bug and security fixes, including a fix for a local root exploit advisory will follow... SRPM: kernel-linus-5.10.52-1.mga8.src.rpm i586: kernel-linus-5.10.52-1.mga8-1-1.mga8.i586.rpm kernel-linus-devel-5.10.52-1.mga8-1-1.mga8.i586.rpm kernel-linus-devel-latest-5.10.52-1.mga8.i586.rpm kernel-linus-doc-5.10.52-1.mga8.noarch.rpm kernel-linus-latest-5.10.52-1.mga8.i586.rpm kernel-linus-source-5.10.52-1.mga8-1-1.mga8.noarch.rpm kernel-linus-source-latest-5.10.52-1.mga8.noarch.rpm x86_64: kernel-linus-5.10.52-1.mga8-1-1.mga8.x86_64.rpm kernel-linus-devel-5.10.52-1.mga8-1-1.mga8.x86_64.rpm kernel-linus-devel-latest-5.10.52-1.mga8.x86_64.rpm kernel-linus-doc-5.10.52-1.mga8.noarch.rpm kernel-linus-latest-5.10.52-1.mga8.x86_64.rpm kernel-linus-source-5.10.52-1.mga8-1-1.mga8.noarch.rpm kernel-linus-source-latest-5.10.52-1.mga8.noarch.rpm
No regressions noticed with the 5.10.52-1.mga8 (linus) package $ inxi -MSxx System: Host: mageia.local Kernel: 5.10.52-1.mga8 x86_64 bits: 64 compiler: gcc v: 10.3.0 Desktop: KDE Plasma 5.20.4 tk: Qt 5.15.2 wm: kwin_x11 dm: SDDM Distro: Mageia 8 mga8 Machine: Type: Desktop System: Gigabyte product: Z170X-Ultra Gaming v: N/A Mobo: Gigabyte model: Z170X-Ultra Gaming-CF UEFI: American Megatrends v: F23j date: 03/09/2018 Virtualbox OK. 4 mga8 Clients also. 1 opensuse client same. 1 Windows 10 Client is OK. WiFi OK, Bluetooth OK, nvidia well rebuilt. Audio OK. Ethernet OK.
CC: (none) => ouaurelien
Advisory, added to svn: type: security subject: Updated kernel-linus packages fix security vulnerabilities CVE: - CVE-2021-3609 - CVE-2021-33909 src: 8: core: - kernel-linus-5.10.52-1.mga8 description: | This kernel-linus update is based on upstream 5.10.52 and fixes atleast the following security issues: There is a race condition in net/can/bcm.c that can lead to local privilege escalation to root (CVE-2021-3609). fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user (CVE-2021-33909). For other upstream fixes, see the referenced changelogs. references: - https://bugs.mageia.org/show_bug.cgi?id=29272 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.49 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.50 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.51 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.52 - https://www.openwall.com/lists/oss-security/2021/06/19/1 - https://www.openwall.com/lists/oss-security/2021/07/20/1
Keywords: (none) => advisory
Whiteboard: (none) => MGA8-64-OKKeywords: (none) => validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2021-0367.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED