advisories/24773.adv

type: security
subject: Updated kernel packages fixes security vulnerabilities
CVE:
 - CVE-2019-3882
 - CVE-2019-7308
 - CVE-2019-11486
 - CVE-2019-11599
src:
  6:
   core:
     - kernel-4.14.116-1.mga6
     - kernel-userspace-headers-4.14.116-1.mga6
     - kmod-vboxadditions-6.0.6-2.mga6
     - kmod-virtualbox-6.0.6-2.mga6
     - kmod-xtables-addons-2.13-84.mga6
     - wireguard-tools-0.0.20190406-1.mga6
description: |
  This kernel update is based on the upstream 4.14.116 and fixes at least
  the following security issues:

  A flaw was found in the Linux kernel's vfio interface implementation that
  permits violation of the user's locked memory limit. If a device is bound
  to a vfio driver, such as vfio-pci, and the local attacker is
  administratively granted ownership of the device, it may cause a system
  memory exhaustion and thus a denial of service (DoS) (CVE-2019-3882).

  kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable
  out-of-bounds speculation on pointer arithmetic in various cases, including
  cases of different branches with different state or limits to sanitize,
  leading to side-channel attacks (CVE-2019-7308).

  The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the
  Linux kernel before 5.0.8 has multiple race conditions (CVE-2019-11486).

  The coredump implementation in the Linux kernel before 5.0.10 does not use
  locking or other mechanisms to prevent vma layout or vma flags changes while
  it runs, which allows local users to obtain sensitive information, cause a
  denial of service, or possibly have unspecified other impact by triggering
  a race condition with mmget_not_zero or get_task_mm calls (CVE-2019-11599).

  WireGuard has been updated to 0.0.20190406.

  For other uptstream fixes in this update, see the referenced changelogs.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=24773
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.107
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.108
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.109
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.110
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.111
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.112
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.113
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.114
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.115
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.116
ID: MGASA-2019-0170
1	type: security
2	subject: Updated kernel packages fixes security vulnerabilities
3	CVE:
4	- CVE-2019-3882
5	- CVE-2019-7308
6	- CVE-2019-11486
7	- CVE-2019-11599
8	src:
9	6:
10	core:
11	- kernel-4.14.116-1.mga6
12	- kernel-userspace-headers-4.14.116-1.mga6
13	- kmod-vboxadditions-6.0.6-2.mga6
14	- kmod-virtualbox-6.0.6-2.mga6
15	- kmod-xtables-addons-2.13-84.mga6
16	- wireguard-tools-0.0.20190406-1.mga6
17	description: \|
18	This kernel update is based on the upstream 4.14.116 and fixes at least
19	the following security issues:
20
21	A flaw was found in the Linux kernel's vfio interface implementation that
22	permits violation of the user's locked memory limit. If a device is bound
23	to a vfio driver, such as vfio-pci, and the local attacker is
24	administratively granted ownership of the device, it may cause a system
25	memory exhaustion and thus a denial of service (DoS) (CVE-2019-3882).
26
27	kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable
28	out-of-bounds speculation on pointer arithmetic in various cases, including
29	cases of different branches with different state or limits to sanitize,
30	leading to side-channel attacks (CVE-2019-7308).
31
32	The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the
33	Linux kernel before 5.0.8 has multiple race conditions (CVE-2019-11486).
34
35	The coredump implementation in the Linux kernel before 5.0.10 does not use
36	locking or other mechanisms to prevent vma layout or vma flags changes while
37	it runs, which allows local users to obtain sensitive information, cause a
38	denial of service, or possibly have unspecified other impact by triggering
39	a race condition with mmget_not_zero or get_task_mm calls (CVE-2019-11599).
40
41	WireGuard has been updated to 0.0.20190406.
42
43	For other uptstream fixes in this update, see the referenced changelogs.
44	references:
45	- https://bugs.mageia.org/show_bug.cgi?id=24773
46	- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.107
47	- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.108
48	- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.109
49	- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.110
50	- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.111
51	- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.112
52	- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.113
53	- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.114
54	- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.115
55	- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.116
56	ID: MGASA-2019-0170