Important: kernel security and bug fix update

2022-01-1913:59:09

Google

osv.dev

linux kernel

security update

bug fixes

xfs vulnerability

heap overflow

memory error

sockets

kernel crashes

deadlock

rcu commits

upstream v5.14.

AI Score

8.6

Confidence

High

EPSS

0.002

Percentile

62.1%

JSON

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

kernel: xfs: raw block device data leak in XFS_IOC_ALLOCSP IOCTL (CVE-2021-4155)
kernel: fs_context: heap overflow in legacy parameter handling (CVE-2022-0185)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

kernel show “ BUG: scheduling while atomic:xxx“ and reboot when an uncorrectable memory error injection on Rocky Linux8.4 beta and GA (BZ#2008789)
tcp: Sockets can be orphaned in the FIN-WAIT-1 or CLOSING states. (BZ#2021574)
Hostnetwork pod to service backed by hostnetwork on the same node is not working with OVN Kubernetes (BZ#2024411)
ice: bug fixes for kernel crashes (BZ#2026698)
[Rocky Linux-8.6][SanityOnly] Backport leftover migrate_disable BPF related change (BZ#2027689)
xfs: I_DONTCACHE flag is ignored [xfstests: xfs/177] (BZ#2028534)
FIPS: deadlock between PID 1 and “modprobe crypto-jitterentropy_rng” at boot, preventing system to boot (BZ#2029365)
Rocky Linux8.6: Backport upstream RCU commits up to v5.12 (BZ#2029449)
i40e,ixgbe: revert XDP partial backport from kernel 5.13 (BZ#2029845)
spec: Support separate tools build (BZ#2031053)
RCU stall WARNING: at kernel/rcu/tree.c:1392 rcu_advance_cbs_nowake+0x51/0x60 (BZ#2032579)
block: update to upstream v5.14 (BZ#2034396)