Advisories ยป MGASA-2022-0242

Updated kernel packages fix security vulnerabilities

Publication date: 29 Jun 2022
Modification date: 29 Jun 2022
Type: security
Affected Mageia releases : 8
CVE: CVE-2022-21123 , CVE-2022-21125 , CVE-2022-21127 , CVE-2022-21166

Description

This kernel update is based on upstream 5.15.50 and fixes at least the
following security issues:

Incomplete cleanup of multi-core shared buffers for some Intel Processors
may allow an authenticated user to potentially enable information disclosure
via local access (CVE-2022-21123).

Incomplete cleanup of microarchitectural fill buffers on some Intel
Processors may allow an authenticated user to potentially enable information
disclosure via local access (CVE-2022-21125).

Incomplete cleanup in specific special register read operations for some
Intel Processors may allow an authenticated user to potentially enable
information disclosure via local access (CVE-2022-21127, CVE-2022-21166).

For other upstream fixes, see the referenced changelogs.
                

References

SRPMS

8/core