CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
79.7%
This kernel update is based on upstream 4.4.79 and fixes at least the following security issues: Linux kernel built with the VirtIO GPU driver(CONFIG_DRM_VIRTIO_GPU) support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtio_gpu_object_create(). A user/process could use this flaw to leak host kernel memory potentially resulting in Dos (CVE-2017-10810). It also contains followup fixes to the Stack Clash (CVE-2017-1000370, CVE-2017-1000371) security issues resolved in kernels released at end of June, 2017. For other upstream fixes in this update, read the referenced changelogs.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 5 | noarch | kernel | < 4.4.79-1 | kernel-4.4.79-1.mga5 |
Mageia | 5 | noarch | kernel-userspace-headers | < 4.4.79-1 | kernel-userspace-headers-4.4.79-1.mga5 |
Mageia | 5 | noarch | kmod-vboxadditions | < 5.1.22-8 | kmod-vboxadditions-5.1.22-8.mga5 |
Mageia | 5 | noarch | kmod-virtualbox | < 5.1.22-8 | kmod-virtualbox-5.1.22-8.mga5 |
Mageia | 5 | noarch | kmod-xtables-addons | < 2.10-44 | kmod-xtables-addons-2.10-44.mga5 |
bugs.mageia.org/show_bug.cgi?id=21390
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.75
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.76
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.77
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.78
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.79
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
79.7%