{"id":"MGASA-2020-0333","summary":"Updated kernel packages fix security vulnerability","details":"This provides an update to kernel 5.7 series, currently based on upstream\n5.7.14 adding support for new hardware and features, and fixes at least the\nfollowing security issues:\n\nAn issue was discovered in the Linux kernel through 5.3.9. There is a\nuse-after-free when aa_label_parse() fails in aa_audit_rule_init() in\nsecurity/apparmor/audit.c (CVE-2019-18814).\n\nrelay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local\nusers to cause a denial of service (such as relay blockage) by triggering a\nNULL alloc_percpu result (CVE-2019-19462).\n\nIncomplete cleanup from specific special register read operations in some\nIntel(R) Processors may allow an authenticated user to potentially enable\ninformation disclosure via local access (CVE-2020-0543).\n\nA flaw was found in the Linux kernel's implementation of Userspace core dumps.\nThis flaw allows an attacker with a local account to crash a trivial program\nand exfiltrate private kernel data (CVE-2020-10732).\n\nA flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way\nmremap handled DAX Huge Pages. This flaw allows a local attacker with access\nto a DAX enabled storage to escalate their privileges on the system\n(CVE-2020-10757).\n\nA logic bug flaw was found in the Linux kernel’s implementation of SSBD. A\nbug in the logic handling allows an attacker with a local account to disable\nSSBD protection during a context switch when additional speculative execution\nmitigations are in place. This issue was introduced when the per task/process\nconditional STIPB switching was added on top of the existing SSBD switching.\nThe highest threat from this vulnerability is to confidentiality\n(CVE-2020-10766).\n\nA flaw was found in the Linux kernel’s implementation of the Enhanced IBPB\n(Indirect Branch Prediction Barrier). The IBPB mitigation will be disabled\nwhen STIBP is not available or when the Enhanced Indirect Branch Restricted\nSpeculation (IBRS) is available. This flaw allows a local attacker to perform\na Spectre V2 style attack when this configuration is active. The highest\nthreat from this vulnerability is to confidentiality (CVE-2020-10767).\n\nA flaw was found in the prctl() function, where it can be used to enable\nindirect branch speculation after it has been disabled. This call incorrectly\nreports it as being 'force disabled' when it is not and opens the system to\nSpectre v2 attacks. The highest threat from this vulnerability is to\nconfidentiality (CVE-2020-10768).\n\nA flaw was found in the ZRAM kernel module, where a user with a local account\nand the ability to read the /sys/class/zram-control/hot_add file can create\nZRAM device nodes in the /dev/ directory. This read allocates kernel memory\nand is not accounted for a user that triggers the creation of that ZRAM\ndevice. With this vulnerability, continually reading the device may consume a\nlarge amount of system memory and cause the Out-of-Memory (OOM) killer to\nactivate and terminate random userspace processes, possibly making the system\ninoperable (CVE-2020-10781).\n\nIn the Linux kernel through 5.7.6, usbtest_disconnect in\ndrivers/usb/misc/usbtest.c has a memory leak (CVE-2020-15393).\n\nAn issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel\nbefore 5.7.7. Injection of malicious ACPI tables via configfs could be used by\nattackers to bypass lockdown and secure boot restrictions (CVE-2020-15780).\n\nAn issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen\nthrough 4.13.x for x86 PV guests. An attacker may be granted the I/O port\npermissions of an unrelated task. This occurs because tss_invalidate_io_bitmap\nmishandling causes a loss of synchronization between the I/O bitmaps of TSS\nand Xen (CVE-2020-15852).\n\nFor other upstream fixes and changes in this update, see the referenced\nchangelogs.\n\nAlso, the xtables-addons package has been updated to version 3.10.\n","modified":"2026-04-16T00:11:35.246887697Z","published":"2020-08-18T18:47:25Z","upstream":["CVE-2019-18814","CVE-2019-19462","CVE-2020-0543","CVE-2020-10732","CVE-2020-10757","CVE-2020-10766","CVE-2020-10767","CVE-2020-10768","CVE-2020-10781","CVE-2020-15393","CVE-2020-15780","CVE-2020-15852"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2020-0333.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=27006"},{"type":"WEB","url":"https://kernelnewbies.org/Linux_5.7"},{"type":"ADVISORY","url":"https://www.linuxkernelcves.com/cves/CVE-2019-18814"},{"type":"ADVISORY","url":"https://www.linuxkernelcves.com/cves/CVE-2019-19462"},{"type":"ADVISORY","url":"https://www.linuxkernelcves.com/cves/CVE-2020-0543"},{"type":"ADVISORY","url":"https://www.linuxkernelcves.com/cves/CVE-2020-10732"},{"type":"ADVISORY","url":"https://www.linuxkernelcves.com/cves/CVE-2020-10757"},{"type":"ADVISORY","url":"https://www.linuxkernelcves.com/cves/CVE-2020-10766"},{"type":"ADVISORY","url":"https://www.linuxkernelcves.com/cves/CVE-2020-10767"},{"type":"ADVISORY","url":"https://www.linuxkernelcves.com/cves/CVE-2020-10768"},{"type":"ADVISORY","url":"https://www.linuxkernelcves.com/cves/CVE-2020-10781"},{"type":"ADVISORY","url":"https://www.linuxkernelcves.com/cves/CVE-2020-15393"},{"type":"ADVISORY","url":"https://www.linuxkernelcves.com/cves/CVE-2020-15780"},{"type":"ADVISORY","url":"https://www.linuxkernelcves.com/cves/CVE-2020-15852"},{"type":"ADVISORY","url":"https://access.redhat.com/security/cve/CVE-2020-10766"},{"type":"ADVISORY","url":"https://access.redhat.com/security/cve/CVE-2020-10767"},{"type":"ADVISORY","url":"https://access.redhat.com/security/cve/CVE-2020-10768"},{"type":"ADVISORY","url":"https://access.redhat.com/security/cve/CVE-2020-10781"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.1"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.2"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.3"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.4"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.5"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.6"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.7"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.8"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.9"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.10"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.11"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.12"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.13"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.7.14"}],"affected":[{"package":{"name":"kernel","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/kernel?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.7.14-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0333.json"}},{"package":{"name":"kmod-virtualbox","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/kmod-virtualbox?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.0.24-4.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0333.json"}},{"package":{"name":"xtables-addons","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/xtables-addons?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.10-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0333.json"}},{"package":{"name":"kmod-xtables-addons","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/kmod-xtables-addons?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.10-2.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0333.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}