{"id":"MGASA-2020-0089","summary":"Updated kernel-linus packages fix security vulnerabilities","details":"This update provides upstream 5.4.20, adding support for new hardware\nand features, and resolves at least the following security issues:\n\nIn a Linux KVM guest that has PV TLB enabled, a process in the guest kernel\nmay be able to read memory locations from another process in the same guest.\nThis problem is limit to the host running linux kernel 4.10 with a guest\nrunning linux kernel 4.16 or later. The problem mainly affects AMD\nprocessors but Intel CPUs cannot be ruled out (CVE-2019-3016).\n\nIntel GPU Hardware prior to Gen11 does not clear EU state during a\ncontext switch. This can result in information leakage between\ncontexts (CVE-2019-14615).\n\nA heap-based buffer overflow was discovered in the Marvell WiFi chip\ndriver. The flaw could occur when the station attempts a connection\nnegotiation during the handling of the remote devices country settings.\nThis could allow the remote device to cause a denial of service (system\ncrash) or possibly execute arbitrary code (CVE-2019-14895).\n\nA heap-based buffer overflow vulnerability was found in the Linux kernel,\nin Marvell WiFi chip driver. A remote attacker could cause a denial of\nservice (system crash) or, possibly execute arbitrary code, when the\nlbs_ibss_join_existing function is called after a STA connects to an AP\n(CVE-2019-14896).\n\nA stack-based buffer overflow was found in the Linux kernel, in Marvell\nWiFi chip driver. An attacker is able to cause a denial of service\n(system crash) or, possibly execute arbitrary code, when a STA works in\nIBSS mode (allows connecting stations together without the use of an AP)\nand connects to another STA (CVE-2019-14897).\n\next4_empty_dir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows\na NULL pointer dereference because ext4_read_dirblock(inode,0,DIRENT_HTREE)\ncan be zero. (CVE-2019-19037)\n\nKVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID\n(CVE-2019-19332)\n\nfs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky\nuse-after-free, which allows local users to cause a denial of service\n(OOPS) or possibly obtain sensitive information from kernel memory, aka\nCID-d0cb50185ae9. One attack vector may be an open system call for a UNIX\ndomain socket, if the socket is being moved to a new parent directory and\nits old parent directory is being removed (CVE-2020-8428).\n","modified":"2026-04-16T04:43:52.349959342Z","published":"2020-02-18T14:05:53Z","upstream":["CVE-2019-14615","CVE-2019-14895","CVE-2019-14896","CVE-2019-14897","CVE-2019-19037","CVE-2019-19332","CVE-2019-3016","CVE-2020-8428"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2020-0089.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=26099"},{"type":"WEB","url":"https://kernelnewbies.org/Linux_5.4"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.1"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.2"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.3"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.4"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.5"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.6"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.7"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.8"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.9"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.10"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.11"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.12"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.13"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.14"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.15"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.16"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.17"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.18"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.19"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.20"}],"affected":[{"package":{"name":"kernel-linus","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/kernel-linus?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.20-1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0089.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}