Lucene search

K
mageiaGentoo FoundationMGASA-2020-0140
HistoryMar 14, 2020 - 2:19 a.m.

Updated kernel packages fix security vulnerabilities

2020-03-1402:19:55
Gentoo Foundation
advisories.mageia.org
48
kernel packages
security vulnerabilities
upstream 5.5.9
linux kernel
use-after-free
cve-2019-19768
cve-2020-8647
cve-2020-8648
cve-2020-8649
cve-2020-9383
cve-2020-9391
gcc-8.4.0
nvidia drivers
intel comet lake h raid pci id
amd sensor fusion hub
staging exfat driver
rtl8812au driver
fscrypt
aarch64 architecture
unix

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.01

Percentile

83.4%

This update is based on upstream 5.5.9 and fixes at least the following security vulnerabilities: In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a per-cpu sub-buffer) (CVE-2019-19768). There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c (CVE-2020-8647). There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c (CVE-2020-8648). There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c. (CVE-2020-8649). An issue was discovered in the Linux kernel through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2 (CVE-2020-9383). An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. It ignores the top byte in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to move upwards, aka CID- dcde237319e6. This has been observed to cause heap corruption with the GNU C Library malloc implementation (CVE-2020-9391). Other notable changes in this update: - kernel is built with the updated gcc-8.4.0, thus fixing the issue with nvidia drivers complaining about gcc mismatch and failing the dkms-nvidia* builds. - ahci: Add Intel Comet Lake H RAID PCI ID - update Amd Sensor Fusion Hub driver to v4 - replace staging exfat driver with new upstream exfat driver - update rtl8812au driver for more hw support (mga#26178) - fscrypt: don’t evict dirty inodes after removing key

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.01

Percentile

83.4%