Lucene search

K
mageia
Gentoo FoundationMGASA-2020-0227
HistoryMay 24, 2020 - 9:04 p.m.

Updated kernel packages fix security vulnerability

2020-05-2421:04:47
Gentoo Foundation
advisories.mageia.org
22

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

79.7%

This update is based on the upstream 5.6.14 kernel and fixes at least the following security issues: A NULL pointer dereference flaw was found in the Linux kernel’s SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol’s category bitmap into the SELinux extensible bitmap via the’ ebitmap_netlbl_import’ routine. While processing the CIPSO restricted bitmap tag in the ‘cipso_v4_parsetag_rbm’ routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service (CVE-2020-10711). An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case (CVE-2020-12770). gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel through 5.6.13 relies on kstrdup without considering the possibility of an internal ‘\0’ value, which allows attackers to trigger an out-of-bounds read (CVE-2020-13143). Other fixes in this update: - KVM: x86: only do L1TF workaround on affected processors (this now correctly excludes non-affected AMD Ryzen and EPYC processors) - add Amd Renoir detection to amd_nb, hwmon (k10temp) and EDAC - additional fixes to the integrated virtualbox support for better interaction with virtualbox.org releases - ndiswrapper has been updated to 1.63 - wireguard-tools have been updated to 1.0.20200513 For other upstream fixes and changes in this update, see the refenced changelogs.

How to protect your server from attacks?

6.7 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

79.7%

Related for MGASA-2020-0227