Synopsis:          Important: kernel security and bug fix update
Advisory ID:       SLSA-2021:1071-1
Issue Date:        2021-04-06
CVE Numbers:       CVE-2021-27365
                   CVE-2021-27363
                   CVE-2021-27364
--

Security Fix(es):

* kernel: out-of-bounds read in libiscsi module (CVE-2021-27364)

* kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365)

* kernel: iscsi: unrestricted access to sessions and handles
(CVE-2021-27363)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE

Bug Fix(es):

* Customer testing eMMC sees and intermittent boot problem on 7.8+, was
not  seen on 7.3

* tcm loopback driver causes double-start of scsi command when work is
delayed

* [Azure][SL-7]Mellanox Patches To Prevent Kernel Hang In MLX4

* A patch from upstream c365c292d059 causes us to end up leaving
rt_nr_boosted in an inconsistent state, which causes a hard lockup.

* [SL7.9.z] Add fix to update snd_wl1 in bulk receiver fast path
--

- Scientific Linux Development Team