[LU-14219] kernel update [SLES15 SP2 5.3.18-24.43.2] Created: 15/Dec/20  Updated: 28/Jan/21  Resolved: 28/Jan/21

Status: Resolved
Project: Lustre
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Minor
Reporter: Jian Yu Assignee: Jian Yu
Resolution: Won't Fix Votes: 0
Labels: None

Issue Links:
Related
is related to LU-14133 kernel update [SLES15 SP2 5.3.18-24.3... Resolved
is related to LU-14375 kernel update [SLES15 SP2 5.3.18-24.4... Resolved
Rank (Obsolete): 9223372036854775807

 Description   

The SUSE Linux Enterprise 15 SP2 kernel was updated to 3.12.31 to receive
various security and bugfixes.

The following security bugs were fixed:

  • CVE-2020-15436: Fixed a use after free vulnerability in fs/block_dev.c
    which could have allowed local users to gain privileges or cause a
    denial of service (bsc#1179141).
  • CVE-2020-15437: Fixed a null pointer dereference which could have
    allowed local users to cause a denial of service(bsc#1179140).
  • CVE-2020-25668: Fixed a concurrency use-after-free in con_font_op
    (bsc#1178123).
  • CVE-2020-25669: Fixed a use-after-free read in sunkbd_reinit()
    (bsc#1178182).
  • CVE-2020-25704: Fixed a leak in perf_event_parse_addr_filter()
    (bsc#1178393).
  • CVE-2020-27777: Restrict RTAS requests from userspace (bsc#1179107)
  • CVE-2020-28915: Fixed a buffer over-read in the fbcon code which could
    have been used by local attackers to read kernel memory (bsc#1178886).
  • CVE-2020-28974: Fixed a slab-out-of-bounds read in fbcon which could
    have been used by local attackers to read privileged information or
    potentially crash the kernel (bsc#1178589).
  • CVE-2020-29371: Fixed uninitialized memory leaks to userspace
    (bsc#1179429).
  • CVE-2020-25705: Fixed an issue which could have allowed to quickly scan
    open UDP ports. This flaw allowed an off-path remote user to effectively
    bypassing source port UDP randomization (bsc#1175721).
  • CVE-2020-28941: Fixed an issue where local attackers on systems with the
    speakup driver could cause a local denial of service attack
    (bsc#1178740).
  • CVE-2020-4788: Fixed an issue with IBM Power9 processors could have
    allowed a local user to obtain sensitive information from the data in
    the L1 cache under extenuating circumstances (bsc#1177666).
  • CVE-2020-29369: Fixed a race condition between certain expand functions
    (expand_downwards and expand_upwards) and page-table free operations
    from an munmap call, aka CID-246c320a8cfe (bnc#1173504 1179432).

The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2020-December/007964.html

 Comments   
Comment by Gerrit Updater [ 17/Dec/20 ]

Jian Yu (yujian@whamcloud.com) uploaded a new patch: https://review.whamcloud.com/41033
Subject: LU-14219 kernel: kernel update SLES15 SP2 [5.3.18-24.43.2]
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: dd629c9c242827bfa638aed6c46e4b270bd38fb7

Comment by Jian Yu [ 28/Jan/21 ]

A new version is available: LU-14375

Generated at Sat Feb 10 03:07:52 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.