Whamcloud Community JIRA https://jira.whamcloud.com This file is an XML representation of an issue en-us 9.4.14 940014 05-12-2023 [LU-12940] kernel update [SLES12 SP4 4.12.14-95.37.1] https://jira.whamcloud.com/browse/LU-12940 Lustre <p>The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various<br/> security and bugfixes.</p> <p>The following security bugs were fixed:</p> <ul class="alternate" type="square"> <li>CVE-2017-18595: A double free may be caused by the function<br/> allocate_trace_buffer in the file kernel/trace/trace.c (bnc#1149555).</li> <li>CVE-2019-14821: An out-of-bounds access issue was found in the way Linux<br/> kernel's KVM hypervisor implements the coalesced MMIO write operation.<br/> It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object,<br/> wherein write indices 'ring-&gt;first' and 'ring-&gt;last' value could be<br/> supplied by a host user-space process. An unprivileged host user or<br/> process with access to '/dev/kvm' device could use this flaw to crash<br/> the host kernel, resulting in a denial of service or potentially<br/> escalating privileges on the system (bnc#1151350).</li> <li>CVE-2019-15291: There was a NULL pointer dereference caused by a<br/> malicious USB device in the flexcop_usb_probe function in the<br/> drivers/media/usb/b2c2/flexcop-usb.c driver (bnc#1146540).</li> <li>CVE-2019-9506: The Bluetooth BR/EDR specification up to and including<br/> version 5.1 permitted sufficiently low encryption key length and did not<br/> prevent an attacker from influencing the key length negotiation. This<br/> allowed practical brute-force attacks (aka "KNOB") that could decrypt<br/> traffic and injected arbitrary ciphertext without the victim noticing<br/> (bnc#1137865 bnc#1146042).</li> <li>CVE-2019-16232: Fixed a NULL pointer dereference in<br/> drivers/net/wireless/marvell/libertas/if_sdio.c, which did not check the<br/> alloc_workqueue return value (bnc#1150465).</li> <li>CVE-2019-16234: Fixed a NULL pointer dereference in<br/> drivers/net/wireless/intel/iwlwifi/pcie/trans.c, which did not check the<br/> alloc_workqueue return value (bnc#1150452).</li> <li>CVE-2019-17056: Added enforcement of CAP_NET_RAW in llcp_sock_create in<br/> net/nfc/llcp_sock.c in the AF_NFC network module, the lack of which<br/> allowed unprivileged users to create a raw socket, aka CID-3a359798b176<br/> (bnc#1152788).</li> <li>CVE-2019-17133: Fixed a buffer overflow in cfg80211_mgd_wext_giwessid in<br/> net/wireless/wext-sme.c caused by long SSID IEs (bsc#1153158).</li> <li>CVE-2019-17666: Added an upper-bound check in rtl_p2p_noa_ie in<br/> drivers/net/wireless/realtek/rtlwifi/ps.c, the lack of which could have<br/> led to a buffer overflow (bnc#1154372).</li> </ul> <p>The following non-security bugs were fixed:<br/> <a href="http://lists.suse.com/pipermail/sle-security-updates/2019-October/006083.html" class="external-link" target="_blank" rel="nofollow noopener">http://lists.suse.com/pipermail/sle-security-updates/2019-October/006083.html</a></p> LU-12940 kernel update [SLES12 SP4 4.12.14-95.37.1] Bug Minor Resolved Won't Fix Jian Yu Jian Yu Tue, 5 Nov 2019 19:18:47 +0000 Mon, 9 Dec 2019 09:55:42 +0000 Mon, 9 Dec 2019 09:55:42 +0000 0 2 <p>Jian Yu (yujian@whamcloud.com) uploaded a new patch: <a href="https://review.whamcloud.com/36676" class="external-link" target="_blank" rel="nofollow noopener">https://review.whamcloud.com/36676</a><br/> Subject: <a href="https://jira.whamcloud.com/browse/LU-12940" title="kernel update [SLES12 SP4 4.12.14-95.37.1]" class="issue-link" data-issue-key="LU-12940"><del>LU-12940</del></a> kernel: kernel update SLES12 SP4 <span class="error">&#91;4.12.14-95.37.1&#93;</span><br/> Project: fs/lustre-release<br/> Branch: master<br/> Current Patch Set: 1<br/> Commit: e9f8873e709883c6581b02ecd6c8840a88b257cc</p> <p>Jian Yu (yujian@whamcloud.com) uploaded a new patch: <a href="https://review.whamcloud.com/36677" class="external-link" target="_blank" rel="nofollow noopener">https://review.whamcloud.com/36677</a><br/> Subject: <a href="https://jira.whamcloud.com/browse/LU-12940" title="kernel update [SLES12 SP4 4.12.14-95.37.1]" class="issue-link" data-issue-key="LU-12940"><del>LU-12940</del></a> kernel: kernel update SLES12 SP4 <span class="error">&#91;4.12.14-95.37.1&#93;</span><br/> Project: fs/lustre-release<br/> Branch: b2_12<br/> Current Patch Set: 1<br/> Commit: 78027baa7e0aa66cf76abbc305623814b674b5dc</p> <p>A new kernel update is in <a href="https://jira.whamcloud.com/browse/LU-12987" title="kernel update [SLES12 SP4 4.12.14-95.40.1]" class="issue-link" data-issue-key="LU-12987"><del>LU-12987</del></a>.</p> Related LU-12793 LU-12987 Development Rank 1|i00p1r: Rank (Obsolete) 9223372036854775807 Severity