kernel (SL7)

Synopsis: Important: kernel security and bug fix update
Advisory ID: SLSA-2019:0818-1
Issue Date: 2019-04-23
CVE Numbers: CVE-2019-7221
CVE-2019-6974

Security Fix(es):

* Kernel: KVM: potential use-after-free via kvm_ioctl_create_device()
(CVE-2019-6974)

* Kernel: KVM: nVMX: use-after-free of the hrtimer for emulation of the
preemption timer (CVE-2019-7221)

Bug Fix(es):

* rbd: avoid corruption on partially completed bios [rhel-7.6.z]

* xfs_vm_writepages deadly embrace between kworker and user task.
[rhel-7.6.z]

* Offload Connections always get vlan priority 0 [rhel-7.6.z]

* [NOKIA] SL sends flood of Neighbour Solicitations under specific
conditions [rhel-7.6.z]

* SL 7.6 – Host crash occurred on NVMe/IB system while running controller
reset [rhel-7.6.z]

* [rhel7] raid0 md workqueue deadlock with stacked md devices [rhel-7.6.z]

* [PureStorage7.6]nvme disconnect following an unsuccessful Admin queue
creation causes kernel panic [rhel-7.6.z]

* RFC: Regression with -fstack-check in ‘backport upstream large stack
guard patch to SL6′ patch [rhel-7.6.z]

* [Hyper-V] [SL 7.6]hv_netvsc: Fix a network regression after ifdown/ifup
[rhel-7.6.z]

* rtc_cmos: probe of 00:01 failed with error -16 [rhel-7.6.z]

* ACPI WDAT watchdog update [rhel-7.6.z]

* high ovs-vswitchd CPU usage when VRRP over VXLAN tunnel causing qrouter
fail-over [rhel-7.6.z]

* Openshift node drops outgoing POD traffic due to NAT hashtable race in
__ip_conntrack_confirm() [rhel-7.6.z]

* [Backport] [v3,2/2] net: igmp: Allow user-space configuration of igmp
unsolicited report interval [rhel-7.6.z]

* [SL7.6]: Intermittently seen FIFO parity error on T6225-SO adapter
[rhel-7.6.z]

* The number of unsolict report about IGMP is incorrect [rhel-7.6.z]

* RDT driver causing failure to boot on AMD Rome system with more than 255
CPUs [rhel-7.6.z]

* mpt3sas_cm0: fault_state(0x2100)! [rhel-7.6.z]

* rwsem in inconsistent state leading system to hung [rhel-7.6.z]

SL7
x86_64
bpftool-3.10.0-957.12.1.el7.x86_64.rpm
kernel-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debug-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debug-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debug-devel-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-debuginfo-common-x86_64-3.10.0-957.12.1.el7.x86_64.rpm
kernel-devel-3.10.0-957.12.1.el7.x86_64.rpm
kernel-headers-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-libs-3.10.0-957.12.1.el7.x86_64.rpm
perf-3.10.0-957.12.1.el7.x86_64.rpm
perf-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
python-perf-3.10.0-957.12.1.el7.x86_64.rpm
python-perf-debuginfo-3.10.0-957.12.1.el7.x86_64.rpm
kernel-tools-libs-devel-3.10.0-957.12.1.el7.x86_64.rpm
noarch
kernel-abi-whitelists-3.10.0-957.12.1.el7.noarch.rpm
kernel-doc-3.10.0-957.12.1.el7.noarch.rpm

– Scientific Linux Development Team