Parent Directory | Revision Log
MGASA-2019-0332: kernel-5.3.11-1.mga7, kmod-virtualbox-6.0.14-6.mga7, kmod-xtables-addons-3.5-9.mga7
1 | type: security |
2 | subject: Updated kernel packages fix security vulnerabilities |
3 | CVE: |
4 | - CVE-2019-0155 |
5 | - CVE-2019-11135 |
6 | - CVE-2018-12207 |
7 | src: |
8 | 7: |
9 | core: |
10 | - kernel-5.3.11-1.mga7 |
11 | - kmod-virtualbox-6.0.14-6.mga7 |
12 | - kmod-xtables-addons-3.5-9.mga7 |
13 | description: | |
14 | This kernel update is based on the upstream 5.3.13 and fixes atleast the |
15 | following security issues: |
16 | |
17 | Insufficient access control in a subsystem for Intel (R) processor graphics |
18 | may allow an authenticated user to potentially enable escalation of |
19 | privilege via local access (CVE-2019-0155). |
20 | |
21 | TSX Asynchronous Abort condition on some CPUs utilizing speculative |
22 | execution may allow an authenticated user to potentially enable |
23 | information disclosure via a side channel with local access |
24 | (CVE-2019-11135). |
25 | |
26 | Improper invalidation for page table updates by a virtual guest operating |
27 | system for multiple Intel(R) Processors may allow an authenticated user to |
28 | potentially enable denial of service of the host system via local access |
29 | (CVE-2018-12207). |
30 | |
31 | For proper mitigations and fixes for theese issues, a microcode update is |
32 | also needed, either with a bios/uefi update from your hardware vendor or |
33 | by installing the microcode-0.20191112-1.mga7.nonfree update (mga#25688). |
34 | |
35 | For other upstream fixes in this update, see the referenced changelogs. |
36 | references: |
37 | - https://bugs.mageia.org/show_bug.cgi?id=25686 |
38 | - https://bugs.mageia.org/show_bug.cgi?id=25688 |
39 | - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.8 |
40 | - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9 |
41 | - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.10 |
42 | - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.11 |
43 | ID: MGASA-2019-0332 |
ViewVC Help | |
Powered by ViewVC 1.1.30 |