Bug 29385

Summary: Update request: kernel-linus-5.10.60-1.mga8
Product: Mageia Reporter: Thomas Backlund <tmb>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: sysadmin-bugs, tarazed25
Version: 8Keywords: advisory, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA8-64-OK
Source RPM: kernel-linus CVE:
Status comment:

Description Thomas Backlund 2021-08-18 16:43:16 CEST 
Security and bugfixes, advisory will follow:


SRPMS:
kernel-linus-5.10.60-1.mga8.src.rpm



i586:
kernel-linus-5.10.60-1.mga8-1-1.mga8.i586.rpm
kernel-linus-devel-5.10.60-1.mga8-1-1.mga8.i586.rpm
kernel-linus-devel-latest-5.10.60-1.mga8.i586.rpm
kernel-linus-doc-5.10.60-1.mga8.noarch.rpm
kernel-linus-latest-5.10.60-1.mga8.i586.rpm
kernel-linus-source-5.10.60-1.mga8-1-1.mga8.noarch.rpm
kernel-linus-source-latest-5.10.60-1.mga8.noarch.rpm



x86_64:
kernel-linus-5.10.60-1.mga8-1-1.mga8.x86_64.rpm
kernel-linus-devel-5.10.60-1.mga8-1-1.mga8.x86_64.rpm
kernel-linus-devel-latest-5.10.60-1.mga8.x86_64.rpm
kernel-linus-doc-5.10.60-1.mga8.noarch.rpm
kernel-linus-latest-5.10.60-1.mga8.x86_64.rpm
kernel-linus-source-5.10.60-1.mga8-1-1.mga8.noarch.rpm
kernel-linus-source-latest-5.10.60-1.mga8.noarch.rpm
Comment 1 Thomas Backlund 2021-08-20 20:06:12 CEST 
Advisory, added to svn:

type: security
subject: Updated kernel-linus packages fix security vulnerabilities
CVE:
 - CVE-2021-3653
 - CVE-2021-3656
 - CVE-2021-38205
src:
  8:
   core:
     - kernel-linus-5.10.60-1.mga8
description: |
  This kernel-linus update is based on upstream 5.10.60 and fixes atleast
  the following security issues:

  A missing validation of the "int_ctl" VMCB field allows a malicious L1
  guest to enable AVIC support (Advanced Virtual Interrupt Controller)
  for the L2 guest. The L2 guest is able to write to a limited but still
  relatively large subset of the host physical memory, resulting in a
  crash of the entire system, leak of sensitive data or potential
  guest-to-host escape (CVE-2021-3653).

  A missing validation of the the "virt_ext" VMCB field and allows a
  malicious L1 guest to disable both VMLOAD/VMSAVE intercepts and VLS
  (Virtual VMLOAD/VMSAVE) for the L2 guest. Under these circumstances,
  the L2 guest is able to run VMLOAD/VMSAVE unintercepted, and thus
  read/write portions of the host physical memory, resulting in a
  crash of the entire system, leak of sensitive data or potential
  guest-to-host escape (CVE-2021-3656).

  drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before
  5.13.3 makes it easier for attackers to defeat an ASLR protection
  mechanism because it prints a kernel pointer ().

  For other upstream fixes, see the referenced changelogs.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=29385
 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.57
 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.58
 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.59
 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.60

Keywords: (none) => advisory

Comment 2 Len Lawrence 2021-08-21 21:13:51 CEST 
Quad Core Intel Core i7-4790
Kernel: 5.10.60-1.mga8 x86_64
NVIDIA GM204 [GeForce GTX 970]

Linus kernel installed without problems.  Rebuilt nvidia-current and virtualbox driver.
NFS shares and NAS drive available at login.  No problems noted but bluetooth took a little time to set up.  This time a device search found the portable audio device and managed to pair.
Leaving this running for a few days.

CC: (none) => tarazed25

Thomas Backlund 2021-08-23 06:58:28 CEST

Whiteboard: (none) => MGA8-64-OK
Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 3 Mageia Robot 2021-08-23 07:30:06 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2021-0410.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED