6 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:P/I:P/A:P
0.003 Low
EPSS
Percentile
65.5%
The kernel packages contain the Linux kernel, the core of any Linux
operating system.
Red Hat would like to thank Fujitsu for reporting this issue.
This update also fixes the following bugs:
A previous fix to the kernel did not contain a memory barrier in the
percpu_up_write() function. Consequently, under certain circumstances, a race
condition could occur, leading to memory corruption and a subsequent kernel
panic. This update introduces a new memory barrier pair, light_mb() and
heavy_mb(), for per-CPU basis read and write semaphores (percpu-rw-semaphores)
ensuring that the race condition can no longer occur. In addition, the read path
performance of “percpu-rw-semaphores” has been improved. (BZ#884735)
Due to several related bugs in the be2net driver, the driver did not handle
firmware manipulation of the network cards using the Emulex XE201 I/O controller
properly. As a consequence, these NICs could not recover from an error
successfully. A series of patches has been applied that fix the initialization
sequence, and firmware download and activation for the XE201 controller. Error
recovery now works as expected for the be2net NICs using the Emulex XE201 I/O
controller. (BZ#1019892)
A bug in the be2net driver could cause packet corruption when handling
VLAN-tagged packets with no assigned VLAN group. This happened because the
be2net driver called a function responsible for VLAN tag reinsertion in a wrong
order in the code. The code has been restructured and the be2net driver now
calls the __vlan_put_tag() function correctly, thus avoiding the packet
corruption. (BZ#1019893)
A previous patch to the kernel introduced the “VLAN tag re-insertion”
workaround to resolve a problem with incorrectly handled VLAN-tagged packets
with no assigned VLAN group while the be2net driver was in promiscuous mode.
However, this solution led to packet corruption and a subsequent kernel oops if
such a processed packet was a GRO packet. Therefore, a patch has been applied to
restrict VLAN tag re-insertion only to non-GRO packets. The be2net driver now
processes VLAN-tagged packets with no assigned VLAN group correctly in this
situation. (BZ#1023347)
All kernel users are advised to upgrade to these updated packages, which
contain backported patches to correct these issues. The system must be
rebooted for this update to take effect.