{"id":"MGASA-2021-0191","summary":"Updated kernel-linus packages fix security vulnerabilities","details":"This kernel-linus update is based on upstream 5.10.30 and fixes at least\nthe following security issues:\n\nnfc: fix refcount leak in llcp_sock_bind() (CVE-2020-25670)\n\nnfc: fix refcount leak in llcp_sock_connect() (CVE-2020-25671)\n\nnfc: fix memory leak in llcp_sock_connect() (CVE-2020-25672)\n\nfirewire: nosy: Fix a use-after-free bug in nosy_ioctl() (CVE-2021-3483)\n\nBPF JIT compilers in the Linux kernel through 5.11.12 have incorrect\ncomputation of branch displacements, allowing them to execute arbitrary \ncode within the kernel context (CVE-2021-29154).\n\nKVM: SVM: load control fields from VMCB12 before checking them\n(CVE-2021-29657).\n\nFor other upstream fixes, see the referenced changelogs.\n","modified":"2026-01-31T01:57:19.210315Z","published":"2021-04-18T14:50:05Z","related":["CVE-2020-25670","CVE-2020-25671","CVE-2020-25672","CVE-2021-29154","CVE-2021-29657","CVE-2021-3483"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2021-0191.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=28781"},{"type":"REPORT","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.28"},{"type":"REPORT","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.29"},{"type":"REPORT","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.30"}],"affected":[{"package":{"name":"kernel-linus","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/kernel-linus?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.10.30-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0191.json"}},{"package":{"name":"kernel-linus","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/kernel-linus?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.10.30-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0191.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}