(RHSA-2021:3801) Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks (CVE-2021-22543)

• kernel: powerpc: KVM guest OS users can cause host OS memory corruption (CVE-2021-37576)

• kernel: SVM nested virtualization issue in KVM (AVIC support) (CVE-2021-3653)

• kernel: SVM nested virtualization issue in KVM (VMLOAD/VMSAVE) (CVE-2021-3656)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• Kernel panic due to double fault with DLM reporting for socket error “sk_err=32/0” (BZ#1834878)

• “MFW indication via attention” message getting logged frequently after every 5 minutes (BZ#1854544)

• lpfc fails to discovery in pt2pt with “2754 PRLI failure DID:0000EF Status:x9/x91e00, data: x0” (BZ#1922479)

• pcpu_get_vm_areas using most memory from VmallocUsed (BZ#1970618)

• RHEL 7.9.z [qedf driver] Racing condition between qedf_cleanup_fcport and releasing command after timeout (BZ#1982702)

• [Azure] RHEL 7.9 reports GPU/IB topology incorrectly on some Azure SKUs (BZ#1984128)

• [stable guest ABI]Hot add CPU after migration cause guest hang (BZ#1991856)

• i40e driver crash at RIP: i40e_config_vf_promiscuous_mode+0x165 (BZ#1993850)

• [nfs] Performance issue since commit 5a4f6f11951e (BZ#1995649)

• [kernel] Indefinite waiting for RCU callback while removing cgroup (BZ#2000973)