The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails (CVE-2023-3609)
kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route (CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208)
kernel: netfilter: potential slab-out-of-bound access due to integer underflow (CVE-2023-42753)
hw: Intel: Gather Data Sampling (GDS) side channel vulnerability (CVE-2022-40982)
kernel: use-after-free due to race condition occurring in dvb_register_device() (CVE-2022-45884)
kernel: use-after-free due to race condition occurring in dvb_net.c (CVE-2022-45886)
kernel: use-after-free due to race condition occurring in dvb_ca_en50221.c (CVE-2022-45919)
kernel: Race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode BUG in include/linux/swapops.h (CVE-2023-4732)
kernel: fbcon: out-of-sync arrays in fbcon_mode_deleted due to wrong con2fb_map assignment (CVE-2023-38409)
kernel: use-after-free in smb2_is_status_io_timeout() (CVE-2023-1192)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
Intel 8.8 BUG SPR IOMMU: QAT Device Address Translation Issue with Invalidation Completion Ordering (BZ#2221097)
RHEL 8.9: intel_pstate may provide incorrect scaling values for hybrid capable systems with E-cores disabled (BZ#2223403)
Bring MD code inline with upstream (BZ#2235655)
NAT sport clash in OCP causing 1 second TCP connection establishment delay. (BZ#2236514)
ibmvnic: NONFATAL reset causes dql BUG_ON crash (BZ#2236701)
PVT:1050:NXGZIP: LPM of RHEL client lpar got failed with error HSCLA2CF in 19th loops (BZ#2236703)
xfs: mount fails when device file name is long (BZ#2236813)
NFSv4.0 client hangs when server reboot while client had outstanding lock request to the server (BZ#2237840)
i40e: backport selected bugfixes (BZ#2238305)
Updates for NFS/NFSD/SUNRPC for RHEL 8.9 (BZ#2238394)
SCSI updates for RHEL 8.9 (BZ#2238770)
kernel: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:35 at: sock_map_update_elem_sys+0x85/0x2a0 (BZ#2239475)
Random delay receiving packets after bringing up VLAN on top of VF with vf-vlan-pruning enabled (BZ#2240751)
RHEL-8.9 RDMA/restrack: Release MR restrack when delete (BZ#2244423)
Enhancement(s):
Intel 8.9 FEAT EMR power: Add EMR CPU support to intel_rapl driver (BZ#2230146)
Intel 8.9 FEAT EMR tools: Add EMR CPU support to turbostat (BZ#2230154)
Intel 8.9 FEAT EMR power: Add EMR support to the intel_idle driver (BZ#2230155)
Intel 8.9 FEAT EMR RAS: Add EDAC support for EMR (BZ#2230161)
Intel 8.9 FEAT general: intel-speed-select (ISST): Update to latest release (BZ#2230163)
Intel 8.9 FEAT cpufreq: intel_pstate: Enable HWP IO boost for all servers (BZ#2232123)