- [5.14.0-162.18.1.el9_1.OL9] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64] - Remove nmap references from kernel [Orabug: 34313944] - Remove upstream reference during boot [Orabug: 34729535] [5.14.0-162.18.1.el9_1] - powerpc/pseries: Use lparcfg to reconfig VAS windows for DLPAR CPU [2154305 2133101] - redhat/configs: Change the amd-pstate driver from builtin to loadable [2151274 2143793] - powerpc/pseries/mobility: set NMI watchdog factor during an LPM [2140085 2122830] - powerpc/watchdog: introduce a NMI watchdog"s factor [2140085 2122830] - watchdog: export lockup_detector_reconfigure [2140085 2122830] - powerpc/mobility: wait for memory transfer to complete [2140085 2122830] [5.14.0-162.17.1.el9_1] - PCI: hv: Only reuse existing IRTE allocation for Multi-MSI [2155459 2100404] - PCI: hv: Fix the definition of vector in hv_compose_msi_msg [2155459 2100404] - PCI: hv: Fix interrupt mapping for multi-MSI [2155459 2100404] - PCI: hv: Reuse existing IRTE allocation in compose_msi_msg [2155459 2100404] - PCI: hv: Fix hv_arch_irq_unmask for multi-MSI [2155459 2100404] - PCI: hv: Fix multi-MSI to allow more than one MSI vector [2155459 2100404] - proc: proc_skip_spaces shouldn"t think it is working on C strings [2152580 2152581] {CVE-2022-4378} - proc: avoid integer type confusion in get_proc_long [2152580 2152581] {CVE-2022-4378} - blk-mq: run queue no matter whether the request is the last request [2162535 2118511] - netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits [2161724 2161725] {CVE-2023-0179} - nvme-tcp: fix regression that causes sporadic requests to time out [2161344 2124526] - netfs: Fix dodgy maths [2161418 2138981] - netfs: Fix missing xas_retry calls in xarray iteration [2161418 2138981] [5.14.0-162.16.1.el9_1] - Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu [2152929 2152931] {CVE-2022-3564} - gitlab-ci: use CI templates from production branch [5.14.0-162.15.1.el9_1] - KVM: s390: vsie: Fix the initialization of the epoch extension field [2158815 2140899] - x86/fpu: Do not leak fpstate pointer on fork [2133083 2120448] - Revert usb: typec: ucsi: add a common function ucsi_unregister_connectors [2153277 2113003] - i2c: ismt: Fix an out-of-bounds bug in ismt_access [2154859 2119067] {CVE-2022-2873} [5.14.0-162.14.1.el9_1] - NFSD: fix use-after-free in __nfs42_ssc_open [2152815 2152816] {CVE-2022-4379} - PCI: hv: Fix synchronization between channel callback and hv_pci_bus_exit [2155930 2155277] - PCI: hv: Fix synchronization between channel callback and hv_compose_msi_msg [2155930 2155277] - PCI: hv: Use vmbus_requestor to generate transaction IDs for VMbus hardening [2155930 2155277] - sched/core: Always flush pending blk_plug [2153792 2115520] [5.14.0-162.13.1.el9_1] - scsi: qla2xxx: Fix crash when I/O abort times out [2152178 2115892] - net: mana: Fix race on per-CQ variable napi work_done [2155145 2153431]