[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-MGASA-2019-0288":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":26,"duplicates":27,"related":28,"reserved_at":9,"published_at":35,"modified_at":36,"state":9,"summary":37,"references_raw":39,"kevs":64,"epss":9,"epss_history":65,"metrics":66,"affected":67},"MGASA-2019-0288","Updated kernel packages fix security vulnerabilities\n\nThis kernel update is based on the upstream 5.2.16 and fixes at least\nthe following security issues:\n\nThere is heap-based buffer overflow in the marvell wifi chip driver that\nallows local users to cause a denial of service(system crash) or possibly\nexecute arbitrary code (CVE-2019-14814, CVE-2019-14815, CVE-2019-14816).\n\nAn out-of-bounds access issue was found in the way Linux kernel's KVM\nhypervisor implements the Coalesced MMIO write operation. It operates on\nan MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write\nindices 'ring->first' and 'ring->last' value could be supplied by a host\nuser-space process. An unprivileged host user or process with access to\n'/dev/kvm' device could use this flaw to crash the host kernel, resulting\nin a denial of service or potentially escalating privileges on the system\n(CVE-2019-14821).\n\nA buffer overflow flaw was found in the way Linux kernel's vhost\nfunctionality that translates virtqueue buffers to IOVs, logged the buffer\ndescriptors during migration. A privileged guest user able to pass\ndescriptors with invalid length to the host when migration is underway,\ncould use this flaw to increase their privileges on the host\n(CVE-2019-14835).\n\nIn the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c\nallows attackers to obtain sensitive information from kernel stack memory\nbecause tos and flags fields are not initialized (CVE-2019-16714)\n\nWireGuard has been updated to 0.0.20190913.\n\nFor other uptstream fixes in this update, see the referenced changelogs.\n",null,[],[],[],[14,16,18,20,22,24],{"_key":15},"CVE-2019-14814",{"_key":17},"CVE-2019-14815",{"_key":19},"CVE-2019-14816",{"_key":21},"CVE-2019-14821",{"_key":23},"CVE-2019-14835",{"_key":25},"CVE-2019-16714",[],[],[29,30,31,32,33,34],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},"2019-09-21T16:04:55Z","2026-04-16T04:26:17.588319Z",{"cisa_kev":38,"cisa_ransomware":38,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[40,46,51,56,60],{"url":41,"sources":42,"tags":44},"https://advisories.mageia.org/MGASA-2019-0288.html",[43],"osv_mageia",[45],"Advisory",{"url":47,"sources":48,"tags":49},"https://bugs.mageia.org/show_bug.cgi?id=25454",[43],[50],"REPORT",{"url":52,"sources":53,"tags":54},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-5.2.14",[43],[50,55],"WEB",{"url":57,"sources":58,"tags":59},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-5.2.15",[43],[50,55],{"url":61,"sources":62,"tags":63},"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-5.2.16",[43],[50,55],[],[],[],[68,80,84,90,96],{"ecosystem":69,"name":70,"vendor":71,"product":70,"cpe_part":9,"purl_type":72,"purl_namespace":71,"purl_name":70,"source":9,"versions":73},"Mageia","kernel","mageia","rpm",[74],{"version":75,"is_range":76,"range_type":77,"version_start":9,"version_start_type":9,"version_end":78,"version_end_type":79,"fixed_in":9},"lt5_2_16_2_mga7",true,"ecosystem","5.2.16-2.mga7","excluding",{"ecosystem":69,"name":81,"vendor":71,"product":81,"cpe_part":9,"purl_type":72,"purl_namespace":71,"purl_name":81,"source":9,"versions":82},"kernel-userspace-headers",[83],{"version":75,"is_range":76,"range_type":77,"version_start":9,"version_start_type":9,"version_end":78,"version_end_type":79,"fixed_in":9},{"ecosystem":69,"name":85,"vendor":71,"product":85,"cpe_part":9,"purl_type":72,"purl_namespace":71,"purl_name":85,"source":9,"versions":86},"kmod-virtualbox",[87],{"version":88,"is_range":76,"range_type":77,"version_start":9,"version_start_type":9,"version_end":89,"version_end_type":79,"fixed_in":9},"lt6_0_10_10_mga7","6.0.10-10.mga7",{"ecosystem":69,"name":91,"vendor":71,"product":91,"cpe_part":9,"purl_type":72,"purl_namespace":71,"purl_name":91,"source":9,"versions":92},"kmod-xtables-addons",[93],{"version":94,"is_range":76,"range_type":77,"version_start":9,"version_start_type":9,"version_end":95,"version_end_type":79,"fixed_in":9},"lt3_3_66_mga7","3.3-66.mga7",{"ecosystem":69,"name":97,"vendor":71,"product":97,"cpe_part":9,"purl_type":72,"purl_namespace":71,"purl_name":97,"source":9,"versions":98},"wireguard-tools",[99],{"version":100,"is_range":76,"range_type":77,"version_start":9,"version_start_type":9,"version_end":101,"version_end_type":79,"fixed_in":9},"lt0_0_20190913_1_mga7","0.0.20190913-1.mga7"]