[LU-12724] kernel update [RHEL7.7 3.10.0-1062.1.1.el7] - Whamcloud Community JIRA

Details

Type: Bug
Resolution: Fixed
Priority: Minor
Fix Version/s: Lustre 2.13.0, Lustre 2.12.3
Affects Version/s: None
Labels:
None

Severity:
3
Rank (Obsolete):
9223372036854775807

Description

An update for kernel is now available for Red Hat Enterprise Linux 7.7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Security Fix(es):

kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125)
kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results (CVE-2019-9500)

Bug Fix(es):

[mlx4] VXLAN over VLAN TCP segmentation (BZ#1734333)
Race condition in /dev/sg due to missing synchronization causes corruption in RHV (BZ#1737380)
panic handing smb2_reconnect due to a use after free (BZ#1737382)
NFSv4.1 client stuck in infinite loop when received NFS4ERR_SEQ_MISORDERED error (BZ#1739077)
Backport TCP follow-up for small buffers (BZ#1739130)

https://access.redhat.com/errata/RHSA-2019:2600?sc_cid=701600000006NHXAA2

Attachments

Issue Links

is related to

LU-12792 kernel update [RHEL7.7 3.10.0-1062.1.2.el7]

Resolved

is related to

LU-12457 support for RHEL 7.7

Resolved

Activity

[LU-12724] kernel update [RHEL7.7 3.10.0-1062.1.1.el7]

Peter Jones made changes - 04/Oct/19 1:25 PM

Fix Version/s

New: Lustre 2.13.0 [ 14290 ]

Chris Hunter (Inactive) made changes - 25/Sep/19 6:29 PM

Link

New: This issue is related to DDN-876 [ DDN-876 ]

Peter Jones made changes - 21/Sep/19 1:33 AM

Resolution		New: Fixed [ 1 ]
Status	Original: Open [ 1 ]	New: Resolved [ 5 ]

Peter Jones made changes - 21/Sep/19 1:33 AM

Fix Version/s

Original: Lustre 2.13.0 [ 14290 ]

Jian Yu made changes - 20/Sep/19 5:50 PM

Link

New: This issue is related to ~~LU-12792~~ [ ~~LU-12792~~ ]

Jian Yu made changes - 06/Sep/19 7:31 AM

Fix Version/s		New: Lustre 2.13.0 [ 14290 ]
Fix Version/s		New: Lustre 2.12.3 [ 14418 ]
Description	Original: Security Fix(es): - [fs] nfsv4.1: Avoid false retries when RPC calls are interrupted (Benjamin Coddington) [1739077 1732427] - [fs] NFS4.1 handle interrupted slot reuse from ERR_DELAY (Benjamin Coddington) [1739077 1732427] - [fs] nfsv4.1: Fix the client behaviour on NFS4ERR_SEQ_FALSE_RETRY (Benjamin Coddington) [1739077 1732427] - [fs] cifs: fix panic in smb2_reconnect (Leif Sahlberg) [1737382 1702264] - [scsi] sg: protect against races between mmap() and SG_SET_RESERVED_SIZE (Ewan Milne) [1737380 1710533] - [scsi] sg: recheck MMAP_IO request length with lock held (Ewan Milne) [1737380 1710533] - [scsi] sg: reset 'res_in_use' after unlinking reserved array (Ewan Milne) [1737380 1710533] - [scsi] sg: protect accesses to 'reserved' page array (Ewan Milne) [1737380 1710533] - [netdrv] mlx4/en_netdev: allow offloading VXLAN over VLAN (Paolo Abeni) [1734333 1733671] - [netdrv] brcmfmac: assure SSID length from firmware is limited (Stanislaw Gruszka) [1704879 1704880] \{CVE-2019-9500} - [net] tcp: be more careful in tcp_fragment() (Marcelo Leitner) [1739130 1732106] - [documentation] Documentation: Add swapgs description to the Spectre v1 documentation (Waiman Long) [1729810 1724510] \{CVE-2019-1125} - [documentation] Documentation: Add section about CPU vulnerabilities for Spectre (Waiman Long) [1729810 1724510] \{CVE-2019-1125} - [x86] x86/speculation/swapgs: Exclude ATOMs from speculation through SWAPGS (Waiman Long) [1729810 1724510] \{CVE-2019-1125} - [x86] x86/speculation: Enable Spectre v1 swapgs mitigations (Waiman Long) [1729810 1724510] \{CVE-2019-1125} - [x86] x86/speculation: Prepare entry code for Spectre v1 swapgs mitigations (Waiman Long) [1729810 1724510] \{CVE-2019-1125} - [x86] x86/feature: Relocate X86_FEATURE_INVPCID_SINGLE (Waiman Long) [1729810 1724510] \{CVE-2019-1125}	New: An update for kernel is now available for Red Hat Enterprise Linux 7.7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Security Fix(es): - kernel: hw: Spectre SWAPGS gadget vulnerability (CVE-2019-1125) - kernel: brcmfmac heap buffer overflow in brcmf_wowl_nd_results (CVE-2019-9500) Bug Fix(es): - [mlx4] VXLAN over VLAN TCP segmentation (BZ#1734333) - Race condition in /dev/sg due to missing synchronization causes corruption in RHV (BZ#1737380) - panic handing smb2_reconnect due to a use after free (BZ#1737382) - NFSv4.1 client stuck in infinite loop when received NFS4ERR_SEQ_MISORDERED error (BZ#1739077) - Backport TCP follow-up for small buffers (BZ#1739130) https://access.redhat.com/errata/RHSA-2019:2600?sc_cid=701600000006NHXAA2

Jian Yu made changes - 03/Sep/19 4:55 PM

Link

New: This issue is related to ~~LU-12457~~ [ ~~LU-12457~~ ]

Jian Yu created issue - 03/Sep/19 4:49 PM

People

Assignee:: Jian Yu

Reporter:: Jian Yu

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 03/Sep/19 4:49 PM

Updated:: 04/Oct/19 1:25 PM

Resolved:: 21/Sep/19 1:33 AM