[LU-5403] Kernel update [RHEL6.5 2.6.32-431.23.3.el6] Created: 24/Jul/14  Updated: 14/Aug/14  Resolved: 14/Aug/14

Status: Resolved
Project: Lustre
Component/s: None
Affects Version/s: None
Fix Version/s: Lustre 2.7.0, Lustre 2.5.3

Type: Bug Priority: Minor
Reporter: Yang Sheng Assignee: Yang Sheng
Resolution: Fixed Votes: 0
Labels: None

Issue Links:
Related
Severity: 3
Rank (Obsolete): 15037

 Description   
  • It was found that the Linux kernel's ptrace subsystem allowed a traced
    process' instruction pointer to be set to a non-canonical memory address
    without forcing the non-sysret code path when returning to user space.
    A local, unprivileged user could use this flaw to crash the system or,
    potentially, escalate their privileges on the system. (CVE-2014-4699,
    Important)

Note: The CVE-2014-4699 issue only affected systems using an Intel CPU.

  • A flaw was found in the way the pppol2tp_setsockopt() and
    pppol2tp_getsockopt() functions in the Linux kernel's PPP over L2TP
    implementation handled requests with a non-SOL_PPPOL2TP socket option
    level. A local, unprivileged user could use this flaw to escalate their
    privileges on the system. (CVE-2014-4943, Important)

Bugs fixed (https://bugzilla.redhat.com/):

1115927 - CVE-2014-4699 kernel: x86_64: ptrace: sysret to non-canonical address
1119458 - CVE-2014-4943 kernel: net: pppol2tp: level handling in pppol2tp_[s,g]etsockopt()

 Comments   
Comment by Yang Sheng [ 24/Jul/14 ]

Patch for master: http://review.whamcloud.com/11211

Comment by Bob Glossman (Inactive) [ 30/Jul/14 ]

there's already an even newer kernel version update; 2.6.32-431.23.3.el6. I think it makes most sense to wait for that to arrive in Centos then update our build to that version, skipping -431.20.5. I plan to revise the mod in gerrit as soon as the update appears in Centos 6.

Comment by Peter Jones [ 14/Aug/14 ]

Landed for 2.5.3 and 2.7

Generated at Sat Feb 10 01:51:11 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.