Synopsis: Moderate: kernel security, bug fix, and enhancement update Advisory ID: SLSA-2021:0336-1 Issue Date: 2021-02-02 CVE Numbers: CVE-2020-15436 CVE-2020-35513 -- Security Fix(es): * kernel: use-after-free in fs/block_dev.c (CVE-2020-15436) * kernel: Nfsd failure to clear umask after processing an open or create (CVE-2020-35513) Bug Fix(es): * double free issue in filelayout_alloc_commit_info * Regression: Plantronics Device SHS2355-11 PTT button does not work after update to 7.7 * Openstack network node reports unregister_netdevice: waiting for qr- 3cec0c92-9a to become free. Usage count = 1 * dlm: add ability to interrupt waiting for acquire POSIX lock * [Azure][SL7] soft lockups and performance loss occurring during final fsync with parallel dd writes to xfs filesystem in azure instance * Guest crashed when hotplug vcpus on booting kernel stage * soft lockup occurs while a thread group leader is waiting on tasklist_waiters in mm_update_next_owner() where a huge number of the thread group members are exiting and trying to take the tasklist_lock. * [DELL EMC 7.6 BUG] Kioxia CM6 NVMe drive fails to enumerate * [Hyper-V][SL7] Request to included a commit that adds a timeout to vmbus_wait_for_unload * Unable to discover the LUNs from new storage port * SL 7.9 Kernel panic at ceph_put_snap_realm+0x21 * A hard lockup occurrs where one task is looping in an sk_lock spinlock that has been taken by another task running timespec64_add_ns(). * ethtool/mlx5_core provides incorrect SFP module info * SL7.7 - zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl * SL7.7 - s390/dasd: Fix zero write for FBA devices * [Azure]IP forwarding issue in netvsc[7.9.z] * Security patch for CVE-2020-25212 breaks directory listings via 'ls' on NFS V4.2 shares mounted with selinux enabled labels Enhancement(s): * RFE : handle better ERRbaduid on SMB1 -- SL7 x86_64 bpftool-3.10.0-1160.15.2.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.15.2.el7.x86_64.rpm kernel-devel-3.10.0-1160.15.2.el7.x86_64.rpm kernel-headers-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.15.2.el7.x86_64.rpm perf-3.10.0-1160.15.2.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-3.10.0-1160.15.2.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.15.2.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.15.2.el7.x86_64.rpm noarch kernel-abi-whitelists-3.10.0-1160.15.2.el7.noarch.rpm kernel-doc-3.10.0-1160.15.2.el7.noarch.rpm - Scientific Linux Development Team