Mageia 9 MGASA-2023-0296 Critical: Kernel-Linus Privilege Escalation
mageia
October 22, 2023
This kernel-linus update is based on upstream 6.4.16 and fixes or adds mitigations for atleast the following security issues: A flaw was found in the Linux Kernel
Summary
This kernel-linus update is based on upstream 6.4.16 and fixes or adds
mitigations for atleast the following security issues:
A flaw was found in the Linux Kernel. The tun/tap sockets have their
socket UID hardcoded to 0 due to a type confusion in their
initialization function. While it will be often correct, as tuntap
devices require CAP_NET_ADMIN, it may not always be the case, e.g., a
non-root user only having that capability. This would make tun/tap
sockets being incorrectly treated in filtering/routing decisions,
possibly bypassing network filters. CVE-2023-1076
A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the
Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs
can trigger a double fetch race condition vulnerability and invoke the
`VMGEXIT` handler recursively. If an attacker manages to call the
handler multiple times, they can trigger a stack overflow and cause a
denial of service or potentially guest-to-host escape in kernel
configura...
References
- https://bugs.mageia.org/show_bug.cgi?id=32297
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.10
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.11
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.12
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.13
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.14
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.15
- https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.16
- https://www.cve.org/CVERecord?id=CVE-2023-1076
- https://www.cve.org/CVERecord?id=CVE-2023-4155
- https://www.cve.org/CVERecord?id=CVE-2023-4921
- https://www.cve.org/CVERecord?id=CVE-2023-5197
- https://www.cve.org/CVERecord?id=CVE-2023-25775
- https://www.cve.org/CVERecord?id=CVE-2023-42754
- https://www.cve.org/CVERecord?id=CVE-2023-42756
Resolution
SRPMS
- 9/core/kernel-linus-6.4.16-3.mga9
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Publication date: 22 Oct 2023
URL: https://advisories.mageia.org/MGASA-2023-0296.html
Type: security
CVE: CVE-2023-1076,
CVE-2023-4155,
CVE-2023-4921,
CVE-2023-5197,
CVE-2023-25775,
CVE-2023-42754,
CVE-2023-42756
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!