https://jira.whamcloud.com This file is an XML representation of an issue en-us 9.4.14 940014 05-12-2023 https://jira.whamcloud.com/browse/LU-14222 Lustre <p> The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various<br/> security and bugfixes.</p> <p> The following security bugs were fixed:</p> <ul class="alternate" type="square"> <li>CVE-2020-15436: Fixed a use after free vulnerability in fs/block_dev.c<br/> which could have allowed local users to gain privileges or cause a<br/> denial of service (bsc#1179141).</li> <li>CVE-2020-15437: Fixed a null pointer dereference which could have<br/> allowed local users to cause a denial of service(bsc#1179140).</li> <li>CVE-2020-25668: Fixed a concurrency use-after-free in con_font_op<br/> (bsc#1178123).</li> <li>CVE-2020-25669: Fixed a use-after-free read in sunkbd_reinit()<br/> (bsc#1178182).</li> <li>CVE-2020-25704: Fixed a leak in perf_event_parse_addr_filter()<br/> (bsc#1178393).</li> <li>CVE-2020-27777: Restrict RTAS requests from userspace (bsc#1179107)</li> <li>CVE-2020-28915: Fixed a buffer over-read in the fbcon code which could<br/> have been used by local attackers to read kernel memory (bsc#1178886).</li> <li>CVE-2020-28974: Fixed a slab-out-of-bounds read in fbcon which could<br/> have been used by local attackers to read privileged information or<br/> potentially crash the kernel (bsc#1178589).</li> <li>CVE-2020-29371: Fixed uninitialized memory leaks to userspace<br/> (bsc#1179429).</li> <li>CVE-2020-25705: Fixed an issue which could have allowed to quickly scan<br/> open UDP ports. This flaw allowed an off-path remote user to effectively<br/> bypassing source port UDP randomization (bsc#1175721).</li> </ul> <p> The following non-security bugs were fixed:<br/> <a href="https://lists.suse.com/pipermail/sle-security-updates/2020-December/007942.html" class="external-link" target="_blank" rel="nofollow noopener">https://lists.suse.com/pipermail/sle-security-updates/2020-December/007942.html</a></p> LU-14222

kernel update [SLES12 SP5 4.12.14-122.54.1]

Improvement Minor Resolved Won't Fix Jian Yu Jian Yu Tue, 15 Dec 2020 20:16:13 +0000 Thu, 28 Jan 2021 01:36:20 +0000 Thu, 28 Jan 2021 01:36:20 +0000 0 2 <p>Jian Yu (yujian@whamcloud.com) uploaded a new patch: <a href="https://review.whamcloud.com/41037" class="external-link" target="_blank" rel="nofollow noopener">https://review.whamcloud.com/41037</a><br/> Subject: <a href="https://jira.whamcloud.com/browse/LU-14222" title="kernel update [SLES12 SP5 4.12.14-122.54.1]" class="issue-link" data-issue-key="LU-14222"><del>LU-14222</del></a> kernel: kernel update SLES12 SP5 <span class="error">&#91;4.12.14-122.54.1&#93;</span><br/> Project: fs/lustre-release<br/> Branch: master<br/> Current Patch Set: 1<br/> Commit: 798a7f624752d401297fc739647f772a3e492de8</p> <p>Jian Yu (yujian@whamcloud.com) uploaded a new patch: <a href="https://review.whamcloud.com/41038" class="external-link" target="_blank" rel="nofollow noopener">https://review.whamcloud.com/41038</a><br/> Subject: <a href="https://jira.whamcloud.com/browse/LU-14222" title="kernel update [SLES12 SP5 4.12.14-122.54.1]" class="issue-link" data-issue-key="LU-14222"><del>LU-14222</del></a> kernel: kernel update SLES12 SP5 <span class="error">&#91;4.12.14-122.54.1&#93;</span><br/> Project: fs/lustre-release<br/> Branch: b2_12<br/> Current Patch Set: 1<br/> Commit: 300807b6dd846ac5ddba273d413dd710dd868536</p> <p>A new version is available in <a href="https://jira.whamcloud.com/browse/LU-14376" title="kernel update [SLES12 SP5 4.12.14-122.57.1]" class="issue-link" data-issue-key="LU-14376"><del>LU-14376</del></a>.</p> Related LU-14079 LU-14376 Development Rank 1|i01h8v: Rank (Obsolete) 9223372036854775807