Parent Directory | Revision Log
add advisory for kernel-4.14.116-1.mga6
1 | type: security |
2 | subject: Updated kernel packages fixes security vulnerabilities |
3 | CVE: |
4 | - CVE-2019-3882 |
5 | - CVE-2019-7308 |
6 | - CVE-2019-11486 |
7 | - CVE-2019-11599 |
8 | src: |
9 | 6: |
10 | core: |
11 | - kernel-4.14.116-1.mga6 |
12 | - kernel-userspace-headers-4.14.116-1.mga6 |
13 | - kmod-vboxadditions-6.0.6-2.mga6 |
14 | - kmod-virtualbox-6.0.6-2.mga6 |
15 | - kmod-xtables-addons-2.13-84.mga6 |
16 | - wireguard-tools-0.0.20190406-1.mga6 |
17 | description: | |
18 | This kernel update is based on the upstream 4.14.116 and fixes atleast |
19 | the following security issues: |
20 | |
21 | A flaw was found in the Linux kernel's vfio interface implementation that |
22 | permits violation of the user's locked memory limit. If a device is bound |
23 | to a vfio driver, such as vfio-pci, and the local attacker is |
24 | administratively granted ownership of the device, it may cause a system |
25 | memory exhaustion and thus a denial of service (DoS) (CVE-2019-3882). |
26 | |
27 | kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable |
28 | out-of-bounds speculation on pointer arithmetic in various cases, including |
29 | cases of different branches with different state or limits to sanitize, |
30 | leading to side-channel attacks (CVE-2019-7308). |
31 | |
32 | The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the |
33 | Linux kernel before 5.0.8 has multiple race conditions (CVE-2019-11486). |
34 | |
35 | The coredump implementation in the Linux kernel before 5.0.10 does not use |
36 | locking or other mechanisms to prevent vma layout or vma flags changes while |
37 | it runs, which allows local users to obtain sensitive information, cause a |
38 | denial of service, or possibly have unspecified other impact by triggering |
39 | a race condition with mmget_not_zero or get_task_mm calls (CVE-2019-11599). |
40 | |
41 | WireGuard has been updated to 0.0.20190406. |
42 | |
43 | For other uptstream fixes in this update, see the referenced changelogs. |
44 | references: |
45 | - https://bugs.mageia.org/show_bug.cgi?id=24773 |
46 | - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.107 |
47 | - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.108 |
48 | - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.109 |
49 | - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.110 |
50 | - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.111 |
51 | - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.112 |
52 | - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.113 |
53 | - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.114 |
54 | - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.115 |
55 | - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.116 |
ViewVC Help | |
Powered by ViewVC 1.1.30 |