Updated kernel packages fix security vulnerabilityPublication date: 03 Aug 2019
Affected Mageia releases : 7
This kernel update is based on the upstream 5.1.20 and fixes at least the following security issue: With Xen, virtual device backends and device models running in domain 0, or other backend driver domains, need to be able to map guest memory (either via grant mappings, or via the foreign mapping interface). For Linux to keep track of these mappings, it needs to have a page structure for each one. In PV dom0, a range of pfns are typically set aside at boot (“pre-ballooned”) for this purpose; for PVH and Arm dom0s, no memory is set aside to begin with. In either case, when more of this “foreign / grant map pfn space” is needed, dom0 will balloon out extra pages to use for this purpose. Unfortunately, in Linux, there are no limits, either on the total amount of memory which dom0 will attempt to balloon down to, nor on the amount of “foreign / grant map” memory which any individual guest can consume. As a result, a malicious guest may be able, with crafted requests to the backend, to cause dom0 to exhaust its own memory, leading to a host crash; and if this is not possible, it may be able to monopolize all of the foreign / grant map pfn space, starving out other guests (XSA-300). Other changes in this update: - kernel configs: * enable Full dynticks system (tickless) (NO_HZ_FULL) * enable CONFIG_RCU_NOCB_CPU (mga#24701) - add kernel side support for temperature monitoring on Amd Ryzen 3000 series (lm_sensors 3.5.0-2.1.mga7 or newer is also needed) For other upstream changes in this update, see the referenced changelogs. Note! This is the last update that is based on the upstream 5.1 series. Next update will be based on the upstream 5.2 series.