(RHSA-2021:1272) Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: Use after free via PI futex state (CVE-2021-3347)

• kernel: out-of-bounds read in libiscsi module (CVE-2021-27364)

• kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)

• kernel: iscsi: unrestricted access to sessions and handles (CVE-2021-27363)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• System Crash / Core dump while deleting VMs (BZ#1897687)

• various patches to stabilize the OPAL error log processing and the powernv dump processing (ESS) (BZ#1907302)

• Unable to receive the signal registered using mq_notify(). (BZ#1926111)

• SCTP “Address already in use” when no active endpoints from RHEL 8.2 onwards (BZ#1927522)

• enable CONFIG_RANDOM_TRUST_CPU (BZ#1928027)

• [mm] mm, oom: remove oom_lock from oom_reaper (BZ#1929739)

• Configuring the system with non-RT kernel will hang the system (BZ#1930737)

• fNIC driver needs a patch fix that addresses crash (BZ#1932460)

• OVS mistakenly using local IP as tun_dst for VXLAN packets (?) (BZ#1944670)

Enhancement(s):

• mlx5: Hairpin Support in Switch Mode (BZ#1924690)

• Trace mode enablement in IMC to facilitate perf-kvm support (perf:) (BZ#1929696)

• ice: Enable Flow Director Support (BZ#1930780)