https://jira.whamcloud.com This file is an XML representation of an issue en-us 9.4.14 940014 05-12-2023 https://jira.whamcloud.com/browse/LU-12138 Lustre <p>The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.</p> <p>The following security bugs were fixed:</p> <ul class="alternate" type="square"> <li>CVE-2018-20669: Missing access control checks in ioctl of gpu/drm/i915<br/> driver were fixed which might have lead to information leaks.<br/> (bnc#1122971).</li> <li>CVE-2019-3459, CVE-2019-3460: The Bluetooth stack suffered from two<br/> remote information leak vulnerabilities in the code that handles<br/> incoming L2cap configuration packets (bsc#1120758).</li> <li>CVE-2019-3819: A flaw was found in the function hid_debug_events_read()<br/> in drivers/hid/hid-debug.c file which may enter an infinite loop with<br/> certain parameters passed from a userspace. A local privileged user<br/> ("root") can cause a system lock up and a denial of service.<br/> (bnc#1123161).</li> <li>CVE-2019-6974: kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandled<br/> reference counting because of a race condition, leading to a<br/> use-after-free (bnc#1124728 ).</li> <li>CVE-2019-7221: Fixed a use-after-free vulnerability in the KVM<br/> hypervisor related to the emulation of a preemption timer, allowing an<br/> guest user/process to crash the host kernel. (bsc#1124732).</li> <li>CVE-2019-7222: Fixed an information leakage in the KVM hypervisor<br/> related to handling page fault exceptions, which allowed a guest<br/> user/process to use this flaw to leak the host's stack memory contents<br/> to a guest (bsc#1124735).</li> <li>CVE-2019-7308: kernel/bpf/verifier.c performed undesirable out-of-bounds<br/> speculation on pointer arithmetic in various cases, including cases of<br/> different branches with different state or limits to sanitize, leading<br/> to side-channel attacks (bnc#1124055).</li> <li>CVE-2019-8912: af_alg_release() in crypto/af_alg.c neglects to set a<br/> NULL value for a certain structure member, which leads to a<br/> use-after-free in sockfs_setattr (bnc#1125907).</li> <li>CVE-2019-8980: A memory leak in the kernel_read_file function in<br/> fs/exec.c allowed attackers to cause a denial of service (memory<br/> consumption) by triggering vfs_read failures (bnc#1126209).</li> <li>CVE-2019-9213: expand_downwards in mm/mmap.c lacked a check for the mmap<br/> minimum address, which made it easier for attackers to exploit kernel<br/> NULL pointer dereferences on non-SMAP platforms. This is related to a<br/> capability check for the wrong task (bnc#1128166).</li> <li>CVE-2019-2024: A use-after-free when disconnecting a source was fixed<br/> which could lead to crashes. bnc#1129179).</li> </ul> <p>For non-security bugs fixed, please refer to:<br/> <a href="http://lists.suse.com/pipermail/sle-security-updates/2019-March/005240.html" class="external-link" target="_blank" rel="nofollow noopener">http://lists.suse.com/pipermail/sle-security-updates/2019-March/005240.html</a></p> LU-12138

kernel update [SLES12 SP4 4.12.14-95.13.1]

Bug Minor Resolved Fixed Jian Yu Jian Yu Mon, 1 Apr 2019 11:12:47 +0000 Thu, 16 May 2019 07:15:27 +0000 Tue, 30 Apr 2019 13:15:16 +0000 Lustre 2.13.0 Lustre 2.12.1 0 2 <p>Jian Yu (yujian@whamcloud.com) uploaded a new patch: <a href="https://review.whamcloud.com/34619" class="external-link" target="_blank" rel="nofollow noopener">https://review.whamcloud.com/34619</a><br/> Subject: <a href="https://jira.whamcloud.com/browse/LU-12138" title="kernel update [SLES12 SP4 4.12.14-95.13.1]" class="issue-link" data-issue-key="LU-12138"><del>LU-12138</del></a> kernel: kernel update SLES12 SP4 <span class="error">&#91;4.12.14-95.13.1&#93;</span><br/> Project: fs/lustre-release<br/> Branch: master<br/> Current Patch Set: 1<br/> Commit: db31dac335181c62ca85988b6aeb903fbc6a336d</p> <p>Jian Yu (yujian@whamcloud.com) uploaded a new patch: <a href="https://review.whamcloud.com/34621" class="external-link" target="_blank" rel="nofollow noopener">https://review.whamcloud.com/34621</a><br/> Subject: <a href="https://jira.whamcloud.com/browse/LU-12138" title="kernel update [SLES12 SP4 4.12.14-95.13.1]" class="issue-link" data-issue-key="LU-12138"><del>LU-12138</del></a> kernel: kernel update SLES12 SP4 <span class="error">&#91;4.12.14-95.13.1&#93;</span><br/> Project: fs/lustre-release<br/> Branch: b2_12<br/> Current Patch Set: 1<br/> Commit: 1d3158b18037126aac6c6ec47f28b9022b2a7bb2</p> <p>Oleg Drokin (green@whamcloud.com) merged in patch <a href="https://review.whamcloud.com/34621/" class="external-link" target="_blank" rel="nofollow noopener">https://review.whamcloud.com/34621/</a><br/> Subject: <a href="https://jira.whamcloud.com/browse/LU-12138" title="kernel update [SLES12 SP4 4.12.14-95.13.1]" class="issue-link" data-issue-key="LU-12138"><del>LU-12138</del></a> kernel: kernel update SLES12 SP4 <span class="error">&#91;4.12.14-95.13.1&#93;</span><br/> Project: fs/lustre-release<br/> Branch: b2_12<br/> Current Patch Set: <br/> Commit: 1642e29885ac2853003d4329a1c86a69b6d306f9</p> <p>Oleg Drokin (green@whamcloud.com) merged in patch <a href="https://review.whamcloud.com/34619/" class="external-link" target="_blank" rel="nofollow noopener">https://review.whamcloud.com/34619/</a><br/> Subject: <a href="https://jira.whamcloud.com/browse/LU-12138" title="kernel update [SLES12 SP4 4.12.14-95.13.1]" class="issue-link" data-issue-key="LU-12138"><del>LU-12138</del></a> kernel: kernel update SLES12 SP4 <span class="error">&#91;4.12.14-95.13.1&#93;</span><br/> Project: fs/lustre-release<br/> Branch: master<br/> Current Patch Set: <br/> Commit: 9593f12ca571be67c53802ea6defe33d1c9c08ae</p> <p>Landed for 2.13</p> Related LU-11927 LU-12308 Development Rank 1|i00e9j: Rank (Obsolete) 9223372036854775807 Severity