Mageia 2020-0228: kernel-linus security update

    Date 24 May 2020
    235
    Posted By LinuxSecurity Advisories
    This update is based on the upstream 5.6.14 kernel and fixes atleast the following security issues: A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the
    MGASA-2020-0228 - Updated kernel-linus packages fix security vulnerabilities
    
    Publication date: 24 May 2020
    URL: https://advisories.mageia.org/MGASA-2020-0228.html
    Type: security
    Affected Mageia releases: 7
    CVE: CVE-2020-10711,
         CVE-2020-12464,
         CVE-2020-12659,
         CVE-2020-12770,
         CVE-2020-13143
    
    This update is based on the upstream 5.6.14 kernel and fixes atleast
    the following security issues:
    
    A NULL pointer dereference flaw was found in the Linux kernel's SELinux
    subsystem in versions before 5.7. This flaw occurs while importing the
    Commercial IP Security Option (CIPSO) protocol's category bitmap into
    the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine.
    While processing the CIPSO restricted bitmap tag in the
    'cipso_v4_parsetag_rbm' routine, it sets the security attribute to
    indicate that the category bitmap is present, even if it has not been
    allocated. This issue leads to a NULL pointer dereference issue while
    importing the same category bitmap into SELinux. This flaw allows a
    remote network user to crash the system kernel, resulting in a denial
    of service (CVE-2020-10711).
    
    usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before
    5.6.8 has a use-after-free because a transfer occurs without a
    reference(CVE-2020-12464).
    
    An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg
    in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the
    CAP_NET_ADMIN capability) because of a lack of headroom validation
    (CVE-2020-12659).
    
    An issue was discovered in the Linux kernel through 5.6.11. sg_write
    lacks an sg_remove_request call in a certain failure case
    (CVE-2020-12770).
    
    gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux
    kernel through 5.6.13 relies on kstrdup without considering the
    possibility of an internal '\0' value, which allows attackers to trigger
    an out-of-bounds read (CVE-2020-13143).
    
    For other fixes and changes in this update, see the refenced changelogs.
    
    References:
    - https://bugs.mageia.org/show_bug.cgi?id=26661
    - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.7
    - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.8
    - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.9
    - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.10
    - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.11
    - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.12
    - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.13
    - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.6.14
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10711
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12464
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12659
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12770
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13143
    
    SRPMS:
    - 7/core/kernel-linus-5.6.14-1.mga7
    

    LinuxSecurity Poll

    How do you feel about the elimination of the terms 'blacklist' and 'slave' from the Linux kernel?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/32-how-do-you-feel-about-the-elimination-of-the-terms-blacklist-and-slave-from-the-linux-kernel?task=poll.vote&format=json
    32
    radio
    [{"id":"112","title":"I strongly support this change - racially charged language should not be used in the code and documentation of the kernel and other open-source projects.","votes":"7","type":"x","order":"1","pct":18.42,"resources":[]},{"id":"113","title":"I'm indifferent - this small change will not affect broader issues of racial insensitivity and white privilege.","votes":"4","type":"x","order":"2","pct":10.53,"resources":[]},{"id":"114","title":"I'm opposed to this change - there is no need to change language that has been used for years. It doesn't make sense for people to take offense to terminology used in community projects.","votes":"27","type":"x","order":"3","pct":71.05,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.