(RHSA-2020:2289) Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: double free may be caused by the function allocate_trace_buffer in the file kernel/trace/trace.c (CVE-2017-18595)

• kernel: Heap overflow in mwifiex_update_bss_desc_with_ie function in marvell/mwifiex/scan.c (CVE-2019-3846)

• kernel: Heap overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c (CVE-2019-10126)

• kernel: use-after-free in __blk_add_trace in kernel/trace/blktrace.c (CVE-2019-19768)

• Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic (CVE-2020-10711)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• Observed a memory leak while using dm-multipath (BZ#1812935)

• Backport: Guest microcode version mismatch on secondary processors (BZ#1814001)

• dm-multipath high load backport incorrect (BZ#1814533)

• ixgbe reports “Detected Tx Unit Hang” with adapter reset on RHEL 7 (BZ#1816990)

• RHEL7: block mq hang of a blk_mq_freeze_queue_wait(), which waits for a zero of a q_usage_counter, which never happens (BZ#1824543)