From 3e28770d5d4ec65fc738b18157ecb61ac77f953f Mon Sep 17 00:00:00 2001
From: Peridot Bot <rockyautomation@rockylinux.org>
Date: Wed, 11 Sep 2024 08:44:24 +0000
Subject: [PATCH] import kernel-5.14.0-427.35.1.el9_4

---
 .kernel.checksum         |  2 +-
 .kernel.metadata         |  6 ++--
 SOURCES/Makefile.rhelver |  2 +-
 SPECS/kernel.spec        | 59 ++++++++++++++++++++++++++++++++++++----
 4 files changed, 59 insertions(+), 10 deletions(-)

diff --git a/.kernel.checksum b/.kernel.checksum
index af6176a..9b41961 100644
--- a/.kernel.checksum
+++ b/.kernel.checksum
@@ -1 +1 @@
-9fe1c3b6218b7c7cc1b025507084b0792a3734739768f8b40c91913bdd36d2fa
+eac1f77e8051ee763e45612d64c7b6d6b555b89b440e28204c065921bdaf5010
diff --git a/.kernel.metadata b/.kernel.metadata
index c9fb3c6..b51a62b 100644
--- a/.kernel.metadata
+++ b/.kernel.metadata
@@ -1,6 +1,6 @@
-d48caa6db91d299ea9ba119112469ea078b60b497f6667f86785d99c1bed5cf9 SOURCES/kernel-abi-stablelists-5.14.0-427.33.1.el9_4.tar.bz2
-b76c30f9559d60cb9c8cbbc9cc1d08733ac96f1eb449aaad3f7e56bc1c7c43a9 SOURCES/kernel-kabi-dw-5.14.0-427.33.1.el9_4.tar.bz2
-1fa51edaa954e9108ec49b1a4e593e7124b20fe2049a379589fed3611f08d8fd SOURCES/linux-5.14.0-427.33.1.el9_4.tar.xz
+d8208eeb6245c36d91d9c38f2f4cf9ae69b64cdb07b7b4bfd254a913d562ad72 SOURCES/kernel-abi-stablelists-5.14.0-427.35.1.el9_4.tar.bz2
+9d174637267cfad59ae0096a196e5a8afc34e86575bdeff8380834ef76b8a733 SOURCES/kernel-kabi-dw-5.14.0-427.35.1.el9_4.tar.bz2
+bed815a28c44ae218ae01f6fd993c08afc85fd65b16bfc93c01ef01d1338cdcd SOURCES/linux-5.14.0-427.35.1.el9_4.tar.xz
 ca3aa0979f9426736d382747bba165e71ea4c42a2fb736d78fd8a4c4b7b58ad4 SOURCES/nvidiagpuoot001.x509
 af61197112f29a3a52f3825d363fe3103dc98cad269763071ee86eb2aedc139b SOURCES/rheldup3.x509
 b466265282193c17b3256b199ecc3bdd986797b4a82ad841de4a132132e9f6ab SOURCES/rhelima.x509
diff --git a/SOURCES/Makefile.rhelver b/SOURCES/Makefile.rhelver
index 562e0a1..4d9849c 100644
--- a/SOURCES/Makefile.rhelver
+++ b/SOURCES/Makefile.rhelver
@@ -12,7 +12,7 @@ RHEL_MINOR = 4
 #
 # Use this spot to avoid future merge conflicts.
 # Do not trim this comment.
-RHEL_RELEASE = 427.33.1
+RHEL_RELEASE = 427.35.1
 
 #
 # ZSTREAM
diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec
index dffbb88..2a6d7cb 100644
--- a/SPECS/kernel.spec
+++ b/SPECS/kernel.spec
@@ -165,15 +165,15 @@ Summary: The Linux kernel
 # define buildid .local
 %define specversion 5.14.0
 %define patchversion 5.14
-%define pkgrelease 427.33.1
+%define pkgrelease 427.35.1
 %define kversion 5
-%define tarfile_release 5.14.0-427.33.1.el9_4
+%define tarfile_release 5.14.0-427.35.1.el9_4
 # This is needed to do merge window version magic
 %define patchlevel 14
 # This allows pkg_release to have configurable %%{?dist} tag
-%define specrelease 427.33.1%{?buildid}%{?dist}
+%define specrelease 427.35.1%{?buildid}%{?dist}
 # This defines the kabi tarball version
-%define kabiversion 5.14.0-427.33.1.el9_4
+%define kabiversion 5.14.0-427.35.1.el9_4
 
 #
 # End of genspec.sh variables
@@ -3735,10 +3735,59 @@ fi
 #
 #
 %changelog
-* Wed Aug 28 2024 Release Engineering <releng@rockylinux.org> - 5.14.0-427.33.1
+* Wed Sep 11 2024 Release Engineering <releng@rockylinux.org> - 5.14.0-427.35.1
 - Porting to 9.4, debranding and Rocky branding
 - Ensure aarch64 kernel is not compressed
 
+* Fri Aug 30 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.35.1.el9_4]
+- usb-storage: alauda: Check whether the media is initialized (CKI Backport Bot) [RHEL-43716] {CVE-2024-38619}
+- ceph: force sending a cap update msg back to MDS for revoke op (Xiubo Li) [RHEL-55437]
+- ceph: periodically flush the cap releases (Xiubo Li) [RHEL-55437]
+- mm: avoid overflows in dirty throttling logic (Jay Shin) [RHEL-51848 RHEL-50004] {CVE-2024-42131}
+- Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" (Jay Shin) [RHEL-51701 RHEL-50004] {CVE-2024-42102}
+- mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again (Jay Shin) [RHEL-42628 RHEL-5619] {CVE-2024-26720}
+- net: fix out-of-bounds access in ops_init (Paolo Abeni) [RHEL-43188 RHEL-46610] {CVE-2024-36883}
+- nvme: avoid double free special payload (CKI Backport Bot) [RHEL-51311] {CVE-2024-41073}
+- kernfs: change kernfs_rename_lock into a read-write lock (Jay Shin) [RHEL-55253 RHEL-52956]
+- kernfs: Separate kernfs_pr_cont_buf and rename_lock (Jay Shin) [RHEL-55253 RHEL-52956]
+- kernfs: fix missing kernfs_iattr_rwsem locking (Jay Shin) [RHEL-55253 RHEL-52956]
+- kernfs: Use a per-fs rwsem to protect per-fs list of kernfs_super_info (Jay Shin) [RHEL-55253 RHEL-52956]
+- kernfs: Introduce separate rwsem to protect inode attributes (Jay Shin) [RHEL-55253 RHEL-52956]
+- xhci: Handle TD clearing for multiple streams case (CKI Backport Bot) [RHEL-47894 RHEL-47892] {CVE-2024-40927}
+- Bluetooth: af_bluetooth: Fix deadlock (Bastien Nocera) [RHEL-34161] {CVE-2024-26886}
+- xdp: Remove WARN() from __xdp_reg_mem_model() (CKI Backport Bot) [RHEL-51586] {CVE-2024-42082}
+- nfsd: don't take fi_lock in nfsd_break_deleg_cb() (Benjamin Coddington) [RHEL-42578 RHEL-34875]
+- nfsd: fix RELEASE_LOCKOWNER (Benjamin Coddington) [RHEL-42578 RHEL-34875] {CVE-2024-26629}
+- net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (CKI Backport Bot) [RHEL-43729 RHEL-43727]
+- net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (CKI Backport Bot) [RHEL-43729 RHEL-43727]
+- net: bridge: mst: fix vlan use-after-free (cki-backport-bot) [RHEL-43729] {CVE-2024-36979}
+- efivarfs: force RO when remounting if SetVariable is not supported (Pavel Reichl) [RHEL-42343 RHEL-26588] {CVE-2023-52463}
+- ACPI: arm64: export acpi_arch_thermal_cpufreq_pctg() (Charles Mirabile) [RHEL-34234 RHEL-1697]
+- ACPI: processor: reduce CPUFREQ thermal reduction pctg for Tegra241 (Charles Mirabile) [RHEL-34234 RHEL-1697]
+- ACPI: thermal: Add Thermal fast Sampling Period (_TFP) support (Scott Weaver) [RHEL-34234 RHEL-1697]
+
+* Thu Aug 22 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.34.1.el9_4]
+- mm: prevent derefencing NULL ptr in pfn_section_valid() (Jarod Wilson) [RHEL-51140 RHEL-51138] {CVE-2024-41055}
+- mm, kmsan: fix infinite recursion due to RCU critical section (Jarod Wilson) [RHEL-51140 RHEL-51138] {CVE-2024-41055}
+- ppp: reject claimed-as-LCP but actually malformed packets (CKI Backport Bot) [RHEL-51061 RHEL-51059] {CVE-2024-41044}
+- x86: stop playing stack games in profile_pc() (CKI Backport Bot) [RHEL-51651] {CVE-2024-42096}
+- PCI/MSI: Fix UAF in msi_capability_init (CKI Backport Bot) [RHEL-51438] {CVE-2024-41096}
+- iommufd: Fix missing update of domains_itree after splitting iopt_area (Jerry Snitselaar) [RHEL-42518 RHEL-28780] {CVE-2023-52801}
+- mm: cachestat: fix folio read-after-free in cache walk (Nico Pache) [RHEL-41739 RHEL-5619] {CVE-2024-26630}
+- regmap: maple: Fix cache corruption in regcache_maple_drop() (Jaroslav Kysela) [RHEL-43179 RHEL-39706] {CVE-2024-36019}
+- mm: cachestat: fix two shmem bugs (Nico Pache) [RHEL-36912] {CVE-2024-35797}
+- kprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address (Steve Best) [RHEL-42778 RHEL-34985] {CVE-2024-26946}
+- mm/hugetlb: fix missing hugetlb_lock for resv uncharge (Rafael Aquini) [RHEL-43132 RHEL-37467] {CVE-2024-36000}
+- rbd: don't assume rbd_is_lock_owner() for exclusive mappings (Ilya Dryomov) [RHEL-52675 RHEL-50366]
+- rbd: don't assume RBD_LOCK_STATE_LOCKED for exclusive mappings (Ilya Dryomov) [RHEL-52675 RHEL-50366]
+- rbd: rename RBD_LOCK_STATE_RELEASING and releasing_wait (Ilya Dryomov) [RHEL-52675 RHEL-50366]
+- gpio: tegra186: Fix tegra186_gpio_is_accessible() check (Charles Mirabile) [RHEL-49347 RHEL-32452]
+- net/sched: Fix UAF when resolving a clash (CKI Backport Bot) [RHEL-51022 RHEL-51020] {CVE-2024-41040}
+- KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (Maxim Levitsky) [RHEL-41462 RHEL-32430] {CVE-2024-35791}
+- cxl/region: Fix memregion leaks in devm_cxl_add_region() (John W. Linville) [RHEL-47965 RHEL-23582] {CVE-2024-40936}
+- x86/coco: Require seeding RNG with RDRAND on CoCo systems (Lenny Szubowicz) [RHEL-42986 RHEL-37269] {CVE-2024-35875}
+- scsi: qedf: Ensure the copied buf is NUL terminated (cki-backport-bot) [RHEL-44203] {CVE-2024-38559}
+
 * Fri Aug 16 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.33.1.el9_4]
 - bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (Kamal Heib) [RHEL-44287] {CVE-2024-38540}
 - netfilter: flowtable: validate pppoe header (Florian Westphal) [RHEL-44430 RHEL-33469] {CVE-2024-27016}
-- 
GitLab