Whamcloud Community JIRA https://jira.whamcloud.com This file is an XML representation of an issue en-us 9.4.14 940014 05-12-2023 [LU-15302] kernel update [SLES15 SP3 5.3.18-59.34.1] https://jira.whamcloud.com/browse/LU-15302 Lustre <p> The following security bugs were fixed:</p> <ul class="alternate" type="square"> <li>CVE-2021-3542: Fixed heap buffer overflow in firedtv driver<br/> (bsc#1186063).</li> <li>CVE-2021-3655: Fixed a missing size validations on inbound SCTP packets,<br/> which may have allowed the kernel to read uninitialized memory<br/> (bsc#1188563).</li> <li>CVE-2021-3715: Fixed a use-after-free in route4_change() in<br/> net/sched/cls_route.c (bsc#1190349).</li> <li>CVE-2021-3760: Fixed a use-after-free vulnerability with the<br/> ndev-&gt;rf_conn_info object (bsc#1190067).</li> <li>CVE-2021-3772: Fixed sctp vtag check in sctp_sf_ootb (bsc#1190351).</li> <li>CVE-2021-3896: Fixed a array-index-out-bounds in detach_capi_ctr in<br/> drivers/isdn/capi/kcapi.c (bsc#1191958).</li> <li>CVE-2021-33033: Fixed a use-after-free in cipso_v4_genopt in<br/> net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the<br/> DOI definitions is mishandled (bsc#1186109).</li> <li>CVE-2021-34866: Fixed eBPF Type Confusion Privilege Escalation<br/> Vulnerability (bsc#1191645).</li> <li>CVE-2021-37159: hso_free_net_device in drivers/net/usb/hso.c called<br/> without checking for the NETREG_REGISTERED state, leading to a<br/> use-after-free and a double free (bnc#1188601).</li> <li>CVE-2021-41864: Fixed prealloc_elems_and_freelist that allowed<br/> unprivileged users to trigger an eBPF multiplication integer overflow<br/> with a resultant out-of-bounds write (bnc#1191317).</li> <li>CVE-2021-42008: Fixed a slab out-of-bounds write in the decode_data<br/> function in drivers/net/hamradio/6pack.c. Input from a process that had<br/> the CAP_NET_ADMIN capability could have lead to root access<br/> (bsc#1191315).</li> <li>CVE-2021-42252: Fixed an issue inside aspeed_lpc_ctrl_mmap that could<br/> have allowed local attackers to access the Aspeed LPC control interface<br/> to overwrite memory in the kernel and potentially execute privileges<br/> (bnc#1190479).</li> <li>CVE-2021-42739: The firewire subsystem had a buffer overflow related to<br/> drivers/media/firewire/firedtv-avc.c and<br/> drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandled<br/> bounds checking (bsc#1184673).</li> <li>CVE-2021-43056: Fixed possible KVM host crash via malicious KVM guest on<br/> Power8 (bnc#1192107).</li> <li>CVE-2021-43389: There was an array-index-out-of-bounds flaw in the<br/> detach_capi_ctr function in drivers/isdn/capi/kcapi.c (bnc#1191958).</li> </ul> <p> The following non-security bugs were fixed:<br/> <a href="https://lists.suse.com/pipermail/sle-security-updates/2021-November/009734.html" class="external-link" target="_blank" rel="nofollow noopener">https://lists.suse.com/pipermail/sle-security-updates/2021-November/009734.html</a></p> LU-15302 kernel update [SLES15 SP3 5.3.18-59.34.1] Improvement Minor Resolved Won't Fix Jian Yu Jian Yu Wed, 1 Dec 2021 18:31:16 +0000 Tue, 25 Apr 2023 20:52:25 +0000 Tue, 25 Apr 2023 20:52:25 +0000 0 3 <p><del>"Jian Yu &lt;yujian@whamcloud.com&gt;" uploaded a new patch:</del> <a href="https://review.whamcloud.com/45717" class="external-link" target="_blank" rel="nofollow noopener">https://review.whamcloud.com/45717</a><br/> <del>Subject: <a href="https://jira.whamcloud.com/browse/LU-15302" title="kernel update [SLES15 SP3 5.3.18-59.34.1]" class="issue-link" data-issue-key="LU-15302"><del>LU-15302</del></a> kernel: kernel update SLES15 SP3 <span class="error">&#91;5.3.18-59.34.1&#93;</span></del><br/> <del>Project: fs/lustre-release</del><br/> <del>Branch: master</del><br/> <del>Current Patch Set: 1</del><br/> <del>Commit: 537f191ad14139e653187fb6af4886bfce7a7088</del></p> Related LU-15154 Development Rank 1|i02b9r: Rank (Obsolete) 9223372036854775807