bpftool, kernel, perf, python security update

CentOS Errata and Security Advisory CESA-2021:2314

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: Integer overflow in Intel® Graphics Drivers (CVE-2020-12362)

• kernel: Use after free via PI futex state (CVE-2021-3347)

• kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c (CVE-2020-8648)

• kernel: Improper input validation in some Intel® Graphics Drivers (CVE-2020-12363)

• kernel: Null pointer dereference in some Intel® Graphics Drivers (CVE-2020-12364)

• kernel: Speculation on pointer arithmetic against bpf_context pointer (CVE-2020-27170)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• kernel crash when call the timer function (sctp_generate_proto_unreach_event) of sctp module (BZ#1707184)

• SCSI error handling process on HP P440ar controller gets stuck indefinitely in device reset operation (BZ#1830268)

• netfilter: reproducible deadlock on nft_log module autoload (BZ#1858329)

• netfilter: NULL pointer dereference in nf_tables_set_lookup() (BZ#1873171)

• [DELL EMC 7.9 Bug]: No acpi_pad threads on top command for “power cap policy equal to 0 watts” (BZ#1883174)

• A race between i40e_ndo_set_vf_mac() and i40e_vsi_clear() in the i40e driver causes a use after free condition of the kmalloc-4096 slab cache. (BZ#1886003)

• netxen driver performs poorly with RT kernel (BZ#1894274)

• gendisk->disk_part_tbl->last_lookup retains pointer after partition deletion (BZ#1898596)

• Kernel experiences panic in update_group_power() due to division error even with Bug 1701115 fix (BZ#1910763)

• RHEL7.9 - zfcp: fix handling of FCP_RESID_OVER bit in fcp ingress path (BZ#1917839)

• RHEL7.9 - mm/THP: do not access vma->vm_mm after calling handle_userfault (BZ#1917840)

• raid: wrong raid io account (BZ#1927106)

• qla2x00_status_cont_entry() missing upstream patch that prevents unnecessary ABRT/warnings (BZ#1933784)

• RHEL 7.9.z - System hang caused by workqueue stall in qla2xxx driver (BZ#1937945)

• selinux: setsebool can trigger a deadlock (BZ#1939091)

• [Hyper-V][RHEL-7] Cannot boot kernel 3.10.0-1160.21.1.el7.x86_64 on Hyper-V (BZ#1941841)

Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2021-June/086128.html

Affected packages:
bpftool
kernel
kernel-abi-whitelists
kernel-debug
kernel-debug-devel
kernel-devel
kernel-doc
kernel-headers
kernel-tools
kernel-tools-libs
kernel-tools-libs-devel
perf
python-perf

Upstream details at:
https://access.redhat.com/errata/RHSA-2021:2314