Fedora 30: kernel FEDORA-2019-8846a1a5a2

    Date01 Dec 2019
    CategoryFedora
    106
    Posted ByLinuxSecurity Advisories
    The 5.3.13 update contains a number of important fixes across the tree
    --------------------------------------------------------------------------------
    Fedora Update Notification
    FEDORA-2019-8846a1a5a2
    2019-12-02 01:29:23.163452
    --------------------------------------------------------------------------------
    
    Name        : kernel
    Product     : Fedora 30
    Version     : 5.3.13
    Release     : 200.fc30
    URL         : https://www.kernel.org/
    Summary     : The Linux kernel
    Description :
    The kernel meta package
    
    --------------------------------------------------------------------------------
    Update Information:
    
    The 5.3.13 update contains a number of important fixes across the tree
    --------------------------------------------------------------------------------
    ChangeLog:
    
    * Mon Nov 25 2019 Justin M. Forbes  - 5.3.13-200
    - Fix CVE-2019-14895 (rhbz 1774870 1776139)
    - Fix CVE-2019-14896 (rhbz 1774875 1776143)
    - Fix CVE-2019-14897 (rhbz 1774879 1776146)
    - Fix CVE-2019-14901 (rhbz 1773519 1776184)
    - Fix CVE-2019-19078 (rhbz 1776354 1776353)
    * Mon Nov 25 2019 Laura Abbott 
    - Linux v5.3.13
    * Fri Nov 22 2019 Justin M. Forbes 
    - Fix CVE-2019-19077 rhbz 1775724 1775725
    * Thu Nov 21 2019 Justin M. Forbes  - 5.3.12-200
    - Fix CVE-2019-19074 (rhbz 1774933 1774934)
    - Fix CVE-2019-19073 (rhbz 1774937 1774939)
    - Fix CVE-2019-19072 (rhbz 1774946 1774947)
    - Fix CVE-2019-19071 (rhbz 1774949 1774950)
    - Fix CVE-2019-19070 (rhbz 1774957 1774958)
    - Fix CVE-2019-19068 (rhbz 1774963 1774965)
    - Fix CVE-2019-19043 (rhbz 1774972 1774973)
    - Fix CVE-2019-19066 (rhbz 1774976 1774978)
    - Fix CVE-2019-19046 (rhbz 1774988 1774989)
    - Fix CVE-2019-19050 (rhbz 1774998 1775002)
    - Fix CVE-2019-19062 (rhbz 1775021 1775023)
    - Fix CVE-2019-19064 (rhbz 1775010 1775011)
    - Fix CVE-2019-19063 (rhbz 1775015 1775016)
    - Fix CVE-2019-19059 (rhbz 1775042 1775043)
    - Fix CVE-2019-19058 (rhbz 1775047 1775048)
    - Fix CVE-2019-19057 (rhbz 1775050 1775051)
    - Fix CVE-2019-19053 (rhbz 1775956 1775110)
    - Fix CVE-2019-19056 (rhbz 1775097 1775115)
    - Fix CVE-2019-19055 (rhbz 1775074 1775116)
    - Fix CVE-2019-19054 (rhbz 1775063 1775117)
    * Thu Nov 21 2019 Laura Abbott 
    - Linux v5.3.12
    * Tue Nov 12 2019 Justin M. Forbes  - 5.3.11-200
    - Linux v5.3.11
    - Fixes CVE-2019-11135  (rhbz 1753062 1771649)
    - Fixes CVE-2018-12207  (rhbz 1646768 1771645)
    - Fixes CVE-2019-0154   (rhbz 1724393 1771642)
    - Fixes CVE-2019-0155   (rhbz 1724398 1771644)
    * Mon Nov 11 2019 Laura Abbott  - 5.3.10-200
    - Linux v5.3.10
    * Thu Nov  7 2019 Jeremy Cline 
    - Add support for a number of Macbook keyboards and touchpads (rhbz 1769465)
    * Wed Nov  6 2019 Laura Abbott  - 5.3.9-200
    - Linux v5.3.9
    * Tue Oct 29 2019 Laura Abbott  - 5.3.8-200
    - Linux v5.3.8
    - Fix CVE-2019-17666 (rhbz 1763692)
    * Fri Oct 18 2019 Laura Abbott  - 5.3.7-200
    - Linux v5.3.7
    * Mon Oct 14 2019 Laura Abbott  - 5.3.6-200
    - Linux v5.3.6
    * Fri Oct 11 2019 Laura Abbott 
    - Fix disappearing cursor issue (rhbz 1738614)
    * Fri Oct 11 2019 Peter Robinson 
    - Last iwlwifi fix for the recent firmware issues (rhbz 1733369)
    * Tue Oct  8 2019 Laura Abbott  - 5.3.5-200
    - Linux v5.3.5 Rebase
    * Wed Oct  2 2019 Justin M. Forbes 
    - Fix CVE-2019-17052 CVE-2019-17053 CVE-2019-17054 CVE-2019-17055 CVE-2019-17056
      (rhbz 1758239 1758240 1758242 1758243 1758245 1758246 1758248 1758249 1758256 1758257)
    * Tue Oct  1 2019 Justin M. Forbes  - 5.2.18-200
    - Linux v5.2.18
    * Mon Sep 23 2019 Peter Robinson 
    - Upstream patch for iwlwifi 8000 series FW issues (rhbz: 1749949)
    * Mon Sep 23 2019 Justin M. Forbes  - 5.2.17-200
    - Linux v5.2.17
    * Thu Sep 19 2019 Laura Abbott 
    - Fix for dwc3 (rhbz 1753099)
    * Thu Sep 19 2019 Justin M. Forbes  - 5.2.16-200
    - Linux v5.2.16
    - Fix CVE-2019-14821 (rhbz 1746708 1753596)
    * Mon Sep 16 2019 Justin M. Forbes  - 5.2.15-200
    - Linux v5.2.15
    - Fixes rhbz 1751901
    * Tue Sep 10 2019 Justin M. Forbes  - 5.2.14-200
    - Linux v5.2.14
    * Fri Sep  6 2019 Justin M. Forbes  - 5.2.13-200
    - Linux v5.2.13
    * Thu Aug 29 2019 Justin M. Forbes  - 5.2.11-200
    - Linux v5.2.11
    - Fix CVE-2019-15504 (rhbz 1746725 1746726)
    - Fix CVE-2019-15505 (rhbz 1746732 1746734)
    - Fix CVE-2019-15538 (rhbz 1746777 1746779)
    * Wed Aug 28 2019 Justin M. Forbes 
    - Fix mwifiex CVE-2019-14814 CVE-2019-14815 CVE-2019-14816
    - (rhbz 1744130 1744137 1744149 1746566 1746567)
    * Mon Aug 26 2019 Justin M. Forbes  - 5.2.10-200
    - Linux v5.2.10
    * Fri Aug 16 2019 Justin M. Forbes  - 5.2.9-200
    - Linux v5.2.9
    * Sat Aug 10 2019 Justin M. Forbes  - 5.2.8-200
    - Linux v5.2.8
    * Thu Aug  8 2019 Justin M. Forbes  - 5.2.7-200
    - Linux v5.2.7
    * Tue Aug  6 2019 Laura Abbott 
    - Fix netfilter regression (rhbz 1737171)
    * Mon Aug  5 2019 Justin M. Forbes  - 5.2.6-200
    - Linux v5.2.6
    - Temporary fixes for (rhbz 1737046 1730762)
    * Wed Jul 31 2019 Justin M. Forbes  - 5.2.5-200
    - Linux v5.2.5
    - Fix CVE-2019-10207 (rhbz 1733874 1734242)
    * Tue Jul 30 2019 Justin M. Forbes 
    - Fix for screen freezes with i915
    * Mon Jul 29 2019 Justin M. Forbes  - 5.2.4-200
    - Linux v5.2.4 Rebase
    * Fri Jul 26 2019 Jeremy Cline  - 5.1.20-300
    - Linux v5.1.20
    * Mon Jul 22 2019 Laura Abbott 
    - Bring in DMA fix (rhbz 1732045)
    * Mon Jul 22 2019 Jeremy Cline  - 5.1.19-300
    - Linux v5.1.19
    - Fix Xen Security Advisory 300 (rhbz 1731862 1731864)
    - Fix a null pointer dereference in the 8250_lpss serial driver (rhbz 1731784)
    * Thu Jul 18 2019 Jeremy Cline 
    - Fix CVE-2019-13631 (rhbz 1731000 1731001)
    * Mon Jul 15 2019 Jeremy Cline  - 5.1.18-300
    - Linux v5.1.18
    * Wed Jul 10 2019 Jeremy Cline  - 5.1.17-300
    - Linux v5.1.17
    * Mon Jul  8 2019 Jeremy Cline 
    - Fix a firmware crash in Intel 7000 and 8000 devices (rhbz 1716334)
    * Thu Jul  4 2019 Peter Robinson 
    - Fixes for load avg and display on Raspberry Pi
    * Wed Jul  3 2019 Jeremy Cline  - 5.1.16-300
    - Linux v5.1.16
    - Fix an issue with deleting singular conntrack entries (rhbz 1724357)
    * Tue Jun 25 2019 Jeremy Cline  - 5.1.15-300
    - Linux v5.1.15
    - Fixes CVE-2019-12817 (rhbz 1720616 1723697)
    * Mon Jun 24 2019 Hans de Goede 
    - Extend GPD MicroPC LCD panel quirk to also apply to newer BIOS versions
    * Mon Jun 24 2019 Jeremy Cline  - 5.1.14-300
    - Linux v5.1.14
    * Wed Jun 19 2019 Jeremy Cline  - 5.1.12-300
    - Linux v5.1.12
    * Mon Jun 17 2019 Jeremy Cline  - 5.1.11-300
    - Linux v5.1.11
    - Fixes CVE-2019-11477	(rhbz 1719123 1721254)
    - Fixes CVE-2019-11479	(rhbz 1719129 1721255)
    - Fixes CVE-2019-11478	(rhbz 1719128 1721256)
    * Mon Jun 17 2019 Jeremy Cline  - 5.1.10-300
    - Linux v5.1.10
    * Fri Jun 14 2019 Hans de Goede 
    - Fix the LCD panel an Asus EeePC 1025C not lighting up (rhbz#1697069)
    - Fix the LCD panel on the GPD MicroPC not working
    * Thu Jun 13 2019 Justin M. Forbes 
    - Fix CVE-2019-10126 (rhbz 1716992 1720122)
    * Tue Jun 11 2019 Jeremy Cline  - 5.1.9-300
    - Linux v5.1.9
    - Fix UDP checkshums for SIP packets (rhbz 1716289)
    * Sun Jun  9 2019 Jeremy Cline  - 5.1.8-300
    - Linux v5.1.8
    * Fri Jun  7 2019 Justin M. Forbes 
    - Fix CVE-2019-12614 (rhbz 1718176 1718185)
    * Thu Jun  6 2019 Jeremy Cline 
    - Fix incorrect permission denied with lock down off (rhbz 1658675)
    - Fix an issue with the IPv6 neighbor table (rhbz 1708717)
    * Wed Jun  5 2019 Justin M. Forbes 
    - Fix CVE-2019-12456 (rhbz 1717182 1717183)
    * Tue Jun  4 2019 Jeremy Cline  - 5.1.7-300
    - Linux v5.1.7
    - Fix CVE-2019-12455 (rhbz 1716990 1717003)
    - Fix CVE-2019-12454 (rhbz 1716996 1717003)
    * Mon Jun  3 2019 Justin M. Forbes 
    - Fix CVE-2019-12378 (rhbz 1715459 1715460)
    - Fix CVE-2019-3846 (rhbz 1713059 1715475)
    - Fix CVE-2019-12380 (rhbz 1715494 1715495)
    - Fix CVE-2019-12381 (rhbz 1715501 1715502)
    - Fix CVE-2019-12382 (rhbz 1715554 1715556)
    - Fix CVE-2019-12379 (rhbz 1715491 1715706)
    * Fri May 31 2019 Laura Abbott  - 5.1.6-300
    - Linux v5.1.6
    * Sat May 25 2019 Jeremy Cline  - 5.1.5-300
    - Linux v5.1.5
    * Fri May 24 2019 Jeremy Cline  - 5.1.4-301
    - Fix fstrim discarding too many blocks
    * Wed May 22 2019 Jeremy Cline  - 5.1.4-300
    - Linux v5.1.4
    - Fix an issue with Bluetooth 2.0 and earlier devices (rhbz 1711468)
    * Mon May 20 2019 Laura Abbott  - 5.0.17-300
    - Linux v5.0.17
    * Tue May 14 2019 Justin M. Forbes  - 5.0.16-300
    - Linux v5.0.16
    - Fixes CVE-2018-12126 (rhbz 1646781 1709976)
    - Fixes CVE-2018-12127 (rhbz 1667782 1709978)
    - Fixes CVE-2018-12130 (rhbz 1646784 1709989 1709996)
    - Fixes CVE-2019-11091 (rhbz 1705312 1709983)
    * Mon May 13 2019 Laura Abbott  - 5.0.15-300
    - Linux v5.0.15
    - Fixes CVE-2019-11884 (rhbz 1709837 1709838)
    * Thu May  9 2019 Laura Abbott  - 5.0.14-300
    - Linux v5.0.14
    * Mon May  6 2019 Laura Abbott  - 5.0.13-300
    - Linux v5.0.13
    * Sat May  4 2019 Laura Abbott  - 5.0.12-300
    - Linux v5.0.12
    * Thu May  2 2019 Laura Abbott  - 5.0.11-300
    - Linux v5.0.11
    * Tue Apr 30 2019 Laura Abbott  - 5.0.10-300
    - Linux v5.0.10
    * Tue Apr 30 2019 Hans de Goede 
    - Fix wifi on various ideapad models not working (rhbz#1703338)
    * Thu Apr 25 2019 Justin M. Forbes 
    - Fix CVE-2019-3900 (rhbz 1698757 1702940)
    --------------------------------------------------------------------------------
    References:
    
      [ 1 ] Bug #1774870 - CVE-2019-14895 kernel: heap-based buffer overflow in mwifiex_process_country_ie() function in drivers/net/wireless/marvell/mwifiex/sta_ioctl.c
            https://bugzilla.redhat.com/show_bug.cgi?id=1774870
      [ 2 ] Bug #1774875 - CVE-2019-14896 kernel: heap-based buffer overflow in lbs_ibss_join_existing function in drivers/net/wireless/marvell/libertas/cfg.c
            https://bugzilla.redhat.com/show_bug.cgi?id=1774875
      [ 3 ] Bug #1774879 - CVE-2019-14897 kernel: stack-based buffer overflow in add_ie_rates function in drivers/net/wireless/marvell/libertas/cfg.c
            https://bugzilla.redhat.com/show_bug.cgi?id=1774879
      [ 4 ] Bug #1773519 - CVE-2019-14901 kernel: heap overflow in marvell/mwifiex/tdls.c
            https://bugzilla.redhat.com/show_bug.cgi?id=1773519
      [ 5 ] Bug #1776353 - CVE-2019-19078 kernel: memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wireless/ath/ath10k/usb.c leads to DoS
            https://bugzilla.redhat.com/show_bug.cgi?id=1776353
    --------------------------------------------------------------------------------
    
    This update can be installed with the "dnf" update program. Use
    su -c 'dnf upgrade --advisory FEDORA-2019-8846a1a5a2' at the command
    line. For more information, refer to the dnf documentation available at
    http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
    
    All packages are signed with the Fedora Project GPG key. More details on the
    GPG keys used by the Fedora Project can be found at
    https://fedoraproject.org/keys
    --------------------------------------------------------------------------------
    _______________________________________________
    package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it.
    To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it.
    Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
    List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
    List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"65","type":"x","order":"1","pct":57.52,"resources":[]},{"id":"88","title":"Should be more technical","votes":"15","type":"x","order":"2","pct":13.27,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"33","type":"x","order":"3","pct":29.2,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.