Updated kernel packages fix security vulnerabilities
Publication date: 25 Dec 2019Modification date: 25 Dec 2019
Type: security
Affected Mageia releases : 7
Description
This update is based on upstream 5.4.6 and fixes various potential
security issues related to buffer overflows, double frees, NUll pointer
dereferences, improper / missing input validations and so on. It also
adds other bugfixes all over the kernel.
Other fixes added in this update:
- x86/MCE/AMD: Do not use rdmsr_safe_on_cpu() in smca_configure(),
fixing an deadlock issue.
- x86/mm: Split vmalloc_sync_all(), fixing up big performance
regressions in some x86_64 workloads
(example: reaim.jobs_per_min -79.7% regression)
- The Intel cpu/gpu specific security fixes in upstream 5.3.11 broke
RC6 and that prevents CPUs from entering C-states, causing higher
power consumption. This update adds upstream fixes to restore
RC6 to a working state (fdo#112315)
- radeon changes in upstream 5.4 to remove the 'need_dma32 flag' has
been reverted as it caused radeon to malfunction on 32bit kernels
- iwlwifi fixes for firmware crashes (mga#25926), failures on warm
reboot, and performance fixes
WireGuard has been updated to 0.0.20191219.
For other fixes in this update, see the referenced changelogs.
References
- https://bugs.mageia.org/show_bug.cgi?id=25897
- https://bugs.mageia.org/show_bug.cgi?id=25926
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.3
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.4
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.5
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.6
SRPMS
7/core
- kernel-5.4.6-2.mga7
- kmod-virtualbox-6.0.14-16.mga7
- kmod-xtables-addons-3.7-6.mga7
- wireguard-tools-0.0.20191219-1.mga7