Oval Definition:oval:com.redhat.rhsa:def:20220188
Revision Date:2022-01-19Version:640
Title:RHSA-2022:0188: kernel security and bug fix update (Important)
Description:The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

  • kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL (CVE-2021-4155)

  • kernel: fs_context: heap overflow in legacy parameter handling (CVE-2022-0185)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

    Bug Fix(es):

  • kernel show “ BUG: scheduling while atomic:xxx“ and reboot when an uncorrectable memory error injection on RHEL8.4 beta and GA (BZ#2008789)

  • tcp: Sockets can be orphaned in the FIN-WAIT-1 or CLOSING states. (BZ#2021574)

  • Hostnetwork pod to service backed by hostnetwork on the same node is not working with OVN Kubernetes (BZ#2024411)

  • ice: bug fixes for kernel crashes (BZ#2026698)

  • [RHEL-8.6][SanityOnly] Backport leftover migrate_disable BPF related change (BZ#2027689)

  • xfs: I_DONTCACHE flag is ignored [xfstests: xfs/177] (BZ#2028534)

  • FIPS: deadlock between PID 1 and "modprobe crypto-jitterentropy_rng" at boot, preventing system to boot (BZ#2029365)

  • RHEL8.6: Backport upstream RCU commits up to v5.12 (BZ#2029449)

  • i40e,ixgbe: revert XDP partial backport from kernel 5.13 (BZ#2029845)

  • spec: Support separate tools build (BZ#2031053)

  • RCU stall WARNING: at kernel/rcu/tree.c:1392 rcu_advance_cbs_nowake+0x51/0x60 (BZ#2032579)

  • block: update to upstream v5.14 (BZ#2034396)
  • Family:unixClass:patch
    Status:Reference(s):CVE-2021-4155
    CVE-2022-0185
    RHSA-2022:0188
    Platform(s):Red Hat Enterprise Linux 8
    Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 8 is installed
  • OR Red Hat CoreOS 4 is installed
  • AND
  • kernel earlier than 0:4.18.0-348.12.2.el8_5 is currently running
  • OR kernel earlier than 0:4.18.0-348.12.2.el8_5 is set to boot up on next boot
  • AND
  • bpftool is earlier than 0:4.18.0-348.12.2.el8_5
  • AND bpftool is signed with Red Hat redhatrelease2 key
  • kernel is earlier than 0:4.18.0-348.12.2.el8_5
  • AND kernel is signed with Red Hat redhatrelease2 key
  • kernel-abi-stablelists is earlier than 0:4.18.0-348.12.2.el8_5
  • AND kernel-abi-stablelists is signed with Red Hat redhatrelease2 key
  • kernel-core is earlier than 0:4.18.0-348.12.2.el8_5
  • AND kernel-core is signed with Red Hat redhatrelease2 key
  • kernel-cross-headers is earlier than 0:4.18.0-348.12.2.el8_5
  • AND kernel-cross-headers is signed with Red Hat redhatrelease2 key
  • kernel-debug is earlier than 0:4.18.0-348.12.2.el8_5
  • AND kernel-debug is signed with Red Hat redhatrelease2 key
  • kernel-debug-core is earlier than 0:4.18.0-348.12.2.el8_5
  • AND kernel-debug-core is signed with Red Hat redhatrelease2 key
  • kernel-debug-devel is earlier than 0:4.18.0-348.12.2.el8_5
  • AND kernel-debug-devel is signed with Red Hat redhatrelease2 key
  • kernel-debug-modules is earlier than 0:4.18.0-348.12.2.el8_5
  • AND kernel-debug-modules is signed with Red Hat redhatrelease2 key
  • kernel-debug-modules-extra is earlier than 0:4.18.0-348.12.2.el8_5
  • AND kernel-debug-modules-extra is signed with Red Hat redhatrelease2 key
  • kernel-devel is earlier than 0:4.18.0-348.12.2.el8_5
  • AND kernel-devel is signed with Red Hat redhatrelease2 key
  • kernel-modules is earlier than 0:4.18.0-348.12.2.el8_5
  • AND kernel-modules is signed with Red Hat redhatrelease2 key
  • kernel-modules-extra is earlier than 0:4.18.0-348.12.2.el8_5
  • AND kernel-modules-extra is signed with Red Hat redhatrelease2 key
  • kernel-tools is earlier than 0:4.18.0-348.12.2.el8_5
  • AND kernel-tools is signed with Red Hat redhatrelease2 key
  • kernel-tools-libs is earlier than 0:4.18.0-348.12.2.el8_5
  • AND kernel-tools-libs is signed with Red Hat redhatrelease2 key
  • kernel-tools-libs-devel is earlier than 0:4.18.0-348.12.2.el8_5
  • AND kernel-tools-libs-devel is signed with Red Hat redhatrelease2 key
  • kernel-zfcpdump is earlier than 0:4.18.0-348.12.2.el8_5
  • AND kernel-zfcpdump is signed with Red Hat redhatrelease2 key
  • kernel-zfcpdump-core is earlier than 0:4.18.0-348.12.2.el8_5
  • AND kernel-zfcpdump-core is signed with Red Hat redhatrelease2 key
  • kernel-zfcpdump-devel is earlier than 0:4.18.0-348.12.2.el8_5
  • AND kernel-zfcpdump-devel is signed with Red Hat redhatrelease2 key
  • kernel-zfcpdump-modules is earlier than 0:4.18.0-348.12.2.el8_5
  • AND kernel-zfcpdump-modules is signed with Red Hat redhatrelease2 key
  • kernel-zfcpdump-modules-extra is earlier than 0:4.18.0-348.12.2.el8_5
  • AND kernel-zfcpdump-modules-extra is signed with Red Hat redhatrelease2 key
  • perf is earlier than 0:4.18.0-348.12.2.el8_5
  • AND perf is signed with Red Hat redhatrelease2 key
  • python3-perf is earlier than 0:4.18.0-348.12.2.el8_5
  • AND python3-perf is signed with Red Hat redhatrelease2 key
  • BACK