Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-15958

kernel update [SLES15 SP3 5.3.18-150300.59.71.2]

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Won't Fix
    • Minor
    • None
    • None
    • None
    • 9223372036854775807

    Description

      The SUSE Linux Enterprise 15 SP3 kernel was updated.

      The following security bugs were fixed:

      • CVE-2022-0168: Fixed a NULL pointer dereference in
        smb2_ioctl_query_info. (bsc#1197472)
      • CVE-2022-20008: Fixed bug that allows to read kernel heap memory due to
        uninitialized data in mmc_blk_read_single of block.c. (bnc#1199564)
      • CVE-2022-1972: Fixed a buffer overflow in nftable that could lead to
        privilege escalation. (bsc#1200019)
      • CVE-2022-21127: Fixed a stale MMIO data transient which can be exploited
        to speculatively/transiently disclose information via spectre like
        attacks. (bsc#1199650)
      • CVE-2022-21123: Fixed a stale MMIO data transient which can be exploited
        to speculatively/transiently disclose information via spectre like
        attacks. (bsc#1199650)
      • CVE-2022-21125: Fixed a stale MMIO data transient which can be exploited
        to speculatively/transiently disclose information via spectre like
        attacks. (bsc#1199650)
      • CVE-2022-21180: Fixed a stale MMIO data transient which can be exploited
        to speculatively/transiently disclose information via spectre like
        attacks. (bsc#1199650)
      • CVE-2022-21166: Fixed a stale MMIO data transient which can be exploited
        to speculatively/transiently disclose information via spectre like
        attacks. (bsc#1199650)
      • CVE-2019-19377: Fixed an user-after-free that could be triggered when an
        attacker mounts a crafted btrfs filesystem image. (bnc#1158266)
      • CVE-2022-1729: Fixed a sys_perf_event_open() race condition against self
        (bsc#1199507).
      • CVE-2022-1184: Fixed an use-after-free and memory errors in ext4 when
        mounting and operating on a corrupted image. (bsc#1198577)
      • CVE-2022-1652: Fixed a statically allocated error counter inside the
        floppy kernel module (bsc#1199063).
      • CVE-2022-30594: Fixed restriction bypass on setting the
        PT_SUSPEND_SECCOMP flag (bnc#1199505).
      • CVE-2021-33061: Fixed insufficient control flow management for the
        Intel(R) 82599 Ethernet Controllers and Adapters that may have allowed
        an authenticated user to potentially enable denial of service via local
        access (bnc#1196426).

      The following non-security bugs were fixed:
      https://lists.suse.com/pipermail/sle-security-updates/2022-June/011290.html

      Attachments

        Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. LU-16092 kernel update [SLES15 SP3 5.3.18-150300.59.87.1]

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved
          is related to

          Improvement - An improvement or enhancement to an existing feature or task. LU-15772 kernel update [SLES15 SP3 5.3.18-150300.59.63.1]

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Activity

            People

              yujian Jian Yu
              yujian Jian Yu
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: