Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-9882

kernel update [RHEL7.4 3.10.0-693.1.1.el7]

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: Lustre 2.11.0
    • Labels:
      None
    • Severity:
      3
    • Rank (Obsolete):
      9223372036854775807

      Description

      Security Fix(es):

      A race condition was found in the Linux kernel, present since v3.14-rc1 through v4.12. The race happens between threads of inotify_handle_event() and vfs_rename() while running the rename operation against the same file. As a result of the race the next slab data or the slab's free list pointer can be corrupted with attacker-controlled data. (CVE-2017-7533, Important)

      Bug Fix(es):

      Previously, direct I/O read operations going past EOF returned an invalid error number, instead of reading 0 bytes and returning success, if these operations were in same XFS block with EOF. Consequently, creating multiple VMs from a Red Hat Enterprise Linux 7.4 template caused all the VMs to become unresponsive in the 'Image Locked' state. This update fixes the direct I/O feature of the file system, and VMs created from a Red Hat Enterprise Linux 7.4 template now work as expected. (BZ#1475669)

      Bugs fixed (https://bugzilla.redhat.com/):

      BZ - 1468283 - CVE-2017-7533 kernel: a race between inotify_handle_event() and sys_rename()

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                bogl Bob Glossman (Inactive)
                Reporter:
                bogl Bob Glossman (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: