[LU-15302] kernel update [SLES15 SP3 5.3.18-59.34.1] - Whamcloud Community JIRA

Details

Type: Task
Resolution: Won't Fix
Priority: Minor
Fix Version/s: None
Affects Version/s: None
Labels:
None

Rank (Obsolete):
9223372036854775807

Description

The following security bugs were fixed:

CVE-2021-3542: Fixed heap buffer overflow in firedtv driver
(bsc#1186063).
CVE-2021-3655: Fixed a missing size validations on inbound SCTP packets,
which may have allowed the kernel to read uninitialized memory
(bsc#1188563).
CVE-2021-3715: Fixed a use-after-free in route4_change() in
net/sched/cls_route.c (bsc#1190349).
CVE-2021-3760: Fixed a use-after-free vulnerability with the
ndev->rf_conn_info object (bsc#1190067).
CVE-2021-3772: Fixed sctp vtag check in sctp_sf_ootb (bsc#1190351).
CVE-2021-3896: Fixed a array-index-out-bounds in detach_capi_ctr in
drivers/isdn/capi/kcapi.c (bsc#1191958).
CVE-2021-33033: Fixed a use-after-free in cipso_v4_genopt in
net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the
DOI definitions is mishandled (bsc#1186109).
CVE-2021-34866: Fixed eBPF Type Confusion Privilege Escalation
Vulnerability (bsc#1191645).
CVE-2021-37159: hso_free_net_device in drivers/net/usb/hso.c called
without checking for the NETREG_REGISTERED state, leading to a
use-after-free and a double free (bnc#1188601).
CVE-2021-41864: Fixed prealloc_elems_and_freelist that allowed
unprivileged users to trigger an eBPF multiplication integer overflow
with a resultant out-of-bounds write (bnc#1191317).
CVE-2021-42008: Fixed a slab out-of-bounds write in the decode_data
function in drivers/net/hamradio/6pack.c. Input from a process that had
the CAP_NET_ADMIN capability could have lead to root access
(bsc#1191315).
CVE-2021-42252: Fixed an issue inside aspeed_lpc_ctrl_mmap that could
have allowed local attackers to access the Aspeed LPC control interface
to overwrite memory in the kernel and potentially execute privileges
(bnc#1190479).
CVE-2021-42739: The firewire subsystem had a buffer overflow related to
drivers/media/firewire/firedtv-avc.c and
drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandled
bounds checking (bsc#1184673).
CVE-2021-43056: Fixed possible KVM host crash via malicious KVM guest on
Power8 (bnc#1192107).
CVE-2021-43389: There was an array-index-out-of-bounds flaw in the
detach_capi_ctr function in drivers/isdn/capi/kcapi.c (bnc#1191958).

The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2021-November/009734.html

Attachments

Issue Links

is related to

LU-15154 kernel update [SLES15 SP3 5.3.18-59.27.1]

Resolved

Activity

[LU-15302] kernel update [SLES15 SP3 5.3.18-59.34.1]

Gerrit Updater added a comment - 02/Dec/21 9:57 PM - edited

~~"Jian Yu <yujian@whamcloud.com>" uploaded a new patch:~~ https://review.whamcloud.com/45717
~~Subject: ~~LU-15302~~ kernel: kernel update SLES15 SP3 [5.3.18-59.34.1]~~
~~Project: fs/lustre-release~~
~~Branch: master~~
~~Current Patch Set: 1~~
~~Commit: 537f191ad14139e653187fb6af4886bfce7a7088~~

Gerrit Updater added a comment - 02/Dec/21 9:57 PM - edited "Jian Yu <yujian@whamcloud.com>" uploaded a new patch: https://review.whamcloud.com/45717 Subject: LU-15302 kernel: kernel update SLES15 SP3 [5.3.18-59.34.1] Project: fs/lustre-release Branch: master Current Patch Set: 1 Commit: 537f191ad14139e653187fb6af4886bfce7a7088

People

Assignee:: Jian Yu

Reporter:: Jian Yu

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 01/Dec/21 6:31 PM

Updated:: 18/Mar/25 3:52 AM

Resolved:: 25/Apr/23 8:52 PM