{"id":"MGASA-2021-0367","summary":"Updated kernel-linus packages fix security vulnerabilities","details":"This kernel-linus update is based on upstream 5.10.52 and fixes at least\nthe following security issues:\n\nThere is a race condition in net/can/bcm.c that can lead to local\nprivilege escalation to root (CVE-2021-3609).\n\nA vulnerability was found in the Linux kernel. Missing size validations on\ninbound SCTP packets may allow the kernel to read uninitialized memory\n(CVE-2021-3655).\n\nfs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does\nnot properly restrict seq buffer allocations, leading to an integer\noverflow, an Out-of-bounds Write, and escalation to root by an unprivileged\nuser (CVE-2021-33909).\n\nFor other upstream fixes, see the referenced changelogs.\n","modified":"2026-04-16T04:43:31.971208216Z","published":"2021-07-22T07:08:00Z","upstream":["CVE-2021-33909","CVE-2021-3609","CVE-2021-3655"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2021-0367.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=29272"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.49"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.50"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.51"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.52"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2021/06/19/1"},{"type":"WEB","url":"https://www.openwall.com/lists/oss-security/2021/07/20/1"}],"affected":[{"package":{"name":"kernel-linus","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/kernel-linus?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.10.52-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0367.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}