(RHSA-2020:1984) Moderate: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: powerpc: incomplete Spectre-RSB mitigation leads to information exposure (CVE-2019-18660)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• [Stratus 7.6 Bug] Deadlock on hcd->bandwidth_mutex when usb controller fails during initialization (BZ#1764528)

• RHEL7.7 Snapshot5 - retry when cpu offline races with migration (BZ#1766094)

• Slow console output with ast (Aspeed) graphics driver (BZ#1780147)

• RHEL7.7 - qeth: add safeguards to RX data path (BZ#1792248)

• ‘soft lockup’ events during unmount of container file system due to bloated dentry cache / memory cgroup slab cache reclaim not available in RHEL7 (BZ#1796358)

• [GSS] Can’t access the mount point due to possible blocking of i/o on rbd (BZ#1796435)

• [xfstests]: copy_file_range cause corruption on rhel-7 (BZ#1797967)

• kernel: UAF in cdev_put() when a PTP device is removed while its chardev is open (BZ#1798395)

• [HPE 7.8 Bug] RHEL7.8 kernel may ignore NMI from ilo (BZ#1798397)

• [HPEMC RHEL 7.7 RHEL 7.8 REGRESSION] kernel not populating numa_nod in /sys/devices… for PMEM (BZ#1801697)

• Unable to exclude files from auditing (BZ#1806429)

• DNAT’d packet is not unmangled upon reply on openshift node (BZ#1806446)

• port show-kabi to python3 (BZ#1806929)

• top shows super high loads when tuned profile realtime-virtual-host is applied (BZ#1808029)

• Backport CIFS stale ESTALE handling and dentry revalidation patches (BZ#1811053)

• Observed a memory leak while using dm-multipath (BZ#1812936)

• dm-multipath high load backport incorrect (BZ#1814536)