(RHSA-2020:2429) Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• Kernel: NetLabel: null pointer dereference while receiving CIPSO packet with null category may cause kernel panic (CVE-2020-10711)

• Kernel: s390: page table upgrade in secondary address mode may lead to privilege escalation (CVE-2020-11884)

• kernel: use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body (CVE-2020-12657)

• kernel: powerpc: incomplete Spectre-RSB mitigation leads to information exposure (CVE-2019-18660)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• kernel: hw: provide reporting and microcode mitigation toggle for CVE-2020-0543 / Special Register Buffer Data Sampling (SRBDS) (BZ#1840684)

• missing version.h dependency for modpost may cause build to fail (BZ#1828227)

• efi: kernel panic during ltp fs test - read_all -d /sys -q -r 10 (BZ#1829525)