(RHSA-2023:0334) Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: watch queue race condition can lead to privilege escalation (CVE-2022-2959)

• kernel: memory corruption in AX88179_178A based USB ethernet device. (CVE-2022-2964)

• kernel: i915: Incorrect GPU TLB flush can lead to random memory access (CVE-2022-4139)

• kernel: nfsd buffer overflow by RPC message over TCP with garbage data (CVE-2022-43945)

• kernel: i2c: unbounded length leads to buffer overflow in ismt_access() (CVE-2022-3077)

• kernel: Unprivileged users may use PTRACE_SEIZE to set PTRACE_O_SUSPEND_SECCOMP option (CVE-2022-30594)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• Intel 9.2: Important iavf bug fixes (BZ#2127884)

• vfio zero page mappings fail after 2M instances (BZ#2128514)

• nvme-tcp automatic reconnect fails intermittently during EMC powerstore NDU operation (BZ#2131359)

• ice: Driver Update to 5.19 (BZ#2132070)

• WARNING: CPU: 116 PID: 3440 at arch/x86/mm/extable.c:105 ex_handler_fprestore+0x3f/0x50 (BZ#2134588)

• drm: duplicated call of drm_privacy_screen_register_notifier() in drm_connector_register() (BZ#2134619)

• updating the appid field through sysfs is returning an -EINVAL error (BZ#2136914)

• DELL EMC: System is not booting into RT Kernel with perc12. (BZ#2139213)

• No signal showed in the VGA monitor when installing RHEL9 in the legacy bios mode (BZ#2140153)

• Practically limit “Dummy wait” workaround to old Intel systems (BZ#2142168)

• ppc64le: unexpected oom panic when there’s enough memory left in zswap test (BZ#2143976)

• fatal error: error in backend: Branch target out of insn range (BZ#2144902)

• AMdCLIENT: The kernel command line parameter “nomodeset” not working properly (BZ#2145217)

• Azure: PCI: hv: Do not set PCI_COMMAND_MEMORY to reduce VM boot time (BZ#2150910)

• Azure z-stream: Sometimes newly deployed VMs are not getting accelerated network during provisioning (BZ#2151605)

• DELL 9.0 RT - On PE R760 system, call traces are observed dmesg when system is running stress (BZ#2154407)