A kernel security and bug fix update has been released for AlmaLinux.

ALSA-2021:2168 Important: kernel security and bug fix update

Type:
security

Severity:
important

Release date:
2021-06-01

Description
Security Fix(es):
* kernel: userspace applications can misuse the KVM API to cause a write of 16 bytes at an offset up to 32 GB from vcpu->run (CVE-2021-3501)
* kernel: nitro_enclaves stale file descriptors on failed usercopy (CVE-2021-3543)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* OVS mistakenly using local IP as tun_dst for VXLAN packets (?) (BZ#1944667)
* Selinux: The task calling security_set_bools() deadlocks with itself when it later calls selinux_audit_rule_match(). (BZ#1945123)
* mlx5 tc flower mpls match options does not work (BZ#1952061)
* mlx5: missing patches for ct.rel (BZ#1952062)
* CT HWOL: with OVN/OVS, intermittently, load balancer hairpin TCP packets get dropped for seconds in a row (BZ#1952065)
* Lenovo 8.3 bug Blackscreen after clicking on "Settings" icon from top-right corner. (BZ#1952900)
* RHEL 8.x missing uio upstream fix. (BZ#1952952)
* Turbostat doesn't show any measured data on AMD Milan (BZ#1952987)
* P620 no sound from front headset jack (BZ#1954545)
* RHEL kernel 8.2 and higher are affected by data corruption bug in raid1 arrays using bitmaps. (BZ#1955188)
* net/sched connection failed with DNAT + SNAT by tc action ct (BZ#1956458)

References:
CVE-2021-3501
CVE-2021-3543

Updates packages:
bpftool-4.18.0-305.3.1.el8_4.x86_64.rpm
kernel-4.18.0-305.3.1.el8_4.x86_64.rpm
kernel-abi-stablelists-4.18.0-305.3.1.el8_4.noarch.rpm
kernel-core-4.18.0-305.3.1.el8_4.x86_64.rpm
kernel-cross-headers-4.18.0-305.3.1.el8_4.x86_64.rpm
kernel-debug-4.18.0-305.3.1.el8_4.x86_64.rpm
kernel-debug-core-4.18.0-305.3.1.el8_4.x86_64.rpm
kernel-debug-devel-4.18.0-305.3.1.el8_4.x86_64.rpm
kernel-debug-modules-4.18.0-305.3.1.el8_4.x86_64.rpm
kernel-debug-modules-extra-4.18.0-305.3.1.el8_4.x86_64.rpm
kernel-devel-4.18.0-305.3.1.el8_4.x86_64.rpm
kernel-doc-4.18.0-305.3.1.el8_4.noarch.rpm
kernel-headers-4.18.0-305.3.1.el8_4.x86_64.rpm
kernel-modules-4.18.0-305.3.1.el8_4.x86_64.rpm
kernel-modules-extra-4.18.0-305.3.1.el8_4.x86_64.rpm
kernel-tools-4.18.0-305.3.1.el8_4.x86_64.rpm
kernel-tools-libs-4.18.0-305.3.1.el8_4.x86_64.rpm
kernel-tools-libs-devel-4.18.0-305.3.1.el8_4.x86_64.rpm
perf-4.18.0-305.3.1.el8_4.x86_64.rpm
python3-perf-4.18.0-305.3.1.el8_4.x86_64.rpm

Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2021:2168 Important: kernel security and bug fix update