MGASA-2017-0259
- Source
- https://advisories.mageia.org/MGASA-2017-0259.html
- Import Source
- https://advisories.mageia.org/MGASA-2017-0259.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MGASA-2017-0259
- Related
- Published
- 2017-08-13T13:17:41Z
- Modified
- 2022-02-17T18:21:47Z
- Summary
- Updated kernel-tmb packages fixes security and other bugs
- Details
-
This kernel-tmb update is based on upstream 4.9.40 and fixes at least the following security issues:
Linux kernel built with the VirtIO GPU driver(CONFIGDRMVIRTIOGPU) support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtiogpuobjectcreate(). A user/process could use this flaw to leak host kernel memory potentially resulting in Dos (CVE-2017-10810).
It also contains followup fixes to the Stack Clash (CVE-2017-1000370, CVE-2017-1000371) security issues resolved in kernels released at end of June, 2017.
Other Mageia kernel specific fixes in this updates: - enable support for NFS41 and NFS42 (mga#21182) - ALSA: hda/realtek - New codecs support for ALC215/ALC285/ALC289 - ALSA: hda/realtek - New codec device ID for ALC1220 - platform/x86: asus-nb-wmi: Add wapf4 quirk for the X302UA (mga#18756)
For other upstream fixes in this update, read the referenced changelogs.
- References
-
- https://advisories.mageia.org/MGASA-2017-0259.html
- https://bugs.mageia.org/show_bug.cgi?id=21389
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.36
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.37
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.38
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.39
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.40
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:6 / kernel-tmb
Package
- Name
- kernel-tmb
- Purl
- pkg:rpm/mageia/kernel-tmb?distro=mageia-6