Mageia 2020-0041: kernel security update

    Date17 Jan 2020
    365
    Posted ByLinuxSecurity Advisories
    This update is based on upstream 5.4.12 and fixes atleast the following security vulnerabilities: Intel GPU Hardware prior to Gen11 does not clear EU state during a context switch. This can result in information leakage between
    MGASA-2020-0041 - Updated kernel packages fix security vulnerabilities
    
    Publication date: 17 Jan 2020
    URL: https://advisories.mageia.org/MGASA-2020-0041.html
    Type: security
    Affected Mageia releases: 7
    CVE: CVE-2019-14615,
         CVE-2019-14895
    
    This update is based on upstream 5.4.12 and fixes atleast the following
    security vulnerabilities:
    
    Intel GPU Hardware prior to Gen11 does not clear EU state during a
    context switch. This can result in information leakage between
    contexts (CVE-2019-14615).
    
    A heap-based buffer overflow was discovered in the Marvell WiFi chip
    driver. The flaw could occur when the station attempts a connection
    negotiation during the handling of the remote devices country settings.
    This could allow the remote device to cause a denial of service (system
    crash) or possibly execute arbitrary code (CVE-2019-14895).
    
    For other fixes in this update, see the referenced changelogs.
    
    References:
    - https://bugs.mageia.org/show_bug.cgi?id=26078
    - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.11
    - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.12
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14615
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14895
    
    SRPMS:
    - 7/core/kernel-5.4.12-1.mga7
    - 7/core/kmod-virtualbox-6.0.14-20.mga7
    - 7/core/kmod-xtables-addons-3.7-10.mga7
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the LinuxSecurity Privacy news articles?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/25-what-do-you-think-of-the-linuxsecurity-privacy-news-articles?task=poll.vote&format=json
    25
    radio
    [{"id":"90","title":"Love them!","votes":"29","type":"x","order":"1","pct":90.63,"resources":[]},{"id":"91","title":"I'm indifferent","votes":"2","type":"x","order":"2","pct":6.25,"resources":[]},{"id":"92","title":"Not interested in this topic","votes":"1","type":"x","order":"3","pct":3.13,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.