4.7 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
0.975 High
EPSS
Percentile
100.0%
This kernel update is based on the upstream 4.14.25 and and updates the KPTI mitigation for Meltdown (CVE-2017-5754) on 32bit x86. It also adds ome optimizations and improvements to mitigate some of the slowdons caused by the Meltdown (CVE-2017-5754) and Spectre, variant 2 (CVE-2017-5715). Other security fixes in this update: The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c (CVE-2018-1065). Other changes in this update: WireGuard has been updated to 0.0.20180304. A fix in the scsi subsystem that prevents the kernel to hang or oops, triggered at least when trying to mount some raid6 setups (mga#22704). input/goodix: add support for GDIX1002 (mga#22703) For other upstream fixes in this update, read the referenced changelogs.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 6 | noarch | kernel | < 4.14.25-1 | kernel-4.14.25-1.mga6 |
Mageia | 6 | noarch | kernel-userspace-headers | < 4.14.25-1 | kernel-userspace-headers-4.14.25-1.mga6 |
Mageia | 6 | noarch | kmod-vboxadditions | < 5.2.8-5 | kmod-vboxadditions-5.2.8-5.mga6 |
Mageia | 6 | noarch | kmod-virtualbox | < 5.2.8-5 | kmod-virtualbox-5.2.8-5.mga6 |
Mageia | 6 | noarch | kmod-xtables-addons | < 2.13-25 | kmod-xtables-addons-2.13-25.mga6 |
Mageia | 6 | noarch | wireguard-tools | < 0.0.20180304-1 | wireguard-tools-0.0.20180304-1.mga6 |
bugs.mageia.org/show_bug.cgi?id=22703
bugs.mageia.org/show_bug.cgi?id=22704
bugs.mageia.org/show_bug.cgi?id=22731
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.21
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.22
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.23
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.24
cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.25
4.7 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:N/A:C
5.6 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
0.975 High
EPSS
Percentile
100.0%