Bug 29961

Summary: Update request: kernel-linus-5.15.18-1.mga8
Product: Mageia Reporter: Thomas Backlund <tmb>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: herman.viaene, sysadmin-bugs, tarazed25
Version: 8Keywords: advisory, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA8-64-OK
Source RPM: kernel-linus CVE:
Status comment:

Description Thomas Backlund 2022-01-29 18:13:55 CET 
Security and bugfixes....

SRPM:
kernel-linus-5.15.18-1.mga8.src.rpm


i586:
kernel-linus-5.15.18-1.mga8-1-1.mga8.i586.rpm
kernel-linus-devel-5.15.18-1.mga8-1-1.mga8.i586.rpm
kernel-linus-devel-latest-5.15.18-1.mga8.i586.rpm
kernel-linus-doc-5.15.18-1.mga8.noarch.rpm
kernel-linus-latest-5.15.18-1.mga8.i586.rpm
kernel-linus-source-5.15.18-1.mga8-1-1.mga8.noarch.rpm
kernel-linus-source-latest-5.15.18-1.mga8.noarch.rpm


x86_64:
kernel-linus-5.15.18-1.mga8-1-1.mga8.x86_64.rpm
kernel-linus-devel-5.15.18-1.mga8-1-1.mga8.x86_64.rpm
kernel-linus-devel-latest-5.15.18-1.mga8.x86_64.rpm
kernel-linus-doc-5.15.18-1.mga8.noarch.rpm
kernel-linus-latest-5.15.18-1.mga8.x86_64.rpm
kernel-linus-source-5.15.18-1.mga8-1-1.mga8.noarch.rpm
kernel-linus-source-latest-5.15.18-1.mga8.noarch.rpm
Comment 1 Len Lawrence 2022-01-29 21:14:07 CET 
The linus kernel is working fine on this system:
Kernel: 5.15.18-1.mga8 x86_64
Quad Core Intel Core i7-4790
NVIDIA GM204 [GeForce GTX 970] : nvidia 470.94
NFS, NAS, audio, video, bluetooth all working.
No issues with the desktop.

CC: (none) => tarazed25

Comment 2 Herman Viaene 2022-01-31 14:31:26 CET 
MGA8-64 Plasma on Lenovo B50 in Dutch
Installed server option.
Checked wifi, access to nfs shares, different file types, all seems OK.

CC: (none) => herman.viaene

Comment 3 Thomas Backlund 2022-01-31 15:48:43 CET 
Advisory, added to svn..

type: security
subject: Updated kernel-linus packages fix security vulnerabilities
CVE:
 - CVE-2022-0330
 - CVE-2022-22942
src:
  8:
   core:
     - kernel-linus-5.15.18-1.mga8
description: |
  This kernel-linus update is based on upstream 5.15.18 and fixes atleast the
  following security issues:

  A random memory access flaw was found in the Linux kernels GPU i915 kernel
  driver functionality in the way a user may run malicious code on the GPU.
  This flaw allows a local user to crash the system or escalate their
  privileges on the system (CVE-2022-0330).

  A use-after-free flaw was found in the Linux kernels
  vmw_execbuf_copy_fence_user function in drivers/gpu/drm/vmwgfx/
  vmwgfx_execbuf.c in vmwgfx. This flaw allows a local attacker with user
  privileges to cause a privilege escalation problem (CVE-2022-22942).

  For other upstream fixes, see the referenced changelogs.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=29961
 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.17
 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.18

Keywords: (none) => advisory

Comment 4 Thomas Backlund 2022-02-01 15:39:35 CET 

Thanks for the tests, flushing out

Whiteboard: (none) => MGA8-64-OK
CC: (none) => sysadmin-bugs
Keywords: (none) => validated_update

Comment 5 Mageia Robot 2022-02-01 16:27:29 CET 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2022-0042.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED