A kernel security and bug fix update has been released for AlmaLinux.

ALSA-2022:1550 Important: kernel security and bug fix update

Type:
security

Severity:
important

Release date:
2022-04-27

Description
Security Fix(es):
* kernel: use-after-free in RDMA listen() (CVE-2021-4028)
* kernel: heap out of bounds write in nf_dup_netdev.c (CVE-2022-25636)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Backport DFS fixes from upstream (BZ#2056329)
* RHEL8.5 lpfc driver often fails to detect storage directly connected to Broadcom FC HBA (BZ#2058193)
* nf_reinject calls nf_queue_entry_free on an already freed entry->state (BZ#2061446)
* gfs2 blocking in gdlm_lock (BZ#2069750)

References:
CVE-2021-4028
CVE-2022-25636

Updates packages:
kernel-tools-libs-devel-4.18.0-348.23.1.el8_5.x86_64.rpm

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2022:1550 Important: kernel security and bug fix update