{"id":"MGASA-2019-0170","summary":"Updated kernel packages fixes security vulnerabilities","details":"This kernel update is based on the upstream 4.14.116 and fixes at least\nthe following security issues:\n\nA flaw was found in the Linux kernel's vfio interface implementation that\npermits violation of the user's locked memory limit. If a device is bound\nto a vfio driver, such as vfio-pci, and the local attacker is\nadministratively granted ownership of the device, it may cause a system\nmemory exhaustion and thus a denial of service (DoS) (CVE-2019-3882).\n\nkernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable\nout-of-bounds speculation on pointer arithmetic in various cases, including\ncases of different branches with different state or limits to sanitize,\nleading to side-channel attacks (CVE-2019-7308).\n\nThe Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the\nLinux kernel before 5.0.8 has multiple race conditions (CVE-2019-11486).\n\nThe coredump implementation in the Linux kernel before 5.0.10 does not use\nlocking or other mechanisms to prevent vma layout or vma flags changes while\nit runs, which allows local users to obtain sensitive information, cause a\ndenial of service, or possibly have unspecified other impact by triggering\na race condition with mmget_not_zero or get_task_mm calls (CVE-2019-11599).\n\nWireGuard has been updated to 0.0.20190406.\n\nFor other uptstream fixes in this update, see the referenced changelogs.\n","modified":"2026-04-16T01:47:36.348751743Z","published":"2019-05-12T20:58:05Z","upstream":["CVE-2019-11486","CVE-2019-11599","CVE-2019-3882","CVE-2019-7308"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2019-0170.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=24773"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.107"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.108"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.109"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.110"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.111"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.112"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.113"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.114"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.115"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.116"}],"affected":[{"package":{"name":"kernel","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kernel?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.14.116-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0170.json"}},{"package":{"name":"kernel-userspace-headers","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kernel-userspace-headers?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.14.116-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0170.json"}},{"package":{"name":"kmod-vboxadditions","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kmod-vboxadditions?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.0.6-2.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0170.json"}},{"package":{"name":"kmod-virtualbox","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kmod-virtualbox?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.0.6-2.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0170.json"}},{"package":{"name":"kmod-xtables-addons","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kmod-xtables-addons?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.13-84.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0170.json"}},{"package":{"name":"wireguard-tools","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/wireguard-tools?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.0.20190406-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0170.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}