{"id":"MGASA-2016-0429","summary":"Updated kernel and kmod packages fix security vulnerabilities","details":"This update is based on upstream 4.4.39 and fixes at least the following\nsecurity issues:\n\nDue to lack of size checking on ICMP header length, it is possible to\ncause out-of-bounds read on stack (CVE-2016-8399)\n\nA use-after-free vulnerability in the SCSI generic driver allows users\nwith write access to /dev/sg* or /dev/bsg* to elevate their privileges\n(CVE-2016-9576).\n\nA use-after-free vulnerability was found in ALSA pcm layer, which allows\nlocal users to cause a denial of service, memory corruption, or possibly\nother unspecified impact (CVE-2016-9794).\n\nOther fixes in this update:\n- fix for HID gamepad DragonRise (mga#19853)\n- fix for radeon driver crashing on Dell Precision M4800 (mga#19892)\n\nFor other upstream fixes in this update, see the referenced changelogs.\n","modified":"2026-04-16T01:48:34.130900177Z","published":"2016-12-29T10:29:11Z","upstream":["CVE-2016-8399","CVE-2016-9576","CVE-2016-9794"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2016-0429.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=19990"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=19892"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=19853"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.37"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.38"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.39"}],"affected":[{"package":{"name":"kernel","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/kernel?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.39-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0429.json"}},{"package":{"name":"kernel-userspace-headers","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/kernel-userspace-headers?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.4.39-1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0429.json"}},{"package":{"name":"kmod-vboxadditions","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/kmod-vboxadditions?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.1.10-3.1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0429.json"}},{"package":{"name":"kmod-virtualbox","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/kmod-virtualbox?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.1.10-3.1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0429.json"}},{"package":{"name":"kmod-xtables-addons","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/kmod-xtables-addons?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.10-18.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0429.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}