Updated kernel packages fix security vulnerabilitiesPublication date: 23 Aug 2023
Affected Mageia releases : 8
CVE: CVE-2022-40982 , CVE-2023-1206 , CVE-2023-4004 , CVE-2023-4147 , CVE-2023-20569 , CVE-2023-34319
This kernel update is based on upstream 5.15.126 and fixes or adds mitigations for atleast the following security issues: Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access (CVE-2022-40982, INTEL-SA-00828). A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network or with a high bandwidth connection can increase the CPU usage of the server that accepts IPV6 connections up to 95% (CVE-2023-1206). A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system (CVE-2023-4004). A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system (CVE-2023-4147). A side channel vulnerability in some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled instruction pointer register, potentially leading to information disclosure (CVE-2023-20569). A buffer overrun vulnerability was found in the netback driver in Xen due to an unusual split packet. This flaw allows an unprivileged guest to cause a denial of service (DoS) of the host by sending network packets to the backend, causing the backend to crash (CVE-2023-34319, XSA-432). Security fix for AMD Zen1 information leak through Divide By Zero. For other upstream fixes in this update, see the referenced changelogs.