{"id":"MGASA-2018-0391","summary":"Updated kernel packages fix security vulnerabilities","details":"This kernel update is based on the upstream 4.14.70 and adds additional\nfixes for the L1TF security issues. It also fixes at least the following\nsecurity issues:\n\nLinux kernel from versions 3.9 and up, is vulnerable to a denial of\nservice attack with low rates of specially modified packets targeting IP\nfragment re-assembly. An attacker may cause a denial of service condition\nby sending specially crafted IP fragments (CVE-2018-5391, FragmentSmack).\n\nA security flaw was found in the ip_frag_reasm() function in\nnet/ipv4/ip_fragment.c in the Linux kernel caused by fixes for\nCVE-2018-5391, which can cause a later system crash in ip_do_fragment().\nWith certain non-default, but non-rare, configuration of a victim host,\nan attacker can trigger this crash remotely, thus leading to a remote\ndenial-of-service (CVE-2018-14641).\n\nAn issue was discovered in the Linux kernel through 4.18.8. The\nvmacache_flush_all function in mm/vmacache.c mishandles sequence number\noverflows. An attacker can trigger a use-after-free (and possibly gain\nprivileges) via certain thread creation, map, unmap, invalidation, and\ndereference operations (CVE-2018-17182).\n\nOther fixes in this update:\n* drm: fix use of freed memory in drm_mode_setcrtc\n* drm/i915: Apply the GTT write flush for all !llc machines\n* net/tls: Set count of SG entries if sk_alloc_sg returns -ENOSPC\n  (fixes a kernel crash)\n* pinctrl/amd: only handle irq if it is pending and unmasked\n  (possible real fix for the interrupt storm on Ryzen platform)\n\nFor other uptstream fixes in this update, see the referenced changelog.\n","modified":"2026-01-31T16:42:59.110086Z","published":"2018-09-22T19:23:51Z","related":["CVE-2018-14641","CVE-2018-17182","CVE-2018-5391"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2018-0391.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=23586"},{"type":"REPORT","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.70"}],"affected":[{"package":{"name":"kernel","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kernel?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.14.70-2.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0391.json"}},{"package":{"name":"kernel-userspace-headers","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kernel-userspace-headers?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.14.70-2.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0391.json"}},{"package":{"name":"kmod-vboxadditions","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kmod-vboxadditions?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.2.18-6.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0391.json"}},{"package":{"name":"kmod-virtualbox","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kmod-virtualbox?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.2.18-6.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0391.json"}},{"package":{"name":"kmod-xtables-addons","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kmod-xtables-addons?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.13-66.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0391.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}