Updated kernel packages fix security vulnerabilities
Publication date: 14 Sep 2018Type: security
Affected Mageia releases : 6
CVE: CVE-2018-6554 , CVE-2018-6555
Description
This kernel update is based on the upstream 4.14.69 and adds additional fixes for the L1TF and Spectre security issues. It also fixes at least the following security issues: Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket (CVE-2018-6554). The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket (CVE-2018-6555). Other fixes in this update: * WireGuard has been updated to 0.0.20180904 * all SPI_INTEL_SPI config options have been disable to prevent a potential bios corrupting bug (mga#23560) For other changes in this update, see the referenced changelogs.
References
- https://bugs.mageia.org/show_bug.cgi?id=23543
- https://bugs.mageia.org/show_bug.cgi?id=23560
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.66
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.67
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.68
- https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.69
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6554
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6555
SRPMS
6/core
- kernel-4.14.69-1.mga6
- kernel-userspace-headers-4.14.69-1.mga6
- kmod-vboxadditions-5.2.18-3.mga6
- kmod-virtualbox-5.2.18-3.mga6
- kmod-xtables-addons-2.13-63.mga6
- wireguard-tools-0.0.20180904-1.mga6