kernel-3.10.0-1160.31.1.el7

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: Integer overflow in Intel(R) Graphics Drivers (CVE-2020-12362)
* kernel: Use after free via PI futex state (CVE-2021-3347)
* kernel: use-after-free in n_tty_receive_buf_common function in drivers/tty/n_tty.c (CVE-2020-8648)
* kernel: Improper input validation in some Intel(R) Graphics Drivers (CVE-2020-12363)
* kernel: Null pointer dereference in some Intel(R) Graphics Drivers (CVE-2020-12364)
* kernel: Speculation on pointer arithmetic against bpf_context pointer (CVE-2020-27170)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* kernel crash when call the timer function (sctp_generate_proto_unreach_event) of sctp module
* SCSI error handling process on HP P440ar controller gets stuck indefinitely in device reset operation
* netfilter: reproducible deadlock on nft_log module autoload
* netfilter: NULL pointer dereference in nf_tables_set_lookup()
* [DELL EMC 7.9 Bug]: No acpi_pad threads on top command for "power cap policy equal to 0 watts"
* A race between i40e_ndo_set_vf_mac() and i40e_vsi_clear() in the i40e driver causes a use after free condition of the kmalloc-4096 slab cache.
* netxen driver performs poorly with RT kernel
* gendisk->disk_part_tbl->last_lookup retains pointer after partition deletion
* Kernel experiences panic in update_group_power() due to division error even with Bug 1701115 fix
* zfcp: fix handling of FCP_RESID_OVER bit in fcp ingress path
* mm/THP: do not access vma->vm_mm after calling handle_userfault
* raid: wrong raid io account
* qla2x00_status_cont_entry() missing upstream patch that prevents unnecessary ABRT/warnings
* System hang caused by workqueue stall in qla2xxx driver
* selinux: setsebool can trigger a deadlock
* [Hyper-V] Cannot boot kernel 3.10.0-1160.21.1.el7.x86_64 on Hyper-V

CVE-2020-12362
Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access.
CVE-2020-12363
Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-12364
Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-27170
An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-f232326f6966. This affects pointer types that do not define a ptr_limit.
CVE-2020-8648
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
CVE-2021-3347
An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458.