| Summary: | Update request: kernel-5.10.75-1.mga8 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Thomas Backlund <tmb> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | andrewsfarm, brtians1, fri, guillaume.royer, herman.viaene, mageia, sysadmin-bugs, westel |
| Version: | 8 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA8-64-OK, MGA8-32-OK | ||
| Source RPM: | kernel | CVE: | |
| Status comment: | |||
| Bug Depends on: | 29566 | ||
| Bug Blocks: | |||
|
Description
Thomas Backlund
2021-10-20 21:18:40 CEST
Mga8-64 OK here
Disabled backports repos and
$ sudo urpmi --downgrade cpupower kernel-userspace-headers
In drakrpm i selected 5.10.75-1 of kernel-desktop & kernel-desktop-devel
reboot
$ uname -a
Linux svarten.tribun 5.10.70-desktop-1.mga8 #1 SMP Thu Sep 30 09:41:26 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
dkms status tells me nvidia-current is OK.
BOINC detects CUDA and OpenCL
Hardware: My workstation "svarten": Mainboard: Sabertooth P67, CPU: i7-3770, RAM 16G, GM107 [GeForce GTX 750] using nvidia-current; GeForce 635 series and later, 4k display. Disk&Filesystem: SSD with /boot/EFI and ext4 /boot, LUKS{LVM {swap, ext4 /home & / } and a spinner at /mnt/spinner
Tested: Plasma desktop; using Thunderbird, LibreOffice, Ktorrent, Nextcloud client, Firefox ESR, flatpak Firefox...
Stress test: While working with other things BOINC use all cores to 100%, videos do not stutter in Chromium, nor Firefox ESR but do in flatpak version.CC:
(none) =>
fri Asus T100TA all DEinstall, Plasma DE Intel(R) Atom(TM) CPU Z3740 @ 1.33GHz uname -r 5.10.70-desktop-1.mga8 # urpmi cpupower kernel-desktop-latest To satisfy dependencies, the following packages are going to be installed: Package Version Release Arch (medium "Core Updates Testing (distrib50)") cpupower 5.10.75 1.mga8 x86_64 kernel-desktop-5.10.75-1.mga8 1 1.mga8 x86_64 kernel-desktop-latest 5.10.75 1.mga8 x86_64 73MB of additional disk space will be used. 65MB of packages will be retrieved. Proceed with the installation of the 3 packages? (Y/n) y Creating: target|kernel|dracut args|basicmodules defaulting background resolution to 1600x1200 You should restart your computer for kernel-desktop-5.10.75-1.mga8 uname -r 5.10.75-desktop-1.mga8 wifi up at desktop presentation ff ok youtube sound and video -ok USB stick detected and popup. avi. file playback from usb sound and video ok touchscreen - ok reboot no holdups CC:
(none) =>
westel MGA8-64 Plasma on Lenovo B50 No installation issues. Wifi OK,no ethernet connection on this laptop, internet connection no particular complaint on its speed. NFS access works but copying large files (120-230 Mb) is slow. The larger one taking about 6 min, whch is not normal on my LAN. Different file types all OK. The NFS access may be a local accident. CC:
(none) =>
herman.viaene Installed and tested on a QEMU/KVM VM without issues. Tested several applications. Tested audio, video, OpenGL, desktop resizing, copy & paste to/from host, host FS mount, wireguard VPN. All worked. System VM: Mageia 8, x86_64, LXQt DE, virtio drivers. $ uname -a Linux marte-vm-mageia-8 5.10.75-desktop-1.mga8 #1 SMP Wed Oct 20 10:23:35 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux $ rpm -qa | grep 5.10.75 kernel-userspace-headers-5.10.75-1.mga8 cpupower-5.10.75-1.mga8 kernel-desktop-5.10.75-1.mga8-1-1.mga8 kernel-desktop-latest-5.10.75-1.mga8 perf-5.10.75-1.mga8 $ rpm -q wireguard-tools wireguard-tools-1.0.20210424-1.mga8 $ wg show interface: wg0 public key: <SNIP> private key: (hidden) listening port: 60820 peer: <SNIP> preshared key: (hidden) endpoint: 192.168.1.64:60820 allowed ips: fd00::1/128, 10.0.0.1/32 latest handshake: 1 second ago transfer: 440 B received, 808 B sent persistent keepalive: every 25 seconds peer: <SNIP> preshared key: (hidden) endpoint: 192.168.1.68:60820 allowed ips: fd00::2/128, 10.0.0.2/32 transfer: 1.53 KiB received, 3.32 KiB sent persistent keepalive: every 25 seconds CC:
(none) =>
mageia MGA8-64, Xfce, Toshiba L775 Laptop (ancient) AMD A6-3420M APU RTL8188CE 802.11b/g/n Bluetooth BCM20702A0 Kernel-desktop-latest cpupower installed --- rebootted spent about a full 24 hours using it. bluetooth, wifi,audio all work. system seems to be functioning as expected. CC:
(none) =>
brtians1 MGA8 XFCE 64 Core I3 4Go RAM, Nvidia Geforce 520M with Optimus Technology. Driver 390 nonfree, Driver Broadcom WL nonfree. Updated with QA Repo anf RPMs: cpupower 5.10.75 1.mga8 x86_64 kernel-desktop-5.10.75-1.mga8 1 1.mga8 x86_64 kernel-desktop-devel-5.10.75-> 1 1.mga8 x86_64 kernel-desktop-devel-latest 5.10.75 1.mga8 x86_64 kernel-desktop-latest 5.10.75 1.mga8 x86_64 kernel-userspace-headers 5.10.75 1.mga8 x86_64 No issues after reboot. Switch Nvidia graphic card with Mageia-prime OK. CC:
(none) =>
guillaume.royer MGA8-64, Gnome, Asus Laptop AMD A6-9225 RADEON R4 RTL8723BE Bluetooth The following 3 packages are going to be installed: - cpupower-5.10.75-1.mga8.x86_64 - kernel-desktop-5.10.75-1.mga8-1-1.mga8.x86_64 - kernel-desktop-latest-5.10.75-1.mga8.x86_64 --- rebooted $ uname -a Linux localhost.localdomain 5.10.75-desktop-1.mga8 #1 SMP Wed Oct 20 10:23:35 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux - all utilities are working and programs - bluetooth, wifi, sound - suspends and wakes up fine working as designed. AMD x2-3800, 6150le (nouveau) used a nextcloud test server The following 3 packages are going to be installed: - cpupower-5.10.75-1.mga8.i586 - kernel-server-5.10.75-1.mga8-1-1.mga8.i586 - kernel-server-latest-5.10.75-1.mga8.i586 ---rebooted $ uname -a Linux localhost.localdomain 5.10.75-server-1.mga8 #1 SMP Wed Oct 20 12:53:54 UTC 2021 i686 i686 i386 GNU/Linux - nextcloud server - working - firefox working - video working virtualbox kmods: SRPM: kmod-virtualbox-6.1.28-1.2.mga8.src.rpm x86_64: virtualbox-kernel-5.10.75-desktop-1.mga8-6.1.28-1.2.mga8.x86_64.rpm virtualbox-kernel-5.10.75-server-1.mga8-6.1.28-1.2.mga8.x86_64.rpm virtualbox-kernel-desktop-latest-6.1.28-1.2.mga8.x86_64.rpm virtualbox-kernel-server-latest-6.1.28-1.2.mga8.x86_64.rpm
Advisory, added to svn:
type: security
subject: Updated kernel packages fix security vulnerabilities
CVE:
- CVE-2021-3744
- CVE-2021-3764
- CVE-2021-20321
- CVE-2021-41864
src:
8:
core:
- kernel-5.10.75-1.mga8
- kmod-virtualbox-6.1.28-1.2.mga8
- kmod-xtables-addons-3.18-1.25.mga8
description: |
This kernel update is based on upstream 5.10.75 and fixes atleast the
following security issues:
A memory leak in the ccp_run_aes_gcm_cmd() function in drivers/crypto/
ccp/ccp-ops.c in the Linux kernel allows malicious users to cause a
denial of service (memory consumption) (CVE-2021-3744).
A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd()
function that allows an malicious user to cause a denial of service
(CVE-2021-3764).
A race condition accessing file object in the Linux kernel OverlayFS
subsystem was found in the way users do rename in specific way with
OverlayFS. A local user could use this flaw to crash the system
(CVE-2021-20321).
prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel
through 5.14.9 allows unprivileged users to trigger an eBPF multiplication
integer overflow with a resultant out-of-bounds write (CVE-2021-41864).
For other upstream fixes, see the referenced changelogs.
references:
- https://bugs.mageia.org/show_bug.cgi?id=29571
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.71
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.72
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.73
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.74
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.75Keywords:
(none) =>
advisory mga8-64, i7 8 thread, plasma, nvidia-curent - same system as comment 2. Installed virtualbox-kernel-5.10.75-desktop-1.mga8-6.1.28-1.2.mga8.x86_64.rpm and rebooted, kernel kernel-5.10.75-desktop-1 in use. Virtualbox-6.1.28-1 of Bug 29566, and extension pack from upstream Guest is my usual MSW7pro 64 bit, same tests as I use to perform: Dynamically resizing guest window by mouse Shared clipboard, bidirectional Shared folders bidirectional read/write copying, and readonly works correctly. Drag a file from host Dolphin to guest Explorer USB2: flash stick Sound, Internet, performance: video in Firefox, while BOINC work to 100% No glitches observed at my usage.
Thomas Backlund
2021-10-25 17:17:43 CEST
Whiteboard:
(none) =>
MGA8-64-OK, MGA8-32-OK An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2021-0489.html Status:
NEW =>
RESOLVED Late to the party, but... HP Probook 6550b, i3, Intel graphics, Intel wifi, 64-bit Plasma system. Waited to try this until after the new kmods were available. The following 6 packages are going to be installed: - cpupower-5.10.75-1.mga8.x86_64 - kernel-desktop-5.10.75-1.mga8-1-1.mga8.x86_64 - kernel-desktop-latest-5.10.75-1.mga8.x86_64 - kernel-userspace-headers-5.10.75-1.mga8.x86_64 - virtualbox-kernel-5.10.75-desktop-1.mga8-6.1.28-1.2.mga8.x86_64 - virtualbox-kernel-desktop-latest-6.1.28-1.2.mga8.x86_64 After the reboot, no issues noted. CC:
(none) =>
andrewsfarm |