Alerts This Week
Warning Icon 1 535
Alerts This Week
Warning Icon 1 535

Mageia 8: MGASA-2022-0243 Moderate: Intel Information Disclosure

mageia
Calendar Grey June 29, 2022
Dist Mageia Esm H88
The Mageia project has released a kernel-linus security patch MGASA-2022-0243 targeting vulnerabilities that could expose sensitive information on Intel processor architectures.
This kernel update-linus is based on upstream 5.15.50 and fixes at least the following security issues: Incomplete cleanup of multi-core shared buffers for some Intel Processors m...

Summary

This kernel update-linus is based on upstream 5.15.50 and fixes at least the following security issues:
Incomplete cleanup of multi-core shared buffers for some Intel Processorsmay allow an authenticated user to potentially enable information disclosure via local access (CVE-2022-21123).
Incomplete cleanup of microarchitectural fill buffers on some Intel Processors may allow an authenticated user to potentially enable information disclosure via local access (CVE-2022-21125).
Incomplete cleanup in specific special register read operations for some Intel Processors may allow an authenticated user to potentially enable information disclosure via local access (CVE-2022-21127, CVE-2022-21166).
For other upstream fixes, see the referenced changelogs.

References

- https://bugs.mageia.org/show_bug.cgi?id=30564

- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.47

- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.48

- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.49

- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.50

- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html

- https://www.cve.org/CVERecord?id=CVE-2022-21123

- https://www.cve.org/CVERecord?id=CVE-2022-21125

- https://www.cve.org/CVERecord?id=CVE-2022-21127

- https://www.cve.org/CVERecord?id=CVE-2022-21166

Topics%20covered

Topics Covered

security advisory security update kernel patch moderate severity information disclosure Mageia Intel issue

Resolution

SRPMS

- 8/core/kernel-linus-5.15.50-1.mga8

Publication date: 29 Jun 2022
URL: https://advisories.mageia.org/MGASA-2022-0243.html
Type: security
CVE: CVE-2022-21123, CVE-2022-21125, CVE-2022-21127, CVE-2022-21166

Topics%20covered

Topics Covered

security advisory security update kernel patch moderate severity information disclosure Mageia Intel issue

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here