[LU-8692] kernel update [RHEL7.2 3.10.0-327.36.2.el7] Created: 11/Oct/16  Updated: 06/Dec/16  Resolved: 25/Oct/16

Status: Resolved
Project: Lustre
Component/s: None
Affects Version/s: None
Fix Version/s: Lustre 2.9.0

Type: Bug Priority: Minor
Reporter: Bob Glossman (Inactive) Assignee: Bob Glossman (Inactive)
Resolution: Fixed Votes: 0
Labels: None

Issue Links:
Related
Severity: 3
Rank (Obsolete): 9223372036854775807

 Description   

Security Fix(es):

  • Linux kernel built with the 802.1Q/802.1ad VLAN(CONFIG_VLAN_8021Q) OR Virtual
    eXtensible Local Area Network(CONFIG_VXLAN) with Transparent Ethernet
    Bridging(TEB) GRO support, is vulnerable to a stack overflow issue. It could
    occur while receiving large packets via GRO path as an unlimited recursion could
    unfold in both VLAN and TEB modules leading to a stack corruption in the kernel.
    (CVE-2016-7039, Important)

Bugs fixed (https://bugzilla.redhat.com/):

1375944 - CVE-2016-7039 kernel: remotely triggerable unbounded recursion in the vlan gro code leading to a kernel crash

 Comments   
Comment by Gerrit Updater [ 12/Oct/16 ]

Bob Glossman (bob.glossman@intel.com) uploaded a new patch: http://review.whamcloud.com/23102
Subject: LU-8692 kernel: kernel update RHEL7.2 [3.10.0-327.36.2.el7]
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: 07552fe9c388379485103772e479104491cbf287

Comment by Gerrit Updater [ 25/Oct/16 ]

Oleg Drokin (oleg.drokin@intel.com) merged in patch http://review.whamcloud.com/23102/
Subject: LU-8692 kernel: kernel update RHEL7.2 [3.10.0-327.36.2.el7]
Project: fs/lustre-release
Branch: master
Current Patch Set:
Commit: b4d1883392e3e6d01ba0a4fd2fdd12fdcc2cc277

Comment by Peter Jones [ 25/Oct/16 ]

Landed for 2.9

Generated at Sat Feb 10 02:19:44 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.