[LU-14529] kernel update [SLES15 SP2 5.3.18-24.52.1] Created: 17/Mar/21  Updated: 05/May/21  Resolved: 11/Apr/21

Status: Resolved
Project: Lustre
Component/s: None
Affects Version/s: None
Fix Version/s: Lustre 2.15.0

Type: Improvement Priority: Minor
Reporter: Jian Yu Assignee: Jian Yu
Resolution: Fixed Votes: 0
Labels: None

Issue Links:
Related
is related to LU-14451 kernel update [SLES15 SP2 5.3.18-24.4... Resolved
is related to LU-14671 kernel update [SLES15 SP2 5.3.18-24.6... Resolved
Rank (Obsolete): 9223372036854775807

 Description   

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various
security and bugfixes.

The following security bugs were fixed:

  • CVE-2021-26930: Fixed an improper error handling in blkback's grant
    mapping (XSA-365 bsc#1181843).
  • CVE-2021-26931: Fixed an issue where Linux kernel was treating grant
    mapping errors as bugs (XSA-362 bsc#1181753).
  • CVE-2021-26932: Fixed improper error handling issues in Linux grant
    mapping (XSA-361 bsc#1181747). by remote attackers to read or write
    files via directory traversal in an XCOPY request (bsc#178372).
  • CVE-2020-12362: Fixed an integer overflow in the firmware which may have
    allowed a privileged user to potentially enable an escalation of
    privilege via local access (bsc#1181720).
  • CVE-2020-12363: Fixed an improper input validation which may have
    allowed a privileged user to potentially enable a denial of service via
    local access (bsc#1181735).
  • CVE-2020-12364: Fixed a null pointer reference which may have allowed a
    privileged user to potentially enable a denial of service via local
    access (bsc#1181736 ).
  • CVE-2020-12373: Fixed an expired pointer dereference which may have
    allowed a privileged user to potentially enable a denial of service via
    local access (bsc#1181738).
  • CVE-2020-29368,CVE-2020-29374: Fixed an issue in copy-on-write
    implementation which could have granted unintended write access because
    of a race condition in a THP mapcount check (bsc#1179660, bsc#1179428).

The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2021-March/008452.html

 Comments   
Comment by Gerrit Updater [ 17/Mar/21 ]

Jian Yu (yujian@whamcloud.com) uploaded a new patch: https://review.whamcloud.com/42055
Subject: LU-14529 kernel: kernel update SLES15 SP2 [5.3.18-24.52.1]
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: 3d574f23bc8fc199a08a404ab6a58a813cb9ea94

Comment by Gerrit Updater [ 10/Apr/21 ]

Oleg Drokin (green@whamcloud.com) merged in patch https://review.whamcloud.com/42055/
Subject: LU-14529 kernel: kernel update SLES15 SP2 [5.3.18-24.52.1]
Project: fs/lustre-release
Branch: master
Current Patch Set:
Commit: 6ef3fa710100ee1f7b0cd8415cd46562331b94d1

Comment by Peter Jones [ 11/Apr/21 ]

Landed for 2.15

Generated at Sat Feb 10 03:10:33 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.