[LU-16175] kernel update [SLES12 SP5 4.12.14-122.133.1] Created: 20/Sep/22  Updated: 09/Feb/23  Resolved: 25/Oct/22

Status: Resolved
Project: Lustre
Component/s: None
Affects Version/s: None
Fix Version/s: Lustre 2.16.0

Type: Improvement Priority: Minor
Reporter: Jian Yu Assignee: Jian Yu
Resolution: Fixed Votes: 0
Labels: None

Issue Links:
Related
is related to LU-16093 kernel update [SLES12 SP5 4.12.14-122... Resolved
is related to LU-16547 kernel update [SLES12 SP5 4.12.14-122... Open
Rank (Obsolete): 9223372036854775807

 Description   

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various
security and bugfixes.

The following security bugs were fixed:

  • CVE-2022-36879: Fixed an issue in xfrm_expand_policies in
    net/xfrm/xfrm_policy.c where a refcount could be dropped twice
    (bnc#1201948).
  • CVE-2022-3028: Fixed race condition that was found in the IP framework
    for transforming packets (XFRM subsystem) (bnc#1202898).
  • CVE-2022-2977: Fixed reference counting for struct tpm_chip
    (bsc#1202672).
  • CVE-2022-29581: Fixed improper update of reference count vulnerability
    in net/sched that allowed a local attacker to cause privilege escalation
    to root (bnc#1199665).
  • CVE-2022-2639: Fixed an integer coercion error that was found in the
    openvswitch kernel module (bnc#1202154).
  • CVE-2022-26373: Fixed non-transparent sharing of return predictor
    targets between contexts in some Intel Processors (bnc#1201726).
  • CVE-2022-2588: Fixed use-after-free in cls_route (bsc#1202096).
  • CVE-2022-21385: Fixed a flaw in net_rds_alloc_sgs() that allowed
    unprivileged local users to crash the machine (bnc#1202897).
  • CVE-2022-20369: Fixed possible out of bounds write due to improper input
    validation in v4l2_m2m_querybuf of v4l2-mem2mem.c (bnc#1202347).
  • CVE-2022-20368: Fixed slab-out-of-bounds access in packet_recvmsg()
    (bsc#1202346).
  • CVE-2021-4203: Fixed use-after-free read flaw that was found in
    sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and
    SO_PEERGROUPS race with listen() (bnc#1194535).
  • CVE-2020-36516: Fixed an issue in the mixed IPID assignment method where
    an attacker was able to inject data into or terminate a victim's TCP
    session (bnc#1196616).

The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2022-September/012231.html

 Comments   
Comment by Gerrit Updater [ 20/Sep/22 ]

"Jian Yu <yujian@whamcloud.com>" uploaded a new patch: https://review.whamcloud.com/48605
Subject: LU-16175 kernel: kernel update SLES12 SP5 [4.12.14-122.133.1]
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: 0e283bc34254385fa3c4cb66aa57e29220a17b15

Comment by Gerrit Updater [ 25/Oct/22 ]

"Oleg Drokin <green@whamcloud.com>" merged in patch https://review.whamcloud.com/c/fs/lustre-release/+/48605/
Subject: LU-16175 kernel: kernel update SLES12 SP5 [4.12.14-122.133.1]
Project: fs/lustre-release
Branch: master
Current Patch Set:
Commit: 5547158daa4761892a7f158cce779130ae9bbe91

Comment by Peter Jones [ 25/Oct/22 ]

Landed for 2.16

Generated at Sat Feb 10 03:24:41 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.