Whamcloud Community JIRA https://jira.whamcloud.com This file is an XML representation of an issue en-us 9.4.14 940014 05-12-2023 [LU-16718] kernel update [SLES15 SP4 5.14.21-150400.24.55.2] https://jira.whamcloud.com/browse/LU-16718 Lustre <p>The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security<br/> and bugfixes.</p> <ul> <li>CVE-2022-3523: Fixed a use after free related to device private page<br/> handling (bsc#1204363).</li> <li>CVE-2022-36280: Fixed out-of-bounds memory access vulnerability found in<br/> vmwgfx driver (bsc#1203332).</li> <li>CVE-2022-38096: Fixed NULL-ptr deref in vmw_cmd_dx_define_query()<br/> (bsc#1203331).</li> <li>CVE-2023-0045: Fixed missing Flush IBP in ib_prctl_set (bsc#1207773).</li> <li>CVE-2023-0461: Fixed use-after-free in icsk_ulp_data (bsc#1208787).</li> <li>CVE-2023-0597: Fixed lack of randomization of per-cpu entry area in x86/mm<br/> (bsc#1207845).</li> <li>CVE-2023-1075: Fixed a type confusion in tls_is_tx_ready (bsc#1208598).</li> <li>CVE-2023-1076: Fixed incorrect UID assigned to tun/tap sockets<br/> (bsc#1208599).</li> <li>CVE-2023-1078: Fixed a heap out-of-bounds write in rds_rm_zerocopy_callback<br/> (bsc#1208601).</li> <li>CVE-2023-1095: Fixed a NULL pointer dereference in nf_tables due to zeroed<br/> list head (bsc#1208777).</li> <li>CVE-2023-1118: Fixed a use-after-free bugs caused by ene_tx_irqsim() in<br/> media/rc (bsc#1208837).</li> <li>CVE-2023-22995: Fixed lacks of certain platform_device_put and kfree in<br/> drivers/usb/dwc3/dwc3-qcom.c (bsc#1208741).</li> <li>CVE-2023-22998: Fixed NULL vs IS_ERR checking in<br/> virtio_gpu_object_shmem_init (bsc#1208776).</li> <li>CVE-2023-23000: Fixed return value of tegra_xusb_find_port_node function<br/> phy/tegra (bsc#1208816).</li> <li>CVE-2023-23004: Fixed misinterpretation of get_sg_table return value<br/> (bsc#1208843).</li> <li>CVE-2023-23559: Fixed integer overflow in rndis_wlan that leads to a buffer<br/> overflow (bsc#1207051).</li> <li>CVE-2023-25012: Fixed a use-after-free in bigben_set_led() (bsc#1207560).</li> <li>CVE-2023-26545: Fixed double free in net/mpls/af_mpls.c upon an allocation<br/> failure (bsc#1208700).</li> <li>CVE-2023-28328: Fixed a denial of service issue in az6027 driver in<br/> drivers/media/usb/dev-usb/az6027.c (bsc#1209291).</li> </ul> <p>The following non-security bugs were fixed:<br/> <a href="https://lists.suse.com/pipermail/sle-security-updates/2023-March/014289.html" class="external-link" target="_blank" rel="nofollow noopener">https://lists.suse.com/pipermail/sle-security-updates/2023-March/014289.html</a></p> LU-16718 kernel update [SLES15 SP4 5.14.21-150400.24.55.2] Improvement Minor Open Unresolved Jian Yu Jian Yu Thu, 6 Apr 2023 19:27:20 +0000 Tue, 12 Sep 2023 19:58:15 +0000 Lustre 2.16.0 Lustre 2.15.3 0 3 <p>"Jian Yu &lt;yujian@whamcloud.com&gt;" uploaded a new patch: <a href="https://review.whamcloud.com/c/fs/lustre-release/+/50562" class="external-link" target="_blank" rel="nofollow noopener">https://review.whamcloud.com/c/fs/lustre-release/+/50562</a><br/> Subject: <a href="https://jira.whamcloud.com/browse/LU-16718" title="kernel update [SLES15 SP4 5.14.21-150400.24.55.2]" class="issue-link" data-issue-key="LU-16718">LU-16718</a> kernel: update SLES15 SP4 <span class="error">&#91;5.14.21-150400.24.55.2&#93;</span><br/> Project: fs/lustre-release<br/> Branch: master<br/> Current Patch Set: 1<br/> Commit: 08f31e349cc5bda09567d7b1c01b2ee2b1494b4b</p> Related LU-16601 LU-17113 Development Rank 1|i03ibr: Rank (Obsolete) 9223372036854775807