Updated kernel packages fix security vulnerabilities

This update is based on upstream 5.4.6 and fixes various potential security issues related to buffer overflows, double frees, NUll pointer dereferences, improper / missing input validations and so on. It also adds other bugfixes all over the kernel. Other fixes added in this update: - x86/MCE/AMD...

MGASA-2019-0388 Updated kernel packages fix security vulnerability

This update provides an update to 5.4 series kernels, currently based on upstream 5.4.2, adding support for new hardware and features, and fixing at least the following security issue: KVM: x86: fix out-of-bounds write in KVMGETEMULATEDCPUID CVE-2019-19332 WireGuard has been updated to...

Linux Bug Opens Most VPNs to Hijacking

A vulnerability in most Linux distros has been uncovered that allows a network-adjacent attacker to hijack VPN connections and inject rogue data into the secure tunnels that victims are using to communicate with remote servers. According to researchers at University of New Mexico and Breakpointin...

New Linux Bug Lets Attackers Hijack Encrypted VPN Connections

A team of cybersecurity researchers has disclosed a new severe vulnerability affecting most Linux and Unix-like operating systems, including FreeBSD, OpenBSD, macOS, iOS, and Android, that could allow remote 'network adjacent attackers' to spy on and tamper with encrypted VPN connections. The...

MGASA-2019-0295 Updated kernel packages fix various issues

This kernel update is based on the upstream 5.3.6 and fixes several issues. a potential kernel crash by using suppress-prefix rule in ipv6 3rdparty rtl8723/rtl8821ce drivers have been fixed to work with kernel 5.3 series rtl8xxxu: Fix wifi low signal strength issue of RTL8723BU rtw88 and exfat...

Updated kernel packages fix various issues

This kernel update is based on the upstream 5.3.6 and fixes several issues. a potential kernel crash by using suppress-prefix rule in ipv6 3rdparty rtl8723/rtl8821ce drivers have been fixed to work with kernel 5.3 series rtl8xxxu: Fix wifi low signal strength issue of RTL8723BU rtw88 and exfat...

MGASA-2019-0288 Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 5.2.16 and fixes at least the following security issues: There is heap-based buffer overflow in the marvell wifi chip driver that allows local users to cause a denial of servicesystem crash or possibly execute arbitrary code CVE-2019-14814,...

MGASA-2019-0287 Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.145 and fixes at least the following security issues: There is heap-based buffer overflow in the marvell wifi chip driver that allows local users to cause a denial of servicesystem crash or possibly execute arbitrary code CVE-2019-14814,...

Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.145 and fixes at least the following security issues: There is heap-based buffer overflow in the marvell wifi chip driver that allows local users to cause a denial of servicesystem crash or possibly execute arbitrary code CVE-2019-14814,...

Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 5.2.16 and fixes at least the following security issues: There is heap-based buffer overflow in the marvell wifi chip driver that allows local users to cause a denial of servicesystem crash or possibly execute arbitrary code CVE-2019-14814,...

MGASA-2019-0282 Updated wireguard packages fix security vulnerability

Updated wireshark packages fix security vulnerability: The Gryphon dissector could go into an infinite loop. For other fixes in this update, see the referenced releasenotes...

MGASA-2019-0221 Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.137 and fixes at least the following security issues: A Spectre SWAPGS gadget was found in the Linux kernel's implementation of system interrupts. An attacker with local access could use this information to reveal private data through a Spectre lik...

Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.137 and fixes at least the following security issues: A Spectre SWAPGS gadget was found in the Linux kernel's implementation of system interrupts. An attacker with local access could use this information to reveal private data through a Spectre lik...

MGASA-2019-0195 Updated kernel packages fix security vulnerability

This kernel update is based on the upstream 4.14.127 and fixes at least the following security issues: Jonathan Looney discovered that it is possible to send a crafted sequence of SACKs which will fragment the RACK send map. An attacker may be able to further exploit the fragmented send map to...

Updated kernel-tmb packages fix security vulnerability

This kernel-tmb update is based on the upstream 4.14.127 and fixes at least the following security issues: Jonathan Looney discovered that it is possible to send a crafted sequence of SACKs which will fragment the RACK send map. An attacker may be able to further exploit the fragmented send map t...

Updated kernel packages fixes security vulnerabilities

This kernel update is based on the upstream 4.14.116 and fixes at least the following security issues: A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the...

MGASA-2019-0120 Updated kernel packages fix security vulnerability

This kernel update is based on the upstream 4.14.106 and fixes at least the following security issue: In the Linux kernel before 4.20.14, expanddownwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on...

Updated kernel packages fix security vulnerability

This kernel update is based on the upstream 4.14.106 and fixes at least the following security issue: In the Linux kernel before 4.20.14, expanddownwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on...

MGASA-2018-0374 Updated kernel-tmb packages fix security vulnerabilities

This kernel-tmb update is based on the upstream 4.14.69 and adds additional fixes for the L1TF and Spectre security issues. It also fixes at least the following security issues: Memory leak in the irdabind function in net/irda/afirda.c and later in drivers/staging/irda/net/afirda.c in the Linux...

Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.69 and adds additional fixes for the L1TF and Spectre security issues. It also fixes at least the following security issues: Memory leak in the irdabind function in net/irda/afirda.c and later in drivers/staging/irda/net/afirda.c in the Linux kerne...