(RHSA-2022:4829) Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: buffer overflow in IPsec ESP transformation code (CVE-2022-27666)

• kernel: security regression for CVE-2018-13405 (CVE-2021-4037)

• kernel: new DNS Cache Poisoning Attack based on ICMP fragment needed packets replies (CVE-2021-20322)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• kernel: Add support for CPU-MF counter second version 7 (BZ#2050686)

• BNXT driver logging added latency tc-hw-offload (BZ#2059860)

• RHEL 8 not disabling the qla2x00_timer() when the system is rebooted. (BZ#2066347)

• spec: Fix separate tools build (BZ#2074075)

• VirtIO Throughput for VM on host with OVS HW-Offload is very low (BZ#2074222)

• kernel BUG at fs/ext4/mballoc.c:3245! (BZ#2074241)

• sctp connection abort unexpected. (BZ#2075131)

• [GSS]OCP node kernel crash due to ceph_fsync - unsafe_request_wait+0x143 (BZ#2080072)

• TCP doesn’t retransmit if in reorder state and waits for RTO (BZ#2080973)

• kernel paging space issue (BZ#2080990)

• Important ice bug fixes (BZ#2081795)

Enhancement(s):

• Bring UV subsystem up to date with upstream kernel 5.12 (BZ#2058190)

• update qla2xxx driver to latest upstream (BZ#2060427)

• Update ice and iavf drivers to upstream v5.17 (BZ#2070546)