(RHSA-2018:1216) Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: Use-after-free vulnerability in DCCP socket (CVE-2017-8824, Important)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Red Hat would like to thank Mohamed Ghannam for reporting this issue.

Bug Fix(es):

• Previously, the XFS code included a circular dependency between the xfs-log and the xfs-cil workqueues. Consequently, an XFS deadlock occurred in some cases. This update adds a new workqueue dedicated to the log covering background task to avoid the deadlock. (BZ#1543303)

• The kernel build requirements have been updated to the GNU Compiler Collection (GCC) compiler version that has the support for Retpolines. The Retpolines mechanism is a software construct that leverages specific knowledge of the underlying hardware to mitigate the branch target injection, also known as Spectre variant 2 vulnerability described in CVE-2017-5715. (BZ#1553181)