[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-MGASA-2020-0089":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T02:53:27.892Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":30,"duplicates":31,"related":32,"reserved_at":9,"published_at":41,"modified_at":42,"state":9,"summary":43,"references_raw":45,"kevs":142,"epss":9,"epss_history":143,"metrics":144,"affected":145},"MGASA-2020-0089","Updated kernel-linus packages fix security vulnerabilities\n\nThis update provides upstream 5.4.20, adding support for new hardware\nand features, and resolves at least the following security issues:\n\nIn a Linux KVM guest that has PV TLB enabled, a process in the guest kernel\nmay be able to read memory locations from another process in the same guest.\nThis problem is limit to the host running linux kernel 4.10 with a guest\nrunning linux kernel 4.16 or later. The problem mainly affects AMD\nprocessors but Intel CPUs cannot be ruled out (CVE-2019-3016).\n\nIntel GPU Hardware prior to Gen11 does not clear EU state during a\ncontext switch. This can result in information leakage between\ncontexts (CVE-2019-14615).\n\nA heap-based buffer overflow was discovered in the Marvell WiFi chip\ndriver. The flaw could occur when the station attempts a connection\nnegotiation during the handling of the remote devices country settings.\nThis could allow the remote device to cause a denial of service (system\ncrash) or possibly execute arbitrary code (CVE-2019-14895).\n\nA heap-based buffer overflow vulnerability was found in the Linux kernel,\nin Marvell WiFi chip driver. A remote attacker could cause a denial of\nservice (system crash) or, possibly execute arbitrary code, when the\nlbs_ibss_join_existing function is called after a STA connects to an AP\n(CVE-2019-14896).\n\nA stack-based buffer overflow was found in the Linux kernel, in Marvell\nWiFi chip driver. An attacker is able to cause a denial of service\n(system crash) or, possibly execute arbitrary code, when a STA works in\nIBSS mode (allows connecting stations together without the use of an AP)\nand connects to another STA (CVE-2019-14897).\n\next4_empty_dir in fs/ext4/namei.c in the Linux kernel through 5.3.12 allows\na NULL pointer dereference because ext4_read_dirblock(inode,0,DIRENT_HTREE)\ncan be zero. (CVE-2019-19037)\n\nKVM: x86: fix out-of-bounds write in KVM_GET_EMULATED_CPUID\n(CVE-2019-19332)\n\nfs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky\nuse-after-free, which allows local users to cause a denial of service\n(OOPS) or possibly obtain sensitive information from kernel memory, aka\nCID-d0cb50185ae9. One attack vector may be an open system call for a UNIX\ndomain socket, if the socket is being moved to a new parent directory and\nits old parent directory is being removed (CVE-2020-8428).\n",null,[],[],[],[14,16,18,20,22,24,26,28],{"_key":15},"CVE-2019-3016",{"_key":17},"CVE-2019-14615",{"_key":19},"CVE-2019-14895",{"_key":21},"CVE-2019-14896",{"_key":23},"CVE-2019-14897",{"_key":25},"CVE-2019-19037",{"_key":27},"CVE-2019-19332",{"_key":29},"CVE-2020-8428",[],[],[33,34,35,36,37,38,39,40],{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":15},{"_key":29},"2020-02-18T14:05:53Z","2026-04-16T04:26:02.285386Z",{"cisa_kev":44,"cisa_ransomware":44,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[46,52,57,62,66,70,74,78,82,86,90,94,98,102,106,110,114,118,122,126,130,134,138],{"url":47,"sources":48,"tags":50},"https://advisories.mageia.org/MGASA-2020-0089.html",[49],"osv_mageia",[51],"Advisory",{"url":53,"sources":54,"tags":55},"https://bugs.mageia.org/show_bug.cgi?id=26099",[49],[56],"REPORT",{"url":58,"sources":59,"tags":60},"https://kernelnewbies.org/Linux_5.4",[49],[56,61],"WEB",{"url":63,"sources":64,"tags":65},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.1",[49],[56,61],{"url":67,"sources":68,"tags":69},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.2",[49],[56,61],{"url":71,"sources":72,"tags":73},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.3",[49],[56,61],{"url":75,"sources":76,"tags":77},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.4",[49],[56,61],{"url":79,"sources":80,"tags":81},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.5",[49],[56,61],{"url":83,"sources":84,"tags":85},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.6",[49],[56,61],{"url":87,"sources":88,"tags":89},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.7",[49],[56,61],{"url":91,"sources":92,"tags":93},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.8",[49],[56,61],{"url":95,"sources":96,"tags":97},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.9",[49],[56,61],{"url":99,"sources":100,"tags":101},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.10",[49],[56,61],{"url":103,"sources":104,"tags":105},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.11",[49],[56,61],{"url":107,"sources":108,"tags":109},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.12",[49],[56,61],{"url":111,"sources":112,"tags":113},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.13",[49],[56,61],{"url":115,"sources":116,"tags":117},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.14",[49],[56,61],{"url":119,"sources":120,"tags":121},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.15",[49],[56,61],{"url":123,"sources":124,"tags":125},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.16",[49],[56,61],{"url":127,"sources":128,"tags":129},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.17",[49],[56,61],{"url":131,"sources":132,"tags":133},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.18",[49],[56,61],{"url":135,"sources":136,"tags":137},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.19",[49],[56,61],{"url":139,"sources":140,"tags":141},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.20",[49],[56,61],[],[],[],[146],{"ecosystem":147,"name":148,"vendor":149,"product":148,"cpe_part":9,"purl_type":150,"purl_namespace":149,"purl_name":148,"source":9,"versions":151},"Mageia","kernel-linus","mageia","rpm",[152],{"version":153,"is_range":154,"range_type":155,"version_start":9,"version_start_type":9,"version_end":156,"version_end_type":157,"fixed_in":9},"lt5_4_20_1_mga7",true,"ecosystem","5.4.20-1.mga7","excluding"]