(RHSA-2019:3967) Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: Memory corruption due to incorrect socket cloning (CVE-2018-9568)

• kernel: MIDI driver race condition leads to a double-free (CVE-2018-10902)

• kernel: Use-after-free due to race condition in AF_PACKET implementation (CVE-2018-18559)

• Kernel: vhost_net: infinite loop while receiving packets leads to DoS (CVE-2019-3900)

• Kernel: page cache side channel attacks (CVE-2019-5489)

• Kernel: KVM: potential use-after-free via kvm_ioctl_create_device() (CVE-2019-6974)

• Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the preemption timer (CVE-2019-7221)

• kernel: Inifinite loop vulnerability in mm/madvise.c:madvise_willneed() function allows local denial of service (CVE-2017-18208)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• A cluster node has multiple hung “mv” processes that are accessing a gfs2 filesystem. (BZ#1716321)

• Growing unreclaimable slab memory (BZ#1741918)

• [LLNL 7.5 Bug] slab leak causing a crash when using kmem control group (BZ#1748236)

• kernel build: parallelize redhat/mod-sign.sh (BZ#1755328)

• kernel build: speed up module compression step (BZ#1755337)