Rocky Linux 9 aarch64 RT

kernel-rt-64k-core-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt-64k-core - The Linux kernel compiled with PREEMPT_RT enabled and for 64k pagesize usage

The kernel package contains a variant of the ARM64 Linux kernel with PREEMPT_RT
enabled and using a 64K page size.

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...

kernel-rt-64k-devel-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt-64k-devel - Development package for building kernel modules to match the kernel

This package provides kernel headers and makefiles sufficient to build modules
against the kernel package.

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...

kernel-rt-debug-devel-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt-debug-devel - Development package for building kernel modules to match the kernel

This package provides kernel headers and makefiles sufficient to build modules
against the kernel package.

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...

kernel-rt-modules-extra-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt-modules-extra - Extra kernel modules to match the kernel

This package provides less commonly used kernel modules for the kernel package.

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...

kernel-rt-64k-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt-64k - kernel meta-package for the rt-64k kernel

The meta-package for the rt-64k kernel

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...

kernel-rt-64k-debug-modules-extra-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt-64k-debug-modules-extra - Extra kernel modules to match the kernel

This package provides less commonly used kernel modules for the kernel package.

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...

kernel-rt-debug-core-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt-debug-core - The Linux kernel compiled with PREEMPT_RT enabled

This package includes a version of the Linux kernel compiled with PREEMPT_RT
(real-time preemption support) and has numerous debugging options enabled.
It should only be installed when trying to gather additional information
on kernel bugs, as some of these options impact performance noticably.

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...

kernel-rt-modules-core-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt-modules-core - Core kernel modules to match the core kernel

This package provides essential kernel modules for the core kernel package.

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...

kernel-rt-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt - kernel meta-package for the rt kernel

The meta-package for the rt kernel

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...

kernel-rt-64k-debug-modules-core-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt-64k-debug-modules-core - Core kernel modules to match the core kernel

This package provides essential kernel modules for the core kernel package.

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...

kernel-rt-debug-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt-debug - kernel meta-package for the rt-debug kernel

The meta-package for the rt-debug kernel

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...

kernel-rt-modules-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt-modules - kernel modules to match the core kernel

This package provides commonly used kernel modules for the core kernel package.

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...

kernel-rt-64k-debug-modules-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt-64k-debug-modules - kernel modules to match the core kernel

This package provides commonly used kernel modules for the core kernel package.

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...

kernel-rt-core-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt-core - The Linux kernel compiled with PREEMPT_RT enabled

This package includes a version of the Linux kernel compiled with PREEMPT_RT
(real-time preemption support).

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...

kernel-rt-devel-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt-devel - Development package for building kernel modules to match the kernel

This package provides kernel headers and makefiles sufficient to build modules
against the kernel package.

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...

kernel-rt-64k-debug-devel-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt-64k-debug-devel - Development package for building kernel modules to match the kernel

This package provides kernel headers and makefiles sufficient to build modules
against the kernel package.

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...

kernel-rt-64k-modules-extra-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt-64k-modules-extra - Extra kernel modules to match the kernel

This package provides less commonly used kernel modules for the kernel package.

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...

kernel-rt-debug-modules-extra-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt-debug-modules-extra - Extra kernel modules to match the kernel

This package provides less commonly used kernel modules for the kernel package.

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...

kernel-rt-64k-debug-core-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt-64k-debug-core - The Linux PREEMPT_RT kernel compiled with extra debugging enabled

The debug kernel package contains a variant of the ARM64 Linux PREEMPT_RT
kernel using a 64K page size.
This variant of the kernel has numerous debugging options enabled.
It should only be installed when trying to gather additional information
on kernel bugs, as some of these options impact performance noticably.

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...

kernel-rt-64k-modules-core-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt-64k-modules-core - Core kernel modules to match the core kernel

This package provides essential kernel modules for the core kernel package.

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...

kernel-rt-debug-modules-core-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt-debug-modules-core - Core kernel modules to match the core kernel

This package provides essential kernel modules for the core kernel package.

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...

kernel-rt-64k-debug-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt-64k-debug - kernel meta-package for the rt-64k-debug kernel

The meta-package for the rt-64k-debug kernel

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...

kernel-rt-64k-modules-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt-64k-modules - kernel modules to match the core kernel

This package provides commonly used kernel modules for the core kernel package.

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...

kernel-rt-debug-modules-5.14.0-611.55.1.el9_7.aarch64

Tue, 12 May 2026 04:16:35 PM GMT

kernel-rt-debug-modules - kernel modules to match the core kernel

This package provides commonly used kernel modules for the core kernel package.

Change Log:

Tue, 12 May 2026 GMT - Release Engineering <releng@rockylinux.org> - 5.14.0-611.55.1
- Replace sbat with Rocky Linux sbat (label)
- Change bug tracker URL (label)
- Ensure appended release in sbat is removed

Sat, 09 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.55.1.el9_7]
- xfrm: esp: avoid in-place decrypt on shared skb frags (Sabrina Dubroca) [RHEL-174561] {CVE-2026-43284}

Sat, 02 May 2026 GMT - CKI KWF Bot <cki-ci-bot+kwf-gitlab-com@redhat.com> [5.14.0-611.54.1.el9_7]
- crypto: algif_aead - snapshot IV for async AEAD requests (Vladislav Dronov) [RHEL-172201]
- crypto: algif_aead - Fix minimum RX size check for decryption (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - reject short ahash digests during instance creation (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Fix src offset when decrypting in-place (Vladislav Dronov) [RHEL-172201]
- crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: authencesn - reject too-short AAD (assoclen<8) to match ESP/ESN spec (Vladislav Dronov) [RHEL-172201] {CVE-2026-23060}
- crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl (Vladislav Dronov) [RHEL-172201]
- crypto: af_alg - limit RX SG extraction by receive buffer budget (Vladislav Dronov) [RHEL-172201] {CVE-2026-31677}
- crypto: algif_aead - Revert to operating out-of-place (Vladislav Dronov) [RHEL-172201] {CVE-2026-31431}
- crypto: af-alg - fix NULL pointer dereference in scatterwalk (Vladislav Dronov) [RHEL-172201]

...