https://jira.whamcloud.com This file is an XML representation of an issue en-us 9.4.14 940014 05-12-2023 https://jira.whamcloud.com/browse/LU-6847 Lustre <ul> <li>A NULL pointer dereference flaw was found in the way the Linux kernel's<br/> virtual console implementation handled reference counting when accessing<br/> pseudo-terminal device files (/dev/pts/*). A local, unprivileged attacker<br/> could use this flaw to crash the system. (CVE-2011-5321, Moderate)</li> </ul> <ul> <li>It was found that the Linux kernel's ping socket implementation did not<br/> properly handle socket unhashing during spurious disconnects, which could<br/> lead to a use-after-free flaw. On x86-64 architecture systems, a local user<br/> able to create ping sockets could use this flaw to crash the system.<br/> On non-x86-64 architecture systems, a local user able to create ping<br/> sockets could use this flaw to escalate their privileges on the system.<br/> (CVE-2015-3636, Moderate)</li> </ul> <ul> <li>An integer overflow flaw was found in the way the Linux kernel randomized<br/> the stack for processes on certain 64-bit architecture systems, such as<br/> x86-64, causing the stack entropy to be reduced by four. (CVE-2015-1593,<br/> Low)</li> </ul> <ul> <li>A flaw was found in the way the Linux kernel's 32-bit emulation<br/> implementation handled forking or closing of a task with an 'int80' entry.<br/> A local user could potentially use this flaw to escalate their privileges<br/> on the system. (CVE-2015-2830, Low)</li> </ul> <ul> <li>It was found that the Linux kernel's TCP/IP protocol suite implementation<br/> for IPv6 allowed the Hop Limit value to be set to a smaller value than the<br/> default one. An attacker on a local network could use this flaw to prevent<br/> systems on that network from sending or receiving network packets.<br/> (CVE-2015-2922, Low)</li> </ul> <p>Bugs fixed (<a href="https://bugzilla.redhat.com/):" class="external-link" target="_blank" rel="nofollow noopener">https://bugzilla.redhat.com/):</a></p> <p>1192519 - CVE-2015-1593 kernel: Linux stack ASLR implementation Integer overflow<br/> 1201887 - CVE-2011-5321 Kernel: tty: driver reference leakage in tty_open<br/> 1203712 - CVE-2015-2922 kernel: denial of service (DoS) attack against IPv6 network stacks due to improper handling of Router Advertisements.<br/> 1208598 - CVE-2015-2830 kernel: int80 fork from 64-bit tasks mishandling<br/> 1218074 - CVE-2015-3636 kernel: ping sockets: use-after-free leading to local privilege escalation</p> LU-6847

Kernel update [RHEL6.6 2.6.32-504.30.3.el6]

Bug Minor Resolved Fixed Bob Glossman Bob Glossman Tue, 14 Jul 2015 15:31:54 +0000 Fri, 1 Jul 2016 18:45:31 +0000 Thu, 23 Jul 2015 15:35:39 +0000 Lustre 2.8.0 0 5 <p>Bob Glossman (bob.glossman@intel.com) uploaded a new patch: <a href="http://review.whamcloud.com/15605" class="external-link" target="_blank" rel="nofollow noopener">http://review.whamcloud.com/15605</a><br/> Subject: <a href="https://jira.whamcloud.com/browse/LU-6847" title="Kernel update [RHEL6.6 2.6.32-504.30.3.el6]" class="issue-link" data-issue-key="LU-6847"><del>LU-6847</del></a> kernel: kernel update RHEL 6.6 <span class="error">&#91;2.6.32-504.30.3.el6&#93;</span><br/> Project: fs/lustre-release<br/> Branch: master<br/> Current Patch Set: 1<br/> Commit: ba33d81f1f082b6b7306d5b0fc80a583ed4eabfe</p> <p>Oleg Drokin (oleg.drokin@intel.com) merged in patch <a href="http://review.whamcloud.com/15605/" class="external-link" target="_blank" rel="nofollow noopener">http://review.whamcloud.com/15605/</a><br/> Subject: <a href="https://jira.whamcloud.com/browse/LU-6847" title="Kernel update [RHEL6.6 2.6.32-504.30.3.el6]" class="issue-link" data-issue-key="LU-6847"><del>LU-6847</del></a> kernel: kernel update RHEL 6.6 <span class="error">&#91;2.6.32-504.30.3.el6&#93;</span><br/> Project: fs/lustre-release<br/> Branch: master<br/> Current Patch Set: <br/> Commit: 0dba034bb22573ff8d27e3545a103b0ac7294929</p> <p>Landed for 2.8</p> Related Development Rank 1|hzxi5b: Rank (Obsolete) 9223372036854775807 Severity