Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-12308

kernel update [SLES12 SP4 4.12.14-95.16.1]

    XMLWordPrintable

Details

    • Bug
    • Resolution: Won't Fix
    • Minor
    • None
    • None
    • None
    • 3
    • 9223372036854775807

    Description

      The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various
      security and bugfixes.

      Four new speculative execution information leak issues have been
      identified in Intel CPUs. (bsc#1111331)

      • CVE-2018-12126: Microarchitectural Store Buffer Data Sampling (MSBDS)
      • CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling (MFBDS)
      • CVE-2018-12130: Microarchitectural Load Port Data Samling (MLPDS)
      • CVE-2019-11091: Microarchitectural Data Sampling Uncacheable Memory
        (MDSUM)

      This kernel update contains software mitigations for these issues, which
      also utilize CPU microcode updates shipped in parallel.

      For more information on this set of vulnerabilities, check out
      https://www.suse.com/support/kb/doc/?id=7023736

      The following security bugs were fixed:

      • CVE-2018-16880: A flaw was found in the handle_rx() function in the
        vhost_net driver. A malicious virtual guest, under specific conditions,
        could trigger an out-of-bounds write in a kmalloc-8 slab on a virtual
        host which may lead to a kernel memory corruption and a system panic.
        Due to the nature of the flaw, privilege escalation cannot be fully
        ruled out. (bnc#1122767).
      • CVE-2019-3882: A flaw was found in the vfio interface implementation
        that permitted violation of the user's locked memory limit. If a device
        is bound to a vfio driver, such as vfio-pci, and the local attacker is
        administratively granted ownership of the device, it may cause a system
        memory exhaustion and thus a denial of service (DoS). (bnc#1131416
        bnc#1131427).
      • CVE-2019-9003: Attackers could trigger a
        drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging
        for certain simultaneous execution of the code, as demonstrated by a
        "service ipmievd restart" loop (bnc#1126704).
      • CVE-2019-9500: A brcmfmac heap buffer overflow in brcmf_wowl_nd_results
        was fixed. (bnc#1132681).
      • CVE-2019-9503: A brcmfmac frame validation bypass was fixed.
        (bnc#1132828).

      The following non-security bugs were fixed: http://lists.suse.com/pipermail/sle-security-updates/2019-May/005457.html

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. LU-12494 kernel update [SLES12 SP4 4.12.14-95.19.1]

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved
          is related to

          Bug - A problem which impairs or prevents the functions of the product. LU-12138 kernel update [SLES12 SP4 4.12.14-95.13.1]

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Activity

            People

              yujian Jian Yu
              yujian Jian Yu
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: