Parent Directory
| 
Revision Log
MGASA-2019-0221: kernel-4.14.137-1.mga6, kernel-userspace-headers-4.14.137-1.mga6, kmod-vboxadditions-6.0.10-2.mga6, kmod-virtualbox-6.0.10-2.mga6, kmod-xtables-addons-2.13-90.mga6, wireguard-tools-0.0.20190702-1.mga6
| 1 | type: security |
| 2 | subject: Updated kernel packages fix security vulnerabilities |
| 3 | CVE: |
| 4 | - CVE-2019-1125 |
| 5 | - CVE-2019-3846 |
| 6 | - CVE-2019-3900 |
| 7 | - CVE-2019-10207 |
| 8 | src: |
| 9 | 6: |
| 10 | core: |
| 11 | - kernel-4.14.137-1.mga6 |
| 12 | - kernel-userspace-headers-4.14.137-1.mga6 |
| 13 | - kmod-vboxadditions-6.0.10-2.mga6 |
| 14 | - kmod-virtualbox-6.0.10-2.mga6 |
| 15 | - kmod-xtables-addons-2.13-90.mga6 |
| 16 | - wireguard-tools-0.0.20190702-1.mga6 |
| 17 | description: | |
| 18 | This kernel update is based on the upstream 4.14.137 and fixes atleast |
| 19 | the following security issues: |
| 20 | |
| 21 | A Spectre SWAPGS gadget was found in the Linux kernel's implementation of |
| 22 | system interrupts. An attacker with local access could use this information |
| 23 | to reveal private data through a Spectre like side channel (CVE-2019-1125). |
| 24 | |
| 25 | A flaw that allowed an attacker to corrupt memory and possibly escalate |
| 26 | privileges was found in the mwifiex kernel module while connecting to a |
| 27 | malicious wireless network (CVE-2019-3846). |
| 28 | |
| 29 | An infinite loop issue was found in the vhost_net kernel module in Linux |
| 30 | Kernel up to and including v5.1-rc6, while handling incoming packets in |
| 31 | handle_rx(). It could occur if one end sends packets faster than the other |
| 32 | end can process them. A guest user, maybe remote one, could use this flaw |
| 33 | to stall the vhost_net kernel thread, resulting in a DoS scenario |
| 34 | (CVE-2019-3900). |
| 35 | |
| 36 | A flaw was found in the Linux kernel’s Bluetooth implementation of UART. |
| 37 | An attacker with local access and write permissions to the Bluetooth |
| 38 | hardware could use this flaw to issue a specially crafted ioctl function |
| 39 | call and cause the system to crash (CVE-2019-10207). |
| 40 | |
| 41 | WireGuard has been updated to 0.0.20190702. |
| 42 | |
| 43 | For other uptstream fixes in this update, see the referenced changelogs. |
| 44 | references: |
| 45 | - https://bugs.mageia.org/show_bug.cgi?id=25239 |
| 46 | - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.132 |
| 47 | - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.133 |
| 48 | - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.134 |
| 49 | - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.135 |
| 50 | - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.136 |
| 51 | - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.137 |
| 52 | ID: MGASA-2019-0221 |
| ViewVC Help | |
| Powered by ViewVC 1.1.30 |