Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-16173

kernel update [SLES15 SP3 5.3.18-150300.59.93.1]

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Fixed
    • Minor
    • Lustre 2.16.0, Lustre 2.15.2
    • None
    • None
    • 9223372036854775807

    Description

      The SUSE Linux Enterprise 15 SP3 kernel was updated receive various
      security and bugfixes.

      The following security bugs were fixed:

      • CVE-2022-39190: Fixed an issue that was discovered in
        net/netfilter/nf_tables_api.c and could cause a denial of service upon
        binding to an already bound chain (bnc#1203117).
      • CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where
        a device driver can free a page while it still has stale TLB entries
        (bnc#1203107).
      • CVE-2022-36879: Fixed an issue in xfrm_expand_policies in
        net/xfrm/xfrm_policy.c where a refcount could be dropped twice
        (bnc#1201948).
      • CVE-2022-3028: Fixed race condition that was found in the IP framework
        for transforming packets (XFRM subsystem) (bnc#1202898).
      • CVE-2022-2977: Fixed reference counting for struct tpm_chip
        (bsc#1202672).
      • CVE-2022-2905: Fixed tnum_range usage on array range checking for poke
        descriptors (bsc#1202564, bsc#1202860).
      • CVE-2022-2663: Fixed an issue that was found in nf_conntrack_irc where
        the message handling could be confused and incorrectly matches the
        message (bnc#1202097).
      • CVE-2022-26373: Fixed non-transparent sharing of return predictor
        targets between contexts in some Intel Processors (bnc#1201726).
      • CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).
      • CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of
        v4l2-mem2mem.c (bnc#1202347).
      • CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg()
        (bsc#1202346).
      • CVE-2021-4203: Fixed use-after-free read flaw that was found in
        sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and
        SO_PEERGROUPS race with listen() (bnc#1194535).
      • CVE-2021-4155: Fixed a data leak flaw that was found in the way
        XFS_IOC_ALLOCSP IOCTL in the XFS filesystem (bnc#1194272).
      • CVE-2020-27784: Fixed a vulnerability that was found in printer_ioctl()
        printer_ioctl() when accessing a deallocated instance (bnc#1202895).
      • CVE-2016-3695: Fixed an issue inside the einj_error_inject function in
        drivers/acpi/apei/einj.c that allowed users to simulate hardware errors
        and consequently cause a denial of service (bnc#1023051).

      The following non-security bugs were fixed:
      https://lists.suse.com/pipermail/sle-security-updates/2022-September/012229.html

      Attachments

        Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. LU-16273 kernel update [SLES15 SP3 5.3.18-150300.59.98.1]

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved
          is related to

          Bug - A problem which impairs or prevents the functions of the product. LU-16233 SUSE 15 SP3 LTSS kernel version 5.3.18-150300.59.93 and later break lustre build tests

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. LU-16122 kernel update [SLES15 SP3 5.3.18-150300.59.90.1]

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Activity

            People

              yujian Jian Yu
              yujian Jian Yu
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: