Qlustar

Contact Info

Legal Information

Qlustar

Contact Info

Legal Information

[QSA-0903211]
Linux kernel vulnerabilities

Qlustar Security Advisory 0903211

September 3rd, 2021

Summary:

The system could crash or be made to run programs as an administrator.

Package(s)       : linux-image-ql-generic,
                   qlustar-module-core-bionic-amd64-11.0.1,
                   qlustar-module-core-centos7-amd64-11.0.1,
                   qlustar-module-core-centos8-amd64-11.0.1,
                   qlustar-module-core-focal-amd64-12.0.0,
                   qlustar-module-core-centos7-amd64-12.0.0,
                   qlustar-module-core-centos8-amd64-12.0.0
Qlustar releases : 11.0, 12.0
Affected versions: All versions prior to this update
Vulnerability    : privilege escalation/denial of service
Problem type     : local
Qlustar-specific : no
CVE Id(s)        : Not documented

A number of vulnerabilities and bugs have been discovered in the 5.4.x Linux kernel series since the last Qlustar 12.0 release based on 5.4.134. They may lead to a denial of service or privilege escalation. Please check the following web pages that contain details of the fixes in each release after 5.4.134 up to the current Qlustar kernel 5.4.143:

Linux kernel 5.4.143
Linux kernel 5.4.142
Linux kernel 5.4.141
Linux kernel 5.4.140
Linux kernel 5.4.139
Linux kernel 5.4.138
Linux kernel 5.4.137
Linux kernel 5.4.136
Linux kernel 5.4.135

A number of vulnerabilities and bugs have been discovered in the 4.19.x Linux kernel series since the last Qlustar 11.0 release based on 4.19.198. They may lead to a denial of service or privilege escalation. Please check the following web pages that contain details of the fixes in each release after 4.19.198 up to the current Qlustar kernel 4.19.205:

Linux kernel 4.19.205
Linux kernel 4.19.204
Linux kernel 4.19.203
Linux kernel 4.19.202
Linux kernel 4.19.201
Linux kernel 4.19.200
Linux kernel 4.19.199

Update instructions:

The problem can be corrected by updating your system to the following or more recent package versions:

For Qlustar 12.0

linux-image-ql-generic                     5.4.143-ql-generic-12.0-11
qlustar-module-core-focal-amd64-12.0.0     12.0.0.6-b542f1396
qlustar-module-core-centos7-amd64-12.0.0   12.0.0.6-b542f1396
qlustar-module-core-centos8-amd64-12.0.0   12.0.0.6-b542f1396

For Qlustar 11.0

linux-image-ql-generic                     4.19.205-ql-generic-11.0-26
qlustar-module-core-bionic-amd64-11.0.1    11.0.1.10-b543f1397
qlustar-module-core-centos7-amd64-11.0.1   11.0.1.10-b543f1397
qlustar-module-core-centos8-amd64-11.0.1   11.0.1.10-b543f1397

Special Update instructions:

In addition to the steps described in the general Qlustar Update Instructions these updates require the following:

  • On Qlustar 12: Also write the dnsmasq config with QluMan before rebooting.
  • On Qlustar 11: Also perform the manual steps ‘7. Migration to GRUB PXE booting’ and ‘11. Adjust root bash shell initialization’ as described in the Release Notes if you haven’t done so yet.