| Summary: | Update request: kernel-linus-5.15.16-1.mga8 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Thomas Backlund <tmb> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | major | ||
| Priority: | High | CC: | sysadmin-bugs, tarazed25 |
| Version: | 8 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA8-64-OK | ||
| Source RPM: | kernel-linus | CVE: | |
| Status comment: | |||
|
Description
Thomas Backlund
2022-01-20 22:02:31 CET
Advisory, added to svn:
type: security
subject: Updated kernel-linus packages fix security vulnerability
CVE:
- CVE-2022-0185
src:
8:
core:
- kernel-linus-5.15.16-1.mga8
description: |
This kernel-linus update is based on upstream 5.15.16 and fixes atleast
the following security issue:
William Liu and Jamie Hill-Daniel discovered that the file system context
functionality in the Linux kernel contained an integer underflow
vulnerability, leading to an out-of-bounds write. A local attacker could
use this to cause a denial of service (system crash) or execute arbitrary
code (CVE-2022-0185).
references:
- https://bugs.mageia.org/show_bug.cgi?id=29917
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.16Priority:
Normal =>
High
Thomas Backlund
2022-01-20 22:20:54 CET
Component:
RPM Packages =>
Security x86_64 Installed without problems on intel Core i7 with nvidia graphics. Ran a few tests on Mate desktop - no issues - leaving it running. CC:
(none) =>
tarazed25 Thanks for the tests, flushing out... Keywords:
(none) =>
validated_update An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0027.html Resolution:
(none) =>
FIXED |