Title
MGASA-2019-0120 -- security update for kernel, kernel-userspace-headers, kmod-vboxadditions, kmod-virtualbox, kmod-xtables-addons, wireguard-tools
Description
This kernel update is based on the upstream 4.14.106 and fixes atleast
the following security issue:
In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks
a check for the mmap minimum address, which makes it easier for attackers
to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is
related to a capability check for the wrong task (CVE-2019-9213).
It also adds a preparatory fix for Skylake systems that will receive a
microcode update at a later date to address a TSX errata.
WireGuard has been updated to 0.0.20190227.