(RHSA-2022:8685) Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• KVM: cmpxchg_gpte can write to pfns outside the userspace region (CVE-2022-1158)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• E810-XXV - Multicast packets are not received by all VFs on the same port even though they have the same VLAN (BZ#2117027)

• kernel BUG at kernel/sched/deadline.c:1561! [rhel-8.4.0] (BZ#2125673)

• zfcp: fix missing auto port scan and thus missing target ports (BZ#2127851)

• memory leak in vxlan_xmit_one (BZ#2131256)

• nf_conntrack causing nfs to stall (BZ#2134090)

• s390x: bpftrace Could not read symbols from /sys/kernel/debug/tracing/available_filter_functions: No such device (BZ#2134809)

• Intel E810 PTP clock glitching (BZ#2136038)

• configure link-down-on-close on and change interface mtu to 9000,the interface can’t up (BZ#2136218)

• dump additional CSRs for Tx hang debugging (BZ#2136515)

• system panic during sriov sriov_test_cntvf_reboot testing (BZ#2137272)

• arp replies not making it to switch (BZ#2137521)

• WARNING: CPU: 0 PID: 9637 at kernel/time/hrtimer.c:1309 hrtimer_start_range_ns+0x35d/0x400 (BZ#2138956)

• Cannot trigger kernel dump using NMI on SNO node running PAO and RT kernel (BZ#2139582)