[LU-14722] kernel update [SLES15 SP2 5.3.18-24.64.1] Created: 29/May/21  Updated: 19/Jun/21  Resolved: 19/Jun/21

Status: Resolved
Project: Lustre
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Minor
Reporter: Jian Yu Assignee: Jian Yu
Resolution: Won't Fix Votes: 0
Labels: None

Issue Links:
Related
is related to LU-14671 kernel update [SLES15 SP2 5.3.18-24.6... Resolved
is related to LU-14774 kernel update [SLES15 SP2 5.3.18-24.6... Resolved
Rank (Obsolete): 9223372036854775807

 Description   

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various
security and bugfixes.

The following security bugs were fixed:

  • CVE-2021-29650: Fixed an issue with the netfilter subsystem that allowed
    attackers to cause a denial of service (panic) because
    net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a
    full memory barrier upon the assignment of a new table value
    (bnc#1184208).
  • CVE-2021-29155: Fixed an issue that was discovered in
    kernel/bpf/verifier.c that performs undesirable out-of-bounds
    speculation on pointer arithmetic, leading to side-channel attacks that
    defeat Spectre mitigations and obtain sensitive information from kernel
    memory. Specifically, for sequences of pointer arithmetic operations,
    the pointer modification performed by the first operation was not
    correctly accounted for when restricting subsequent operations
    (bnc#1184942).

The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2021-May/008767.html

 Comments   
Comment by Jian Yu [ 19/Jun/21 ]

A new version is available: LU-14774

Generated at Sat Feb 10 03:12:12 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.