[LU-14029] kernel update [SLES15 SP2 5.3.18-24.24.1] Created: 14/Oct/20  Updated: 03/Nov/20  Resolved: 03/Nov/20

Status: Resolved
Project: Lustre
Component/s: None
Affects Version/s: None
Fix Version/s: Lustre 2.14.0

Type: Improvement Priority: Minor
Reporter: Jian Yu Assignee: Jian Yu
Resolution: Fixed Votes: 0
Labels: None

Issue Links:
Related
is related to LU-13963 kernel update [SLES15 SP2 5.3.18-24.1... Resolved
is related to LU-14078 kernel update [SLES15 SP2 5.3.18-24.2... Resolved
Rank (Obsolete): 9223372036854775807

 Description   

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various
security and bugfixes.

The following security bugs were fixed:

  • CVE-2020-26088: Fixed an improper CAP_NET_RAW check in NFC socket
    creation could have been used by local attackers to create raw sockets,
    bypassing security mechanisms (bsc#1176990).
  • CVE-2020-14390: Fixed an out-of-bounds memory write leading to memory
    corruption or a denial of service when changing screen size
    (bnc#1176235).
  • CVE-2020-0432: Fixed an out of bounds write due to an integer overflow
    (bsc#1176721).
  • CVE-2020-0427: Fixed an out of bounds read due to a use after free
    (bsc#1176725).
  • CVE-2020-0431: Fixed an out of bounds write due to a missing bounds
    check (bsc#1176722).
  • CVE-2020-0404: Fixed a linked list corruption due to an unusual root
    cause (bsc#1176423).
  • CVE-2020-2521: Fixed getxattr kernel panic and memory overflow
    (bsc#1176381).
  • CVE-2020-25284: Fixed an incomplete permission checking for access to
    rbd devices, which could have been leveraged by local attackers to map
    or unmap rbd block devices (bsc#1176482).
  • CVE-2020-14385: Fixed a failure of the file system metadata validator in
    XFS which could have caused an inode with a valid, user-creatable
    extended attribute to be flagged as corrupt (bsc#1176137).

The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2020-October/007534.html

 Comments   
Comment by Gerrit Updater [ 15/Oct/20 ]

Jian Yu (yujian@whamcloud.com) uploaded a new patch: https://review.whamcloud.com/40265
Subject: LU-14029 kernel: new kernel [SLES15 SP2 5.3.18-24.24.1]
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: 9e2f8a409928f2caf2becb3ea330d46aa1fe4d15

Comment by Gerrit Updater [ 16/Oct/20 ]

Jian Yu (yujian@whamcloud.com) uploaded a new patch: https://review.whamcloud.com/40266
Subject: LU-14029 kernel: new kernel [SLES15 SP2 5.3.18-24.24.1]
Project: fs/lustre-release
Branch: b2_12
Current Patch Set: 1
Commit: 5ad5eaee03cc6312065cffe5eef7a4a671ef602c

Comment by Gerrit Updater [ 03/Nov/20 ]

Oleg Drokin (green@whamcloud.com) merged in patch https://review.whamcloud.com/40265/
Subject: LU-14029 kernel: new kernel [SLES15 SP2 5.3.18-24.24.1]
Project: fs/lustre-release
Branch: master
Current Patch Set:
Commit: fd7b4960d7dbd4164d1e2a9ac8b8009bbcd5fa08

Comment by Peter Jones [ 03/Nov/20 ]

Landed for 2.14

Generated at Sat Feb 10 03:06:14 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.