Advisories ยป MGASA-2020-0184

Updated kernel-linus packages fix security vulnerabilities

Publication date: 25 Apr 2020
Modification date: 17 Feb 2022
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-19377 , CVE-2020-11494 , CVE-2020-11565 , CVE-2020-11608 , CVE-2020-11609 , CVE-2020-11668

Description

This provides an update to kernel 5.6 series, currently based on
upstream 5.6.6 adding support for new hardware and features, and
fixes at least the following security issues:

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image,
performing some operations, and unmounting can lead to a use-after-free
in btrfs_queue_work in fs/btrfs/async-thread.c (CVE-2019-19377).

An issue was discovered in slc_bump in drivers/net/can/slcan.c in the
Linux kernel through 5.6.2. It allows attackers to read uninitialized
can_frame data, potentially containing sensitive information from kernel
stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL
(CVE-2020-11494).

An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str
in mm/mempolicy.c has a stack-based out-of-bounds write because an empty
nodelist is mishandled during mount option parsing (CVE-2020-11565).

An issue was discovered in the Linux kernel before 5.6.1. drivers/media/
usb/gspca/ov519.c allows NULL pointer dereferences in ov511_mode_init_regs
and ov518_mode_init_regs when there are zero endpoints (CVE-2020-11608).

An issue was discovered in the stv06xx subsystem in the Linux kernel
before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and drivers/media/
usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid descriptors, as
demonstrated by a NULL pointer dereference (CVE-2020-11609).

In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c
(aka the Xirlink camera USB driver) mishandles invalid descriptors
(CVE-2020-11668).

For other fixes and changes in this update, see the refenced changelogs.

References

SRPMS

7/core