MGASA-2017-0260
- Source
- https://advisories.mageia.org/MGASA-2017-0260.html
- Import Source
- https://advisories.mageia.org/MGASA-2017-0260.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MGASA-2017-0260
- Related
- Published
- 2017-08-13T13:17:41Z
- Modified
- 2022-02-17T18:21:47Z
- Summary
- Updated kernel-linus packages fixes security and other bugs
- Details
-
This kernel-linus update is based on upstream 4.4.79 and fixes at least the following security issues:
Linux kernel built with the VirtIO GPU driver(CONFIGDRMVIRTIOGPU) support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtiogpuobjectcreate(). A user/process could use this flaw to leak host kernel memory potentially resulting in Dos (CVE-2017-10810).
It also contains followup fixes to the Stack Clash (CVE-2017-1000370, CVE-2017-1000371) security issues resolved in kernels released at end of June, 2017.
For other upstream fixes in this update, read the referenced changelogs.
- References
-
- https://advisories.mageia.org/MGASA-2017-0260.html
- https://bugs.mageia.org/show_bug.cgi?id=21391
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.75
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.76
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.77
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.78
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.79
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:5 / kernel-linus
Package
- Name
- kernel-linus
- Purl
- pkg:rpm/mageia/kernel-linus?distro=mageia-5