Whamcloud Community JIRA https://jira.whamcloud.com This file is an XML representation of an issue en-us 9.4.14 940014 05-12-2023 [LU-14672] kernel update [SLES12 SP5 4.12.14-122.66.2] https://jira.whamcloud.com/browse/LU-14672 Lustre <p>The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various<br/> security and bugfixes.</p> <p>The following security bugs were fixed:</p> <ul class="alternate" type="square"> <li>CVE-2021-3444: Fixed an issue with the bpf verifier which did not<br/> properly handle mod32 destination register truncation when the source<br/> register was known to be 0 leading to out of bounds read (bsc#1184170).</li> <li>CVE-2021-3428: Fixed an integer overflow in ext4_es_cache_extent<br/> (bsc#1173485).</li> <li>CVE-2021-29647: Fixed an issue in qrtr_recvmsg which could have allowed<br/> attackers to obtain sensitive information from kernel memory because of<br/> a partially uninitialized data structure (bsc#1184192 ).</li> <li>CVE-2021-29265: Fixed an issue in usbip_sockfd_store which could have<br/> allowed attackers to cause a denial of service due to race conditions<br/> during an update of the local and shared status (bsc#1184167).</li> <li>CVE-2021-29264: Fixed an issue in the Freescale Gianfar Ethernet driver<br/> which could have allowed attackers to cause a system crash due to a<br/> calculation of negative fragment size (bsc#1184168).</li> <li>CVE-2021-28972: Fixed a user-tolerable buffer overflow when writing a<br/> new device name to the driver from userspace, allowing userspace to<br/> write data to the kernel stack frame directly (bsc#1184198).</li> <li>CVE-2021-28971: Fixed an issue in intel_pmu_drain_pebs_nhm which could<br/> have caused a system crash because the PEBS status in a PEBS record was<br/> mishandled (bsc#1184196 ).</li> <li>CVE-2021-28964: Fixed a race condition in get_old_root which could have<br/> allowed attackers to cause a denial of service (bsc#1184193).</li> <li>CVE-2021-28688: Fixed an issue introduced by XSA-365 (bsc#1183646).</li> <li>CVE-2021-28660: Fixed an out of bounds write in rtw_wx_set_scan<br/> (bsc#1183593 ).</li> <li>CVE-2021-28038: Fixed an issue with the netback driver which was lacking<br/> necessary treatment of errors such as failed memory allocations<br/> (bsc#1183022).</li> <li>CVE-2021-27365: Fixed an issue where an unprivileged user can send a<br/> Netlink message that is associated with iSCSI, and has a length up to<br/> the maximum length of a Netlink message (bsc#1182715).</li> <li>CVE-2021-27364: Fixed an issue where an attacker could craft Netlink<br/> messages (bsc#1182717).</li> <li>CVE-2021-27363: Fixed a kernel pointer leak which could have been used<br/> to determine the address of the iscsi_transport structure (bsc#1182716).</li> <li>CVE-2021-26932: Fixed improper error handling issues in Linux grant<br/> mapping (XSA-361 bsc#1181747).</li> <li>CVE-2021-26931: Fixed an issue where Linux kernel was treating grant<br/> mapping errors as bugs (XSA-362 bsc#1181753).</li> <li>CVE-2021-26930: Fixed an improper error handling in blkback's grant<br/> mapping (XSA-365 bsc#1181843).</li> <li>CVE-2020-35519: Fixed an out-of-bounds memory access was found in<br/> x25_bind (bsc#1183696).</li> <li>CVE-2020-29368,CVE-2020-29374: Fixed an issue in copy-on-write<br/> implementation which could have granted unintended write access<br/> (bsc#1179660, bsc#1179428).</li> <li>CVE-2020-27815: Fixed an issue in JFS filesystem where could have<br/> allowed an attacker to execute code (bsc#1179454).</li> <li>CVE-2020-27171: Fixed an off-by-one error affecting out-of-bounds<br/> speculation on pointer arithmetic, leading to side-channel attacks that<br/> defeat Spectre mitigations and obtain sensitive information from kernel<br/> memory (bsc#1183775).</li> <li>CVE-2020-27170: Fixed potential side-channel attacks that defeat Spectre<br/> mitigations and obtain sensitive information from kernel memory<br/> (bsc#1183686).</li> <li>CVE-2020-0433: Fixed a use after free due to improper locking which<br/> could have led to local escalation of privilege (bsc#1176720).</li> <li>CVE-2021-3483: Fixed a use-after-free in nosy.c (bsc#1184393).</li> <li>CVE-2021-30002: Fixed a memory leak for large arguments in<br/> video_usercopy (bsc#1184120).</li> <li>CVE-2021-29154: Fixed incorrect computation of branch displacements,<br/> allowing arbitrary code execution (bsc#1184391).</li> <li>CVE-2021-20219: Fixed a denial of service in n_tty_receive_char_special<br/> (bsc#1184397).</li> <li>CVE-2020-36311: Fixed a denial of service (soft lockup) by triggering<br/> destruction of a large SEV VM (bsc#1184511).</li> <li>CVE-2020-25670, CVE-2020-25671, CVE-2020-25672, CVE-2020-25673: Fixed<br/> multiple bugs in NFC subsytem (bsc#1178181).</li> </ul> <p>The following non-security bugs were fixed:</p> <p><a href="https://lists.suse.com/pipermail/sle-security-updates/2021-April/008641.html" class="external-link" target="_blank" rel="nofollow noopener">https://lists.suse.com/pipermail/sle-security-updates/2021-April/008641.html</a></p> LU-14672 kernel update [SLES12 SP5 4.12.14-122.66.2] Improvement Minor Resolved Fixed Jian Yu Jian Yu Wed, 5 May 2021 18:15:50 +0000 Sat, 29 May 2021 06:59:31 +0000 Thu, 27 May 2021 19:04:50 +0000 Lustre 2.12.7 Lustre 2.15.0 0 2 <p>Jian Yu (yujian@whamcloud.com) uploaded a new patch: <a href="https://review.whamcloud.com/43550" class="external-link" target="_blank" rel="nofollow noopener">https://review.whamcloud.com/43550</a><br/> Subject: <a href="https://jira.whamcloud.com/browse/LU-14672" title="kernel update [SLES12 SP5 4.12.14-122.66.2]" class="issue-link" data-issue-key="LU-14672"><del>LU-14672</del></a> kernel: kernel update SLES12 SP5 <span class="error">&#91;4.12.14-122.66.2&#93;</span><br/> Project: fs/lustre-release<br/> Branch: master<br/> Current Patch Set: 1<br/> Commit: e2dbd0ebc602ef29ece253c689ef7d6b1ffc945a</p> <p>Jian Yu (yujian@whamcloud.com) uploaded a new patch: <a href="https://review.whamcloud.com/43632" class="external-link" target="_blank" rel="nofollow noopener">https://review.whamcloud.com/43632</a><br/> Subject: <a href="https://jira.whamcloud.com/browse/LU-14672" title="kernel update [SLES12 SP5 4.12.14-122.66.2]" class="issue-link" data-issue-key="LU-14672"><del>LU-14672</del></a> kernel: kernel update SLES12 SP5 <span class="error">&#91;4.12.14-122.66.2&#93;</span><br/> Project: fs/lustre-release<br/> Branch: b2_12<br/> Current Patch Set: 1<br/> Commit: 4b39eaf23cc9d32680df21dc2efc086ef211e7a5</p> <p>Oleg Drokin (green@whamcloud.com) merged in patch <a href="https://review.whamcloud.com/43550/" class="external-link" target="_blank" rel="nofollow noopener">https://review.whamcloud.com/43550/</a><br/> Subject: <a href="https://jira.whamcloud.com/browse/LU-14672" title="kernel update [SLES12 SP5 4.12.14-122.66.2]" class="issue-link" data-issue-key="LU-14672"><del>LU-14672</del></a> kernel: kernel update SLES12 SP5 <span class="error">&#91;4.12.14-122.66.2&#93;</span><br/> Project: fs/lustre-release<br/> Branch: master<br/> Current Patch Set: <br/> Commit: 9d83ee0bd74e3ef5bee6d349a012089a163ca3e5</p> <p>Landed for 2.15</p> <p>Oleg Drokin (green@whamcloud.com) merged in patch <a href="https://review.whamcloud.com/43632/" class="external-link" target="_blank" rel="nofollow noopener">https://review.whamcloud.com/43632/</a><br/> Subject: <a href="https://jira.whamcloud.com/browse/LU-14672" title="kernel update [SLES12 SP5 4.12.14-122.66.2]" class="issue-link" data-issue-key="LU-14672"><del>LU-14672</del></a> kernel: kernel update SLES12 SP5 <span class="error">&#91;4.12.14-122.66.2&#93;</span><br/> Project: fs/lustre-release<br/> Branch: b2_12<br/> Current Patch Set: <br/> Commit: 285520ae09d0e0cb1d9d5fe147b88798d19b1a72</p> Related LU-14530 LU-14723 Development Rank 1|i01ttb: Rank (Obsolete) 9223372036854775807