MGASA-2017-0258
- Source
- https://advisories.mageia.org/MGASA-2017-0258.html
- Import Source
- https://advisories.mageia.org/MGASA-2017-0258.json
- JSON Data
- https://api.osv.dev/v1/vulns/MGASA-2017-0258
- Related
- Published
- 2017-08-13T13:17:41Z
- Modified
- 2022-02-17T18:21:47Z
- Summary
- Updated kernel-linus packages fixes security and other bugs
- Details
-
This kernel-linus update is based on upstream 4.9.40 and fixes at least the following security issues:
Linux kernel built with the VirtIO GPU driver(CONFIGDRMVIRTIOGPU) support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtiogpuobjectcreate(). A user/process could use this flaw to leak host kernel memory potentially resulting in Dos (CVE-2017-10810).
It also contains followup fixes to the Stack Clash (CVE-2017-1000370, CVE-2017-1000371) security issues resolved in kernels released at end of June, 2017.
Other Mageia kernel specific fixes in this updates: - enable support for NFS41 and NFS42 (mga#21182)
For other upstream fixes in this update, read the referenced changelogs.
- References
-
- https://advisories.mageia.org/MGASA-2017-0258.html
- https://bugs.mageia.org/show_bug.cgi?id=21388
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.36
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.37
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.38
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.39
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.40
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:6 / kernel-linus
Package
- Name
- kernel-linus
- Purl
- pkg:rpm/mageia/kernel-linus?distro=mageia-6