kernel-debug-modules-extra-5.14.0-611.54.3.el9_7 RPM for aarch64

From AlmaLinux 9.7 BaseOS for aarch64

This package provides less commonly used kernel modules for the kernel package.

Provides

• kernel-debug-modules-extra
• config(kernel-debug-modules-extra)
• installonlypkg(kernel-module)
• kernel(__fou_build_header)
• kernel(__gue_build_header)
• kernel(fou_encap_hlen)
• kernel(gue_encap_hlen)
• kernel(l2tp_ioctl)
• kernel(l2tp_nl_register_ops)
• kernel(l2tp_nl_unregister_ops)
• kernel(l2tp_recv_common)
• kernel(l2tp_session_create)
• kernel(l2tp_session_dec_refcount)
• kernel(l2tp_session_delete)
• kernel(l2tp_session_get)
• kernel(l2tp_session_get_by_ifname)
• kernel(l2tp_session_get_nth)
• kernel(l2tp_session_inc_refcount)
• kernel(l2tp_session_register)
• kernel(l2tp_session_set_header_len)
• kernel(l2tp_sk_to_tunnel)
• kernel(l2tp_tunnel_create)
• kernel(l2tp_tunnel_dec_refcount)
• kernel(l2tp_tunnel_delete)
• kernel(l2tp_tunnel_get)
• kernel(l2tp_tunnel_get_nth)
• kernel(l2tp_tunnel_get_session)
• kernel(l2tp_tunnel_inc_refcount)
• kernel(l2tp_tunnel_register)
• kernel(l2tp_udp_encap_recv)
• kernel(l2tp_xmit_skb)
• kernel(sctp_do_peeloff)
• kernel(sctp_for_each_endpoint)
• kernel(sctp_get_sctp_info)
• kernel(sctp_transport_lookup_process)
• kernel(sctp_transport_traverse_process)
• kernel-debug-modules-extra(aarch-64)
• kernel-debug-modules-extra-aarch64
• kernel-debug-modules-extra-aarch64
• kernel-debug-modules-extra-uname-r
• kmod(aer_inject.ko)
• kmod(br2684.ko)
• kmod(clip.ko)
• kmod(cuse.ko)
• kmod(ems_usb.ko)
• kmod(fou.ko)
• kmod(fou6.ko)
• kmod(l2tp_core.ko)
• kmod(l2tp_debugfs.ko)
• kmod(l2tp_eth.ko)
• kmod(l2tp_ip.ko)
• kmod(l2tp_ip6.ko)
• kmod(l2tp_netlink.ko)
• kmod(l2tp_ppp.ko)
• kmod(lec.ko)
• kmod(pppoatm.ko)
• kmod(sctp.ko)
• kmod(sctp_diag.ko)
• kmod(slcan.ko)
• kmod(slip.ko)
• kmod(tcp_bic.ko)
• kmod(tcp_htcp.ko)
• kmod(tcp_illinois.ko)
• kmod(tcp_westwood.ko)
• kmod(test_lockup.ko)
• kmod(vcan.ko)
• modalias(char-major-10-203)
• modalias(devname:cuse)
• modalias(net-l2tp-type-5)
• modalias(net-l2tp-type-7)
• modalias(net-pf-10-proto-115)
• modalias(net-pf-10-proto-115-type-2)
• modalias(net-pf-10-proto-132)
• modalias(net-pf-16-proto-16-family-l2tp)
• modalias(net-pf-16-proto-4-type-2-132)
• modalias(net-pf-2-proto-115)
• modalias(net-pf-2-proto-115-type-2)
• modalias(net-pf-2-proto-132)
• modalias(net-pf-24-proto-1)
• modalias(rtnl-link-vcan)
• modalias(tty-ldisc-1)
• modalias(tty-ldisc-17)

Requires

• /bin/sh
• /bin/sh
• kernel-debug-modules-core-uname-r = 5.14.0-611.54.3.el9_7.aarch64+debug
• kernel-debug-modules-uname-r = 5.14.0-611.54.3.el9_7.aarch64+debug
• kernel-uname-r = 5.14.0-611.54.3.el9_7.aarch64+debug
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsXz) <= 5.2-1

License

((GPL-2.0-only WITH Linux-syscall-note) OR BSD-2-Clause) AND ((GPL-2.0-only WITH Linux-syscall-note) OR BSD-3-Clause) AND ((GPL-2.0-only WITH Linux-syscall-note) OR CDDL-1.0) AND ((GPL-2.0-only WITH Linux-syscall-note) OR Linux-OpenIB) AND ((GPL-2.0-only WITH Linux-syscall-note) OR MIT) AND ((GPL-2.0-or-later WITH Linux-syscall-note) OR BSD-3-Clause) AND ((GPL-2.0-or-later WITH Linux-syscall-note) OR MIT) AND Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND BSD-3-Clause-Clear AND GFDL-1.1-no-invariants-or-later AND GPL-1.0-or-later AND (GPL-1.0-or-later OR BSD-3-Clause) AND (GPL-1.0-or-later WITH Linux-syscall-note) AND GPL-2.0-only AND (GPL-2.0-only OR Apache-2.0) AND (GPL-2.0-only OR BSD-2-Clause) AND (GPL-2.0-only OR BSD-3-Clause) AND (GPL-2.0-only OR CDDL-1.0) AND (GPL-2.0-only OR GFDL-1.1-no-invariants-or-later) AND (GPL-2.0-only OR GFDL-1.2-no-invariants-only) AND (GPL-2.0-only WITH Linux-syscall-note) AND GPL-2.0-or-later AND (GPL-2.0-or-later OR BSD-2-Clause) AND (GPL-2.0-or-later OR BSD-3-Clause) AND (GPL-2.0-or-later OR CC-BY-4.0) AND (GPL-2.0-or-later WITH GCC-exception-2.0) AND (GPL-2.0-or-later WITH Linux-syscall-note) AND ISC AND LGPL-2.0-or-later AND (LGPL-2.0-or-later OR BSD-2-Clause) AND (LGPL-2.0-or-later WITH Linux-syscall-note) AND LGPL-2.1-only AND (LGPL-2.1-only OR BSD-2-Clause) AND (LGPL-2.1-only WITH Linux-syscall-note) AND LGPL-2.1-or-later AND (LGPL-2.1-or-later WITH Linux-syscall-note) AND (Linux-OpenIB OR GPL-2.0-only) AND (Linux-OpenIB OR GPL-2.0-only OR BSD-2-Clause) AND Linux-man-pages-copyleft AND MIT AND (MIT OR GPL-2.0-only) AND (MIT OR GPL-2.0-or-later) AND (MIT OR LGPL-2.1-only) AND (MPL-1.1 OR GPL-2.0-only) AND (X11 OR GPL-2.0-only) AND (X11 OR GPL-2.0-or-later) AND Zlib AND (copyleft-next-0.3.1 OR GPL-2.0-or-later)

Changelog

* Thu May 07 2026 Andrew Lukoshko <alukoshko@almalinux.org> - 5.14.0-611.54.3
  - rxrpc: linearize incoming DATA packet when it has paged frags
* Thu May 07 2026 Andrew Lukoshko <alukoshko@almalinux.org> - 5.14.0-611.54.2
  - xfrm: esp: avoid in-place decrypt on shared skb frags
* Wed May 06 2026 Andrew Lukoshko <alukoshko@almalinux.org> - 5.14.0-611.54.1
  - hpsa: bring back deprecated PCI ids #CFHack #CFHack2024
  - mptsas: bring back deprecated PCI ids #CFHack #CFHack2024
  - megaraid_sas: bring back deprecated PCI ids #CFHack #CFHack2024
  - qla2xxx: bring back deprecated PCI ids #CFHack #CFHack2024
  - qla4xxx: bring back deprecated PCI ids
  - lpfc: bring back deprecated PCI ids
  - be2iscsi: bring back deprecated PCI ids
  - kernel/rh_messages.h: enable all disabled pci devices by moving to
    unmaintained
* Wed May 06 2026 Eduard Abdullin <eabdullin@almalinux.org> - 5.14.0-611.54.1
  - Use AlmaLinux OS secure boot cert
  - Debrand for AlmaLinux OS
  - Add KVM support for ppc64le
* Sat May 02 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
  - crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
  - crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
  - crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
  - crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
  - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
  - crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
  - crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
  - crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
  - crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
  - crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]
* Thu Apr 23 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.53.1.el9_7]
  - tracing: Fix a warning when allocating buffered events fails (CKI KWF BOT) [RHEL-169366]
  - tracing: Fix a possible race when disabling buffered events (CKI KWF BOT) [RHEL-169366]
  - tracing: Fix incomplete locking when disabling buffered events (CKI KWF BOT) [RHEL-169366]
  - thunderbolt: Fix wake on connect at runtime (Desnes Nunes) [RHEL-104807]
  - thunderbolt: Fix a logic error in wake on connect (Desnes Nunes) [RHEL-104807]
  - thunderbolt: Use wake on connect and disconnect over suspend (Desnes Nunes) [RHEL-104807]
  - i2c: i801: Revert "i2c: i801: replace acpi_lock with I2C bus lock" (David Arcari) [RHEL-155311]
  - net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and shared blocks (CKI Backport Bot) [RHEL-157327] {CVE-2026-23270}
* Tue Apr 21 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.52.1.el9_7]
  - libceph: reset sparse-read state in osd_fault() (CKI Backport Bot) [RHEL-150464] {CVE-2026-23136}
* Thu Apr 16 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.51.1.el9_7]
  - nfsd: fix heap overflow in NFSv4.0 LOCK replay cache (Scott Mayhew) [RHEL-167016] {CVE-2026-31402}
  - i40e: support generic devlink param "max_mac_per_vf" (Mohammad Heib) [RHEL-121643]
  - devlink: Add new "max_mac_per_vf" generic device param (Mohammad Heib) [RHEL-121643]
  - i40e: improve VF MAC filters accounting (Mohammad Heib) [RHEL-121643]
* Fri Apr 10 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.50.1.el9_7]
  - smb: client: fix krb5 mount with username option (Paulo Alcantara) [RHEL-158987]
  - md/raid1: fix data lost for writemostly rdev (Nigel Croxon) [RHEL-143624]
* Tue Apr 07 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.49.1.el9_7]
  - rtnetlink: Allocate vfinfo size for VF GUIDs when supported (Kamal Heib) [RHEL-149469] {CVE-2025-22075}
* Fri Apr 03 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.48.1.el9_7]
  - scsi: qla2xxx: Fix improper freeing of purex item (CKI Backport Bot) [RHEL-159222] {CVE-2025-68741}
  - NFSv4: Check for delegation validity in nfs_start_delegation_return_locked() (Scott Mayhew) [RHEL-151414]
  - Bluetooth: MGMT: Fix memory leak in set_ssp_complete (David Marlin) [RHEL-151728]
  - Bluetooth: hci_uart: fix null-ptr-deref in hci_uart_write_work (David Marlin) [RHEL-151728]
  - Bluetooth: btusb: revert use of devm_kzalloc in btusb (David Marlin) [RHEL-151728]
  - Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF (David Marlin) [RHEL-151728]
  - net: hv_netvsc: reject RSS hash key programming without RX indirection table (Medha Mummigatti) [RHEL-150571]
  - net/sched: sch_cake: Fix incorrect qlen reduction in cake_drop (CKI Backport Bot) [RHEL-150455] {CVE-2025-39766}
  - net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit (CKI Backport Bot) [RHEL-150455] {CVE-2025-39766}
  - iommu/vt-d: Deduplicate cache_tag_flush_all by reusing flush_range (Jerry Snitselaar) [RHEL-144218]
  - iommu/vt-d: Fix missing PASID in dev TLB flush with cache_tag_flush_all (Jerry Snitselaar) [RHEL-144218]
  - i40e: validate ring_len parameter against hardware-specific values (CKI Backport Bot) [RHEL-141722]
* Tue Mar 31 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.47.1.el9_7]
  - net/mlx5: Fix ECVF vports unload on shutdown flow (CKI Backport Bot) [RHEL-154537] {CVE-2025-38109}
  - netfilter: nf_tables: fix use-after-free in nf_tables_addchain() (CKI Backport Bot) [RHEL-153269] {CVE-2026-23231}
  - ice: Fix PTP NULL pointer dereference during VSI rebuild (CKI Backport Bot) [RHEL-150245] {CVE-2026-23210}
  - netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() (CKI Backport Bot) [RHEL-149748] {CVE-2026-23111}
* Thu Mar 26 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.46.1.el9_7]
  - ice: fix page leak for zero-size Rx descriptors (CKI Backport Bot) [RHEL-154094]
  - net: mana: Reduce waiting time if HWC not responding (Maxim Levitsky) [RHEL-92243]
* Sat Mar 21 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.45.1.el9_7]
  - net/sched: cls_u32: use skb_header_pointer_careful() (Paolo Abeni) [RHEL-150403] {CVE-2026-23204}
  - net: add skb_header_pointer_careful() helper (Paolo Abeni) [RHEL-150403]
  - iommu: Skip PASID validation for devices without PASID capability (Eder Zulian) [RHEL-95264]
* Thu Mar 19 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.44.1.el9_7]
  - nfsd: add list_head nf_gc to struct nfsd_file (Roberto Bergantinos Corpas) [RHEL-152551]
  - redhat: genlog: add new JIRA cloud server hostname (Jan Stancek)
  - smb: client: fix oops due to uninitialised var in smb2_unlink() (Paulo Alcantara) [RHEL-154395]
  - cifs: some missing initializations on replay (Paulo Alcantara) [RHEL-154395]
  - smb: client: fix potential UAF and double free in smb2_open_file() (Paulo Alcantara) [RHEL-154395]
  - smb/client: fix memory leak in smb2_open_file() (Paulo Alcantara) [RHEL-154395]
  - smb: client: split cached_fid bitfields to avoid shared-byte RMW races (Paulo Alcantara) [RHEL-154395]
  - bonding: fix use-after-free due to enslave fail after slave array update (CKI Backport Bot) [RHEL-152383] {CVE-2026-23171}
  - mm/damon/sysfs: cleanup attrs subdirs on context dir setup failure (CKI Backport Bot) [RHEL-150477] {CVE-2026-23144}
  - macvlan: observe an RCU grace period in macvlan_common_newlink() error path (Hangbin Liu) [RHEL-150226]
  - macvlan: fix error recovery in macvlan_common_newlink() (CKI Backport Bot) [RHEL-150226] {CVE-2026-23209}
  - dpll: zl3073x: Fix output pin phase adjustment sign (CKI Backport Bot) [RHEL-149764]
  - scsi: s390: zfcp: Ensure synchronous unit_add (CKI Backport Bot) [RHEL-143736]
* Tue Mar 17 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.43.1.el9_7]
  - scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_count() (CKI Backport Bot) [RHEL-150422] {CVE-2026-23193}
  - ALSA: aloop: Fix racy access at PCM trigger (CKI Backport Bot) [RHEL-150130] {CVE-2026-23191}
  - net: atm: fix /proc/net/atm/lec handling (Hangbin Liu) [RHEL-146421] {CVE-2025-38180}
  - net: atm: add lec_mutex (Hangbin Liu) [RHEL-146421] {CVE-2025-38323}
  - drm/sched: Fix potential double free in drm_sched_job_add_resv_dependencies (Mika Penttilä) [RHEL-125460] {CVE-2025-40096}
* Thu Mar 12 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.42.1.el9_7]
  - scsi: qla2xxx: Allow recovery for tape devices (Ewan D. Milne) [RHEL-153437]
  - xfs: set max_agbno to allow sparse alloc of last full inode chunk (Brian Foster) [RHEL-142600]
  - mm/debug_vm_pgtable: clear page table entries at destroy_args() (Herton R. Krzesinski) [RHEL-128734]
  - kbuild: use $(srctree)/$(src) for some Makefiles to fix the buildcheck test (Herton R. Krzesinski) [RHEL-106032]
* Sat Mar 07 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.41.1.el9_7]
  - net: vxlan: prevent NULL deref in vxlan_xmit_one (Antoine Tenart) [RHEL-133369]
  - ACPI: PRM: Reduce unnecessary printing to avoid user confusion (Mark Langsdorf) [RHEL-123057]
* Thu Mar 05 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.40.1.el9_7]
  - s390/pci: Allow automatic recovery with minimal driver support (CKI Backport Bot) [RHEL-118881]
  - mm/hugetlb: ignore hugepage kernel args if hugepages are unsupported (Luiz Capitulino) [RHEL-143846]
* Tue Mar 03 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.39.1.el9_7]
  - HID: intel-thc-hid: intel-thc: Fix incorrect pointer arithmetic in I2C regs save (CKI Backport Bot) [RHEL-142232] {CVE-2025-39818}
* Sat Feb 28 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.38.1.el9_7]
  - mlxsw: spectrum_mr: Fix use-after-free when updating multicast route stats (CKI Backport Bot) [RHEL-143194] {CVE-2025-68800}
* Thu Feb 26 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.37.1.el9_7]
  - printk: Use console_is_usable on console_unblank (CKI Backport Bot) [RHEL-148302]
  - printk: Check CON_SUSPEND when unblanking a console (CKI Backport Bot) [RHEL-148302]
  - printk: Avoid irq_work for printk_deferred() on suspend (CKI Backport Bot) [RHEL-148302]
  - printk: Avoid scheduling irq_work on suspend (CKI Backport Bot) [RHEL-148302]
  - printk: nbcon: Allow reacquire during panic (CKI Backport Bot) [RHEL-148302]
  - printk: Allow printk_trigger_flush() to flush all types (CKI Backport Bot) [RHEL-148302]
  - printk: nbcon: Use raw_cpu_ptr() instead of open coding (CKI Backport Bot) [RHEL-148302]
  - backport "printk: Add helper for flush type logic" and associated changes (CKI Backport Bot) [RHEL-148302]
  - printk: Remove redundant deferred check in vprintk() (CKI Backport Bot) [RHEL-148302]
  - printk: Introduce force_legacy_kthread() macro (CKI Backport Bot) [RHEL-148302]
  - printk: Add is_printk_legacy_deferred() (CKI Backport Bot) [RHEL-148302]
  - io_uring/sqpoll: don't put task_struct on tctx setup failure (Jeff Moyer) [RHEL-137988]
  - io_uring: consistently use rcu semantics with sqpoll thread (Jeff Moyer) [RHEL-137988]
  - io_uring: fix use-after-free of sq->thread in __io_uring_show_fdinfo() (Jeff Moyer) [RHEL-137988] {CVE-2025-38106}
  - io_uring/sqpoll: fix sqpoll error handling races (Jeff Moyer) [RHEL-137988]
  - io_uring/sqpoll: annotate debug task == current with data_race() (Jeff Moyer) [RHEL-137988]
  - macvlan: fix possible UAF in macvlan_forward_source() (CKI Backport Bot) [RHEL-144125] {CVE-2026-23001}
  - net/smc: Fix lookup of netdev by using ib_device_get_netdev() (CKI Backport Bot) [RHEL-114786]
* Tue Feb 24 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.36.1.el9_7]
  - net/smc: Remove validation of reserved bits in CLC Decline message (Mete Durlu) [RHEL-143718]
  - autofs: dont trigger mount if it cant succeed (Ian Kent) [RHEL-149495]
  - migrate: correct lock ordering for hugetlb file folios (Luiz Capitulino) [RHEL-147266] {CVE-2026-23097}
  - ice: PTP: fix missing timestamps on E825 hardware (CKI Backport Bot) [RHEL-148166]
  - fou: Don't allow 0 for FOU_ATTR_IPPROTO. (Xin Long) [RHEL-144987]
  - tools: ynl: Specify --no-line-number in ynl-regen.sh. (Xin Long) [RHEL-144987]
  - gue: Fix skb memleak with inner IP protocol 0. (Xin Long) [RHEL-144987]
  - netlink: specs: fou: replace underscores with dashes in names (Xin Long) [RHEL-144987]
  - fou: fix initialization of grc (Xin Long) [RHEL-144987]
  - fou: Fix null-ptr-deref in GRO. (Xin Long) [RHEL-144987]
  - fou: remove warn in gue_gro_receive on unsupported protocol (Xin Long) [RHEL-144987]
  - fou: Remove XRFM from NET_FOU Kconfig (Xin Long) [RHEL-144987]
  - fou: remove sparse errors (Xin Long) [RHEL-144987]
  - redhat: enable FOU modules in kernel-modules-extra (Xin Long) [RHEL-144987]
  - s390/mm: Fix __ptep_rdp() inline assembly (Mete Durlu) [RHEL-143713]
  - dpll: expose fractional frequency offset in ppt (Ivan Vecera) [RHEL-146357]
  - dpll: zl3073x: Implement device mode setting support (Ivan Vecera) [RHEL-147459]
  - dpll: add dpll_device op to set working mode (Ivan Vecera) [RHEL-147459]
  - dpll: add dpll_device op to get supported modes (Ivan Vecera) [RHEL-147459]
  - i40e: add rh_phys_port_name mod option to behave like upstream (CKI Backport Bot) [RHEL-128237]
  - ice: add rh_phys_port_name mod option to behave like upstream (CKI Backport Bot) [RHEL-128237]
  - scsi: qla2xxx: Fix bsg_done() causing double free (Ewan D. Milne) [RHEL-146049]
  - ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr() (CKI Backport Bot) [RHEL-143545] {CVE-2025-71085}
  - tick/sched: Limit non-timekeeper CPUs calling jiffies update (Phil Auld) [RHEL-141462]
  - smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match(). (Mete Durlu) [RHEL-130017] {CVE-2025-40168}
* Tue Feb 17 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.35.1.el9_7]
  - page_pool: Fix use-after-free in page_pool_recycle_in_ring (Paolo Abeni) [RHEL-137841] {CVE-2025-38129}
  - exfat: fix double free in delayed_free (CKI Backport Bot) [RHEL-146403] {CVE-2025-38206}
* Sat Feb 07 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.34.1.el9_7]
  - scsi: storvsc: Process unsupported MODE_SENSE_10 (Li Tian) [RHEL-145183]
  - smb: client: Add tracepoint for krb5 auth (Paulo Alcantara) [RHEL-127498]
  - smb: client: improve error message when creating SMB session (Paulo Alcantara) [RHEL-127498]
  - smb: client: relax session and tcon reconnect attempts (Paulo Alcantara) [RHEL-127498]
  - cifs: #include cifsglob.h before trace.h to allow structs in tracepoints (Paulo Alcantara) [RHEL-127498]
  - smc: Fix use-after-free in __pnet_find_base_ndev(). (Mete Durlu) [RHEL-126890] {CVE-2025-40064}
* Thu Feb 05 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.33.1.el9_7]
  - i40e: avoid redundant VF link state updates (CKI Backport Bot) [RHEL-141877]
  - x86/sev: Guard sev_evict_cache() with CONFIG_AMD_MEM_ENCRYPT (Paolo Bonzini) [RHEL-128030]
  - x86/sev: Evict cache lines during SNP memory validation (Paolo Bonzini) [RHEL-128030]
  - ntb_hw_switchtec: Fix shift-out-of-bounds in switchtec_ntb_mw_set_trans (Myron Stowe) [RHEL-132891] {CVE-2023-53034}
  - fbdev: Add bounds checking in bit_putcs to fix vmalloc-out-of-bounds (CKI Backport Bot) [RHEL-137683] {CVE-2025-40304}
  - crypto: iaa - Optimize rebalance_wq_table() (Jay Shin) [RHEL-137272]
  - fbdev: bitblit: bound-check glyph index in bit_putcs* (CKI Backport Bot) [RHEL-136942] {CVE-2025-40322}
  - bpf: Do not audit capability check in do_jit() (Jay Shin) [RHEL-135137]
* Tue Feb 03 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.32.1.el9_7]
  - svcrdma: use rc_pageoff for memcpy byte offset (CKI Backport Bot) [RHEL-142790] {CVE-2025-68811}
  - NFSv4/pNFS: Clear NFS_INO_LAYOUTCOMMIT in pnfs_mark_layout_stateid_invalid (CKI Backport Bot) [RHEL-140260] {CVE-2025-68349}
* Sat Jan 31 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.31.1.el9_7]
  - nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec (CKI Backport Bot) [RHEL-144332] {CVE-2026-22998}
* Thu Jan 29 2026 CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.30.1.el9_7]
  - io_uring/net: commit partial buffers on retry (Jeff Moyer) [RHEL-137329] {CVE-2025-38730}
  - io_uring/kbuf: add io_kbuf_commit() helper (Jeff Moyer) [RHEL-137329]
  - io_uring/kbuf: use 'bl' directly rather than req->buf_list (Jeff Moyer) [RHEL-137329]
  - ice: prevent NULL deref in ice_lag_move_new_vf_nodes() (Michal Schmidt) [RHEL-143296]
  - net: openvswitch: Avoid needlessly taking the RTNL on vport destroy (Adrian Moreno) [RHEL-141404]
  - atm: clip: Fix infinite recursive call of clip_push(). (Guillaume Nault) [RHEL-137601] {CVE-2025-38459}
  - dpll: zl3073x: Remove unused dev wrappers (Ivan Vecera) [RHEL-139699]
  - dpll: zl3073x: Cache all output properties in zl3073x_out (Ivan Vecera) [RHEL-139699]
  - dpll: zl3073x: Cache all reference properties in zl3073x_ref (Ivan Vecera) [RHEL-139699]
  - dpll: zl3073x: Cache reference monitor status (Ivan Vecera) [RHEL-139699]
  - dpll: zl3073x: Split ref, out, and synth logic from core (Ivan Vecera) [RHEL-139699]
  - dpll: zl3073x: Store raw register values instead of parsed state (Ivan Vecera) [RHEL-139699]
  - dpll: fix device-id-get and pin-id-get to return errors properly (Ivan Vecera) [RHEL-139699]
  - dpll: spec: add missing module-name and clock-id to pin-get reply (Ivan Vecera) [RHEL-139699]
  - dpll: zl3073x: Allow to configure phase offset averaging factor (Ivan Vecera) [RHEL-139699]
  - dpll: add phase_offset_avg_factor_get/set callback ops (Ivan Vecera) [RHEL-139699]
  - dpll: add phase-offset-avg-factor device attribute to netlink spec (Ivan Vecera) [RHEL-139699]
  - dpll: fix clock quality level reporting (Ivan Vecera) [RHEL-139699]
  - dpll: add reference sync get/set (Ivan Vecera) [RHEL-139699]
  - dpll: add reference-sync netlink attribute (Ivan Vecera) [RHEL-139699]
  - dpll: remove documentation of rclk_dev_name (Ivan Vecera) [RHEL-139699]
  - net: use dst_dev_rcu() in sk_setup_caps() (Hangbin Liu) [RHEL-129084] {CVE-2025-40170}
  - ipv4: use RCU protection in ip_dst_mtu_maybe_forward() (Hangbin Liu) [RHEL-129084]
  - net: ipv4: Consolidate ipv4_mtu and ip_dst_mtu_maybe_forward (Hangbin Liu) [RHEL-129084]
  - ipv6: use RCU in ip6_xmit() (Hangbin Liu) [RHEL-129018] {CVE-2025-40135}
  - ipv6: use RCU in ip6_output() (Hangbin Liu) [RHEL-128982] {CVE-2025-40158}
  - net: dst: introdu