VDB

GCVE-110-MAGEIA-2016-345

GCVE-110-MAGEIA-2016-345
Advisory Published
Vulnetix · Advisory published October 18, 2016
This update is based on the upstream 4.4.22 kernel and fixes at least theese security issues: sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions (CVE-2016-4578). The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message (CVE-2016-5243). The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message (CVE-2016-5244). Memory leak in the airspy_probe function in drivers/media/usb/airspy/airspy.c in the airspy USB driver in the Linux kernel before 4.7 allows local users to cause a denial of service (memory consumption) via a crafted USB device that emulates many VFL_TYPE_SDR or VFL_TYPE_SUBDEV devices and performs many connect and disconnect operations (CVE-2016-5400). Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/ commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a "double fetch" vulnerability (CVE-2016-6480). This update also changes the following: - enables STRICT_DEVMEM as a security hardening - disables FW_LOADER_USER_HELPER_FALLBACK again (un-intentionally enabled in 4.4 series upgrade) that slows down boot or even makes wireless connection fail with drivers with multiple possible firmwares (mga#19390). For other fixes in this update, see the referenced changelogs.

Affected Products

VendorProductVersionsPlatforms
Mageiakmod-virtualbox0 (affected), 5.1.2-6.mga5 (unaffected)
Mageiakmod-vboxadditions0 (affected), 5.1.2-6.mga5 (unaffected)
Mageiakernel-userspace-headers4.4.22-1.mga5 (unaffected), 0 (affected)
Mageiakmod-xtables-addons0 (affected), 2.10-12.mga5 (unaffected)
Mageiakernel0 (affected), 4.4.22-1.mga5 (unaffected)

Browse GCVE Records

73,196 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›