Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2021:1071-1 Issue Date: 2021-04-06 CVE Numbers: CVE-2021-27365 CVE-2021-27363 CVE-2021-27364 -- Security Fix(es): * kernel: out-of-bounds read in libiscsi module (CVE-2021-27364) * kernel: heap buffer overflow in the iSCSI subsystem (CVE-2021-27365) * kernel: iscsi: unrestricted access to sessions and handles (CVE-2021-27363) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * Customer testing eMMC sees and intermittent boot problem on 7.8+, was not seen on 7.3 * tcm loopback driver causes double-start of scsi command when work is delayed * [Azure][SL-7]Mellanox Patches To Prevent Kernel Hang In MLX4 * A patch from upstream c365c292d059 causes us to end up leaving rt_nr_boosted in an inconsistent state, which causes a hard lockup. * [SL7.9.z] Add fix to update snd_wl1 in bulk receiver fast path -- - Scientific Linux Development Team