Mageia 2019-0221: kernel security update

    Date12 Aug 2019
    CategoryMageia
    671
    Posted ByLinuxSecurity Advisories
    This kernel update is based on the upstream 4.14.137 and fixes atleast the following security issues: A Spectre SWAPGS gadget was found in the Linux kernel's implementation of system interrupts. An attacker with local access could use this information
    MGASA-2019-0221 - Updated kernel packages fix security vulnerabilities
    
    Publication date: 12 Aug 2019
    URL: https://advisories.mageia.org/MGASA-2019-0221.html
    Type: security
    Affected Mageia releases: 6
    CVE: CVE-2019-1125,
         CVE-2019-3846,
         CVE-2019-3900,
         CVE-2019-10207
    
    This kernel update is based on the upstream 4.14.137 and fixes atleast
    the following security issues:
    
    A Spectre SWAPGS gadget was found in the Linux kernel's implementation of
    system interrupts. An attacker with local access could use this information
    to reveal private data through a Spectre like side channel (CVE-2019-1125).
    
    A flaw that allowed an attacker to corrupt memory and possibly escalate
    privileges was found in the mwifiex kernel module while connecting to a
    malicious wireless network (CVE-2019-3846). 
    
    An infinite loop issue was found in the vhost_net kernel module in Linux
    Kernel up to and including v5.1-rc6, while handling incoming packets in
    handle_rx(). It could occur if one end sends packets faster than the other
    end can process them. A guest user, maybe remote one, could use this flaw
    to stall the vhost_net kernel thread, resulting in a DoS scenario
    (CVE-2019-3900). 
    
    A flaw was found in the Linux kernel’s Bluetooth implementation of UART.
    An attacker with local access and write permissions to the Bluetooth
    hardware could use this flaw to issue a specially crafted ioctl function
    call and cause the system to crash (CVE-2019-10207).
    
    WireGuard has been updated to 0.0.20190702.
    
    For other uptstream fixes in this update, see the referenced changelogs.
    
    References:
    - https://bugs.mageia.org/show_bug.cgi?id=25239
    - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.132
    - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.133
    - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.134
    - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.135
    - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.136
    - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.137
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1125
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3846
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3900
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10207
    
    SRPMS:
    - 6/core/kernel-4.14.137-1.mga6
    - 6/core/kernel-userspace-headers-4.14.137-1.mga6
    - 6/core/kmod-vboxadditions-6.0.10-2.mga6
    - 6/core/kmod-virtualbox-6.0.10-2.mga6
    - 6/core/kmod-xtables-addons-2.13-90.mga6
    - 6/core/wireguard-tools-0.0.20190702-1.mga6
    

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"4","type":"x","order":"1","pct":57.14,"resources":[]},{"id":"88","title":"Should be more technical","votes":"2","type":"x","order":"2","pct":28.57,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"1","type":"x","order":"3","pct":14.29,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.