Bug 21711

Summary: Update request: kernel-4.4.88-1.mga5
Product: Mageia Reporter: Thomas Backlund <tmb>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: critical    
Priority: Normal CC: brtians1, davidwhodgins, sysadmin-bugs
Version: 5Keywords: advisory, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA5-64-OK MGA5-32-OK
Source RPM: kernel CVE:
Status comment:

Description Thomas Backlund 2017-09-14 19:58:44 CEST 
Updated kernels fixing various security issues, including the "BlueBorne" bluetooth remote code execution CVE-2017-1000251 ...

Advisory will follow...


SRPMS:
kernel-4.4.88-1.mga5.src.rpm
kernel-userspace-headers-4.4.88-1.mga5.src.rpm
kmod-vboxadditions-5.1.26-3.mga5.src.rpm
kmod-virtualbox-5.1.26-3.mga5.src.rpm
kmod-xtables-addons-2.10-46.mga5.src.rpm


i586:
cpupower-4.4.88-1.mga5.i586.rpm
cpupower-devel-4.4.88-1.mga5.i586.rpm
kernel-desktop-4.4.88-1.mga5-1-1.mga5.i586.rpm
kernel-desktop586-4.4.88-1.mga5-1-1.mga5.i586.rpm
kernel-desktop586-devel-4.4.88-1.mga5-1-1.mga5.i586.rpm
kernel-desktop586-devel-latest-4.4.88-1.mga5.i586.rpm
kernel-desktop586-latest-4.4.88-1.mga5.i586.rpm
kernel-desktop-devel-4.4.88-1.mga5-1-1.mga5.i586.rpm
kernel-desktop-devel-latest-4.4.88-1.mga5.i586.rpm
kernel-desktop-latest-4.4.88-1.mga5.i586.rpm
kernel-doc-4.4.88-1.mga5.noarch.rpm
kernel-server-4.4.88-1.mga5-1-1.mga5.i586.rpm
kernel-server-devel-4.4.88-1.mga5-1-1.mga5.i586.rpm
kernel-server-devel-latest-4.4.88-1.mga5.i586.rpm
kernel-server-latest-4.4.88-1.mga5.i586.rpm
kernel-source-4.4.88-1.mga5-1-1.mga5.noarch.rpm
kernel-source-latest-4.4.88-1.mga5.noarch.rpm
kernel-userspace-headers-4.4.88-1.mga5.i586.rpm
perf-4.4.88-1.mga5.i586.rpm

vboxadditions-kernel-4.4.88-desktop-1.mga5-5.1.26-3.mga5.i586.rpm
vboxadditions-kernel-4.4.88-desktop586-1.mga5-5.1.26-3.mga5.i586.rpm
vboxadditions-kernel-4.4.88-server-1.mga5-5.1.26-3.mga5.i586.rpm
vboxadditions-kernel-desktop586-latest-5.1.26-3.mga5.i586.rpm
vboxadditions-kernel-desktop-latest-5.1.26-3.mga5.i586.rpm
vboxadditions-kernel-server-latest-5.1.26-3.mga5.i586.rpm

virtualbox-kernel-4.4.88-desktop-1.mga5-5.1.26-3.mga5.i586.rpm
virtualbox-kernel-4.4.88-desktop586-1.mga5-5.1.26-3.mga5.i586.rpm
virtualbox-kernel-4.4.88-server-1.mga5-5.1.26-3.mga5.i586.rpm
virtualbox-kernel-desktop586-latest-5.1.26-3.mga5.i586.rpm
virtualbox-kernel-desktop-latest-5.1.26-3.mga5.i586.rpm
virtualbox-kernel-server-latest-5.1.26-3.mga5.i586.rpm

xtables-addons-kernel-4.4.88-desktop-1.mga5-2.10-46.mga5.i586.rpm
xtables-addons-kernel-4.4.88-desktop586-1.mga5-2.10-46.mga5.i586.rpm
xtables-addons-kernel-4.4.88-server-1.mga5-2.10-46.mga5.i586.rpm
xtables-addons-kernel-desktop586-latest-2.10-46.mga5.i586.rpm
xtables-addons-kernel-desktop-latest-2.10-46.mga5.i586.rpm
xtables-addons-kernel-server-latest-2.10-46.mga5.i586.rpm


x86_64:
cpupower-4.4.88-1.mga5.x86_64.rpm
cpupower-devel-4.4.88-1.mga5.x86_64.rpm
kernel-desktop-4.4.88-1.mga5-1-1.mga5.x86_64.rpm
kernel-desktop-devel-4.4.88-1.mga5-1-1.mga5.x86_64.rpm
kernel-desktop-devel-latest-4.4.88-1.mga5.x86_64.rpm
kernel-desktop-latest-4.4.88-1.mga5.x86_64.rpm
kernel-doc-4.4.88-1.mga5.noarch.rpm
kernel-server-4.4.88-1.mga5-1-1.mga5.x86_64.rpm
kernel-server-devel-4.4.88-1.mga5-1-1.mga5.x86_64.rpm
kernel-server-devel-latest-4.4.88-1.mga5.x86_64.rpm
kernel-server-latest-4.4.88-1.mga5.x86_64.rpm
kernel-source-4.4.88-1.mga5-1-1.mga5.noarch.rpm
kernel-source-latest-4.4.88-1.mga5.noarch.rpm
kernel-userspace-headers-4.4.88-1.mga5.x86_64.rpm
perf-4.4.88-1.mga5.x86_64.rpm

vboxadditions-kernel-4.4.88-desktop-1.mga5-5.1.26-3.mga5.x86_64.rpm
vboxadditions-kernel-4.4.88-server-1.mga5-5.1.26-3.mga5.x86_64.rpm
vboxadditions-kernel-desktop-latest-5.1.26-3.mga5.x86_64.rpm
vboxadditions-kernel-server-latest-5.1.26-3.mga5.x86_64.rpm

virtualbox-kernel-4.4.88-server-1.mga5-5.1.26-3.mga5.x86_64.rpm
virtualbox-kernel-desktop-latest-5.1.26-3.mga5.x86_64.rpm
virtualbox-kernel-server-latest-5.1.26-3.mga5.x86_64.rpm

xtables-addons-kernel-4.4.88-desktop-1.mga5-2.10-46.mga5.x86_64.rpm
xtables-addons-kernel-4.4.88-server-1.mga5-2.10-46.mga5.x86_64.rpm
xtables-addons-kernel-desktop-latest-2.10-46.mga5.x86_64.rpm
xtables-addons-kernel-server-latest-2.10-46.mga5.x86_64.rpm
Comment 1 Dave Hodgins 2017-09-15 16:10:32 CEST 
Tested on both real hardware, and under vb, both arches. Adding the OKs.

Whiteboard: (none) => MGA5-64-OK MGA5-32-OK
CC: (none) => davidwhodgins

Comment 2 Thomas Backlund 2017-09-15 19:36:36 CEST 
Advisory;

  This kernel update is based on upstream 4.4.88 and fixes atleast the
  following security issues:

  net/xfrm/xfrm_policy.c in the Linux kernel through 4.12.3, when 
  CONFIG_XFRM_MIGRATE is enabled, does not ensure that the dir value of
  xfrm_userpolicy_id is XFRM_POLICY_MAX or less, which allows local users
  to cause a denial of service (out-of-bounds access) or possibly have
  unspecified other impact via an XFRM_MSG_MIGRATE xfrm Netlink message
  (CVE-2017-11600).

  The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen
  might allow local OS guest users to corrupt block device data streams
  and consequently obtain sensitive memory information, cause a denial of
  service, or gain host OS privileges by leveraging incorrect block IO
  merge-ability calculation (CVE-2017-12134 / XSA-229).

  The XFS_IS_REALTIME_INODE macro in fs/xfs/xfs_linux.h in the Linux kernel
  before 4.13.2 does not verify that a filesystem has a realtime device,
  which allows local users to cause a denial of service (NULL pointer
  dereference and OOPS) via vectors related to setting an RHINHERIT flag
  on a directory (CVE-2017-14340).

  The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the
  Linux kernel version 3.3-rc1 and up to and including 4.13.1, are vulnerable
  to a stack overflow vulnerability in the processing of L2CAP configuration
  responses resulting in Remote code execution in kernel space
  (CVE-2017-1000251).

  For other upstream fixes in this update, read the referenced changelogs.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=21711
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.83
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.84
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.85
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.86
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.87
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.88

Whiteboard: MGA5-64-OK MGA5-32-OK => MGA5-64-OK MGA5-32-OK advisory

Dave Hodgins 2017-09-15 20:59:27 CEST

Whiteboard: MGA5-64-OK MGA5-32-OK advisory => MGA5-64-OK MGA5-32-OK
Keywords: (none) => advisory, validated_update
CC: (none) => sysadmin-bugs

Comment 3 Brian Rockwell 2017-09-15 22:57:00 CEST 
AMD X3-3800, AMD Graphics

The following 5 packages are going to be installed:

- kernel-desktop-4.4.88-1.mga5-1-1.mga5.x86_64
- vboxadditions-kernel-4.4.88-desktop-1.mga5-5.1.26-3.mga5.x86_64
- vboxadditions-kernel-desktop-latest-5.1.26-3.mga5.x86_64
- virtualbox-kernel-4.4.88-desktop-1.mga5-5.1.26-3.mga5.x86_64
- virtualbox-kernel-desktop-latest-5.1.26-3.mga5.x86_64

54MB of additional disk space will be used.

48MB of packages will be retrieved.

Is it ok to continue?

–

after reboot


$ uname -a
Linux localhost 4.4.88-desktop-1.mga5 #1 SMP Thu Sep 14 00:03:58 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

–

Ran virtualbox on hardware – able to spin up an entity and connect to shared drive.

--- working as designed.

Will test bluetooth on mga6

CC: (none) => brtians1

Comment 4 Mageia Robot 2017-09-16 10:25:56 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2017-0345.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED