{"id":"MGASA-2019-0288","summary":"Updated kernel packages fix security vulnerabilities","details":"This kernel update is based on the upstream 5.2.16 and fixes at least\nthe following security issues:\n\nThere is heap-based buffer overflow in the marvell wifi chip driver that\nallows local users to cause a denial of service(system crash) or possibly\nexecute arbitrary code (CVE-2019-14814, CVE-2019-14815, CVE-2019-14816).\n\nAn out-of-bounds access issue was found in the way Linux kernel's KVM\nhypervisor implements the Coalesced MMIO write operation. It operates on\nan MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write\nindices 'ring-\u003efirst' and 'ring-\u003elast' value could be supplied by a host\nuser-space process. An unprivileged host user or process with access to\n'/dev/kvm' device could use this flaw to crash the host kernel, resulting\nin a denial of service or potentially escalating privileges on the system\n(CVE-2019-14821).\n\nA buffer overflow flaw was found in the way Linux kernel's vhost\nfunctionality that translates virtqueue buffers to IOVs, logged the buffer\ndescriptors during migration. A privileged guest user able to pass\ndescriptors with invalid length to the host when migration is underway,\ncould use this flaw to increase their privileges on the host\n(CVE-2019-14835).\n\nIn the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c\nallows attackers to obtain sensitive information from kernel stack memory\nbecause tos and flags fields are not initialized (CVE-2019-16714)\n\nWireGuard has been updated to 0.0.20190913.\n\nFor other uptstream fixes in this update, see the referenced changelogs.\n","modified":"2026-01-30T14:51:00.019226Z","published":"2019-09-21T16:04:55Z","related":["CVE-2019-14814","CVE-2019-14815","CVE-2019-14816","CVE-2019-14821","CVE-2019-14835","CVE-2019-16714"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2019-0288.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=25454"},{"type":"REPORT","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-5.2.14"},{"type":"REPORT","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-5.2.15"},{"type":"REPORT","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-5.2.16"}],"affected":[{"package":{"name":"kernel","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/kernel?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.2.16-2.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0288.json"}},{"package":{"name":"kernel-userspace-headers","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/kernel-userspace-headers?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.2.16-2.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0288.json"}},{"package":{"name":"kmod-virtualbox","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/kmod-virtualbox?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.0.10-10.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0288.json"}},{"package":{"name":"kmod-xtables-addons","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/kmod-xtables-addons?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.3-66.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0288.json"}},{"package":{"name":"wireguard-tools","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/wireguard-tools?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.0.20190913-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2019-0288.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}