Synopsis: Important: kernel security, bug fix, and enhancement update Advisory ID: SLSA-2019:0512-1 Issue Date: 2019-03-14 CVE Numbers: CVE-2018-17972 CVE-2018-18445 CVE-2018-9568 -- Security Fix(es): * kernel: Memory corruption due to incorrect socket cloning (CVE-2018-9568) * kernel: Unprivileged users able to inspect kernel stacks of arbitrary tasks (CVE-2018-17972) * kernel: Faulty computation of numberic bounds in the BPF verifier (CVE-2018-18445) Bug Fix(es) and Enhancement(s): * kernel fuse invalidates cached attributes during reads * [NetApp-FC-NVMe] SL7.6: nvme reset gets hung indefinitely * Memory reclaim deadlock calling __sock_create() after memalloc_noio_save() * hardened usercopy is causing crash * Backport: xfrm: policy: init locks early * AWS m5 instance type loses NVMe mounted volumes [was: Unable to Mount StatefulSet PV in AWS EBS] * SL 7.6 running on a VirtualBox guest with a GUI has a mouse problem * Kernel bug report in cgroups on heavily contested 3.10 node * [PCIe] SHPC probe crash on Non-ACPI/Non-SHPC ports * [Cavium 7.7 Feat] qla2xxx: Update to latest upstream. * Regression in lpfc and the CNE1000 (BE2 FCoE) adapters that no longer initialize * [csiostor] call trace after command: modprobe csiostor * libceph: fall back to sendmsg for slab pages * Deadlock between stop_one_cpu_nowait() and stop_two_cpus() * Soft lockups occur when the sd driver passes a device size of 1 sector to string_get_size() * [SL7.7] BUG: unable to handle kernel paging request at ffffffffffffffff * SL7.6 - powerpc/pseries: Disable CPU hotplug across migrations / powerpc/rtas: Fix a potential race between CPU-Offline & Migration (LPM) * blk-mq: fix corruption with direct issue * [SL7][patch] iscsi driver can block reboot/shutdown * [DELL EMC 7.6 BUG] Unable to create-namespace over Dell NVDIMM-N * efi_bgrt_init fails to ioremap error during boot * Unable to mount a share on kernel- 3.10.0-957.el7. The share can be mounted on kernel-3.10.0-862.14.4.el7 * System crash with RIP nfs_readpage_async+0x43 -- BUG: unable to handle kernel NULL pointer dereference -- SL7 x86_64 bpftool-3.10.0-957.10.1.el7.x86_64.rpm kernel-3.10.0-957.10.1.el7.x86_64.rpm kernel-debug-3.10.0-957.10.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-957.10.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-957.10.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-957.10.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-957.10.1.el7.x86_64.rpm kernel-devel-3.10.0-957.10.1.el7.x86_64.rpm kernel-headers-3.10.0-957.10.1.el7.x86_64.rpm kernel-tools-3.10.0-957.10.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-957.10.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-957.10.1.el7.x86_64.rpm perf-3.10.0-957.10.1.el7.x86_64.rpm perf-debuginfo-3.10.0-957.10.1.el7.x86_64.rpm python-perf-3.10.0-957.10.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-957.10.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-957.10.1.el7.x86_64.rpm noarch kernel-abi-whitelists-3.10.0-957.10.1.el7.noarch.rpm kernel-doc-3.10.0-957.10.1.el7.noarch.rpm - Scientific Linux Development Team