Security and bugfixes, advisory will follow... SRPMS: kernel-linus-5.10.62-1.mga8.src.rpm i586: kernel-linus-5.10.62-1.mga8-1-1.mga8.i586.rpm kernel-linus-devel-5.10.62-1.mga8-1-1.mga8.i586.rpm kernel-linus-devel-latest-5.10.62-1.mga8.i586.rpm kernel-linus-doc-5.10.62-1.mga8.noarch.rpm kernel-linus-latest-5.10.62-1.mga8.i586.rpm kernel-linus-source-5.10.62-1.mga8-1-1.mga8.noarch.rpm kernel-linus-source-latest-5.10.62-1.mga8.noarch.rpm x86_64: kernel-linus-5.10.62-1.mga8-1-1.mga8.x86_64.rpm kernel-linus-devel-5.10.62-1.mga8-1-1.mga8.x86_64.rpm kernel-linus-devel-latest-5.10.62-1.mga8.x86_64.rpm kernel-linus-doc-5.10.62-1.mga8.noarch.rpm kernel-linus-latest-5.10.62-1.mga8.x86_64.rpm kernel-linus-source-5.10.62-1.mga8-1-1.mga8.noarch.rpm kernel-linus-source-latest-5.10.62-1.mga8.noarch.rpm
Priority: Normal => High
Advisory, added to svn: type: security subject: Updated kernel-linus packages fix security vulnerabilities CVE: - CVE-2020-3702 - CVE-2021-3739 - CVE-2021-3743 - CVE-2021-3753 src: 8: core: - kernel-linus-5.10.62-1.mga8 description: | This kernel-linus update is based on upstream 5.10.62 and fixes atleast the following security issues: Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic in ath9k (CVE-2020-3702). A process with CAP_SYS_ADMIN can cause a kernel NULL pointer dereference in btrfs code (CVE-2021-3739). there is an out-of-bound read bug in qrtr_endpoint_post in net/qrtr/qrtr.c (CVE-2021-3743). An out-of-bounds read due to a race condition has been found in the Linux kernel due to write access to vc_mode is not protected by a lock in vt_ioctl (KDSETMDE) (CVE-2021-3753). For other upstream fixes, see the referenced changelogs. references: - https://bugs.mageia.org/show_bug.cgi?id=29436
Keywords: (none) => advisory
Works here
Keywords: (none) => validated_updateWhiteboard: (none) => MGA8-64-OKCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2021-0419.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED