[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-MGASA-2018-0249":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T02:53:27.892Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":30,"duplicates":31,"related":32,"reserved_at":9,"published_at":41,"modified_at":42,"state":9,"summary":43,"references_raw":45,"kevs":98,"epss":9,"epss_history":99,"metrics":100,"affected":101},"MGASA-2018-0249","Updated kernel packages fix security vulnerabilities\n\nThis kernel update is based on the upstream 4.14.40 and fixes at least\nthe following security issues:\n\nOn x86, MOV SS and POP SS behave strangely if they encounter a data\nbreakpoint. If this occurs in a KVM guest, KVM incorrectly thinks that\na #DB instruction was caused by the undocumented ICEBP instruction. This\nresults in #DB being delivered to the guest kernel with an incorrect RIP\non the stack. On most guest kernels, this will allow a guest user to DoS\nthe guest kernel or even to escalate privilege to that of the guest kernel\n(CVE-2018-1087).\n\nThe ext4_iget function in fs/ext4/inode.c in the Linux kernel through\n4.15.15 mishandles the case of a root directory with a zero i_links_count,\nwhich allows attackers to cause a denial of service (ext4_process_freed_data\nNULL pointer dereference and OOPS) via a crafted ext4 image (CVE-2018-1092).\n\nThe ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel\nthrough 4.15.15 allows attackers to cause a denial of service (out-of-bounds\nread and system crash) via a crafted ext4 image because balloc.c and ialloc.c\ndo not validate bitmap block numbers (CVE-2018-1093).\n\nThe ext4_fill_super function in fs/ext4/super.c in the Linux kernel through\n4.15.15 does not always initialize the crc32c checksum driver, which allows\nattackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer\ndereference and system crash) via a crafted ext4 image (CVE-2018-1094).\n\nThe ext4_xattr_check_entries function in fs/ext4/xattr.c in the Linux kernel\nthrough 4.15.15 does not properly validate xattr sizes, which causes\nmisinterpretation of a size as an error code, and consequently allows\nattackers to cause a denial of service (get_acl NULL pointer dereference and\nsystem crash) via a crafted ext4 image (CVE-2018-1095).\n\nPredictable Random Number Generator Weakness (CVE-2018-1108).\n\nA null pointer dereference in dccp_write_xmit() function in\nnet/dccp/output.c in the Linux kernel before v4.16-rc7 allows a local\nuser to cause a denial of service by a number of certain crafted\nsystem calls (CVE-2018-1130).\n\nThe Linux kernel does not properly handle debug exceptions delivered after a\nstack switch operation via mov SS or pop SS instructions. During the stack\nswitch operation, the exceptions are deferred. As a result, a local user can\ncause the kernel to crash (CVE-2018-8897).\n\nWireGuard has been updated to 0.0.20180420.\n\nFor other fixes in this update, see the referenced changelogs.\n",null,[],[],[],[14,16,18,20,22,24,26,28],{"_key":15},"CVE-2018-1087",{"_key":17},"CVE-2018-1092",{"_key":19},"CVE-2018-1093",{"_key":21},"CVE-2018-1094",{"_key":23},"CVE-2018-1095",{"_key":25},"CVE-2018-1108",{"_key":27},"CVE-2018-1130",{"_key":29},"CVE-2018-8897",[],[],[33,34,35,36,37,38,39,40],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},"2018-05-18T15:27:18Z","2026-04-16T06:23:34.236628152Z",{"cisa_kev":44,"cisa_ransomware":44,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[46,52,57,62,66,70,74,78,82,86,90,94],{"url":47,"sources":48,"tags":50},"https://advisories.mageia.org/MGASA-2018-0249.html",[49],"osv_mageia",[51],"Advisory",{"url":53,"sources":54,"tags":55},"https://bugs.mageia.org/show_bug.cgi?id=22909",[49],[56],"REPORT",{"url":58,"sources":59,"tags":60},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.31",[49],[56,61],"WEB",{"url":63,"sources":64,"tags":65},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.32",[49],[56,61],{"url":67,"sources":68,"tags":69},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.33",[49],[56,61],{"url":71,"sources":72,"tags":73},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.34",[49],[56,61],{"url":75,"sources":76,"tags":77},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.35",[49],[56,61],{"url":79,"sources":80,"tags":81},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.36",[49],[56,61],{"url":83,"sources":84,"tags":85},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.37",[49],[56,61],{"url":87,"sources":88,"tags":89},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.38",[49],[56,61],{"url":91,"sources":92,"tags":93},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.39",[49],[56,61],{"url":95,"sources":96,"tags":97},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.40",[49],[56,61],[],[],[],[102,114,118,124,128,134],{"ecosystem":103,"name":104,"vendor":105,"product":104,"cpe_part":9,"purl_type":106,"purl_namespace":105,"purl_name":104,"source":9,"versions":107},"Mageia","kernel","mageia","rpm",[108],{"version":109,"is_range":110,"range_type":111,"version_start":9,"version_start_type":9,"version_end":112,"version_end_type":113,"fixed_in":9},"lt4_14_40_1_mga6",true,"ecosystem","4.14.40-1.mga6","excluding",{"ecosystem":103,"name":115,"vendor":105,"product":115,"cpe_part":9,"purl_type":106,"purl_namespace":105,"purl_name":115,"source":9,"versions":116},"kernel-userspace-headers",[117],{"version":109,"is_range":110,"range_type":111,"version_start":9,"version_start_type":9,"version_end":112,"version_end_type":113,"fixed_in":9},{"ecosystem":103,"name":119,"vendor":105,"product":119,"cpe_part":9,"purl_type":106,"purl_namespace":105,"purl_name":119,"source":9,"versions":120},"kmod-vboxadditions",[121],{"version":122,"is_range":110,"range_type":111,"version_start":9,"version_start_type":9,"version_end":123,"version_end_type":113,"fixed_in":9},"lt5_2_8_14_mga6","5.2.8-14.mga6",{"ecosystem":103,"name":125,"vendor":105,"product":125,"cpe_part":9,"purl_type":106,"purl_namespace":105,"purl_name":125,"source":9,"versions":126},"kmod-virtualbox",[127],{"version":122,"is_range":110,"range_type":111,"version_start":9,"version_start_type":9,"version_end":123,"version_end_type":113,"fixed_in":9},{"ecosystem":103,"name":129,"vendor":105,"product":129,"cpe_part":9,"purl_type":106,"purl_namespace":105,"purl_name":129,"source":9,"versions":130},"kmod-xtables-addons",[131],{"version":132,"is_range":110,"range_type":111,"version_start":9,"version_start_type":9,"version_end":133,"version_end_type":113,"fixed_in":9},"lt2_13_34_mga6","2.13-34.mga6",{"ecosystem":103,"name":135,"vendor":105,"product":135,"cpe_part":9,"purl_type":106,"purl_namespace":105,"purl_name":135,"source":9,"versions":136},"wireguard-tools",[137],{"version":138,"is_range":110,"range_type":111,"version_start":9,"version_start_type":9,"version_end":139,"version_end_type":113,"fixed_in":9},"lt0_0_20180420_1_mga6","0.0.20180420-1.mga6"]