{"id":"MGASA-2019-0107","summary":"Updated kernel packages fix security vulnerability","details":"This kernel update is based on the upstream 4.14.104 and fixes at least\nthe following security issue:\n\nLinux kernel version at least v4.8 onwards, probably well before\ncontains a Insufficient input validation vulnerability in bnx2x network\ncard driver that can result in DoS: Network card firmware assertion takes\ncard off-line. This attack appear to be exploitable via An attacker on a\nmust pass a very large, specially crafted packet to the bnx2x card.\nThis can be done from an untrusted guest VM (CVE-2018-1000026).\n\nIt also fixes signal handling issues causing powertop to crash and some\ntracing tools to fail on execve tests.\n\nFor other uptstream fixes in this update, see the referenced changelogs.\n","modified":"2026-04-16T01:45:39.055403501Z","published":"2019-03-13T20:41:16Z","upstream":["CVE-2018-1000026"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2019-0107.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=24440"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.101"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.102"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.103"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.104"}],"affected":[{"package":{"name":"kernel","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kernel?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.14.104-2.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0107.json"}},{"package":{"name":"kernel-userspace-headers","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kernel-userspace-headers?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.14.104-2.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0107.json"}},{"package":{"name":"kmod-vboxadditions","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kmod-vboxadditions?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.2.24-8.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0107.json"}},{"package":{"name":"kmod-virtualbox","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kmod-virtualbox?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.2.24-8.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0107.json"}},{"package":{"name":"kmod-xtables-addons","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kmod-xtables-addons?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.13-82.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0107.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}