Whamcloud Community JIRA https://jira.whamcloud.com This file is an XML representation of an issue en-us 9.4.14 940014 05-12-2023 [LU-15677] kernel update [SLES15 SP2 5.3.18-24.107.1] https://jira.whamcloud.com/browse/LU-15677 Lustre <p> The following security bugs were fixed:</p> <ul class="alternate" type="square"> <li>CVE-2022-0001: Fixed Branch History Injection vulnerability<br/> (bsc#1191580).</li> <li>CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability<br/> (bsc#1191580).</li> <li>CVE-2022-0847: Fixed a vulnerability were a local attackers could<br/> overwrite data in arbitrary (read-only) files (bsc#1196584).</li> <li>CVE-2022-0617: Fixed a null pointer dereference in UDF file system<br/> functionality. A local user could crash the system by triggering<br/> udf_file_write_iter() via a malicious UDF image. (bsc#1196079)</li> <li>CVE-2022-0644: Fixed a denial of service by a local user. A assertion<br/> failure could be triggered in kernel_read_file_from_fd() (bsc#1196155).</li> <li>CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were<br/> not considered, which lead to a move_data_page NULL pointer dereference<br/> (bsc#1195987).</li> <li>CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in<br/> drivers/net/hamradio/yam.c (bsc#1195897).</li> <li>CVE-2022-0487: A use-after-free vulnerability was found in<br/> rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c<br/> (bsc#1194516).</li> <li>CVE-2022-0492: Fixed a privilege escalation related to cgroups v1<br/> release_agent feature, which allowed bypassing namespace isolation<br/> unexpectedly (bsc#1195543).</li> <li>CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets<br/> the O_DIRECTORY flag, and tries to open a regular file,<br/> nfs_atomic_open() performs a regular lookup. If a regular file is found,<br/> ENOTDIR should have occured, but the server instead returned<br/> uninitialized data in the file descriptor (bsc#1195612).</li> <li>CVE-2022-25375: The RNDIS USB gadget lacks validation of the size of the<br/> RNDIS_MSG_SET command. Attackers can obtain sensitive information from<br/> kernel memory (bsc#1196235).</li> <li>CVE-2022-0516: Fixed missing check in ioctl related to KVM in s390<br/> allows kernel memory read/write (bsc#1195516).</li> <li>CVE-2022-25258: The USB Gadget subsystem lacked certain validation of<br/> interface OS descriptor requests, which could have lead to memory<br/> corruption (bsc#1196096).</li> <li>CVE-2022-24958: drivers/usb/gadget/legacy/inode.c mishandled dev-&gt;buf<br/> release (bsc#1195905).</li> </ul> <p> The following non-security bugs were fixed:<br/> <a href="https://lists.suse.com/pipermail/sle-security-updates/2022-March/010392.html" class="external-link" target="_blank" rel="nofollow noopener">https://lists.suse.com/pipermail/sle-security-updates/2022-March/010392.html</a></p> LU-15677 kernel update [SLES15 SP2 5.3.18-24.107.1] Improvement Minor Resolved Won't Fix Jian Yu Jian Yu Wed, 23 Mar 2022 05:49:22 +0000 Fri, 17 Jun 2022 23:54:40 +0000 Fri, 17 Jun 2022 23:54:40 +0000 0 2 <p>"Jian Yu &lt;yujian@whamcloud.com&gt;" uploaded a new patch: <a href="https://review.whamcloud.com/46897" class="external-link" target="_blank" rel="nofollow noopener">https://review.whamcloud.com/46897</a><br/> Subject: <a href="https://jira.whamcloud.com/browse/LU-15677" title="kernel update [SLES15 SP2 5.3.18-24.107.1]" class="issue-link" data-issue-key="LU-15677"><del>LU-15677</del></a> kernel: kernel update SLES15 SP2 <span class="error">&#91;5.3.18-24.107.1&#93;</span><br/> Project: fs/lustre-release<br/> Branch: master<br/> Current Patch Set: 1<br/> Commit: 2d415fa43fb50475cbff7bbf3f05de85013baa3f</p> Related LU-15568 LU-15771 Development Rank 1|i02lgv: Rank (Obsolete) 9223372036854775807