{"id":"MGASA-2018-0296","summary":"Updated kernel packages fix security vulnerabilities","details":"This kernel update is based on the upstream 4.14.50 and fixes at least\nthe following security issues:\n\nIn the function sbusfb_ioctl_helper() in drivers/video/fbdev/sbuslib.c\nin the Linux kernel through 4.15, an integer signedness error allows\narbitrary information leakage for the FBIOPUTCMAP_SPARC and\nFBIOGETCMAP_SPARC commands (CVE-2018-6412).\n\nThe kvm functions that were used in the emulation of fxrstor, fxsave,\nsgdt and sidt were originally meant for task switching, and as such they\ndid not check privilege levels. This allowed guest userspace to guest\nkernel write (CVE-2018-10853).\n\nIn arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested\nvirtualization is used, local attackers could cause L1 KVM guests to\nVMEXIT, potentially allowing privilege escalations and denial of service\nattacks due to lack of checking of CPL (CVE-2018-12904).\n\nWireGuard has been updated to 0.0.20180613.\n\nFor other fixes in this update, see the referenced changelogs.\n","modified":"2026-04-16T01:47:38.957271014Z","published":"2018-06-24T22:02:29Z","upstream":["CVE-2018-10853","CVE-2018-12904","CVE-2018-6412"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2018-0296.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=23193"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.45"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.46"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.47"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.48"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.49"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.50"}],"affected":[{"package":{"name":"kernel","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kernel?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.14.50-2.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0296.json"}},{"package":{"name":"kernel-userspace-headers","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kernel-userspace-headers?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.14.50-2.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0296.json"}},{"package":{"name":"kmod-vboxadditions","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kmod-vboxadditions?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.2.12-6.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0296.json"}},{"package":{"name":"kmod-virtualbox","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kmod-virtualbox?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.2.12-6.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0296.json"}},{"package":{"name":"kmod-xtables-addons","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kmod-xtables-addons?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.13-42.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0296.json"}},{"package":{"name":"wireguard-tools","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/wireguard-tools?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.0.20180613-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0296.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}