[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-MGASA-2021-0100":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T02:53:27.892Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":24,"duplicates":25,"related":26,"reserved_at":9,"published_at":32,"modified_at":33,"state":9,"summary":34,"references_raw":36,"kevs":73,"epss":9,"epss_history":74,"metrics":75,"affected":76},"MGASA-2021-0100","Updated kernel-linus packages fix security vulnerabilities\n\nThis kernel-linus update is based on upstream 5.10.19 and fixes at least\nthe following security issues:\n\nThere is a vulnerability in the linux kernel versions higher than 5.2 (if\nkernel compiled with config params CONFIG_BPF_SYSCALL=y, CONFIG_BPF=y,\nCONFIG_CGROUPS=y, CONFIG_CGROUP_BPF=y, CONFIG_HARDENED_USERCOPY not set,\nand BPF hook to getsockopt is registered). As result of BPF execution,\nthe local user can trigger bug in __cgroup_bpf_run_filter_getsockopt()\nfunction that can lead to heap overflow (because of non-hardened\nusercopy). The impact of attack could be deny of service or possibly\nprivileges escalation. NOTE! Mageia kernel configs have HARDENED_USERCOPY\nenabled by default, making this an non-issue when using prebuilt kernels\n(CVE-2021-20194).\n\nAn information disclosure vulnerability exists in the ARM SIGPAGE\nfunctionality of Linux Kernel. A userland application can read the\ncontents of the sigpage, which can leak kernel memory contents. An\nattacker can read a process’s memory at a specific offset to trigger\nthis vulnerability (CVE-2021-21781).\n\nAn issue was discovered in the Linux kernel 3.11 through 5.10.16, as used\nby Xen. To service requests to the PV backend, the driver maps grant\nreferences provided by the frontend. In this process, errors may be\nencountered. In one case, an error encountered earlier might be\ndiscarded by later processing, resulting in the caller assuming\nsuccessful mapping, and hence subsequent operations trying to access\nspace that wasn't mapped. In another case, internal state would be\ninsufficiently updated, preventing safe recovery from the error\n(CVE-2021-26930).\n\nAn issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as\nused in Xen. Block, net, and SCSI backends consider certain errors a\nplain bug, deliberately causing a kernel crash. For errors potentially\nbeing at least under the influence of guests (such as out of memory\nconditions), it isn't correct to assume a plain bug. Memory allocations\npotentially causing such crashes occur only when Linux is running in\nPV mode, though (CVE-2021-26931).\n\nAn issue was discovered in the Linux kernel 3.2 through 5.10.16, as used\nby Xen. Grant mapping operations often occur in batch hypercalls, where\na number of operations are done in a single hypercall, the success or\nfailure of each one is reported to the backend driver, and the backend\ndriver then loops over the results, performing follow-up actions based\non the success or failure of each operation. Unfortunately, when running\nin PV mode, the Linux backend drivers mishandle this: Some errors are\nignored, effectively implying their success from the success of related\nbatch elements. In other cases, errors resulting from one batch element\nlead to further batch elements not being inspected, and hence successful\nones to not be possible to properly unmap upon error recovery. Only\nsystems with Linux backends running in PV mode are vulnerable. Linux\nbackends run in HVM / PVH modes are not vulnerable (CVE-2021-26932).\n\nIt also adds the following fixes:\n- enable ACPI_EC_DEBUGFS (mga#28415)\n\nFor other upstream fixes, see the referenced changelogs.\n",null,[],[],[],[14,16,18,20,22],{"_key":15},"CVE-2021-20194",{"_key":17},"CVE-2021-21781",{"_key":19},"CVE-2021-26930",{"_key":21},"CVE-2021-26931",{"_key":23},"CVE-2021-26932",[],[],[27,28,29,30,31],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},"2021-03-04T12:26:19Z","2026-04-16T04:25:06.049579Z",{"cisa_kev":35,"cisa_ransomware":35,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[37,43,48,52,57,61,65,69],{"url":38,"sources":39,"tags":41},"https://advisories.mageia.org/MGASA-2021-0100.html",[40],"osv_mageia",[42],"Advisory",{"url":44,"sources":45,"tags":46},"https://bugs.mageia.org/show_bug.cgi?id=28468",[40],[47],"REPORT",{"url":49,"sources":50,"tags":51},"https://bugs.mageia.org/show_bug.cgi?id=28415",[40],[47],{"url":53,"sources":54,"tags":55},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.15",[40],[47,56],"WEB",{"url":58,"sources":59,"tags":60},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.16",[40],[47,56],{"url":62,"sources":63,"tags":64},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.17",[40],[47,56],{"url":66,"sources":67,"tags":68},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.18",[40],[47,56],{"url":70,"sources":71,"tags":72},"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.19",[40],[47,56],[],[],[],[77],{"ecosystem":78,"name":79,"vendor":80,"product":79,"cpe_part":9,"purl_type":81,"purl_namespace":80,"purl_name":79,"source":9,"versions":82},"Mageia","kernel-linus","mageia","rpm",[83],{"version":84,"is_range":85,"range_type":86,"version_start":9,"version_start_type":9,"version_end":87,"version_end_type":88,"fixed_in":9},"lt5_10_19_1_mga7",true,"ecosystem","5.10.19-1.mga7","excluding"]