[LU-15035] kernel update [SLES15 SP2 5.3.18-24.83.2] Created: 27/Sep/21  Updated: 25/Oct/21  Resolved: 25/Oct/21

Status: Resolved
Project: Lustre
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Minor
Reporter: Jian Yu Assignee: Jian Yu
Resolution: Won't Fix Votes: 0
Labels: None

Issue Links:
Related
is related to LU-14986 kernel update [SLES15 SP2 5.3.18-24.7... Resolved
is related to LU-15159 kernel update [SLES15 SP2 5.3.18-24.8... Resolved
Rank (Obsolete): 9223372036854775807

 Description   

The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various
security and bugfixes.

The following security bugs were fixed:

  • CVE-2021-3759: Unaccounted ipc objects in Linux kernel could have lead
    to breaking memcg limits and DoS attacks (bsc#1190115).
  • CVE-2021-38160: Data corruption or loss could be triggered by an
    untrusted device that supplies a buf->len value exceeding the buffer
    size in drivers/char/virtio_console.c (bsc#1190117)
  • CVE-2021-3640: Fixed a Use-After-Free vulnerability in function
    sco_sock_sendmsg() in the bluetooth stack (bsc#1188172).
  • CVE-2021-3753: Fixed race out-of-bounds in virtual terminal handling
    (bsc#1190025).
  • CVE-2021-3743: Fixed OOB Read in qrtr_endpoint_post (bsc#1189883).
  • CVE-2021-3739: Fixed a NULL pointer dereference when deleting device by
    invalid id (bsc#1189832 ).
  • CVE-2021-3732: Mounting overlayfs inside an unprivileged user namespace
    can reveal files (bsc#1189706).
  • CVE-2021-3653: Missing validation of the `int_ctl` VMCB field and allows
    a malicious L1 guest to enable AVIC support for the L2 guest.
    (bsc#1189399).
  • CVE-2021-3656: Missing validation of the the `virt_ext` VMCB field and
    allows a malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and
    VLS for the L2 guest (bsc#1189400).
  • CVE-2021-38198: arch/x86/kvm/mmu/paging_tmpl.h incorrectly computes the
    access permissions of a shadow page, leading to a missing guest
    protection page fault (bnc#1189262).
  • CVE-2021-38207: drivers/net/ethernet/xilinx/ll_temac_main.c allowed
    remote attackers to cause a denial of service (buffer overflow and
    lockup) by sending heavy network traffic for about ten minutes
    (bnc#1189298).
  • CVE-2021-38205: drivers/net/ethernet/xilinx/xilinx_emaclite.c made it
    easier for attackers to defeat an ASLR protection mechanism because it
    prints a kernel pointer (i.e., the real IOMEM pointer) (bnc#1189292).
  • CVE-2021-38204: drivers/usb/host/max3421-hcd.c allowed physically
    proximate attackers to cause a denial of service (use-after-free and
    panic) by removing a MAX-3421 USB device in certain situations
    (bnc#1189291).
  • CVE-2021-3679: A lack of CPU resource in tracing module functionality
    was found in the way user uses trace ring buffer in a specific way. Only
    privileged local users (with CAP_SYS_ADMIN capability) could use this
    flaw to starve the resources causing denial of service (bnc#1189057).
  • CVE-2021-34556: Fixed side-channel attack via a Speculative Store Bypass
    via unprivileged BPF program that could have obtain sensitive
    information from kernel memory (bsc#1188983).
  • CVE-2021-35477: Fixed BPF stack frame pointer which could have been
    abused to disclose content of arbitrary kernel memory (bsc#1188985).

The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2021-September/009508.html

 Comments   
Comment by Gerrit Updater [ 27/Sep/21 ]

"Jian Yu <yujian@whamcloud.com>" uploaded a new patch: https://review.whamcloud.com/45057
Subject: LU-15035 kernel: kernel update SLES15 SP2 [5.3.18-24.83.2]
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: 00948fcba1a2e5a85fc836c3d077fc185f31c67a

Comment by Jian Yu [ 25/Oct/21 ]

A new version is available in LU-15159

Generated at Sat Feb 10 03:14:53 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.