advisories/29628.adv

type: security
subject: Updated kernel packages fix security vulnerabilities
CVE:
 - CVE-2021-3760
 - CVE-2021-3772
 - CVE-2021-42327
 - CVE-2021-42739
 - CVE-2021-43267
 - CVE-2021-43389
src:
  8:
   core:
     - kernel-5.10.78-1.mga8
     - kmod-virtualbox-6.1.28-1.4.mga8
     - kmod-xtables-addons-3.18-1.28.mga8
     - wireguard-tools-1.0.20210914-1.mga8
description: |
  This kernel update is based on upstream 5.10.78 and fixes atleast the
  following security issues:

  A use-after-free vulnerability in the NFC stack can lead to a threat to
  confidentiality, integrity, and system availability (CVE-2021-3760).

  A flaw in the SCTP stack where a blind attacker may be able to kill an
  existing SCTP association through invalid chunks if the attacker knows
  the IP-addresses and port numbers being used and the attacker can send
  packets with spoofed IP addresses (CVE-2021-3772).

  A flaw heap buffer overflow in the Linux kernel's AMD Radeon graphics
  card driver was found in the way user writes some malicious data to the
  AMD GPU Display Driver Debug Filesystem (to the VGA sub-directory of the
  /sys/kernel/debug/ directory). A local user could use this flaw to crash
  the system or escalate their privileges on the system (CVE-2021-42327).

  The firewire subsystem in the Linux kernel through 5.14.13 has a buffer
  overflow related to drivers/media/firewire/firedtv-avc.c and
  drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles
  bounds checking (CVE-2021-42739).

  A flaw was discovered in the cryptographic receive code in the Linux
  kernel's implementation of transparent interprocess communication. An
  attacker, with the ability to send TIPC messages to the target, can
  corrupt memory and escalate privileges on the target system
  (CVE-2021-43267).

  An issue was discovered in the Linux kernel before 5.14.15. There is an
  array-index-out-of-bounds flaw in the detach_capi_ctr function in
  drivers/isdn/capi/kcapi.c (CVE-2021-43389).

  wireguard-tools are updated to 1.0.20210914.

  For other upstream fixes, see the referenced changelogs. 
references:
 - https://bugs.mageia.org/show_bug.cgi?id=29628
 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.76
 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.77
 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.78
ID: MGASA-2021-0507
1	type: security
2	subject: Updated kernel packages fix security vulnerabilities
3	CVE:
4	- CVE-2021-3760
5	- CVE-2021-3772
6	- CVE-2021-42327
7	- CVE-2021-42739
8	- CVE-2021-43267
9	- CVE-2021-43389
10	src:
11	8:
12	core:
13	- kernel-5.10.78-1.mga8
14	- kmod-virtualbox-6.1.28-1.4.mga8
15	- kmod-xtables-addons-3.18-1.28.mga8
16	- wireguard-tools-1.0.20210914-1.mga8
17	description: \|
18	This kernel update is based on upstream 5.10.78 and fixes atleast the
19	following security issues:
20
21	A use-after-free vulnerability in the NFC stack can lead to a threat to
22	confidentiality, integrity, and system availability (CVE-2021-3760).
23
24	A flaw in the SCTP stack where a blind attacker may be able to kill an
25	existing SCTP association through invalid chunks if the attacker knows
26	the IP-addresses and port numbers being used and the attacker can send
27	packets with spoofed IP addresses (CVE-2021-3772).
28
29	A flaw heap buffer overflow in the Linux kernel's AMD Radeon graphics
30	card driver was found in the way user writes some malicious data to the
31	AMD GPU Display Driver Debug Filesystem (to the VGA sub-directory of the
32	/sys/kernel/debug/ directory). A local user could use this flaw to crash
33	the system or escalate their privileges on the system (CVE-2021-42327).
34
35	The firewire subsystem in the Linux kernel through 5.14.13 has a buffer
36	overflow related to drivers/media/firewire/firedtv-avc.c and
37	drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles
38	bounds checking (CVE-2021-42739).
39
40	A flaw was discovered in the cryptographic receive code in the Linux
41	kernel's implementation of transparent interprocess communication. An
42	attacker, with the ability to send TIPC messages to the target, can
43	corrupt memory and escalate privileges on the target system
44	(CVE-2021-43267).
45
46	An issue was discovered in the Linux kernel before 5.14.15. There is an
47	array-index-out-of-bounds flaw in the detach_capi_ctr function in
48	drivers/isdn/capi/kcapi.c (CVE-2021-43389).
49
50	wireguard-tools are updated to 1.0.20210914.
51
52	For other upstream fixes, see the referenced changelogs.
53	references:
54	- https://bugs.mageia.org/show_bug.cgi?id=29628
55	- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.76
56	- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.77
57	- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.78
58	ID: MGASA-2021-0507