Red Hat Enterprise Linux 9: RHSA-2023:4377-01 Important Kernel Security Fix

The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* kernel: ipvlan: out-of-bounds write caused by unclear skb->cb (CVE-2023-3090)
* kernel: cls_flower: out-of-bounds write in fl_set_geneve_opt() (CVE-2023-35788)
* kernel: KVM: x86/mmu: race condition in direct_page_fault() (CVE-2022-45869)
* kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c (CVE-2023-0458)
* kernel: Spectre v2 SMT mitigations problem (CVE-2023-1998)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* HPEMC RHEL 9 BUG: acpi-cpufreq: Skip initializtion if a cpufreq driver exists (BZ#2186562)
* RHEL 9.3: Update locking code to upstream 6.1 and further fixes (BZ#2187507)
* Getting "kernel: RIP: 0010:nvme_setup_discard+0x172/0x1e0 [nvme_core]" when I/O and DISCARD commands are sent to the file system on NVMe/TCP multipath device (BZ#2192632)
* RHEL 9.2 OS cannot boot successfully when enabling VMD in UEFI setup (BZ#2196230)
* Intel E810 card unable to create a MACVLAN on interface already configured as SRIOV (BZ#2209284)
* Trouble getting callstacks when signal has interrupted clock_gettime (BZ#2210074)
* DELL 9.3 BUG: HDMI/DP audio output device lost on some new wn21 series graphic card(Discrete mode). (BZ#2211656)
* DELL RHEL 9.2 BUG: Observed device_dax related probe errors in dmesg when HBM CPU is set to flat mode and creating duplicate device_dax ids and hence probe is failing (BZ#2212386)
* ice: The response of the "ubxtool -p " command may not correspond to the command: (BZ#2213186)
* Update lpfc 14.2.0.12 for RHEL 9.3 Inbox with three bug fixes from 14.2.0.13 (BZ#2213616)
* avoid unnecessary page fault retires on shared memory types (BZ#2213894)
* jitter: Fix RCT/APT health test during initialization (BZ#2215080)
* coretemp driver causes RDMSR interruption on isolated CPU (BZ#2215552)
* rbd: avoid fast-diff corruption in snapshot-based mirroring (BZ#2216569)
* Hyper-V RHEL-9: Fix VM crash/hang Issues due to fast VF add/remove events (BZ#2217066)
* OVS ERSPAN2: ip6erspan incorrect erspan version in GRE header (BZ#2217493)
* kernel-rt: system hung during stress-ng (BZ#2217939)
* kvm/sriov: high latency after soft reboot (BZ#2218871)
* CPU slushiness observed with lots of kworkers being created on host when more than 2 vm spawned in single shot (BZ#2218935)
* Wrong hwlat CPU affinity when started from a container. (BZ#2221157)
* cifs: check the lease context if we actually got a lease (BZ#2221159)
Enhancement(s):
* Intel 9.3 FEAT SPR power: Intel SST SNC4 support (BZ#2185605)
* Dell 9.3 Feat dell-wmi-privacy: The microphone still have function when press F4 Microphone Mute hotkey on Orchid Bay MLK (BZ#2209808)
* RFE: Support for a 'source-load-balancing' bonding mode (BZ#2221169)