MGASA-2019-0414 - Updated kernel packages fix security vulnerabilities

Publication date: 25 Dec 2019
URL: https://advisories.mageia.org/MGASA-2019-0414.html
Type: security
Affected Mageia releases: 7

This update is based on upstream 5.4.6 and fixes various potential
security issues related to buffer overflows, double frees, NUll  pointer
dereferences, improper / missing input validations and so on. It also
adds other bugfixes all over the kernel.

Other fixes added in this update:
- x86/MCE/AMD: Do not use rdmsr_safe_on_cpu() in smca_configure(),
  fixing an deadlock issue.
- x86/mm: Split vmalloc_sync_all(), fixing up big performance
  regressions in some x86_64 workloads 
  (example: reaim.jobs_per_min -79.7% regression) 
- The Intel cpu/gpu specific security fixes in upstream 5.3.11 broke
  RC6 and that prevents CPUs from entering C-states, causing higher
  power consumption. This update adds upstream fixes to restore
  RC6 to a working state (fdo#112315)
- radeon changes in upstream 5.4 to remove the 'need_dma32 flag' has
  been reverted as it caused radeon to malfunction on 32bit kernels
- iwlwifi fixes for firmware crashes (mga#25926), failures on warm
  reboot, and performance fixes

WireGuard has been updated to 0.0.20191219.

For other fixes in this update, see the referenced changelogs.

References:
- https://bugs.mageia.org/show_bug.cgi?id=25897
- https://bugs.mageia.org/show_bug.cgi?id=25926
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.3
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.4
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.5
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.6

SRPMS:
- 7/core/kernel-5.4.6-2.mga7
- 7/core/kmod-virtualbox-6.0.14-16.mga7
- 7/core/kmod-xtables-addons-3.7-6.mga7
- 7/core/wireguard-tools-0.0.20191219-1.mga7