MGASA-2015-0237

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2015-0237.html

Import Source

https://advisories.mageia.org/MGASA-2015-0237.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2015-0237

Related

CVE-2015-4036

Published

2015-05-27T16:57:52Z

Modified

2015-05-27T16:47:25Z

Summary

Updated kernel-linus packages fix security vulnerabilities and bugs

Details

Updated kernel-linus fixes security, critical data corruption and pdata loss issues

This kernel-linus update is based on upstream -longterm 3.14.43 and fixes a security issue, and critical data corruption and data loss issues:

drivers/vhost/scsi.c: potential memory corruption (CVE-2015-4036)

ext4 filesystem has a bug that make it possible to lose whole file system block worth of data when we hit the specific interaction with unwritten and delayed extents in status extent tree.

when using software raid 0 on SSDs along with trim/discard, any delete or modification of files can lead to random destruction on the filesystem. (this regression was introduced in upstream 3.14.41)

For other fixes in this update, see the referenced changelogs.

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:4 / kernel-linus

Package

Name: kernel-linus
Purl: pkg:rpm/mageia/kernel-linus?distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.14.43-1.mga4

Ecosystem specific

{
    "section": "core"
}