Project kernel-4.18.0-553.76.1.el8_10
| Name | kernel |
|---|---|
| Epoch | 0 |
| Version | 4.18.0 |
| Release | 553.76.1.el8_10 |
| Website/URL | http://www.kernel.org/ |
| License | GPLv2 and Redistributable, no modification permitted |
| Build Time | 2025-09-23 11:41:48 |
| Build Host | builder-iso-x86-01.inferitos.ru |
| Summary | The Linux kernel, based on version 4.18.0, heavily modified with backports |
| Repositories | BaseOS |
| Description | This is the package which provides the Linux kernel for MSVSphere. It is based on upstream Linux at version 4.18.0 and maintains kABI compatibility of a set of approved symbols, however it is heavily modified with backports and fixes pulled from newer upstream Linux kernel releases. This means this is not a 4.18.0 kernel anymore: it includes several components which come from newer upstream linux versions, while maintaining a well tested and stable core. Some of the components/backports that may be pulled in are: changes like updates to the core kernel (eg.: scheduler, cgroups, memory management, security fixes and features), updates to block layer, supported filesystems, major driver updates for supported hardware in MSVSphere, enhancements for enterprise customers, etc. |
| Errata | INFSA-2025:16372 |
×
![Full screenshot]()
| Package | Summary | SHA-256 checksum |
|---|---|---|
| x86_64 | ||
| bpftool-4.18.0-553.76.1.el8_10.x86_64 | Inspection and simple manipulation of eBPF programs and maps | 57f6f6728bae48b933b97d81f8f2b9f44d2a43c887a16edcf27d111877d9ad32 |
| kernel-4.18.0-553.76.1.el8_10.x86_64 | The Linux kernel, based on version 4.18.0, heavily modified with backports | 6d6b673f1e8b0cdc974c8e72c4fc431ce45e9a7cb2ddb7f92937936ee8dc7504 |
| kernel-core-4.18.0-553.76.1.el8_10.x86_64 | The Linux kernel | 229998499d94efb48cced0625e290d18217b8e84bf2be6d0390f91c7b4fc4ca5 |
| kernel-cross-headers-4.18.0-553.76.1.el8_10.x86_64 | Header files for the Linux kernel for use by cross-glibc | 150e6d832c7e9b25000112a698ba489701c7f934797d083228559e928233085f |
| kernel-debug-4.18.0-553.76.1.el8_10.x86_64 | kernel meta-package for the debug kernel | 5531d7ffaaf702fda195fed5c6a0296c29bb1c2f3ada87ee8425e920a06b3c9d |
| kernel-debug-core-4.18.0-553.76.1.el8_10.x86_64 | The Linux kernel compiled with extra debugging enabled | 73b009c20710cbe2c4fcd2872a7e7948d6903bf2243568fb3cffa8501e3efde7 |
| kernel-debug-devel-4.18.0-553.76.1.el8_10.x86_64 | Development package for building kernel modules to match the debug kernel | 8f34ad2ac38127f9d63d6a8390064c0c3468f4201095dee30b4b900f5657b6a2 |
| kernel-debug-modules-4.18.0-553.76.1.el8_10.x86_64 | kernel modules to match the debug-core kernel | 18bdafddf616ba665dcf2271797417433d067f950ff9ebf450b4ca7228701a37 |
| kernel-debug-modules-extra-4.18.0-553.76.1.el8_10.x86_64 | Extra kernel modules to match the debug kernel | 2c4070879306fce75dfbf605d932d30caca89dba51e04ae020653616b73905ca |
| kernel-devel-4.18.0-553.76.1.el8_10.x86_64 | Development package for building kernel modules to match the kernel | f4205bc053e0d3f05ada04c03bd59dc95abbb928113e2da7771e3e079f79e3a3 |
| kernel-headers-4.18.0-553.76.1.el8_10.x86_64 | Header files for the Linux kernel for use by glibc | 70efa5f2458c710654eaf125a4d82112e2626d10f992ad5fcac9d59587a87145 |
| kernel-modules-4.18.0-553.76.1.el8_10.x86_64 | kernel modules to match the core kernel | fd2e0b2ecd2c98708ad90cdfc6657269ed1aceb921d1c21b54d259bca6b65889 |
| kernel-modules-extra-4.18.0-553.76.1.el8_10.x86_64 | Extra kernel modules to match the kernel | abaa342c35a04b0d3237daed774ca84fbffa50a3e65e248bc1d9dd81c14de3e8 |
| kernel-tools-4.18.0-553.76.1.el8_10.x86_64 | Assortment of tools for the Linux kernel | 537a1128eaae5802b4c939def311e044ed24db7e32ccc28ea8a4f0005f711473 |
| kernel-tools-libs-4.18.0-553.76.1.el8_10.x86_64 | Libraries for the kernel-tools | 4ccd3e1402d68287442dfc887d737f16cb6799feb087886efb9a3476ce6e2a93 |
| perf-4.18.0-553.76.1.el8_10.x86_64 | Performance monitoring for the Linux kernel | bd52724a825a9d94cc81637b5b48519f4d28ffdc4f6e08221d517de2346f73fb |
| python3-perf-4.18.0-553.76.1.el8_10.x86_64 | Python bindings for apps which will manipulate perf events | 538a9d33f56b1be8ee8897340ddd8ee8da26a0d67eaee3b7047dafa92fa00f11 |
| kernel-tools-libs-devel-4.18.0-553.76.1.el8_10.x86_64 | Assortment of tools for the Linux kernel | eedb25a227b17009c201653270fe6cce0d99749a00841781616a651a43b3dd80 |
| noarch | ||
| kernel-abi-stablelists-4.18.0-553.76.1.el8_10.noarch | The MSVSphere Linux kernel ABI symbol stablelists | e279cf8a293c1d8a27da848888e91c1301442a7b60dcb031bd1702c3db07d41b |
| kernel-doc-4.18.0-553.76.1.el8_10.noarch | Various documentation bits found in the kernel source | 1ea55bc38e70d9873ae437f1a29fd1a7515cb3a903938068c1d48de5d395c6d7 |
| src | ||
| kernel-4.18.0-553.76.1.el8_10.src | The Linux kernel, based on version 4.18.0, heavily modified with backports | e7025ef431ba58ad8432c4d6edb420a24a1e7fc48449c6c069b8a656ab3742d5 |
* Sun Sep 14 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.76.1.el8_10]
- HID: core: Harden s32ton() against conversion to 0 bits (CKI Backport Bot) [RHEL-111027] {CVE-2025-38556}
- HID: stop exporting hid_snto32() (CKI Backport Bot) [RHEL-111027] {CVE-2025-38556}
- HID: simplify snto32() (CKI Backport Bot) [RHEL-111027] {CVE-2025-38556}
- HID: core: fix shift-out-of-bounds in hid_report_raw_event (CKI Backport Bot) [RHEL-111027] {CVE-2025-38556}
- use uniform permission checks for all mount propagation changes (Ian Kent) [RHEL-107299] {CVE-2025-38498}
- do_change_type(): refuse to operate on unmounted/not ours mounts (Ian Kent) [RHEL-107299] {CVE-2025-38498}
- xfs: make sure sb_fdblocks is non-negative (Pavel Reichl) [RHEL-104193]
- vsock: Fix transport_* TOCTOU (CKI Backport Bot) [RHEL-105991] {CVE-2025-38461}
* Tue Sep 09 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.75.1.el8_10]
- Revert "module, async: async_synchronize_full() on module init iff async is used" (Herton R. Krzesinski) [RHEL-99812]
- mm/page_alloc: make sure free_pcppages_bulk() bails when given count < 0 (Rafael Aquini) [RHEL-85453]
- sch_cbq: make cbq_qlen_notify() idempotent (Ivan Vecera) [RHEL-93376]
- net/sched: ets: use old 'nbands' while purging unused classes (Ivan Vecera) [RHEL-107541] {CVE-2025-38350}
- net_sched: sch_ets: implement lockless ets_dump() (Ivan Vecera) [RHEL-107541] {CVE-2025-38350}
- net/sched: Always pass notifications when child class becomes empty (Ivan Vecera) [RHEL-93376] {CVE-2025-38350}
- net_sched: ets: fix a race in ets_qdisc_change() (Ivan Vecera) [RHEL-107541] {CVE-2025-38107}
- sch_htb: make htb_deactivate() idempotent (Ivan Vecera) [RHEL-93376] {CVE-2025-37953}
- codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (Ivan Vecera) [RHEL-93376] {CVE-2025-37798}
- sch_qfq: make qfq_qlen_notify() idempotent (Ivan Vecera) [RHEL-93376] {CVE-2025-38350}
- sch_drr: make drr_qlen_notify() idempotent (Ivan Vecera) [RHEL-93376] {CVE-2025-38350}
- sch_htb: make htb_qlen_notify() idempotent (Ivan Vecera) [RHEL-93376] {CVE-2025-37932}
- idpf: convert control queue mutex to a spinlock (CKI Backport Bot) [RHEL-106049] {CVE-2025-38392}
- drm/framebuffer: Acquire internal references on GEM handles (Anusha Srivatsa) [RHEL-106684] {CVE-2025-38449}
- drm/gem: Acquire references on GEM handles for framebuffers (Anusha Srivatsa) [RHEL-106684] {CVE-2025-38449}
- tracing: Disable interrupt or preemption before acquiring arch_spinlock_t (partial) (Luis Claudio R. Goncalves) [RHEL-95713]
- vmxnet3: disable rx data ring on dma allocation failure (Michal Schmidt) [RHEL-106160]
- xfs: fix error returns from xfs_bmapi_write (Carlos Maiolino) [RHEL-93655]
- xfs: handle nimaps=0 from xfs_bmapi_write in xfs_alloc_file_space (Carlos Maiolino) [RHEL-93655]
- net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull (CKI Backport Bot) [RHEL-112239] {CVE-2023-53125}
- net: usb: smsc75xx: Limit packet length to skb->len (CKI Backport Bot) [RHEL-112239] {CVE-2023-53125}
- PCI: Support BAR sizes up to 8TB (Myron Stowe) [RHEL-106671]
* Sun Sep 07 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.74.1.el8_10]
- posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() (Oleg Nesterov) [RHEL-112775] {CVE-2025-38352}
* Thu Aug 28 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.73.1.el8_10]
- ACPI: resource: Honor MADT INT_SRC_OVR settings for IRQ1 on AMD Zen (Jay Shin) [RHEL-108360]
- ACPI: resource: Always use MADT override IRQ settings for all legacy non i8042 IRQs (Jay Shin) [RHEL-108360]
- s390/pci: Allow automatic recovery with minimal driver support (Mete Durlu) [RHEL-110234]
- bpf: Don't use tnum_range on array range checking for poke descriptors (CKI Backport Bot) [RHEL-109298] {CVE-2022-49985}
- s390/ism: fix concurrency management in ism_cmd() (Mete Durlu) [RHEL-110208]
* Sat Aug 23 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.72.1.el8_10]
- scsi: lpfc: Use memcpy() for BIOS version (Ewan D. Milne) [RHEL-105927] {CVE-2025-38332}
- watchdog/perf: properly initialize the turbo mode timestamp and rearm counter (David Arcari) [RHEL-103371]
- RDMA/iwcm: Fix use-after-free of work objects after cm_id destruction (Michal Schmidt) [RHEL-104260] {CVE-2025-38211}
- RDMA/iwcm: Fix WARNING:at_kernel/workqueue.c:#check_flush_dependency (Michal Schmidt) [RHEL-104260] {CVE-2024-47696}
- RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (Michal Schmidt) [RHEL-104260] {CVE-2024-42285}
- net/sched: sch_qfq: Avoid triggering might_sleep in atomic context in qfq_delete_class (CKI Backport Bot) [RHEL-106312] {CVE-2025-38477}
- net/sched: sch_qfq: Fix race condition on qfq_aggregate (CKI Backport Bot) [RHEL-106312] {CVE-2025-38477}
- cxgb4: use port number to set mac addr (CKI Backport Bot) [RHEL-75976]
- net/sched: Abort __tc_modify_qdisc if parent class does not exist (CKI Backport Bot) [RHEL-107894]
- aacraid: fix a buffer overflow (Tomas Henzl) [RHEL-62313]
- filemap: remove use of wait bookmarks (Brian Foster) [RHEL-107181]
- x86/efistub: Omit physical KASLR when memory reservations exist (Ricardo Robaina) [RHEL-82369]
- efi/libstub: Check return value of efi_parse_options (Ricardo Robaina) [RHEL-82369]
- efi/x86: Support builtin command line (Ricardo Robaina) [RHEL-82369]
- tipc: Fix use-after-free in tipc_conn_close(). (CKI Backport Bot) [RHEL-106635] {CVE-2025-38464}
- sbitmap: remove stale comment in sbq_calc_wake_batch (Ming Lei) [RHEL-81758]
- block: Fix lockdep warning in blk_mq_mark_tag_wait (Ming Lei) [RHEL-81758]
- blk-mq: fix potential io hang by wrong 'wake_batch' (Ming Lei) [RHEL-81758]
- lib/sbitmap: define swap_lock as raw_spinlock_t (Ming Lei) [RHEL-81758]
- sbitmap: fix io hung due to race on sbitmap_word::cleared (Ming Lei) [RHEL-81758]
- sbitmap: use READ_ONCE to access map->word (Ming Lei) [RHEL-81758]
- sbitmap: fix batching wakeup (Ming Lei) [RHEL-81758]
- sbitmap: correct wake_batch recalculation to avoid potential IO hung (Ming Lei) [RHEL-81758]
- sbitmap: add sbitmap_find_bit to remove repeat code in __sbitmap_get/__sbitmap_get_shallow (Ming Lei) [RHEL-81758]
- sbitmap: rewrite sbitmap_find_bit_in_index to reduce repeat code (Ming Lei) [RHEL-81758]
- sbitmap: remove redundant check in __sbitmap_queue_get_batch (Ming Lei) [RHEL-81758]
- sbitmap: remove unnecessary calculation of alloc_hint in __sbitmap_get_shallow (Ming Lei) [RHEL-81758]
- sbitmap: Use atomic_long_try_cmpxchg in __sbitmap_queue_get_batch (Ming Lei) [RHEL-81758]
- sbitmap: remove unnecessary code in __sbitmap_queue_get_batch (Ming Lei) [RHEL-81758]
- lib/sbitmap: Fix invalid loop in __sbitmap_queue_get_batch() (Ming Lei) [RHEL-81758]
- lib/sbitmap: kill 'depth' from sbitmap_word (Ming Lei) [RHEL-81758]
- sbitmap: add __sbitmap_queue_get_batch() (Ming Lei) [RHEL-81758]
- sbitmap: Try each queue to wake up at least one waiter (Ming Lei) [RHEL-81758]
- wait: Return number of exclusive waiters awaken (Ming Lei) [RHEL-81758]
- sched/wait: Deduplicate code with do-while (Ming Lei) [RHEL-81758]
- sbitmap: Advance the queue index before waking up a queue (Ming Lei) [RHEL-81758]
- sbitmap: Use single per-bitmap counting to wake up queued tags (Ming Lei) [RHEL-81758]
- blk-mq: Fix wrong wakeup batch configuration which will cause hang (Ming Lei) [RHEL-81758]
- blk-mq: fix tag_get wait task can't be awakened (Ming Lei) [RHEL-81758]
* Fri Aug 15 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.71.1.el8_10]
- udp: Fix memory accounting leak. (Xin Long) [RHEL-104084] {CVE-2025-22058}
- i40e: fix MMIO write access to an invalid page in i40e_clear_hw (Dennis Chen) [RHEL-106041] {CVE-2025-38200}
- gfs2: Don't clear sb->s_fs_info in gfs2_sys_fs_add (Andrew Price) [RHEL-88072]
- gfs2: Remove unnecessary NULL check before free_percpu() (Andreas Gruenbacher) [RHEL-88072]
- gfs2: replace sd_aspace with sd_inode (Andreas Gruenbacher) [RHEL-88072]
- writeback: fix false warning in inode_to_wb() (Andreas Gruenbacher) [RHEL-88072]
- gfs2: No more self recovery (Andreas Gruenbacher) [RHEL-104232]
- gfs2: Get rid of gfs2_glock_queue_put in signal_our_withdraw (Andreas Gruenbacher) [RHEL-104232]
- gfs2: Fix withdraw race (Andreas Gruenbacher) [RHEL-104232]
* Tue Aug 12 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.70.1.el8_10]
- i2c/designware: Fix an initialization issue (CKI Backport Bot) [RHEL-106617] {CVE-2025-38380}
- Bluetooth: hci_core: Fix use-after-free in vhci_flush() (David Marlin) [RHEL-103246] {CVE-2025-38250}
- net_sched: ets: Fix double list add in class with netem as child qdisc (Xin Long) [RHEL-104717] {CVE-2025-37914}
- sch_ets: make est_qlen_notify() idempotent (Xin Long) [RHEL-104717]
- drm/vkms: Fix use after free and double free on init error (CKI Backport Bot) [RHEL-99402] {CVE-2025-22097}
- s390/pci: Do not try re-enabling load/store if device is disabled (Mete Durlu) [RHEL-105600]
- s390/pci: Fix stale function handles in error handling (Mete Durlu) [RHEL-105600]
* Thu Aug 07 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.69.1.el8_10]
- Revert "sch_htb: make htb_qlen_notify() idempotent" (Denys Vlasenko) [RHEL-108140]
- Revert "sch_drr: make drr_qlen_notify() idempotent" (Denys Vlasenko) [RHEL-108140]
- Revert "sch_qfq: make qfq_qlen_notify() idempotent" (Denys Vlasenko) [RHEL-108140]
- Revert "codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()" (Denys Vlasenko) [RHEL-108140]
- Revert "sch_htb: make htb_deactivate() idempotent" (Denys Vlasenko) [RHEL-108140]
- Revert "net/sched: Always pass notifications when child class becomes empty" (Denys Vlasenko) [RHEL-108140]
- Revert "sch_cbq: make cbq_qlen_notify() idempotent" (Denys Vlasenko) [RHEL-108140]
* Mon Aug 04 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.68.1.el8_10]
- ipv6: mcast: extend RCU protection in igmp6_send() (Hangbin Liu) [RHEL-102392] {CVE-2025-21759}
- md/md-bitmap: move bitmap_{start, end}write to md upper layer (Nigel Croxon) [RHEL-57991]
- md/raid5: implement pers->bitmap_sector() (Nigel Croxon) [RHEL-57991]
- md: add a new callback pers->bitmap_sector() (Nigel Croxon) [RHEL-57991]
- md/md-bitmap: remove the last parameter for bimtap_ops->endwrite() (Nigel Croxon) [RHEL-57991]
- md/md-bitmap: factor behind write counters out from bitmap_{start/end}write() (Nigel Croxon) [RHEL-57991]
- md/raid5: recheck if reshape has finished with device_lock held (Nigel Croxon) [RHEL-57991]
- md/md-linear: enable io accounting (Nigel Croxon) [RHEL-59928]
- md/md-multipath: enable io accounting (Nigel Croxon) [RHEL-59928]
- md/raid10: switch to use md_account_bio() for io accounting (Nigel Croxon) [RHEL-59928]
- md/raid1: switch to use md_account_bio() for io accounting (Nigel Croxon) [RHEL-59928]
- raid5: fix missing io accounting in raid5_align_endio() (Nigel Croxon) [RHEL-59928]
- md: also clone new io if io accounting is disabled (Nigel Croxon) [RHEL-59928]
- sch_cbq: make cbq_qlen_notify() idempotent (Ivan Vecera) [RHEL-93376]
- net/sched: Always pass notifications when child class becomes empty (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_htb: make htb_deactivate() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_qfq: make qfq_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_drr: make drr_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- sch_htb: make htb_qlen_notify() idempotent (CKI Backport Bot) [RHEL-93376] {CVE-2025-38350}
- can: peak_usb: fix use after free bugs (CKI Backport Bot) [RHEL-99447] {CVE-2021-47670}
- wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds (CKI Backport Bot) [RHEL-103141] {CVE-2025-38159}
- net/ipv6: release expired exception dst cached in socket (Guillaume Nault) [RHEL-105794] {CVE-2024-56644}
* Thu Jul 31 2025 Denys Vlasenko <dvlasenk@redhat.com> [4.18.0-553.67.1.el8_10]
- mm/hugetlb: fix huge_pmd_unshare() vs GUP-fast race (Rafael Aquini) [RHEL-101233] {CVE-2025-38085}
- mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma (Rafael Aquini) [RHEL-101233] {CVE-2025-38085}
- mm/khugepaged: fix GUP-fast interaction by sending IPI (Rafael Aquini) [RHEL-101233] {CVE-2025-38085}
- mm/khugepaged: take the right locks for page table retraction (Rafael Aquini) [RHEL-101233] {CVE-2025-38085}
- mm/khugepaged: unify collapse pmd clear, flush and free (Rafael Aquini) [RHEL-101233] {CVE-2025-38085}
- padata: fix UAF in padata_reorder (Waiman Long) [RHEL-101398] {CVE-2025-21727}
- redhat: update BUILD_TARGET to rhel-8.10.0-z-test-pesign (Jan Stancek)
- ftrace: Clean up hash direct_functions on register failures (Gregory Bell) [RHEL-103912]