This kernel update is based on the upstream 5.3.11 and fixes at least the following security issues: Insufficient access control in a subsystem for Intel ยฎ processor graphics may allow an authenticated user to potentially enable escalation of privilege via local access (CVE-2019-0155). TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access (CVE-2019-11135). Improper invalidation for page table updates by a virtual guest operating system for multiple Intelยฎ Processors may allow an authenticated user to potentially enable denial of service of the host system via local access (CVE-2018-12207). For proper mitigations and fixes for theese issues, a microcode update is also needed, either with a bios/uefi update from your hardware vendor or by installing the microcode-0.20191112-1.mga7.nonfree update (mga#25688). For other upstream fixes in this update, see the referenced changelogs.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 7 | noarch | kernel | <ย 5.3.11-1 | kernel-5.3.11-1.mga7 |
Mageia | 7 | noarch | kmod-virtualbox | <ย 6.0.14-6 | kmod-virtualbox-6.0.14-6.mga7 |
Mageia | 7 | noarch | kmod-xtables-addons | <ย 3.5-9 | kmod-xtables-addons-3.5-9.mga7 |