Mageia 2019-0306: kernel security update

    Date29 Oct 2019
    CategoryMageia
    433
    Posted ByLinuxSecurity Advisories
    This kernel update is based on the upstream 5.3.7 and fixes several issues: * various security issues in the usb subsystem * rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow (CVE-2019-17666)
    MGASA-2019-0306 - Updated kernel packages fix security vulnerabilities
    
    Publication date: 29 Oct 2019
    URL: https://advisories.mageia.org/MGASA-2019-0306.html
    Type: security
    Affected Mageia releases: 7
    CVE: CVE-2019-17666
    
    This kernel update is based on the upstream 5.3.7 and fixes several issues:
    * various security issues in the usb subsystem
    * rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux
      kernel through 5.3.6 lacks a certain upper-bound check, leading to a
      buffer overflow (CVE-2019-17666)
    
    
    Other issues fixed by this update:
    
    * Xorg displays a black screen with kernel > 5.2.x on some Intel GPUs
      (mga#25546)
    * Firmware crash with Intel(R) Dual Band Wireless AC 3168 (mga#25609)
    * a fix for an MTRR bug for intel-lpss-pci causing atleast some Ice Lake
      laptops to not boot
    
    For other upstream fixes in this update, see the referenced changelog.
    
    References:
    - https://bugs.mageia.org/show_bug.cgi?id=25602
    - https://bugs.mageia.org/show_bug.cgi?id=25546
    - https://bugs.mageia.org/show_bug.cgi?id=25609
    - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.7
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17666
    
    SRPMS:
    - 7/core/kernel-5.3.7-4.mga7
    - 7/core/kmod-virtualbox-6.0.14-4.mga7
    - 7/core/kmod-xtables-addons-3.5-6.mga7
    

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"66","type":"x","order":"1","pct":57.39,"resources":[]},{"id":"88","title":"Should be more technical","votes":"15","type":"x","order":"2","pct":13.04,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"34","type":"x","order":"3","pct":29.57,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.