Advisories ยป MGASA-2014-0392

Updated kernel & related packages provide 3.10 longterm support branch

Publication date: 28 Sep 2014
Type: security
Affected Mageia releases : 3
CVE: CVE-2014-3601

Description

This kernel update provides an update based on upstream 
3.10.54 from the 3.10 -longterm branch. It also fixes the
following security issue:

The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux
kernel through 3.16.1 miscalculates the number of pages during the
handling of a mapping failure, which allows guest OS users to (1)
cause a denial of service (host OS memory corruption) or possibly
have unspecified other impact by triggering a large gfn value or
(2) cause a denial of service (host OS memory consumption) by
triggering a small gfn value that leads to permanently pinned
pages. (CVE-2014-3601)

For other changes, see the referenced changelogs.
                

References

SRPMS

3/nonfree

3/core