{"id":"MGASA-2021-0409","summary":"Updated kernel packages fix security vulnerabilities","details":"This kernel update is based on upstream 5.10.60 and fixes at least the\nfollowing security issues:\n\nSpecifically timed and handcrafted traffic can cause internal errors\nin a WLAN device that lead to improper layer 2 Wi-Fi encryption with a\nconsequent possibility of information disclosure over the air for a\ndiscrete set of traffic in ath9k (CVE-2020-3702).\n\nA missing validation of the \"int_ctl\" VMCB field allows a malicious L1\nguest to enable AVIC support (Advanced Virtual Interrupt Controller)\nfor the L2 guest. The L2 guest is able to write to a limited but still\nrelatively large subset of the host physical memory, resulting in a\ncrash of the entire system, leak of sensitive data or potential\nguest-to-host escape (CVE-2021-3653).\n\nA missing validation of the \"virt_ext\" VMCB field and allows a\nmalicious L1 guest to disable both VMLOAD/VMSAVE intercepts and VLS\n(Virtual VMLOAD/VMSAVE) for the L2 guest. Under these circumstances,\nthe L2 guest is able to run VMLOAD/VMSAVE unintercepted, and thus\nread/write portions of the host physical memory, resulting in a\ncrash of the entire system, leak of sensitive data or potential\nguest-to-host escape (CVE-2021-3656).\n\nIn kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is\nan integer overflow and out-of-bounds write when many elements are\nplaced in a single bucket (CVE-2021-38166).\n\ndrivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before\n5.13.3 makes it easier for attackers to defeat an ASLR protection\nmechanism because it prints a kernel pointer (CVE-2021-38205).\n\nOther fixes in this update:\n- cfi_cmdset_0002: fix crash when erasing/writing AMD cards\n\nFor other upstream fixes, see the referenced changelogs.\n","modified":"2026-04-16T04:42:13.207743166Z","published":"2021-08-23T05:28:48Z","upstream":["CVE-2020-3702","CVE-2021-3653","CVE-2021-3656","CVE-2021-38166","CVE-2021-38205"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2021-0409.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=29384"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.57"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.58"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.59"},{"type":"WEB","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.60"}],"affected":[{"package":{"name":"kernel","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/kernel?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.10.60-2.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0409.json"}},{"package":{"name":"kmod-virtualbox","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/kmod-virtualbox?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.1.26-1.2.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0409.json"}},{"package":{"name":"kmod-xtables-addons","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/kmod-xtables-addons?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.18-1.20.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2021-0409.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}