Alerts This Week
Warning Icon 1 566
Alerts This Week
Warning Icon 1 566

Mageia 8: MGASA-2021-0101 Moderate: Kernel Security Issues

mageia
Calendar Grey March 4, 2021
Dist Mageia Esm H88
The recent kernel patch for Mageia 8 addresses significant vulnerabilities, boosting the fundamental security and reliability of the system.
This kernel update is based on upstream 5.10.19 and fixes atleast the following security issues: An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen

Summary

This kernel update is based on upstream 5.10.19 and fixes atleast the following security issues:
An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the frontend. In this process, errors may be encountered. In one case, an error encountered earlier might be discarded by later processing, resulting in the caller assuming successful mapping, and hence subsequent operations trying to access space that wasn't mapped. In another case, internal state would be insufficiently updated, preventing safe recovery from the error (CVE-2021-26930).
An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a plain bug, deliberately causing a kernel crash. For errors potentially being at least under the influence of guests (such as out of memory conditions), it isn't correct to assume a plain bug. Memory allo...

Read the Full Advisory

References

- https://bugs.mageia.org/show_bug.cgi?id=28470

- https://bugs.mageia.org/show_bug.cgi?id=28435

- https://bugs.mageia.org/show_bug.cgi?id=28429

- https://bugs.mageia.org/show_bug.cgi?id=28417

- https://bugs.mageia.org/show_bug.cgi?id=28415

- https://bugs.mageia.org/show_bug.cgi?id=27910

- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.17

- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.18

- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.19

- https://www.cve.org/CVERecord?id=CVE-2021-26930

- https://www.cve.org/CVERecord?id=CVE-2021-26931

- https://www.cve.org/CVERecord?id=CVE-2021-26932

Topics%20covered

Topics Covered

security advisory moderate security fix kernel system update security issues Linux kernel issues Xen Mageia

Resolution

SRPMS

- 8/core/kernel-5.10.19-1.mga8

- 8/core/kmod-virtualbox-6.1.18-17.mga8

- 8/core/kmod-xtables-addons-3.13-33.mga8

Publication date: 04 Mar 2021
URL: https://advisories.mageia.org/MGASA-2021-0101.html
Type: security
CVE: CVE-2021-26930, CVE-2021-26931, CVE-2021-26932

Topics%20covered

Topics Covered

security advisory moderate security fix kernel system update security issues Linux kernel issues Xen Mageia

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here