diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/coreos-kernel-5.8.6.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/coreos-kernel-5.8.8.ebuild
similarity index 100%
rename from sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/coreos-kernel-5.8.6.ebuild
rename to sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-kernel/coreos-kernel-5.8.8.ebuild
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/coreos-modules-5.8.6.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/coreos-modules-5.8.8.ebuild
similarity index 100%
rename from sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/coreos-modules-5.8.6.ebuild
rename to sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-modules/coreos-modules-5.8.8.ebuild
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/Manifest b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/Manifest
index 46155a284e..9c95c28cfd 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/Manifest
+++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/Manifest
@@ -1,2 +1,2 @@
 DIST linux-5.8.tar.xz 114459324 BLAKE2B 7bd97f8fa4527840754434414c07283e89731dc8ebb1e95fa5bc1469a60af1122582c0d3b6e262e77882f023190068df3537bd8b65964b3caa820bb2c8e579c7 SHA512 45a53ecf351096ef6e98242cca4228b8da9b9139ecc6963695791ea6fb7a9484a4e1c19dcca7ce7cbfdfa49de0451b70973bb078f12bdae9cbaddbc3f8092556
-DIST patch-5.8.6.xz 331168 BLAKE2B 3ccb116b6c9def0ed261b63900c11f42a732be0280f9f39df04e5fc000f107f49374807c879abd4e1780693b3c6a96e60846a74dbc8256e2bc046fa7a9fe858d SHA512 88d4572a91c8adec1cbae72e46d97872285691e82416511487455e9fe45dbcf9cb35a55360fe1c429a8ebdee42b5ee892a45148f2624578ad9f2767571848168
+DIST patch-5.8.8.xz 388708 BLAKE2B 48c08d58c7707b750b72f946322389cffe1cdb6acd0dc6cda1218435ac2c3a6a5208809f6409f2c7ef17e83b15a7f73e633e174b2f975cbb4847e508d3c54d5b SHA512 daf14cdff3a101ef25bb701513b07752f399a92e0e61d839cbf2d85234f55ead50ee524eeeb85aa6f22044bcd0ecdbf877b96ac721c62c372a960909a5582fb7
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-5.8.6.ebuild b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-5.8.8.ebuild
similarity index 94%
rename from sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-5.8.6.ebuild
rename to sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-5.8.8.ebuild
index 4f12815aae..f550cab943 100644
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-5.8.6.ebuild
+++ b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-5.8.8.ebuild
@@ -35,5 +35,4 @@ UNIPATCH_LIST="
 	${PATCH_DIR}/z0001-kbuild-derive-relative-path-for-KBUILD_SRC-from-CURD.patch \
 	${PATCH_DIR}/z0002-tools-objtool-Makefile-Don-t-fail-on-fallthrough-wit.patch \
 	${PATCH_DIR}/z0003-net-netfilter-add-nf_conntrack_ipv4-compat-module-fo.patch \
-	${PATCH_DIR}/z0004-net_packet_fix_overflow_in_tpacket_rcv_patch.patch \
 "
diff --git a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.8/z0004-net_packet_fix_overflow_in_tpacket_rcv_patch.patch b/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.8/z0004-net_packet_fix_overflow_in_tpacket_rcv_patch.patch
deleted file mode 100644
index 4a7b2faa7b..0000000000
--- a/sdk_container/src/third_party/coreos-overlay/sys-kernel/coreos-sources/files/5.8/z0004-net_packet_fix_overflow_in_tpacket_rcv_patch.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-From 3ad04c9555b93ac6a374b0921ad41849caf22067 Mon Sep 17 00:00:00 2001
-From: Or Cohen <orcohen@paloaltonetworks.com>
-Date: Sun, 30 Aug 2020 20:04:51 +0300
-Subject: [PATCH] net/packet: fix overflow in tpacket_rcv
-
-Using tp_reserve to calculate netoff can overflow as
-tp_reserve is unsigned int and netoff is unsigned short.
-
-This may lead to macoff receving a smaller value then
-sizeof(struct virtio_net_hdr), and if po->has_vnet_hdr
-is set, an out-of-bounds write will occur when
-calling virtio_net_hdr_from_skb.
-
-The bug is fixed by converting netoff to unsigned int
-and checking if it exceeds USHRT_MAX.
-
-Fixes: 8913336a7e8d ("packet: add PACKET_RESERVE sockopt")
-Signed-off-by: Or Cohen <orcohen@paloaltonetworks.com>
----
- net/packet/af_packet.c | 7 ++++++-
- 1 file changed, 6 insertions(+), 1 deletion(-)
-
-diff --git a/net/packet/af_packet.c b/net/packet/af_packet.c
-index 29bd405adbbd..d37435906859 100644
---- a/net/packet/af_packet.c
-+++ b/net/packet/af_packet.c
-@@ -2168,7 +2168,8 @@ static int tpacket_rcv(struct sk_buff *skb, struct net_device *dev,
- 	int skb_len = skb->len;
- 	unsigned int snaplen, res;
- 	unsigned long status = TP_STATUS_USER;
--	unsigned short macoff, netoff, hdrlen;
-+	unsigned short macoff, hdrlen;
-+	unsigned int netoff;
- 	struct sk_buff *copy_skb = NULL;
- 	struct timespec64 ts;
- 	__u32 ts_status;
-@@ -2237,6 +2238,10 @@ static int tpacket_rcv(struct sk_buff *skb, struct net_device *dev,
- 		}
- 		macoff = netoff - maclen;
- 	}
-+	if (netoff > USHRT_MAX) {
-+		atomic_inc(&po->tp_drops);
-+		goto drop_n_restore;
-+	}
- 	if (po->tp_version <= TPACKET_V2) {
- 		if (macoff + snaplen > po->rx_ring.frame_size) {
- 			if (po->copy_thresh &&
--- 
-2.17.1
-