{"id":"MGASA-2014-0207","summary":"Updated kernel-linus packages fixes multiple bugs and vulnerabilities","details":"Updated kernel-linus provides upstream 3.12.18 kernel and fixes the following\nsecurity issues:\n\nBuffer overflow in the complete_emulated_mmio function in arch/x86/kvm/\nx86.c in the Linux kernel before 3.13.6 allows guest OS users to execute\narbitrary code on the host OS by leveraging a loop that triggers an\ninvalid memory copy affecting certain cancel_work_item data. \n(CVE-2014-0049)\n\nThe get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsystem\nin the Linux kernel package before 2.6.32-431.11.2 on Red Hat Enterprise\nLinux (RHEL) 6 does not properly handle vhost_get_vq_desc errors, which\nallows guest OS users to cause a denial of service (host OS crash) via\nunspecified vectors. (CVE-2014-0055)\n\nThe cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through\n3.13.5 does not properly handle uncached write operations that copy fewer\nthan the requested number of bytes, which allows local users to obtain\nsensitive information from kernel memory, cause a denial of service\n(memory corruption and system crash), or possibly gain privileges via a\nwritev system call with a crafted pointer. (CVE-2014-0069)\n\ndrivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable\nbuffers are disabled, does not properly validate packet lengths, which\nallows guest OS users to cause a denial of service (memory corruption and\nhost OS crash) or possibly gain privileges on the host OS via crafted\npackets, related to the handle_rx and get_rx_bufs functions. \n(CVE-2014-0077)\n\nOter fixes in this update:\n- switch hugepages back to madvise to fix performance regression (mga#12994)\n- enable Intel P-state driver (mga#13080)\n- fix r8169 suspend/resume issue (mga#13255)\n\nFor upstream merged fixes, read the referenced changelogs:\n","modified":"2026-04-16T06:25:06.201939827Z","published":"2014-05-08T21:51:33Z","upstream":["CVE-2014-0049","CVE-2014-0055","CVE-2014-0069","CVE-2014-0077"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0207.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=12994"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=13080"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=13255"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.18"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.17"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.16"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.15"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.14"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=13265"}],"affected":[{"package":{"name":"kernel-linus","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kernel-linus?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.12.18-1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0207.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}