MGASA-2024-0032

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2024-0032.html

Import Source

https://advisories.mageia.org/MGASA-2024-0032.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2024-0032

Related

Published

2024-02-09T01:34:03Z

Modified

2024-02-08T15:45:47Z

Summary

Updated kernel-linus fixes security vulnerabilities and many bugs

Details

Upstream version 6.6.14 with many bugfixes and at least the following security fixes: An out-of-bounds read vulnerability was found in smb2dumpdetail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information. (CVE-2023-6610) An unprivileged guest can cause Denial of Service (DoS) of the host by sending network packets to the backend, causing the backend to crash. Data corruption or privilege escalation have not been ruled out. https://xenbits.xen.org/xsa/advisory-448.html (CVE-2023-46838)

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:9 / kernel-linus

Package

Name: kernel-linus
Purl: pkg:rpm/mageia/kernel-linus?distro=mageia-9

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.6.14-1.mga9

Ecosystem specific

{
    "section": "core"
}