MGASA-2021-0192 - Updated kernel packages fix security vulnerabilities

Publication date: 18 Apr 2021
Type: security
Affected Mageia releases: 7, 8
CVE: CVE-2020-25670,

This kernel update is based on upstream 5.10.30 and fixes atleast the
following security issues:

nfc: fix refcount leak in llcp_sock_bind() (CVE-2020-25670)

nfc: fix refcount leak in llcp_sock_connect() (CVE-2020-25671)

nfc: fix memory leak in llcp_sock_connect() (CVE-2020-25672)

firewire: nosy: Fix a use-after-free bug in nosy_ioctl() (CVE-2021-3483)

BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect
computation of branch displacements, allowing them to execute arbitrary 
code within the kernel context (CVE-2021-29154).

KVM: SVM: load control fields from VMCB12 before checking them

It also adds the following fixes:
- x86/fpu/64: Don't FNINIT in kernel_fpu_begin()
- Revert "iommu/amd: Fix performance counter  initialization"
- iommu/amd: Remove performance counter pre-initialization test
- hwmon: (amd_energy) Add AMD family 19h model 30h x86 match
- hwmon: (amd_energy) Use unified function to read energy data
- hwmon: (amd_energy) Restore visibility of energy counters

For other upstream fixes, see the referenced changelogs.


- 8/core/kernel-5.10.30-1.mga8
- 8/core/kmod-virtualbox-6.1.18-24.mga8
- 8/core/kmod-xtables-addons-3.13-40.mga8
- 7/core/kernel-5.10.30-1.mga7
- 7/core/kmod-virtualbox-6.1.18-14.mga7
- 7/core/kmod-xtables-addons-3.13-20.mga7