Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-10241

kernel update [RHEL6.9 2.6.32-696.16.1.el6]

Details

    • 3
    • 9223372036854775807

    Description

      Security Fix(es):

      A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking subsystem handling synchronization. A local user able to open a raw packet socket (requires the CAP_NET_RAW capability) could use this flaw to elevate their privileges on the system. (CVE-2017-1000111, Important)

      An exploitable memory corruption flaw was found in the Linux kernel. The append path can be erroneously switched from UFO to non-UFO in ip_ufo_append_data() when building an UFO packet with MSG_MORE option. If unprivileged user namespaces are available, this flaw can be exploited to gain root privileges. (CVE-2017-1000112, Important)

      A divide-by-zero vulnerability was found in the __tcp_select_window function in the Linux kernel. This can result in a kernel panic causing a local denial of service. (CVE-2017-14106, Moderate)

      Bug Fix(es):

      When the operating system was booted with Red Hat Enterprise Virtualization, and the eh_deadline sysfs parameter was set to 10s, the Storage Area Network (SAN) issues caused eh_deadline to trigger with no handler. Consequently, a kernel panic occurred. This update fixes the lpfc driver, thus preventing the kernel panic under described circumstances. (BZ#1487220)

      When an NFS server returned the NFS4ERR_BAD_SEQID error to an OPEN request, the open-owner was removed from the state_owners rbtree. Consequently, NFS4 client infinite loop that required a reboot to recover occurred. This update changes NFS4ERR_BAD_SEQID handling to leave the open-owner in the state_owners rbtree by updating the create_time parameter so that it looks like a new open-owner. As a result, an NFS4 client is now able to recover without falling into the infinite recovery loop after receiving NFS4ERR_BAD_SEQID. (BZ#1491123)

      If an NFS client attempted to mount NFSv3 shares from an NFS server exported directly to the client's IP address, and this NFS client had already mounted other shares that originated from the same server but were exported to the subnetwork which this client was part of, the auth.unix.ip cache expiration was not handled correctly. Consequently, the client received the 'stale file handle' errors when trying to mount the share. This update fixes handling of the cache expiration, and the NFSv3 shares now mount as expected without producing the 'stale file handle' errors. (BZ#1497976)

      When running a script that raised the tx ring count to its maximum value supported by the Solarflare Network Interface Controller (NIC) driver, the EF10 family NICs allowed the settings exceeding the hardware's capability. Consequently, the Solarflare hardware became unusable with Red Hat Entepripse Linux 6. This update fixes the sfc driver, so that the tx ring can have maximum 2048 entries for all EF10 NICs. As a result, the Solarflare hardware no longer becomes unusable with Red Hat Entepripse Linux 6 due to this bug. (BZ#1498019)

      Bugs fixed (https://bugzilla.redhat.com/):

      BZ - 1479304 - CVE-2017-1000111 kernel: Heap out-of-bounds in AF_PACKET sockets
      BZ - 1479307 - CVE-2017-1000112 kernel: Exploitable memory corruption due to UFO to non-UFO path switch
      BZ - 1487295 - CVE-2017-14106 kernel: Divide-by-zero in __tcp_select_window

      Attachments

        Issue Links

          Activity

            [LU-10241] kernel update [RHEL6.9 2.6.32-696.16.1.el6]
            pjones Peter Jones added a comment -

            Landed for 2.11

            pjones Peter Jones added a comment - Landed for 2.11

            Oleg Drokin (oleg.drokin@intel.com) merged in patch https://review.whamcloud.com/30130/
            Subject: LU-10241 kernel: kernel update RHEL6.9 [2.6.32-696.16.1.el6]
            Project: fs/lustre-release
            Branch: master
            Current Patch Set:
            Commit: 5dd43bbc88135fa87ca0a6bee2048d5e37ddd602

            gerrit Gerrit Updater added a comment - Oleg Drokin (oleg.drokin@intel.com) merged in patch https://review.whamcloud.com/30130/ Subject: LU-10241 kernel: kernel update RHEL6.9 [2.6.32-696.16.1.el6] Project: fs/lustre-release Branch: master Current Patch Set: Commit: 5dd43bbc88135fa87ca0a6bee2048d5e37ddd602

            John L. Hammond (john.hammond@intel.com) merged in patch https://review.whamcloud.com/30131/
            Subject: LU-10241 kernel: kernel update RHEL6.9 [2.6.32-696.16.1.el6]
            Project: fs/lustre-release
            Branch: b2_10
            Current Patch Set:
            Commit: cc0d57bde682ba0fe6b8752dbf1d4995e5b2033d

            gerrit Gerrit Updater added a comment - John L. Hammond (john.hammond@intel.com) merged in patch https://review.whamcloud.com/30131/ Subject: LU-10241 kernel: kernel update RHEL6.9 [2.6.32-696.16.1.el6] Project: fs/lustre-release Branch: b2_10 Current Patch Set: Commit: cc0d57bde682ba0fe6b8752dbf1d4995e5b2033d

            Bob Glossman (bob.glossman@intel.com) uploaded a new patch: https://review.whamcloud.com/30131
            Subject: LU-10241 kernel: kernel update RHEL6.9 [2.6.32-696.16.1.el6]
            Project: fs/lustre-release
            Branch: b2_10
            Current Patch Set: 1
            Commit: a62197a51019773595786d07bad3c0f8e3c18165

            gerrit Gerrit Updater added a comment - Bob Glossman (bob.glossman@intel.com) uploaded a new patch: https://review.whamcloud.com/30131 Subject: LU-10241 kernel: kernel update RHEL6.9 [2.6.32-696.16.1.el6] Project: fs/lustre-release Branch: b2_10 Current Patch Set: 1 Commit: a62197a51019773595786d07bad3c0f8e3c18165

            Bob Glossman (bob.glossman@intel.com) uploaded a new patch: https://review.whamcloud.com/30130
            Subject: LU-10241 kernel: kernel update RHEL6.9 [2.6.32-696.16.1.el6]
            Project: fs/lustre-release
            Branch: master
            Current Patch Set: 1
            Commit: 709547a07f67c6a7a773498fbe01b606836ed895

            gerrit Gerrit Updater added a comment - Bob Glossman (bob.glossman@intel.com) uploaded a new patch: https://review.whamcloud.com/30130 Subject: LU-10241 kernel: kernel update RHEL6.9 [2.6.32-696.16.1.el6] Project: fs/lustre-release Branch: master Current Patch Set: 1 Commit: 709547a07f67c6a7a773498fbe01b606836ed895

            People

              bogl Bob Glossman (Inactive)
              bogl Bob Glossman (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: