MGASA-2015-0238

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2015-0238.html

Import Source

https://advisories.mageia.org/MGASA-2015-0238.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2015-0238

Related

CVE-2015-4036

Published

2015-05-27T16:57:52Z

Modified

2015-05-27T16:47:36Z

Summary

Updated kernel-tmb packages fix security vulnerabilities and bugs

Details

Updated kernel-tmb fixes security, critical data corruption and pdata loss issues

This kernel-tmb update is based on upstream -longterm 3.14.43 and fixes a security issue, and critical data corruption and data loss issues:

drivers/vhost/scsi.c: potential memory corruption (CVE-2015-4036)

ext4 filesystem has a bug that make it possible to lose whole file system block worth of data when we hit the specific interaction with unwritten and delayed extents in status extent tree.

when using software raid 0 on SSDs along with trim/discard, any delete or modification of files can lead to random destruction on the filesystem. (this regression was introduced in upstream 3.14.41)

For other fixes in this update, see the referenced changelogs.

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:4 / kernel-tmb

Package

Name: kernel-tmb
Purl: pkg:rpm/mageia/kernel-tmb?distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.14.43-1.mga4

Ecosystem specific

{
    "section": "core"
}