Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2022:7337-1 Issue Date: 2022-11-03 CVE Numbers: CVE-2022-23816 CVE-2022-29900 CVE-2022-29901 CVE-2022-23825 CVE-2022-2588 CVE-2022-26373 -- Security Fix(es): * a use-after-free in cls_route filter implementation may lead to privilege escalation (CVE-2022-2588) * RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-23816, CVE-2022-29900) * Branch Type Confusion (non-retbleed) (CVE-2022-23825) * Intel: Post-barrier Return Stack Buffer Predictions (CVE-2022-26373) * Intel: RetBleed Arbitrary Speculative Code Execution with Return Instructions (CVE-2022-29901) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * lpfc panics in lpfc_els_free_iocb() during port recovery * mlx5 reports error messages during shutdown then panic with mce * Kernel panic due to hard lockup caused by deadlock between tasklist_lock and k_itimer->it_lock * fix excess double put in nfs_prime_dcache -- SL7 x86_64 bpftool-3.10.0-1160.80.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm kernel-3.10.0-1160.80.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.80.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.80.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.80.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.80.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.80.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.80.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.80.1.el7.x86_64.rpm perf-3.10.0-1160.80.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm python-perf-3.10.0-1160.80.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.80.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.80.1.el7.x86_64.rpm noarch kernel-abi-whitelists-3.10.0-1160.80.1.el7.noarch.rpm kernel-doc-3.10.0-1160.80.1.el7.noarch.rpm - Scientific Linux Development Team