Skip to content
This repository has been archived by the owner on May 12, 2021. It is now read-only.

update kernel to 4.19.52 #591

Closed
gnawux opened this issue Jun 20, 2019 · 3 comments
Closed

update kernel to 4.19.52 #591

gnawux opened this issue Jun 20, 2019 · 3 comments
Labels
bug Incorrect behaviour high-severity Very important issue security Potential or actual security issue team/kernel Need Kernel Team input team/packaging Need Packaging Team input

Comments

@gnawux
Copy link
Member

gnawux commented Jun 20, 2019

CVE description here(NIST CVE-2019-11477), and here (Red Hat)

This has been fixed in stable kernel releases 4.4.182, 4.9.182, 4.14.127, 4.19.52, 5.1.11, and is fixed in commit 3b4929f65b0d8249f19a50245cd88ed1a2f78cff.

Looks it may cause DoS
@gnawux gnawux added bug Incorrect behaviour security Potential or actual security issue high-severity Very important issue team/kernel Need Kernel Team input team/packaging Need Packaging Team input labels Jun 20, 2019
@liwei
Copy link
Member

liwei commented Jun 20, 2019

+1, seems CVE-2019-11477 is very critical

@grahamwhaley
Copy link
Contributor

Good call.
Looks like upstream is at 4.19.53, and Kata is at 4.19.28. I see @egernst has PR'd the update already...

Pennyzct added a commit to Pennyzct/packaging that referenced this issue Jun 20, 2019
@Pennyzct
v4.19.52: patch and config update for v4.19.52 on AArch64
e1d2259 
we need to do patch and config update for v4.19.52 on AArch64.

Fixes: kata-containers#591

Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Pennyzct added a commit to Pennyzct/packaging that referenced this issue Jun 21, 2019
@Pennyzct
v4.19.52: patch and config update for v4.19.52 on AArch64
cf4f1e5 
we need to do patch and config update for v4.19.52 on AArch64.

Fixes: kata-containers#591
Depends-on: github.com/kata-containers/runtime#1817

Signed-off-by: Penny Zheng <penny.zheng@arm.com>
Pennyzct added a commit to Pennyzct/packaging that referenced this issue Jun 21, 2019
@Pennyzct
v4.19.52: patch and config update for v4.19.52 on AArch64
aacad0e 
we need to do patch and config update for v4.19.52 on AArch64.
The config file adds a few configs involved with memory hot-plug
support.

Fixes: kata-containers#591
Depends-on: github.com/kata-containers/runtime#1817

Signed-off-by: Penny Zheng <penny.zheng@arm.com>
@gnawux gnawux closed this as completed in 77ef7e3 Jun 21, 2019
@jodh-intel
Copy link
Contributor

Related:

yasv123 added a commit to yasv123/packaging that referenced this issue Oct 6, 2020
@yasv123
Fixed some readme typos. Forward ports kata-containers#991. Fixes kat…
d17b13a 
…a-containers#591 in kata containers.
jodh-intel added a commit that referenced this issue Oct 7, 2020
@jodh-intel
Merge pull request #1154 from yasv123/forwardport-typo
ec3eb40 
[forward port]: kata-deploy: Fix typo #591
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug Incorrect behaviour high-severity Very important issue security Potential or actual security issue team/kernel Need Kernel Team input team/packaging Need Packaging Team input
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@liwei @gnawux @grahamwhaley @jodh-intel