Important: kernel security, bug fix, and enhancement update

Topic

An update for kernel is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: ipvlan: out-of-bounds write caused by unclear skb->cb (CVE-2023-3090)
• kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt() (CVE-2023-35788)
• kernel: KVM: x86/mmu: race condition in direct_page_fault() (CVE-2022-45869)
• kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c (CVE-2023-0458)
• kernel: Spectre v2 SMT mitigations problem (CVE-2023-1998)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• HPEMC RHEL 9 BUG: acpi-cpufreq: Skip initializtion if a cpufreq driver exists (BZ#2186562)
• RHEL 9.3: Update locking code to upstream 6.1 and further fixes (BZ#2187507)
• Getting "kernel: RIP: 0010:nvme_setup_discard+0x172/0x1e0 [nvme_core]" when I/O and DISCARD commands are sent to the file system on NVMe/TCP multipath device (BZ#2192632)
• RHEL 9.2 OS cannot boot successfully when enabling VMD in UEFI setup (BZ#2196230)
• Intel E810 card unable to create a MACVLAN on interface already configured as SRIOV (BZ#2209284)
• Trouble getting callstacks when signal has interrupted clock_gettime (BZ#2210074)
• DELL 9.3 BUG: HDMI/DP audio output device lost on some new wn21 series graphic card(Discrete mode). (BZ#2211656)
• DELL RHEL 9.2 BUG: Observed device_dax related probe errors in dmesg when HBM CPU is set to flat mode and creating duplicate device_dax ids and hence probe is failing (BZ#2212386)
• ice: The response of the "ubxtool -p <PRESET>" command may not correspond to the command: (BZ#2213186)
• Update lpfc 14.2.0.12 for RHEL 9.3 Inbox with three bug fixes from 14.2.0.13 (BZ#2213616)
• avoid unnecessary page fault retires on shared memory types (BZ#2213894)
• jitter: Fix RCT/APT health test during initialization (BZ#2215080)
• coretemp driver causes RDMSR interruption on isolated CPU (BZ#2215552)
• rbd: avoid fast-diff corruption in snapshot-based mirroring (BZ#2216569)
• Hyper-V RHEL-9: Fix VM crash/hang Issues due to fast VF add/remove events (BZ#2217066)
• OVS ERSPAN2: ip6erspan incorrect erspan version in GRE header (BZ#2217493)
• kernel-rt: system hung during stress-ng (BZ#2217939)
• kvm/sriov: high latency after soft reboot (BZ#2218871)
• CPU slushiness observed with lots of kworkers being created on host when more than 2 vm spawned in single shot (BZ#2218935)
• Wrong hwlat CPU affinity when started from a container. (BZ#2221157)
• cifs: check the lease context if we actually got a lease (BZ#2221159)

Enhancement(s):

• Intel 9.3 FEAT SPR power: Intel SST SNC4 support (BZ#2185605)
• Dell 9.3 Feat dell-wmi-privacy: The microphone still have function when press F4 Microphone Mute hotkey on Orchid Bay MLK (BZ#2209808)
• RFE: Support for a 'source-load-balancing' bonding mode (BZ#2221169)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

The system must be rebooted for this update to take effect.

Affected Products

• Red Hat Enterprise Linux for x86_64 9 x86_64
• Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64
• Red Hat Enterprise Linux Server - AUS 9.2 x86_64
• Red Hat Enterprise Linux for IBM z Systems 9 s390x
• Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2 s390x
• Red Hat Enterprise Linux for Power, little endian 9 ppc64le
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64le
• Red Hat Enterprise Linux for ARM 64 9 aarch64
• Red Hat CodeReady Linux Builder for x86_64 9 x86_64
• Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64
• Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
• Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
• Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
• Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
• Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
• Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.2 x86_64
• Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.2 ppc64le
• Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.2 s390x
• Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.2 aarch64
• Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.2 aarch64
• Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.2 s390x

Fixes

• BZ - 2151317 - CVE-2022-45869 kernel: KVM: x86/mmu: race condition in direct_page_fault()
• BZ - 2187257 - CVE-2023-1998 kernel: Spectre v2 SMT mitigations problem
• BZ - 2193219 - CVE-2023-0458 kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c
• BZ - 2215768 - CVE-2023-35788 kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt()
• BZ - 2218672 - CVE-2023-3090 kernel: ipvlan: out-of-bounds write caused by unclear skb->cb

CVEs

• CVE-2022-45869
• CVE-2023-0458
• CVE-2023-1998
• CVE-2023-3090
• CVE-2023-35788

References

• https://access.redhat.com/security/updates/classification/#important