[4.18.0-348.23.1.el8_5.OL8] - Update Oracle Linux certificates - Disable signing for aarch64 - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with shim-ia32 and shim-x64 lt;= 15-11.0.5.el8 [4.18.0-348.23.1.el8_5] - gfs2: dequeue iopen holder in gfs2_inode_lookup error [2069750 2061665] [4.18.0-348.22.1.el8_5] - scsi: lpfc: Fix non-recovery of remote ports following an unsolicited LOGO [2058193 2027558] - cifs: check all path components in resolved dfs target [2056329 2030880] - RDMA/cma: Do not change route.addr.src_addr.ss_family [2032073 2032074] {CVE-2021-4028} [4.18.0-348.21.1.el8_5] - netfilter: nf_queue: handle socket prefetch [2061446 2009786] - netfilter: nf_queue: fix possible use-after-free [2061446 2009786] - selftests: netfilter: add nfqueue TCP_NEW_SYN_RECV socket race test [2061446 2009786] - netfilter: nf_queue: don"t assume sk is full socket [2061446 2009786] - netfilter: nf_tables_offload: incorrect flow offload action array size [2056867 2056728] {CVE-2022-25636} - netfilter: nftables_offload: KASAN slab-out-of-bounds Read in nft_flow_rule_create [2056867 2056728] {CVE-2022-25636}