https://jira.whamcloud.com This file is an XML representation of an issue en-us 9.4.14 940014 05-12-2023 https://jira.whamcloud.com/browse/LU-13497 Lustre <p>The SUSE Linux Enterprise 12 SP4 kernel was updated to receive various security and bugfixes.</p> <p>The following security bugs were fixed:</p> <ul class="alternate" type="square"> <li>CVE-2020-8834: KVM on Power8 processors had a conflicting use of<br/> HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in<br/> kvmppc_ {save,restore} <p>_tm, leading to a stack corruption. Because of<br/> this, an attacker with the ability to run code in kernel space of a<br/> guest VM can cause the host kernel to panic (bnc#1168276).</p></li> <li>CVE-2020-11494: An issue was discovered in slc_bump in<br/> drivers/net/can/slcan.c, which allowed attackers to read uninitialized<br/> can_frame data, potentially containing sensitive information from kernel<br/> stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL<br/> (bnc#1168424).</li> <li>CVE-2020-10942: In get_raw_socket in drivers/vhost/net.c lacks<br/> validation of an sk_family field, which might allow attackers to trigger<br/> kernel stack corruption via crafted system calls (bnc#1167629).</li> <li>CVE-2019-9458: In the video driver there was a use after free due to a<br/> race condition. This could lead to local escalation of privilege with no<br/> additional execution privileges needed (bnc#1168295).</li> <li>CVE-2019-3701: Fixed an issue in can_can_gw_rcv, which could cause a<br/> system crash (bnc#1120386).</li> <li>CVE-2019-19770: Fixed a use-after-free in the debugfs_remove function<br/> (bsc#1159198).</li> <li>CVE-2020-11669: Fixed an issue where arch/powerpc/kernel/idle_book3s.S<br/> did not have save/restore functionality for PNV_POWERSAVE_AMR,<br/> PNV_POWERSAVE_UAMOR, and PNV_POWERSAVE_AMOR (bnc#1169390).</li> <li>CVE-2020-8647: There was a use-after-free vulnerability in the<br/> vc_do_resize function in drivers/tty/vt/vt.c (bnc#1162929).</li> <li>CVE-2020-8649: There was a use-after-free vulnerability in the<br/> vgacon_invert_region function in drivers/video/console/vgacon.c<br/> (bnc#1162931).</li> <li>CVE-2020-9383: An issue was discovered set_fdc in drivers/block/floppy.c<br/> leads to a wait_til_ready out-of-bounds read because the FDC index is<br/> not checked for errors before assigning it (bnc#1165111).</li> <li>CVE-2019-19768: Fixed a use-after-free in the __blk_add_trace function<br/> in kernel/trace/blktrace.c (bnc#1159285).</li> </ul> <p>The following non-security bugs were fixed:<br/> <a href="http://lists.suse.com/pipermail/sle-security-updates/2020-April/006755.html" class="external-link" target="_blank" rel="nofollow noopener">http://lists.suse.com/pipermail/sle-security-updates/2020-April/006755.html</a></p> LU-13497

kernel update [SLES12 SP4 4.12.14-95.51.1]

Improvement Minor Resolved Won't Fix Jian Yu Jian Yu Thu, 30 Apr 2020 23:00:07 +0000 Wed, 10 Jun 2020 21:52:06 +0000 Wed, 10 Jun 2020 21:52:06 +0000 0 1 <p>A newer kernel version is available: <a href="https://jira.whamcloud.com/browse/LU-13659" title="kernel update [SLES12 SP4 4.12.14-95.54.1]" class="issue-link" data-issue-key="LU-13659"><del>LU-13659</del></a></p> Related LU-13345 LU-13659 Development Rank 1|i00z8v: Rank (Obsolete) 9223372036854775807