Synopsis: Important: kernel security and bug fix update Advisory ID: SLSA-2021:4777-1 Issue Date: 2021-11-24 CVE Numbers: CVE-2020-36385 -- Security Fix(es): * kernel: use-after-free in drivers/infiniband/core/ucma.c ctx use-after- free (CVE-2020-36385) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE Bug Fix(es): * scsi: ibmvfc: Avoid link down on FS9100 canister reboot * crash in qla2x00_status_entry() because of corrupt srb * qedf driver: race condition between qedf's completion work task and another work item tearing down an fcport with qedf_cleanup_fcport * The kernel crashes in hv_pci_remove_slots() upon hv device removal. A possible race between hv_pci_remove_slots() and pci_devices_present_work(). * I/O delays incorrectly handled in the NVMe stack * Data corruption in NFS client reusing slotid/seqid due to an interrupted slot -- SL7 x86_64 bpftool-3.10.0-1160.49.1.el7.x86_64.rpm bpftool-debuginfo-3.10.0-1160.49.1.el7.x86_64.rpm kernel-3.10.0-1160.49.1.el7.x86_64.rpm kernel-debug-3.10.0-1160.49.1.el7.x86_64.rpm kernel-debug-debuginfo-3.10.0-1160.49.1.el7.x86_64.rpm kernel-debug-devel-3.10.0-1160.49.1.el7.x86_64.rpm kernel-debuginfo-3.10.0-1160.49.1.el7.x86_64.rpm kernel-debuginfo-common-x86_64-3.10.0-1160.49.1.el7.x86_64.rpm kernel-devel-3.10.0-1160.49.1.el7.x86_64.rpm kernel-headers-3.10.0-1160.49.1.el7.x86_64.rpm kernel-tools-3.10.0-1160.49.1.el7.x86_64.rpm kernel-tools-debuginfo-3.10.0-1160.49.1.el7.x86_64.rpm kernel-tools-libs-3.10.0-1160.49.1.el7.x86_64.rpm perf-3.10.0-1160.49.1.el7.x86_64.rpm perf-debuginfo-3.10.0-1160.49.1.el7.x86_64.rpm python-perf-3.10.0-1160.49.1.el7.x86_64.rpm python-perf-debuginfo-3.10.0-1160.49.1.el7.x86_64.rpm kernel-tools-libs-devel-3.10.0-1160.49.1.el7.x86_64.rpm noarch kernel-abi-whitelists-3.10.0-1160.49.1.el7.noarch.rpm kernel-doc-3.10.0-1160.49.1.el7.noarch.rpm - Scientific Linux Development Team