Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-14376

kernel update [SLES12 SP5 4.12.14-122.57.1]

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Fixed
    • Minor
    • Lustre 2.12.7
    • None
    • None
    • 9223372036854775807

    Description

      The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various
      security and bugfixes.

      The following security bugs were fixed:

      • CVE-2020-28374: Fixed a LIO security issue (bsc#1178372).
      • CVE-2020-36158: Fixed a potential remote code execution in the Marvell
        mwifiex driver (bsc#1180559).
      • CVE-2020-27825: Fixed a race in the trace_open and buffer resize calls
        (bsc#1179960).
      • CVE-2020-0466: Fixed a use-after-free due to a logic error in
        do_epoll_ctl and ep_loop_check_proc of eventpoll.c (bnc#1180031).
      • CVE-2020-27068: Fixed an out-of-bounds read due to a missing bounds
        check in the nl80211_policy policy of nl80211.c (bnc#1180086).
      • CVE-2020-0465: Fixed multiple missing bounds checks in hid-multitouch.c
        that could have led to local privilege escalation (bnc#1180029).
      • CVE-2020-0444: Fixed a bad kfree due to a logic error in
        audit_data_to_entry (bnc#1180027).
      • CVE-2020-29660: Fixed a locking inconsistency in the tty subsystem that
        may have allowed a read-after-free attack against TIOCGSID (bnc#1179745).
      • CVE-2020-29661: Fixed a locking issue in the tty subsystem that allowed
        a use-after-free attack against TIOCSPGRP (bsc#1179745).
      • CVE-2020-27777: Fixed a privilege escalation in the Run-Time Abstraction
        Services (RTAS) interface, affecting guests running on top of PowerVM or
        KVM hypervisors (bnc#1179107).
      • CVE-2019-20934: Fixed a use-after-free in show_numa_stats() because NUMA
        fault statistics were inappropriately freed, aka CID-16d51a590a8c
        (bsc#1179663).
      • CVE-2020-27786: Fixed a use after free in kernel midi subsystem
        snd_rawmidi_kernel_read1() (bsc#1179601).
      • CVE-2020-4788: Fixed an issue with IBM Power9 processors could have
        allowed a local user to obtain sensitive information from the data in
        the L1 cache under extenuating circumstances (bsc#1177666).
      • CVE-2018-20669: Fixed an improper check i915_gem_execbuffer2_ioctl in
        drivers/gpu/drm/i915/i915_gem_execbuffer.c (bsc#1122971).

      The following non-security bugs were fixed:
      https://lists.suse.com/pipermail/sle-security-updates/2021-January/008212.html

      Attachments

        Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. LU-14452 kernel update [SLES12 SP5 4.12.14-122.60.1]

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved
          is related to

          Improvement - An improvement or enhancement to an existing feature or task. LU-14222 kernel update [SLES12 SP5 4.12.14-122.54.1]

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Activity

            People

              yujian Jian Yu
              yujian Jian Yu
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: