Bug 33195

Summary: kernel new security issue CVE-2024-26925
Product: Mageia Reporter: Nicolas Salguero <nicolas.salguero>
Component: SecurityAssignee: Kernel and Drivers maintainers <kernel>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: fri
Version: Cauldron   
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA9TOO
Source RPM: kernel-6.6.28-1.mga10.src.rpm CVE: CVE-2024-26925
Status comment: Patch available from upstream

Description Nicolas Salguero 2024-05-13 09:57:34 CEST 
That CVE was announced here:
https://www.openwall.com/lists/oss-security/2024/05/07/6

The fix is: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=0d459e2ffb54

Mageia 9 is also affected.
Nicolas Salguero 2024-05-13 09:58:09 CEST

Source RPM: (none) => kernel-6.6.28-1.mga10.src.rpm
Whiteboard: (none) => MGA9TOO
CVE: (none) => CVE-2024-26925
Status comment: (none) => Patch available from upstream

Morgan Leijström 2024-05-13 14:07:14 CEST

CC: (none) => fri
Assignee: bugsquad => kernel

Comment 1 Nicolas Salguero 2024-06-11 10:27:42 CEST 
Actually, according to https://www.cve.org/CVERecord?id=CVE-2024-26925, that CVE was fixed in 6.6.26.

Status: NEW => RESOLVED
Resolution: (none) => FIXED