Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-16546

kernel update [SLES15 SP4 5.14.21-150400.24.41.1]

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Won't Fix
    • Minor
    • None
    • None
    • None
    • 9223372036854775807

    Description

      The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various
      security and bugfixes.

      The following security bugs were fixed:

      • CVE-2022-3344: Fixed a bug where nested shutdown interception could lead
        to host crash (bsc#1204652)
      • CVE-2022-4662: Fixed a recursive locking violation in usb-storage that
        can cause the kernel to deadlock. (bsc#1206664)
      • CVE-2022-3115: Fixed a null pointer dereference in malidp_crtc.c caused
        by a lack of checks of the return value of kzalloc. (bsc#1206393)
      • CVE-2022-47520: Fixed an out-of-bounds read when parsing a Robust
        Security Network (RSN) information element from a Netlink packet.
        (bsc#1206515)
      • CVE-2022-3112: Fixed a null pointer dereference caused by lacks check
        of the return value of kzalloc() in vdec_helpers.c:amvdec_set_canvases.
        (bsc#1206399)
      • CVE-2022-3564: Fixed a bug which could lead to use after free, it was
        found in the function l2cap_reassemble_sdu of the file
        net/bluetooth/l2cap_core.c of the component Bluetooth. (bsc#1206073)
      • CVE-2022-4379: Fixed a use-after-free vulnerability in
        nfs4file.c:__nfs42_ssc_open. (bsc#1206209)
      • CVE-2022-3108: Fixed a bug in kfd_parse_subtype_iolink in
        drivers/gpu/drm/amd/amdkfd/kfd_crat.c where a lack of check of the
        return value of kmemdup() could lead to a NULL pointer dereference.
        (bsc#1206389)
      • CVE-2022-3104: Fixed a null pointer dereference caused by caused by a
        missing check of the return value of kzalloc() in
        bugs.c:lkdtm_ARRAY_BOUNDS. (bsc#1206396)
      • CVE-2022-3113: Fixed a null pointer dereference caused by a missing
        check of the return value of devm_kzalloc. (bsc#1206390)
      • CVE-2022-3107: Fixed a null pointer dereference caused by a missing
        check of the return value of kvmalloc_array. (bsc#1206395)
      • CVE-2022-3114: Fixed a null pointer dereference caused by a missing
        check of the return value of kcalloc. (bsc#1206391)
      • CVE-2022-3111: Fixed a missing release of resource after effective
        lifetime bug caused by a missing free of the WM8350_IRQ_CHG_FAST_RDY in
        wm8350_init_charger. (bsc#1206394)
      • CVE-2022-3105: Fixed a null pointer dereference caused by a missing
        check of the return value of kmalloc_array. (bsc#1206398)
      • CVE-2022-3106: Fixed a null pointer dereference caused by a missing
        check of the return value of kmalloc. (bsc#1206397)

      The following non-security bugs were fixed:
      https://lists.suse.com/pipermail/sle-security-updates/2023-January/013529.html

      Attachments

        Issue Links

          is related to

          Improvement - An improvement or enhancement to an existing feature or task. LU-16601 kernel update [SLES15 SP4 5.14.21-150400.24.46.1]

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved
          is related to

          Improvement - An improvement or enhancement to an existing feature or task. LU-16422 kernel update [SLES15 SP4 5.14.21-150400.24.38.1]

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Activity

            People

              yujian Jian Yu
              yujian Jian Yu
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: