Lucene search

K
mageiaGentoo FoundationMGASA-2018-0263
HistoryMay 31, 2018 - 11:34 p.m.

Updated kernel packages fix security vulnerabilities

2018-05-3123:34:08
Gentoo Foundation
advisories.mageia.org
11

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

0.007 Low

EPSS

Percentile

79.8%

This kernel update is based on the upstream 4.14.44 and fixes at least the following security issues: By mmap()ing a FUSE-backed file onto a process’s memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w) or any other program which makes a read() call to the /proc//cmdline (or /proc//environ) files to block indefinitely (denial of service) or for some controlled time (as a synchronization primitive for other attacks) (CVE-2018-1120). Speculative Store Bypass (SSB) – also known as Spectre Variant 4. Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis (CVE-2018-3639). NOTE! This fix only apply to Amd hardware so far as Intel CPUs need a fixed microcode update in order for the fix to get activated. At the time of this release we dont yet know when Intel will release new microcode. A flaw was found in the Linux kernel where an out of memory (oom) killing of a process that has large spans of mlocked memory can result in deferencing a NULL pointer, leading to denial of service (CVE-2018-1000200). Note! In this kernel update we have for now reverted the security fix: ‘Predictable Random Number Generator Weakness (CVE-2018-1108)’ that was part of the MGASA-2018-0249 security update as it caused several systems to stop booting properly (mga#23060). WireGuard has been updated to 0.0.20180519. For other fixes in this update, see the referenced changelogs.

4.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

0.007 Low

EPSS

Percentile

79.8%