Advisories » MGASA-2019-0120

Updated kernel packages fix security vulnerability

Publication date: 29 Mar 2019
Modification date: 17 Feb 2022
Type: security
Affected Mageia releases : 6
CVE: CVE-2019-9213

Description

This kernel update is based on the upstream 4.14.106 and fixes at least
the following security issue:

In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks
a check for the mmap minimum address, which makes it easier for attackers
to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is
related to a capability check for the wrong task (CVE-2019-9213).

It also adds a preparatory fix for Skylake systems that will receive a
microcode update at a later date to address a TSX errata.

WireGuard has been updated to 0.0.20190227.

For other uptstream fixes in this update, see the referenced changelogs.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=24519
• https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.105
• https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.106
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9213

SRPMS

6/core

• kernel-4.14.106-1.mga6
• kernel-userspace-headers-4.14.106-1.mga6
• kmod-vboxadditions-5.2.24-9.mga6
• kmod-virtualbox-5.2.24-9.mga6
• kmod-xtables-addons-2.13-83.mga6
• wireguard-tools-0.0.20190227-1.mga6