{"id":"MGASA-2018-0127","summary":"Updated kernel-linus packages fix security vulnerabilities","details":"This kernel-linus update is based on the upstream 4.14.18 and adds some\nsupport for mitigating  Spectre, variant 1 (CVE-2017-5753) and as it is\nbuilt with the retpoline-aware gcc-5.5.0-1.mga6, it now provides full\nretpoline mitigation for Spectre, variant 2 (CVE-2017-5715).\n\nThe BPF interpreter has been used as part of the spectre 2 attack\nCVE-2017-5715. To make attacker job harder introduce BPF_JIT_ALWAYS_ON\nconfig option that removes interpreter from the kernel in favor of JIT-only\nmode. This is now enabled by default in Mageia kernels.\n\nOther security fixes in this update:\n\nLinux kernel version 3.3-rc1 and later is affected by a vulnerability lies\nin the processing of incoming L2CAP commands - ConfigRequest, and\nConfigResponse messages. This info leak is a result of uninitialized stack\nvariables that may be returned to an attacker in their uninitialized state.\nBy manipulating the code flows that precede the handling of these\nconfiguration messages, an attacker can also gain some control over which\ndata will be held in the uninitialized stack variables. This can allow him\nto bypass KASLR, and stack canaries protection - as both pointers and stack\ncanaries may be leaked in this manner (CVE-2017-1000410).\n\nA use-after-free vulnerability was found in network namespaces code\naffecting the Linux kernel before 4.14.11. The function get_net_ns_by_id()\nin net/core/net_namespace.c does not check for the net::count value after\nit has found a peer network in netns_ids idr, which could lead to double\nfree and memory corruption. This vulnerability could allow an unprivileged\nlocal user to induce kernel memory corruption on the system, leading to a\ncrash. Due to the nature of the flaw, privilege escalation cannot be fully\nruled out, although it is thought to be unlikely (CVE-2017-15129).\n\nThe KVM implementation in the Linux kernel through 4.14.7 allows attackers\nto obtain potentially sensitive information from kernel memory, aka a\nwrite_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c\nand include/trace/events/kvm.h (CVE-2017-17741).\n\nFor other fixes in this update, read the referenced changelogs.\n","modified":"2026-03-25T17:45:28.681262Z","published":"2018-02-15T21:17:42Z","related":["CVE-2017-1000410","CVE-2017-15129","CVE-2017-17741","CVE-2017-5715","CVE-2017-5753"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2018-0127.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=22544"},{"type":"REPORT","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.14"},{"type":"REPORT","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.15"},{"type":"REPORT","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.16"},{"type":"REPORT","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.17"},{"type":"REPORT","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.18"}],"affected":[{"package":{"name":"kernel-linus","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kernel-linus?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.14.18-1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0127.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}