Details

    • Improvement
    • Resolution: Fixed
    • Minor
    • Lustre 2.16.0, Lustre 2.15.4
    • Lustre 2.16.0
    • None
    • 3
    • 9223372036854775807

    Description

      Red Hat Enterprise Linux 9.3 release is available:
      https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.3_release_notes/index
      Kernel version: 5.14.0-362.8.1.el9_3

      Security Fix(es):

      • kernel: net/sched: cls_u32 component reference counter leak if tcf_change_indev() fails (CVE-2023-3609)
      • kernel: net/sched: Use-after-free vulnerabilities in the net/sched classifiers: cls_fw, cls_u32 and cls_route (CVE-2023-4128, CVE-2023-4206, CVE-2023-4207, CVE-2023-4208)
      • kernel: eBPF: insufficient stack type checks in dynptr (CVE-2023-39191)
      • Kernel: race when faulting a device private page in memory manager (CVE-2022-3523)
      • kernel: use-after-free in l1oip timer handlers (CVE-2022-3565)
      • kernel: Rate limit overflow messages in r8152 in intr_callback (CVE-2022-3594)
      • kernel: vmwgfx: use-after-free in vmw_cmd_res_check (CVE-2022-38457)
      • kernel: vmwgfx: use-after-free in vmw_execbuf_tie_context (CVE-2022-40133)
      • hw: Intel: Gather Data Sampling (GDS) side channel vulnerability (CVE-2022-40982)
      • kernel: Information leak in l2cap_parse_conf_req in net/bluetooth/l2cap_core.c (CVE-2022-42895)
      • kernel: x86/mm: Randomize per-cpu entry area (CVE-2023-0597)
      • kernel: HID: check empty report_list in hid_validate_values() (CVE-2023-1073)
      • kernel: sctp: fail if no bound addresses can be used for a given scope (CVE-2023-1074)
      • kernel: hid: Use After Free in asus_remove() (CVE-2023-1079)
      • kernel: hash collisions in the IPv6 connection lookup table (CVE-2023-1206)
      • kernel: ovl: fix use after free in struct ovl_aio_req (CVE-2023-1252)
      • Kernel: use-after-free in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c (CVE-2023-1652)
      • kernel: Use after free bug in btsdio_remove due to race condition (CVE-2023-1989)
      • kernel: fbcon: shift-out-of-bounds in fbcon_set_font() (CVE-2023-3161)
      • kernel: out-of-bounds access in relay_file_read (CVE-2023-3268)
      • kernel: xfrm: NULL pointer dereference in xfrm_update_ae_params() (CVE-2023-3772)
      • kernel: xfrm: out-of-bounds read of XFRMA_MTIMER_THRESH nlattr (CVE-2023-3773)
      • kernel: KVM: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability (CVE-2023-4155)
      • kernel: exFAT: stack overflow in exfat_get_uniname_from_ext_entry (CVE-2023-4273)
      • kernel: mpls: double free on sysctl allocation failure (CVE-2023-26545)
      • kernel: KVM: nVMX: missing consistency checks for CR0 and CR4 (CVE-2023-30456)
      • kernel: net: qcom/emac: race condition leading to use-after-free in emac_remove() (CVE-2023-33203)
      • kernel: vmwgfx: race condition leading to information disclosure vulnerability (CVE-2023-33951)
      • kernel: vmwgfx: double free within the handling of vmw_buffer_object objects (CVE-2023-33952)
      • kernel: r592: race condition leading to use-after-free in r592_remove() (CVE-2023-35825)
      • kernel: net/tls: tls_is_tx_ready() checked list_entry (CVE-2023-1075)
      • kernel: tap: tap_open(): correctly initialize socket uid (CVE-2023-1076)
      • kernel: missing mmap_lock in file_files_note that could possibly lead to a use after free in the coredump code (CVE-2023-1249)
      • kernel: use-after-free bug in remove function xgene_hwmon_remove (CVE-2023-1855)
      • kernel: Use after free bug in r592_remove (CVE-2023-3141)
      • kernel: gfs2: NULL pointer dereference in gfs2_evict_inode() (CVE-2023-3212)
      • kernel: NULL pointer dereference due to missing kalloc() return value check in shtp_cl_get_dma_send_buf() (CVE-2023-3358)
      • kernel: tap: tap_open(): correctly initialize socket uid next fix of i_uid to current_fsuid (CVE-2023-4194)

      https://access.redhat.com/errata/RHSA-2023:6583?sc_cid=701600000006NHXAA2

      Attachments

        Issue Links

          Activity

            [LU-17274] RHEL 9.3 support
            pjones Peter Jones added a comment -

            Garrett

            You might find it useful to pickup up the SRPMs from our Jenkins builders (once the build has completed) - https://build.whamcloud.com/job/lustre-b2_15/

            Peter

            pjones Peter Jones added a comment - Garrett You might find it useful to pickup up the SRPMs from our Jenkins builders (once the build has completed) - https://build.whamcloud.com/job/lustre-b2_15/ Peter
            yujian Jian Yu added a comment -

            Hi gbischof,
            The patch series https://review.whamcloud.com/54526 (10 patches) are being built and tested on Lustre b2_15 branch.
            Could you please try these patches or wait for they are ready to land?

            yujian Jian Yu added a comment - Hi gbischof , The patch series https://review.whamcloud.com/54526 (10 patches) are being built and tested on Lustre b2_15 branch. Could you please try these patches or wait for they are ready to land?
            gbischof Garrett Bischof added a comment - - edited

            @yujian any estimate about when this will be ready? Are there any existing releases where this is already fixed? Is there anything I can do to help? 

             

            Thanks!

            Garrett

            gbischof Garrett Bischof added a comment - - edited @yujian any estimate about when this will be ready? Are there any existing releases where this is already fixed? Is there anything I can do to help?    Thanks! Garrett
            yujian Jian Yu added a comment -

            Hi gbischof, the changes for LU-15655, LU-16502, and LU-17160 are needed on Lustre b2_15 branch. I'll backport the required patches.

            yujian Jian Yu added a comment - Hi gbischof , the changes for LU-15655 , LU-16502 , and LU-17160 are needed on Lustre b2_15 branch. I'll backport the required patches.

            We are having an issue with lustre-client-dkms-2.15.4-1.el9.noarch.rpm on RHEL 9

            It has a Python2 dependency, but Python2 is not supported by RHEL 9.

            Can we make a new release to fix this?

             

            Thank you,

            Garrett

            gbischof Garrett Bischof added a comment - We are having an issue with lustre-client-dkms-2.15.4-1.el9.noarch.rpm on RHEL 9 It has a Python2 dependency, but Python2 is not supported by RHEL 9. Can we make a new release to fix this?   Thank you, Garrett

            "Shaun Tancheff <shaun.tancheff@hpe.com>" uploaded a new patch: https://review.whamcloud.com/c/fs/lustre-release/+/53394
            Moved to LU-17351
            Subject: LU-17351 ldiskfs: RHEL 9.3 ldiskfs server

            stancheff Shaun Tancheff added a comment - "Shaun Tancheff <shaun.tancheff@hpe.com>" uploaded a new patch: https://review.whamcloud.com/c/fs/lustre-release/+/53394 Moved to LU-17351 Subject: LU-17351 ldiskfs: RHEL 9.3 ldiskfs server

            "Shaun Tancheff <shaun.tancheff@hpe.com>" uploaded a new patch: https://review.whamcloud.com/c/fs/lustre-release/+/53394
            Subject: LU-17274 ldiskfs: RHEL 9.3 ldiskfs server
            Project: fs/lustre-release
            Branch: master
            Current Patch Set: 1
            Commit: d17622f681679c74645a748927f4eb894b83b850

            gerrit Gerrit Updater added a comment - "Shaun Tancheff <shaun.tancheff@hpe.com>" uploaded a new patch: https://review.whamcloud.com/c/fs/lustre-release/+/53394 Subject: LU-17274 ldiskfs: RHEL 9.3 ldiskfs server Project: fs/lustre-release Branch: master Current Patch Set: 1 Commit: d17622f681679c74645a748927f4eb894b83b850
            pjones Peter Jones added a comment -

            Landed for 2.16

            pjones Peter Jones added a comment - Landed for 2.16

            "Oleg Drokin <green@whamcloud.com>" merged in patch https://review.whamcloud.com/c/fs/lustre-release/+/53054/
            Subject: LU-17274 kernel: new kernel [RHEL 9.3 5.14.0-362.8.1.el9_3]
            Project: fs/lustre-release
            Branch: master
            Current Patch Set:
            Commit: 9eb87e7ef3a144efc4fe81628352f1ca7f467018

            gerrit Gerrit Updater added a comment - "Oleg Drokin <green@whamcloud.com>" merged in patch https://review.whamcloud.com/c/fs/lustre-release/+/53054/ Subject: LU-17274 kernel: new kernel [RHEL 9.3 5.14.0-362.8.1.el9_3] Project: fs/lustre-release Branch: master Current Patch Set: Commit: 9eb87e7ef3a144efc4fe81628352f1ca7f467018

            "Oleg Drokin <green@whamcloud.com>" merged in patch https://review.whamcloud.com/c/fs/lustre-release/+/53055/
            Subject: LU-17274 kernel: new kernel [RHEL 9.3 5.14.0-362.8.1.el9_3]
            Project: fs/lustre-release
            Branch: b2_15
            Current Patch Set:
            Commit: 503918da04fce7a25014112956c95e84188985bd

            gerrit Gerrit Updater added a comment - "Oleg Drokin <green@whamcloud.com>" merged in patch https://review.whamcloud.com/c/fs/lustre-release/+/53055/ Subject: LU-17274 kernel: new kernel [RHEL 9.3 5.14.0-362.8.1.el9_3] Project: fs/lustre-release Branch: b2_15 Current Patch Set: Commit: 503918da04fce7a25014112956c95e84188985bd

            People

              yujian Jian Yu
              yujian Jian Yu
              Votes:
              0 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: