(RHSA-2020:0664) Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: Use-after-free in __blk_drain_queue() function in block/blk-core.c (CVE-2018-20856)

• kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver (CVE-2019-14816)

• kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c (CVE-2019-14895)

• kernel: buffer overflow in cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c (CVE-2019-17133)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• [PATCH] perf: Fix a race between ring_buffer_detach() and ring_buffer_wakeup() (BZ#1772826)

• core: backports from upstream (BZ#1780031)

• Race between tty_open() and flush_to_ldisc() using the tty_struct->driver_data field. (BZ#1780160)

• [Hyper-V][RHEL7.6]Hyper-V guest waiting indefinitely for RCU callback when removing a mem cgroup (BZ#1783176)

Enhancement(s):

• Selective backport: perf: Sync with upstream v4.16 (BZ#1782752)