VDB
GCVE-110-MAGEIA-2020-183
GCVE-110-MAGEIA-2020-183
Advisory Published
This provides an update to kernel 5.6 series, currently based on
upstream 5.6.6 adding support for new hardware and features, and
fixes at least the following security issues:
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image,
performing some operations, and unmounting can lead to a use-after-free
in btrfs_queue_work in fs/btrfs/async-thread.c (CVE-2019-19377).
An issue was discovered in slc_bump in drivers/net/can/slcan.c in the
Linux kernel through 5.6.2. It allows attackers to read uninitialized
can_frame data, potentially containing sensitive information from kernel
stack memory, if the configuration lacks CONFIG_INIT_STACK_ALL
(CVE-2020-11494).
An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str
in mm/mempolicy.c has a stack-based out-of-bounds write because an empty
nodelist is mishandled during mount option parsing (CVE-2020-11565).
An issue was discovered in the Linux kernel before 5.6.1. drivers/media/
usb/gspca/ov519.c allows NULL pointer dereferences in ov511_mode_init_regs
and ov518_mode_init_regs when there are zero endpoints (CVE-2020-11608).
An issue was discovered in the stv06xx subsystem in the Linux kernel
before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and drivers/media/
usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid descriptors, as
demonstrated by a NULL pointer dereference (CVE-2020-11609).
In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c
(aka the Xirlink camera USB driver) mishandles invalid descriptors
(CVE-2020-11668).
xtables-addons has been updated to 4.9 for kernel 5.6 series support.
For other fixes and changes in this update, see the refenced changelogs.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | kmod-xtables-addons | 0 (affected), 0 (affected), 3.9-1.mga7 (unaffected), 3.9-1.mga7 (unaffected) | — |
| Mageia | xtables-addons | 0 (affected), 3.9-1.mga7 (unaffected), 0 (affected), 3.9-1.mga7 (unaffected) | — |
| Mageia | sysdig | 0.27.0-1.1.mga7 (unaffected), 0 (affected) | — |
| Mageia | kernel | 5.6.6-1.mga7 (unaffected), 0 (affected), 0 (affected), 5.6.6-1.mga7 (unaffected) | — |
| Mageia | ldetect-lst | 0 (affected), 0.6.9-1.mga7 (unaffected), 0 (affected), 0.6.9-1.mga7 (unaffected) | — |
| Mageia | kmod-virtualbox | 0 (affected), 6.0.20-2.mga7 (unaffected), 6.0.20-2.mga7 (unaffected), 0 (affected) | — |
References
Browse GCVE Records
71,925 records in the GCVE database · Updated July 13, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.