Important: kernel security and bug fix update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: mm/mremap.c use-after-free vulnerability (CVE-2022-41222)
• kernel: nfsd buffer overflow by RPC message over TCP with garbage data (CVE-2022-43945)
• kernel: an out-of-bounds vulnerability in i2c-ismt driver (CVE-2022-2873)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• WARNING: CPU: 116 PID: 3440 at arch/x86/mm/extable.c:105 ex_handler_fprestore+0x3f/0x50 (BZ#2134586)
• Hardware error: RIP: copy_user_enhanced_fast_string+0xe (BZ#2137592)
• Cannot trigger kernel dump using NMI on SNO node running PAO and RT kernel (BZ#2139580)
• MEI support for Alder Lake-S (BZ#2141783)
• Host Pod -> Cluster IP Service traffic (Pod Backend - Different Node) Flow Iperf Cannot Connect (BZ#2141959)
• AlmaLinux8.7: Xorg cannot display resolution higher than 1024x768 on system using ast graphics driver (BZ#2149287)
• Intel 8.7 Bug: OS doesn’t boot when vmd and interrupt remapping are enabled (BZ#2149474)
• i40e,iavf: SR-IOV VF devices send GARP with wrong MAC address (BZ#2149745)
• AlmaLinux8.4 - boot: Add secure boot trailer (BZ#2151530)
• error 524 from seccomp(2) when trying to load filter (BZ#2152138)
• Workqueue: WQ_MEM_RECLAIM iscsi_ctrl_1:98 __iscsi_unbind_session [scsi_transport_iscsi] (BZ#2152734)
• Connectivity issue with vDPA driver (BZ#2152912)
• High Load average due to cfs cpu throttling (BZ#2153108)
• The “kernel BUG at mm/usercopy.c:103!” from BZ 2041529 is back on almalinux-8.5 (BZ#2153230)
• AlmaLinux8: tick storm on nohz (isolated) CPU cores (BZ#2153653)
• kernel BUG: scheduling while atomic: crio/7295/0x00000002 (BZ#2154460)
• Azure AlmaLinux 8 z-stream: Sometimes newly deployed VMs are not getting accelerated network during provisioning (BZ#2155272)
• Azure: VM Deployment Failures Patch Request (BZ#2155280)
• Azure vPCI AlmaLinux-8: add the support of multi-MSI (BZ#2155289)
• MSFT MANA NET Patch AlmaLinux-8: Fix race on per-CQ variable napi_iperf panic fix (BZ#2155437)
• GSS: OCP 4.10.30 node crash after ODF upgrade : unable to handle kernel NULL pointer dereference at 0000000000000000 : ceph_get_snap_realm+0x68/0xa0 [ceph] (BZ#2155797)
• Error in /usr/src/kernels/4.18.0-423.el8.x86_64/scripts/kernel-doc script causing irdma build to fail (BZ#2157905)
• AlmaLinux8.8: Backport upstream patches to reduce memory cgroup memory consumption and OOM problem (BZ#2157922)
• The ‘date’ command shows wrong time in nested KVM s390x guest (BZ#2158813)
• ethtool -m results in an out-of-bounds slab write in the be2net driver (BZ#2160182)
• (AlmaLinux OpenShift)Error downloading big ZIP files inside pod on power OCP and pod getting restarted (BZ#2160221)
• i40e/iavf: VF reset task fails “Never saw reset” with 5 second timeout per VF (BZ#2160460)
• iavf: It takes long time to create multiple VF interfaces and the VF interface names are not consistent (BZ#2163257)