Advisories ยป MGASA-2020-0036

Updated kernel packages fix security vulnerability

Publication date: 13 Jan 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-19037


This update is based on upstream 5.4.10 and fixes at least the following
security issues:

ext4_empty_dir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows
a NULL pointer dereference because ext4_read_dirblock(inode,0,DIRENT_HTREE)
can be zero. (CVE-2019-19037)

It also fixes various potential security issues related to buffer overflows,
double frees, NUll  pointer dereferences, improper / missing input
validations and so on.

Other fixes added in this update:
- Revert 'drm/amdgpu: Set no-retry as default.', fixing amdgpu hang
  on Raven Ridge gpus (mga#25882)
- drm/i915/gt: Detect if we miss WaIdleLiteRestore, fixes or at least
  works around gpu hang (mga#25930)
- 3rdparty/rtl8812au: update to v5.6.4.2 (mga#25982)
- add support for RTL8117 ethernet
- rtl8xxxu: Add support for Edimax EW-7611ULB
- mountpoint_last(): fix the treatment of LAST_BIND
- HID: intel-ish-hid: ipc: Add Comet Lake H PCI device ID
- HID: intel-ish-hid: ipc: Add Tiger Lake PCI device ID
- HID: wacom: Recognize new MobileStudio Pro PID
- updates to the arm64 defconfigs:
  - Enable some EFI stuff on arm64 (mga#26003)
  - Enable a lot of missing things on arm64 kernels (including ACPI
     and Amazon network driver)
  - Disable debug info on arm64 (mga#26015)
  - reduce difference between arm64 and x86_64 defconfigs

WireGuard kernel module has been updated to 0.0.20200105 and the tools
has been updated to 1.0.20200102.

For other fixes in this update, see the referenced changelogs.