(RHSA-2021:0003) Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: Local buffer overflow in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c (CVE-2020-25211)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• avoid flush_backlog IPI for isolated CPUs by configuring RPS cpumask (BZ#1883314)

• rngd consumes 100% cpu on rhel-8.3 system in fips mode (BZ#1886192)

• RHEL8.1 - Random memory corruption may occur due to incorrect tlbflush (BZ#1899208)

• fips mode boot is broken after adding extrng (BZ#1899584)

• pmtu of 1280 for vxlan as bridge port won’t work (BZ#1902082)

• rpc task loop with kworker spinning at 100% CPU for 10 minutes when umount an NFS 4.x share with sec=krb5 triggered by unmount of the NFS share (BZ#1907667)