MGASA-2014-0265

Description

Updated kernel packages fixes security vulnerabilities. Updated kernel packages fixes security vulnerabilities. The kernel has been updated to the upstream 3.12.21 longterm kernel, and fixes the following security issues: media-device: fix infoleak in ioctl media_enum_entities() (CVE-2014-1739) The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification. (CVE-2014-3153) kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number. To avoid this and other issues CONFIG_AUDITSYSCALL has been disabled. (CVE-2014-3917) Other changes: iwlwifi: mvm: disable beacon filtering ALSA: hda - Fix onboard audio on Intel H97/Z97 chipsets For other upstream changes, see the referenced changelog.

Affected Systems

• mageia•kernel

  < 3.12.21-2.mga4

• mageia•kernel-userspace-headers

  < 3.12.21-2.mga4

• mageia•kmod-broadcom-wl

  < 6.30.223.141-32.mga4.nonfree

• mageia•kmod-nvidia173

  < 173.14.39-17.mga4.nonfree

• mageia•kmod-nvidia304

  < 304.119-12.mga4.nonfree

• mageia•kmod-vboxadditions

  < 4.3.10-7.mga4

• mageia•kmod-virtualbox

  < 4.3.10-7.mga4

• mageia•kmod-xtables-addons

  < 2.3-47.mga4

References (3)

• https://advisories.mageia.org/MGASA-2014-0265.html
• https://bugs.mageia.org/show_bug.cgi?id=13449
• https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.21