[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-MGASA-2018-0064":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":64,"duplicates":65,"related":66,"reserved_at":9,"published_at":92,"modified_at":93,"state":9,"summary":94,"references_raw":96,"kevs":169,"epss":9,"epss_history":170,"metrics":171,"affected":172},"MGASA-2018-0064","kernel-linus update provides 4.14 series and fixes security vulnerabilities\n\nThis kernel-linus update provides an upgrade to the 4.14 longterm\nbranch, currently based on 4.14.10. It also fixes at least the\nfollowing security issues:\n\nAn elevation of privilege vulnerability in the Broadcom wi-fi driver\n(CVE-2017-0786).\n\nUse-after-free vulnerability in the snd_pcm_info function in the ALSA\nsubsystem in the Linux kernel allows attackers to gain privileges via\nunspecified vectors (CVE-2017-0861).\n\nLinux kernel built with the Kernel-based Virtual Machine(CONFIG_KVM)\nsupport is vulnerable to an incorrect debug exception(#DB) error. It\ncould occur while emulating a syscall instruction. A user/process\ninside guest could use this flaw to potentially escalate their\nprivileges inside guest. Linux guests are not affected.(CVE-2017-7518).\n\narch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested\nvirtualisation is used, does not properly traverse guest pagetable\nentries to resolve a guest virtual address, which allows L1 guest OS\nusers to execute arbitrary code on the host OS or cause a denial of\nservice (incorrect index during page walking, and host OS crash), aka\nan \"MMU potential stack buffer overrun\" (CVE-2017-12188).\n\nThe bio_map_user_iov and bio_unmap_user functions in block/bio.c in the\nLinux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O\nvector has small consecutive buffers belonging to the same page. The\nbio_add_pc_page function merges them into one, but the page reference\nis never dropped. This causes a memory leak and possible system lockup\n(exploitable against the host OS by a guest OS user, if a SCSI disk is\npassed through to a virtual machine) due to an out-of-memory condition\n(CVE-2017-12190).\n\nThe assoc_array_insert_into_terminal_node function in lib/assoc_array.c\nin the Linux kernel before 4.13.11 mishandles node splitting, which allows\nlocal users to cause a denial of service (NULL pointer dereference and\npanic) via a crafted application, as demonstrated by the keyring key type,\nand key addition and link creation operations (CVE-2017-12193).\n\nWi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group\nTemporal Key (GTK) during the group key handshake, allowing an attacker\nwithin radio range to replay frames from access points to clients\n(CVE-2017-13080).\n\nThe sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel\nbefore 4.14 does not check whether the intended netns is used in a\npeel-off action, which allows local users to cause a denial of\nservice (use-after-free and system crash) or possibly have unspecified\nother impact via crafted system calls (CVE-2017-15115).\n\nRace condition in the ALSA subsystem in the Linux kernel before 4.13.8\nallows local users to cause a denial of service (use-after-free) or\npossibly have unspecified other impact via crafted /dev/snd/seq ioctl\ncalls, related to sound/core/seq/seq_clientmgr.c and \nsound/core/seq/seq_ports.c (CVE-2017-15265)\n\nThe KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of\nadd_key for a key that already exists but is uninstantiated, which allows\nlocal users to cause a denial of service (NULL pointer dereference and\nsystem crash) or possibly have unspecified other impact via a crafted\nsystem call (CVE-2017-15299).\n\nThe XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux\nkernel before 4.13.11 allows local users to gain privileges or cause a\ndenial of service (use-after-free) via a crafted SO_RCVBUF setsockopt\nsystem call in conjunction with XFRM_MSG_GETPOLICY Netlink messages\n(CVE-2017-16939).\n\nThe walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel\nbefore 4.14.2 mishandles holes in hugetlb ranges, which allows local\nusers to obtain sensitive information from uninitialized kernel memory\nvia crafted use of the mincore() system call (CVE-2017-16994).\n\nThe check_alu_op function in kernel/bpf/verifier.c in the Linux kernel\nthrough 4.14.8 allows local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging\nincorrect sign extension (CVE-2017-16995).\n\nkernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local\nusers to cause a denial of service (memory corruption) or possibly have\nunspecified other impact by leveraging register truncation mishandling\n(CVE-2017-16996).\n\nkernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local\nusers to cause a denial of service (memory corruption) or possibly have\nunspecified other impact by leveraging mishandling of 32-bit ALU ops\n(CVE-2017-17852).\n\nkernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local\nusers to cause a denial of service (memory corruption) or possibly have\nunspecified other impact by leveraging incorrect BPF_RSH signed bounds\ncalculations (CVE-2017-17853).\n\nkernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local\nusers to cause a denial of service (integer overflow and memory\ncorruption) or possibly have unspecified other impact by leveraging\nunrestricted integer values for pointer arithmetic (CVE-2017-17854).\n\nkernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local\nusers to cause a denial of service (memory corruption) or possibly have\nunspecified other impact by leveraging improper use of pointers in\nplace of scalars (CVE-2017-17855).\n\nkernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local\nusers to cause a denial of service (memory corruption) or possibly\nhave unspecified other impact by leveraging the lack of stack-pointer\nalignment enforcement (CVE-2017-17856).\n\nThe check_stack_boundary function in kernel/bpf/verifier.c in the Linux\nkernel through 4.14.8 allows local users to cause a denial of service\n(memory corruption) or possibly have unspecified other impact by\nleveraging mishandling of invalid variable stack read operations\n(CVE-2017-17857).\n\nkernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores\nunreachable code, even though it would still be processed by JIT\ncompilers. This behavior, also considered an improper branch-pruning\nlogic issue, could possibly be used by local users for denial of\nservice (CVE-2017-17862).\n\nkernel/bpf/verifier.c in the Linux kernel 4.9.x through 4.9.71 does not\ncheck the relationship between pointer values and the BPF stack, which\nallows local users to cause a denial of service (integer overflow or\ninvalid memory access) or possibly have unspecified other impact\n(CVE-2017-17863).\n\nkernel/bpf/verifier.c in the Linux kernel before 4.14 mishandles\nstates_equal comparisons between the pointer data type and the\nUNKNOWN_VALUE data type, which allows local users to obtain potentially\nsensitive address information, aka a \"pointer leak\" (CVE-2017-17864).\n\nThe timer_create syscall implementation in kernel/time/posix-timers.c\nin the Linux kernel before 4.14.8 doesn't properly validate the\nsigevent->sigev_notify field, which leads to out-of-bounds access in\nthe show_timer function (called when /proc/$PID/timers is read).\nThis allows userspace applications to read arbitrary kernel memory\n(on a kernel built with CONFIG_POSIX_TIMERS and\nCONFIG_CHECKPOINT_RESTORE)(CVE-2017-18344).\n\nThe Linux Kernel 2.6.32 and later are affected by a denial of service,\nby flooding the diagnostic port 0x80 an exception can be triggered\nleading to a kernel panic (CVE-2017-1000407).\n\nFor other changes in this update, read the referenced changelogs.\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62],{"_key":15},"CVE-2017-0786",{"_key":17},"CVE-2017-0861",{"_key":19},"CVE-2017-1000407",{"_key":21},"CVE-2017-12188",{"_key":23},"CVE-2017-12190",{"_key":25},"CVE-2017-12193",{"_key":27},"CVE-2017-13080",{"_key":29},"CVE-2017-15115",{"_key":31},"CVE-2017-15265",{"_key":33},"CVE-2017-15299",{"_key":35},"CVE-2017-16939",{"_key":37},"CVE-2017-16994",{"_key":39},"CVE-2017-16995",{"_key":41},"CVE-2017-16996",{"_key":43},"CVE-2017-17852",{"_key":45},"CVE-2017-17853",{"_key":47},"CVE-2017-17854",{"_key":49},"CVE-2017-17855",{"_key":51},"CVE-2017-17856",{"_key":53},"CVE-2017-17857",{"_key":55},"CVE-2017-17862",{"_key":57},"CVE-2017-17863",{"_key":59},"CVE-2017-17864",{"_key":61},"CVE-2017-18344",{"_key":63},"CVE-2017-7518",[],[],[67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},"2018-01-06T00:53:31Z","2026-04-16T06:22:49.505651352Z",{"cisa_kev":95,"cisa_ransomware":95,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[97,103,108,113,117,121,125,129,133,137,141,145,149,153,157,161,165],{"url":98,"sources":99,"tags":101},"https://advisories.mageia.org/MGASA-2018-0064.html",[100],"osv_mageia",[102],"Advisory",{"url":104,"sources":105,"tags":106},"https://bugs.mageia.org/show_bug.cgi?id=22269",[100],[107],"REPORT",{"url":109,"sources":110,"tags":111},"https://kernelnewbies.org/Linux_4.10",[100],[107,112],"WEB",{"url":114,"sources":115,"tags":116},"https://kernelnewbies.org/Linux_4.11",[100],[107,112],{"url":118,"sources":119,"tags":120},"https://kernelnewbies.org/Linux_4.12",[100],[107,112],{"url":122,"sources":123,"tags":124},"https://kernelnewbies.org/Linux_4.13",[100],[107,112],{"url":126,"sources":127,"tags":128},"https://kernelnewbies.org/Linux_4.14",[100],[107,112],{"url":130,"sources":131,"tags":132},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.1",[100],[107,112],{"url":134,"sources":135,"tags":136},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.2",[100],[107,112],{"url":138,"sources":139,"tags":140},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.3",[100],[107,112],{"url":142,"sources":143,"tags":144},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.4",[100],[107,112],{"url":146,"sources":147,"tags":148},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.5",[100],[107,112],{"url":150,"sources":151,"tags":152},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.6",[100],[107,112],{"url":154,"sources":155,"tags":156},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.7",[100],[107,112],{"url":158,"sources":159,"tags":160},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8",[100],[107,112],{"url":162,"sources":163,"tags":164},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.9",[100],[107,112],{"url":166,"sources":167,"tags":168},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.10",[100],[107,112],[],[],[],[173],{"ecosystem":174,"name":175,"vendor":176,"product":175,"cpe_part":9,"purl_type":177,"purl_namespace":176,"purl_name":175,"source":9,"versions":178},"Mageia","kernel-linus","mageia","rpm",[179],{"version":180,"is_range":181,"range_type":182,"version_start":9,"version_start_type":9,"version_end":183,"version_end_type":184,"fixed_in":9},"lt4_14_10_1_mga6",true,"ecosystem","4.14.10-1.mga6","excluding"]