Updated kernel & related packages provide 3.10 longterm support branch
Publication date: 28 Sep 2014Modification date: 28 Sep 2014
Type: security
Affected Mageia releases : 3
CVE: CVE-2014-3601
Description
This kernel update provides an update based on upstream
3.10.54 from the 3.10 -longterm branch. It also fixes the
following security issue:
The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux
kernel through 3.16.1 miscalculates the number of pages during the
handling of a mapping failure, which allows guest OS users to (1)
cause a denial of service (host OS memory corruption) or possibly
have unspecified other impact by triggering a large gfn value or
(2) cause a denial of service (host OS memory consumption) by
triggering a small gfn value that leads to permanently pinned
pages. (CVE-2014-3601)
For other changes, see the referenced changelogs.
References
- https://bugs.mageia.org/show_bug.cgi?id=14094
- https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.51
- https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.52
- https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.53
- https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.54
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3601
SRPMS
3/core
- kernel-3.10.54-2.mga3
- kernel-userspace-headers-3.10.54-2.mga3
- kmod-xtables-addons-2.3-22.mga3
3/nonfree
- kmod-broadcom-wl-6.30.223.141-22.mga3.nonfree
- kmod-fglrx-13.251-12.mga3.nonfree
- kmod-nvidia173-173.14.38-36.mga3.nonfree
- kmod-nvidia304-304.108-22.mga3.nonfree
- kmod-nvidia-current-319.60-22.mga3.nonfree