Bug 30475

Advisory, added to svn:

type: security
subject: Updated kernel packages fix security vulnerabilities
CVE:
 - CVE-2022-1729
 - CVE-2022-1789
 - CVE-2022-21499
src:
  8:
   core:
     - kernel-5.15.43-1.mga8
     - kmod-virtualbox-6.1.34-1.8.mga8
     - kmod-xtables-addons-3.20-1.4.mga8
description: |
  This kernel update is based on upstream 5.15.43 and fixes at least the
  following security issues:

  A race condition in the perf subsystem allows for a local privilege
  escalation. NOTE: Mageia kernels by default has disabled the perf usage
  for unprivileged users, effectively rendering this vulnerability harmless
  (CVE-2022-1729).

  KVM: x86/mmu: fix NULL pointer dereference on guest INVPCID
  (CVE-2022-1789).

  Kernel could allow a remote attacker to bypass security restrictions,
  caused by a lockdown break issue. By sending a specially-crafted request
  using the kernel debugger, an attacker could exploit this vulnerability
  to perform read and write access to kernel memory (CVE-2022-21499).

  Other fixes in this update:
  - ice: fix crash at allocation failure

  For other upstream fixes, see the referenced changelogs.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=30475
 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.42
 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.43

Keywords: (none) => advisory

New hardware:
Kernel: 5.15.43-desktop-1.mga8 x86_64
System: XDO.AI product: Pantera Pico PC
Mobo: XDO Trade model: XDO Trade Co., LTD
Quad Core Intel Celeron J4125 [MCP]
Intel GeminiLake [UHD Graphics 600] driver: i915
OpenGL: renderer: Mesa Intel UHD Graphics 600 (GLK 2)
Intel Gemini Lake PCH CNVi WiFi driver: iwlwifi
Memory: 7.59 GiB

No problems in Mate AFAICS.  Not installing Virtualbox - not enough resources.
NFS shares mounted successfully.  Bluetooth connected portable audio device as soon as it was switched on.  ping on LAN devices works.
$ cpupower -c all frequency-info
returns information for all four cores.
Ran stress a couple of times and glmark2.

Have to retract "No problems".  Looks like this system is seriously underpowered.  It seems to slow down after a few minutes use to the extent that it cannot keep up with my slow typing speed.  Or maybe something else is wrong.  In the past this sort of problem could be attributed to low batteries or possibly some failure at the USB end.  Here the keyboard mouse combo transmits wireless to the USB 1.0 port. 
$ lsusb
Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
Bus 001 Device 005: ID 8087:0aaa Intel Corp. Bluetooth 9460/9560 Jefferson Peak (JfP)
Bus 001 Device 003: ID 0bda:0129 Realtek Semiconductor Corp. RTS5129 Card Reader Controller
Bus 001 Device 004: ID 046d:c534 Logitech, Inc. Unifying Receiver
Bus 001 Device 002: ID 05e3:0608 Genesys Logic, Inc. Hub
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub

CC: (none) => tarazed25

HP Probook 6550b, i3, Intel graphics, Intel wifi, MGA8-64 Plasma system.

No installation issues, and no issues noted after reboot, so far. Firefox, vlc, Thunderbird, VirtualBox all OK. 

Did a quick, non-thorough test in a vbox MGA8 -64 guest, also OK.

CC: (none) => andrewsfarm

Desktop computer, Plasma x86_64, AMD Ryzen

No issue so far. 

Installation using QArepo
=========================
```
  Paquetage                      Version      Révision      Arch    
(média « QA Testing (64-bit) »)
  cpupower                       5.15.43      1.mga8        x86_64  
  kernel-desktop-5.15.43-1.mga8  1            1.mga8        x86_64  
  kernel-desktop-latest          5.15.43      1.mga8        x86_64  
  kernel-userspace-headers       5.15.43      1.mga8        x86_64  
  lib64bpf0                      5.15.43      1.mga8        x86_64  
  virtualbox-kernel-5.15.43-des> 6.1.34       1.8.mga8      x86_64  
  virtualbox-kernel-desktop-lat> 6.1.34       1.8.mga8      x86_64  
```

TESTS
=====
```
browser: ok
tunderbird: ok
nextcloud-client: ok
sound: ok
webcam: ok
virtualbox: ok
solaar (logitech mouse and keyboard): ok
Bluetooth: ok
boinc with openCL: ok
mock: ok
signal-desktop (Mageia package): ok
schildichat matrix client (Mageia package): ok
psensor / sensors-detect: ok  (GPU fan speed still off but not worse, not better)
libreoffice with openCL: ok
```

SYSTEM CONFIGURATION
====================

```
System:    Host: cbct-desk Kernel: 5.15.43-desktop-1.mga8 x86_64 bits: 64 Desktop: KDE Plasma 5.20.4 
           Distro: Mageia 8 mga8 
Machine:   Type: Desktop System: ASUS product: N/A v: N/A serial: <superuser required> 
           Mobo: ASUSTeK model: TUF GAMING B550M-PLUS v: Rev X.0x serial: <superuser required> 
           UEFI: American Megatrends v: 2423 date: 08/10/2021 
CPU:       Info: 12-Core model: AMD Ryzen 9 5900X bits: 64 type: MT MCP L2 cache: 6 MiB 
           Speed: 3459 MHz min/max: 2200/3700 MHz Core speeds (MHz): 1: 3459 2: 2929 3: 2810 4: 2814 5: 3235 
           6: 3219 7: 4327 8: 3260 9: 3623 10: 3665 11: 2239 12: 3589 13: 3497 14: 2540 15: 2965 16: 2641 
           17: 2690 18: 3402 19: 2884 20: 4483 21: 2557 22: 3367 23: 3040 24: 3317 
Graphics:  Device-1: Advanced Micro Devices [AMD/ATI] Ellesmere [Radeon RX 470/480/570/570X/580/580X/590] 
           driver: amdgpu v: kernel 
           Display: x11 server: Mageia X.org 1.20.14 driver: amdgpu,v4l resolution: 2560x1440~60Hz 
           OpenGL: renderer: AMD Radeon RX 570 Series (POLARIS10 DRM 3.42.0 5.15.43-desktop-1.mga8 LLVM 11.0.1) 
           v: 4.6 Mesa 21.3.8 
Audio:     Device-1: AMD Ellesmere HDMI Audio [Radeon RX 470/480 / 570/580/590] driver: snd_hda_intel 
           Device-2: Advanced Micro Devices [AMD] Starship/Matisse HD Audio driver: snd_hda_intel 
           Device-3: Logitech HD Webcam C525 type: USB driver: snd-usb-audio,uvcvideo 
           Sound Server: ALSA v: k5.15.43-desktop-1.mga8 
Network:   Device-1: Realtek RTL8125 2.5GbE driver: r8169 
           IF: enp6s0 state: up speed: 1000 Mbps duplex: full mac: f0:2f:74:2e:5b:c5 
Drives:    Local Storage: total: 1.59 TiB used: 750.56 GiB (46.0%) 
           ID-1: /dev/nvme0n1 vendor: Seagate model: FireCuda 520 SSD ZP500GM30002 size: 465.76 GiB 
           ID-2: /dev/sda vendor: Western Digital model: WD10EZEX-00RKKA0 size: 931.51 GiB 
           ID-3: /dev/sdb vendor: Samsung model: SSD 850 EVO 250GB size: 232.89 GiB 
Partition: ID-1: / size: 83.11 GiB used: 34.46 GiB (41.5%) fs: ext4 dev: /dev/nvme0n1p2 
           ID-2: /home size: 369.38 GiB used: 186.21 GiB (50.4%) fs: ext4 dev: /dev/nvme0n1p4 
Swap:      ID-1: swap-1 type: file size: 16 GiB used: 0 KiB (0.0%) file: /swapfile 
           ID-2: swap-2 type: partition size: 3.91 GiB used: 768 KiB (0.0%) dev: /dev/nvme0n1p3 
Sensors:   System Temperatures: cpu: 41.5 C mobo: 38.0 C gpu: amdgpu temp: 49.0 C 
           Fan Speeds (RPM): fan-1: 938 fan-2: 906 fan-3: 0 fan-7: 736 gpu: amdgpu fan: 934 

```

CC: (none) => chb0

mga8-64 OK here; 

Hardware:  My workstation "svarten": Mainboard: Sabertooth P67, CPU: i7-3770, RAM 16G, GM107 [GeForce GTX 750] using nvidia-current; GeForce 635 series and later, 4k display.  Disk&Filesystem: SSD with /boot/EFI and ext4 /boot, LUKS{LVM {swap, ext4 /home & / } and a spinner at /mnt/spinner

$ uname -a
Linux svarten.tribun 5.15.43-desktop-1.mga8 #1 SMP Wed May 25 20:17:13 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux

dkms status tells OK for nvidia and VirtualBox

BOINC detects CUDA and OpenCL

Tested:  Plasma desktop; using Thunderbird, LibreOffice, Ktorrent, Nextcloud client, Syncthing, Firefox ESR with video (slow), flatpak Firefox, java program FriBOK, ... 

Tests OK as VirtualBox Host:

Guest 1: my usual MSW7pro-64, tests OK: dynamic guest window resizing, bidirectional clipboard, host shared folders write protected and not, USB2  memory stick read&write (using upstream extension pack), video playing in Firefox and Chrome. 

Guest 2: OK: BOINC LHC@home ATLAS simulation virtual machine 7CPU.

CC: (none) => fri

ASUS Laptop - xfce
N4000 - celeron
UHD Graphics 600 (integrated)
Gemini Lake Wifi


The following 5 packages are going to be installed:

- cpupower-5.15.43-1.mga8.x86_64
- kernel-desktop-5.15.43-1.mga8-1-1.mga8.x86_64
- kernel-desktop-latest-5.15.43-1.mga8.x86_64
- kernel-userspace-headers-5.15.43-1.mga8.x86_64
- lib64bpf0-5.15.43-1.mga8.x86_64

76MB of additional disk space will be used.

-- rebooted

$ uname -a
Linux localhost 5.15.43-desktop-1.mga8 #1 SMP Wed May 25 20:17:13 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux

- wifi works
- firefox working properly
- sound/video are good
- suspend works

CC: (none) => brtians1

Pico Pantera system re comment 2:
Rebooted to the server kernel with fewer workspaces and terminals.  So far so good.

5.15.43-desktop-1.mga8  x86_64

Tried on three Intel systems, two with nvidia graphics.
No regressions so far.  Virtualbox running fine on the nvidia systems.

Kernel: 5.15.43-server-1.mga8 x86_64
Quad Core Intel Core i7-4790 [MT MCP]
NVIDIA GM204 [GeForce GTX 970] driver: nvidia 470.129.06

No problems in Mate.  Bluetooth connection to audio device worked right away.
Youtube videos in Firefox.  LO writer, Virtualbox with NAS and NFS, Free-to-air TV, glmark2, stellarium, vlc video, OpenCPN, gimp, ristretto, all good.

Created attachment 13276 [details]
Journal extract showing segfault

This is in an x86_64 guest. I'd run some basic tests, switched to an i586 guest
running on the same host. When I came back to the x86_64 guest, it was not
responsive. After resetting the guest, extracted the relevant journal entries from
journalctl -b -1.

CC: (none) => davidwhodgins

I tried to recreate the situation that caused the segfault with no success.

MGA 64 Core I3 6Go RAM, GeForce 520M driver 390. Driver Braidcom nonfree.

Updated with QA repo ans rpms:

cpupower                       5.15.43      1.mga8        x86_64  
kernel-desktop-5.15.43-1.mga8  1            1.mga8        x86_64  
kernel-desktop-devel-5.15.43-> 1            1.mga8        x86_64  
kernel-desktop-devel-latest    5.15.43      1.mga8        x86_64  
kernel-desktop-latest          5.15.43      1.mga8        x86_64  
kernel-userspace-headers       5.15.43      1.mga8        x86_64  
lib64bpf0                      5.15.43      1.mga8        x86_64  
virtualbox-kernel-5.15.43-des> 6.1.34       1.8.mga8      x86_64  
virtualbox-kernel-desktop-lat> 6.1.34       1.8.mga8      x86_64

No issues after reboot.
VM (MGA Cauldron) Ok, 
Sound OK, 
Wi-fi connection Ok, 
switching with mageia-prime Ok
Internet Browsing Ok

CC: (none) => guillaume.royer

Other then the one virtualbox x86_64 guest segfault that I cannot recreate, no
other regressions noticed on my two x86_64, one aarch64 rpi 4b systems or in the
i586 and x86_64 guests.

Foolishness, a Dell Inspiron 5100, P4, AMD RV200 graphics, ath3k wifi, MGA8-32 Xfce, using the desktop kernel.

All looks good here.

AMD Phenom II X4 910, AMD HD 8490 graphics, ath9k and rtl8192eu wifi, mga8-64 Plasma system.

No installation issues. rtl8192eu and virtualbox kernel modules successfully built and installed. After reboot, everything looks OK.

On M8 hardware in a Vbox client, M8, Xfce, 32-bit

clear
uname -a
urpmi kernel-desktop-latest
urpmi kernel-userspace-headers
urpmi cpupower
urpmi virtualbox-guest-additions

Linux localhost 5.15.41-desktop586-1.mga8 #1 SMP Wed May 18 18:39:20 UTC 2022 i686 i686 i386 GNU/Linux
Package kernel-desktop-latest-5.15.41-1.mga8.i586 is already installed
Package kernel-userspace-headers-5.15.41-1.mga8.i586 is already installed
Package cpupower-5.15.41-1.mga8.i586 is already installed
Package virtualbox-guest-additions-6.1.34-1.2.mga8.i586 is already installed

Boots to a working desktop. Screen resolution is correct. Common apps work.

install updates from from update_testing:

clear
uname -a
urpmi --auto kernel-desktop-latest
urpmi --auto kernel-userspace-headers
urpmi --auto cpupower
urpmi --auto virtualbox-guest-additions
 
Reboot system.

Linux localhost 5.15.43-desktop-1.mga8 #1 SMP Wed May 25 20:44:45 UTC 2022 i686 i686 i386 GNU/Linux
Package kernel-desktop-latest-5.15.43-1.mga8.i586 is already installed
Package kernel-userspace-headers-5.15.43-1.mga8.i586 is already installed
Package cpupower-5.15.43-1.mga8.i586 is already installed
Package virtualbox-guest-additions-6.1.34-1.2.mga8.i586 is already installed

Boots to a working desktop. Screen resolution is correct. Common apps work.

CC: (none) => wilcal.int

On M8 hardware in a Vbox client, M8, Plasma, 64-bit

clear
uname -a
urpmi kernel-desktop-latest
urpmi kernel-userspace-headers
urpmi cpupower
urpmi virtualbox-guest-additions

Linux localhost 5.15.41-desktop-1.mga8 #1 SMP Wed May 18 18:38:51 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
Package kernel-desktop-latest-5.15.41-1.mga8.x86_64 is already installed
Package kernel-userspace-headers-5.15.41-1.mga8.x86_64 is already installed
Package cpupower-5.15.41-1.mga8.x86_64 is already installed
Package virtualbox-guest-additions-6.1.34-1.2.mga8.x86_64 is already installed

Boots to a working desktop. Screen resolution is correct. Common apps work.

install updates from from update_testing:

clear
uname -a
urpmi --auto kernel-desktop-latest
urpmi --auto kernel-userspace-headers
urpmi --auto cpupower
urpmi --auto virtualbox-guest-additions

Reboot system.

Linux localhost 5.15.43-desktop-1.mga8 #1 SMP Wed May 25 20:17:13 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
Package kernel-desktop-latest-5.15.43-1.mga8.x86_64 is already installed
Package kernel-userspace-headers-5.15.43-1.mga8.x86_64 is already installed
Package cpupower-5.15.43-1.mga8.x86_64 is already installed
Package virtualbox-guest-additions-6.1.34-1.2.mga8.x86_64 is already installed

Boots to a working desktop. Screen resolution is correct. Common apps work.

On real hardware, M8, Plasma, 64-bit

Packages checked:

clear
uname -a
urpmi kernel-desktop-latest
urpmi virtualbox
urpmi x11-driver-video-vboxvideo
urpmi kernel-desktop-devel-latest
urpmi kernel-userspace-headers
urpmi cpupower
urpmi virtualbox-kernel-desktop-latest
urpmi dkms-virtualbox

Linux localhost 5.15.41-desktop-1.mga8 #1 SMP Wed May 18 18:38:51 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
Package kernel-desktop-latest-5.15.41-1.mga8.x86_64 is already installed
Package virtualbox-6.1.34-1.2.mga8.x86_64 is already installed
Package x11-driver-video-vboxvideo-1.0.0-6.mga8.x86_64 is already installed
Package kernel-desktop-devel-latest-5.15.41-1.mga8.x86_64 is already installed
Package kernel-userspace-headers-5.15.41-1.mga8.x86_64 is already installed
Package cpupower-5.15.41-1.mga8.x86_64 is already installed
Package virtualbox-kernel-desktop-latest-6.1.34-1.7.mga8.x86_64 is already installed
Package dkms-virtualbox-6.1.34-1.2.mga8.x86_64 is already installed
[root@localhost wilcal]# lspci -k
00:02.0 VGA compatible controller: Intel Corporation Iris Plus Graphics G1 (Ice Lake) (rev 07)
        DeviceName: To Be Filled by O.E.M.
        Subsystem: Dell Device 097c
        Kernel driver in use: i915
        Kernel modules: i915

Boots to working desktop

M8   i586   Vbox Xfce   Client, boots to a working desktop - Screen size correct
M8   x86_64 Vbox Plasma Client, boots to a working desktop - Screen size correct

install updates from from update_testing:

clear
uname -a
urpmi --auto kernel-desktop-latest
urpmi --auto virtualbox
urpmi --auto x11-driver-video-vboxvideo
urpmi --auto kernel-desktop-devel-latest
urpmi --auto kernel-userspace-headers
urpmi --auto cpupower
urpmi --auto virtualbox-kernel-desktop-latest
urpmi --auto dkms-virtualbox

reboot system
        
Linux localhost 5.15.43-desktop-1.mga8 #1 SMP Wed May 25 20:17:13 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
Package kernel-desktop-latest-5.15.43-1.mga8.x86_64 is already installed
Package virtualbox-6.1.34-1.2.mga8.x86_64 is already installed
Package x11-driver-video-vboxvideo-1.0.0-6.mga8.x86_64 is already installed
Package kernel-desktop-devel-latest-5.15.43-1.mga8.x86_64 is already installed
Package kernel-userspace-headers-5.15.43-1.mga8.x86_64 is already installed
Package cpupower-5.15.43-1.mga8.x86_64 is already installed
Package virtualbox-kernel-desktop-latest-6.1.34-1.8.mga8.x86_64 is already installed
Package dkms-virtualbox-6.1.34-1.2.mga8.x86_64 is already installed
[root@localhost wilcal]# lspci -k
00:02.0 VGA compatible controller: Intel Corporation Iris Plus Graphics G1 (Ice Lake) (rev 07)
        DeviceName: To Be Filled by O.E.M.
        Subsystem: Dell Device 097c
        Kernel driver in use: i915
        Kernel modules: i915

M8   i586   Vbox Xfce   Client, boots to a working desktop - Screen size correct
M8   x86_64 Vbox Plasma Client, boots to a working desktop - Screen size correct

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2022-0212.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED