Qlustar

Contact Info

Legal Information

Qlustar

Contact Info

Legal Information

[QSA-0706211]
Linux kernel vulnerabilities

Qlustar Security Advisory 0706211

July 6th, 2021

Summary:

The system could crash or be made to run programs as an administrator.

Package(s)       : linux-image-ql-generic,
                   qlustar-module-core-bionic-amd64-11.0.1,
                   qlustar-module-core-centos7-amd64-11.0.1,
                   qlustar-module-core-centos8-amd64-11.0.1,
                   qlustar-module-core-focal-amd64-12.0.0,
                   qlustar-module-core-centos7-amd64-12.0.0,
                   qlustar-module-core-centos8-amd64-12.0.0
Qlustar releases : 11.0, 12.0
Affected versions: All versions prior to this update
Vulnerability    : privilege escalation/denial of service
Problem type     : local
Qlustar-specific : no
CVE Id(s)        : Not documented

A number of vulnerabilities and bugs have been discovered in the 5.4.x Linux kernel series since the last Qlustar 12.0 release based on 5.4.114. They may lead to a denial of service or privilege escalation. Please check the following web pages that contain details of the fixes in each release after 5.4.114 up to the current Qlustar kernel 5.4.128:

Linux kernel 5.4.128
Linux kernel 5.4.127
Linux kernel 5.4.126
Linux kernel 5.4.125
Linux kernel 5.4.124
Linux kernel 5.4.123
Linux kernel 5.4.122
Linux kernel 5.4.121
Linux kernel 5.4.120
Linux kernel 5.4.119
Linux kernel 5.4.118
Linux kernel 5.4.117
Linux kernel 5.4.116
Linux kernel 5.4.115

A number of vulnerabilities and bugs have been discovered in the 4.19.x Linux kernel series since the last Qlustar 11.0 release based on 4.19.188. They may lead to a denial of service or privilege escalation. Please check the following web pages that contain details of the fixes in each release after 4.19.188 up to the current Qlustar kernel 4.19.195:

Linux kernel 4.19.195
Linux kernel 4.19.194
Linux kernel 4.19.193
Linux kernel 4.19.192
Linux kernel 4.19.191
Linux kernel 4.19.190
Linux kernel 4.19.189

Update instructions:

The problem can be corrected by updating your system to the following or more recent package versions:

For Qlustar 12.0

linux-image-ql-generic                     5.4.128-ql-generic-12.0-9
qlustar-module-core-focal-amd64-12.0.0     12.0.0.4-b542f1382
qlustar-module-core-centos7-amd64-12.0.0   12.0.0.4-b542f1382
qlustar-module-core-centos8-amd64-12.0.0   12.0.0.4-b542f1382

For Qlustar 11.0

linux-image-ql-generic                     4.19.195-ql-generic-11.0-24
qlustar-module-core-bionic-amd64-11.0.1    11.0.1.8-b543f1384
qlustar-module-core-centos7-amd64-11.0.1   11.0.1.8-b543f1384
qlustar-module-core-centos8-amd64-11.0.1   11.0.1.8-b543f1384

Special Update instructions:

In addition to the steps described in the general Qlustar Update Instructions these updates require the following:

  • On Qlustar 12: Also write the dnsmasq config with QluMan before rebooting.
  • On Qlustar 11: Also perform the manual steps ‘7. Migration to GRUB PXE booting’ and ‘11. Adjust root bash shell initialization’ as described in the Release Notes if you haven’t done so yet.