kernel (SL7)

Synopsis: Important: kernel security and bug fix update
Advisory ID: SLSA-2021:1071-1
Issue Date: 2021-04-06
CVE Numbers: CVE-2021-27365

Security Fix(es):

* kernel: out-of-bounds read in libiscsi module (CVE-2021-27364)

* kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)

* kernel: iscsi: unrestricted access to sessions and handles

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE

Bug Fix(es):

* Customer testing eMMC sees and intermittent boot problem on 7.8+, was
not seen on 7.3

* tcm loopback driver causes double-start of scsi command when work is

* [Azure][SL-7]Mellanox Patches To Prevent Kernel Hang In MLX4

* A patch from upstream c365c292d059 causes us to end up leaving
rt_nr_boosted in an inconsistent state, which causes a hard lockup.

* [SL7.9.z] Add fix to update snd_wl1 in bulk receiver fast path

– Scientific Linux Development Team