Advisories » MGASA-2018-0263

Updated kernel packages fix security vulnerabilities

Publication date: 31 May 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-1120 , CVE-2018-3639 , CVE-2018-1000200


This kernel update is based on the upstream 4.14.44 and fixes at least
the following security issues:

By mmap()ing a FUSE-backed file onto a process's memory containing command
line arguments (or environment strings), an attacker can cause utilities
from psutils or procps (such as ps, w) or any other program which makes a
read() call to the /proc//cmdline (or /proc//environ) files to
block indefinitely (denial of service) or for some controlled time (as a
synchronization primitive for other attacks) (CVE-2018-1120).

Speculative Store Bypass (SSB) – also known as Spectre Variant 4.
Systems with microprocessors utilizing speculative execution and speculative
execution of memory reads before the addresses of all prior memory writes
are known may allow unauthorized disclosure of information to an attacker
with local user access via a side-channel analysis (CVE-2018-3639).
NOTE! This fix only apply to Amd hardware so far as Intel CPUs need a
fixed microcode update in order for the fix to get activated. At the time
of this release we dont yet know when Intel will release new microcode.

A flaw was found in the Linux kernel where an out of memory (oom) killing
of a process that has large spans of mlocked memory can result in
deferencing a NULL pointer, leading to denial of service (CVE-2018-1000200).

Note! In this kernel update we have for now reverted the security fix:
'Predictable Random Number Generator Weakness (CVE-2018-1108)' that was
part of the MGASA-2018-0249 security update as it caused several systems
to stop booting properly (mga#23060).

WireGuard has been updated to 0.0.20180519.

For other fixes in this update, see the referenced changelogs.