ELSA-2025-18318

Описание

[6.12.0-55.40.1.0.1]

• nvme-pci: remove two deallocate zeroes quirks [Orabug: 37756650]
• Add new Oracle Linux Driver Signing (key 1) certificate [Orabug: 37985782]
• Disable UKI signing [Orabug: 36571828]
• Update Oracle Linux certificates (Kevin Lyons)
• Disable signing for aarch64 (Ilya Okomin)
• Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237]
• Update x509.genkey [Orabug: 24817676]
• Conflict with shim-ia32 and shim-x64 <= 15.3-1.0.5]
• Remove upstream reference during boot (Kevin Lyons) [Orabug: 34729535]
• Add Oracle Linux IMA certificates
• Update module name for cryptographic module [Orabug: 37400433]

[6.12.0-55.40.1]

• scsi: lpfc: Fix buffer free/clear order in deferred receive path (CKI Backport Bot) [RHEL-119125] {CVE-2025-39841}
• efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare (CKI Backport Bot) [RHEL-118460] {CVE-2025-39817}
• ibmveth: Add multi buffers rx replenishment hcall support (Mamatha Inamdar) [RHEL-116192]
• net: ibmveth: Reset the adapter when unexpected states are detected (Mamatha Inamdar) [RHEL-116192]
• SUNRPC: call xs_sock_process_cmsg for all cmsg (Olga Kornievskaia) [RHEL-110813]
• sunrpc: fix client side handling of tls alerts (Olga Kornievskaia) [RHEL-110813] {CVE-2025-38571}
• s390/pci: Do not try re-enabling load/store if device is disabled (CKI Backport Bot) [RHEL-114447]
• s390/pci: Fix stale function handles in error handling (CKI Backport Bot) [RHEL-114447]
• s390/hypfs: Enable limited access during lockdown (CKI Backport Bot) [RHEL-114430]
• s390/hypfs: Avoid unnecessary ioctl registration in debugfs (CKI Backport Bot) [RHEL-114430]
• ibmvnic: Use ndo_get_stats64 to fix inaccurate SAR reporting (Mamatha Inamdar) [RHEL-114438]
• ibmvnic: Fix hardcoded NUM_RX_STATS/NUM_TX_STATS with dynamic sizeof (Mamatha Inamdar) [RHEL-114438]
• ibmvnic: Add stat for tx direct vs tx batched (Mamatha Inamdar) [RHEL-114438]
• ipv6: reject malicious packets in ipv6_gso_segment() (CKI Backport Bot) [RHEL-113248] {CVE-2025-38572}
• enic: fix incorrect MTU comparison in enic_change_mtu() (John Meneghini) [RHEL-108265]
• net/enic: Allow at least 8 RQs to always be used (John Meneghini) [RHEL-108265]
• enic: get max rq & wq entries supported by hw, 16K queues (John Meneghini) [RHEL-106602]
• enic: cleanup of enic wq request completion path (John Meneghini) [RHEL-106602]
• enic: added enic_wq.c and enic_wq.h (John Meneghini) [RHEL-106602]
• enic: remove unused function cq_enet_wq_desc_dec (John Meneghini) [RHEL-106602]
• enic: enable rq extended cq support (John Meneghini) [RHEL-106602]
• enic: enic rq extended cq defines (John Meneghini) [RHEL-106602]
• enic: enic rq code reorg (John Meneghini) [RHEL-106602]
• enic: Move function from header file to c file (John Meneghini) [RHEL-106602]
• enic: add dependency on Page Pool (John Meneghini) [RHEL-106602]
• enic: remove copybreak tunable (John Meneghini) [RHEL-106602]
• enic: Use the Page Pool API for RX (John Meneghini) [RHEL-106602]
• enic: Simplify RX handler function (John Meneghini) [RHEL-106602]
• enic: Move RX functions to their own file (John Meneghini) [RHEL-106602]
• enic: Fix typo in comment in table indexed by link speed (John Meneghini) [RHEL-106602]
• enic: Obtain the Link speed only after the link comes up (John Meneghini) [RHEL-106602]
• enic: Move RX coalescing set function (John Meneghini) [RHEL-106602]
• enic: Move kdump check into enic_adjust_resources() (John Meneghini) [RHEL-106602]
• enic: Move enic resource adjustments to separate function (John Meneghini) [RHEL-106602]
• enic: Adjust used MSI-X wq/rq/cq/interrupt resources in a more robust way (John Meneghini) [RHEL-106602]
• enic: Allocate arrays in enic struct based on VIC config (John Meneghini) [RHEL-106602]
• enic: Save resource counts we read from HW (John Meneghini) [RHEL-106602]
• enic: Make MSI-X I/O interrupts come after the other required ones (John Meneghini) [RHEL-106602]
• enic: Create enic_wq/rq structures to bundle per wq/rq data (John Meneghini) [RHEL-106602]
• scsi: fnic: Fix missing DMA mapping error in fnic_send_frame() (John Meneghini) [RHEL-111542]
• scsi: fnic: Set appropriate logging level for log message (John Meneghini) [RHEL-111542]
• scsi: fnic: Add and improve logs in FDMI and FDMI ABTS paths (John Meneghini) [RHEL-111542]
• scsi: fnic: Turn off FDMI ACTIVE flags on link down (John Meneghini) [RHEL-111542]
• scsi: fnic: Fix crash in fnic_wq_cmpl_handler when FDMI times out (John Meneghini) [RHEL-111542]
• scsi: fnic: Remove unnecessary spinlock locking and unlocking (John Meneghini) [RHEL-111539]
• scsi: fnic: Replace fnic->lock_flags with local flags (John Meneghini) [RHEL-111539]
• scsi: fnic: Replace use of sizeof with standard usage (John Meneghini) [RHEL-111539]
• scsi: fnic: Fix indentation and remove unnecessary parenthesis (John Meneghini) [RHEL-111539]
• scsi: fnic: Remove unnecessary debug print (John Meneghini) [RHEL-111539]
• scsi: fnic: Propagate SCSI error code from fnic_scsi_drv_init() (John Meneghini) [RHEL-111539]
• scsi: fnic: Test for memory allocation failure and return error code (John Meneghini) [RHEL-111539]
• scsi: fnic: Return appropriate error code from failure of scsi drv init (John Meneghini) [RHEL-111539]
• scsi: fnic: Return appropriate error code for mem alloc failure (John Meneghini) [RHEL-111539]
• scsi: fnic: Remove always-true IS_FNIC_FCP_INITIATOR macro (John Meneghini) [RHEL-111539]
• scsi: fnic: Fix use of uninitialized value in debug message (John Meneghini) [RHEL-111539]
• scsi: fnic: Delete incorrect debugfs error handling (John Meneghini) [RHEL-111539]
• scsi: fnic: Remove unnecessary else to fix warning in FDLS FIP (John Meneghini) [RHEL-111539]
• scsi: fnic: Remove extern definition from .c files (John Meneghini) [RHEL-111539]
• scsi: fnic: Remove unnecessary else and unnecessary break in FDLS (John Meneghini) [RHEL-111539]
• scsi: fnic: Increment driver version (John Meneghini) [RHEL-111539]
• scsi: fnic: Add support to handle port channel RSCN (John Meneghini) [RHEL-111539]
• scsi: fnic: Code cleanup (John Meneghini) [RHEL-111539]
• scsi: fnic: Add stats and related functionality (John Meneghini) [RHEL-111539]
• scsi: fnic: Modify fnic interfaces to use FDLS (John Meneghini) [RHEL-111539]
• scsi: fnic: Modify IO path to use FDLS (John Meneghini) [RHEL-111539]
• scsi: fnic: Add functionality in fnic to support FDLS (John Meneghini) [RHEL-111539]
• scsi: fnic: Add and integrate support for FIP (John Meneghini) [RHEL-111539]
• scsi: fnic: Add and integrate support for FDMI (John Meneghini) [RHEL-111539]
• scsi: fnic: Add Cisco hardware model names (John Meneghini) [RHEL-111539]
• scsi: fnic: Add support for unsolicited requests and responses (John Meneghini) [RHEL-111539]
• scsi: fnic: Add support for target based solicited requests and responses (John Meneghini) [RHEL-111539]
• scsi: fnic: Add support for fabric based solicited requests and responses (John Meneghini) [RHEL-111539]
• scsi: fnic: Add headers and definitions for FDLS (John Meneghini) [RHEL-111539]
• scsi: fnic: Replace shost_printk() with dev_info()/dev_err() (John Meneghini) [RHEL-111539]
• eventpoll: Fix semi-unbounded recursion (CKI Backport Bot) [RHEL-111056] {CVE-2025-38614}
• mm/memory-tier: fix abstract distance calculation overflow (Rafael Aquini) [RHEL-109447]
• KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush (CKI Backport Bot) [RHEL-104737] {CVE-2025-38351}