[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-MGASA-2023-0296":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T02:53:27.892Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":28,"duplicates":29,"related":30,"reserved_at":9,"published_at":38,"modified_at":39,"state":9,"summary":40,"references_raw":42,"kevs":83,"epss":9,"epss_history":84,"metrics":85,"affected":86},"MGASA-2023-0296","Updated kernel-linus packages fix security vulnerabilities\n\nThis kernel-linus update is based on upstream 6.4.16 and fixes or adds\nmitigations for atleast the following security issues:\n\nA flaw was found in the Linux Kernel. The tun/tap sockets have their\nsocket UID hardcoded to 0 due to a type confusion in their\ninitialization function. While it will be often correct, as tuntap\ndevices require CAP_NET_ADMIN, it may not always be the case, e.g., a\nnon-root user only having that capability. This would make tun/tap\nsockets being incorrectly treated in filtering/routing decisions,\npossibly bypassing network filters. CVE-2023-1076\n\nA flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the\nLinux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs\ncan trigger a double fetch race condition vulnerability and invoke the\n`VMGEXIT` handler recursively. If an attacker manages to call the\nhandler multiple times, they can trigger a stack overflow and cause a\ndenial of service or potentially guest-to-host escape in kernel\nconfigurations without stack guard pages (`CONFIG_VMAP_STACK`).\nCVE-2023-4155\n\nA use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq\ncomponent can be exploited to achieve local privilege escalation. When\nthe plug qdisc is used as a class of the qfq qdisc, sending network\npackets triggers use-after-free in qfq_dequeue() due to the incorrect\n.peek handler of sch_plug and lack of error checking in agg_dequeue().\nWe recommend upgrading past commit\n8fc134fee27f2263988ae38920bc03da416b03d8. CVE-2023-4921\n\nA use-after-free vulnerability in the Linux kernel's netfilter:\nnf_tables component can be exploited to achieve local privilege\nescalation. Addition and removal of rules from chain bindings within the\nsame transaction causes leads to use-after-free. We recommend upgrading\npast commit f15f29fd4779be8a418b66e9d52979bb6d6c2325. CVE-2023-5197\n\nImproper access control in the Intel(R) Ethernet Controller RDMA driver\nfor linux before version 1.9.30 may allow an unauthenticated user to\npotentially enable escalation of privilege via network access.\nCVE-2023-25775\n\nA NULL pointer dereference flaw was found in the Linux kernel ipv4\nstack. The socket buffer (skb) was assumed to be associated with a\ndevice before calling __ip_options_compile, which is not always the case\nif the skb is re-routed by ipvs. This issue may allow a local user with\nCAP_NET_ADMIN privileges to crash the system. CVE-2023-42754\n\nA flaw was found in the Netfilter subsystem of the Linux kernel. A race\ncondition between IPSET_CMD_ADD and IPSET_CMD_SWAP can lead to a kernel\npanic due to the invocation of `__ip_set_put` on a wrong `set`. This\nissue may allow a local user to crash the system. CVE-2023-42756\n\nFor other upstream fixes in this update, see the referenced changelogs.\n",null,[],[],[],[14,16,18,20,22,24,26],{"_key":15},"CVE-2023-1076",{"_key":17},"CVE-2023-4155",{"_key":19},"CVE-2023-4921",{"_key":21},"CVE-2023-5197",{"_key":23},"CVE-2023-25775",{"_key":25},"CVE-2023-42754",{"_key":27},"CVE-2023-42756",[],[],[31,32,33,34,35,36,37],{"_key":15},{"_key":23},{"_key":17},{"_key":25},{"_key":27},{"_key":19},{"_key":21},"2023-10-22T21:04:51Z","2026-04-16T04:23:17.086915Z",{"cisa_kev":41,"cisa_ransomware":41,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[43,49,54,59,63,67,71,75,79],{"url":44,"sources":45,"tags":47},"https://advisories.mageia.org/MGASA-2023-0296.html",[46],"osv_mageia",[48],"Advisory",{"url":50,"sources":51,"tags":52},"https://bugs.mageia.org/show_bug.cgi?id=32297",[46],[53],"REPORT",{"url":55,"sources":56,"tags":57},"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.10",[46],[53,58],"WEB",{"url":60,"sources":61,"tags":62},"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.11",[46],[53,58],{"url":64,"sources":65,"tags":66},"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.12",[46],[53,58],{"url":68,"sources":69,"tags":70},"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.13",[46],[53,58],{"url":72,"sources":73,"tags":74},"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.14",[46],[53,58],{"url":76,"sources":77,"tags":78},"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.15",[46],[53,58],{"url":80,"sources":81,"tags":82},"https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.16",[46],[53,58],[],[],[],[87],{"ecosystem":88,"name":89,"vendor":90,"product":89,"cpe_part":9,"purl_type":91,"purl_namespace":90,"purl_name":89,"source":9,"versions":92},"Mageia","kernel-linus","mageia","rpm",[93],{"version":94,"is_range":95,"range_type":96,"version_start":9,"version_start_type":9,"version_end":97,"version_end_type":98,"fixed_in":9},"lt6_4_16_3_mga9",true,"ecosystem","6.4.16-3.mga9","excluding"]