This kernel update is based on upstream 4.9.40 and fixes at least the following security issues: Linux kernel built with the VirtIO GPU driver(CONFIG_DRM_VIRTIO_GPU) support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtio_gpu_object_create(). A user/process could use this flaw to leak host kernel memory potentially resulting in Dos (CVE-2017-10810). It also contains followup fixes to the Stack Clash (CVE-2017-1000370, CVE-2017-1000371) security issues resolved in kernels released at end of June, 2017. Other Mageia kernel specific fixes in this updates: - enable support for NFS4_1 and NFS4_2 (mga#21182) - ALSA: hda/realtek - New codecs support for ALC215/ALC285/ALC289 - ALSA: hda/realtek - New codec device ID for ALC1220 - platform/x86: asus-nb-wmi: Add wapf4 quirk for the X302UA (mga#18756) For other upstream fixes in this update, read the referenced changelogs.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 6 | noarch | kernel | <Â 4.9.40-1 | kernel-4.9.40-1.mga6 |
Mageia | 6 | noarch | kernel-userspace-headers | <Â 4.9.40-1 | kernel-userspace-headers-4.9.40-1.mga6 |
Mageia | 6 | noarch | kmod-vboxadditions | <Â 5.1.22-24 | kmod-vboxadditions-5.1.22-24.mga6 |
Mageia | 6 | noarch | kmod-virtualbox | <Â 5.1.22-24 | kmod-virtualbox-5.1.22-24.mga6 |
Mageia | 6 | noarch | kmod-xtables-addons | <Â 2.12-40 | kmod-xtables-addons-2.12-40.mga6 |
bugs.mageia.org/show_bug.cgi?id=21269
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.36
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.37
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.38
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.39
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.40