14 DAY TRIAL // Red Hat and CentOS communities announced this week the availability of a new kernel update for the latest Red Hat Enterprise Linux 7 and CentOS Linux 7 operating system series that fixes an important bug.
It would appear the there was a bug in the previous Linux kernel update for the Red Hat Enterprise Linux 7.5 and CentOS Linux 7.5 releases, which was released to address the Spectre V4 security vulnerability, making connection tracking information to not function correctly, which could lead to connectivity loss and leaking of configuration properties related to the respective connection tracking into other namespaces.
"Previously, the connection tracking information was not cleared properly for packets forwarded to another network namespace," said Red Hat in an advisory. "Packets that were marked with the "NOTRACK" target in one namespace were excluded from connection tracking even in the new namespace. Consequently, a loss of connectivity occasionally occurred, depending on the packet filtering ruleset of the other network namespaces."
Users are urged to update their systems immediately
The issue has been fixed by Red Hat in the latest version of its Red Hat Enterprise Linux 7 operating system series, including Red Hat Enterprise Linux 7 Desktop, Workstation and Server editions, Red Hat Enterprise Linux 7 for IBM z Systems, IBM System z (Structure A), POWER Big Endian, POWER Little Endian, ARM64, POWER 9, as well as Red Hat Enterprise Linux EUS Compute Node 7.5 and Red Hat Enterprise Linux for Scientific Computing 7.
CentOS developers followed suit, as usual, and also received a kernel bugfix update for the CentOS Linux 7 operating system series to fix the nf_reset() function that properly clears the connection tracking information no longer causing the issues mentioned above. Both Red Hat and CentOS communities urge their users to update to the latest kernel version available on the official repositories as soon as possible and then reboot their systems.