RHSA-2018:1130 Important: kernel security and bug fix update

Updated -

The kernel packages contain the Linux kernel, the core of any Linux operating system.

Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

Security Fixes are described in RHSA-2018:1130.

This update also fixes the following bugs:

  • Previously, the kernel did not handle MD I/O errors properly in dm-raid. As a consequence, the I/O sometimes became unresponsive. With this update, dm-raid now handles I/O errors correctly, and I/O operations no longer hang with RAID1. (BZ#1525997)

  • Previously, the kernel did not free memory in the Multiple Devices (MD) RAID1 personality. As a consequence, there was a memory leak. With this update, the memory leak in the MD RAID1 personality has been fixed. (BZ#1525997)

  • Previously, the system sometimes become unresponsive when a Multiple Devices (MD) device was resyncing. After rebooting the system, the resyncing was unable to continue and started from the beginning again. This happened due to mismatched calls to the wait_barrier function. With this update, the function calls have been fixed, and the described problem no longer occurs. (BZ#1527598)

  • This update improves the handling of the Precision Time Protocol (PTP) in the igb driver. (BZ#1535882)

  • This update adds a new line to the /proc/cpuinfo file to show all available facilities that are reported by the stfle instruction on IBM z systems. (BZ#1540090)

  • Previously, the turbostat utility did not report the C1E C-state on Intel Purley systems. With this update, support for reporting C1E on Intel Purley has been added. (BZ#1540307)

  • Previously, the system became unresponsive when using Device Mapper (DM) thin provisioning on top of a file-based loop device. With this update, memory allocation now uses the correct GFP mask, and the described problem no longer occurs. (BZ#1541025)

  • A previous kernel update added a new mount option to GFS2: -o loccookie. The option allows for better identification of NFS directory entries. However, the enhancement introduced a bug which could cause GFS to misidentify directory entries, which resulted in NFS missing some entries while showing others multiple times. This bug is now fixed, and GFS2 now handles NFS directory entries as expected. (BZ#1541294)

  • Previously, transfer throughput was reduced in the balance-alb mode due to improper load-balancing setup. With this update, the default value for balance-alb has been adjusted, and, as a result, throughput is now at expected levels in balance-alb. (BZ#1542446)

  • Previously, the NFS server sometimes caused a kernel panic when shutting down. This happened due to an error in processing the blocked_locks_lru list. With this update, the list processing has been corrected, and the NFS server no longer causes a kernel panic during the shutdown process. (BZ#1542894)

  • Prior to this update, repeatedly opening or closing a high number of Transmission Control Protocol (TCP) sockets caused memory leaks. As a consequence, the client system sometimes halted unexpectedly due to an Out of Memory (OOM) condition. With this update, TCP socket allocated pages are properly released at close time, and the described problem no longer occurs. (BZ#1544338)

  • Previously, the ip link down command became unresponsive when used with Infiniband devices. This was caused by a race condition leading to a conflict with the ip link up command. With this update, the race condition has been fixed, and the ip link down command no longer hangs. (BZ#1544340)

  • Prior to this update, removing a memory cgroup sometimes resulted in a kernel warning or a kernel panic. This happened due to kmem caches being handled in the memory resource controller (memcg) without taking into account whether they are shared with the parent. This update introduces a fix that ensures delayed kmem cache removals and aliased kmem caches are handled properly. As a result, memory cgroups can now be removed without warnings or crashes. (BZ#1546734)

  • Previously, a Parallel NFS (pNFS) client became unresponsive when performing direct I/O against a pNFS dataserver and falling back to the pNFS metadata server. This was caused by a refcount imbalance. With this update, the refcount imbalance has been fixed, and the described problem no longer occurs. (BZ#1547670)

  • Previously, process accounting statistics were not collected. This happened because the sys_acct system call failed to turn on the BSD-style accounting due to bad time-checking in the check_free_space function. With this update, the time checking has been fixed, and accounting now works as expected. (BZ#1548408)

  • Previously, the list of machine check exceptions (MCEs) was being iterated incorrectly, potentially leading to memory corruption. An attempt to display a corrupted list of MCEs then caused a kernel panic. This update ensures that the list is iterated correctly with a safe iterator, and MCE lists are no longer being corrupted. (BZ#1552624)

  • Previously, migrating a virtual machine (VM) using Advanced Vector Extensions (AVX) sometimes corrupted the ymm registers, leading to guest-visible register corruption. This happened because the kernel failed to preserve some vector registers when asked by QEMU. With this update, the kernel now preserves the correct registers, and the described problem no longer occurs. (BZ#1542617)

  • Prior to this update, repeatedly opening or closing a high number of Transmission Control Protocol (TCP) sockets caused memory leaks. As a consequence, the client system sometimes halted unexpectedly due to an Out of Memory (OOM) condition. With this update, TCP socket allocated pages are properly released at close time, and the described problem no longer occurs. (BZ#1544338)

  • Previously, the system sometimes became unresponsive due to network traffic. This was caused by incorrect rescheduling of qdio queue tasklets and restarting outbound queue timers. With this update, the handling of queue tasklets and outbound queue timers has been fixed, and the described problem no longer occurs. (BZ#1544926)

  • Previously, the NFS client ignored server errors when it failed to recover a file lock. As a consequence, the client sometimes corrupted data in the file. With this update, the client processes the server error correctly, and the described problem no longer occurs. (BZ#1545070)

  • Previously, the NFS server caused a high system load under certain conditions when using NFSv4. This happened because the NFS server entered an infinite OPEN loop. With this update, the infinite loop has been fixed, and the described problem no longer occurs. (BZ#1547120)

  • Previously, a kernel panic sometimes occurred on iSER servers with the isert driver after the interface was set to down. For example, this happened after a failed iSER login. With this update, the Completion Queue (CQ) is drained of pre-posted login receive work before continuing with connection teardown. As a result, the described problem no longer occurs. (BZ#1548312)

  • The kernel build requirements have been updated to the GNU Compiler Collection (GCC) compiler version that has the support for Retpolines. The Retpolines mechanism is a software construct that leverages specific knowledge of the underlying hardware to mitigate the branch target injection, also known as Spectre variant 2 vulnerability described in CVE-2017-5715. (BZ#1553183)

Comments