[LU-14127] kernel update [SLES15 SP2 5.3.18-24.34.1] Created: 07/Nov/20  Updated: 11/Nov/20  Resolved: 11/Nov/20

Status: Resolved
Project: Lustre
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Minor
Reporter: Jian Yu Assignee: Jian Yu
Resolution: Won't Fix Votes: 0
Labels: None

Issue Links:
Related
is related to LU-14078 kernel update [SLES15 SP2 5.3.18-24.2... Resolved
is related to LU-14133 kernel update [SLES15 SP2 5.3.18-24.3... Resolved
Rank (Obsolete): 9223372036854775807

 Description   

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various
security and bugfixes.

The following security bugs were fixed:

  • CVE-2020-25285: A race condition between hugetlb sysctl handlers in
    mm/hugetlb.c could be used by local attackers to corrupt memory, cause a
    NULL pointer dereference, or possibly have unspecified other impact
    (bnc#1176485).
  • CVE-2020-16120: Fixed permission check to open real file when using
    overlayfs. It was possible to have a file not readable by an
    unprivileged user be copied to a mountpoint controlled by that user and
    then be able to access the file. (bsc#1177470)
  • CVE-2020-14351: Fixed a race condition in the perf_mmap_close() function
    (bsc#1177086).

The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2020-November/007685.html

 Comments   
Comment by Jian Yu [ 11/Nov/20 ]

A new version is available: LU-14133

Generated at Sat Feb 10 03:07:04 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.