kernel-3.10.0-1160.53.1.el7

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* kernel: perf_event_parse_addr_filter memory (CVE-2020-25704)
* kernel: fuse: fuse_do_getattr() calls make_bad_inode() in inappropriate situations (CVE-2020-36322)
* kernel: Heap buffer overflow in firedtv driver (CVE-2021-42739)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* A gfs2 withdrawal occurs function = gfs2_setbit, file = fs/gfs2/rgrp.c, line = 109
* i40e SR-IOV TX driver issue detected on VF 7 - VF connectivity loose after VF down/up
* duplicate ACK not sent when expected
* [kernel-debug] BUG: bad unlock balance detected! when running LTP read_all
* Rudimentary support for AMD Milan - Call init_amd_zn() om Family 19h processors
* A VM with <=8 CPUs handles all the Mellanox NIC interrupts on CPU0 only, causing low performance
* fix _PSD override quirk for AMD family 19h+
* generic_file_aio_read returns 0 when interrupted early with a fatal signal

CVE-2020-25704
A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.
CVE-2020-36322
An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950.
CVE-2021-42739
The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.