[4.18.0-147.OL8] - Oracle Linux certificates - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] [4.18.0-147] - [x86] perf/x86/intel: Fix spurious NMI on fixed counter [1755110] - [x86] perf/x86/intel: Fix race in intel_pmu_disable_event [1755110] - [netdrv] drivers: tap.c: fix wrong backport causing WARN_ON_ONCE in skb_flow_dissect [1750711] - [virt] KVM: coalesced_mmio: add bounds checking [1746804] {CVE-2019-14821} [4.18.0-146] - [fs] gfs2: clear buf_in_tr when ending a transaction in sweep_bh_for_rgrps [1750939] - [s390] kvm: s390: kvm_s390_vm_start_migration: check dirty_bitmap before using it as target for memset [1753260] - [fs] cifs: fix credits leak for SMB1 oplock breaks [1752243] [4.18.0-145] - [iommu] iommu/amd: Add support for X2APIC IOMMU interrupts [1734842] - [vhost] vhost: make sure log_num [4.18.0-144] - [md] Revert "[md] dm: eliminate "split_discard_bios" flag from DM target interface" [1749929] - [md] Revert "[md] dm: make sure to obey max_io_len_target_boundary" [1749929] - [pci] PCI: Restore Resizable BAR size bits correctly for 1MB BARs [1717760] - [net] netfilter: nft_fib_netdev: Terminate rule eval if protocol=IPv6 and ipv6 module is disabled [1743945] - [net] netfilter: bridge: Drops IPv6 packets if IPv6 module is not loaded [1743945] - [drm] drm/qxl: get vga ioports [1728936] - [drm] drm/i915: Call dma_set_max_seg_size in i915_driver_hw_probe [1724363] [4.18.0-143] - [net] netfilter: nft_set: fix allocation size overflow in privsize callback. [1746338] - [net] net: route dump netlink NLM_F_MULTI flag missing [1745971] - [net] sched: pfifo_fast: fix wrong dereference in pfifo_fast_enqueue [1745390] - [net] sched: pfifo_fast: fix wrong dereference when qdisc is reset [1745387] - [scsi] scsi: vmw_pscsi: Fix use-after-free in pvscsi_queue_lck [1746597] [4.18.0-142] - [drm] drm/virtio: use virtio_max_dma_size [1739291] - [mm] hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined [1706088] - [powerpc] kvm: ppc: book3s: Enable XIVE native capability only if OPAL has required functions [BZ1744884] [1744884] - [scsi] scsi: lpfc: Fix oops when fewer hdwqs than cpus [1745731] - [scsi] scsi: lpfc: Limit xri count for kdump environment [1745731] - [scsi] scsi: lpfc: Mitigate high memory pre-allocation by SCSI-MQ [1745731] - [scsi] scsi: qla2xxx: Fix hardirq-unsafe locking [1719941] - [x86] Revert "[x86] x86/kexec/64: Prevent kexec from 5-level paging to a 4-level only kernel" [1669088] - [x86] Revert "[x86] x86/boot: Add xloadflags bits to check for 5-level paging support" [1669088] [4.18.0-141] - [wireless] mwifiex: fix 802.11n/WPA detection [1714476] {CVE-2019-3846} [4.18.0-140] - [x86] x86/kdump: Reserve extra memory when SME or SEV is active [1728519] - [scsi] scsi: qla2xxx: Fix hardlockup in abort command during driver remove [1690041] - [scsi] qla2xxx: Update driver version to 10.01.00.15.08.1-k1 [1690041] - [scsi] scsi: qla2xxx: Fix panic from use after free in qla2x00_async_tm_cmd [1690041] - [scsi] scsi: qla2xxx: cleanup trace buffer initialization [1690041] - [scsi] scsi: qla2xxx: qla2x00_alloc_fw_dump: set ha-