Advisories » MGASA-2019-0388

Updated kernel packages fix security vulnerability

Publication date: 14 Dec 2019
Modification date: 17 Feb 2022
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-19332

Description

This update provides an update to 5.4 series kernels, currently based on
upstream 5.4.2, adding support for new hardware and features, and fixing
at least the following security issue:

KVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID
(CVE-2019-19332)

WireGuard has been updated to 0.0.20191205.

xtables-addons have been updated to 3.7 for kernel 5.4 support.

For other fixes and features in this update, see the referenced changelogs.
                

References

• https://bugs.mageia.org/show_bug.cgi?id=25834
• https://kernelnewbies.org/Linux_5.4
• https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.1
• https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.2
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19332

SRPMS

7/core

• kernel-5.4.2-1.mga7
• wireguard-tools-0.0.20191205-1.mga7
• kmod-virtualbox-6.0.14-10.mga7
• xtables-addons-3.7-1.mga7
• kmod-xtables-addons-3.7-1.mga7
• ldetect-lst-0.6.7-1.mga7