Advisories ยป MGASA-2021-0192

Updated kernel packages fix security vulnerabilities

Publication date: 18 Apr 2021
Modification date: 17 Feb 2022
Type: security
Affected Mageia releases : 7 , 8
CVE: CVE-2020-25670 , CVE-2020-25671 , CVE-2020-25672 , CVE-2021-3483 , CVE-2021-29154 , CVE-2021-29657

Description

This kernel update is based on upstream 5.10.30 and fixes at least the
following security issues:

nfc: fix refcount leak in llcp_sock_bind() (CVE-2020-25670)

nfc: fix refcount leak in llcp_sock_connect() (CVE-2020-25671)

nfc: fix memory leak in llcp_sock_connect() (CVE-2020-25672)

firewire: nosy: Fix a use-after-free bug in nosy_ioctl() (CVE-2021-3483)

BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect
computation of branch displacements, allowing them to execute arbitrary 
code within the kernel context (CVE-2021-29154).

KVM: SVM: load control fields from VMCB12 before checking them
(CVE-2021-29657).

It also adds the following fixes:
- x86/fpu/64: Don't FNINIT in kernel_fpu_begin()
- Revert "iommu/amd: Fix performance counter  initialization"
- iommu/amd: Remove performance counter pre-initialization test
- hwmon: (amd_energy) Add AMD family 19h model 30h x86 match
- hwmon: (amd_energy) Use unified function to read energy data
- hwmon: (amd_energy) Restore visibility of energy counters

For other upstream fixes, see the referenced changelogs.

References

SRPMS

8/core

7/core