[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-MGASA-2019-0287":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":24,"duplicates":25,"related":26,"reserved_at":9,"published_at":32,"modified_at":33,"state":9,"summary":34,"references_raw":36,"kevs":81,"epss":9,"epss_history":82,"metrics":83,"affected":84},"MGASA-2019-0287","Updated kernel packages fix security vulnerabilities\n\nThis kernel update is based on the upstream 4.14.145 and fixes at least\nthe following security issues:\n\nThere is heap-based buffer overflow in the marvell wifi chip driver that\nallows local users to cause a denial of service(system crash) or possibly\nexecute arbitrary code (CVE-2019-14814, CVE-2019-14815, CVE-2019-14816).\n\nAn out-of-bounds access issue was found in the way Linux kernel's KVM\nhypervisor implements the Coalesced MMIO write operation. It operates on\nan MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write\nindices 'ring->first' and 'ring->last' value could be supplied by a host\nuser-space process. An unprivileged host user or process with access to\n'/dev/kvm' device could use this flaw to crash the host kernel, resulting\nin a denial of service or potentially escalating privileges on the system\n(CVE-2019-14821).\n\nA buffer overflow flaw was found in the way Linux kernel's vhost\nfunctionality that translates virtqueue buffers to IOVs, logged the buffer\ndescriptors during migration. A privileged guest user able to pass\ndescriptors with invalid length to the host when migration is underway,\ncould use this flaw to increase their privileges on the host\n(CVE-2019-14835).\n\nWireGuard has been updated to 0.0.20190913.\n\nFor other uptstream fixes in this update, see the referenced changelogs.\n",null,[],[],[],[14,16,18,20,22],{"_key":15},"CVE-2019-14814",{"_key":17},"CVE-2019-14815",{"_key":19},"CVE-2019-14816",{"_key":21},"CVE-2019-14821",{"_key":23},"CVE-2019-14835",[],[],[27,28,29,30,31],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},"2019-09-21T16:04:55Z","2026-04-16T04:26:18.106331Z",{"cisa_kev":35,"cisa_ransomware":35,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[37,43,48,53,57,61,65,69,73,77],{"url":38,"sources":39,"tags":41},"https://advisories.mageia.org/MGASA-2019-0287.html",[40],"osv_mageia",[42],"Advisory",{"url":44,"sources":45,"tags":46},"https://bugs.mageia.org/show_bug.cgi?id=25453",[40],[47],"REPORT",{"url":49,"sources":50,"tags":51},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.138",[40],[47,52],"WEB",{"url":54,"sources":55,"tags":56},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.139",[40],[47,52],{"url":58,"sources":59,"tags":60},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.140",[40],[47,52],{"url":62,"sources":63,"tags":64},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.141",[40],[47,52],{"url":66,"sources":67,"tags":68},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.142",[40],[47,52],{"url":70,"sources":71,"tags":72},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.143",[40],[47,52],{"url":74,"sources":75,"tags":76},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.144",[40],[47,52],{"url":78,"sources":79,"tags":80},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.145",[40],[47,52],[],[],[],[85,97,101,107,111,117],{"ecosystem":86,"name":87,"vendor":88,"product":87,"cpe_part":9,"purl_type":89,"purl_namespace":88,"purl_name":87,"source":9,"versions":90},"Mageia","kernel","mageia","rpm",[91],{"version":92,"is_range":93,"range_type":94,"version_start":9,"version_start_type":9,"version_end":95,"version_end_type":96,"fixed_in":9},"lt4_14_145_2_mga6",true,"ecosystem","4.14.145-2.mga6","excluding",{"ecosystem":86,"name":98,"vendor":88,"product":98,"cpe_part":9,"purl_type":89,"purl_namespace":88,"purl_name":98,"source":9,"versions":99},"kernel-userspace-headers",[100],{"version":92,"is_range":93,"range_type":94,"version_start":9,"version_start_type":9,"version_end":95,"version_end_type":96,"fixed_in":9},{"ecosystem":86,"name":102,"vendor":88,"product":102,"cpe_part":9,"purl_type":89,"purl_namespace":88,"purl_name":102,"source":9,"versions":103},"kmod-vboxadditions",[104],{"version":105,"is_range":93,"range_type":94,"version_start":9,"version_start_type":9,"version_end":106,"version_end_type":96,"fixed_in":9},"lt6_0_10_4_mga6","6.0.10-4.mga6",{"ecosystem":86,"name":108,"vendor":88,"product":108,"cpe_part":9,"purl_type":89,"purl_namespace":88,"purl_name":108,"source":9,"versions":109},"kmod-virtualbox",[110],{"version":105,"is_range":93,"range_type":94,"version_start":9,"version_start_type":9,"version_end":106,"version_end_type":96,"fixed_in":9},{"ecosystem":86,"name":112,"vendor":88,"product":112,"cpe_part":9,"purl_type":89,"purl_namespace":88,"purl_name":112,"source":9,"versions":113},"kmod-xtables-addons",[114],{"version":115,"is_range":93,"range_type":94,"version_start":9,"version_start_type":9,"version_end":116,"version_end_type":96,"fixed_in":9},"lt2_13_92_mga6","2.13-92.mga6",{"ecosystem":86,"name":118,"vendor":88,"product":118,"cpe_part":9,"purl_type":89,"purl_namespace":88,"purl_name":118,"source":9,"versions":119},"wireguard-tools",[120],{"version":121,"is_range":93,"range_type":94,"version_start":9,"version_start_type":9,"version_end":122,"version_end_type":96,"fixed_in":9},"lt0_0_20190913_1_mga6","0.0.20190913-1.mga6"]