[LU-16547] kernel update [SLES12 SP5 4.12.14-122.147.1] Created: 09/Feb/23  Updated: 09/Feb/23

Status: Open
Project: Lustre
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Minor
Reporter: Jian Yu Assignee: Jian Yu
Resolution: Unresolved Votes: 0
Labels: None

Issue Links:
Related
is related to LU-16175 kernel update [SLES12 SP5 4.12.14-122... Resolved
Rank (Obsolete): 9223372036854775807

 Description   

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various
security and bugfixes.

The following security bugs were fixed:

  • CVE-2022-4662: Fixed a recursive locking violation in usb-storage that
    can cause the kernel to deadlock. (bsc#1206664)
  • CVE-2022-3564: Fixed a bug which could lead to use after free, it was
    found in the function l2cap_reassemble_sdu of the file
    net/bluetooth/l2cap_core.c of the component Bluetooth. (bsc#1206073)
  • CVE-2022-3108: Fixed a bug in kfd_parse_subtype_iolink in
    drivers/gpu/drm/amd/amdkfd/kfd_crat.c where a lack of check of the
    return value of kmemdup() could lead to a NULL pointer dereference.
    (bsc#1206389)
  • CVE-2023-23454: Fixed a type confusion bug in the CBQ network scheduler
    which could lead to a use-after-free (bsc#1207036)
  • CVE-2022-3107: Fixed a null pointer dereference caused by a missing
    check of the return value of kvmalloc_array. (bsc#1206395)

The following non-security bugs were fixed:
https://lists.suse.com/pipermail/sle-security-updates/2023-January/013526.html
Generated at Sat Feb 10 03:27:57 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.