kernel security and bug fix update


An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak (CVE-2022-1012) * kernel: a use-after-free write in the netfilter subsystem can lead to privilege escalation to root (CVE-2022-32250) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * Softirq hrtimers are being placed on the per-CPU softirq clocks on isolcpu’s. (BZ#2090484) * enable/disable multiqueues repeatedly while ping local host, guest kernel panic (BZ#2093416) * Backport kernel audit enhancements and fixes from v5.13-rc1 to v5.16-rc6 (BZ#2095434) * blk_update_request: I/O error, dev nvme0n3, during xfs creation (BZ#2100150) * SCSI updates for Rocky Linux 8.7 (BZ#2100254) * Kernel bug on mm/slub.c:314 (BZ#2102251) * Implement new tc action for check_pkt_len (BZ#2102333) * too long timeout value with TIME_WAIT status of conntrack entry (BZ#2104002) * Connectx6-DX, mlx5 , backport 087032ee7021 ("net/mlx5e: TC, Fix ct_clear overwriting ct action metadata") (BZ#2104012) * mlx5: Software steering memory allocation failure, netperf TCP_CRR with ct(). (BZ#2104013) * tcp: request_sock leak in Calico OCP (BZ#2104670)

Affected Package

OS OS Version Package Name Package Version
rocky 8.0 rocky linux Rocky Linux -Rocky Linux