Updated kernel packages fix security vulnerabilitiesPublication date: 08 Sep 2021
Affected Mageia releases : 8
CVE: CVE-2021-3640 , CVE-2021-3739 , CVE-2021-3743 , CVE-2021-3753 , CVE-2021-40490
This kernel update is based on upstream 5.10.62 and fixes at least the following security issues: A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system (CVE-2021-3640). A process with CAP_SYS_ADMIN can cause a kernel NULL pointer dereference in btrfs code (CVE-2021-3739). there is an out-of-bound read bug in qrtr_endpoint_post in net/qrtr/qrtr.c (CVE-2021-3743). An out-of-bounds read due to a race condition has been found in the Linux kernel due to write access to vc_mode is not protected by a lock in vt_ioctl (KDSETMDE) (CVE-2021-3753). A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13 (CVE-2021-40490). Other fixes in this update: - audio stopped working with the update to kernel 5.10.60 released in MGASA-2021-0409 (mga#29426). - x86/ACPI/State: Optimize C3 entry on AMD CPUs - fscrypt: add fscrypt_symlink_getattr() for computing st_size - ext4: report correct st_size for encrypted symlinks - f2fs: report correct st_size for encrypted symlinks - ubifs: report correct st_size for encrypted symlinks For other upstream fixes, see the referenced changelogs.