Mageia 7 Advisory MGASA-2019-0220 Moderate: Spectre And Bluetooth Issues
mageia
August 12, 2019
This kernel update provides an update to the kernel 5.2 series, currently based on 5.2.7 adding support for newer hardware and other new features
Summary
This kernel update provides an update to the kernel 5.2 series, currently
based on 5.2.7 adding support for newer hardware and other new features.
It also fixes atleast the following security issues:
A Spectre SWAPGS gadget was found in the Linux kernel's implementation of
system interrupts. An attacker with local access could use this information
to reveal private data through a Spectre like side channel (CVE-2019-1125).
A flaw was found in the Linux kernel’s Bluetooth implementation of UART.
An attacker with local access and write permissions to the Bluetooth
hardware could use this flaw to issue a specially crafted ioctl function
call and cause the system to crash (CVE-2019-10207).
It also fixes an issue with newer Intel Wireless cards having firmware
crashes with newer iwlwifi firmwares (mga#25143)
For other uptstream features, changes and fixes in this update, see the
referenced changelogs.
References
- https://bugs.mageia.org/show_bug.cgi?id=25240
- https://bugs.mageia.org/show_bug.cgi?id=25143
- https://kernelnewbies.org/Linux_5.2
- - - - - - - - https://www.cve.org/CVERecord?id=CVE-2019-1125
- https://www.cve.org/CVERecord?id=CVE-2019-10207
Topics Covered
Resolution
SRPMS
- 7/core/kernel-5.2.7-1.mga7
- 7/core/kernel-userspace-headers-5.2.7-1.mga7
- 7/core/kmod-virtualbox-6.0.10-3.mga7
- 7/core/kmod-xtables-addons-3.3-57.mga7
- 7/core/xtables-addons-3.3-2.mga7
- 7/core/ldetect-lst-0.6.3-1.mga7
PREVIOUS
NEXT
Publication date: 12 Aug 2019
URL: https://advisories.mageia.org/MGASA-2019-0220.html
Type: security
CVE: CVE-2019-1125,
CVE-2019-10207
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!