[LU-8965] kernel update [SLES11 SP4 3.0.101-91] Created: 21/Dec/16  Updated: 03/Jan/17  Resolved: 03/Jan/17

Status: Resolved
Project: Lustre
Component/s: None
Affects Version/s: None
Fix Version/s: Lustre 2.10.0

Type: Bug Priority: Minor
Reporter: Bob Glossman (Inactive) Assignee: Bob Glossman (Inactive)
Resolution: Fixed Votes: 0
Labels: None

Issue Links:
Related
is related to LU-8896 kernel update [SLES11 SP4 3.0.101-88] Resolved
Severity: 3
Rank (Obsolete): 9223372036854775807

 Description   

The SUSE Linux Enterprise 11 SP4 kernel was updated to fix two security issues.

The following security bugs were fixed:

  • CVE-2016-9576: A use-after-free vulnerability in the SCSI generic driver allows users with write access to /dev/sg* or /dev/bsg* to elevate their privileges (bsc#1013604).
  • CVE-2016-9794: A use-after-free vulnerability in the ALSA pcm layer allowed local users to cause a denial of service, memory corruption or possibly even to elevate their privileges (bsc#1013533).

 Comments   
Comment by Gerrit Updater [ 21/Dec/16 ]

Bob Glossman (bob.glossman@intel.com) uploaded a new patch: https://review.whamcloud.com/24477
Subject: LU-8965 kernel: kernel update [SLES11 SP4 3.0.101-91]
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: bf8616e64dd89527c2ecf625ad389a93f1c0e69d

Comment by Gerrit Updater [ 01/Jan/17 ]

Oleg Drokin (oleg.drokin@intel.com) merged in patch https://review.whamcloud.com/24477/
Subject: LU-8965 kernel: kernel update [SLES11 SP4 3.0.101-91]
Project: fs/lustre-release
Branch: master
Current Patch Set:
Commit: 9ea9c66d1719672bf456368324f6de08bfbec3c1

Comment by Peter Jones [ 03/Jan/17 ]

Landed for 2.10

Generated at Sat Feb 10 02:22:05 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.