Linux Security
    Linux Security
    Linux Security

    Mageia 2021-0047: kernel security update

    Date 20 Jan 2021
    555
    Posted By LinuxSecurity Advisories
    This kernel update is based on upstream 5.10.8 and fixes atleast the following security issue: SCSI “EXTENDED COPY” (XCOPY) requests sent to a Linux SCSI target (LIO) allow an attacker to read or write anywhere on any LIO backstore configured
    MGASA-2021-0047 - Updated kernel packages fix security vulnerability
    
    Publication date: 20 Jan 2021
    URL: https://advisories.mageia.org/MGASA-2021-0047.html
    Type: security
    Affected Mageia releases: 7
    CVE: CVE-2020-28374
    
    This kernel update is based on upstream 5.10.8 and fixes atleast the
    following security issue:
    
    SCSI “EXTENDED COPY” (XCOPY) requests sent to a Linux SCSI target (LIO)
    allow an attacker to read or write anywhere on any LIO backstore configured
    on the host, provided the attacker has access to one LUN and knowledge of
    the victim backstore’s vpd_unit_serial (AKA “wwn”). This is possible
    regardless of the transport/HBA settings for the victim backstore
    (CVE-2020-28374).
    
    It also adds the following fixes:
    - fix up kernel-devel packages to not cause errors during dkms installs
      (mga# 27080)
    - backported crypto AES-NI XTS fixes the performance regression introduced
      by the retpoline fixes
    - backported support for nVidia RTX3xxx (Ampere) modesetting
    - backported fixes for broken Intel Haswell GT1 graphics
    - backported fixes for iwlwifi causing some systems to hang on boot
    - backport fix so the admin can chose to disable i915 security mitigations
      to recover from the big performance loss on older hardware caused
      by earlier security fixes
    
    References:
    - https://bugs.mageia.org/show_bug.cgi?id=28163
    - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.7
    - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.8
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28374
    
    SRPMS:
    - 7/core/kernel-5.10.8-2.mga7
    - 7/core/kmod-virtualbox-6.1.16-10.mga7
    - 7/core/kmod-xtables-addons-3.13-6.mga7
    

    LinuxSecurity Poll

    Which is the best secure Linux distro for pentesting?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/50-which-is-the-best-secure-linux-distro-for-pentesting?task=poll.vote&format=json
    50
    radio
    [{"id":"174","title":"Kali Linux","votes":"9","type":"x","order":"1","pct":56.25,"resources":[]},{"id":"175","title":"Parrot OS","votes":"7","type":"x","order":"2","pct":43.75,"resources":[]},{"id":"176","title":"BlackArch Linux","votes":"0","type":"x","order":"3","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

    Please vote first in order to view vote results.


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.