https://jira.whamcloud.com This file is an XML representation of an issue en-us 9.4.14 940014 05-12-2023 https://jira.whamcloud.com/browse/LU-17221 Lustre <p>The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security<br/> and bugfixes.</p> <p>The following security bugs were fixed:</p> <ul> <li>CVE-2023-4563: Fixed an use-after-free flaw in the nftables sub-component.<br/> This vulnerability could allow a local attacker to crash the system or lead<br/> to a kernel information leak problem. (bsc#1214727)</li> <li>CVE-2023-39194: Fixed a flaw in the processing of state filters which could<br/> allow a local attackers to disclose sensitive information. (bsc#1215861)</li> <li>CVE-2023-39193: Fixed a flaw in the processing of state filters which could<br/> allow a local attackers to disclose sensitive information. (bsc#1215860)</li> <li>CVE-2023-39192: Fixed a flaw in the u32_match_it function which could allow<br/> a local attackers to disclose sensitive information. (bsc#1215858)</li> <li>CVE-2023-42754: Fixed a null pointer dereference in ipv4_link_failure which<br/> could lead an authenticated attacker to trigger a DoS. (bsc#1215467)</li> <li>CVE-2023-5345: fixed an use-after-free vulnerability in the fs/smb/client<br/> component which could be exploited to achieve local privilege escalation.<br/> (bsc#1215899)</li> <li>CVE-2023-4155: Fixed a flaw in KVM AMD Secure Encrypted Virtualization<br/> (SEV). An attacker can trigger a stack overflow and cause a denial of<br/> service or potentially guest-to-host escape in kernel configurations without<br/> stack guard pages. (bsc#1214022)</li> <li>CVE-2023-4389: Fixed a reference counting issue in the Btrfs filesystem that<br/> could be exploited in order to leak internal kernel information or crash the<br/> system (bsc#1214351).</li> <li>CVE-2023-42753: Fixed an array indexing vulnerability in the netfilter<br/> subsystem. This issue may have allowed a local user to crash the system or<br/> potentially escalate their privileges (bsc#1215150).</li> <li>CVE-2023-1206: Fixed a hash collision flaw in the IPv6 connection lookup<br/> table. A user located in the local network or with a high bandwidth<br/> connection can increase the CPU usage of the server that accepts IPV6<br/> connections up to 95% (bsc#1212703).</li> <li>CVE-2023-4921: Fixed a use-after-free vulnerability in the QFQ network<br/> scheduler which could be exploited to achieve local privilege escalatio<br/> (bsc#1215275).</li> <li>CVE-2023-4622: Fixed a use-after-free vulnerability in the Unix domain<br/> sockets component which could be exploited to achieve local privilege<br/> escalation (bsc#1215117).</li> <li>CVE-2023-4623: Fixed a use-after-free issue in the HFSC network scheduler<br/> which could be exploited to achieve local privilege escalation<br/> (bsc#1215115).</li> <li>CVE-2023-1859: Fixed a use-after-free flaw in Xen transport for 9pfs which<br/> could be exploited to crash the system (bsc#1210169).</li> <li>CVE-2023-4881: Fixed a out-of-bounds write flaw in the netfilter subsystem<br/> that could lead to potential information disclosure or a denial of service<br/> (bsc#1215221).</li> <li>CVE-2023-2177: Fixed a null pointer dereference issue in the sctp network<br/> protocol which could allow a user to crash the system (bsc#1210643).</li> <li>CVE-2023-1192: Fixed use-after-free in cifs_demultiplex_thread()<br/> (bsc#1208995).</li> </ul> <p>The following non-security bugs were fixed:<br/> <a href="https://lists.suse.com/pipermail/sle-security-updates/2023-October/016677.html" class="external-link" target="_blank" rel="nofollow noopener">https://lists.suse.com/pipermail/sle-security-updates/2023-October/016677.html</a></p> LU-17221

kernel update [SLES15 SP4 5.14.21-150400.24.92.1]

Improvement Minor Resolved Fixed Jian Yu Jian Yu Tue, 24 Oct 2023 00:11:23 +0000 Sat, 18 Nov 2023 22:10:45 +0000 Sat, 18 Nov 2023 22:10:45 +0000 Lustre 2.16.0 Lustre 2.15.4 Lustre 2.16.0 0 2 <p>"Jian Yu &lt;yujian@whamcloud.com&gt;" uploaded a new patch: <a href="https://review.whamcloud.com/c/fs/lustre-release/+/52820" class="external-link" target="_blank" rel="nofollow noopener">https://review.whamcloud.com/c/fs/lustre-release/+/52820</a><br/> Subject: <a href="https://jira.whamcloud.com/browse/LU-17221" title="kernel update [SLES15 SP4 5.14.21-150400.24.92.1]" class="issue-link" data-issue-key="LU-17221"><del>LU-17221</del></a> kernel: update SLES15 SP4 <span class="error">&#91;5.14.21-150400.24.92.1&#93;</span><br/> Project: fs/lustre-release<br/> Branch: master<br/> Current Patch Set: 1<br/> Commit: 92cf005d01e327e53bd312b411211ed2f1d827b9</p> <p>"Oleg Drokin &lt;green@whamcloud.com&gt;" merged in patch <a href="https://review.whamcloud.com/c/fs/lustre-release/+/52820/" class="external-link" target="_blank" rel="nofollow noopener">https://review.whamcloud.com/c/fs/lustre-release/+/52820/</a><br/> Subject: <a href="https://jira.whamcloud.com/browse/LU-17221" title="kernel update [SLES15 SP4 5.14.21-150400.24.92.1]" class="issue-link" data-issue-key="LU-17221"><del>LU-17221</del></a> kernel: update SLES15 SP4 <span class="error">&#91;5.14.21-150400.24.92.1&#93;</span><br/> Project: fs/lustre-release<br/> Branch: master<br/> Current Patch Set: <br/> Commit: 8a4d0ed7d8b6a77a55b3c877e0f4f3dca60b6d67</p> <p>Landed for 2.16</p> Related LU-17133 Development Rank 1|i03za7: Rank (Obsolete) 9223372036854775807 Severity