[QSA-0624191] Linux kernel vulnerabilities

Qlustar Security Advisory 0624191

June 24th, 2019

Summary:

The system could crash or be made to run programs as an administrator.

    Package(s)       : linux-image-ql-generic,
                       qlustar-module-core-xenial-amd64-10.1.1,
                       qlustar-module-core-bionic-amd64-11.0.0,
                       qlustar-module-core-centos7-amd64-11.0.0
    Qlustar releases : 10.1, 11.0
    Affected versions: All versions prior to this update
    Vulnerability    : privilege escalation/denial of service
    Problem type     : local
    Qlustar-specific : no
    CVE Id(s)        : Not documented
  

A number of vulnerabilities and bugs have been discovered in the 4.19.x Linux kernel series since the last Qlustar 11.0 release based on 4.19.46. They may lead to a denial of service or privilege escalation. Please check the following web pages that contain details of the fixes in each release after 4.19.46 up to the current Qlustar kernel 4.19.53:

    Linux kernel 4.19.53
    Linux kernel 4.19.52
    Linux kernel 4.19.51
    Linux kernel 4.19.50
    Linux kernel 4.19.49
    Linux kernel 4.19.48
    Linux kernel 4.19.47
  

A number of vulnerabilities and bugs have been discovered in the 4.14.x Linux kernel series since the last Qlustar 10.1 release based on 4.14.117. They may lead to a denial of service or privilege escalation. Please check the following web pages that contain details of the fixes in each release after 4.14.117 up to the current Qlustar kernel 4.14.128:

    Linux kernel 4.14.128
    Linux kernel 4.14.127
    Linux kernel 4.14.126
    Linux kernel 4.14.125
    Linux kernel 4.14.124
    Linux kernel 4.14.123
    Linux kernel 4.14.122
    Linux kernel 4.14.121
    Linux kernel 4.14.120
    Linux kernel 4.14.119
    Linux kernel 4.14.118
  

The CentOS 7 kernel has been updated to version 3.10.0-957.21.3.

Update instructions:

The problem can be corrected by updating your system to the following or more recent package versions (follow the Qlustar Update Instructions):

For Qlustar 11.0

    linux-image-ql-generic                     4.19.53-ql-generic-11.0-8
    qlustar-module-core-bionic-amd64-11.0.0    11.0.0.1-b514f1258
    qlustar-module-core-centos7-amd64-11.0.0   11.0.0.1-b514f1257
  

For Qlustar 10.1

    linux-image-ql-generic                     4.14.128-ql-generic-10.1-19
    qlustar-module-core-xenial-amd64-10.1.1    10.1.1.5-b509f1256