[LU-15570] kernel update [SLES12 SP5 4.12.14-122.110.1] Created: 18/Feb/22  Updated: 23/Mar/22  Resolved: 23/Mar/22

Status: Resolved
Project: Lustre
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Minor
Reporter: Jian Yu Assignee: Jian Yu
Resolution: Won't Fix Votes: 0
Labels: None

Issue Links:
Related
is related to LU-15309 kernel update [SLES12 SP5 4.12.14-122... Closed
is related to LU-15679 kernel update [SLES12 SP5 4.12.14-122... Resolved
Rank (Obsolete): 9223372036854775807

 Description   

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various
security and bugfixes.

The following security bugs were fixed:

  • CVE-2022-0435: Fixed remote stack overflow in net/tipc module that
    validate domain record count on input (bsc#1195254).
  • CVE-2021-3564: Fixed double-free memory corruption in the Linux kernel
    HCI device initialization subsystem that could have been used by
    attaching malicious HCI TTY Bluetooth devices. A local user could use
    this flaw to crash the system (bnc#1186207).
  • CVE-2020-28097: Fixed out-of-bounds read in vgacon subsystem that
    mishandled software scrollback (bnc#1187723).
  • CVE-2021-44733: Fixed a use-after-free exists in drivers/tee/tee_shm.c
    in the TEE subsystem, that could have occured because of a race
    condition in tee_shm_get_from_id during an attempt to free a shared
    memory object (bnc#1193767).
  • CVE-2022-0322: Fixed SCTP issue with account stream padding length for
    reconf chunk (bsc#1194985).
  • CVE-2021-4135: Fixed zero-initialize memory inside netdevsim for new
    map's value in function nsim_bpf_map_alloc (bsc#1193927).
  • CVE-2022-22942: Fixed stale file descriptors on failed usercopy
    (bsc#1195065).
  • CVE-2021-39657: Fixed out of bounds read due to a missing bounds check
    in ufshcd_eh_device_reset_handler of ufshcd.c. This could lead to local
    information disclosure with System execution privileges needed
    (bnc#1193864).
  • CVE-2021-39648: Fixed possible disclosure of kernel heap memory due to a
    race condition in gadget_dev_desc_UDC_show of configfs.c. This could
    lead to local information disclosure with System execution privileges
    needed. User interaction is not needed for exploitation (bnc#1193861).
  • CVE-2022-0330: Fixed flush TLBs before releasing backing store
    (bsc#1194880).
  • CVE-2021-4197: Use cgroup open-time credentials for process migraton
    perm checks (bsc#1194302).
  • CVE-2021-4202: Fixed NFC race condition by adding NCI_UNREG flag
    (bsc#1194529).
  • CVE-2021-4083: Fixed a read-after-free memory flaw inside the garbage
    collection for Unix domain socket file handlers when users call close()
    and fget() simultaneouslyand can potentially trigger a race condition
    (bnc#1193727).
  • CVE-2021-4149: Fixed btrfs unlock newly allocated extent buffer after
    error (bsc#1194001).

The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2022-February/010215.html

 Comments   
Comment by Gerrit Updater [ 18/Feb/22 ]

"Jian Yu <yujian@whamcloud.com>" uploaded a new patch: https://review.whamcloud.com/46560
Subject: LU-15570 kernel: kernel update SLES12 SP5 [4.12.14-122.110.1]
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: cda56f9f96b092a60dccaa64022b01ec0022ee52

Comment by Jian Yu [ 23/Mar/22 ]

A new version is available in LU-15679.

Generated at Sat Feb 10 03:19:27 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.