Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-15490

kernel update [SLES15 SP3 5.3.18-150300.59.43.1]

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Won't Fix
    • Minor
    • None
    • None
    • None
    • 9223372036854775807

    Description

      The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various
      security and bugfixes.

      The following security bugs were fixed:

      • CVE-2022-0185: Incorrect param length parsing in legacy_parse_param
        which could have led to a local privilege escalation (bsc#1194517).
      • CVE-2022-0322: Fixed a denial of service in SCTP sctp_addto_chunk
        (bsc#1194985).
      • CVE-2021-4197: Fixed a cgroup issue where lower privileged processes
        could write to fds of lower privileged ones that could lead to privilege
        escalation (bsc#1194302).
      • CVE-2021-46283: nf_tables_newset in net/netfilter/nf_tables_api.c in the
        Linux kernel allowed local users to cause a denial of service (NULL
        pointer dereference and general protection fault) because of the missing
        initialization for nft_set_elem_expr_alloc. A local user can set a
        netfilter table expression in their own namespace (bnc#1194518).
      • CVE-2021-4135: Fixed an information leak in the nsim_bpf_map_alloc
        function (bsc#1193927).
      • CVE-2021-4202: Fixed a race condition during NFC device remove which
        could lead to a use-after-free memory corruption (bsc#1194529)
      • CVE-2021-4083: A read-after-free memory flaw was found in the Linux
        kernel's garbage collection for Unix domain socket file handlers in the
        way users call close() and fget() simultaneously and can potentially
        trigger a race condition. This flaw allowed a local user to crash the
        system or escalate their privileges on the system. This flaw affects
        Linux kernel versions prior to 5.16-rc4 (bnc#1193727).
      • CVE-2021-4149: Fixed a locking condition in btrfs which could lead to
        system deadlocks (bsc#1194001).
      • CVE-2021-45485: In the IPv6 implementation in net/ipv6/output_core.c has
        an information leak because of certain use of a hash table which,
        although big, doesn't properly consider that IPv6-based attackers can
        typically choose among many IPv6 source addresses (bnc#1194094).
      • CVE-2021-45486: In the IPv4 implementation in net/ipv4/route.c has an
        information leak because the hash table is very small (bnc#1194087).

      The following non-security bugs were fixed:
      https://lists.suse.com/pipermail/sle-security-updates/2022-January/010079.html

      Attachments

        Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. LU-15337 kernel update [SLES15 SP3 5.3.18-59.37.2]

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Activity

            People

              yujian Jian Yu
              yujian Jian Yu
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: