[LU-14933] kernel update [SLES15 SP2 5.3.18-24.75.3] Created: 11/Aug/21  Updated: 06/Sep/21  Resolved: 06/Sep/21

Status: Resolved
Project: Lustre
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Minor
Reporter: Jian Yu Assignee: Jian Yu
Resolution: Won't Fix Votes: 0
Labels: None

Issue Links:
Related
is related to LU-14873 kernel update [SLES15 SP2 5.3.18-24.7... Resolved
is related to LU-14986 kernel update [SLES15 SP2 5.3.18-24.7... Resolved
Rank (Obsolete): 9223372036854775807

 Description   

The following security bugs were fixed:

  • CVE-2021-22555: A heap out-of-bounds write was discovered in
    net/netfilter/x_tables.c (bnc#1188116).
  • CVE-2021-33909: Extremely large seq buffer allocations in seq_file could
    lead to buffer underruns and code execution (bsc#1188062).
  • CVE-2021-3609: A use-after-free in can/bcm could have led to privilege
    escalation (bsc#1187215).
  • CVE-2021-3612: An out-of-bounds memory write flaw was found in the
    joystick devices subsystem in the way the user calls ioctl JSIOCSBTNMAP.
    This flaw allowed a local user to crash the system or possibly escalate
    their privileges on the system. The highest threat from this
    vulnerability is to confidentiality, integrity, as well as system
    availability (bnc#1187585 ).
  • CVE-2021-35039: kernel/module.c mishandled Signature Verification, aka
    CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel
    module is signed, for loading via init_module, did not occur for a
    module.sig_enforce=1 command-line argument (bnc#1188080). NOTE that SUSE
    kernels are configured with CONFIG_MODULE_SIG=y, so are not affected.

The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2021-July/009194.html

 Comments   
Comment by Jian Yu [ 06/Sep/21 ]

A new version is in https://review.whamcloud.com/44849

Generated at Sat Feb 10 03:14:01 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.