AlmaLinux 2325 Published by

A kernel security, bug fix, and enhancement update has been released for AlmaLinux 8.



ALSA-2022:7110 Important: kernel security, bug fix, and enhancement update


Type:
security

Severity:
important

Release date:
2022-10-27

Description
Security Fix(es):
* A use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)
* Information leak in scsi_ioctl() (CVE-2022-0494)
* A kernel-info-leak issue in pfkey_register (CVE-2022-1353)
* RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-23816, CVE-2022-29900)
* Branch Type Confusion (non-retbleed) (CVE-2022-23825)
* RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-29901)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Add s390_iommu_aperture kernel parameter (BZ#2081324)
* Blackscreen and hangup after resume from hibernate or S3 with DFGX WX3200 (BZ#2091065)
* Update NVME subsystem with bug fixes and minor changes (BZ#2106017)
* Fix parsing of nw_proto for IPv6 fragments (BZ#2106703)
* "vmcore failed, _exitcode:139" error observed while capturing vmcore during fadump after memory remove. incomplete vmcore is captured. (BZ#2107488)
* 'disable_policy' is ignored for addresses configured on a down interface (BZ#2109971)
* Backport request for new cpufreq.default_governor kernel command line parameter (BZ#2109996)
* Panics in mpt3sas mpt3sas_halt_firmware() if mpt3sas_fwfault_debug=1 enabled when poweroff issued to server (BZ#2111140)
* IOMMU/DMA update for 8.7 (BZ#2111692)
* Update Broadcom Emulex lpfc driver for AlmaLinux8.7 with bug fixes (14.0.0.13) (BZ#2112103)
* Incorrect Socket(s) & "Core(s) per socket" reported by lscpu command. (BZ#2112820)
* Panic in ch_release() due to NULL ch->device pointer, backport upstream fix (BZ#2115965)
* pyverbs-tests fail over qede IW HCAs on "test_query_rc_qp" (tests.test_qp.QPTest) (BZ#2119122)
* qedi shutdown handler hangs upon reboot (BZ#2119847)
* cache link_info for ethtool (BZ#2120197)
* Important iavf bug fixes (BZ#2120225)
* Hibernate crash with Aquantia 2.5/5 Gb LAN card (BZ#2124966)
* While using PTimekeeper the qede driver produces excessive log messages (BZ#2125477)
* general protection fault handling rpc_xprt.timer (BZ#2126184)
* Not enough device MSI-X vectors (BZ#2126482)
* Atlantic driver panic on wakeup after hybernate (BZ#2127845)
* Memory leak in vxlan_xmit_one (BZ#2131255)
* Missing hybernate/resume fixes (BZ#2131936)
Enhancement(s):
* Update smartpqi driver to latest upstream Second Set of Patches (BZ#2112354)
* qed/qede/qedr - driver updates to latest upstream (BZ#2120611)
* Update qedi driver to latest upstream (BZ#2120612)
* Update qedf driver to latest upstream (BZ#2120613)
* Include the support for new NVIDIA Mobile GFX GA103 on ADL Gen Laptops (BZ#2127122)
* Need to enable hpilo to support new HPE RL300 Gen11 for ARM (aarch64) (BZ#2129923)

References:
RHSA-2022:7110
CVE-2022-0494
CVE-2022-1353
CVE-2022-23816
CVE-2022-23825
CVE-2022-2588
CVE-2022-29900
CVE-2022-29901
ALSA-2022:7110

Updates packages:
kernel-abi-stablelists-4.18.0-372.32.1.el8_6.noarch.rpm
kernel-doc-4.18.0-372.32.1.el8_6.noarch.rpm
perf-4.18.0-372.32.1.el8_6.x86_64.rpm
kernel-debug-core-4.18.0-372.32.1.el8_6.x86_64.rpm
kernel-headers-4.18.0-372.32.1.el8_6.x86_64.rpm
kernel-debug-modules-4.18.0-372.32.1.el8_6.x86_64.rpm
python3-perf-4.18.0-372.32.1.el8_6.x86_64.rpm
kernel-tools-libs-4.18.0-372.32.1.el8_6.x86_64.rpm
kernel-debug-devel-4.18.0-372.32.1.el8_6.x86_64.rpm
kernel-devel-4.18.0-372.32.1.el8_6.x86_64.rpm
kernel-debug-4.18.0-372.32.1.el8_6.x86_64.rpm
kernel-4.18.0-372.32.1.el8_6.x86_64.rpm
kernel-modules-4.18.0-372.32.1.el8_6.x86_64.rpm
kernel-debug-modules-extra-4.18.0-372.32.1.el8_6.x86_64.rpm
bpftool-4.18.0-372.32.1.el8_6.x86_64.rpm
kernel-core-4.18.0-372.32.1.el8_6.x86_64.rpm
kernel-tools-4.18.0-372.32.1.el8_6.x86_64.rpm
kernel-modules-extra-4.18.0-372.32.1.el8_6.x86_64.rpm
kernel-cross-headers-4.18.0-372.32.1.el8_6.x86_64.rpm
kernel-core-4.18.0-372.32.1.el8_6.aarch64.rpm
bpftool-4.18.0-372.32.1.el8_6.aarch64.rpm
kernel-cross-headers-4.18.0-372.32.1.el8_6.aarch64.rpm
python3-perf-4.18.0-372.32.1.el8_6.aarch64.rpm
kernel-devel-4.18.0-372.32.1.el8_6.aarch64.rpm
kernel-modules-4.18.0-372.32.1.el8_6.aarch64.rpm
kernel-debug-4.18.0-372.32.1.el8_6.aarch64.rpm
perf-4.18.0-372.32.1.el8_6.aarch64.rpm
kernel-debug-core-4.18.0-372.32.1.el8_6.aarch64.rpm
kernel-tools-libs-4.18.0-372.32.1.el8_6.aarch64.rpm
kernel-headers-4.18.0-372.32.1.el8_6.aarch64.rpm
kernel-4.18.0-372.32.1.el8_6.aarch64.rpm
kernel-debug-modules-4.18.0-372.32.1.el8_6.aarch64.rpm
kernel-debug-devel-4.18.0-372.32.1.el8_6.aarch64.rpm
kernel-modules-extra-4.18.0-372.32.1.el8_6.aarch64.rpm
kernel-debug-modules-extra-4.18.0-372.32.1.el8_6.aarch64.rpm
kernel-tools-4.18.0-372.32.1.el8_6.aarch64.rpm
kernel-tools-libs-devel-4.18.0-372.32.1.el8_6.aarch64.rpm
perf-4.18.0-372.32.1.el8_6.ppc64le.rpm
kernel-headers-4.18.0-372.32.1.el8_6.ppc64le.rpm
kernel-cross-headers-4.18.0-372.32.1.el8_6.ppc64le.rpm
kernel-4.18.0-372.32.1.el8_6.ppc64le.rpm
kernel-debug-4.18.0-372.32.1.el8_6.ppc64le.rpm
kernel-debug-modules-extra-4.18.0-372.32.1.el8_6.ppc64le.rpm
bpftool-4.18.0-372.32.1.el8_6.ppc64le.rpm
kernel-modules-extra-4.18.0-372.32.1.el8_6.ppc64le.rpm
python3-perf-4.18.0-372.32.1.el8_6.ppc64le.rpm
kernel-debug-core-4.18.0-372.32.1.el8_6.ppc64le.rpm
kernel-debug-devel-4.18.0-372.32.1.el8_6.ppc64le.rpm
kernel-debug-modules-4.18.0-372.32.1.el8_6.ppc64le.rpm
kernel-core-4.18.0-372.32.1.el8_6.ppc64le.rpm
kernel-devel-4.18.0-372.32.1.el8_6.ppc64le.rpm
kernel-tools-4.18.0-372.32.1.el8_6.ppc64le.rpm
kernel-tools-libs-4.18.0-372.32.1.el8_6.ppc64le.rpm
kernel-modules-4.18.0-372.32.1.el8_6.ppc64le.rpm
kernel-tools-libs-devel-4.18.0-372.32.1.el8_6.x86_64.rpm
kernel-tools-libs-devel-4.18.0-372.32.1.el8_6.ppc64le.rpm
python3-perf-4.18.0-372.32.1.el8_6.s390x.rpm
kernel-debug-modules-extra-4.18.0-372.32.1.el8_6.s390x.rpm
kernel-devel-4.18.0-372.32.1.el8_6.s390x.rpm
perf-4.18.0-372.32.1.el8_6.s390x.rpm
kernel-core-4.18.0-372.32.1.el8_6.s390x.rpm
kernel-debug-core-4.18.0-372.32.1.el8_6.s390x.rpm
kernel-debug-devel-4.18.0-372.32.1.el8_6.s390x.rpm
kernel-tools-4.18.0-372.32.1.el8_6.s390x.rpm
kernel-cross-headers-4.18.0-372.32.1.el8_6.s390x.rpm
kernel-debug-4.18.0-372.32.1.el8_6.s390x.rpm
kernel-modules-extra-4.18.0-372.32.1.el8_6.s390x.rpm
kernel-modules-4.18.0-372.32.1.el8_6.s390x.rpm
kernel-debug-modules-4.18.0-372.32.1.el8_6.s390x.rpm
kernel-4.18.0-372.32.1.el8_6.s390x.rpm
bpftool-4.18.0-372.32.1.el8_6.s390x.rpm
kernel-headers-4.18.0-372.32.1.el8_6.s390x.rpm
kernel-zfcpdump-modules-4.18.0-372.32.1.el8_6.s390x.rpm
kernel-zfcpdump-devel-4.18.0-372.32.1.el8_6.s390x.rpm
kernel-zfcpdump-4.18.0-372.32.1.el8_6.s390x.rpm
kernel-zfcpdump-modules-extra-4.18.0-372.32.1.el8_6.s390x.rpm
kernel-zfcpdump-core-4.18.0-372.32.1.el8_6.s390x.rpm

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2022:7110 Important: kernel security, bug fix, and enhancement update