MGASA-2019-0414

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2019-0414.html

Import Source

https://advisories.mageia.org/MGASA-2019-0414.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2019-0414

Published

2019-12-25T22:57:53Z

Modified

2026-04-16T04:26:08.993893Z

Summary

Updated kernel packages fix security vulnerabilities

Details

This update is based on upstream 5.4.6 and fixes various potential security issues related to buffer overflows, double frees, NUll pointer dereferences, improper / missing input validations and so on. It also adds other bugfixes all over the kernel.

Other fixes added in this update: - x86/MCE/AMD: Do not use rdmsrsafeoncpu() in smcaconfigure(), fixing an deadlock issue. - x86/mm: Split vmallocsyncall(), fixing up big performance regressions in some x8664 workloads (example: reaim.jobspermin -79.7% regression) - The Intel cpu/gpu specific security fixes in upstream 5.3.11 broke RC6 and that prevents CPUs from entering C-states, causing higher power consumption. This update adds upstream fixes to restore RC6 to a working state (fdo#112315) - radeon changes in upstream 5.4 to remove the 'needdma32 flag' has been reverted as it caused radeon to malfunction on 32bit kernels - iwlwifi fixes for firmware crashes (mga#25926), failures on warm reboot, and performance fixes

WireGuard has been updated to 0.0.20191219.

For other fixes in this update, see the referenced changelogs.

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:7 / kernel

Package

Name: kernel
Purl: pkg:rpm/mageia/kernel?arch=source&distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.4.6-2.mga7

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2019-0414.json"

Mageia:7 / kmod-virtualbox

Package

Name: kmod-virtualbox
Purl: pkg:rpm/mageia/kmod-virtualbox?arch=source&distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.0.14-16.mga7

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2019-0414.json"

Mageia:7 / kmod-xtables-addons

Package

Name: kmod-xtables-addons
Purl: pkg:rpm/mageia/kmod-xtables-addons?arch=source&distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.7-6.mga7

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2019-0414.json"

Mageia:7 / wireguard-tools

Package

Name: wireguard-tools
Purl: pkg:rpm/mageia/wireguard-tools?arch=source&distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.0.20191219-1.mga7

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2019-0414.json"