https://jira.whamcloud.com This file is an XML representation of an issue en-us 9.4.14 940014 05-12-2023 https://jira.whamcloud.com/browse/LU-9236 Lustre <p>With the GA announcement of RHEL 6.9 on 3/21 we need to add content to lustre to allow building and running on it.</p> <p>This ticket is intended to cover all the changes needed in the lustre tree for this brand new distro release. This includes new target and config files for the new kernel version, new or revised base kernel and ldiskfs patches, and small incremental changes to lbuild and autoconf.</p> LU-9236

new kernel [RHEL6.9 2.6.32-696.el6]

Bug Minor Resolved Fixed Bob Glossman Bob Glossman Tue, 21 Mar 2017 16:11:47 +0000 Wed, 12 Apr 2017 14:58:36 +0000 Thu, 6 Apr 2017 04:00:01 +0000 Lustre 2.10.0 0 5 <p>Security Fix(es):</p> <ul> <li>It was discovered that a remote attacker could leverage the generation of IPv6<br/> atomic fragments to trigger the use of fragmentation in an arbitrary IPv6 flow<br/> (in scenarios in which actual fragmentation of packets is not needed) and could<br/> subsequently perform any type of a fragmentation-based attack against legacy<br/> IPv6 nodes that do not implement RFC6946. (CVE-2016-10142, Moderate)</li> </ul> <ul> <li>A flaw was discovered in the way the Linux kernel dealt with paging<br/> structures. When the kernel invalidated a paging structure that was not in use<br/> locally, it could, in principle, race against another CPU that is switching to a<br/> process that uses the paging structure in question. A local user could use a<br/> thread running with a stale cached virtual-&gt;physical translation to potentially<br/> escalate their privileges if the translation in question were writable and the<br/> physical page got reused for something critical (for example, a page table).<br/> (CVE-2016-2069, Moderate)</li> </ul> <ul> <li>A race condition flaw was found in the ioctl_send_fib() function in the Linux<br/> kernel's aacraid implementation. A local attacker could use this flaw to cause a<br/> denial of service (out-of-bounds access or system crash) by changing a certain<br/> size value. (CVE-2016-6480, Moderate)</li> </ul> <ul> <li>It was found that when the gcc stack protector was enabled, reading the<br/> /proc/keys file could cause a panic in the Linux kernel due to stack corruption.<br/> This happened because an incorrect buffer size was used to hold a 64-bit timeout<br/> value rendered as weeks. (CVE-2016-7042, Moderate)</li> </ul> <ul> <li>It was found that when file permissions were modified via chmod and the user<br/> modifying them was not in the owning group or capable of CAP_FSETID, the setgid<br/> bit would be cleared. Setting a POSIX ACL via setxattr sets the file permissions<br/> as well as the new ACL, but doesn't clear the setgid bit in a similar way. This<br/> could allow a local user to gain group privileges via certain setgid<br/> applications. (CVE-2016-7097, Moderate)</li> </ul> <ul> <li>A flaw was found in the Linux networking subsystem where a local attacker with<br/> CAP_NET_ADMIN capabilities could cause an out-of-bounds memory access by<br/> creating a smaller-than-expected ICMP header and sending to its destination via<br/> sendto(). (CVE-2016-8399, Moderate)</li> </ul> <ul> <li>It was found that the blk_rq_map_user_iov() function in the Linux kernel's<br/> block device implementation did not properly restrict the type of iterator,<br/> which could allow a local attacker to read or write to arbitrary kernel memory<br/> locations or cause a denial of service (use-after-free) by leveraging write<br/> access to a /dev/sg device. (CVE-2016-9576, CVE-2016-10088, Moderate)</li> </ul> <ul> <li>A flaw was found in the USB-MIDI Linux kernel driver: a double-free error<br/> could be triggered for the 'umidi' object. An attacker with physical access to<br/> the system could use this flaw to escalate their privileges. (CVE-2016-2384,<br/> Low)</li> </ul> <p>Additional Changes:</p> <p>For detailed information on changes in this release, see the Red Hat Enterprise<br/> Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes on the RedHat website.</p> <p><a href="https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.9_Release_Notes/index.html" class="external-link" target="_blank" rel="nofollow noopener">https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.9_Release_Notes/index.html</a><br/> <a href="https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.9_Technical_Notes/index.html" class="external-link" target="_blank" rel="nofollow noopener">https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.9_Technical_Notes/index.html</a></p> <p>Bugs fixed (<a href="https://bugzilla.redhat.com/):" class="external-link" target="_blank" rel="nofollow noopener">https://bugzilla.redhat.com/):</a></p> <p>1301893 - CVE-2016-2069 kernel: race condition in the TLB flush logic<br/> 1308444 - CVE-2016-2384 kernel: double-free in usb-audio triggered by invalid USB descriptor<br/> 1325766 - RHEL6.7: NFSv3 client performance regression where ls -l takes too long with "aggressive readdirplus" commit<br/> 1362466 - CVE-2016-6480 kernel: scsi: aacraid: double fetch in ioctl_send_fib()<br/> 1368938 - CVE-2016-7097 kernel: Setting a POSIX ACL via setxattr doesn't clear the setgid bit<br/> 1373966 - CVE-2016-7042 kernel: Stack corruption while reading /proc/keys when gcc stack protector is enabled<br/> 1403145 - CVE-2016-9576 kernel: Use after free in SCSI generic device interface<br/> 1403833 - CVE-2016-8399 kernel: net: Out of bounds stack read in memcpy_fromiovec<br/> 1412210 - CVE-2016-10088 kernel: Use after free in SCSI generic device interface (CVE-2016-9576 regression)<br/> 1415908 - CVE-2016-10142 kernel - IPV6 fragmentation flaw<br/> 847106 - ext2 tests hang while running fsfuzzer</p> <p>Bob Glossman (bob.glossman@intel.com) uploaded a new patch: <a href="https://review.whamcloud.com/26111" class="external-link" target="_blank" rel="nofollow noopener">https://review.whamcloud.com/26111</a><br/> Subject: <a href="https://jira.whamcloud.com/browse/LU-9236" title="new kernel [RHEL6.9 2.6.32-696.el6]" class="issue-link" data-issue-key="LU-9236"><del>LU-9236</del></a> kernel: new kernel RHEL 6.9 <span class="error">&#91;2.6.32-696.el6&#93;</span><br/> Project: fs/lustre-release<br/> Branch: master<br/> Current Patch Set: 1<br/> Commit: 8c7d436efbf7c6dcfd7fca963a6334cdd284a482</p> <p>Oleg Drokin (oleg.drokin@intel.com) merged in patch <a href="https://review.whamcloud.com/26111/" class="external-link" target="_blank" rel="nofollow noopener">https://review.whamcloud.com/26111/</a><br/> Subject: <a href="https://jira.whamcloud.com/browse/LU-9236" title="new kernel [RHEL6.9 2.6.32-696.el6]" class="issue-link" data-issue-key="LU-9236"><del>LU-9236</del></a> kernel: new kernel RHEL 6.9 <span class="error">&#91;2.6.32-696.el6&#93;</span><br/> Project: fs/lustre-release<br/> Branch: master<br/> Current Patch Set: <br/> Commit: 738374be02d52ba10b44f4c4d4b335807eb48b46</p> <p>Landed for 2.10</p> Blocker Related LU-9316 Development Rank 1|hzz7v3: Rank (Obsolete) 9223372036854775807 Severity