diff --git a/.kernel.checksum b/.kernel.checksum
index 9cf1967bd1af70b0d4ecc5b53e305d784d94596e..0b3aee7eccd9e63431e9e32f243331f463a4467f 100644
--- a/.kernel.checksum
+++ b/.kernel.checksum
@@ -1 +1 @@
-2235e7bc44f5279f278b2a277bd82815aaf27a0411ec855aead13d50477fc878
+01693fa8b837e33c8bd9d921c6146d374024929d1c99d1d67b1b0d694f4a0068
diff --git a/.kernel.metadata b/.kernel.metadata
index b66f3c23bd5f18ecbfd884baa8dd0976e9aaac3f..90200f1b73d34d02e948b7c8e4d8a2b2053894ca 100644
--- a/.kernel.metadata
+++ b/.kernel.metadata
@@ -1,6 +1,6 @@
-852acbc0e3b9f78afd2631d665e367b2c2f61577ae329cdd1192b7502d127733 SOURCES/kernel-abi-stablelists-5.14.0-427.40.1.el9_4.tar.bz2
-4346ba0a05d50d8dcc6755a7377b76ec634d2450ae3b5cd53ffcb4d1d85af286 SOURCES/kernel-kabi-dw-5.14.0-427.40.1.el9_4.tar.bz2
-2c1ce0360bf3c88ee9f6a10c1fad1dbe1a85ff781ca9a59b5c5531fcb0b3187b SOURCES/linux-5.14.0-427.40.1.el9_4.tar.xz
+bddee3896a5836e4e090ead9ea7d0b4178bf4a1ca2a7ae7f37c30b30144ab467 SOURCES/kernel-abi-stablelists-5.14.0-427.42.1.el9_4.tar.bz2
+e57b43b9fbafb5de7ec72a543e55dac2d255fd24af2d4699ae5d33ddc8ef5004 SOURCES/kernel-kabi-dw-5.14.0-427.42.1.el9_4.tar.bz2
+e6e3482f299e924d57c578aac73b46381683297cd72bacee0187d1e3413b4192 SOURCES/linux-5.14.0-427.42.1.el9_4.tar.xz
 ca3aa0979f9426736d382747bba165e71ea4c42a2fb736d78fd8a4c4b7b58ad4 SOURCES/nvidiagpuoot001.x509
 af61197112f29a3a52f3825d363fe3103dc98cad269763071ee86eb2aedc139b SOURCES/rheldup3.x509
 b466265282193c17b3256b199ecc3bdd986797b4a82ad841de4a132132e9f6ab SOURCES/rhelima.x509
diff --git a/SOURCES/Makefile.rhelver b/SOURCES/Makefile.rhelver
index 9e494fb5156c310b402ab32897c5f50692fac168..7549e83bdeab8346088d2586f4084f2dc0fa4479 100644
--- a/SOURCES/Makefile.rhelver
+++ b/SOURCES/Makefile.rhelver
@@ -12,7 +12,7 @@ RHEL_MINOR = 4
 #
 # Use this spot to avoid future merge conflicts.
 # Do not trim this comment.
-RHEL_RELEASE = 427.40.1
+RHEL_RELEASE = 427.42.1
 
 #
 # ZSTREAM
diff --git a/SOURCES/kernel-aarch64-64k-debug-rhel.config b/SOURCES/kernel-aarch64-64k-debug-rhel.config
index b15cc9dcdd143bd030589481ca080d518fe17312..a674ee5fde7104ef223c3256903223c7ae72fe66 100644
--- a/SOURCES/kernel-aarch64-64k-debug-rhel.config
+++ b/SOURCES/kernel-aarch64-64k-debug-rhel.config
@@ -4155,6 +4155,7 @@ CONFIG_NVME_VERBOSE_ERRORS=y
 # CONFIG_NXP_TJA11XX_PHY is not set
 # CONFIG_OCFS2_FS is not set
 CONFIG_OCTEON_EP=m
+CONFIG_OCTEON_EP_VF=m
 CONFIG_OCTEONTX2_AF=m
 CONFIG_OCTEONTX2_MBOX=m
 CONFIG_OCTEONTX2_PF=m
diff --git a/SOURCES/kernel-aarch64-64k-rhel.config b/SOURCES/kernel-aarch64-64k-rhel.config
index 1e05626b07e27f372ef510a6b3b3e9c39d443e7e..d7e975a56f410de54fad1461b8f7c4eda8a0ef9e 100644
--- a/SOURCES/kernel-aarch64-64k-rhel.config
+++ b/SOURCES/kernel-aarch64-64k-rhel.config
@@ -4134,6 +4134,7 @@ CONFIG_NVME_VERBOSE_ERRORS=y
 # CONFIG_NXP_TJA11XX_PHY is not set
 # CONFIG_OCFS2_FS is not set
 CONFIG_OCTEON_EP=m
+CONFIG_OCTEON_EP_VF=m
 CONFIG_OCTEONTX2_AF=m
 CONFIG_OCTEONTX2_MBOX=m
 CONFIG_OCTEONTX2_PF=m
diff --git a/SOURCES/kernel-aarch64-debug-rhel.config b/SOURCES/kernel-aarch64-debug-rhel.config
index f55d9e381c43d24ba7321fc6c93258c2709b7fe4..8954f1a11d137291676afeeb91884215bacc1cf5 100644
--- a/SOURCES/kernel-aarch64-debug-rhel.config
+++ b/SOURCES/kernel-aarch64-debug-rhel.config
@@ -4152,6 +4152,7 @@ CONFIG_NVME_VERBOSE_ERRORS=y
 # CONFIG_NXP_TJA11XX_PHY is not set
 # CONFIG_OCFS2_FS is not set
 CONFIG_OCTEON_EP=m
+CONFIG_OCTEON_EP_VF=m
 CONFIG_OCTEONTX2_AF=m
 CONFIG_OCTEONTX2_MBOX=m
 CONFIG_OCTEONTX2_PF=m
diff --git a/SOURCES/kernel-aarch64-rhel.config b/SOURCES/kernel-aarch64-rhel.config
index 50dfa90dd4ed592111a1ba09616817f739a72551..a4aa9db195041de06d7bb651b84622c27c354856 100644
--- a/SOURCES/kernel-aarch64-rhel.config
+++ b/SOURCES/kernel-aarch64-rhel.config
@@ -4131,6 +4131,7 @@ CONFIG_NVME_VERBOSE_ERRORS=y
 # CONFIG_NXP_TJA11XX_PHY is not set
 # CONFIG_OCFS2_FS is not set
 CONFIG_OCTEON_EP=m
+CONFIG_OCTEON_EP_VF=m
 CONFIG_OCTEONTX2_AF=m
 CONFIG_OCTEONTX2_MBOX=m
 CONFIG_OCTEONTX2_PF=m
diff --git a/SOURCES/kernel-aarch64-rt-debug-rhel.config b/SOURCES/kernel-aarch64-rt-debug-rhel.config
index 319fe316961ab4cca48b7879825ac8b9cf013050..360333f62c8b5f6beb7c26e43a9914139c23053a 100644
--- a/SOURCES/kernel-aarch64-rt-debug-rhel.config
+++ b/SOURCES/kernel-aarch64-rt-debug-rhel.config
@@ -4223,6 +4223,7 @@ CONFIG_NVME_VERBOSE_ERRORS=y
 # CONFIG_NXP_TJA11XX_PHY is not set
 # CONFIG_OCFS2_FS is not set
 CONFIG_OCTEON_EP=m
+CONFIG_OCTEON_EP_VF=m
 CONFIG_OCTEONTX2_AF=m
 CONFIG_OCTEONTX2_MBOX=m
 CONFIG_OCTEONTX2_PF=m
diff --git a/SOURCES/kernel-aarch64-rt-rhel.config b/SOURCES/kernel-aarch64-rt-rhel.config
index 26607d5753f3c4a6923481873a5cffcc3009ef7a..dd478881bed2fb53df7d62195a84b91d44774d9c 100644
--- a/SOURCES/kernel-aarch64-rt-rhel.config
+++ b/SOURCES/kernel-aarch64-rt-rhel.config
@@ -4202,6 +4202,7 @@ CONFIG_NVME_VERBOSE_ERRORS=y
 # CONFIG_NXP_TJA11XX_PHY is not set
 # CONFIG_OCFS2_FS is not set
 CONFIG_OCTEON_EP=m
+CONFIG_OCTEON_EP_VF=m
 CONFIG_OCTEONTX2_AF=m
 CONFIG_OCTEONTX2_MBOX=m
 CONFIG_OCTEONTX2_PF=m
diff --git a/SOURCES/kernel-ppc64le-debug-rhel.config b/SOURCES/kernel-ppc64le-debug-rhel.config
index 10a6422424a031db12ddbf36a31fad081aec53d1..cc62cd48f60e3ec6dd88084960896ff4ed26eef0 100644
--- a/SOURCES/kernel-ppc64le-debug-rhel.config
+++ b/SOURCES/kernel-ppc64le-debug-rhel.config
@@ -3797,6 +3797,7 @@ CONFIG_NVRAM=m
 # CONFIG_NXP_TJA11XX_PHY is not set
 # CONFIG_OCFS2_FS is not set
 CONFIG_OCTEON_EP=m
+CONFIG_OCTEON_EP_VF=m
 CONFIG_OCXL=m
 # CONFIG_OF_OVERLAY is not set
 CONFIG_OF_PMEM=m
diff --git a/SOURCES/kernel-ppc64le-rhel.config b/SOURCES/kernel-ppc64le-rhel.config
index ab64b81ec6649a925784a5234bd743a7aed034a0..bf6ee172a6736f11d1c46d7e6f49f5d3893fb809 100644
--- a/SOURCES/kernel-ppc64le-rhel.config
+++ b/SOURCES/kernel-ppc64le-rhel.config
@@ -3777,6 +3777,7 @@ CONFIG_NVRAM=m
 # CONFIG_NXP_TJA11XX_PHY is not set
 # CONFIG_OCFS2_FS is not set
 CONFIG_OCTEON_EP=m
+CONFIG_OCTEON_EP_VF=m
 CONFIG_OCXL=m
 # CONFIG_OF_OVERLAY is not set
 CONFIG_OF_PMEM=m
diff --git a/SOURCES/kernel-s390x-debug-rhel.config b/SOURCES/kernel-s390x-debug-rhel.config
index edff9eceb6b39dc143f996aaf5f43cf656d56667..6fabf97a577d91da858c79387701a06298c1606d 100644
--- a/SOURCES/kernel-s390x-debug-rhel.config
+++ b/SOURCES/kernel-s390x-debug-rhel.config
@@ -3783,6 +3783,7 @@ CONFIG_NVME_VERBOSE_ERRORS=y
 # CONFIG_NXP_TJA11XX_PHY is not set
 # CONFIG_OCFS2_FS is not set
 CONFIG_OCTEON_EP=m
+CONFIG_OCTEON_EP_VF=m
 CONFIG_OCXL=m
 # CONFIG_OF is not set
 # CONFIG_OF_OVERLAY is not set
diff --git a/SOURCES/kernel-s390x-rhel.config b/SOURCES/kernel-s390x-rhel.config
index e051d03643826c41c3366ec799184c78f40a09d6..82b201ecee0065d150183c6a33818cb93e668e09 100644
--- a/SOURCES/kernel-s390x-rhel.config
+++ b/SOURCES/kernel-s390x-rhel.config
@@ -3763,6 +3763,7 @@ CONFIG_NVME_VERBOSE_ERRORS=y
 # CONFIG_NXP_TJA11XX_PHY is not set
 # CONFIG_OCFS2_FS is not set
 CONFIG_OCTEON_EP=m
+CONFIG_OCTEON_EP_VF=m
 CONFIG_OCXL=m
 # CONFIG_OF is not set
 # CONFIG_OF_OVERLAY is not set
diff --git a/SOURCES/kernel-s390x-zfcpdump-rhel.config b/SOURCES/kernel-s390x-zfcpdump-rhel.config
index 44b6a504af14036216305e4a3d61b4a06af715f3..475643c711ea0f522c89e7fac9fdde030ebec0ee 100644
--- a/SOURCES/kernel-s390x-zfcpdump-rhel.config
+++ b/SOURCES/kernel-s390x-zfcpdump-rhel.config
@@ -3778,6 +3778,7 @@ CONFIG_NVME_VERBOSE_ERRORS=y
 # CONFIG_NXP_TJA11XX_PHY is not set
 # CONFIG_OCFS2_FS is not set
 CONFIG_OCTEON_EP=m
+CONFIG_OCTEON_EP_VF=m
 CONFIG_OCXL=m
 # CONFIG_OF is not set
 # CONFIG_OF_OVERLAY is not set
diff --git a/SOURCES/kernel-x86_64-debug-rhel.config b/SOURCES/kernel-x86_64-debug-rhel.config
index e1e821b667a115dd29c209615a34c2d10ef279d3..132da7caacd36711e42094ee9d86d650faa4a6af 100644
--- a/SOURCES/kernel-x86_64-debug-rhel.config
+++ b/SOURCES/kernel-x86_64-debug-rhel.config
@@ -3231,6 +3231,7 @@ CONFIG_MISC_FILESYSTEMS=y
 CONFIG_MISC_RTSX_PCI=m
 CONFIG_MISC_RTSX_USB=m
 CONFIG_MITIGATION_RFDS=y
+CONFIG_MITIGATION_SPECTRE_BHI=y
 # CONFIG_MK8 is not set
 # CONFIG_MLX4_CORE_GEN2 is not set
 CONFIG_MLX4_EN_DCB=y
@@ -3992,6 +3993,7 @@ CONFIG_NVSW_SN2201=m
 # CONFIG_NXP_TJA11XX_PHY is not set
 # CONFIG_OCFS2_FS is not set
 CONFIG_OCTEON_EP=m
+CONFIG_OCTEON_EP_VF=m
 CONFIG_OCXL=m
 # CONFIG_OF is not set
 # CONFIG_OF_OVERLAY is not set
diff --git a/SOURCES/kernel-x86_64-rhel.config b/SOURCES/kernel-x86_64-rhel.config
index 8b91cf26858132fd130e39d8ce9a00cb7cd1be9c..fe5aefc66476b18bf91efec59013a7f4576f7dc5 100644
--- a/SOURCES/kernel-x86_64-rhel.config
+++ b/SOURCES/kernel-x86_64-rhel.config
@@ -3211,6 +3211,7 @@ CONFIG_MISC_FILESYSTEMS=y
 CONFIG_MISC_RTSX_PCI=m
 CONFIG_MISC_RTSX_USB=m
 CONFIG_MITIGATION_RFDS=y
+CONFIG_MITIGATION_SPECTRE_BHI=y
 # CONFIG_MK8 is not set
 # CONFIG_MLX4_CORE_GEN2 is not set
 CONFIG_MLX4_EN_DCB=y
@@ -3972,6 +3973,7 @@ CONFIG_NVSW_SN2201=m
 # CONFIG_NXP_TJA11XX_PHY is not set
 # CONFIG_OCFS2_FS is not set
 CONFIG_OCTEON_EP=m
+CONFIG_OCTEON_EP_VF=m
 CONFIG_OCXL=m
 # CONFIG_OF is not set
 # CONFIG_OF_OVERLAY is not set
diff --git a/SOURCES/kernel-x86_64-rt-debug-rhel.config b/SOURCES/kernel-x86_64-rt-debug-rhel.config
index 59a09541824223fc38ffa500645702a8276d136b..b434f4604138a7a6771080d02d1bf08783b0cd1f 100644
--- a/SOURCES/kernel-x86_64-rt-debug-rhel.config
+++ b/SOURCES/kernel-x86_64-rt-debug-rhel.config
@@ -3288,6 +3288,7 @@ CONFIG_MISC_FILESYSTEMS=y
 CONFIG_MISC_RTSX_PCI=m
 CONFIG_MISC_RTSX_USB=m
 CONFIG_MITIGATION_RFDS=y
+CONFIG_MITIGATION_SPECTRE_BHI=y
 # CONFIG_MK8 is not set
 # CONFIG_MLX4_CORE_GEN2 is not set
 CONFIG_MLX4_DEBUG=y
@@ -4061,6 +4062,7 @@ CONFIG_NVSW_SN2201=m
 # CONFIG_NXP_TJA11XX_PHY is not set
 # CONFIG_OCFS2_FS is not set
 CONFIG_OCTEON_EP=m
+CONFIG_OCTEON_EP_VF=m
 CONFIG_OCXL=m
 # CONFIG_OF is not set
 # CONFIG_OF_OVERLAY is not set
diff --git a/SOURCES/kernel-x86_64-rt-rhel.config b/SOURCES/kernel-x86_64-rt-rhel.config
index 8a2c15805497ede33e9616bbc8aab7cdf43024b3..1c9025f70015b0f8501f23a87ad87dd4bcd578c7 100644
--- a/SOURCES/kernel-x86_64-rt-rhel.config
+++ b/SOURCES/kernel-x86_64-rt-rhel.config
@@ -3268,6 +3268,7 @@ CONFIG_MISC_FILESYSTEMS=y
 CONFIG_MISC_RTSX_PCI=m
 CONFIG_MISC_RTSX_USB=m
 CONFIG_MITIGATION_RFDS=y
+CONFIG_MITIGATION_SPECTRE_BHI=y
 # CONFIG_MK8 is not set
 # CONFIG_MLX4_CORE_GEN2 is not set
 CONFIG_MLX4_DEBUG=y
@@ -4041,6 +4042,7 @@ CONFIG_NVSW_SN2201=m
 # CONFIG_NXP_TJA11XX_PHY is not set
 # CONFIG_OCFS2_FS is not set
 CONFIG_OCTEON_EP=m
+CONFIG_OCTEON_EP_VF=m
 CONFIG_OCXL=m
 # CONFIG_OF is not set
 # CONFIG_OF_OVERLAY is not set
diff --git a/SPECS/kernel.spec b/SPECS/kernel.spec
index 18d1887d211084290813d55f058d693084a0f01e..673c59d53c1dc4bd136fb6d6551b51f889767fb6 100644
--- a/SPECS/kernel.spec
+++ b/SPECS/kernel.spec
@@ -165,15 +165,15 @@ Summary: The Linux kernel
 # define buildid .local
 %define specversion 5.14.0
 %define patchversion 5.14
-%define pkgrelease 427.40.1
+%define pkgrelease 427.42.1
 %define kversion 5
-%define tarfile_release 5.14.0-427.40.1.el9_4
+%define tarfile_release 5.14.0-427.42.1.el9_4
 # This is needed to do merge window version magic
 %define patchlevel 14
 # This allows pkg_release to have configurable %%{?dist} tag
-%define specrelease 427.40.1%{?buildid}%{?dist}
+%define specrelease 427.42.1%{?buildid}%{?dist}
 # This defines the kabi tarball version
-%define kabiversion 5.14.0-427.40.1.el9_4
+%define kabiversion 5.14.0-427.42.1.el9_4
 
 #
 # End of genspec.sh variables
@@ -3735,10 +3735,90 @@ fi
 #
 #
 %changelog
-* Wed Oct 16 2024 Release Engineering <releng@rockylinux.org> - 5.14.0-427.40.1
+* Wed Oct 30 2024 Release Engineering <releng@rockylinux.org> - 5.14.0-427.42.1
 - Porting to 9.4, debranding and Rocky branding
 - Ensure aarch64 kernel is not compressed
 
+* Fri Oct 18 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.42.1.el9_4]
+- redhat/configs: Add CONFIG_MITIGATION_SPECTRE_BHI (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
+- x86/bugs: Fix BHI retpoline check (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
+- x86/bugs: Replace CONFIG_SPECTRE_BHI_{ON,OFF} with CONFIG_MITIGATION_SPECTRE_BHI (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
+- x86/bugs: Remove CONFIG_BHI_MITIGATION_AUTO and spectre_bhi=auto (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
+- x86/bugs: Clarify that syscall hardening isn't a BHI mitigation (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
+- x86/bugs: Fix BHI handling of RRSBA (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
+- x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
+- x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
+- x86/bugs: Fix BHI documentation (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
+- x86/bugs: Fix return type of spectre_bhi_state() (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
+- x86/bugs: Make CONFIG_SPECTRE_BHI_ON the default (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
+- KVM: x86: Add BHI_NO (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
+- x86/bhi: Mitigate KVM by default (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
+- x86/bhi: Add BHI mitigation knob (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
+- x86/bhi: Enumerate Branch History Injection (BHI) bug (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
+- x86/bhi: Define SPEC_CTRL_BHI_DIS_S (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
+- x86/bhi: Add support for clearing branch history at syscall entry (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
+- x86/bugs: Change commas to semicolons in 'spectre_v2' sysfs file (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
+- perf/x86/amd/lbr: Use freeze based on availability (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
+- Documentation/kernel-parameters: Add spec_rstack_overflow to mitigations=off (Waiman Long) [RHEL-45492 RHEL-28203] {CVE-2024-2201}
+- KVM: x86: Use a switch statement and macros in __feature_translate() (Maxim Levitsky) [RHEL-45492 RHEL-32430]
+- KVM: x86: Advertise CPUID.(EAX=7,ECX=2):EDX[5:0] to userspace (Maxim Levitsky) [RHEL-45492 RHEL-32430]
+- x86/entry/32: Convert do_fast_syscall_32() to bool return type (Prarit Bhargava) [RHEL-45492 RHEL-25415]
+- x86/entry: Add do_SYSENTER_32() prototype (Prarit Bhargava) [RHEL-45492 RHEL-25415]
+- x86/bugs: Reset speculation control settings on init (Prarit Bhargava) [RHEL-45492 RHEL-25415]
+- mpls: Reduce skb re-allocations due to skb_cow() (Guillaume Nault) [RHEL-61696 RHEL-55145]
+- scsi: core: Fix unremoved procfs host directory regression (Ewan D. Milne) [RHEL-39539 RHEL-39601 RHEL-33543 RHEL-35000] {CVE-2024-26935}
+- tty: Fix out-of-bound vmalloc access in imageblit (Andrew Halaney) [RHEL-42095 RHEL-24205] {CVE-2021-47383}
+- block: initialize integrity buffer to zero before writing it to media (Ming Lei) [RHEL-54769 RHEL-54768] {CVE-2024-43854}
+- block: cleanup bio_integrity_prep (Ming Lei) [RHEL-54769 RHEL-25988]
+- block: refactor to use helper (Ming Lei) [RHEL-54769 RHEL-25988]
+- ceph: fix cap ref leak via netfs init_request (Patrick Donnelly) [RHEL-62666 RHEL-61459]
+- redhat/configs: Enable CONFIG_OCTEON_EP_VF (CKI Backport Bot) [RHEL-61744 RHEL-25860]
+- octeon_ep_vf: add ethtool support (CKI Backport Bot) [RHEL-61744 RHEL-25860]
+- octeon_ep_vf: add Tx/Rx processing and interrupt support (CKI Backport Bot) [RHEL-61744 RHEL-25860]
+- octeon_ep_vf: add support for ndo ops (CKI Backport Bot) [RHEL-61744 RHEL-25860]
+- octeon_ep_vf: add Tx/Rx ring resource setup and cleanup (CKI Backport Bot) [RHEL-61744 RHEL-25860]
+- octeon_ep_vf: add VF-PF mailbox communication. (CKI Backport Bot) [RHEL-61744 RHEL-25860]
+- octeon_ep_vf: add hardware configuration APIs (CKI Backport Bot) [RHEL-61744 RHEL-25860]
+- octeon_ep_vf: Add driver framework and device initialization (CKI Backport Bot) [RHEL-61744 RHEL-25860]
+- octeon_ep: support firmware notifications for VFs (CKI Backport Bot) [RHEL-61744 RHEL-25860]
+- octeon_ep: control net framework to support VF offloads (CKI Backport Bot) [RHEL-61744 RHEL-25860]
+- octeon_ep: PF-VF mailbox version support (CKI Backport Bot) [RHEL-61744 RHEL-25860]
+- octeon_ep: add PF-VF mailbox communication (CKI Backport Bot) [RHEL-61744 RHEL-25860]
+- x86/mm/ident_map: Use gbpages only where full GB page should be mapped. (Chris von Recklinghausen) [RHEL-62209 RHEL-26268]
+- netfilter: nfnetlink_queue: un-break NF_REPEAT (Phil Sutter) [RHEL-62299]
+
+* Fri Oct 11 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.41.1.el9_4]
+- iommu/amd: Fix panic accessing amd_iommu_enable_faulting (Jerry Snitselaar) [RHEL-55507 RHEL-37320 RHEL-40344]
+- iommu/vt-d: Allocate DMAR fault interrupts locally (Jerry Snitselaar) [RHEL-55507 RHEL-28780]
+- netfilter: nft_inner: validate mandatory meta and payload (Phil Sutter) [RHEL-47488 RHEL-47486] {CVE-2024-39504}
+- netfilter: flowtable: initialise extack before use (CKI Backport Bot) [RHEL-58546 RHEL-58544] {CVE-2024-45018}
+- ext4: do not create EA inode under buffer lock (Carlos Maiolino) [RHEL-48285 RHEL-48282] {CVE-2024-40972}
+- ext4: fold quota accounting into ext4_xattr_inode_lookup_create() (Carlos Maiolino) [RHEL-48285 RHEL-48282] {CVE-2024-40972}
+- ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() (Carlos Maiolino) [RHEL-48519 RHEL-48517] {CVE-2024-40998}
+- ext4: turn quotas off if mount failed after enabling quotas (Carlos Maiolino) [RHEL-48519 RHEL-48517] {CVE-2024-40998}
+- mptcp: fix data re-injection from stale subflow (Davide Caratti) [RHEL-59920 RHEL-32669] {CVE-2024-26826}
+- xfs: add bounds checking to xlog_recover_process_data (CKI Backport Bot) [RHEL-50864 RHEL-50862] {CVE-2024-41014}
+- af_unix: Suppress false-positive lockdep splat for spin_lock() in __unix_gc(). (Davide Caratti) [RHEL-42771 RHEL-33410]
+- af_unix: Fix garbage collector racing against connect() (Davide Caratti) [RHEL-42771 RHEL-33410] {CVE-2024-26923}
+- af_unix: fix lockdep positive in sk_diag_dump_icons() (Davide Caratti) [RHEL-42771 RHEL-33410]
+- xfs: don't walk off the end of a directory data block (CKI Backport Bot) [RHEL-50887 RHEL-50885] {CVE-2024-41013}
+- ipv6: prevent possible NULL dereference in rt6_probe() (Hangbin Liu) [RHEL-48161 RHEL-45826] {CVE-2024-40960}
+- mac802154: fix llsec key resources release in mac802154_llsec_key_del (Steve Best) [RHEL-42795 RHEL-34969] {CVE-2024-26961}
+- mptcp: ensure snd_una is properly initialized on connect (Florian Westphal) [RHEL-47945 RHEL-47943] {CVE-2024-40931}
+- USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (CKI Backport Bot) [RHEL-47560 RHEL-47558] {CVE-2024-40904}
+- nvme-multipath: fix io accounting on failover (John Meneghini) [RHEL-59646 RHEL-56635]
+- nvme: fix multipath batched completion accounting (John Meneghini) [RHEL-59646 RHEL-56635]
+- xfs: fix log recovery buffer allocation for the legacy h_size fixup (Bill O'Donnell) [RHEL-46481 RHEL-46479] {CVE-2024-39472}
+- tcp: add sanity checks to rx zerocopy (Paolo Abeni) [RHEL-58403 RHEL-29496] {CVE-2024-26640}
+- netpoll: Fix race condition in netpoll_owner_active (CKI Backport Bot) [RHEL-49373 RHEL-49371] {CVE-2024-41005}
+- wifi: mt76: mt7921s: fix potential hung tasks during chip recovery (CKI Backport Bot) [RHEL-48321 RHEL-48319] {CVE-2024-40977}
+- smb: client: fix hang in wait_for_response() for negproto (Jay Shin) [RHEL-61606 RHEL-57983]
+- NFSv4.1/pnfs: fix NFS with TLS in pnfs (Benjamin Coddington) [RHEL-61467 RHEL-34576]
+- ceph: remove the incorrect Fw reference check when dirtying pages (Xiubo Li) [RHEL-61415 RHEL-60255]
+- net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (Davide Caratti) [RHEL-48483 RHEL-44375] {CVE-2024-40995}
+- net/sched: taprio: extend minimum interval restriction to entire cycle too (Davide Caratti) [RHEL-44377 RHEL-44375] {CVE-2024-36244}
+- net/sched: taprio: make q->picos_per_byte available to fill_sched_entry() (Davide Caratti) [RHEL-44377 RHEL-44375] {CVE-2024-36244}
+
 * Fri Oct 04 2024 Scott Weaver <scweaver@redhat.com> [5.14.0-427.40.1.el9_4]
 - gfs2: Fix NULL pointer dereference in gfs2_log_flush (CKI Backport Bot) [RHEL-51561 RHEL-51559] {CVE-2024-42079}
 - net: stmmac: Separate C22 and C45 transactions for xgmac (CKI Backport Bot) [RHEL-60274 RHEL-6297]