Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-8669

kernel update [RHEL6.8 2.6.32-642.6.1.el6]

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: Lustre 2.9.0
    • Labels:
      None
    • Severity:
      3
    • Rank (Obsolete):
      9223372036854775807

      Description

      Security Fix(es):

      • A flaw was found in the Linux kernel's keyring handling code, where in
        key_reject_and_link() an uninitialized variable would eventually lead to
        arbitrary free address which could allow attacker to use a use-after-free style
        attack. (CVE-2016-4470, Important)
      • A heap-based buffer overflow vulnerability was found in the Linux kernel's
        hiddev driver. This flaw could allow a local attacker to corrupt kernel memory,
        possible privilege escalation or crashing the system. (CVE-2016-5829, Moderate)

      Bug Fix(es):

      • Previously, when two NFS shares with different security settings were mounted,
        the I/O operations to the kerberos-authenticated mount caused the
        RPC_CRED_KEY_EXPIRE_SOON parameter to be set, but the parameter was not unset
        when performing the I/O operations on the sec=sys mount. Consequently, writes to
        both NFS shares had the same parameters, regardless of their security settings.
        This update fixes this problem by moving the NO_CRKEY_TIMEOUT parameter to the
        auth->au_flags field. As a result, NFS shares with different security settings
        are now handled as expected. (BZ#1366962)
      • In some circumstances, resetting a Fibre Channel over Ethernet (FCoE)
        interface could lead to a kernel panic, due to invalid information extracted
        from the FCoE header. This update adds santiy checking to the cpu number
        extracted from the FCoE header. This ensures that subsequent operations address
        a valid cpu, and eliminates the kernel panic. (BZ#1359036)
      • Prior to this update, the following problems occurred with the way GSF2
        transitioned files and directories from the "unlinked" state to the "free"
        state:

      The numbers reported for the df and the du commands in some cases got out of
      sync, which caused blocks in the file system to appear missing. The blocks were
      not actually missing, but they were left in the "unlinked" state.

      In some circumstances, GFS2 referenced a cluster lock that was already deleted,
      which led to a kernel panic.

      If an object was deleted and its space reused as a different object, GFS2
      sometimes deleted the existing one, which caused file system corruption.

      With this update, the transition from "unlinked" to "free" state has been fixed.
      As a result, none of these three problems occur anymore. (BZ#1359037)

      • Previously, the GFS2 file system in some cases became unresponsive due to lock
        dependency problems between inodes and the cluster lock. This occurred most
        frequently on nearly full file systems where files and directories were being
        deleted and recreated at the same block location at the same time. With this
        update, a set of patches has been applied to fix these lock dependencies. As a
        result, GFS2 no longer hangs in the described circumstances. (BZ#1359038)
      • When used with controllers that do not support DCMD- MR_DCMD_PD_LIST_QUERY,
        the megaraid_sas driver can go into infinite error reporting loop of error
        reporting messages. This could cause difficulties with finding other important
        log messages, or even it could cause the disk to overflow. This bug has been
        fixed by ignoring the DCMD MR_DCMD_PD_LIST_QUERY query for controllers which do
        not support it and sending the DCMD SUCCESS status to the AEN functions. As a
        result, the error messages no longer appear when there is a change in the status
        of one of the arrays. (BZ#1359039)

      Bugs fixed (https://bugzilla.redhat.com/):

      1341716 - CVE-2016-4470 kernel: Uninitialized variable in request_key handling causes kernel crash in error handling path
      1350509 - CVE-2016-5829 kernel: Heap buffer overflow in hidden driver

        Attachments

          Activity

            People

            • Assignee:
              bogl Bob Glossman (Inactive)
              Reporter:
              bogl Bob Glossman (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: