CentOS: Security Advisory for bpftool (CESA-2020:3220)

The remote host is missing an update for the 'bpftool' package(s) announced via the CESA-2020:3220 advisory.

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * kernel: kernel: DAX hugepages not considered during mremap (CVE-2020-10757) * kernel: buffer overflow in mwifiex_cmd_append_vsie_tlv function in drivers/net/wireless/marvell/mwifiex/scan.c (CVE-2020-12653) * kernel: heap-based buffer overflow in mwifiex_ret_wmm_get_status function in drivers/net/wireless/marvell/mwifiex/wmm.c (CVE-2020-12654) * kernel: use-after-free caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver (CVE-2019-19527) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * RHEL7.7 - scsi: ibmvfc: Avoid loss of all paths during SVC node reboot (BZ#1830889) * [DELL EMC 7.8 BUG bnxt_en] Error messages related to hwrm observed for BCM 57504 under dmesg in RHEL 7.8 (BZ#1834190) * kernel: provide infrastructure to support dual-signing of the kernel (foundation to help address CVE-2020-10713) (BZ#1837429) * RHEL7.7 - Request: retrofit kernel commit f82b4b6 to RHEL 7.7/7.8 3.10 kernels. (BZ#1838602) * kipmi thread high CPU consumption when performing BMC firmware upgrade (BZ#1841825) * RHEL7.7 - virtio-blk: fix hw_queue stopped on arbitrary error (kvm) (BZ#1842994) * rhel 7 infinite blocked waiting on inode_dio_wait in nfs (BZ#1845520) * http request is taking more time for endpoint running on different host via nodeport service (BZ#1847333) * ext4: change LRU to round-robin in extent status tree shrinker (BZ#1847343) * libaio is returning duplicate events (BZ#1850055) * After upgrade to 3.9.89 pod containers with CPU limits fail to start due to cgroup error (BZ#1850500) * Fix dpdk regression introduced by bz1837297 (BZ#1852245)

'bpftool' package(s) on CentOS 7.

Checks if a vulnerable package version is present on the target host.

Please install the updated package(s).