(RHSA-2022:1455) Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Security Fix(es):

• kernel: fget: check that the fd still exists after getting a ref to it (CVE-2021-4083)

• kernel: cgroups v1 release_agent feature may allow privilege escalation (CVE-2022-0492)

• kernel: heap out of bounds write in nf_dup_netdev.c (CVE-2022-25636)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fixes:

• Power10 PMU fix for PM_CYC/PM_INST_CMPL ( kernel/perf) (BZ#2040665)

• call traces and packet drops seen after changing mtu of ibmvnic interface. (ibmvnic/ P10/ Everglade) (BZ#2050679)

• zfcp: fix failed recovery on gone remote port, non-NPIV FCP dev (BZ#2050739)

• overlay mount fails with ELOOP (Too many levels of symbolic links) (BZ#2053030)

• Host unable to automatically add namespaces belonging to a new ANA group (BZ#2055466)

• scheduler updates and fixes [None8.4.0.z] (BZ#2056834)

• nf_reinject calls nf_queue_entry_free on an already freed entry->state (BZ#2061445)

• First Packet Latency impacted by mlx5 warning msg (BZ#2067992)

• openvswitch connection tracking sends incorrect flow key for some upcalls (BZ#2068477)

• Backport upstream rcu commits up to v5.10 (BZ#2069819)

• Packages have been upgraded to a later upstream version: kernel (4.18.0) (BZ#2036932)

Enhancement:

• zcrypt DD: Toleration for new IBM Z Crypto Hardware (BZ#2054097)