[#LU-1754] Kernel update [RHEL 6.3 2.6.32-279.5.1.el6]

[LU-1754] Kernel update [RHEL 6.3 2.6.32-279.5.1.el6] Created: 15/Aug/12 Updated: 22/Feb/13 Resolved: 30/Sep/12
Status:	Resolved
Project:	Lustre
Component/s:	None
Affects Version/s:	None
Fix Version/s:	Lustre 2.3.0, Lustre 1.8.9

Type:

Improvement

Priority:

Minor

Reporter:

Yang Sheng

Assignee:

Yang Sheng

Resolution:

Fixed

Votes:

Labels:

None

Rank (Obsolete):

4484

Description

This update fixes the following security issues:

An integer overflow flaw was found in the i915_gem_execbuffer2() function
in the Intel i915 driver in the Linux kernel. A local, unprivileged user
could use this flaw to cause a denial of service. This issue only affected
32-bit systems. (CVE-2012-2383, Moderate)

A missing initialization flaw was found in the sco_sock_getsockopt_old()
function in the Linux kernel's Bluetooth implementation. A local,
unprivileged user could use this flaw to cause an information leak.
(CVE-2011-1078, Low)

Red Hat would like to thank Vasiliy Kulikov of Openwall for reporting the
CVE-2011-1078 issue.

Bugs fixed (http://bugzilla.redhat.com/):

681259 - CVE-2011-1078 kernel: bt sco_conninfo infoleak
824176 - CVE-2012-2383 kernel: drm/i915: integer overflow in i915_gem_execbuffer2()
842429 - VLAN configured on top of a bonded interface (active-backup) does not failover [rhel-6.3.z]

Comments

Comment by Yang Sheng [ 15/Aug/12 ]

Patch upload to: http://review.whamcloud.com/3683

Comment by Joshua Kugler (Inactive) [ 16/Aug/12 ]

FYI, this kernel is in the update repos and ready to go.

Comment by James A Simmons [ 18/Sep/12 ]

Only patch left is for b2_1 at http://review.whamcloud.com/#change,3811

Comment by Yang Sheng [ 30/Sep/12 ]

New update move to ~~LU-2035~~.

Generated at Sat Feb 10 01:19:24 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.

[LU-1754] Kernel update [RHEL 6.3 2.6.32-279.5.1.el6] Created: 15/Aug/12 Updated: 22/Feb/13 Resolved: 30/Sep/12