(RHSA-2022:8973) Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: KVM: cmpxchg_gpte can write to pfns outside the userspace region (CVE-2022-1158)

• kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size() (CVE-2022-2639)

• kernel: watch queue race condition can lead to privilege escalation (CVE-2022-2959)

• kernel: nfsd buffer overflow by RPC message over TCP with garbage data (CVE-2022-43945)

• hw: cpu: incomplete clean-up of multi-core shared buffers (aka SBDR) (CVE-2022-21123)

• hw: cpu: incomplete clean-up of microarchitectural fill buffers (aka SBDS) (CVE-2022-21125)

• hw: cpu: incomplete clean-up in specific special register write operations (aka DRPW) (CVE-2022-21166)

• hw: cpu: AMD: RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-23816, CVE-2022-29900)

• hw: cpu: AMD: Branch Type Confusion (non-retbleed) (CVE-2022-23825)

• hw: cpu: Intel: Post-barrier Return Stack Buffer Predictions (CVE-2022-26373)

• hw: cpu: Intel: RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-29901)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• sched/pelt: Fix attach_entity_load_avg() corner case (BZ#2105360)

• RHEL9[fleetwood][P9]:kdump fails to capture vmcore when crash is triggered while running forkoff. (BZ#2109144)

• ISST-LTE:[P10 Everest] [5.14.0-70.9.1.el9_0.ppc64le] HPT:RHEL9.0:ecolp95: lpar crashed at __list_del_entry_valid+0x90/0x100 and LPM failed (BZ#2112823)

• [rhel9] livepatch panic: RIP: 0010:0xffffffffc0e070c4 seq_read_iter+0x124/0x4b0 (BZ#2122625)

• System crashes due to list_add double add at iwl_mvm_mac_wake_tx_queue+0x71 (BZ#2123315)

• [Dell EMC 9.0 BUG] Any process performing I/O doesn’t fail on degraded LVM RAID and IO process hangs (BZ#2126215)

• [HPEMC RHEL 9.0 REGRESSION] net, e810, ice: not enough device MSI-X vectors (BZ#2126491)

• RHEL9.0 - zfcp: fix missing auto port scan and thus missing target ports (BZ#2127874)

• Enable check-kabi (BZ#2132372)

• Add symbols to stablelist (BZ#2132373)

• Update RHEL9.1 kabi tooling (BZ#2132380)

• kABI: Prepare the MM subsystem for kABI lockdown (BZ#2133464)

• [Dell Storage 9.1 BUG] NVME command hang during storage array node reboot (BZ#2133553)

• WARNING: CPU: 116 PID: 3440 at arch/x86/mm/extable.c:105 ex_handler_fprestore+0x3f/0x50 (BZ#2134589)

• crypto/testmgr.c should not list dh, ecdh-nist-p256, ecdh-nist-p384 as .fips_allowed = 1 (BZ#2136523)

• FIPS self-tests for RSA pkcs7 signature verification (BZ#2136552)

• [ovs-tc] Bad length in dpctl/dump-flows (BZ#2137354)

• [RHEL9] s_pf0vf2: hw csum failure for mlx5 (BZ#2137355)

• kernel memory leak while freeing nested actions (BZ#2137356)

• ovs: backports from upstream (BZ#2137358)

• kernel should conform to FIPS-140-3 requirements (both parts) (BZ#2139095)

• [DELL EMC 9.0-RT BUG] System is not booting into RT Kernel with perc12. (BZ#2139214)

• Fix panic in nbd/004 test (BZ#2139535)

• Nested KVM is not working on RHEL 8.6 with hardware error 0x7 (BZ#2140141)

• [RHEL9] Practically limit “Dummy wait” workaround to old Intel systems (BZ#2142169)