Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-16174

kernel update [SLES15 SP4 5.14.21-150400.24.21.2]



    • Improvement
    • Resolution: Fixed
    • Minor
    • Lustre 2.16.0, Lustre 2.15.2
    • None
    • None
    • 9223372036854775807


      The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various
      security and bugfixes.

      The following security bugs were fixed:

      • CVE-2022-39190: Fixed an issue that was discovered in
        net/netfilter/nf_tables_api.c and could cause a denial of service upon
        binding to an already bound chain (bnc#1203117).
      • CVE-2022-39188: Fixed race condition in include/asm-generic/tlb.h where
        a device driver can free a page while it still has stale TLB entries
      • CVE-2022-2663: Fixed an issue that was found in nf_conntrack_irc where
        the message handling could be confused and incorrectly matches the
        message (bnc#1202097).
      • CVE-2022-3078: Fixed a lack of check after calling vzalloc() and lack of
        free after allocation in drivers/media/test-drivers/vidtv/vidtv_s302m.c
      • CVE-2022-28356: Fixed a refcount leak bug that was found in
        net/llc/af_llc.c (bnc#1197391).
      • CVE-2022-3028: Fixed race condition that was found in the IP framework
        for transforming packets (XFRM subsystem) (bnc#1202898).
      • CVE-2022-2905: Fixed tnum_range usage on array range checking for poke
        descriptors (bsc#1202564, bsc#1202860).
      • CVE-2022-2977: Fixed reference counting for struct tpm_chip
      • CVE-2022-2938: Fixed a flaw that was found inside the Pressure Stall
        Information implementation that could have been used to allow an
        attacker to crash the system or have other memory-corruption side
        effects (bnc#1202623).
      • CVE-2022-28693: Fixed x86/speculation behavior by disabling RRSBA
      • CVE-2021-33135: Fixed uncontrolled resource consumption inside Intel(R)
        SGX that may have allowed an authenticated user to potentially enable
        denial of service via local access (bnc#1199515).
      • CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).
      • CVE-2022-2959: Fixed a race condition that was found inside the watch
        queue due to a missing lock in pipe_resize_ring() (bnc#1202681
      • CVE-2022-36946: Fixed a denial of service (panic) inside nfqnl_mangle in
        net/netfilter/nfnetlink_queue.c (bnc#1201940 bnc#1201941 bnc#1202312
      • CVE-2021-4037: Fixed function logic vulnerability that allowed local
        users to create files for the XFS file-system with an unintended group
        ownership and with group execution and SGID permission bits set
      • CVE-2022-2873: Fixed an out-of-bounds memory access flaw that was found
        in iSMT SMBus host controller driver (bnc#1202558).
      • CVE-2022-36879: Fixed an issue in xfrm_expand_policies in
        net/xfrm/xfrm_policy.c where a refcount could be dropped twice
      • CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg()
      • CVE-2022-20369: Fixed out of bounds write in v4l2_m2m_querybuf of
        v4l2-mem2mem.c (bnc#1202347).
      • CVE-2016-3695: Fixed an issue inside the einj_error_inject function in
        drivers/acpi/apei/einj.c that allowed users to simulate hardware errors
        and consequently cause a denial of service (bnc#1023051).
      • CVE-2022-2639: Fixed an integer coercion error that was found in the
        openvswitch kernel module (bnc#1202154).
      • CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where
        an attacker was able to inject data into or terminate a victim's TCP
        session (bnc#1196616).
      • CVE-2022-32250: Fixed a privilege escalation issue in
        net/netfilter/nf_tables_api.c that allowed a local user to became root

      The following non-security bugs were fixed:


        Issue Links



              yujian Jian Yu
              yujian Jian Yu
              0 Vote for this issue
              3 Start watching this issue