1 |
type: security |
2 |
subject: Updated kernel packages fix security vulnerabilities |
3 |
CVE: |
4 |
- CVE-2018-5391 |
5 |
- CVE-2018-14641 |
6 |
- CVE-2018-17182 |
7 |
src: |
8 |
6: |
9 |
core: |
10 |
- kernel-4.14.70-2.mga6 |
11 |
- kernel-userspace-headers-4.14.70-2.mga6 |
12 |
- kmod-vboxadditions-5.2.18-6.mga6 |
13 |
- kmod-virtualbox-5.2.18-6.mga6 |
14 |
- kmod-xtables-addons-2.13-66.mga6 |
15 |
description: | |
16 |
This kernel update is based on the upstream 4.14.70 and adds additional |
17 |
fixes for the L1TF security issues. It also fixes atleast the following |
18 |
security issues: |
19 |
|
20 |
Linux kernel from versions 3.9 and up, is vulnerable to a denial of |
21 |
service attack with low rates of specially modified packets targeting IP |
22 |
fragment re-assembly. An attacker may cause a denial of service condition |
23 |
by sending specially crafted IP fragments (CVE-2018-5391, FragmentSmack). |
24 |
|
25 |
A security flaw was found in the ip_frag_reasm() function in |
26 |
net/ipv4/ip_fragment.c in the Linux kernel caused by fixes for |
27 |
CVE-2018-5391, which can cause a later system crash in ip_do_fragment(). |
28 |
With certain non-default, but non-rare, configuration of a victim host, |
29 |
an attacker can trigger this crash remotely, thus leading to a remote |
30 |
denial-of-service (CVE-2018-14641). |
31 |
|
32 |
An issue was discovered in the Linux kernel through 4.18.8. The |
33 |
vmacache_flush_all function in mm/vmacache.c mishandles sequence number |
34 |
overflows. An attacker can trigger a use-after-free (and possibly gain |
35 |
privileges) via certain thread creation, map, unmap, invalidation, and |
36 |
dereference operations (CVE-2018-17182). |
37 |
|
38 |
Other fixes in this update: |
39 |
* drm: fix use of freed memory in drm_mode_setcrtc |
40 |
* drm/i915: Apply the GTT write flush for all !llc machines |
41 |
* net/tls: Set count of SG entries if sk_alloc_sg returns -ENOSPC |
42 |
(fixes a kernel crash) |
43 |
* pinctrl/amd: only handle irq if it is pending and unmasked |
44 |
(possible real fix for the interrupt storm on Ryzen platform) |
45 |
|
46 |
For other uptstream fixes in this update, see the referenced changelog. |
47 |
references: |
48 |
- https://bugs.mageia.org/show_bug.cgi?id=23586 |
49 |
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.70 |
50 |
ID: MGASA-2018-0391 |