[LU-7162] Kernel update for RHEL7.1 [3.10.0-229.14.1.el7] Created: 15/Sep/15  Updated: 01/Jul/16  Resolved: 07/Oct/15

Status: Resolved
Project: Lustre
Component/s: None
Affects Version/s: None
Fix Version/s: Lustre 2.8.0

Type: Bug Priority: Minor
Reporter: Bob Glossman (Inactive) Assignee: Bob Glossman (Inactive)
Resolution: Fixed Votes: 0
Labels: None

Issue Links:
Related
Severity: 3
Rank (Obsolete): 9223372036854775807

 Description   
  • A flaw was found in the kernel's implementation of the Berkeley Packet
    Filter (BPF). A local attacker could craft BPF code to crash the system by
    creating a situation in which the JIT compiler would fail to correctly
    optimize the JIT image on the last pass. This would lead to the CPU
    executing instructions that were not part of the JIT code. (CVE-2015-4700,
    Important)
  • Two flaws were found in the way the Linux kernel's networking
    implementation handled UDP packets with incorrect checksum values. A remote
    attacker could potentially use these flaws to trigger an infinite loop in
    the kernel, resulting in a denial of service on the system, or cause a
    denial of service in applications using the edge triggered epoll
    functionality. (CVE-2015-5364, CVE-2015-5366, Important)
  • A flaw was found in the way the Linux kernel's ext4 file system handled
    the "page size > block size" condition when the fallocate zero range
    functionality was used. A local attacker could use this flaw to crash the
    system. (CVE-2015-0275, Moderate)
  • It was found that the Linux kernel's keyring implementation would leak
    memory when adding a key to a keyring via the add_key() function. A local
    attacker could use this flaw to exhaust all available memory on the system.
    (CVE-2015-1333, Moderate)
  • A race condition flaw was found in the way the Linux kernel's SCTP
    implementation handled Address Configuration lists when performing Address
    Configuration Change (ASCONF). A local attacker could use this flaw to
    crash the system via a race condition triggered by setting certain ASCONF
    options on a socket. (CVE-2015-3212, Moderate)
  • An information leak flaw was found in the way the Linux kernel's Virtual
    Dynamic Shared Object (vDSO) implementation performed address
    randomization. A local, unprivileged user could use this flaw to leak
    kernel memory addresses to user-space. (CVE-2014-9585, Low)

Bugs fixed (https://bugzilla.redhat.com/):

1181054 - CVE-2014-9585 kernel: ASLR bruteforce possible for vdso library
1193907 - CVE-2015-0275 kernel: fs: ext4: fallocate zero range page size > block size BUG()
1226442 - CVE-2015-3212 kernel: SCTP race condition allows list corruption and panic from userlevel
1233615 - CVE-2015-4700 kernel: Crafted BPF filters may crash kernel during JIT optimisation
1239029 - CVE-2015-5366 CVE-2015-5364 kernel: net: incorrect processing of checksums in UDP implementation
1245658 - CVE-2015-1333 kernel: denial of service due to memory leak in add_key()

 Comments   
Comment by Gerrit Updater [ 16/Sep/15 ]

Bob Glossman (bob.glossman@intel.com) uploaded a new patch: http://review.whamcloud.com/16444
Subject: LU-7162 kernel: kernel update RHEL 7.1 [3.10.0-229.14.1.el7]
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: 630ab8520855f339d12614f1b1f07fa6d6fc1d3c

Comment by Gerrit Updater [ 07/Oct/15 ]

Oleg Drokin (oleg.drokin@intel.com) merged in patch http://review.whamcloud.com/16444/
Subject: LU-7162 kernel: kernel update RHEL 7.1 [3.10.0-229.14.1.el7]
Project: fs/lustre-release
Branch: master
Current Patch Set:
Commit: 846efa4d098d3becb74bad343ba6adb6abc8b394

Comment by Joseph Gmitter (Inactive) [ 07/Oct/15 ]

Landed for 2.8.

Generated at Sat Feb 10 02:06:31 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.