
- rtc: expose correction feature (Alexandre Belloni) [Orabug: 37631796]
- rtc: add alarm related features (Alexandre Belloni) [Orabug: 37631796]
- rtc: efi: switch to devm_rtc_allocate_device (Alexandre Belloni) [Orabug: 37631796]
- cgroup: Make operations on the cgroup root_list RCU safe (Yafang Shao) [Orabug: 37621589]
- rds: ib: Avoid sleeping function inside RCU region by using sampled values instead (Håkon Bugge) [Orabug: 37586089]
- bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips (Michael Chan) [Orabug: 37434220] {CVE-2024-56656}
- bnxt_en: Fix receive ring space parameters when XDP is active (Shravya KN) [Orabug: 37433562] {CVE-2024-53209}
- bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() (Aleksandr Mishin) [Orabug: 37070333] {CVE-2024-40919}
- bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() (Vikas Gupta) [Orabug: 37070270] {CVE-2024-35972}
- bnxt_en: Fix double DMA unmapping for XDP_REDIRECT (Somnath Kotur) [Orabug: 37070266] {CVE-2024-44984}

[5.15.0-307.177.1.el8uek]
- nvmet: always initialize cqe.result (Daniel Wagner) [Orabug: 36897348] {CVE-2024-41079}
- nvmet-auth: complete a request only after freeing the dhchap pointers (Maurizio Lombardi) [Orabug: 36897348] {CVE-2024-41079}
- scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info (Justin Tee) [Orabug: 37116505] {CVE-2024-46842}
- netdevsim: use cond_resched() in nsim_dev_trap_report_work() (Eric Dumazet) [Orabug: 37264120] {CVE-2024-50155}
- nvmet-auth: assign dh_key to NULL after kfree_sensitive (Vitaliy Shevtsov) [Orabug: 37268555] {CVE-2024-50215}
- net: usb: lan78xx: Fix double free issue with interrupt buffer allocation (Oleksij Rempel) [Orabug: 37433573] {CVE-2024-53213}
- PCI/MSI: Handle lack of irqdomain gracefully (Thomas Gleixner) [Orabug: 37452651] {CVE-2024-56760}
- selftests: rtnetlink: update netdevsim ipsec output format (Hangbin Liu) [Orabug: 37547931]
- netdevsim: print human readable IP address (Hangbin Liu) [Orabug: 37547931]
- uek: kabi: Fix build error for HIDE_INCLUDE macro (Saeed Mirzamohammadi) [Orabug: 37619141]
- Add __init annotation to pensando_efi_mem_reserve (Joseph Dobosenski) [Orabug: 37619785]

ELSA-2025-20271 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2025-20271

http://linux.oracle.com/errata/ELSA-2025-20271.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-5.4.17-2136.342.5.el8uek.x86_64.rpm
kernel-uek-container-5.4.17-2136.342.5.el8uek.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.342.5.el8uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.342.5.el8uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.342.5.el8uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.342.5.el8uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.342.5.el8uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.4.17-2136.342.5.el8uek.src.rpm

Related CVEs:

CVE-2024-39494

Description of changes:

[5.4.17-2136.342.5.el8uek]
- ima: Fix use-after-free on a dentry's dname.name (Stefan Berger) [Orabug: 36835558] {CVE-2024-39494}

[5.4.17-2136.342.4.el8uek]
- sched: sch_cake: add bounds checks to host bulk flow fairness counts (Toke Høiland-Jørgensen)
- udf: Fix use of check_add_overflow() with mixed type arguments (Ben Hutchings)
- x86/xen: allow larger contiguous memory regions in PV guests (Juergen Gross)
- xen: remove a confusing comment on auto-translated guest I/O (Petr Tesarik)
- ALSA: hda/realtek: Fixup ALC225 depop procedure (Kailang Yang)
- ALSA: hda/realtek - Add type for ALC287 (Kailang Yang)
- net: loopback: Avoid sending IP packets without an Ethernet header (Ido Schimmel)
- netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (Cong Wang)
- ocfs2: fix incorrect CPU endianness conversion causing mount failure (Heming Zhao)
- Revert "btrfs: avoid monopolizing a core when activating a swap file" (Koichiro Den)
- gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl(). (Kuniyuki Iwashima)
- Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (Fedor Pchelkin)
- rds: Make sure transmit path and connection tear-down does not run concurrently (Håkon Bugge) [Orabug: 36308571]
- NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() (Yanjun Zhang) [Orabug: 37206487]

[5.4.17-2136.342.3.el8uek]
- LTS tag: v5.4.290 (Alok Tiwari)
- Partial revert of xhci: use pm_ptr() instead #ifdef for CONFIG_PM conditionals (Ron Economos)
- xhci: use pm_ptr() instead of #ifdef for CONFIG_PM conditionals (Arnd Bergmann)
- drm/v3d: Assign job pointer to NULL before signaling the fence (Maíra Canal)
- Input: xpad - add support for wooting two he (arm) (Jack Greiner)
- Input: xpad - add unofficial Xbox 360 wireless receiver clone (Nilton Perim Neto)
- Input: atkbd - map F23 key to support default copilot shortcut (Mark Pearson)
- Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null" (Greg Kroah-Hartman)
- USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (Qasim Ijaz)
- ext4: fix slab-use-after-free in ext4_split_extent_at() (Baokun Li)
- ext4: avoid ext4_error()'s caused by ENOMEM in the truncate path (Theodore Ts'o)
- vfio/platform: check the bounds of read/write syscalls (Alex Williamson)
- net/xen-netback: prevent UAF in xenvif_flush_hash() (Jeongjun Park)
- net: xen-netback: hash.c: Use built-in RCU list checking (Madhuparna Bhowmik)
- signal/m68k: Use force_sigsegv(SIGSEGV) in fpsp040_die (Eric W. Biederman)
- m68k: Add missing mmap_read_lock() to sys_cacheflush() (Liam Howlett)
- m68k: Update ->thread.esp0 before calling syscall_trace() in ret_from_signal (Al Viro)
- gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (Andreas Gruenbacher)
- irqchip/sunxi-nmi: Add missing SKIP_WAKE flag (Philippe Simons)
- scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (Xiang Zhang)
- ASoC: wm8994: Add depends on MFD core (Charles Keepax)
- net: fix data-races around sk->sk_forward_alloc (Wang Liang)
- scsi: sg: Fix slab-use-after-free read in sg_release() (Suraj Sonawane)
- ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (Eric Dumazet)
- irqchip/gic-v3: Handle CPU_PM_ENTER_FAILED correctly (Yogesh Lal)
- fs/proc: fix softlockup in __read_vmcore (part 2) (Rik van Riel)
- net: ethernet: xgbe: re-add aneg to supported features in PHY quirks (Heiner Kallweit)
- nvmet: propagate npwg topology (Luis Chamberlain)
- poll_wait: add mb() to fix theoretical race between waitqueue_active() and .poll() (Oleg Nesterov)
- kheaders: Ignore silly-rename files (David Howells)
- hfs: Sanity check the root record (Leo Stone)
- mac802154: check local interfaces before deleting sdata list (Lizhi Xu)
- i2c: mux: demux-pinctrl: check initial mux selection, too (Wolfram Sang)
- drm/v3d: Ensure job pointer is set to NULL after job completion (Maíra Canal)
- nfp: bpf: prevent integer overflow in nfp_bpf_event_output() (Dan Carpenter)
- gtp: Destroy device along with udp socket's netns dismantle. (Kuniyuki Iwashima)
- gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp(). (Kuniyuki Iwashima)
- gtp: use exit_batch_rtnl() method (Eric Dumazet)
- net: add exit_batch_rtnl() method (Eric Dumazet)
- net: net_namespace: Optimize the code (Yajun Deng)
- net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field() (Sudheer Kumar Doredla)
- sctp: sysctl: rto_min/max: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv (Dennis Lam)
- ocfs2: correct return value of ocfs2_local_free_info() (Joseph Qi)
- phy: core: Fix that API devm_of_phy_provider_unregister() fails to unregister the phy provider (Zijun Hu)
- phy: core: fix code style in devm_of_phy_provider_unregister (Vinod Koul)
- arm64: dts: rockchip: add hevc power domain clock to rk3328 (Peter Geis)
- arm64: dts: rockchip: add #power-domain-cells to power domain nodes (Johan Jonker)
- arm64: dts: rockchip: fix pd_tcpc0 and pd_tcpc1 node position on rk3399 (Johan Jonker)
- arm64: dts: rockchip: fix defines in pd_vio node for rk3399 (Johan Jonker)
- iio: inkern: call iio_device_put() only on mapped devices (Joe Hattori)
- iio: adc: at91: call input_free_device() on allocated iio_dev (Joe Hattori)
- iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (Fabio Estevam)
- iio: gyro: fxas21002c: Fix missing data update in trigger handler (Carlos Song)
- iio: adc: ti-ads8688: fix information leak in triggered buffer (Javier Carrasco)
- iio: imu: kmx61: fix information leak in triggered buffer (Javier Carrasco)
- iio: light: vcnl4035: fix information leak in triggered buffer (Javier Carrasco)
- iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (Javier Carrasco)
- iio: pressure: zpa2326: fix information leak in triggered buffer (Javier Carrasco)
- usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (Akash M)
- usb: fix reference leak in usb_new_device() (Ma Ke)
- USB: core: Disable LPM only for non-suspended ports (Kai-Heng Feng)
- USB: usblp: return error when setting unsupported protocol (Jun Yan)
- usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (Lianqin Hu)
- USB: serial: cp210x: add Phoenix Contact UPS Device (Johan Hovold)
- usb-storage: Add max sectors quirk for Nokia 208 (Lubomir Rintel)
- staging: iio: ad9832: Correct phase range check (Zicheng Qu)
- staging: iio: ad9834: Correct phase range check (Zicheng Qu)
- USB: serial: option: add Neoway N723-EA support (Michal Hrusecky)
- USB: serial: option: add MeiG Smart SRM815 (Chukun Pan)
- drm/amd/display: increase MAX_SURFACES to the value supported by hw (Melissa Wen)
- ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[] (Hans de Goede)
- ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[] (Hans de Goede)
- drm/amd/display: Add check for granularity in dml ceil/floor helpers (Roman Li)
- sctp: sysctl: auth_enable: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- dm thin: make get_first_thin use rcu-safe list first function (Krister Johansen)
- tls: Fix tls_sw_sendmsg error handling (Benjamin Coddington)
- net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute (Eric Dumazet)
- tcp/dccp: allow a connection when sk_max_ack_backlog is zero (Zhongqiu Duan)
- tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog (Jason Xing)
- net: 802: LLC+SNAP OID:PID lookup on start of skb data (Antonio Pastor)
- ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (Keisuke Nishimura)
- dm array: fix cursor index when skipping across block boundaries (Ming-Hung Tsai)
- dm array: fix unreleased btree blocks on closing a faulty array cursor (Ming-Hung Tsai)
- dm array: fix releasing a faulty array block twice in dm_array_cursor_end (Ming-Hung Tsai)
- jbd2: flush filesystem device before updating tail sequence (Zhang Yi)

[5.4.17-2136.342.2.el8uek]
- Revert "NFSD: Limit the number of concurrent async COPY operations" (Sherry Yang) [Orabug: 37660195]
- rds: ib: Avoid sleeping function inside RCU region by using sampled values instead (Håkon Bugge) [Orabug: 37586090]
- dm rq: don't queue request to blk-mq during DM suspend (Ming Lei) [Orabug: 37010188]
- dm: rearrange core declarations for extended use from dm-zone.c (Damien Le Moal) [Orabug: 37010188]

[5.4.17-2136.342.1.el8uek]
- cgroup: Make operations on the cgroup root_list RCU safe (Yafang Shao) [Orabug: 37621585]
- uek: kabi: Fix build error for HIDE_INCLUDE macro (Saeed Mirzamohammadi) [Orabug: 37619102]
- oracleasm: Fix PI when use_logical_block_size is set (Martin K. Petersen) [Orabug: 37503280]
- oracleasm: Add support for per-I/O block size selection (Martin K. Petersen) [Orabug: 37503280]
- perf/x86/intel/uncore: Fix NULL pointer dereference issue in upi_fill_topology() (Alexander Antonov) [Orabug: 36882938]

ELSA-2025-3913 Moderate: Oracle Linux 8 expat security update

Oracle Linux Security Advisory ELSA-2025-3913

http://linux.oracle.com/errata/ELSA-2025-3913.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
expat-2.2.5-17.0.1.el8_10.i686.rpm
expat-2.2.5-17.0.1.el8_10.x86_64.rpm
expat-devel-2.2.5-17.0.1.el8_10.i686.rpm
expat-devel-2.2.5-17.0.1.el8_10.x86_64.rpm

aarch64:
expat-2.2.5-17.0.1.el8_10.aarch64.rpm
expat-devel-2.2.5-17.0.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//expat-2.2.5-17.0.1.el8_10.src.rpm

Related CVEs:

CVE-2024-8176

Description of changes:

[2.2.5-17.0.1]
- lib: Prevent integer overflow in doProlog [CVE-2022-23990][Orabug: 33910314]

[2.2.5-17]
- Fix CVE-2024-8176
- Resolves: RHEL-57477

ELSA-2025-3893 Moderate: Oracle Linux 8 kernel security update

Oracle Linux Security Advisory ELSA-2025-3893

http://linux.oracle.com/errata/ELSA-2025-3893.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
bpftool-4.18.0-553.50.1.el8_10.x86_64.rpm
kernel-4.18.0-553.50.1.el8_10.x86_64.rpm
kernel-abi-stablelists-4.18.0-553.50.1.el8_10.noarch.rpm
kernel-core-4.18.0-553.50.1.el8_10.x86_64.rpm
kernel-cross-headers-4.18.0-553.50.1.el8_10.x86_64.rpm
kernel-debug-4.18.0-553.50.1.el8_10.x86_64.rpm
kernel-debug-core-4.18.0-553.50.1.el8_10.x86_64.rpm
kernel-debug-devel-4.18.0-553.50.1.el8_10.x86_64.rpm
kernel-debug-modules-4.18.0-553.50.1.el8_10.x86_64.rpm
kernel-debug-modules-extra-4.18.0-553.50.1.el8_10.x86_64.rpm
kernel-devel-4.18.0-553.50.1.el8_10.x86_64.rpm
kernel-doc-4.18.0-553.50.1.el8_10.noarch.rpm
kernel-headers-4.18.0-553.50.1.el8_10.x86_64.rpm
kernel-modules-4.18.0-553.50.1.el8_10.x86_64.rpm
kernel-modules-extra-4.18.0-553.50.1.el8_10.x86_64.rpm
kernel-tools-4.18.0-553.50.1.el8_10.x86_64.rpm
kernel-tools-libs-4.18.0-553.50.1.el8_10.x86_64.rpm
perf-4.18.0-553.50.1.el8_10.x86_64.rpm
python3-perf-4.18.0-553.50.1.el8_10.x86_64.rpm
kernel-tools-libs-devel-4.18.0-553.50.1.el8_10.x86_64.rpm

aarch64:
bpftool-4.18.0-553.50.1.el8_10.aarch64.rpm
kernel-cross-headers-4.18.0-553.50.1.el8_10.aarch64.rpm
kernel-headers-4.18.0-553.50.1.el8_10.aarch64.rpm
kernel-tools-4.18.0-553.50.1.el8_10.aarch64.rpm
kernel-tools-libs-4.18.0-553.50.1.el8_10.aarch64.rpm
perf-4.18.0-553.50.1.el8_10.aarch64.rpm
python3-perf-4.18.0-553.50.1.el8_10.aarch64.rpm
kernel-tools-libs-devel-4.18.0-553.50.1.el8_10.aarch64.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-4.18.0-553.50.1.el8_10.src.rpm

Related CVEs:

CVE-2024-53150
CVE-2024-53241

Description of changes:

[4.18.0-553.50.1.el8_10.OL8]
- Update Oracle Linux certificates (Kevin Lyons)
- Disable signing for aarch64 (Ilya Okomin)
- Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
- Update x509.genkey [Orabug: 24817676]
- Conflict with shim-ia32 and shim-x64 _flags & _IO_USER_LOCK) == 0)
_IO_lock_lock (*stream->_lock);
OraBug: 28481550.
Reviewed-by: Qing Zhao [qing.zhao@oracle.com]

[2.28-251.16]
- nscd: Fix an unlikely TTL issue in the netgroup cache (RHEL-35280)

ELSA-2025-20271 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2025-20271

http://linux.oracle.com/errata/ELSA-2025-20271.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

aarch64:
kernel-uek-5.4.17-2136.342.5.el8uek.aarch64.rpm
kernel-uek-debug-5.4.17-2136.342.5.el8uek.aarch64.rpm
kernel-uek-debug-devel-5.4.17-2136.342.5.el8uek.aarch64.rpm
kernel-uek-devel-5.4.17-2136.342.5.el8uek.aarch64.rpm
kernel-uek-doc-5.4.17-2136.342.5.el8uek.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//kernel-uek-5.4.17-2136.342.5.el8uek.src.rpm

Related CVEs:

CVE-2024-39494

Description of changes:

[5.4.17-2136.342.5.el8uek]
- ima: Fix use-after-free on a dentry's dname.name (Stefan Berger) [Orabug: 36835558] {CVE-2024-39494}

[5.4.17-2136.342.4.el8uek]
- sched: sch_cake: add bounds checks to host bulk flow fairness counts (Toke Høiland-Jørgensen)
- udf: Fix use of check_add_overflow() with mixed type arguments (Ben Hutchings)
- x86/xen: allow larger contiguous memory regions in PV guests (Juergen Gross)
- xen: remove a confusing comment on auto-translated guest I/O (Petr Tesarik)
- ALSA: hda/realtek: Fixup ALC225 depop procedure (Kailang Yang)
- ALSA: hda/realtek - Add type for ALC287 (Kailang Yang)
- net: loopback: Avoid sending IP packets without an Ethernet header (Ido Schimmel)
- netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (Cong Wang)
- ocfs2: fix incorrect CPU endianness conversion causing mount failure (Heming Zhao)
- Revert "btrfs: avoid monopolizing a core when activating a swap file" (Koichiro Den)
- gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl(). (Kuniyuki Iwashima)
- Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (Fedor Pchelkin)
- rds: Make sure transmit path and connection tear-down does not run concurrently (Håkon Bugge) [Orabug: 36308571]
- NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() (Yanjun Zhang) [Orabug: 37206487]

[5.4.17-2136.342.3.el8uek]
- LTS tag: v5.4.290 (Alok Tiwari)
- Partial revert of xhci: use pm_ptr() instead #ifdef for CONFIG_PM conditionals (Ron Economos)
- xhci: use pm_ptr() instead of #ifdef for CONFIG_PM conditionals (Arnd Bergmann)
- drm/v3d: Assign job pointer to NULL before signaling the fence (Maíra Canal)
- Input: xpad - add support for wooting two he (arm) (Jack Greiner)
- Input: xpad - add unofficial Xbox 360 wireless receiver clone (Nilton Perim Neto)
- Input: atkbd - map F23 key to support default copilot shortcut (Mark Pearson)
- Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null" (Greg Kroah-Hartman)
- USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (Qasim Ijaz)
- ext4: fix slab-use-after-free in ext4_split_extent_at() (Baokun Li)
- ext4: avoid ext4_error()'s caused by ENOMEM in the truncate path (Theodore Ts'o)
- vfio/platform: check the bounds of read/write syscalls (Alex Williamson)
- net/xen-netback: prevent UAF in xenvif_flush_hash() (Jeongjun Park)
- net: xen-netback: hash.c: Use built-in RCU list checking (Madhuparna Bhowmik)
- signal/m68k: Use force_sigsegv(SIGSEGV) in fpsp040_die (Eric W. Biederman)
- m68k: Add missing mmap_read_lock() to sys_cacheflush() (Liam Howlett)
- m68k: Update ->thread.esp0 before calling syscall_trace() in ret_from_signal (Al Viro)
- gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (Andreas Gruenbacher)
- irqchip/sunxi-nmi: Add missing SKIP_WAKE flag (Philippe Simons)
- scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (Xiang Zhang)
- ASoC: wm8994: Add depends on MFD core (Charles Keepax)
- net: fix data-races around sk->sk_forward_alloc (Wang Liang)
- scsi: sg: Fix slab-use-after-free read in sg_release() (Suraj Sonawane)
- ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (Eric Dumazet)
- irqchip/gic-v3: Handle CPU_PM_ENTER_FAILED correctly (Yogesh Lal)
- fs/proc: fix softlockup in __read_vmcore (part 2) (Rik van Riel)
- net: ethernet: xgbe: re-add aneg to supported features in PHY quirks (Heiner Kallweit)
- nvmet: propagate npwg topology (Luis Chamberlain)
- poll_wait: add mb() to fix theoretical race between waitqueue_active() and .poll() (Oleg Nesterov)
- kheaders: Ignore silly-rename files (David Howells)
- hfs: Sanity check the root record (Leo Stone)
- mac802154: check local interfaces before deleting sdata list (Lizhi Xu)
- i2c: mux: demux-pinctrl: check initial mux selection, too (Wolfram Sang)
- drm/v3d: Ensure job pointer is set to NULL after job completion (Maíra Canal)
- nfp: bpf: prevent integer overflow in nfp_bpf_event_output() (Dan Carpenter)
- gtp: Destroy device along with udp socket's netns dismantle. (Kuniyuki Iwashima)
- gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp(). (Kuniyuki Iwashima)
- gtp: use exit_batch_rtnl() method (Eric Dumazet)
- net: add exit_batch_rtnl() method (Eric Dumazet)
- net: net_namespace: Optimize the code (Yajun Deng)
- net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field() (Sudheer Kumar Doredla)
- sctp: sysctl: rto_min/max: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv (Dennis Lam)
- ocfs2: correct return value of ocfs2_local_free_info() (Joseph Qi)
- phy: core: Fix that API devm_of_phy_provider_unregister() fails to unregister the phy provider (Zijun Hu)
- phy: core: fix code style in devm_of_phy_provider_unregister (Vinod Koul)
- arm64: dts: rockchip: add hevc power domain clock to rk3328 (Peter Geis)
- arm64: dts: rockchip: add #power-domain-cells to power domain nodes (Johan Jonker)
- arm64: dts: rockchip: fix pd_tcpc0 and pd_tcpc1 node position on rk3399 (Johan Jonker)
- arm64: dts: rockchip: fix defines in pd_vio node for rk3399 (Johan Jonker)
- iio: inkern: call iio_device_put() only on mapped devices (Joe Hattori)
- iio: adc: at91: call input_free_device() on allocated iio_dev (Joe Hattori)
- iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (Fabio Estevam)
- iio: gyro: fxas21002c: Fix missing data update in trigger handler (Carlos Song)
- iio: adc: ti-ads8688: fix information leak in triggered buffer (Javier Carrasco)
- iio: imu: kmx61: fix information leak in triggered buffer (Javier Carrasco)
- iio: light: vcnl4035: fix information leak in triggered buffer (Javier Carrasco)
- iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (Javier Carrasco)
- iio: pressure: zpa2326: fix information leak in triggered buffer (Javier Carrasco)
- usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (Akash M)
- usb: fix reference leak in usb_new_device() (Ma Ke)
- USB: core: Disable LPM only for non-suspended ports (Kai-Heng Feng)
- USB: usblp: return error when setting unsupported protocol (Jun Yan)
- usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (Lianqin Hu)
- USB: serial: cp210x: add Phoenix Contact UPS Device (Johan Hovold)
- usb-storage: Add max sectors quirk for Nokia 208 (Lubomir Rintel)
- staging: iio: ad9832: Correct phase range check (Zicheng Qu)
- staging: iio: ad9834: Correct phase range check (Zicheng Qu)
- USB: serial: option: add Neoway N723-EA support (Michal Hrusecky)
- USB: serial: option: add MeiG Smart SRM815 (Chukun Pan)
- drm/amd/display: increase MAX_SURFACES to the value supported by hw (Melissa Wen)
- ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[] (Hans de Goede)
- ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[] (Hans de Goede)
- drm/amd/display: Add check for granularity in dml ceil/floor helpers (Roman Li)
- sctp: sysctl: auth_enable: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- dm thin: make get_first_thin use rcu-safe list first function (Krister Johansen)
- tls: Fix tls_sw_sendmsg error handling (Benjamin Coddington)
- net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute (Eric Dumazet)
- tcp/dccp: allow a connection when sk_max_ack_backlog is zero (Zhongqiu Duan)
- tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog (Jason Xing)
- net: 802: LLC+SNAP OID:PID lookup on start of skb data (Antonio Pastor)
- ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (Keisuke Nishimura)
- dm array: fix cursor index when skipping across block boundaries (Ming-Hung Tsai)
- dm array: fix unreleased btree blocks on closing a faulty array cursor (Ming-Hung Tsai)
- dm array: fix releasing a faulty array block twice in dm_array_cursor_end (Ming-Hung Tsai)
- jbd2: flush filesystem device before updating tail sequence (Zhang Yi)

[5.4.17-2136.342.2.el8uek]
- Revert "NFSD: Limit the number of concurrent async COPY operations" (Sherry Yang) [Orabug: 37660195]
- rds: ib: Avoid sleeping function inside RCU region by using sampled values instead (Håkon Bugge) [Orabug: 37586090]
- dm rq: don't queue request to blk-mq during DM suspend (Ming Lei) [Orabug: 37010188]
- dm: rearrange core declarations for extended use from dm-zone.c (Damien Le Moal) [Orabug: 37010188]

[5.4.17-2136.342.1.el8uek]
- cgroup: Make operations on the cgroup root_list RCU safe (Yafang Shao) [Orabug: 37621585]
- uek: kabi: Fix build error for HIDE_INCLUDE macro (Saeed Mirzamohammadi) [Orabug: 37619102]
- oracleasm: Fix PI when use_logical_block_size is set (Martin K. Petersen) [Orabug: 37503280]
- oracleasm: Add support for per-I/O block size selection (Martin K. Petersen) [Orabug: 37503280]
- perf/x86/intel/uncore: Fix NULL pointer dereference issue in upi_fill_topology() (Alexander Antonov) [Orabug: 36882938]

ELBA-2025-20229 Oracle Linux 8 linux-firmware bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-20229

http://linux.oracle.com/errata/ELBA-2025-20229.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
iwl1000-firmware-39.31.5.1-999.39.el8.noarch.rpm
iwl100-firmware-39.31.5.1-999.39.el8.noarch.rpm
iwl105-firmware-18.168.6.1-999.39.el8.noarch.rpm
iwl135-firmware-18.168.6.1-999.39.el8.noarch.rpm
iwl2000-firmware-18.168.6.1-999.39.el8.noarch.rpm
iwl2030-firmware-18.168.6.1-999.39.el8.noarch.rpm
iwl3160-firmware-25.30.13.0-999.39.el8.noarch.rpm
iwl3945-firmware-15.32.2.9-999.39.el8.noarch.rpm
iwl4965-firmware-228.61.2.24-999.39.el8.noarch.rpm
iwl5000-firmware-8.83.5.1_1-999.39.el8.noarch.rpm
iwl5150-firmware-8.24.2.2-999.39.el8.noarch.rpm
iwl6000-firmware-9.221.4.1-999.39.el8.noarch.rpm
iwl6000g2a-firmware-18.168.6.1-999.39.el8.noarch.rpm
iwl6000g2b-firmware-18.168.6.1-999.39.el8.noarch.rpm
iwl6050-firmware-41.28.5.1-999.39.el8.noarch.rpm
iwl7260-firmware-25.30.13.0-999.39.el8.noarch.rpm
iwlax2xx-firmware-20250319-999.39.el8.noarch.rpm
libertas-sd8686-firmware-20250319-999.39.git430633ec.el8.noarch.rpm
libertas-sd8787-firmware-20250319-999.39.git430633ec.el8.noarch.rpm
libertas-usb8388-firmware-20250319-999.39.git430633ec.el8.noarch.rpm
libertas-usb8388-olpc-firmware-20250319-999.39.git430633ec.el8.noarch.rpm
linux-firmware-20250319-999.39.git430633ec.el8.noarch.rpm
linux-firmware-core-20250319-999.39.git430633ec.el8.noarch.rpm

aarch64:
iwl1000-firmware-39.31.5.1-999.39.el8.noarch.rpm
iwl100-firmware-39.31.5.1-999.39.el8.noarch.rpm
iwl105-firmware-18.168.6.1-999.39.el8.noarch.rpm
iwl135-firmware-18.168.6.1-999.39.el8.noarch.rpm
iwl2000-firmware-18.168.6.1-999.39.el8.noarch.rpm
iwl2030-firmware-18.168.6.1-999.39.el8.noarch.rpm
iwl3160-firmware-25.30.13.0-999.39.el8.noarch.rpm
iwl3945-firmware-15.32.2.9-999.39.el8.noarch.rpm
iwl4965-firmware-228.61.2.24-999.39.el8.noarch.rpm
iwl5000-firmware-8.83.5.1_1-999.39.el8.noarch.rpm
iwl5150-firmware-8.24.2.2-999.39.el8.noarch.rpm
iwl6000-firmware-9.221.4.1-999.39.el8.noarch.rpm
iwl6000g2a-firmware-18.168.6.1-999.39.el8.noarch.rpm
iwl6000g2b-firmware-18.168.6.1-999.39.el8.noarch.rpm
iwl6050-firmware-41.28.5.1-999.39.el8.noarch.rpm
iwl7260-firmware-25.30.13.0-999.39.el8.noarch.rpm
iwlax2xx-firmware-20250319-999.39.el8.noarch.rpm
libertas-sd8686-firmware-20250319-999.39.git430633ec.el8.noarch.rpm
libertas-sd8787-firmware-20250319-999.39.git430633ec.el8.noarch.rpm
libertas-usb8388-firmware-20250319-999.39.git430633ec.el8.noarch.rpm
libertas-usb8388-olpc-firmware-20250319-999.39.git430633ec.el8.noarch.rpm
linux-firmware-20250319-999.39.git430633ec.el8.noarch.rpm
linux-firmware-core-20250319-999.39.git430633ec.el8.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//linux-firmware-20250319-999.39.git430633ec.el8.src.rpm

Description of changes:

[20250319-999.39.git430633ec.el8]
- Rebase to latest upstream [Orabug: 37729115]

ELSA-2025-20271 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

Oracle Linux Security Advisory ELSA-2025-20271

http://linux.oracle.com/errata/ELSA-2025-20271.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
kernel-uek-5.4.17-2136.342.5.el7uek.x86_64.rpm
kernel-uek-container-5.4.17-2136.342.5.el7uek.x86_64.rpm
kernel-uek-container-debug-5.4.17-2136.342.5.el7uek.x86_64.rpm
kernel-uek-debug-5.4.17-2136.342.5.el7uek.x86_64.rpm
kernel-uek-debug-devel-5.4.17-2136.342.5.el7uek.x86_64.rpm
kernel-uek-devel-5.4.17-2136.342.5.el7uek.x86_64.rpm
kernel-uek-doc-5.4.17-2136.342.5.el7uek.noarch.rpm
kernel-uek-tools-5.4.17-2136.342.5.el7uek.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//kernel-uek-5.4.17-2136.342.5.el7uek.src.rpm

Related CVEs:

CVE-2024-39494

Description of changes:

[5.4.17-2136.342.5.el7uek]
- ima: Fix use-after-free on a dentry's dname.name (Stefan Berger) [Orabug: 36835558] {CVE-2024-39494}

[5.4.17-2136.342.4.el7uek]
- sched: sch_cake: add bounds checks to host bulk flow fairness counts (Toke Høiland-Jørgensen)
- udf: Fix use of check_add_overflow() with mixed type arguments (Ben Hutchings)
- x86/xen: allow larger contiguous memory regions in PV guests (Juergen Gross)
- xen: remove a confusing comment on auto-translated guest I/O (Petr Tesarik)
- ALSA: hda/realtek: Fixup ALC225 depop procedure (Kailang Yang)
- ALSA: hda/realtek - Add type for ALC287 (Kailang Yang)
- net: loopback: Avoid sending IP packets without an Ethernet header (Ido Schimmel)
- netem: Update sch->q.qlen before qdisc_tree_reduce_backlog() (Cong Wang)
- ocfs2: fix incorrect CPU endianness conversion causing mount failure (Heming Zhao)
- Revert "btrfs: avoid monopolizing a core when activating a swap file" (Koichiro Den)
- gtp: Suppress list corruption splat in gtp_net_exit_batch_rtnl(). (Kuniyuki Iwashima)
- Bluetooth: L2CAP: handle NULL sock pointer in l2cap_sock_alloc (Fedor Pchelkin)
- rds: Make sure transmit path and connection tear-down does not run concurrently (Håkon Bugge) [Orabug: 36308571]
- NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() (Yanjun Zhang) [Orabug: 37206487]

[5.4.17-2136.342.3.el7uek]
- LTS tag: v5.4.290 (Alok Tiwari)
- Partial revert of xhci: use pm_ptr() instead #ifdef for CONFIG_PM conditionals (Ron Economos)
- xhci: use pm_ptr() instead of #ifdef for CONFIG_PM conditionals (Arnd Bergmann)
- drm/v3d: Assign job pointer to NULL before signaling the fence (Maíra Canal)
- Input: xpad - add support for wooting two he (arm) (Jack Greiner)
- Input: xpad - add unofficial Xbox 360 wireless receiver clone (Nilton Perim Neto)
- Input: atkbd - map F23 key to support default copilot shortcut (Mark Pearson)
- Revert "usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null" (Greg Kroah-Hartman)
- USB: serial: quatech2: fix null-ptr-deref in qt2_process_read_urb() (Qasim Ijaz)
- ext4: fix slab-use-after-free in ext4_split_extent_at() (Baokun Li)
- ext4: avoid ext4_error()'s caused by ENOMEM in the truncate path (Theodore Ts'o)
- vfio/platform: check the bounds of read/write syscalls (Alex Williamson)
- net/xen-netback: prevent UAF in xenvif_flush_hash() (Jeongjun Park)
- net: xen-netback: hash.c: Use built-in RCU list checking (Madhuparna Bhowmik)
- signal/m68k: Use force_sigsegv(SIGSEGV) in fpsp040_die (Eric W. Biederman)
- m68k: Add missing mmap_read_lock() to sys_cacheflush() (Liam Howlett)
- m68k: Update ->thread.esp0 before calling syscall_trace() in ret_from_signal (Al Viro)
- gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag (Andreas Gruenbacher)
- irqchip/sunxi-nmi: Add missing SKIP_WAKE flag (Philippe Simons)
- scsi: iscsi: Fix redundant response for ISCSI_UEVENT_GET_HOST_STATS request (Xiang Zhang)
- ASoC: wm8994: Add depends on MFD core (Charles Keepax)
- net: fix data-races around sk->sk_forward_alloc (Wang Liang)
- scsi: sg: Fix slab-use-after-free read in sg_release() (Suraj Sonawane)
- ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (Eric Dumazet)
- irqchip/gic-v3: Handle CPU_PM_ENTER_FAILED correctly (Yogesh Lal)
- fs/proc: fix softlockup in __read_vmcore (part 2) (Rik van Riel)
- net: ethernet: xgbe: re-add aneg to supported features in PHY quirks (Heiner Kallweit)
- nvmet: propagate npwg topology (Luis Chamberlain)
- poll_wait: add mb() to fix theoretical race between waitqueue_active() and .poll() (Oleg Nesterov)
- kheaders: Ignore silly-rename files (David Howells)
- hfs: Sanity check the root record (Leo Stone)
- mac802154: check local interfaces before deleting sdata list (Lizhi Xu)
- i2c: mux: demux-pinctrl: check initial mux selection, too (Wolfram Sang)
- drm/v3d: Ensure job pointer is set to NULL after job completion (Maíra Canal)
- nfp: bpf: prevent integer overflow in nfp_bpf_event_output() (Dan Carpenter)
- gtp: Destroy device along with udp socket's netns dismantle. (Kuniyuki Iwashima)
- gtp: Use for_each_netdev_rcu() in gtp_genl_dump_pdp(). (Kuniyuki Iwashima)
- gtp: use exit_batch_rtnl() method (Eric Dumazet)
- net: add exit_batch_rtnl() method (Eric Dumazet)
- net: net_namespace: Optimize the code (Yajun Deng)
- net: ethernet: ti: cpsw_ale: Fix cpsw_ale_get_field() (Sudheer Kumar Doredla)
- sctp: sysctl: rto_min/max: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv (Dennis Lam)
- ocfs2: correct return value of ocfs2_local_free_info() (Joseph Qi)
- phy: core: Fix that API devm_of_phy_provider_unregister() fails to unregister the phy provider (Zijun Hu)
- phy: core: fix code style in devm_of_phy_provider_unregister (Vinod Koul)
- arm64: dts: rockchip: add hevc power domain clock to rk3328 (Peter Geis)
- arm64: dts: rockchip: add #power-domain-cells to power domain nodes (Johan Jonker)
- arm64: dts: rockchip: fix pd_tcpc0 and pd_tcpc1 node position on rk3399 (Johan Jonker)
- arm64: dts: rockchip: fix defines in pd_vio node for rk3399 (Johan Jonker)
- iio: inkern: call iio_device_put() only on mapped devices (Joe Hattori)
- iio: adc: at91: call input_free_device() on allocated iio_dev (Joe Hattori)
- iio: adc: ti-ads124s08: Use gpiod_set_value_cansleep() (Fabio Estevam)
- iio: gyro: fxas21002c: Fix missing data update in trigger handler (Carlos Song)
- iio: adc: ti-ads8688: fix information leak in triggered buffer (Javier Carrasco)
- iio: imu: kmx61: fix information leak in triggered buffer (Javier Carrasco)
- iio: light: vcnl4035: fix information leak in triggered buffer (Javier Carrasco)
- iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer (Javier Carrasco)
- iio: pressure: zpa2326: fix information leak in triggered buffer (Javier Carrasco)
- usb: gadget: f_fs: Remove WARN_ON in functionfs_bind (Akash M)
- usb: fix reference leak in usb_new_device() (Ma Ke)
- USB: core: Disable LPM only for non-suspended ports (Kai-Heng Feng)
- USB: usblp: return error when setting unsupported protocol (Jun Yan)
- usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null (Lianqin Hu)
- USB: serial: cp210x: add Phoenix Contact UPS Device (Johan Hovold)
- usb-storage: Add max sectors quirk for Nokia 208 (Lubomir Rintel)
- staging: iio: ad9832: Correct phase range check (Zicheng Qu)
- staging: iio: ad9834: Correct phase range check (Zicheng Qu)
- USB: serial: option: add Neoway N723-EA support (Michal Hrusecky)
- USB: serial: option: add MeiG Smart SRM815 (Chukun Pan)
- drm/amd/display: increase MAX_SURFACES to the value supported by hw (Melissa Wen)
- ACPI: resource: Add Asus Vivobook X1504VAP to irq1_level_low_skip_override[] (Hans de Goede)
- ACPI: resource: Add TongFang GM5HG0A to irq1_edge_low_force_override[] (Hans de Goede)
- drm/amd/display: Add check for granularity in dml ceil/floor helpers (Roman Li)
- sctp: sysctl: auth_enable: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy (Matthieu Baerts (NGI0))
- dm thin: make get_first_thin use rcu-safe list first function (Krister Johansen)
- tls: Fix tls_sw_sendmsg error handling (Benjamin Coddington)
- net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute (Eric Dumazet)
- tcp/dccp: allow a connection when sk_max_ack_backlog is zero (Zhongqiu Duan)
- tcp/dccp: complete lockless accesses to sk->sk_max_ack_backlog (Jason Xing)
- net: 802: LLC+SNAP OID:PID lookup on start of skb data (Antonio Pastor)
- ieee802154: ca8210: Add missing check for kfifo_alloc() in ca8210_probe() (Keisuke Nishimura)
- dm array: fix cursor index when skipping across block boundaries (Ming-Hung Tsai)
- dm array: fix unreleased btree blocks on closing a faulty array cursor (Ming-Hung Tsai)
- dm array: fix releasing a faulty array block twice in dm_array_cursor_end (Ming-Hung Tsai)
- jbd2: flush filesystem device before updating tail sequence (Zhang Yi)

[5.4.17-2136.342.2.el7uek]
- Revert "NFSD: Limit the number of concurrent async COPY operations" (Sherry Yang) [Orabug: 37660195]
- rds: ib: Avoid sleeping function inside RCU region by using sampled values instead (Håkon Bugge) [Orabug: 37586090]
- dm rq: don't queue request to blk-mq during DM suspend (Ming Lei) [Orabug: 37010188]
- dm: rearrange core declarations for extended use from dm-zone.c (Damien Le Moal) [Orabug: 37010188]

[5.4.17-2136.342.1.el7uek]
- cgroup: Make operations on the cgroup root_list RCU safe (Yafang Shao) [Orabug: 37621585]
- uek: kabi: Fix build error for HIDE_INCLUDE macro (Saeed Mirzamohammadi) [Orabug: 37619102]
- oracleasm: Fix PI when use_logical_block_size is set (Martin K. Petersen) [Orabug: 37503280]
- oracleasm: Add support for per-I/O block size selection (Martin K. Petersen) [Orabug: 37503280]
- perf/x86/intel/uncore: Fix NULL pointer dereference issue in upi_fill_topology() (Alexander Antonov) [Orabug: 36882938]

[5.4.17-2136.341.3.el7uek]
- io_uring: fix possible deadlock in io_register_iowq_max_workers() (Hagar Hemdan) [Orabug: 37565787]
- io_uring/rw: fix missing NOWAIT check for O_DIRECT start write (Jens Axboe) [Orabug: 37565787]
- io_uring: use kiocb_{start,end}_write() helpers (Amir Goldstein) [Orabug: 37565787]
- fs: create kiocb_{start,end}_write() helpers (Amir Goldstein) [Orabug: 37565787]
- io_uring: rename kiocb_end_write() local helper (Amir Goldstein) [Orabug: 37565787]
- io_uring/sqpoll: close race on waiting for sqring entries (Jens Axboe) [Orabug: 37565787]
- io_uring/sqpoll: do not put cpumask on stack (Felix Moessbauer) [Orabug: 37565787]
- io_uring/sqpoll: retain test for whether the CPU is valid (Jens Axboe) [Orabug: 37565787]
- io_uring/sqpoll: do not allow pinning outside of cpuset (Felix Moessbauer) [Orabug: 37565787]
- io_uring/io-wq: limit retrying worker initialisation (Pavel Begunkov) [Orabug: 37565787]
- vfs: check dentry is still valid in get_link() (Ian Kent) [Orabug: 37536393]
- RDS: avoid queueing delayed work on an offlined cpu (Praveen Kumar Kannoju) [Orabug: 37260584]
- NFSD: Limit the number of concurrent async COPY operations (Chuck Lever) [Orabug: 37206187]

[5.4.17-2136.341.2.el7uek]
- LTS tag: v5.4.289 (Sherry Yang)
- mm: vmscan: account for free pages to prevent infinite Loop in throttle_direct_reclaim() (Seiji Nishikawa)
- drm: adv7511: Drop dsi single lane support (Biju Das)
- net/sctp: Prevent autoclose integer overflow in sctp_association_init() (Nikolay Kuratov)
- sky2: Add device ID 11ab:4373 for Marvell 88E8075 (Pascal Hambourg)
- pinctrl: mcp23s08: Fix sleeping in atomic context due to regmap locking (Evgenii Shatokhin)
- RDMA/uverbs: Prevent integer overflow issue (Dan Carpenter)
- modpost: fix the missed iteration for the max bit in do_input() (Masahiro Yamada)
- modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host (Masahiro Yamada)
- ARC: build: Try to guess GCC variant of cross compiler (Leon Romanovsky)
- irqchip/gic: Correct declaration of *percpu_base pointer in union gic_base (Uros Bizjak)
- net: usb: qmi_wwan: add Telit FE910C04 compositions (Daniele Palmas)
- bpf: fix potential error return (Anton Protopopov)
- sound: usb: format: don't warn that raw DSD is unsupported (Adrian Ratiu)
- wifi: mac80211: wake the queues in case of failure in resume (Emmanuel Grumbach)
- ila: serialize calls to nf_register_net_hooks() (Eric Dumazet)
- ALSA: usb-audio: US16x08: Initialize array before use (Tanya Agarwal)
- net: llc: reset skb->transport_header (Antonio Pastor)
- netfilter: nft_set_hash: unaligned atomic read on struct nft_set_ext (Pablo Neira Ayuso)
- netfilter: Replace zero-length array with flexible-array member (Gustavo A. R. Silva)
- netrom: check buffer length before accessing it (Ilya Shchipletsov)
- drm/bridge: adv7511_audio: Update Audio InfoFrame properly (Stefan Ekenberg)
- drm: bridge: adv7511: Enable SPDIF DAI (Bogdan Togorean)
- RDMA/bnxt_re: Fix max_qp_wrs reported (Selvin Xavier)
- RDMA/bnxt_re: Fix reporting hw_ver in query_device (Kalesh AP)
- RDMA/bnxt_re: Add check for path mtu in modify_qp (Saravanan Vajravel)
- RDMA/mlx5: Enforce same type port association for multiport RoCE (Patrisious Haddad)
- net/mlx5: Make API mlx5_core_is_ecpf accept const pointer (Parav Pandit)
- IB/mlx5: Introduce and use mlx5_core_is_vf() (Parav Pandit)
- Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet (Michael Kelley)
- selinux: ignore unknown extended permissions (Thiébaud Weksteen)
- ipv6: prevent possible UAF in ip6_xmit() (Eric Dumazet)
- skb_expand_head() adjust skb->truesize incorrectly (Vasily Averin)
- btrfs: avoid monopolizing a core when activating a swap file (Filipe Manana)
- tracing: Constify string literal data member in struct trace_event_call (Christian Göttsche)
- bpf: fix recursive lock when verdict program return SK_PASS (Jiayuan Chen)
- ipv6: fix possible UAF in ip6_finish_output2() (Eric Dumazet) [Orabug: 37029070] {CVE-2024-44986}
- ipv6: use skb_expand_head in ip6_xmit (Vasily Averin)
- ipv6: use skb_expand_head in ip6_finish_output2 (Vasily Averin)
- skbuff: introduce skb_expand_head() (Vasily Averin)
- MIPS: Probe toolchain support of -msym32 (Jiaxun Yang)
- epoll: Add synchronous wakeup support for ep_poll_callback (Xuewen Yan)
- virtio-blk: don't keep queue frozen during system suspend (Ming Lei)
- scsi: mpt3sas: Diag-Reset when Doorbell-In-Use bit is set during driver load time (Ranjan Kumar)
- platform/x86: asus-nb-wmi: Ignore unknown event 0xCF (Armin Wolf)
- regmap: Use correct format specifier for logging range errors (Mark Brown)
- scsi: megaraid_sas: Fix for a potential deadlock (Tomas Henzl)
- scsi: qla1280: Fix hw revision numbering for ISP1020/1040 (Magnus Lindholm)
- tracing/kprobe: Make trace_kprobe's module callback called after jump_label update (Masami Hiramatsu (Google))
- dmaengine: at_xdmac: avoid null_prt_deref in at_xdmac_prep_dma_memset (Chen Ridong) [Orabug: 37452681] {CVE-2024-56767}
- dmaengine: mv_xor: fix child node refcount handling in early exit (Javier Carrasco)
- phy: core: Fix that API devm_phy_destroy() fails to destroy the phy (Zijun Hu)
- phy: core: Fix that API devm_phy_put() fails to release the phy (Zijun Hu)
- phy: core: Fix an OF node refcount leakage in of_phy_provider_lookup() (Zijun Hu)
- phy: core: Fix an OF node refcount leakage in _of_phy_get() (Zijun Hu)
- mtd: diskonchip: Cast an operand to prevent potential overflow (Zichen Xie)
- bpf: Check negative offsets in __bpf_skb_min_len() (Cong Wang)
- media: dvb-frontends: dib3000mb: fix uninit-value in dib3000_write_reg (Nikita Zhandarovich) [Orabug: 37452687] {CVE-2024-56769}
- of: Fix refcount leakage for OF node returned by __of_get_dma_parent() (Zijun Hu)
- of: Fix error path in of_parse_phandle_with_args_map() (Herve Codina)
- udmabuf: also check for F_SEAL_FUTURE_WRITE (Jann Horn)
- nilfs2: prevent use of deleted inode (Edward Adam Davis)
- NFS/pnfs: Fix a live lock between recalled layouts and layoutget (Trond Myklebust)
- btrfs: tree-checker: reject inline extent items with 0 ref count (Qu Wenruo)
- zram: refuse to use zero sized block device as backing device (Kairui Song)
- sh: clk: Fix clk_enable() to return 0 on NULL clk (Geert Uytterhoeven)
- USB: serial: option: add Telit FE910C04 rmnet compositions (Daniele Palmas)
- USB: serial: option: add MediaTek T7XX compositions (Jack Wu)
- USB: serial: option: add Netprisma LCUK54 modules for WWAN Ready (Mank Wang)
- USB: serial: option: add MeiG Smart SLM770A (Michal Hrusecky)
- USB: serial: option: add TCL IK512 MBIM & ECM (Daniel Swanemar)
- efivarfs: Fix error on non-existent file (James Bottomley)
- i2c: riic: Always round-up when calculating bus period (Geert Uytterhoeven)
- chelsio/chtls: prevent potential integer overflow on 32bit (Dan Carpenter)
- mmc: sdhci-tegra: Remove SDHCI_QUIRK_BROKEN_ADMA_ZEROLEN_DESC quirk (Prathamesh Shete)
- netfilter: ipset: Fix for recursive locking warning (Phil Sutter)
- net: ethernet: bgmac-platform: fix an OF node reference leak (Joe Hattori)
- net: hinic: Fix cleanup in create_rxqs/txqs() (Dan Carpenter)
- ionic: use ee->offset when returning sprom data (Shannon Nelson)
- net/smc: check sndbuf_space again after NOSPACE flag is set in smc_poll (Guangguan Wang)
- erofs: fix incorrect symlink detection in fast symlink (Gao Xiang)
- erofs: fix order >= MAX_ORDER warning due to crafted negative i_size (Gao Xiang)
- drm/i915: Fix memory leak by correcting cache object name in error handler (Jiasheng Jiang)
- PCI: Add ACS quirk for Broadcom BCM5760X NIC (Ajit Khaparde)
- ALSA: usb: Fix UBSAN warning in parse_audio_unit() (Takashi Iwai)
- PCI/AER: Disable AER service on suspend (Kai-Heng Feng)
- usb: dwc2: gadget: Don't write invalid mapped sg entries into dma_desc with iommu enabled (Peng Hongchi)
- net: sched: fix ordering of qlen adjustment (Lion Ackermann) [Orabug: 37433383] {CVE-2024-53164}

[5.4.17-2136.341.1.el7uek]
- kpcimgr: fix flush_icache_range arguments (Joe Dobosenski) [Orabug: 37525298]
- uek-rpm: Update network stress testing options for embedded2 (Joe Dobosenski) [Orabug: 37530220]

[5.4.17-2136.340.4.el7uek]
- ftrace: use preempt_enable/disable notrace macros to avoid double fault (Koichiro Den)
- nfsd: restore callback functionality for NFSv4.0 (NeilBrown)
- i2c: pnx: Fix timeout in wait functions (Vladimir Riabchun)
- of/irq: Fix using uninitialized variable @addr_len in API of_irq_parse_one() (Zijun Hu)
- af_packet: fix vlan_get_tci() vs MSG_PEEK (Eric Dumazet)
- af_packet: fix vlan_get_protocol_dgram() vs MSG_PEEK (Eric Dumazet)
- mtd: rawnand: fix double free in atmel_pmecc_create_user() (Dan Carpenter) [Orabug: 37506347] {CVE-2024-56766}

[5.4.17-2136.340.3.el7uek]
- Revert "xen/swiotlb: add alignment check for dma buffers" (Harshvardhan Jha) [Orabug: 37475435]
- vfio/iommu_type1: Fix some sanity checks in detach group (Keqian Zhu) [Orabug: 37136890]
- Revert "vfio/iommu_type1: Fix some sanity checks in detach group" (Dongli Zhang) [Orabug: 37136890]
- rds: ib: Avoid UAF on RDS Socket's rs_trans_lock (Håkon Bugge) [Orabug: 36693622]
- rds: ib: Fix blocked processes related to race in rds_rdma_free_dev_rs_worker() (Håkon Bugge) [Orabug: 36693622]
- rds: ib: Fix deterministic UAF in rds_rdma_free_dev_rs_worker() (Håkon Bugge) [Orabug: 36693622]
- Revert "KVM: SVM: Add a module parameter to override iommu AVIC usage" (Alejandro Jimenez) [Orabug: 35001679]

[5.4.17-2136.340.2.el7uek]
- LTS tag: v5.4.288 (Alok Tiwari)
- ALSA: usb-audio: Fix a DMA to stack memory bug (Dan Carpenter)
- xen/netfront: fix crash when removing device (Juergen Gross) [Orabug: 37427542] {CVE-2024-53240}
- KVM: arm64: Ignore PMCNTENSET_EL0 while checking for overflow status (Raghavendra Rao Ananta)
- blk-iocost: Avoid using clamp() on inuse in __propagate_weights() (Nathan Chancellor)
- blk-iocost: fix weight updates of inner active iocgs (Tejun Heo)
- blk-iocost: clamp inuse and skip noops in __propagate_weights() (Tejun Heo)
- ACPICA: events/evxfregn: don't release the ContextMutex that was never acquired (Daniil Tatianin)
- net/sched: netem: account for backlog updates from child qdisc (Martin Ottens)
- qca_spi: Make driver probing reliable (Stefan Wahren)
- qca_spi: Fix clock speed for multiple QCA7000 (Stefan Wahren)
- ACPI: resource: Fix memory resource type union access (Ilpo Järvinen)
- net: lapb: increase LAPB_HEADER_LEN (Eric Dumazet) [Orabug: 37434237] {CVE-2024-56659}
- tipc: fix NULL deref in cleanup_bearer() (Eric Dumazet) [Orabug: 37506456] {CVE-2024-56661}
- batman-adv: Do not let TT changes list grows indefinitely (Remi Pommarel)
- batman-adv: Remove uninitialized data in full table TT response (Remi Pommarel)
- batman-adv: Do not send uninitialized TT changes (Remi Pommarel)
- bpf, sockmap: Fix update element with same (Michal Luczaj)
- xfs: don't drop errno values when we fail to ficlone the entire range (Darrick J. Wong)
- usb: gadget: u_serial: Fix the issue that gs_start_io crashed due to accessing null pointer (Lianqin Hu) [Orabug: 37434264] {CVE-2024-56670}
- usb: ehci-hcd: fix call balance of clocks handling routines (Vitalii Mordan)
- usb: dwc2: hcd: Fix GetPortStatus & SetPortFeature (Stefan Wahren)
- ata: sata_highbank: fix OF node reference leak in highbank_initialize_phys() (Joe Hattori)
- usb: host: max3421-hcd: Correctly abort a USB request. (Mark Tomlinson)
- LTS tag: v5.4.287 (Alok Tiwari)
- bpf, xdp: Update devmap comments to reflect napi/rcu usage (John Fastabend)
- ALSA: usb-audio: Fix out of bounds reads when finding clock sources (Takashi Iwai) [Orabug: 37427489] {CVE-2024-53150}
- PCI: rockchip-ep: Fix address translation unit programming (Damien Le Moal)
- Revert "drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read()" (Zhang Zekun)
- modpost: Add .irqentry.text to OTHER_SECTIONS (Thomas Gleixner)
- jffs2: Fix rtime decompressor (Richard Weinberger)
- jffs2: Prevent rtime decompress memory corruption (Kinsey Moore)
- KVM: arm64: vgic-its: Clear ITE when DISCARD frees an ITE (Kunkun Jiang)
- KVM: arm64: vgic-its: Clear DTE when MAPD unmaps a device (Kunkun Jiang)
- KVM: arm64: vgic-its: Add a data length check in vgic_its_save_* (Jing Zhang)
- perf/x86/intel/pt: Fix buffer full but size is 0 case (Adrian Hunter)
- bpf: fix OOB devmap writes when deleting elements (Maciej Fijalkowski) [Orabug: 37434047] {CVE-2024-56615}
- xdp: Simplify devmap cleanup (Björn Töpel)
- misc: eeprom: eeprom_93cx6: Add quirk for extra read clock cycle (Parker Newman)
- powerpc/prom_init: Fixup missing powermac #size-cells (Michael Ellerman)
- usb: chipidea: udc: handle USB Error Interrupt if IOC not set (Xu Yang)
- i3c: Use i3cdev->desc->info instead of calling i3c_device_get_info() to avoid deadlock (Defa Li)
- PCI: Add ACS quirk for Wangxun FF5xxx NICs (Mengyuan Lou)
- PCI: Add 'reset_subordinate' to reset hierarchy below bridge (Keith Busch)
- f2fs: fix f2fs_bug_on when uninstalling filesystem call f2fs_evict_inode. (Qi Han) [Orabug: 37433861] {CVE-2024-56586}
- nvdimm: rectify the illogical code within nd_dax_probe() (Yi Yang)
- pinctrl: qcom-pmic-gpio: add support for PM8937 (Barnabás Czémán)
- scsi: st: Add MTIOCGET and MTLOAD to ioctls allowed after device reset (Kai Mäkisara)
- scsi: st: Don't modify unknown block number in MTIOCGET (Kai Mäkisara)
- leds: class: Protect brightness_show() with led_cdev->led_access mutex (Mukesh Ojha) [Orabug: 37433869] {CVE-2024-56587}
- tracing: Use atomic64_inc_return() in trace_clock_counter() (Uros Bizjak)
- netpoll: Use rcu_access_pointer() in __netpoll_setup (Breno Leitao)
- net/neighbor: clear error in case strict check is not set (Jakub Kicinski)
- rocker: fix link status detection in rocker_carrier_init() (Dmitry Antipov)
- ASoC: hdmi-codec: reorder channel allocation list (Jonas Karlman)
- Bluetooth: btusb: Add RTL8852BE device 0489:e123 to device tables (Hilda Wu)
- wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw() (Norbert van Bolhuis) [Orabug: 37433908] {CVE-2024-56593}
- wifi: ipw2x00: libipw_rx_any(): fix bad alignment (Jiapeng Chong)
- drm/amdgpu: set the right AMDGPU sg segment limitation (Prike Liang) [Orabug: 37433914] {CVE-2024-56594}
- jfs: add a check to prevent array-index-out-of-bounds in dbAdjTree (Nihar Chaithanya) [Orabug: 37433920] {CVE-2024-56595}
- jfs: fix array-index-out-of-bounds in jfs_readdir (Ghanshyam Agrawal) [Orabug: 37433928] {CVE-2024-56596}
- jfs: fix shift-out-of-bounds in dbSplit (Ghanshyam Agrawal) [Orabug: 37433934] {CVE-2024-56597}
- jfs: array-index-out-of-bounds fix in dtReadFirst (Ghanshyam Agrawal) [Orabug: 37433941] {CVE-2024-56598}
- wifi: ath5k: add PCI ID for Arcadyan devices (Rosen Penev)
- wifi: ath5k: add PCI ID for SX76X (Rosen Penev)
- net: inet6: do not leave a dangling sk pointer in inet6_create() (Ignat Korchagin) [Orabug: 37433955] {CVE-2024-56600}
- net: inet: do not leave a dangling sk pointer in inet_create() (Ignat Korchagin) [Orabug: 37433962] {CVE-2024-56601}
- net: ieee802154: do not leave a dangling sk pointer in ieee802154_create() (Ignat Korchagin) [Orabug: 37433970] {CVE-2024-56602}
- net: af_can: do not leave a dangling sk pointer in can_create() (Ignat Korchagin) [Orabug: 37433977] {CVE-2024-56603}
- Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (Ignat Korchagin) [Orabug: 37433990] {CVE-2024-56605}
- af_packet: avoid erroring out after sock_init_data() in packet_create() (Ignat Korchagin) [Orabug: 37433996] {CVE-2024-56606}
- net/sched: cbs: Fix integer overflow in cbs_set_port_rate() (Elena Salomatkina)
- net: ethernet: fs_enet: Use %pa to format resource_size_t (Simon Horman)
- net: fec_mpc52xx_phy: Use %pa to format resource_size_t (Simon Horman)
- samples/bpf: Fix a resource leak (Zhu Jun)
- drm/radeon/r600_cs: Fix possible int overflow in r600_packet3_check() (Igor Artemiev)
- drm/mcde: Enable module autoloading (Liao Chen)
- drm: panel-orientation-quirks: Add quirk for AYA NEO 2 model (Joaquín Ignacio Aramendía)
- media: cx231xx: Add support for Dexatek USB Video Grabber 1d19:6108 (Rohan Barar)
- media: uvcvideo: Add a quirk for the Kaiweets KTI-W02 infrared camera (David Given)
- s390/cpum_sf: Handle CPU hotplug remove during sampling (Thomas Richter)
- mmc: core: Further prevent card detect during shutdown (Ulf Hansson)
- regmap: detach regmap from dev on regmap_exit (Cosmin Tanislav)
- dma-buf: fix dma_fence_array_signaled v4 (Christian König)
- bcache: revert replacing IS_ERR_OR_NULL with IS_ERR again (Liequan Che)
- nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (Ryusuke Konishi) [Orabug: 37434065] {CVE-2024-56619}
- scsi: qla2xxx: Remove check req_sg_cnt should be equal to rsp_sg_cnt (Saurav Kashyap)
- scsi: qla2xxx: Supported speed displayed incorrectly for VPorts (Anil Gurumurthy)
- scsi: qla2xxx: Fix NVMe and NPIV connect issue (Quinn Tran)
- ocfs2: update seq_file index in ocfs2_dlm_seq_next (Wengang Wang)
- tracing: Fix cmp_entries_dup() to respect sort() comparison rules (Kuan-Wei Chiu)
- HID: wacom: fix when get product name maybe null pointer (WangYuli) [Orabug: 37434108] {CVE-2024-56629}
- bpf: Fix exact match conditions in trie_get_next_key() (Hou Tao)
- bpf: Handle BPF_EXIST and BPF_NOEXIST for LPM trie (Hou Tao)
- ocfs2: free inode when ocfs2_get_init_inode() fails (Tetsuo Handa) [Orabug: 37434113] {CVE-2024-56630}
- spi: mpc52xx: Add cancel_work_sync before module remove (Pei Xiao)
- tcp_bpf: Fix the sk_mem_uncharge logic in tcp_bpf_sendmsg (Zijian Zhang) [Orabug: 37434127] {CVE-2024-56633}
- drm/sti: Add __iomem for mixer_dbg_mxn's parameter (Pei Xiao)
- gpio: grgpio: Add NULL check in grgpio_probe (Charles Han) [Orabug: 37434131] {CVE-2024-56634}
- gpio: grgpio: use a helper variable to store the address of ofdev->dev (Bartosz Golaszewski)
- crypto: x86/aegis128 - access 32-bit arguments as 32-bit (Eric Biggers)
- x86/asm: Reorder early variables (Jiri Slaby)
- xen: Fix the issue of resource not being properly released in xenbus_dev_probe() (Qiu-ji Chen) [Orabug: 37433540] {CVE-2024-53198}
- xen/xenbus: fix locking (Juergen Gross)
- xenbus/backend: Protect xenbus callback with lock (SeongJae Park)
- xenbus/backend: Add memory pressure handler callback (SeongJae Park)
- xen/xenbus: reference count registered modules (Paul Durrant)
- netfilter: nft_set_hash: skip duplicated elements pending gc run (Pablo Neira Ayuso)
- netfilter: ipset: Hold module reference while requesting a module (Phil Sutter) [Orabug: 37434143] {CVE-2024-56637}
- igb: Fix potential invalid memory access in igb_init_module() (Yuan Can)
- net/qed: allow old cards not supporting "num_images" to work (Louis Leseur)
- tipc: Fix use-after-free of kernel socket in cleanup_bearer(). (Kuniyuki Iwashima) [Orabug: 37434161] {CVE-2024-56642}
- tipc: add new AEAD key structure for user API (Tuong Lien)
- tipc: enable creating a "preliminary" node (Tuong Lien)
- tipc: add reference counter to bearer (Tuong Lien)
- dccp: Fix memory leak in dccp_feat_change_recv (Ivan Solodovnikov) [Orabug: 37434167] {CVE-2024-56643}
- can: j1939: j1939_session_new(): fix skb reference counting (Dmitry Antipov)
- net/sched: tbf: correct backlog statistic for GSO packets (Martin Ottens)
- netfilter: x_tables: fix LED ID check in led_tg_check() (Dmitry Antipov) [Orabug: 37434200] {CVE-2024-56650}
- ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() (Jinghao Jia)
- can: sun4i_can: sun4i_can_err(): fix {rx,tx}_errors statistics (Dario Binacchi)
- can: sun4i_can: sun4i_can_err(): call can_change_state() even if cf is NULL (Dario Binacchi)
- watchdog: mediatek: Make sure system reset gets asserted in mtk_wdt_restart() (Yassine Oudjana)
- iTCO_wdt: mask NMI_NOW bit for update_no_reboot_bit() call (Oleksandr Ocheretnyi)
- drm/etnaviv: flush shader L1 cache after user commandstream (Lucas Stach)
- nfsd: fix nfs4_openowner leak when concurrent nfsd4_open occur (Yang Erkun)
- nfsd: make sure exp active before svc_export_show (Yang Erkun) [Orabug: 37433745] {CVE-2024-56558}
- dm thin: Add missing destroy_work_on_stack() (Yuan Can)
- i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs() (Frank Li) [Orabug: 37433756] {CVE-2024-56562}
- util_macros.h: fix/rework find_closest() macros (Alexandru Ardelean)
- ad7780: fix division by zero in ad7780_write_raw() (Zicheng Qu) [Orabug: 37433772] {CVE-2024-56567}
- clk: qcom: gcc-qcs404: fix initial rate of GPLL3 (Gabor Juhos)
- ftrace: Fix regression with module command in stack_trace_filter (guoweikang) [Orabug: 37433784] {CVE-2024-56569}
- ovl: Filter invalid inodes with missing lookup function (Vasiliy Kovalev) [Orabug: 37433789] {CVE-2024-56570}
- media: platform: allegro-dvt: Fix possible memory leak in allocate_buffers_internal() (Gaosheng Cui) [Orabug: 37433798] {CVE-2024-56572}
- media: gspca: ov534-ov772x: Fix off-by-one error in set_frame_rate() (Jinjie Ruan)
- media: venus: Fix pm_runtime_set_suspended() with runtime pm enabled (Jinjie Ruan)
- media: ts2020: fix null-ptr-deref in ts2020_probe() (Li Zetao) [Orabug: 37433805] {CVE-2024-56574}
- media: i2c: tc358743: Fix crash in the probe error path when using polling (Alexander Shiyan) [Orabug: 37433817] {CVE-2024-56576}
- btrfs: ref-verify: fix use-after-free after invalid ref action (Filipe Manana) [Orabug: 37433832] {CVE-2024-56581}
- quota: flush quota_release_work upon quota writeback (Ojaswin Mujoo)
- ASoC: fsl_micfil: fix the naming style for mask definition (Shengjiu Wang)
- sh: intc: Fix use-after-free bug in register_intc_controller() (Dan Carpenter) [Orabug: 37433393] {CVE-2024-53165}
- sunrpc: clear XPRT_SOCK_UPD_TIMEOUT when reset transport (Liu Jian) [Orabug: 37434314] {CVE-2024-56688}
- SUNRPC: Replace internal use of SOCKWQ_ASYNC_NOSPACE (Trond Myklebust)
- SUNRPC: correct error code comment in xs_tcp_setup_socket() (Calum Mackay)
- modpost: remove incorrect code in do_eisa_entry() (Masahiro Yamada)
- rtc: ab-eoz9: don't fail temperature reads on undervoltage notification (Maxime Chevallier)
- 9p/xen: fix release of IRQ (Alex Zenla) [Orabug: 37434374] {CVE-2024-56704}
- 9p/xen: fix init sequence (Alex Zenla)
- block: return unsigned int from bdev_io_min (Christoph Hellwig)
- jffs2: fix use of uninitialized variable (Qingfang Deng)
- ubifs: authentication: Fix use-after-free in ubifs_tnc_end_commit (Waqar Hameed) [Orabug: 37433414] {CVE-2024-53171}
- ubi: fastmap: Fix duplicate slab cache names while attaching (Zhihao Cheng) [Orabug: 37433419] {CVE-2024-53172}
- ubifs: Correct the total block count by deducting journal reservation (Zhihao Cheng)
- rtc: check if __rtc_read_time was successful in rtc_timer_do_work() (Yongliang Gao) [Orabug: 37434456] {CVE-2024-56739}
- rtc: abx80x: Fix WDT bit position of the status register (Nobuhiro Iwamatsu)
- rtc: st-lpc: Use IRQF_NO_AUTOEN flag in request_irq() (Jinjie Ruan)
- NFSv4.0: Fix a use-after-free problem in the asynchronous open() (Trond Myklebust) [Orabug: 37433426] {CVE-2024-53173}
- um: Always dump trace for specified task in show_stack (Tiwei Bie)
- um: Clean up stacktrace dump (Johannes Berg)
- um: add show_stack_loglvl() (Dmitry Safonov)
- um/sysrq: remove needless variable sp (Dmitry Safonov)
- um: Fix the return value of elf_core_copy_task_fpregs (Tiwei Bie)
- um: Fix potential integer overflow during physmem setup (Tiwei Bie) [Orabug: 37427464] {CVE-2024-53145}
- rpmsg: glink: Propagate TX failures in intentless mode as well (Bjorn Andersson)
- SUNRPC: make sure cache entry active before cache_show (Yang Erkun) [Orabug: 37433433] {CVE-2024-53174}
- NFSD: Prevent a potential integer overflow (Chuck Lever) [Orabug: 37427470] {CVE-2024-53146}
- lib: string_helpers: silence snprintf() output truncation warning (Bartosz Golaszewski)
- usb: dwc3: gadget: Fix checking for number of TRBs left (Thinh Nguyen)
- ALSA: hda/realtek: Apply quirk for Medion E15433 (Takashi Iwai)
- ALSA: hda/realtek: Fix Internal Speaker and Mic boost of Infinix Y4 Max (Dinesh Kumar)
- ALSA: hda/realtek: Set PCBeep to default value for ALC274 (Kailang Yang)
- ALSA: hda/realtek: Update ALC225 depop procedure (Kailang Yang)
- media: wl128x: Fix atomicity violation in fmc_send_cmd() (Qiu-ji Chen) [Orabug: 37434358] {CVE-2024-56700}
- HID: wacom: Interpret tilt data from Intuos Pro BT as signed values (Jason Gerecke)
- block: fix ordering between checking BLK_MQ_S_STOPPED request adding (Muchun Song)
- arm64: tls: Fix context-switching of tpidrro_el0 when kpti is enabled (Will Deacon)
- sh: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK (Huacai Chen)
- um: vector: Do not use drvdata in release (Tiwei Bie) [Orabug: 37433467] {CVE-2024-53181}
- serial: 8250: omap: Move pm_runtime_get_sync (Bin Liu)
- um: net: Do not use drvdata in release (Tiwei Bie) [Orabug: 37433475] {CVE-2024-53183}
- um: ubd: Do not use drvdata in release (Tiwei Bie) [Orabug: 37433484] {CVE-2024-53184}
- ubi: wl: Put source PEB into correct list if trying locking LEB failed (Zhihao Cheng)
- spi: Fix acpi deferred irq probe (Stanislaw Gruszka)
- netfilter: ipset: add missing range check in bitmap_ip_uadt (Jeongjun Park) [Orabug: 37388867] {CVE-2024-53141}
- Revert "serial: sh-sci: Clean sci_ports[0] after at earlycon exit" (Greg Kroah-Hartman)
- serial: sh-sci: Clean sci_ports[0] after at earlycon exit (Claudiu Beznea)
- Bluetooth: Fix type of len in rfcomm_sock_getsockopt{,_old}() (Andrej Shadura)
- tty: ldsic: fix tty_ldisc_autoload sysctl's proc_handler (Nicolas Bouchinet)
- comedi: Flush partial mappings in error case (Jann Horn) [Orabug: 37427482] {CVE-2024-53148}
- PCI: Fix use-after-free of slot->bus on hot remove (Lukas Wunner) [Orabug: 37433516] {CVE-2024-53194}
- ASoC: codecs: Fix atomicity violation in snd_soc_component_get_drvdata() (Qiu-ji Chen)
- jfs: xattr: check invalid xattr size more strictly (Artem Sadovnikov)
- ext4: fix FS_IOC_GETFSMAP handling (Theodore Ts'o)
- ext4: supress data-race warnings in ext4_free_inodes_{count,set}() (Jeongjun Park)
- ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices (Benoît Sevens) [Orabug: 37433532] {CVE-2024-53197}
- soc: qcom: socinfo: fix revision check in qcom_socinfo_probe() (Manikanta Mylavarapu)
- usb: ehci-spear: fix call balance of sehci clk handling routines (Vitalii Mordan)
- apparmor: fix 'Do simple duplicate message elimination' (chao liu)
- staging: greybus: uart: clean up TIOCGSERIAL (Johan Hovold)
- misc: apds990x: Fix missing pm_runtime_disable() (Jinjie Ruan)
- USB: chaoskey: Fix possible deadlock chaoskey_list_lock (Edward Adam Davis)
- USB: chaoskey: fail open after removal (Oliver Neukum)
- usb: yurex: make waiting on yurex_write interruptible (Oliver Neukum)
- usb: using mutex lock and supporting O_NONBLOCK flag in iowarrior_read() (Jeongjun Park)
- ipmr: fix tables suspicious RCU usage (Paolo Abeni)
- ipmr: convert /proc handlers to rcu_read_lock() (Eric Dumazet)
- net: stmmac: dwmac-socfpga: Set RX watchdog interrupt as broken (Maxime Chevallier)
- marvell: pxa168_eth: fix call balance of pep->clk handling routines (Vitalii Mordan)
- net: usb: lan78xx: Fix refcounting and autosuspend on invalid WoL configuration (Oleksij Rempel)
- tg3: Set coherent DMA mask bits to 31 for BCM57766 chipsets (Pavan Chebbi)
- net: usb: lan78xx: Fix memory leak on device unplug by freeing PHY device (Oleksij Rempel)
- power: supply: core: Remove might_sleep() from power_supply_put() (Bart Van Assche)
- vfio/pci: Properly hide first-in-list PCIe extended capability (Avihai Horon) [Orabug: 37433578] {CVE-2024-53214}
- NFSD: Fix nfsd4_shutdown_copy() (Chuck Lever)
- NFSD: Cap the number of bytes copied by nfs4_reset_recoverydir() (Chuck Lever)
- NFSD: Prevent NULL dereference in nfsd4_process_cb_update() (Chuck Lever) [Orabug: 37433594] {CVE-2024-53217}
- rpmsg: glink: use only lower 16-bits of param2 for CMD_OPEN name length (Jonathan Marek)
- rpmsg: glink: Fix GLINK command prefix (Bjorn Andersson)
- rpmsg: glink: Send READ_NOTIFY command in FIFO full case (Arun Kumar Neelakantam)
- rpmsg: glink: Add TX_DATA_CONT command while sending (Arun Kumar Neelakantam)
- perf trace: Avoid garbage when not printing a syscall's arguments (Benjamin Peterson)
- perf trace: Do not lose last events in a race (Benjamin Peterson)
- m68k: coldfire/device.c: only build FEC when HW macros are defined (Antonio Quartulli)
- m68k: mcfgpio: Fix incorrect register offset for CONFIG_M5441x (Jean-Michel Hautbois)
- PCI: cpqphp: Fix PCIBIOS_* return value confusion (Ilpo Järvinen)
- PCI: cpqphp: Use PCI_POSSIBLE_ERROR() to check config reads (weiyufeng)
- perf probe: Correct demangled symbols in C++ program (Leo Yan)
- perf cs-etm: Don't flush when packet_queue fills up (James Clark)
- clk: clk-axi-clkgen: make sure to enable the AXI bus clock (Nuno Sa)
- clk: axi-clkgen: use devm_platform_ioremap_resource() short-hand (Alexandru Ardelean)
- dt-bindings: clock: axi-clkgen: include AXI clk (Nuno Sa)
- dt-bindings: clock: adi,axi-clkgen: convert old binding to yaml format (Alexandru Ardelean)
- fbdev: sh7760fb: Fix a possible memory leak in sh7760fb_alloc_mem() (Zhen Lei) [Orabug: 37434478] {CVE-2024-56746}
- fbdev/sh7760fb: Alloc DMA memory from hardware device (Thomas Zimmermann)
- powerpc/sstep: make emulate_vsx_load and emulate_vsx_store static (Michal Suchanek)
- ocfs2: fix uninitialized value in ocfs2_file_read_iter() (Dmitry Antipov) [Orabug: 37427503] {CVE-2024-53155}
- scsi: qedi: Fix a possible memory leak in qedi_alloc_and_init_sb() (Zhen Lei) [Orabug: 37434484] {CVE-2024-56747}
- scsi: qedf: Fix a possible memory leak in qedf_alloc_and_init_sb() (Zhen Lei) [Orabug: 37434489] {CVE-2024-56748}
- scsi: fusion: Remove unused variable 'rc' (Zeng Heng)
- scsi: bfa: Fix use-after-free in bfad_im_module_exit() (Ye Bin) [Orabug: 37433630] {CVE-2024-53227}
- mfd: rt5033: Fix missing regmap_del_irq_chip() (Zhang Changzhong)
- mtd: rawnand: atmel: Fix possible memory leak (Miquel Raynal)
- cpufreq: loongson2: Unregister platform_driver on failure (Yuan Can)
- mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices (Andy Shevchenko) [Orabug: 37434429] {CVE-2024-56723}
- mfd: intel_soc_pmic_bxtwc: Use IRQ domain for TMU device (Andy Shevchenko) [Orabug: 37434434] {CVE-2024-56724}
- mfd: intel_soc_pmic_bxtwc: Use IRQ domain for USB Type-C device (Andy Shevchenko) [Orabug: 37434330] {CVE-2024-56691}
- mfd: intel_soc_pmic_bxtwc: Use dev_err_probe() (Andy Shevchenko)
- mfd: da9052-spi: Change read-mask to write-mask (Marcus Folkesson)
- mfd: tps65010: Use IRQF_NO_AUTOEN flag in request_irq() to fix race (Jinjie Ruan)
- trace/trace_event_perf: remove duplicate samples on the first tracepoint event (Levi Yun)
- netpoll: Use rcu_access_pointer() in netpoll_poll_lock (Breno Leitao)
- ALSA: 6fire: Release resources at card release (Takashi Iwai) [Orabug: 37433660] {CVE-2024-53239}
- ALSA: caiaq: Use snd_card_free_when_closed() at disconnection (Takashi Iwai) [Orabug: 37433666] {CVE-2024-56531}
- ALSA: us122l: Use snd_card_free_when_closed() at disconnection (Takashi Iwai) [Orabug: 37433672] {CVE-2024-56532}
- net: rfkill: gpio: Add check for clk_enable() (Mingwei Zheng)
- selftests: net: really check for bg process completion (Paolo Abeni)
- bpf, sockmap: Fix sk_msg_reset_curr (Zijian Zhang)
- bpf, sockmap: Several fixes to bpf_msg_pop_data (Zijian Zhang)
- bpf, sockmap: Several fixes to bpf_msg_push_data (Zijian Zhang)
- drm/etnaviv: hold GPU lock across perfmon sampling (Lucas Stach)
- drm/etnaviv: fix power register offset on GC300 (Doug Brown)
- drm/etnaviv: dump: fix sparse warnings (Marc Kleine-Budde)
- drm/msm/adreno: Use IRQF_NO_AUTOEN flag in request_irq() (Jinjie Ruan)
- drm/panfrost: Remove unused id_mask from struct panfrost_model (Steven Price)
- wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (Alper Nebi Yasak) [Orabug: 37433695] {CVE-2024-56539}
- bpf: Fix the xdp_adjust_tail sample prog issue (Yuan Chen)
- ASoC: fsl_micfil: fix regmap_write_bits usage (Shengjiu Wang)
- ASoC: fsl_micfil: use GENMASK to define register bit fields (Sascha Hauer)
- ASoC: fsl_micfil: do not define SHIFT/MASK for single bits (Sascha Hauer)
- ASoC: fsl_micfil: Drop unnecessary register read (Sascha Hauer)
- dt-bindings: vendor-prefixes: Add NeoFidelity, Inc (Igor Prusov)
- drm/imx/ipuv3: Use IRQF_NO_AUTOEN flag in request_irq() (Jinjie Ruan)
- wifi: mwifiex: Use IRQF_NO_AUTOEN flag in request_irq() (Jinjie Ruan)
- wifi: p54: Use IRQF_NO_AUTOEN flag in request_irq() (Jinjie Ruan)
- drm/omap: Fix locking in omap_gem_new_dmabuf() (Tomi Valkeinen)
- wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (Jeongjun Park) [Orabug: 37427509] {CVE-2024-53156}
- drm/mm: Mark drm_mm_interval_tree*() functions with __maybe_unused (Andy Shevchenko)
- firmware: arm_scpi: Check the DVFS OPP count returned by the firmware (Luo Qiu) [Orabug: 37427515] {CVE-2024-53157}
- regmap: irq: Set lockdep class for hierarchical IRQ domains (Andy Shevchenko)
- ARM: dts: cubieboard4: Fix DCDC5 regulator constraints (Andre Przywara)
- tpm: fix signed/unsigned bug when checking event logs (Gregory Price)
- efi/tpm: Pass correct address to memblock_reserve (Jerry Snitselaar)
- mmc: mmc_spi: drop buggy snprintf() (Bartosz Golaszewski)
- soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get() (Dan Carpenter) [Orabug: 37427524] {CVE-2024-53158}
- soc: ti: smartreflex: Use IRQF_NO_AUTOEN flag in request_irq() (Jinjie Ruan)
- time: Fix references to _msecs_to_jiffies() handling of values (Miguel Ojeda)
- crypto: cavium - Fix an error handling path in cpt_ucode_load_fw() (Christophe JAILLET)
- crypto: bcm - add error check in the ahash_hmac_init function (Chen Ridong) [Orabug: 37434298] {CVE-2024-56681}
- crypto: cavium - Fix the if condition to exit loop after timeout (Everest K.C)
- crypto: pcrypt - Call crypto layer directly when padata_do_parallel() return -EBUSY (Yi Yang) [Orabug: 37434323] {CVE-2024-56690}
- EDAC/fsl_ddr: Fix bad bit shift operations (Priyanka Singh)
- EDAC/bluefield: Fix potential integer overflow (David Thompson) [Orabug: 37427533] {CVE-2024-53161}
- firmware: google: Unregister driver_info on failure (Yuan Can)
- firmware: google: Unregister driver_info on failure and exit in gsmi (Arthur Heymans)
- hfsplus: don't query the device logical block size multiple times (Thadeu Lima de Souza Cascardo) [Orabug: 37433720] {CVE-2024-56548}
- s390/syscalls: Avoid creation of arch/arch/ directory (Masahiro Yamada)
- acpi/arm64: Adjust error handling procedure in gtdt_parse_timer_block() (Aleksandr Mishin)
- m68k: mvme147: Reinstate early console (Daniel Palmer)
- m68k: mvme16x: Add and use "mvme16x.h" (Geert Uytterhoeven)
- m68k: mvme147: Fix SCSI controller IRQ numbers (Daniel Palmer)
- nvme-pci: fix freeing of the HMB descriptor table (Christoph Hellwig) [Orabug: 37434510] {CVE-2024-56756}
- initramfs: avoid filename buffer overrun (David Disseldorp) [Orabug: 37388874] {CVE-2024-53142}
- mips: asm: fix warning when disabling MIPS_FP_SUPPORT (Jonas Gorski)
- x86/xen/pvh: Annotate indirect branch as safe (Josh Poimboeuf)
- nvme: fix metadata handling in nvme-passthrough (Puranjay Mohan)
- cifs: Fix buffer overflow when parsing NFS reparse points (Pali Rohár) [Orabug: 37206284] {CVE-2024-49996}
- ipmr: Fix access to mfc_cache_list without lock held (Breno Leitao)
- proc/softirqs: replace seq_printf with seq_put_decimal_ull_width (David Wang)
- ASoC: stm: Prevent potential division by zero in stm32_sai_get_clk_div() (Luo Yifan)
- ASoC: stm: Prevent potential division by zero in stm32_sai_mclk_round_rate() (Luo Yifan)
- regulator: rk808: Add apply_bit for BUCK3 on RK809 (Mikhail Rudenko)
- soc: qcom: Add check devm_kasprintf() returned value (Charles Han)
- net: usb: qmi_wwan: add Quectel RG650V (Benoît Monin)
- x86/amd_nb: Fix compile-testing without CONFIG_AMD_NB (Arnd Bergmann)
- ALSA: hda/realtek: Add subwoofer quirk for Infinix ZERO BOOK 13 (Piyush Raj Chouhan)
- selftests/watchdog-test: Fix system accidentally reset after watchdog-test (Li Zhijian)
- mac80211: fix user-power when emulating chanctx (Ben Greear)
- ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet (Hans de Goede)
- kbuild: Use uname for LINUX_COMPILE_HOST detection (Chris Down)
- media: dvbdev: fix the logic when DVB_DYNAMIC_MINORS is not set (Mauro Carvalho Chehab)
- nilfs2: fix null-ptr-deref in block_dirty_buffer tracepoint (Ryusuke Konishi) [Orabug: 37388819] {CVE-2024-53130}
- ocfs2: fix UBSAN warning in ocfs2_verify_volume() (Dmitry Antipov)
- nilfs2: fix null-ptr-deref in block_touch_buffer tracepoint (Ryusuke Konishi) [Orabug: 37388825] {CVE-2024-53131}
- KVM: VMX: Bury Intel PT virtualization (guest/host mode) behind CONFIG_BROKEN (Sean Christopherson) [Orabug: 37388846] {CVE-2024-53135}
- ocfs2: uncache inode which has failed entering the group (Dmitry Antipov) [Orabug: 37388753] {CVE-2024-53112}
- net/mlx5e: kTLS, Fix incorrect page refcounting (Dragos Tatulea)
- net/mlx5: fs, lock FTE when checking if active (Mark Bloch)
- netlink: terminate outstanding dump on socket close (Jakub Kicinski) [Orabug: 37388861] {CVE-2024-53140}
- LTS tag: v5.4.286 (Alok Tiwari)
- 9p: fix slab cache name creation for real (Linus Torvalds)
- md/raid10: improve code of mrdev in raid10_sync_request (Li Nan)
- net: usb: qmi_wwan: add Fibocom FG132 0x0112 composition (Reinhard Speyerer)
- fs: Fix uninitialized value issue in from_kuid and from_kgid (Alessandro Zanni) [Orabug: 37331928] {CVE-2024-53101}
- powerpc/powernv: Free name on error in opal_event_init() (Michael Ellerman)
- sound: Make CONFIG_SND depend on INDIRECT_IOMEM instead of UML (Julian Vetter)
- bpf: use kvzmalloc to allocate BPF verifier environment (Rik van Riel)
- HID: multitouch: Add quirk for HONOR MagicBook Art 14 touchpad (WangYuli)
- 9p: Avoid creating multiple slab caches with the same name (Pedro Falcato)
- ALSA: usb-audio: Add endianness annotations (Jan Schär)
- vsock/virtio: Initialization of the dangling pointer occurring in vsk->trans (Hyunwoo Kim) [Orabug: 37298681] {CVE-2024-50264}
- hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer (Hyunwoo Kim) [Orabug: 37344480] {CVE-2024-53103}
- ftrace: Fix possible use-after-free issue in ftrace_location() (Zheng Yejian) [Orabug: 36753574] {CVE-2024-38588}
- NFSD: Fix NFSv4's PUTPUBFH operation (Chuck Lever)
- ALSA: usb-audio: Add quirks for Dell WD19 dock (Jan Schär)
- ALSA: usb-audio: Support jack detection on Dell dock (Jan Schär)
- ocfs2: remove entry once instead of null-ptr-dereference in ocfs2_xa_remove() (Andrew Kanner) [Orabug: 37298685] {CVE-2024-50265}
- irqchip/gic-v3: Force propagation of the active state with a read-back (Marc Zyngier)
- USB: serial: option: add Quectel RG650V (Benoît Monin)
- USB: serial: option: add Fibocom FG132 0x0112 composition (Reinhard Speyerer)
- USB: serial: qcserial: add support for Sierra Wireless EM86xx (Jack Wu)
- USB: serial: io_edgeport: fix use after free in debug printk (Dan Carpenter) [Orabug: 37298695] {CVE-2024-50267}
- usb: musb: sunxi: Fix accessing an released usb phy (Zijun Hu) [Orabug: 37298703] {CVE-2024-50269}
- fs/proc: fix compile warning about variable 'vmcore_mmap_ops' (Qi Xi)
- media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (Benoit Sevens) [Orabug: 37344485] {CVE-2024-53104}
- net: bridge: xmit: make sure we have at least eth header len bytes (Nikolay Aleksandrov) [Orabug: 36753372] {CVE-2024-38538}
- spi: fix use-after-free of the add_lock mutex (Michael Walle)
- spi: Fix deadlock when adding SPI controllers on SPI buses (Mark Brown)
- mtd: rawnand: protect access to rawnand devices while in suspend (Sean Nyekjaer)
- btrfs: reinitialize delayed ref list after deleting it from the list (Filipe Manana) [Orabug: 37298715] {CVE-2024-50273}
- nfs: Fix KMSAN warning in decode_getfattr_attrs() (Roberto Sassu) [Orabug: 37304779] {CVE-2024-53066}
- dm-unstriped: cast an operand to sector_t to prevent potential uint32_t overflow (Zichen Xie)
- dm cache: fix potential out-of-bounds access on the first resume (Ming-Hung Tsai) [Orabug: 37298732] {CVE-2024-50278}
- dm cache: optimize dirty bit checking with find_next_bit when resizing (Ming-Hung Tsai)
- dm cache: fix out-of-bounds access to the dirty bitset when resizing (Ming-Hung Tsai) [Orabug: 37298737] {CVE-2024-50279}
- dm cache: correct the number of origin blocks to match the target length (Ming-Hung Tsai)
- drm/amdgpu: add missing size check in amdgpu_debugfs_gprwave_read() (Alex Deucher) [Orabug: 37298751] {CVE-2024-50282}
- pwm: imx-tpm: Use correct MODULO value for EPWM mode (Erik Schumacher)
- media: v4l2-tpg: prevent the risk of a division by zero (Mauro Carvalho Chehab) [Orabug: 37298782] {CVE-2024-50287}
- media: cx24116: prevent overflows on SNR calculus (Mauro Carvalho Chehab) [Orabug: 37298797] {CVE-2024-50290}
- media: s5p-jpeg: prevent buffer overflows (Mauro Carvalho Chehab) [Orabug: 37304763] {CVE-2024-53061}
- ALSA: firewire-lib: fix return value on fail in amdtp_tscm_init() (Murad Masimov)
- media: adv7604: prevent underflow condition when reporting colorspace (Mauro Carvalho Chehab)
- media: dvb_frontend: don't play tricks with underflow values (Mauro Carvalho Chehab)
- media: dvbdev: prevent the risk of out of memory access (Mauro Carvalho Chehab) [Orabug: 37304769] {CVE-2024-53063}
- media: stb0899_algo: initialize cfr before using it (Mauro Carvalho Chehab)
- net: hns3: fix kernel crash when uninstalling driver (Peiyang Wang) [Orabug: 37298811] {CVE-2024-50296}
- can: c_can: fix {rx,tx}_errors statistics (Dario Binacchi)
- sctp: properly validate chunk size in sctp_sf_ootb() (Xin Long) [Orabug: 37298820] {CVE-2024-50299}
- net: enetc: set MAC address to the VF net_device (Wei Fang)
- enetc: simplify the return expression of enetc_vf_set_mac_addr() (Qinglang Miao)
- security/keys: fix slab-out-of-bounds in key_task_permission (Chen Ridong) [Orabug: 37298827] {CVE-2024-50301}
- HID: core: zero-initialize the report buffer (Jiri Kosina) [Orabug: 37298834] {CVE-2024-50302}
- ARM: dts: rockchip: Fix the realtek audio codec on rk3036-kylin (Heiko Stuebner)
- ARM: dts: rockchip: Fix the spi controller on rk3036 (Heiko Stuebner)
- ARM: dts: rockchip: drop grf reference from rk3036 hdmi (Heiko Stuebner)
- ARM: dts: rockchip: fix rk3036 acodec node (Heiko Stuebner)
- arm64: dts: rockchip: Remove #cooling-cells from fan on Theobroma lion (Heiko Stuebner)
- arm64: dts: rockchip: Fix bluetooth properties on Rock960 boards (Heiko Stuebner)
- arm64: dts: rockchip: Remove hdmi's 2nd interrupt on rk3328 (Diederik de Haas)
- arm64: dts: rockchip: Fix rt5651 compatible value on rk3399-sapphire-excavator (Geert Uytterhoeven)

[5.4.17-2136.340.1.el7uek]
- rds/ib: avoid scq/rcq polling during rds connection shutdown (Arumugam Kolappan) [Orabug: 37092563]
- RDMA/mlx5: Send UAR page index as ioctl attribute (Akiva Goldberger) [Orabug: 37029739]
- RDMA: Pass entire uverbs attr bundle to create cq function (Akiva Goldberger) [Orabug: 37029739]
- IB/uverbs: Enable CQ ioctl commands by default (Yishai Hadas) [Orabug: 37029739]

[5.4.17-2136.339.5.el7uek]
- tracing/kprobes: Skip symbol counting logic for module symbols in create_local_trace_kprobe() (Nikolay Kuratov)
- vhost_scsi: log write descriptors (Dongli Zhang) [Orabug: 37393533]
- vhost-scsi: protect vq->log_base with vq->mutex (Dongli Zhang) [Orabug: 37393533]

[5.4.17-2136.339.4.el7uek]
- RDMA/bnxt_re: Check cqe flags to know imm_data vs inv_irkey (Kashyap Desai)
- Revert "mmc: dw_mmc: Fix IDMAC operation with pages bigger than 4K" (Aurelien Jarno)
- mm: revert "mm: shmem: fix data-race in shmem_getattr()" (Andrew Morton)
- net/ipv6: release expired exception dst cached in socket (Jiri Wiesner) [Orabug: 37434173] {CVE-2024-56644}
- Revert "unicode: Don't special case ignorable code points" (Linus Torvalds)
- powerpc/vdso: Flag VDSO64 entry points as functions (Christophe Leroy)
- Revert "usb: gadget: composite: fix OS descriptors w_value logic" (Michal Vrastil)

[5.4.17-2136.339.3.el7uek]
- Revert "ocfs2: fix the la space leak when unmounting an ocfs2 volume" (Sherry Yang) [Orabug: 37364531]
- rds: recv_payload_bad_checksum was not 0 after running rds-stress on UEK6 (William Kucharski) [Orabug: 37265127]
- rds: If RDS Checksums are enabled for RDMA RDS operations, the extension headers will overflow causing incorrect operation (William Kucharski) [Orabug: 37265125]
- rds: rds_message_alloc() needlessly zeroes m_used_sgs (William Kucharski) [Orabug: 37265123]
- rds: tracepoint in rds_receive_csum_err() prints pointless information (William Kucharski) [Orabug: 37265121]
- rds: rds_inc_init() should initialize the inc->i_conn_path field (William Kucharski) [Orabug: 37265117]
- rds: Race condition in adding RDS payload checksum extension header may result in RDS header corruption (William Kucharski) [Orabug: 37265115]
- md/raid10: fix task hung in raid10d (Li Nan) [Orabug: 37126683]
- md/raid10: factor out code from wait_barrier() to stop_waiting_barrier() (Yu Kuai) [Orabug: 37126683]
- md/raid10: avoid deadlock on recovery. (Vitaly Mayatskikh) [Orabug: 37126683]

[5.4.17-2136.339.2.el7uek]
- arm64/cpu_errata: Spectre-BHB mitigation for AMPERE1 expects a loop of 11 iterations. (Miguel Luis) [Orabug: 37027863]

[5.4.17-2136.339.1.el7uek]
- net/rds: report pending-messages count in RDS_INQ response (Devesh Sharma) [Orabug: 35596047] [Orabug: 35316633]
- net/rds: Introduce RDS-INQ feature to RDS protocol (Devesh Sharma) [Orabug: 35316632] [Orabug: 37109336]
- net/rds: Supporting SIOCOUTQ to read pending sends (Devesh Sharma) [Orabug: 34460809] [Orabug: 37072814]
- mm/memory-failure: pass the folio and the page to collect_procs() (Matthew Wilcox (Oracle)) [Orabug: 37270264]
- KVM: x86: Stop compiling vmenter.S with OBJECT_FILES_NON_STANDARD (Sean Christopherson) [Orabug: 37273706]
- KVM: SVM: Create a stack frame in __svm_vcpu_run() for unwinding (Sean Christopherson) [Orabug: 37273706]
- objtool: Default ignore INT3 for unreachable (Peter Zijlstra) [Orabug: 37273706] {CVE-2022-29901}
- x86/spec_ctrl: AMD AutoIBRS cannot be dynamically enabled or disabled (Alexandre Chartre) [Orabug: 37310552]
- x86/msr: Add functions to set/clear the bit of an MSR on all cpus (Alexandre Chartre) [Orabug: 37310552]

ELSA-2025-3396 Important: Oracle Linux 7 grub2 security update

Oracle Linux Security Advisory ELSA-2025-3396

http://linux.oracle.com/errata/ELSA-2025-3396.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
grub2-2.02-0.87.0.27.el7_9.14.x86_64.rpm
grub2-common-2.02-0.87.0.27.el7_9.14.noarch.rpm
grub2-efi-ia32-2.02-0.87.0.27.el7_9.14.x86_64.rpm
grub2-efi-ia32-cdboot-2.02-0.87.0.27.el7_9.14.x86_64.rpm
grub2-efi-ia32-modules-2.02-0.87.0.27.el7_9.14.noarch.rpm
grub2-efi-x64-2.02-0.87.0.27.el7_9.14.x86_64.rpm
grub2-efi-x64-cdboot-2.02-0.87.0.27.el7_9.14.x86_64.rpm
grub2-efi-x64-modules-2.02-0.87.0.27.el7_9.14.noarch.rpm
grub2-pc-2.02-0.87.0.27.el7_9.14.x86_64.rpm
grub2-pc-modules-2.02-0.87.0.27.el7_9.14.noarch.rpm
grub2-tools-2.02-0.87.0.27.el7_9.14.x86_64.rpm
grub2-tools-extra-2.02-0.87.0.27.el7_9.14.x86_64.rpm
grub2-tools-minimal-2.02-0.87.0.27.el7_9.14.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//grub2-2.02-0.87.0.27.el7_9.14.src.rpm

Related CVEs:

CVE-2025-0624

Description of changes:

[2.02-0.87.0.27.el7.14]
- Fix OOB write in grub_net_search_config_file() CVE-2025-0624 [Orabug: 37770226]
- Also adds implementation of grub_strlcpy() for clean backport

[2.02-0.87.0.26.el7.14]
- Replace bugzilla.oracle.com reference [Orabug: 35477723]
- Backport kernel EFI allocation pacthes [Orabug: 34301086]
- Add to the list CVE-2021-3695, CVE-2021-3696, CVE-2021-3697,
CVE-2022-28734, CVE-2022-28735, CVE-2022-28736 [JIRA: OLDIS-16371]
- bump SBAT generation [JIRA: OLDIS-16371]
- Cleanup XEN shell script (Alex Burmashev) [Orabug: 33851417]
- Update SBAT data (Alex Burmashev) [Orabug: 33851417]
- efinet: change SNP open call (Alex Burmashev) [Orabug: 32646964]
- disable buggy 0183-efinet-retransmit-if-our-device-is-busy.patch [Orabug: 27982684]
- Patch multiboot2 to the recent state [Orabug: 32950597]
- Enable multiboot2 for UEFI ( non Secureboot ) mode [Orabug: 32950597]
- Update signing certificate [Orabug: 32670043]
- Update shim and certificates dependencies [Orabug: 32670043]
- xfs: Don't attempt to iterate over empty directory [Orabug: 32584717]
- add SBAT metadata for Oracle Linux grub2
- Use similar format for menu entry in grub environment block
- config file. [Orabug: 32172943]
- Fix degradation in multiboot2 code [Orabug: 32069510]
- Update signing certificate for efi binaries
- Update upstream references [Orabug: 30138841]
- Restore symlink to grub environment file, that was removed during grub2-efi update
if grub2 package is also installed on UEFI machines [Orabug: 27345750]
- fix symlink removal scriptlet, to be executed only on removal [Orabug: 19231481]
- Fix comparison in patch for [Orabug: 18504756]
- Remove symlink to grub environment file during uninstall on EFI platforms [Orabug: 19231481]
- replace dynamic EFI boot folder path generation with predefined 'redhat' (Alex Burmashev)
- Put "with" in menuentry instead of "using" [Orabug: 18504756]
- Use different titles for UEK and RHCK kernels [Orabug: 18504756]

[2.02-087.el7.14]
- Rebuild for signing
- Related: RHEL-23460

[2.02-087.el7.13]
- safemath: add grub_cast for gcc < 5.1
- Related: RHEL-23460

[2.02-087.el7.12]
- Font CVE fixes and bump SBAT (CVE-2022-2601)
- Resolves: RHEL-23460

[2.02-087.el7.11]
- Bump sbat
- Resolves: CVE-2022-28733

[2.02-087.el7.10]
- Backport the relevant CVE fixes from the 2022-05-24 drop
- Resolves: CVE-2022-28733

[2.02-087.el7.9]
- Bump for signing
- Resolves: #1892860

[2.02-0.87.el7.8]
- Fix accidental reboot in grub_exit
- Resolves: #1892860

[2.02-0.87.el7.7]
- Fix boot failures in ppc64le caused by storage race condition (diegodo)
Resolves: rhbz#1942148

[2.02-0.87.el7.6]
- Fix ppc64le performance issues (diegodo)
Resolves: rhbz#1759298

[2.02-0.87.el7.5]
- Add the at keyboard patches that weren't included
Resolves: rhbz#1892240

[2.02-0.87.el7.4]
- add keylayouts and at_keyboard modules to EFI binary
Resolves: rhbz#1892240

[2.02-0.87.el7.3]
- at_keyboard: use set 1 when keyboard is in Translate mode (rmetrich)
Resolves: rhbz#1892240

[2.02-0.87.el7.2]
- Fix another batch of CVEs
Resolves: CVE-2020-14372
Resolves: CVE-2020-25632
Resolves: CVE-2020-25647
Resolves: CVE-2020-27749
Resolves: CVE-2020-27779
Resolves: CVE-2021-20225
Resolves: CVE-2021-20233

[2.02-0.87.e7.1]
- Fix keyboards that report IBM PC AT scan codes
Resolves: rhbz#1892240

ELSA-2025-3395 Important: Oracle Linux 7 freetype security update

Oracle Linux Security Advisory ELSA-2025-3395

http://linux.oracle.com/errata/ELSA-2025-3395.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
freetype-2.8-14.0.1.el7_9.1.i686.rpm
freetype-2.8-14.0.1.el7_9.1.x86_64.rpm
freetype-demos-2.8-14.0.1.el7_9.1.x86_64.rpm
freetype-devel-2.8-14.0.1.el7_9.1.i686.rpm
freetype-devel-2.8-14.0.1.el7_9.1.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//freetype-2.8-14.0.1.el7_9.1.src.rpm

Related CVEs:

CVE-2025-27363

Description of changes:

[2.8-14.0.1.el7_9.1]
- Fix CVE-2025-27363 Out-of-bounds Write [Orabug: 37770275][CVE-2025-27363]

ELEA-2025-2427 Oracle Linux 7 microcode_ctl bug fix and enhancement update

Oracle Linux Enhancement Advisory ELEA-2025-2427

http://linux.oracle.com/errata/ELEA-2025-2427.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
microcode_ctl-2.1-73.23.0.20250211.el7_9.x86_64.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//microcode_ctl-2.1-73.23.0.20250211.el7_9.src.rpm

Description of changes:

[2:2.1-73.23.0.20250211]
- update microcode bundle to 20250211 [Orabug: 37670820]
- drop releasenote.md file

[2:2.1-73.20.0.1]
- don't bother calling dracut if virtualized [Orabug: 35702409]
- also rebuild initramfs for kernel-ueknano [Orabug: 35698043]
- ensure UEK also rebuilds initramfs [Orabug: 34280052]
- for Intel, do not trigger load if on-disk microcode is not an update [Orabug: 30634727]
- set early_microcode="no" in virtualized guests to avoid early load bugs [Orabug: 30618736]
- ensure late loading fixes are present on 4.1.12-* and 4.14.35-*
- enable early and late load for 5.4.17-*
- enable early loading for 06-4f-01 caveat
- remove no longer appropriate caveats for 06-2d-07 and 06-55-04

ELBA-2025-20229 Oracle Linux 7 linux-firmware bug fix update

Oracle Linux Bug Fix Advisory ELBA-2025-20229

http://linux.oracle.com/errata/ELBA-2025-20229.html

The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network:

x86_64:
iwl1000-firmware-39.31.5.1-999.39.el7.noarch.rpm
iwl100-firmware-39.31.5.1-999.39.el7.noarch.rpm
iwl105-firmware-18.168.6.1-999.39.el7.noarch.rpm
iwl135-firmware-18.168.6.1-999.39.el7.noarch.rpm
iwl2000-firmware-18.168.6.1-999.39.el7.noarch.rpm
iwl2030-firmware-18.168.6.1-999.39.el7.noarch.rpm
iwl3160-firmware-22.0.7.0-999.39.el7.noarch.rpm
iwl3945-firmware-15.32.2.9-999.39.el7.noarch.rpm
iwl4965-firmware-228.61.2.24-999.39.el7.noarch.rpm
iwl5000-firmware-8.83.5.1_1-999.39.el7.noarch.rpm
iwl5150-firmware-8.24.2.2-999.39.el7.noarch.rpm
iwl6000-firmware-9.221.4.1-999.39.el7.noarch.rpm
iwl6000g2a-firmware-17.168.5.3-999.39.el7.noarch.rpm
iwl6000g2b-firmware-17.168.5.2-999.39.el7.noarch.rpm
iwl6050-firmware-41.28.5.1-999.39.el7.noarch.rpm
iwl7260-firmware-22.0.7.0-999.39.el7.noarch.rpm
iwlax2xx-firmware-20250319-999.39.el7.noarch.rpm
linux-firmware-20250319-999.39.git430633ec.el7.noarch.rpm

SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates//linux-firmware-20250319-999.39.git430633ec.el7.src.rpm

Description of changes:

[20250319-999.39.git430633ec.el7]
- Rebase to latest upstream [Orabug: 37729115]

[20250203-999.38.git0fd450ee.el7]
- Rebase to latest upstream [Orabug: 37535629]

[20241213-999.36.git2cdfe09e.el7]
- Rebase to latest upstream [Orabug: 37405529]

Kernel updates for AlmaLinux 8

Python, Hauler, Gitoxide, and more updates for SUSE

Kernel, XFSProgs, Microcode_CTL, and more for Oracle Linux

ELBA-2025-20228 Oracle Linux 9 Unbreakable Enterprise kernel bug fix update

ELBA-2025-20225 Oracle Linux 9 xfsprogs bug fix update

ELBA-2025-20224 Oracle Linux 9 libbpf bug fix update

ELBA-2025-20223 Oracle Linux 9 microcode_ctl bug fix update

ELBA-2025-20222 Oracle Linux 9 ipmctl bug fix update

ELBA-2025-20221 Oracle Linux 9 dwarves bug fix update

ELBA-2025-20220 Oracle Linux 9 dtrace bug fix update

ELBA-2025-20219 Oracle Linux 9 snapper bug fix update

ELBA-2025-20218 Oracle Linux 9 dnf-plugins-extras bug fix update

ELBA-2025-20217 Oracle Linux 9 btrfs-progs bug fix update

ELBA-2025-20216 Oracle Linux 9 adaptivemm bug fix update

ELBA-2025-20215 Oracle Linux 9 iproute bug fix update

OLAMSA-2025-0003 Important: Oracle Linux 8 OLAM2.2 Security Update

ELSA-2025-20270 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update

ELSA-2025-20270 Important: Oracle Linux 9 Unbreakable Enterprise kernel security update

ELSA-2025-3833 Important: Oracle Linux 9 gvisor-tap-vsock security update

ELBA-2025-20229 Oracle Linux 9 linux-firmware bug fix update

ELBA-2025-20226 Oracle Linux 9 oraclelinux-release-el9 bug fix update

ELSA-2025-20270 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update

ELSA-2025-20271 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update

ELSA-2025-3913 Moderate: Oracle Linux 8 expat security update

ELSA-2025-3893 Moderate: Oracle Linux 8 kernel security update

ELSA-2025-20271 Important: Oracle Linux 8 Unbreakable Enterprise kernel security update

ELBA-2025-20229 Oracle Linux 8 linux-firmware bug fix update

ELSA-2025-20271 Important: Oracle Linux 7 Unbreakable Enterprise kernel security update

ELSA-2025-3396 Important: Oracle Linux 7 grub2 security update

ELSA-2025-3395 Important: Oracle Linux 7 freetype security update

ELEA-2025-2427 Oracle Linux 7 microcode_ctl bug fix and enhancement update

ELBA-2025-20229 Oracle Linux 7 linux-firmware bug fix update

Windows

Linux

macOS

Community