{"id":"MGASA-2021-0538","summary":"Updated kernel packages fix security vulnerabilities","details":"This kernel update is based on upstream 5.15.6 and fixes at least the\nfollowing security issues:\n\nA vulnerability was found in Linux kernel, where a use-after-frees in\nnouveau's postclose() handler could happen if removing device (that is\nnot common to remove video card physically without power-off, but same\nhappens if \"unbind\" the driver) (CVE-2020-27820).\n\nA race condition when the eBPF map is frozen (CVE-2021-4001).\n\nA memory leak flaw in the Linux kernel's hugetlbfs memory usage was found\nin the way the user maps some regions of memory twice using shmget() which\nare aligned to PUD alignment with the fault of some of the memory pages.\nA local user could use this flaw to get unauthorized access to some data\n(CVE-2021-4002).\n\nIn addition to the upstream changes, we also have added the following fixes:\n- ata: ahci: Add Green Sardine vendor ID as board_ahci_mobile\n- cpufreq: intel_pstate: ITMT support for overclocked system\n- Revert \"drm/i915: Implement Wa_1508744258\"\n- drm/i915/adl-n: Enable Alder Lake N platform\n- hwmon: (asus_wmi_sensors) Support X370 Asus WMI\n- hwmon: (asus_wmi_ec_sensors) Support B550 Asus WMI\n- hwmon: (k10temp) Support up to 12 CCDs on AMD Family of processors\n- hwmon: (nct6775) Use superio_*() function pointers in sio_data\n- hwmon: (nct6775) Use nct6775_*() function pointers in nct6775_data\n- hwmon: (nct6775) Support access via Asus WMI\n- hwmon: (nct6775) Add additional ASUS motherboards\n- hwmon: (nct6775) add Pro WS X570-ACE\n- hwmon: (nct6775) add ProArt X570-CREATOR WIFI\n- mmc: sdhci-pci: Add PCI ID for Intel ADL\n- pinctrl: amd: Fix wakeups when IRQ is shared with SC\n- rt2x00: do not mark device gone on EPROTO errors during start\n- xhci: Fix commad ring abort, write all 64 bits to CRCR register\n\nFor other upstream fixes, see the referenced changelogs.\n","modified":"2026-04-16T00:10:59.391841013Z","published":"2021-12-05T19:06:44Z","upstream":["CVE-2020-27820","CVE-2021-4001","CVE-2021-4002"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2021-0538.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=29715"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.5"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.6"}],"affected":[{"package":{"name":"kernel","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/kernel?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.15.6-2.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0538.json"}},{"package":{"name":"kmod-virtualbox","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/kmod-virtualbox?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.1.30-1.2.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0538.json"}},{"package":{"name":"kmod-xtables-addons","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/kmod-xtables-addons?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.18-1.34.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0538.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}