Lucene search

K
mageiaGentoo FoundationMGASA-2017-0234
HistoryJul 30, 2017 - 9:27 p.m.

Updated kernel packages fixes security and other bugs

2017-07-3021:27:15
Gentoo Foundation
advisories.mageia.org
28

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.007

Percentile

79.7%

This kernel update is based on upstream 4.9.40 and fixes at least the following security issues: Linux kernel built with the VirtIO GPU driver(CONFIG_DRM_VIRTIO_GPU) support is vulnerable to a memory leakage issue. It could occur while creating a virtio gpu object in virtio_gpu_object_create(). A user/process could use this flaw to leak host kernel memory potentially resulting in Dos (CVE-2017-10810). It also contains followup fixes to the Stack Clash (CVE-2017-1000370, CVE-2017-1000371) security issues resolved in kernels released at end of June, 2017. Other Mageia kernel specific fixes in this updates: - enable support for NFS4_1 and NFS4_2 (mga#21182) - ALSA: hda/realtek - New codecs support for ALC215/ALC285/ALC289 - ALSA: hda/realtek - New codec device ID for ALC1220 - platform/x86: asus-nb-wmi: Add wapf4 quirk for the X302UA (mga#18756) For other upstream fixes in this update, read the referenced changelogs.

CVSS2

7.8

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.007

Percentile

79.7%