Qlustar

Contact Info

Legal Information

Qlustar

Contact Info

Legal Information

[QSA-0220261]
Linux kernel vulnerabilities

Qlustar Security Advisory 0220261

February 20th, 2026

Summary:

The system could crash or be made to run programs as an administrator.

Package(s)       : linux-image-ql-generic,
                   qlustar-module-core-jammy-amd64-13.4,
                   qlustar-module-core-noble-amd64-14.1
Qlustar releases : 13, 14
Affected versions: All versions prior to this update
Vulnerability    : privilege escalation/denial of service
Problem type     : local
Qlustar-specific : no
CVE Id(s)        : Not documented

A number of vulnerabilities and bugs have been discovered in the 6.12.x Linux kernel series since the last Qlustar 14 release based on 6.12.63. They may lead to a denial of service or privilege escalation. Please check the following web pages that contain details of the fixes in each release after 6.12.63 up to the current Qlustar kernel 6.12.73:

Linux kernel 6.12.73
Linux kernel 6.12.72
Linux kernel 6.12.71
Linux kernel 6.12.70
Linux kernel 6.12.69
Linux kernel 6.12.68
Linux kernel 6.12.67
Linux kernel 6.12.66
Linux kernel 6.12.65
Linux kernel 6.12.64

A number of vulnerabilities and bugs have been discovered in the 5.15.x Linux kernel series since the last Qlustar 13.0 release based on 5.15.197. They may lead to a denial of service or privilege escalation. Please check the following web pages that contain details of the fixes in each release after 5.15.197 up to the current Qlustar kernel 5.15.200:

Linux kernel 5.15.200
Linux kernel 5.15.199
Linux kernel 5.15.198

Update instructions:

The problem can be corrected by updating your system to the following or more recent package versions:

For Qlustar 14

linux-image-ql-generic                     6.12.73-ql-generic-14-7
qlustar-module-core-noble-amd64-14.1       14.1.0-b589f1616

For Qlustar 13

linux-image-ql-generic                     5.15.200-ql-generic-13.0-25
qlustar-module-core-jammy-amd64-13.4       13.4.0-b588f1617

Special Update instructions:

In addition to the steps described in the general Qlustar Update Instructions these updates require the following:

  • Spack migration With the release of the HPC Core Stack 02/26, spack was also updated to version 1.1.1. This update requires a migration of the Spack database to version 8. To migrate, after the update is done, login on a cluster node as a user with Spack admin rights (usually user softadm or anybody in the group softadm) and execute 
    # spack reindex

    Note that after this, older Spack versions will no longer be able to read the database. However, a backup is created in case a revert is needed.

  • Please note that we no longer provide 13.x AlmaLinux 8 modules for Qlustar 13. If you want to use AlmaLinux 8 under Qlustar 13, please switch to the 14.x image modules and create a corresponding chroot for it.