[#LU-17113] kernel update [SLES15 SP4 5.14.21-150400.24.81.1]

[LU-17113] kernel update [SLES15 SP4 5.14.21-150400.24.81.1] Created: 12/Sep/23 Updated: 19/Sep/23 Resolved: 19/Sep/23
Status:	Resolved
Project:	Lustre
Component/s:	None
Affects Version/s:	Lustre 2.16.0, Lustre 2.15.4
Fix Version/s:	None

Type:

Improvement

Priority:

Minor

Reporter:

Jian Yu

Assignee:

Jian Yu

Resolution:

Won't Fix

Votes:

Labels:

None

Issue Links:

Severity:

Rank (Obsolete):

9223372036854775807

Description

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security
and bugfixes.

The following security bugs were fixed:

CVE-2022-40982: Fixed transient execution attack called "Gather Data
Sampling" (bsc#1206418).
CVE-2023-0459: Fixed information leak in __uaccess_begin_nospec
(bsc#1211738).
CVE-2023-20569: Fixed side channel attack 'Inception' or 'RAS Poisoning'
(bsc#1213287).
CVE-2023-21400: Fixed several memory corruptions due to improper locking in
io_uring (bsc#1213272).
CVE-2023-2156: Fixed a flaw in the networking subsystem within the handling
of the RPL protocol (bsc#1211131).
CVE-2023-2166: Fixed NULL pointer dereference in can_rcv_filter
(bsc#1210627).
CVE-2023-31083: Fixed race condition in hci_uart_tty_ioctl (bsc#1210780).
CVE-2023-3268: Fixed an out of bounds memory access flaw in
relay_file_read_start_pos in the relayfs (bsc#1212502).
CVE-2023-3567: Fixed a use-after-free in vcs_read in
drivers/tty/vt/vc_screen.c (bsc#1213167).
CVE-2023-3609: Fixed reference counter leak leading to overflow in net/sched
(bsc#1213586).
CVE-2023-3611: Fixed an out-of-bounds write in net/sched
sch_qfq(bsc#1213585).
CVE-2023-3776: Fixed improper refcount update in cls_fw leads to use-after-
free (bsc#1213588).
CVE-2023-4004: Fixed improper element removal netfilter nft_set_pipapo
(bsc#1213812).

Comments

Comment by Jian Yu [ 19/Sep/23 ]

A new version is available in ~~LU-17133~~.

Generated at Sat Feb 10 03:32:45 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.