Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-9561

kernel update [RHEL7.3 3.10.0-514.21.1.el7]

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: Lustre 2.10.0
    • Labels:
      None
    • Severity:
      3
    • Rank (Obsolete):
      9223372036854775807

      Description

      Security Fix(es):

      • It was found that the packet_set_ring() function of the Linux kernel's
        networking implementation did not properly validate certain block-size data. A
        local attacker with CAP_NET_RAW capability could use this flaw to trigger a
        buffer overflow, resulting in the crash of the system. Due to the nature of the
        flaw, privilege escalation cannot be fully ruled out. (CVE-2017-7308, Important)
      • Mounting a crafted EXT4 image read-only leads to an attacker controlled memory
        corruption and SLAB-Out-of-Bounds reads. (CVE-2016-10208, Moderate)
      • A flaw was found in the Linux kernel's implementation of seq_file where a
        local attacker could manipulate memory in the put() function pointer. This could
        lead to memory corruption and possible privileged escalation. (CVE-2016-7910,
        Moderate)
      • A vulnerability was found in the Linux kernel. An unprivileged local user
        could trigger oops in shash_async_export() by attempting to force the in-kernel
        hashing algorithms into decrypting an empty data set. (CVE-2016-8646, Moderate)
      • It was reported that with Linux kernel, earlier than version v4.10-rc8, an
        application may trigger a BUG_ON in sctp_wait_for_sndbuf if the socket tx buffer
        is full, a thread is waiting on it to queue more data, and meanwhile another
        thread peels off the association being used by the first thread. (CVE-2017-5986,
        Moderate)

      Additional Changes:

      https://access.redhat.com/articles/3034221

      Bugs fixed (https://bugzilla.redhat.com/):

      1388821 - CVE-2016-8646 kernel: Oops in shash_async_export()
      1395190 - CVE-2016-10208 kernel: EXT4 memory corruption / SLAB out-of-bounds read
      1399727 - CVE-2016-7910 kernel: Use after free in seq file
      1420276 - CVE-2017-5986 kernel: Reachable BUG_ON from userspace in sctp_wait_for_sndbuf
      1437404 - CVE-2017-7308 kernel: net/packet: overflow in check for priv area size

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                bogl Bob Glossman (Inactive)
                Reporter:
                bogl Bob Glossman (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: