kernel-4.18.0-147.8.1.el8

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: powerpc: local user can read vector registers of other users' processes via a Facility Unavailable exception (CVE-2019-15030)

* kernel: powerpc: local user can read vector registers of other users' processes via an interrupt (CVE-2019-15031)

* kernel: powerpc: incomplete Spectre-RSB mitigation leads to information exposure (CVE-2019-18660)

* kernel: use-after-free caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver (CVE-2019-19527)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* [FJ8.1 Bug]: fs/devpts: always delete dcache dentry-s in dput()

* qla2xxx: call dma_free_coherent with correct size in all cases in qla24xx_sp_unmap

* qla2xxxx: Firmware update for Gen7 adapter could result in an unusable adapter

* s390/sclp: Fix bit checked for has_sipl

* Error output for CPU-MF auxtrace data in perf

* [FJ8.0 Bug]: [kernel]: using "kexec -e" to reboot A64FX system causes system panic during the boot of the 2nd kernel

* Fixup tlbie vs store ordering issue on POWER9

* add safeguards to RX data path

* STC940:ZZ:Fleet:LPM failed with no rmc connection during 6th iteration (ibmvnic)

* disable trace-imc feature

* megaraid_sas driver update request

* [ FW940 ] [ zz P9 ] kdump fails when XIVE is enabled and dump is trigged from HMC.

* T10 DIF: OOM observed while running I/O

* backport fix for potential deadlock relative to snapshot COW throttling

* Neoverse n1 errata 1542419 "Core may fetch stale instructions from memory and violate ordering"

* [HPE 8.1 Bug] hpsa: bug fix for reset issue

* [HPE 8.0 BUG] System crash when reading /sys/block//mq/0/cpu_list file

* kernel: T10 CRC not using hardware-accelerated version from crct10dif_pclmul

* [FJ8.1 Bug]: Dirty pages remain when write() returns ENOSPC.

* NVMe/FC Fabric Broadcom Autoconnect Script Fails to Reconnect after Controller Reset

* Chelsio crypto co-processor Driver (chcr) bugfixes

*[Snapshot-1]LUN discovery says unrecognized

* 8.2 snap2 kernel incorrectly signed in brew

CVE-2019-15030
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check.
CVE-2019-15031
In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via an interrupt. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process, because MSR_TM_ACTIVE is misused in arch/powerpc/kernel/process.c.
CVE-2019-18660
The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry_64.S and arch/powerpc/kernel/security.c.
CVE-2019-19527
In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka CID-9c09b214f30e.