(RHSA-2023:4377) Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: ipvlan: out-of-bounds write caused by unclear skb->cb (CVE-2023-3090)

• kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt() (CVE-2023-35788)

• kernel: KVM: x86/mmu: race condition in direct_page_fault() (CVE-2022-45869)

• kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c (CVE-2023-0458)

• kernel: Spectre v2 SMT mitigations problem (CVE-2023-1998)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• HPEMC RHEL 9 BUG: acpi-cpufreq: Skip initializtion if a cpufreq driver exists (BZ#2186562)

• RHEL 9.3: Update locking code to upstream 6.1 and further fixes (BZ#2187507)

• Getting “kernel: RIP: 0010:nvme_setup_discard+0x172/0x1e0 [nvme_core]” when I/O and DISCARD commands are sent to the file system on NVMe/TCP multipath device (BZ#2192632)

• RHEL 9.2 OS cannot boot successfully when enabling VMD in UEFI setup (BZ#2196230)

• Intel E810 card unable to create a MACVLAN on interface already configured as SRIOV (BZ#2209284)

• Trouble getting callstacks when signal has interrupted clock_gettime (BZ#2210074)

• DELL 9.3 BUG: HDMI/DP audio output device lost on some new wn21 series graphic card(Discrete mode). (BZ#2211656)

• DELL RHEL 9.2 BUG: Observed device_dax related probe errors in dmesg when HBM CPU is set to flat mode and creating duplicate device_dax ids and hence probe is failing (BZ#2212386)

• ice: The response of the “ubxtool -p <PRESET>” command may not correspond to the command: (BZ#2213186)

• Update lpfc 14.2.0.12 for RHEL 9.3 Inbox with three bug fixes from 14.2.0.13 (BZ#2213616)

• avoid unnecessary page fault retires on shared memory types (BZ#2213894)

• jitter: Fix RCT/APT health test during initialization (BZ#2215080)

• coretemp driver causes RDMSR interruption on isolated CPU (BZ#2215552)

• rbd: avoid fast-diff corruption in snapshot-based mirroring (BZ#2216569)

• Hyper-V RHEL-9: Fix VM crash/hang Issues due to fast VF add/remove events (BZ#2217066)

• OVS ERSPAN2: ip6erspan incorrect erspan version in GRE header (BZ#2217493)

• kernel-rt: system hung during stress-ng (BZ#2217939)

• kvm/sriov: high latency after soft reboot (BZ#2218871)

• CPU slushiness observed with lots of kworkers being created on host when more than 2 vm spawned in single shot (BZ#2218935)

• Wrong hwlat CPU affinity when started from a container. (BZ#2221157)

• cifs: check the lease context if we actually got a lease (BZ#2221159)

Enhancement(s):

• Intel 9.3 FEAT SPR power: Intel SST SNC4 support (BZ#2185605)

• Dell 9.3 Feat dell-wmi-privacy: The microphone still have function when press F4 Microphone Mute hotkey on Orchid Bay MLK (BZ#2209808)

• RFE: Support for a ‘source-load-balancing’ bonding mode (BZ#2221169)