kernel-4.18.0-372.32.1.el8_6

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

* A use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588)
* Information leak in scsi_ioctl() (CVE-2022-0494)
* A kernel-info-leak issue in pfkey_register (CVE-2022-1353)
* RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-23816, CVE-2022-29900)
* Branch Type Confusion (non-retbleed) (CVE-2022-23825)
* RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-29901)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

* Add s390_iommu_aperture kernel parameter
* Blackscreen and hangup after resume from hibernate or S3 with DFGX WX3200
* Update NVME subsystem with bug fixes and minor changes
* Fix parsing of nw_proto for IPv6 fragments
* "vmcore failed, _exitcode:139" error observed while capturing vmcore during fadump after memory remove. incomplete vmcore is captured.
* 'disable_policy' is ignored for addresses configured on a down interface
* Backport request for new cpufreq.default_governor kernel command line parameter
* Panics in mpt3sas mpt3sas_halt_firmware() if mpt3sas_fwfault_debug=1 enabled when poweroff issued to server
* IOMMU/DMA update for 8.6
* Update Broadcom Emulex lpfc driver for MIRACLE LINUX 8.6 with bug fixes (14.0.0.13)
* Incorrect Socket(s) & "Core(s) per socket" reported by lscpu command.
* Panic in ch_release() due to NULL ch->device pointer, backport upstream fix
* pyverbs-tests fail over qede IW HCAs on "test_query_rc_qp" (tests.test_qp.QPTest)
* qedi shutdown handler hangs upon reboot
* cache link_info for ethtool
* Important iavf bug fixes
* Hibernate crash with Aquantia 2.5/5 Gb LAN card
* While using PTimekeeper the qede driver produces excessive log messages
* general protection fault handling rpc_xprt.timer
* Not enough device MSI-X vectors
* Atlantic driver panic on wakeup after hybernate
* Memory leak in vxlan_xmit_one
* Missing hybernate/resume fixes

Enhancement(s):

* Update smartpqi driver to latest upstream Second Set of Patches
* qed/qede/qedr - driver updates to latest upstream
* Update qedi driver to latest upstream
* Update qedf driver to latest upstream
* Include the support for new NVIDIA Mobile GFX GA103 on ADL Gen Laptops
* Need to enable hpilo to support new HPE RL300 Gen11 for ARM (aarch64)

CVE-2022-0494
A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.
CVE-2022-1353
A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information.
CVE-2022-23816
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2022-23825
Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.
CVE-2022-2588
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2022-29900
Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-dependent conditions.
CVE-2022-29901
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.