(RHSA-2023:3388) Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: use-after-free caused by l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c (CVE-2022-3564)

• kernel: stack overflow in do_proc_dointvec and proc_skip_spaces (CVE-2022-4378)

• kernel: unmap_mapping_range() race with munmap() on VM_PFNMAP mappings leads to stale TLB entry (CVE-2022-39188)

• kernel: use-after-free related to leaf anon_vma double reuse (CVE-2022-42703)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• An application stopped on robust futex used via pthread_mutex_lock() (BZ#2170055)

• dm crypt: backport flags to optionally bypass kcryptd workqueues (BZ#2175202)

• The qede driver changes rx-usecs: to 256 causing performance impact (BZ#2176106)

• Intel QAT Update - (kernel changes) (BZ#2176852)

• Concurrent NVMe scans cause panic with native multipath (BZ#2178244)

• CNB: Update TC subsystem to upstream v5.18 (BZ#2179432)

• Server crashed in cifs_reconnect -> dfs_cache_free_tgts (BZ#2182082)

• WARNING: possible circular locking dependency detected cpu_partial_store+0x44/0x80 (BZ#2184771)

• “smpboot: Scheduler frequency invariance went wobbly, disabling!” on nohz_full CPUs after long run (BZ#2188069)

• kernel-rt: task deadline_test:2526 blocked for more than 600 seconds. (BZ#2188625)

• gfs2: file corruption in large data files (BZ#2188687)

Enhancement(s):

• Add support for no HWP mode into intel_pstate for Sapphire Rapids (SPR) (BZ#2178644)