{"id":"MGASA-2015-0006","summary":"Updated kernel packages fix security vulnerabilities","details":"This kernel update is based on upstream -longterm 3.14.27 and fixes the \nfollowing security issues:\n\narch/x86/kernel/tls.c in the Thread Local Storage (TLS) implementation in\nthe Linux kernel through 3.18.1 allows local users to bypass the espfix\nprotection mechanism, and consequently makes it easier for local users to\nbypass the ASLR protection mechanism, via a crafted application that makes\na set_thread_area system call and later reads a 16-bit value (CVE-2014-8133).\n\nThe paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel\nthrough 3.18 uses an improper paravirt_enabled setting for KVM guest kernels,\nwhich makes it easier for guest OS users to bypass the ASLR protection\nmechanism via a crafted application that reads a 16-bit value (CVE-2014-8134).\n\nThe do_double_fault function in arch/x86/kernel/traps.c in the Linux kernel\nthrough 3.17.4 does not properly handle faults associated with the Stack\nSegment (SS) segment register, which allows local users to cause a denial\nof service (panic) via a modify_ldt system call, as demonstrated by\nsigreturn_32 in the linux-clock-tests test suite (CVE-2014-9090).\n\narch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not\nproperly handle faults associated with the Stack Segment (SS) segment\nregister, which allows local users to gain privileges by triggering an\nIRET instruction that leads to access to a GS Base address from the wrong\nspace (CVE-2014-9322).\n\nOn x86_64 Linux kernels a malicious user program can do a partial ASLR\nbypass through TLS base addresses leak when attacking other programs\n(CVE-2014-9419)\n\nLinux kernel built with the iso9660 file system (CONFIG_ISO9660_FS) support\nis vulnerable to an infinite recursion loop flaw, which could lead to a\ncrash or render a system unresponsive/unusable after a while. This occurs\nwhile mounting an iso9660 image. An unprivileged user/process could use\nthis flaw to crash the system resulting in DoS (CVE-2014-9420).\n\nFor other fixes in this update, see the referenced changelogs.\n","modified":"2026-02-04T03:53:03.311737Z","published":"2015-01-07T15:14:58Z","related":["CVE-2014-8133","CVE-2014-8134","CVE-2014-9090","CVE-2014-9322","CVE-2014-9419","CVE-2014-9420"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2015-0006.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=14884"},{"type":"REPORT","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.25"},{"type":"REPORT","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.26"},{"type":"REPORT","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.27"}],"affected":[{"package":{"name":"kernel","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kernel?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.14.27-1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0006.json"}},{"package":{"name":"kernel-userspace-headers","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kernel-userspace-headers?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.14.27-1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0006.json"}},{"package":{"name":"kmod-vboxadditions","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-vboxadditions?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.3.20-3.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0006.json"}},{"package":{"name":"kmod-virtualbox","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-virtualbox?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.3.20-3.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0006.json"}},{"package":{"name":"kmod-xtables-addons","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-xtables-addons?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.5-9.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0006.json"}},{"package":{"name":"kmod-broadcom-wl","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-broadcom-wl?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.30.223.141-44.mga4.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0006.json"}},{"package":{"name":"kmod-fglrx","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-fglrx?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"14.010.1006-14.mga4.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0006.json"}},{"package":{"name":"kmod-nvidia173","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-nvidia173?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"173.14.39-29.mga4.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2015-0006.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}