MGASA-2021-0418
Vulnerability Summary
Timeline
Description
Updated kernel packages fix security vulnerabilities This kernel update is based on upstream 5.10.62 and fixes at least the following security issues: A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system (CVE-2021-3640). A process with CAP_SYS_ADMIN can cause a kernel NULL pointer dereference in btrfs code (CVE-2021-3739). there is an out-of-bound read bug in qrtr_endpoint_post in net/qrtr/qrtr.c (CVE-2021-3743). An out-of-bounds read due to a race condition has been found in the Linux kernel due to write access to vc_mode is not protected by a lock in vt_ioctl (KDSETMDE) (CVE-2021-3753). A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13 (CVE-2021-40490). Other fixes in this update: - audio stopped working with the update to kernel 5.10.60 released in MGASA-2021-0409 (mga#29426). - x86/ACPI/State: Optimize C3 entry on AMD CPUs - fscrypt: add fscrypt_symlink_getattr() for computing st_size - ext4: report correct st_size for encrypted symlinks - f2fs: report correct st_size for encrypted symlinks - ubifs: report correct st_size for encrypted symlinks For other upstream fixes, see the referenced changelogs.
Affected Systems
- mageia•kernel
< 5.10.62-1.mga8
- mageia•kmod-virtualbox
< 6.1.26-1.4.mga8
- mageia•kmod-xtables-addons
< 3.18-1.22.mga8