tuned bug fix and enhancement update

RLBA-2022:8321 tuned bug fix and enhancement update For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2024 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for tuned. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-rt-rpms tuned-profiles-realtime-2.19.0-1.el9.noarch.rpm fb0dbba6e33e15cead237638bb3ba2217f1f97dad6d226fbf28ddc5b6f256016 RLBA-2022:7934 rteval bug fix and enhancement update For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2024 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for rteval. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-rt-rpms rteval-3.4-1.el9.noarch.rpm 779ef99730b0722c8085dd7bfeb5caa7c3fc469c860fe8070cc6f73ba2ae964c RLBA-2022:7936 realtime-setup bug fix and enhancement update For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2024 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for realtime-setup. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-rt-rpms realtime-setup-2.2-6.el9.x86_64.rpm 09d1e8c58237d226f48dcd7ea1859255908739b2bd44891cb9c2200a7737ac18 RLBA-2022:7939 rteval-loads bug fix and enhancement update For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. Copyright 2024 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

An update is available for rteval-loads. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

For detailed information on changes in this release, see the Rocky Linux 9.1 Release Notes linked from the References section. rocky-linux-9-x86-64-rt-rpms rteval-loads-1.6-1.el9.noarch.rpm d90521c5eadf3f090373ef007bc30c919b714cf597c400efd189542cc7de73bb RLSA-2023:0300 Important: kernel-rt security and bug fix update The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: watch queue race condition can lead to privilege escalation (CVE-2022-2959) * kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964) * kernel: i915: Incorrect GPU TLB flush can lead to random memory access (CVE-2022-4139) * kernel: nfsd buffer overflow by RPC message over TCP with garbage data (CVE-2022-43945) * kernel: i2c: unbounded length leads to buffer overflow in ismt_access() (CVE-2022-3077) * kernel: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option (CVE-2022-30594) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * DELL EMC: System is not booting into RT Kernel with perc12 [kernel-rt] (BZ#2139863) * kernel-rt: update RT source tree to the latest Rocky Linux-9.1.z1 Batch (BZ#2141817) Copyright 2024 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

An update is available for kernel-rt. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: watch queue race condition can lead to privilege escalation (CVE-2022-2959) * kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964) * kernel: i915: Incorrect GPU TLB flush can lead to random memory access (CVE-2022-4139) * kernel: nfsd buffer overflow by RPC message over TCP with garbage data (CVE-2022-43945) * kernel: i2c: unbounded length leads to buffer overflow in ismt_access() (CVE-2022-3077) * kernel: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option (CVE-2022-30594) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * DELL EMC: System is not booting into RT Kernel with perc12 [kernel-rt] (BZ#2139863) * kernel-rt: update RT source tree to the latest Rocky Linux-9.1.z1 Batch (BZ#2141817) rocky-linux-9-x86-64-rt-rpms kernel-rt-5.14.0-162.12.1.rt21.175.el9_1.x86_64.rpm a7e1f3a73355138f0b833a118d6b89658f74d299cfa39c77f8a259395a7330c3 kernel-rt-core-5.14.0-162.12.1.rt21.175.el9_1.x86_64.rpm 5b68b98ea60d1532352676df69dd5f01bb4091a19159f80b4987be94ad3f9d5e kernel-rt-debug-5.14.0-162.12.1.rt21.175.el9_1.x86_64.rpm b3a01fa3e91d415b63e0da93758d281b8f25a549dc982bb9cad82a17be557220 kernel-rt-debug-core-5.14.0-162.12.1.rt21.175.el9_1.x86_64.rpm 46b42686c27706db3766e029fe5b849642652dd85ca7f4c7e8ccffb8ee5ad4c4 kernel-rt-debug-devel-5.14.0-162.12.1.rt21.175.el9_1.x86_64.rpm 3f1d53fb45a4edb3c5a2ae633202b7d9637faa9fb0c6d6cc8f4247124264c836 kernel-rt-debug-modules-5.14.0-162.12.1.rt21.175.el9_1.x86_64.rpm 1090f4e8d8356909d3e656f774eb05ac4b44af0bc3e9bb37ed084eb42bd15f79 kernel-rt-debug-modules-extra-5.14.0-162.12.1.rt21.175.el9_1.x86_64.rpm 9988382bde8954cac0c0b91da17ce38b528b25465fb25b642aa9a029fd577d49 kernel-rt-devel-5.14.0-162.12.1.rt21.175.el9_1.x86_64.rpm 1c5864022ae27f7f2f238959bbf5eb754d939c3064c782c20e02325a514c68c5 kernel-rt-modules-5.14.0-162.12.1.rt21.175.el9_1.x86_64.rpm c8fcbfdcf00d9e0b594bb22083bcfea58004e2009c316e66b776657e9bd58831 kernel-rt-modules-extra-5.14.0-162.12.1.rt21.175.el9_1.x86_64.rpm faa845cb72002e6899eee20b282e5859dfb66fd9180e99f0287e3a39a914bb30 RLSA-2023:0979 Important: kernel-rt security and bug fix update The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564) * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378) * kernel: use-after-free in __nfs42_ssc_open() in fs/nfs/nfs4file.c leading to remote Denial of Service attack (CVE-2022-4379) * kernel: Netfilter integer overflow vulnerability in nft_payload_copy_vlan (CVE-2023-0179) * kernel: an out-of-bounds vulnerability in i2c-ismt driver (CVE-2022-2873) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update RT source tree to the latest Rocky Linux-9.1.z2 Batch (BZ#2160463) Copyright 2024 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564) * kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378) * kernel: use-after-free in __nfs42_ssc_open() in fs/nfs/nfs4file.c leading to remote Denial of Service attack (CVE-2022-4379) * kernel: Netfilter integer overflow vulnerability in nft_payload_copy_vlan (CVE-2023-0179) * kernel: an out-of-bounds vulnerability in i2c-ismt driver (CVE-2022-2873) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update RT source tree to the latest Rocky Linux-9.1.z2 Batch (BZ#2160463) rocky-linux-9-x86-64-rt-rpms kernel-rt-5.14.0-162.18.1.rt21.181.el9_1.x86_64.rpm 7b3306e40d0eb276b81736e5b4d0a090b32e7428669108e3a9b5e9e6aaad5464 kernel-rt-core-5.14.0-162.18.1.rt21.181.el9_1.x86_64.rpm d982083ee4ad4d679065f00f97454fe4d98fa099b0c48fe7b43f336383a843f1 kernel-rt-debug-5.14.0-162.18.1.rt21.181.el9_1.x86_64.rpm 604d8762e724e8a645b855749d0e0e9356fece859c97bf6465dfb24c4bc2ef00 kernel-rt-debug-core-5.14.0-162.18.1.rt21.181.el9_1.x86_64.rpm 2bae5de2733341e8ae12f4f0ee969fac2d108d977898196276c97acef486a544 kernel-rt-debug-devel-5.14.0-162.18.1.rt21.181.el9_1.x86_64.rpm 0659314a6f21c051ddc70aaac21c744c84bbd3ee79324d9cd8f63d68b43a90d1 kernel-rt-debug-modules-5.14.0-162.18.1.rt21.181.el9_1.x86_64.rpm 7a2333a7b531b60da3f5bccf06897798f67f859911183f627c994ca49d0d74f0 kernel-rt-debug-modules-extra-5.14.0-162.18.1.rt21.181.el9_1.x86_64.rpm c3011279e4e4898e4cfc91e5c0dda8b355f934a49d40275bd757e97faa2c87e8 kernel-rt-devel-5.14.0-162.18.1.rt21.181.el9_1.x86_64.rpm 2a65d0b572d8b1c5d785424854a314aa0106e65d52e57f327be144ceb1fb955c kernel-rt-modules-5.14.0-162.18.1.rt21.181.el9_1.x86_64.rpm c785118454a0725cad5b48f0163e8f67e6015d1fe8b75d4ee0000473779c8810 kernel-rt-modules-extra-5.14.0-162.18.1.rt21.181.el9_1.x86_64.rpm 1f580e31f2eabb98c9c86eaa7afd295e34d4c2b9ae448672fb17633b7bac9cfa RLSA-2023:1469 Important: kernel-rt security and bug fix update The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: tun: avoid double free in tun_free_netdev (CVE-2022-4744) * ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF (CVE-2023-0266) * kernel: net: CPU soft lockup in TC mirred egress-to-ingress action (CVE-2022-4269) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update RT source tree to the latest Rocky Linux-9.1.z3 Batch (BZ#2170460) Copyright 2024 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: tun: avoid double free in tun_free_netdev (CVE-2022-4744) * ALSA: pcm: Move rwsem lock inside snd_ctl_elem_read to prevent UAF (CVE-2023-0266) * kernel: net: CPU soft lockup in TC mirred egress-to-ingress action (CVE-2022-4269) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update RT source tree to the latest Rocky Linux-9.1.z3 Batch (BZ#2170460) rocky-linux-9-x86-64-rt-rpms kernel-rt-5.14.0-162.22.2.rt21.186.el9_1.x86_64.rpm 568dd09bab56394023fe0306b75bd37ea022a6d953d67a0a684d0e3c09a062eb kernel-rt-core-5.14.0-162.22.2.rt21.186.el9_1.x86_64.rpm dfabf38ea0e692f2e9e79032718f856947f6c79322302ba7b3e71da432b89a43 kernel-rt-debug-5.14.0-162.22.2.rt21.186.el9_1.x86_64.rpm e1262ce076bfef2e64439348d0994b007be9dca1826f412e41ef1ae0ad9a65be kernel-rt-debug-core-5.14.0-162.22.2.rt21.186.el9_1.x86_64.rpm 68994eab42c1b61e40fb586c0db25b9e1e0120c20ef4cda336eed835530e3750 kernel-rt-debug-devel-5.14.0-162.22.2.rt21.186.el9_1.x86_64.rpm feeb3cbbbb86b394efd4f1c725cf5196c615e5d95da7d65ac35df62e428f9c09 kernel-rt-debug-modules-5.14.0-162.22.2.rt21.186.el9_1.x86_64.rpm 16b5584dc7bfa322f30bb2365392e97001f24356dd5550f329c994c5e13157d4 kernel-rt-debug-modules-extra-5.14.0-162.22.2.rt21.186.el9_1.x86_64.rpm 7ee7488f2e287486a29fef3c09b5ee84f602f58a61cea14ced64f4c07483bb99 kernel-rt-devel-5.14.0-162.22.2.rt21.186.el9_1.x86_64.rpm 557f3f925cb9019b8d559ef7d0c76d910b62d338d424a57306781e6985118e7d kernel-rt-modules-5.14.0-162.22.2.rt21.186.el9_1.x86_64.rpm 2825674e7d7e26a5e1d90766a5094258be1f1cfb5e3ff2360f0786df2c25c919 kernel-rt-modules-extra-5.14.0-162.22.2.rt21.186.el9_1.x86_64.rpm 5df494c468c21ba95a1e5d4330dfcf63dbcbb2d36f140cba6541b812c3f7ab5b RLBA-2023:2149 rteval bug fix and enhancement update For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. Copyright 2024 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

For detailed information on changes in this release, see the Rocky Linux 9.2 Release Notes linked from the References section. rocky-linux-9-x86-64-rt-rpms rteval-3.5-7.el9.noarch.rpm 04313b632c9cadc83f364224fade45c1340ef4995001f1f943d2be4b1ec5819f RLSA-2023:4378 Important: kernel-rt security and bug fix update The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: ipvlan: out-of-bounds write caused by unclear skb->cb (CVE-2023-3090) * kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt() (CVE-2023-35788) * kernel: KVM: x86/mmu: race condition in direct_page_fault() (CVE-2022-45869) * kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c (CVE-2023-0458) * kernel: Spectre v2 SMT mitigations problem (CVE-2023-1998) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Rocky Linux9 rt: blktests block/024 failed (BZ#2209920) * Backport pinned timers RT specific behavior for FIFO tasks (BZ#2210071) * kernel-rt: update RT source tree to the Rocky Linux-9.2z2 source tree (BZ#2215122) * kernel-rt: update RT source tree to the Rocky Linux-9.2z2b source tree (BZ#2222796) Copyright 2024 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: ipvlan: out-of-bounds write caused by unclear skb->cb (CVE-2023-3090) * kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt() (CVE-2023-35788) * kernel: KVM: x86/mmu: race condition in direct_page_fault() (CVE-2022-45869) * kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c (CVE-2023-0458) * kernel: Spectre v2 SMT mitigations problem (CVE-2023-1998) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Rocky Linux9 rt: blktests block/024 failed (BZ#2209920) * Backport pinned timers RT specific behavior for FIFO tasks (BZ#2210071) * kernel-rt: update RT source tree to the Rocky Linux-9.2z2 source tree (BZ#2215122) * kernel-rt: update RT source tree to the Rocky Linux-9.2z2b source tree (BZ#2222796) rocky-linux-9-x86-64-rt-rpms kernel-rt-5.14.0-284.25.1.rt14.310.el9_2.x86_64.rpm d5d3e0ee745dfcbb9dbc6a773cfafbfd49c4e4c06db98f3b1cc381bffe7b5547 kernel-rt-core-5.14.0-284.25.1.rt14.310.el9_2.x86_64.rpm 5f413a505a29ea03c4792323b3c27ac9fbafdfd0b1e2669909109b64b76c8660 kernel-rt-debug-5.14.0-284.25.1.rt14.310.el9_2.x86_64.rpm a0c3bb9c922ec87c324c4df02011fabb0b8eaf2b8b4a324073c27d5fe278ab36 kernel-rt-debug-core-5.14.0-284.25.1.rt14.310.el9_2.x86_64.rpm 8779a970a4895eac8324a6af97baa666e9d65db219632a3bc390017e03317bd0 kernel-rt-debug-devel-5.14.0-284.25.1.rt14.310.el9_2.x86_64.rpm 0984051db85dcd3f4d9f079cf27fcbec7c44c9058880bde94d32ada3dc352243 kernel-rt-debug-modules-5.14.0-284.25.1.rt14.310.el9_2.x86_64.rpm 68e66d8eb309b91153bbbbbef50355d764a918699f3ab8d54036f1bb7558e7b8 kernel-rt-debug-modules-core-5.14.0-284.25.1.rt14.310.el9_2.x86_64.rpm 07e68a8d61796b63fa3a08eca1b8568a1db32ab531f5e50c9e6ab5b78371dff2 kernel-rt-debug-modules-extra-5.14.0-284.25.1.rt14.310.el9_2.x86_64.rpm 1a0ca2666a8da6628db0d92f25a4a15e38c4c4550ca1fc7b1360b3c14203a4fe kernel-rt-devel-5.14.0-284.25.1.rt14.310.el9_2.x86_64.rpm 29942eecd8c51d51404ef8b5da0374f4eaaa48cd7e3768aea3b3a540a1bd8e05 kernel-rt-modules-5.14.0-284.25.1.rt14.310.el9_2.x86_64.rpm e0715d8df24665fba635bb39c814e94e065d3cabdff39ee50a1eb060cb62d028 kernel-rt-modules-core-5.14.0-284.25.1.rt14.310.el9_2.x86_64.rpm 34d09150036730776d065f2d8ca52183df1499d4f22388d6c638b335ec00c3d7 kernel-rt-modules-extra-5.14.0-284.25.1.rt14.310.el9_2.x86_64.rpm fc759ca2882b77c70138837d16791c0c4c023136c041173400214819488c57fa RLSA-2023:5091 Important: kernel-rt security and bug fix update The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests (CVE-2023-3390) * kernel: netfilter: nf_tables: fix chain binding transaction logic in the abort path of NFT_MSG_NEWRULE (CVE-2023-3610) * kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function (CVE-2023-3776) * kernel: netfilter: use-after-free due to improper element removal in nft_pipapo_remove() (CVE-2023-4004) * kernel: netfilter: nf_tables_newrule when adding a rule with NFTA_RULE_CHAIN_ID leads to use-after-free (CVE-2023-4147) * kernel: nf_tables: use-after-free in nft_chain_lookup_byid() (CVE-2023-31248) * kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval() (CVE-2023-35001) * kernel: save/restore speculative MSRs during S3 suspend/resume (CVE-2023-1637) * hw: amd: Cross-Process Information Leak (CVE-2023-20593) * kernel: bypass of shadow stack protection due to a logic error (CVE-2023-21102) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update RT source tree to the latest Rocky Linux-9.2.z3 Batch (BZ#2228482) Copyright 2024 Rocky Enterprise Software Foundation Rocky Linux 9 1 Important

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fix(es): * kernel: UAF in nftables when nft_set_lookup_global triggered after handling named and anonymous sets in batch requests (CVE-2023-3390) * kernel: netfilter: nf_tables: fix chain binding transaction logic in the abort path of NFT_MSG_NEWRULE (CVE-2023-3610) * kernel: net/sched: cls_fw component can be exploited as result of failure in tcf_change_indev function (CVE-2023-3776) * kernel: netfilter: use-after-free due to improper element removal in nft_pipapo_remove() (CVE-2023-4004) * kernel: netfilter: nf_tables_newrule when adding a rule with NFTA_RULE_CHAIN_ID leads to use-after-free (CVE-2023-4147) * kernel: nf_tables: use-after-free in nft_chain_lookup_byid() (CVE-2023-31248) * kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval() (CVE-2023-35001) * kernel: save/restore speculative MSRs during S3 suspend/resume (CVE-2023-1637) * hw: amd: Cross-Process Information Leak (CVE-2023-20593) * kernel: bypass of shadow stack protection due to a logic error (CVE-2023-21102) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * kernel-rt: update RT source tree to the latest Rocky Linux-9.2.z3 Batch (BZ#2228482) rocky-linux-9-x86-64-rt-rpms kernel-rt-5.14.0-284.30.1.rt14.315.el9_2.x86_64.rpm 6bbae94a9d3b7b50a9927f8d04442e4b3ad95af1f60ce0ca7d2f0634080c0e25 kernel-rt-core-5.14.0-284.30.1.rt14.315.el9_2.x86_64.rpm 3b36f33d29499faa4e10c53ccc5d18a9dbe56db9b75c7b053fd503766db64900 kernel-rt-debug-5.14.0-284.30.1.rt14.315.el9_2.x86_64.rpm 0d01c283085f35a114b9fad6c72941fba5e639bf8a41a4ec72a8bd46d54a84bd kernel-rt-debug-core-5.14.0-284.30.1.rt14.315.el9_2.x86_64.rpm 3e7c3c19b117f12f28168bd280f3ca79634906dc6cf5c97160795e7985c4e1d0 kernel-rt-debug-devel-5.14.0-284.30.1.rt14.315.el9_2.x86_64.rpm 6ee1c9e5759c9489594284e8327083dccd23f9351084cc57fe73ede3c9133b71 kernel-rt-debug-modules-5.14.0-284.30.1.rt14.315.el9_2.x86_64.rpm 7ae835a36bf956fec17589f6cec94b4e765cf6d4d1f5cedbeccff61243c31710 kernel-rt-debug-modules-core-5.14.0-284.30.1.rt14.315.el9_2.x86_64.rpm 1ea91fb66ee5a733a890d48fb5da533238f15a3f9c4a6142be7baada8ea7d1d1 kernel-rt-debug-modules-extra-5.14.0-284.30.1.rt14.315.el9_2.x86_64.rpm 9c944317b361a3fe0460d1102a7a2eb8114a85f690c60787ee294f1205e094ae kernel-rt-devel-5.14.0-284.30.1.rt14.315.el9_2.x86_64.rpm 2a69de78cf5788c599917bd6ea7eff236f65ebfd27de94baf4e1553f49b97ebd kernel-rt-modules-5.14.0-284.30.1.rt14.315.el9_2.x86_64.rpm 32887b9b7d12b840cd9188d5694f38e5d2cd51201e06ae01597bf3b7a16b60e9 kernel-rt-modules-core-5.14.0-284.30.1.rt14.315.el9_2.x86_64.rpm ea66c9ddaa5f9ce44221bdc2019eedf032b692a3cad971f2e752872d6d72c568 kernel-rt-modules-extra-5.14.0-284.30.1.rt14.315.el9_2.x86_64.rpm e30eee6cd4b640cdd6c8907048f3ee3065bb2f96a341a2d6aa65f3b8795b539e RLBA-2024:2111 rteval bug fix and enhancement update For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. Copyright 2024 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

For detailed information on changes in this release, see the Rocky Linux 9.4 Release Notes linked from the References section. rocky-linux-9-x86-64-rt-rpms rteval-3.7-7.el9.noarch.rpm 18d4e61ed3779f3bd43d908cd4e6619ee94ca8b8acd15d1e69e6f27ef97c47e5 RLSA-2024:2758 Moderate: kernel security and bug fix update The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240) * CVE-2024-25743 hw: amd: Instruction raise #VC exception at exit (AMD-SN-3008,CVE-2024-25742,CVE-2024-25743) Bug Fix(es): * ffdhe* algortihms introduced in 0a2e5b909023 as .fips_allowed=1 lack pairwise consistency tests (JIRA:Rocky Linux-27009) * mm/mglru: fix underprotected page cache (JIRA:Rocky Linux-29235) * [EMR] [TBOOT OS] SUT could not go to S3 state with Rocky Linux 9.2 Tboot OS One CPU return -16 running BUSY (JIRA:Rocky Linux-29673) * system hangs completely - NMI not possible (JIRA:Rocky Linux-30678) * ice 0000:6f:00.0: PTP failed to get time (JIRA:Rocky Linux-30110) Copyright 2024 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

An update is available for kernel. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Marvin vulnerability side-channel leakage in the RSA decryption operation (CVE-2023-6240) * CVE-2024-25743 hw: amd: Instruction raise #VC exception at exit (AMD-SN-3008,CVE-2024-25742,CVE-2024-25743) Bug Fix(es): * ffdhe* algortihms introduced in 0a2e5b909023 as .fips_allowed=1 lack pairwise consistency tests (JIRA:Rocky Linux-27009) * mm/mglru: fix underprotected page cache (JIRA:Rocky Linux-29235) * [EMR] [TBOOT OS] SUT could not go to S3 state with Rocky Linux 9.2 Tboot OS One CPU return -16 running BUSY (JIRA:Rocky Linux-29673) * system hangs completely - NMI not possible (JIRA:Rocky Linux-30678) * ice 0000:6f:00.0: PTP failed to get time (JIRA:Rocky Linux-30110) rocky-linux-9-x86-64-rt-rpms kernel-rt-5.14.0-427.16.1.el9_4.x86_64.rpm 70d80881dded2b5c0c29b2e275198e56d7d90778a29d6e8e80c3a1f9d49baa78 kernel-rt-core-5.14.0-427.16.1.el9_4.x86_64.rpm 4d3229f8d3cda4d33fdca9db011aecb1d98188cfff90c67c3033b24583476944 kernel-rt-debug-5.14.0-427.16.1.el9_4.x86_64.rpm 4e359e17e5c1504dd9b3636da82becf748bb9547a4337ed965ba34d89f2ef516 kernel-rt-debug-core-5.14.0-427.16.1.el9_4.x86_64.rpm 6f6ed98c2a4d659ecdf3828b67596bc25738554244eecaa46be4e6eb919fd335 kernel-rt-debug-devel-5.14.0-427.16.1.el9_4.x86_64.rpm 7e654bdc342f15d6b2d2010b9b7cbf4f518f7dfbdfecf676a817a1cfe9e01120 kernel-rt-debug-modules-5.14.0-427.16.1.el9_4.x86_64.rpm d3a47c7ea53e2f560bd4edff5197731dbd09f5b06044e82ccb88a7f0b8544bde kernel-rt-debug-modules-core-5.14.0-427.16.1.el9_4.x86_64.rpm 222c5f116b1d0ffd47ca4ed99cb52d3f25627d0f65a9d795413de86ebce3cd57 kernel-rt-debug-modules-extra-5.14.0-427.16.1.el9_4.x86_64.rpm c5052c437baec8ccf49155185727ef2e31a44da27c02d685a18aa42459cdd3fb kernel-rt-devel-5.14.0-427.16.1.el9_4.x86_64.rpm 34a2d319e68ce70e54bc4466c59604838c32ca2350ce2a5fc9afbdb0e1f6cfab kernel-rt-modules-5.14.0-427.16.1.el9_4.x86_64.rpm d29393987377e172a291c42585d37a322efa398bcccf6becc18a9a11a617ec3c kernel-rt-modules-core-5.14.0-427.16.1.el9_4.x86_64.rpm 67e01bf2fbb18eccb8074dc1f56b414b9b474be3cb5a0ae9954020bfe71ced46 kernel-rt-modules-extra-5.14.0-427.16.1.el9_4.x86_64.rpm 94e8a947c96bdbe305e9a2cb815e0e3b6c9ae777872a0f1c26ab4313d7115c0c RLSA-2024:3619 Moderate: kernel security and bug fix update The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: ipv6: sr: fix possible use-after-free and null-ptr-deref (CVE-2024-26735) * kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection() (CVE-2024-26993) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Copyright 2024 Rocky Enterprise Software Foundation Rocky Linux 9 1 Moderate

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: ipv6: sr: fix possible use-after-free and null-ptr-deref (CVE-2024-26735) * kernel: fs: sysfs: Fix reference leak in sysfs_break_active_protection() (CVE-2024-26993) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. rocky-linux-9-x86-64-rt-rpms kernel-rt-5.14.0-427.20.1.el9_4.x86_64.rpm d92231ce316aeb6bdf33786809b6bcecfe8c3699a2a45be24845e72b17e62390 kernel-rt-core-5.14.0-427.20.1.el9_4.x86_64.rpm 90be14197200f67342e8a922cc648f98e879d5534644d620c4f3eb09bbbd063a kernel-rt-debug-5.14.0-427.20.1.el9_4.x86_64.rpm 0b52e1dd9e8ae3bd2f22e7d91c32363beac455ecf9c9d9b58cb94407c9e6f88f kernel-rt-debug-core-5.14.0-427.20.1.el9_4.x86_64.rpm 9d9eb3ae53f5600a27d9ffbf7ff96a085a754432afbc9adc844986e5c171e0a0 kernel-rt-debug-devel-5.14.0-427.20.1.el9_4.x86_64.rpm c755d28b0edff995e62a5c512d669bad1f1357767d7d4e125069648520424610 kernel-rt-debug-modules-5.14.0-427.20.1.el9_4.x86_64.rpm 37dfa3970d6b6c842798864c48b8faa9b078d538882aff16514045e161c016af kernel-rt-debug-modules-core-5.14.0-427.20.1.el9_4.x86_64.rpm ff4e281020412bbcb919fc44fb75b5a30458938279238d4315bd49755fcada85 kernel-rt-debug-modules-extra-5.14.0-427.20.1.el9_4.x86_64.rpm 079b63845682699ca37cd6147b7b4aae2fd15820c0aa470f576363f6bf03f7bd kernel-rt-devel-5.14.0-427.20.1.el9_4.x86_64.rpm dba23feb84368132ec94a1a021a8ca0c068dda334c67c366a50cd5bd1306260c kernel-rt-modules-5.14.0-427.20.1.el9_4.x86_64.rpm d7d2c81c0a721b09cb8c07d0449ea6e2bb77ef08ca603c69a73781f5709483c0 kernel-rt-modules-core-5.14.0-427.20.1.el9_4.x86_64.rpm 06143ab57e8f4302ea5cb196debf9433e65801613115cc4106c2c22fd423c691 kernel-rt-modules-extra-5.14.0-427.20.1.el9_4.x86_64.rpm ed6954567202825fb678edeeec58675575320efcf6172c9ea98ad09d2bbc75cb RLBA-2024:3983 kernel bug fix update The kernel packages contain the Linux kernel, the core of any Linux operating system. Bug Fix(es): * [DELL 9.4 BUG] - Screen shows garbage sometimes [rhel-9.4.z] (JIRA:Rocky Linux-36534) * cifs - Unable to mount CIFS shares after upgrading to Rocky Linux9.4 (JIRA:Rocky Linux-36743) * [Azure][Rocky Linux-9][MANA]System crash at skbuff when set mtu=100 [rhel-9.4.z] (JIRA:Rocky Linux-37622) * selective backport from perf upstream v6.8 to fix AmpereOne and Nvidia support [rhel-9.4.z] (JIRA:Rocky Linux-34991) * [Intel 9.5 FEAT] [SRF] performance: hwmon: (coretemp) Fix core count limitation [rhel-9.4.z] (JIRA:Rocky Linux-35447) * CNB95: dpll: rebase DPLL to upstream v6.8 [rhel-9.4.z] (JIRA:Rocky Linux-36572) * ice: IRQs being moved to isolated CPUs and causing latency issues [rhel-9.4.z] (JIRA:Rocky Linux-38512) * Bluetooth device disappears from the device list after a few minutes with AX211 [rhel-9.4.z] (JIRA:Rocky Linux-38524) * deadlock on dfs_cache_refresh [rhel-9.4.z] (JIRA:Rocky Linux-38904) * [DELL 9.3 BUG]Unexpected message "integrity: Problem loading X.509 certificate -126" occurred on boot screen. [rhel-9.4.z] (JIRA:Rocky Linux-39933) * [rhel9-rt-debug] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:46 ( clocksource_mark_unstable) (JIRA:Rocky Linux-9296) Copyright 2024 Rocky Enterprise Software Foundation Rocky Linux 9 1 None

The kernel packages contain the Linux kernel, the core of any Linux operating system. Bug Fix(es): * [DELL 9.4 BUG] - Screen shows garbage sometimes [rhel-9.4.z] (JIRA:Rocky Linux-36534) * cifs - Unable to mount CIFS shares after upgrading to Rocky Linux9.4 (JIRA:Rocky Linux-36743) * [Azure][Rocky Linux-9][MANA]System crash at skbuff when set mtu=100 [rhel-9.4.z] (JIRA:Rocky Linux-37622) * selective backport from perf upstream v6.8 to fix AmpereOne and Nvidia support [rhel-9.4.z] (JIRA:Rocky Linux-34991) * [Intel 9.5 FEAT] [SRF] performance: hwmon: (coretemp) Fix core count limitation [rhel-9.4.z] (JIRA:Rocky Linux-35447) * CNB95: dpll: rebase DPLL to upstream v6.8 [rhel-9.4.z] (JIRA:Rocky Linux-36572) * ice: IRQs being moved to isolated CPUs and causing latency issues [rhel-9.4.z] (JIRA:Rocky Linux-38512) * Bluetooth device disappears from the device list after a few minutes with AX211 [rhel-9.4.z] (JIRA:Rocky Linux-38524) * deadlock on dfs_cache_refresh [rhel-9.4.z] (JIRA:Rocky Linux-38904) * [DELL 9.3 BUG]Unexpected message "integrity: Problem loading X.509 certificate -126" occurred on boot screen. [rhel-9.4.z] (JIRA:Rocky Linux-39933) * [rhel9-rt-debug] BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:46 ( clocksource_mark_unstable) (JIRA:Rocky Linux-9296) rocky-linux-9-x86-64-rt-rpms kernel-rt-5.14.0-427.22.1.el9_4.x86_64.rpm 25ca006830a2a4c84206093b7091c98e3139ac4007c51ca139d1c0189a60bf5d kernel-rt-core-5.14.0-427.22.1.el9_4.x86_64.rpm 301e65823f8caf28c89022205f76e0e5de20f0f9161123bbd8a3d46f9c0c46c2 kernel-rt-debug-5.14.0-427.22.1.el9_4.x86_64.rpm fefe6204602302f82f04ab3b999e7ec17c02a660f3e6dc1c3dd0370763791278 kernel-rt-debug-core-5.14.0-427.22.1.el9_4.x86_64.rpm 93a62e9eb1f66b2627941d81ac8cde4e9d58f4d8b8bb4824cd26ce4edf8d9c11 kernel-rt-debug-devel-5.14.0-427.22.1.el9_4.x86_64.rpm 1e2d275a9409cb676f2d4a1f4680d40c3b7ac21fe05066688586b46801d789f3 kernel-rt-debug-modules-5.14.0-427.22.1.el9_4.x86_64.rpm f00769dca2f72ddcc8bf793c4f56942f014d78615e899274d69b858c0b1ffeb9 kernel-rt-debug-modules-core-5.14.0-427.22.1.el9_4.x86_64.rpm b00fdec7a57dc8223d3d4994b030f19fa62579c25e285a91e83d929577f96e7b kernel-rt-debug-modules-extra-5.14.0-427.22.1.el9_4.x86_64.rpm 7b0ce75125b0ebcc0833b45e19f868e5ad05b9a6e978b8f71f982f31ba3deade kernel-rt-devel-5.14.0-427.22.1.el9_4.x86_64.rpm 0d2a7e5c3af56d3dc075b376e7a6a7b33b8a261349f85af6e6d0b73b23bcddb9 kernel-rt-modules-5.14.0-427.22.1.el9_4.x86_64.rpm 7f3cc86c2d07d077c1e660b1ec6db7a717a89a57ae1003dcfe6390e7160af58c kernel-rt-modules-core-5.14.0-427.22.1.el9_4.x86_64.rpm 786950035b982c0328b13f9f37a349ad6dee64727e175aa795d32767aeedc464 kernel-rt-modules-extra-5.14.0-427.22.1.el9_4.x86_64.rpm f1a2842ba043c2b75ae455330f684e421bf4a99040e6a17c04219bda29622a69