[LU-12458] kernel update [RHEL7.6 3.10.0-957.21.3.el7] Created: 19/Jun/19  Updated: 29/Jul/19  Resolved: 10/Jul/19

Status: Resolved
Project: Lustre
Component/s: None
Affects Version/s: None
Fix Version/s: Lustre 2.13.0, Lustre 2.12.3

Type: Bug Priority: Minor
Reporter: Jian Yu Assignee: Jian Yu
Resolution: Fixed Votes: 0
Labels: None

Issue Links:
Related
is related to LU-12384 kernel update [RHEL7.6 3.10.0-957.21.... Resolved
is related to LU-12608 kernel update [RHEL7.6 3.10.0-957.27.... Resolved
Severity: 3
Rank (Obsolete): 9223372036854775807

 Description   

Security Fix(es):

  • An integer overflow flaw was found in the way the Linux kernel's networking subsystem processed TCP Selective Acknowledgment (SACK) segments. While processing SACK segments, the Linux kernel's socket buffer (SKB) data structure becomes fragmented. Each fragment is about TCP maximum segment size (MSS) bytes. To efficiently process SACK blocks, the Linux kernel merges multiple fragmented SKBs into one, potentially overflowing the variable holding the number of segments. A remote attacker could use this flaw to crash the Linux kernel by sending a crafted sequence of SACK segments on a TCP connection with small value of TCP MSS, resulting in a denial of service (DoS). (CVE-2019-11477)
  • Kernel: tcp: excessive resource consumption while processing SACK blocks allows remote denial of service (CVE-2019-11478)
  • Kernel: tcp: excessive resource consumption for TCP connections with low MSS allows remote denial of service (CVE-2019-11479)

https://access.redhat.com/errata/product/69/ver=/rhel---7/x86_64/RHSA-2019:1481

 Comments   
Comment by Gerrit Updater [ 19/Jun/19 ]

Jian Yu (yujian@whamcloud.com) uploaded a new patch: https://review.whamcloud.com/35268
Subject: LU-12458 kernel: kernel update RHEL7.6 [3.10.0-957.21.3.el7]
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: 707b4e6608517c9cc6b46d6772e173a5ecdb7e8a

Comment by Gerrit Updater [ 19/Jun/19 ]

Jian Yu (yujian@whamcloud.com) uploaded a new patch: https://review.whamcloud.com/35269
Subject: LU-12458 kernel: kernel update RHEL7.6 [3.10.0-957.21.3.el7]
Project: fs/lustre-release
Branch: b2_12
Current Patch Set: 1
Commit: 74047954d93d7b4d01da1755bcfb0f4ac8a2548a

Comment by Gerrit Updater [ 03/Jul/19 ]

Oleg Drokin (green@whamcloud.com) merged in patch https://review.whamcloud.com/35269/
Subject: LU-12458 kernel: kernel update RHEL7.6 [3.10.0-957.21.3.el7]
Project: fs/lustre-release
Branch: b2_12
Current Patch Set:
Commit: 37cb98dba636612d04af02c40b051d9a6ca42e90

Comment by Gerrit Updater [ 10/Jul/19 ]

Oleg Drokin (green@whamcloud.com) merged in patch https://review.whamcloud.com/35268/
Subject: LU-12458 kernel: kernel update RHEL7.6 [3.10.0-957.21.3.el7]
Project: fs/lustre-release
Branch: master
Current Patch Set:
Commit: 4fb7805c408bd9d0b6409ffbc82aac501aaa025a

Comment by Peter Jones [ 10/Jul/19 ]

Landed for 2.13

Generated at Sat Feb 10 02:52:45 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.