{"id":"MGASA-2017-0234","summary":"Updated kernel packages fixes security and other bugs","details":"This kernel update is based on upstream 4.9.40 and fixes at least the\nfollowing security issues:\n\nLinux kernel built with the VirtIO GPU driver(CONFIG_DRM_VIRTIO_GPU) support\nis vulnerable to a memory leakage issue. It could occur while creating a\nvirtio gpu object in virtio_gpu_object_create(). A user/process could use\nthis flaw to leak host kernel memory potentially resulting in Dos\n(CVE-2017-10810).\n\nIt also contains followup fixes to the Stack Clash (CVE-2017-1000370,\nCVE-2017-1000371) security issues resolved in kernels released at end\nof June, 2017.\n\nOther Mageia kernel specific fixes in this updates:\n- enable support for NFS4_1 and NFS4_2 (mga#21182)\n- ALSA: hda/realtek - New codecs support for ALC215/ALC285/ALC289\n- ALSA: hda/realtek - New codec device ID for ALC1220\n- platform/x86: asus-nb-wmi: Add wapf4 quirk for the X302UA (mga#18756)\n\nFor other upstream fixes in this update, read the referenced changelogs.\n","modified":"2026-04-16T01:48:39.514698604Z","published":"2017-07-30T18:27:15Z","upstream":["CVE-2017-10810"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2017-0234.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=21269"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.36"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.37"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.38"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.39"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.40"}],"affected":[{"package":{"name":"kernel","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kernel?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.9.40-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0234.json"}},{"package":{"name":"kernel-userspace-headers","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kernel-userspace-headers?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.9.40-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0234.json"}},{"package":{"name":"kmod-vboxadditions","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kmod-vboxadditions?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.1.22-24.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0234.json"}},{"package":{"name":"kmod-virtualbox","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kmod-virtualbox?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.1.22-24.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0234.json"}},{"package":{"name":"kmod-xtables-addons","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kmod-xtables-addons?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.12-40.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2017-0234.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}