Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-14451

kernel update [SLES15 SP2 5.3.18-24.49.2]

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Won't Fix
    • Minor
    • None
    • None
    • None
    • 9223372036854775807

    Description

      The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various
      security and bugfixes.

      The following security bugs were fixed:

      • CVE-2021-3347: A use-after-free was discovered in the PI futexes during
        fault handling, allowing local users to execute code in the kernel
        (bnc#1181349).
      • CVE-2021-3348: Fixed a use-after-free in nbd_add_socket that could be
        triggered by local attackers (with access to the nbd device) via an I/O
        request at a certain point during device setup (bnc#1181504).
      • CVE-2021-20177: Fixed a kernel panic related to iptables string matching
        rules. A privileged user could insert a rule which could lead to denial
        of service (bnc#1180765).
      • CVE-2021-0342: In tun_get_user of tun.c, there is possible memory
        corruption due to a use after free. This could lead to local escalation
        of privilege with System execution privileges required. (bnc#1180812)
      • CVE-2020-27835: A use-after-free in the infiniband hfi1 driver was
        found, specifically in the way user calls Ioctl after open dev file and
        fork. A local user could use this flaw to crash the system (bnc#1179878).
      • CVE-2020-25639: Fixed a NULL pointer dereference via nouveau ioctl
        (bnc#1176846).
      • CVE-2020-29569: Fixed a potential privilege escalation and information
        leaks related to the PV block backend, as used by Xen (bnc#1179509).
      • CVE-2020-29568: Fixed a denial of service issue, related to processing
        watch events (bnc#1179508).
      • CVE-2020-25211: Fixed a flaw where a local attacker was able to inject
        conntrack netlink configuration that could cause a denial of service or
        trigger the use of incorrect protocol numbers in
        ctnetlink_parse_tuple_filter (bnc#1176395).

      The following non-security bugs were fixed:
      https://lists.suse.com/pipermail/sle-security-updates/2021-February/008292.html

      Attachments

        Issue Links

          Activity

            People

              yujian Jian Yu
              yujian Jian Yu
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: