[QSA-1126201] Linux kernel vulnerabilities

Qlustar Security Advisory 1126201

November 26th, 2020


Summary:

The system could crash or be made to run programs as an administrator.


    Package(s)       : linux-image-ql-generic,
                       qlustar-module-core-xenial-amd64-10.1.1,
                       qlustar-module-core-bionic-amd64-11.0.1,
                       qlustar-module-core-centos7-amd64-11.0.1,
                       qlustar-module-core-centos8-amd64-11.0.1
    Qlustar releases : 10.1, 11.0
    Affected versions: All versions prior to this update
    Vulnerability    : privilege escalation/denial of service
    Problem type     : local
    Qlustar-specific : no
    CVE Id(s)        : Not documented
  

A number of vulnerabilities and bugs have been discovered in the 4.19.x Linux kernel series since the last Qlustar 11.0 release based on 4.19.150. They may lead to a denial of service or privilege escalation. Please check the following web pages that contain details of the fixes in each release after 4.19.150 up to the current Qlustar kernel 4.19.160:

    Linux kernel 4.19.160
    Linux kernel 4.19.159
    Linux kernel 4.19.158
    Linux kernel 4.19.157
    Linux kernel 4.19.156
    Linux kernel 4.19.155
    Linux kernel 4.19.154
    Linux kernel 4.19.153
    Linux kernel 4.19.152
    Linux kernel 4.19.151
   

A number of vulnerabilities and bugs have been discovered in the 4.14.x Linux kernel series since the last Qlustar 10.1 release based on 4.14.200. They may lead to a denial of service or privilege escalation. Please check the following web pages that contain details of the fixes in each release after 4.14.200 up to the current Qlustar kernel 4.14.209:

    Linux kernel 4.14.209
    Linux kernel 4.14.208
    Linux kernel 4.14.207
    Linux kernel 4.14.206
    Linux kernel 4.14.205
    Linux kernel 4.14.204
    Linux kernel 4.14.203
    Linux kernel 4.14.202
    Linux kernel 4.14.201
  

Update instructions:

The problem can be corrected by updating your system to the following or more recent package versions (follow the Qlustar Update Instructions and on Qlustar 11 also perform the manual steps '7. Migration to GRUB PXE booting' and '11. Adjust root bash shell initialization' as described in the Release Notes if you haven't done so yet):

For Qlustar 11.0

    linux-image-ql-generic                     4.19.160-ql-generic-11.0-20
    qlustar-module-core-bionic-amd64-11.0.1    11.0.1.4-b522f1319
    qlustar-module-core-centos7-amd64-11.0.1   11.0.1.4-b522f1321
  

For Qlustar 10.1

    linux-image-ql-generic                     4.14.209-ql-generic-10.1-31
    qlustar-module-core-xenial-amd64-10.1.1    10.1.1.17-b521f1318