Advisories ยป MGASA-2019-0120

Updated kernel packages fix security vulnerability

Publication date: 29 Mar 2019
Type: security
Affected Mageia releases : 6
CVE: CVE-2019-9213


This kernel update is based on the upstream 4.14.106 and fixes at least
the following security issue:

In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks
a check for the mmap minimum address, which makes it easier for attackers
to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is
related to a capability check for the wrong task (CVE-2019-9213).

It also adds a preparatory fix for Skylake systems that will receive a
microcode update at a later date to address a TSX errata.

WireGuard has been updated to 0.0.20190227.

For other uptstream fixes in this update, see the referenced changelogs.