Lucene search

K
mageiaGentoo FoundationMGASA-2015-0237
HistoryMay 27, 2015 - 7:57 p.m.

Updated kernel-linus packages fix security vulnerabilities and bugs

2015-05-2719:57:52
Gentoo Foundation
advisories.mageia.org
14

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

36.3%

Updated kernel-linus fixes security, critical data corruption and pdata loss issues This kernel-linus update is based on upstream -longterm 3.14.43 and fixes a security issue, and critical data corruption and data loss issues: drivers/vhost/scsi.c: potential memory corruption (CVE-2015-4036) ext4 filesystem has a bug that make it possible to lose whole file system block worth of data when we hit the specific interaction with unwritten and delayed extents in status extent tree. when using software raid 0 on SSDs along with trim/discard, any delete or modification of files can lead to random destruction on the filesystem. (this regression was introduced in upstream 3.14.41) For other fixes in this update, see the referenced changelogs.

OSVersionArchitecturePackageVersionFilename
Mageia4noarchkernel-linus< 3.14.43-1kernel-linus-3.14.43-1.mga4

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

36.3%

Related for MGASA-2015-0237