MGASA-2014-0392
Vulnerability Summary
Timeline
Description
Updated kernel & related packages provide 3.10 longterm support branch This kernel update provides an update based on upstream 3.10.54 from the 3.10 -longterm branch. It also fixes the following security issue: The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.16.1 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to (1) cause a denial of service (host OS memory corruption) or possibly have unspecified other impact by triggering a large gfn value or (2) cause a denial of service (host OS memory consumption) by triggering a small gfn value that leads to permanently pinned pages. (CVE-2014-3601) For other changes, see the referenced changelogs.
Affected Systems
- mageia•kernel
< 3.10.54-2.mga3
- mageia•kernel-userspace-headers
< 3.10.54-2.mga3
- mageia•kmod-broadcom-wl
< 6.30.223.141-22.mga3.nonfree
- mageia•kmod-fglrx
< 13.251-12.mga3.nonfree
- mageia•kmod-nvidia-current
< 319.60-22.mga3.nonfree
- mageia•kmod-nvidia173
< 173.14.38-36.mga3.nonfree
- mageia•kmod-nvidia304
< 304.108-22.mga3.nonfree
- mageia•kmod-xtables-addons
< 2.3-22.mga3
References (6)
- https://advisories.mageia.org/MGASA-2014-0392.html
- https://bugs.mageia.org/show_bug.cgi?id=14094
- https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.51
- https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.52
- https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.53
- https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.54