[gpfsug-discuss] CVE-2021-33909 and 3.10.0-1160.36.2.el7.x86_64

IBM Spectrum Scale scale at us.ibm.com
Fri Jul 23 20:03:54 BST 2021 

Jonathan,

CVE-2021-33909 and 3.10.0-1160.36.2.el7.x86_64 was published on July 20, 
2021. 

GPFS has not been tested on this RHEL kernel yet per our FAQ 
https://www.ibm.com/docs/en/spectrum-scale/5.1.1?topic=spectrum-scale-faq.
For both IBM Spectrum Scale 5.1.1.2 and IBM Spectrum Scale 5.0.5.8, The 
latest tested RHEL kernel is 3.10.0-1160.31.1.el7 (RHEL 7.9) tile now.

3.10.0-1160.36.2.el7.x86_64 is a kernel errata of 3.10.0-1160. According 
to IBM Spectrum Scale FAQ, it's a supported kernel version (IBM will 
update kernel support list if incompatibility issues were found in 
subsequent tests)

https://www.ibm.com/docs/en/spectrum-scale/5.1.1?topic=spectrum-scale-faq.
Kernel errata can be applied to the current kernel version unless they are 
explicitly listed in the FAQ as not supported. Always validate kernel 
changes including errata with IBM Spectrum Scale in a test environment 
before rolling out to production. Always rebuild the portability layer 
after any kernel changes.

See also 
https://www.ibm.com/support/pages/full-story-ibm-spectrum-scale-and-linux-version-compatibility

Regards, The Spectrum Scale (GPFS) team

------------------------------------------------------------------------------------------------------------------
If you feel that your question can benefit other users of  Spectrum Scale 
(GPFS), then please post it to the public IBM developerWroks Forum at 
https://www.ibm.com/developerworks/community/forums/html/forum?id=11111111-0000-0000-0000-000000000479
. 

If your query concerns a potential software error in Spectrum Scale (GPFS) 
and you have an IBM software maintenance contract please contact 
1-800-237-5511 in the United States or your local IBM Service Center in 
other countries. 

The forum is informally monitored as time permits and should not be used 
for priority messages to the Spectrum Scale (GPFS) team.



From:   Jonathan Buzzard <jonathan.buzzard at strath.ac.uk>
To:     gpfsug main discussion list <gpfsug-discuss at spectrumscale.org>
Date:   2021/07/23 08:51 PM
Subject:        [EXTERNAL] [gpfsug-discuss] CVE-2021-33909 and 
3.10.0-1160.36.2.el7.x86_64
Sent by:        gpfsug-discuss-bounces at spectrumscale.org




Anyone know what GPFS versions will work with kernel version 
3.10.0-1160.36.2 on RHEL7 rebuilds to patch for the above local 
privilege escalation bug?

JAB. 

-- 
Jonathan A. Buzzard                         Tel: +44141-5483420
HPC System Administrator, ARCHIE-WeSt.
University of Strathclyde, John Anderson Building, Glasgow. G4 0NG
_______________________________________________
gpfsug-discuss mailing list
gpfsug-discuss at spectrumscale.org
http://gpfsug.org/mailman/listinfo/gpfsug-discuss 





-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gpfsug.org/pipermail/gpfsug-discuss_gpfsug.org/attachments/20210724/b6ac3141/attachment.htm>

More information about the gpfsug-discuss mailing list