| Summary: | Update request: kernel-linus-5.15.50-1.mga8 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Thomas Backlund <tmb> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | sysadmin-bugs, tarazed25 |
| Version: | 8 | Keywords: | advisory, validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | MGA8-64-OK | ||
| Source RPM: | kernel-linus | CVE: | |
| Status comment: | |||
|
Description
Thomas Backlund
2022-06-18 19:47:54 CEST
5.15.48-1.mga8 x86_64 10-Core Intel Core i9-7900X NVIDIA GP102 [GeForce GTX 1080 Ti] driver: nvidia v: 470.129.06 Intel Ethernet I219-V driver: e1000e Memory: 31.05 GiB No installation issues. NFS shares and NAS mounted. Graphics working OK. virtualbox-6.1.34-1.5.mga8 VirtualBox running OK. 64-bit Mageia client launched. 268 scheduled updates installed. Bi-directional clipboard working. Drag-and-drop to host starts up but never finishes. No USB configured. Looks good so far; leaving it to run for a while. CC:
(none) =>
tarazed25
Advisory, added to svn:
type: security
subject: Updated kernel-linus packages fix security vulnerabilities
CVE:
- CVE-2022-21123
- CVE-2022-21125
- CVE-2022-21127
- CVE-2022-21166
src:
8:
core:
- kernel-linus-5.15.48-1.mga8
description: |
This kernel update-linus is based on upstream 5.15.48 and fixes at least the
following security issues:
Incomplete cleanup of multi-core shared buffers for some Intel Processors
may allow an authenticated user to potentially enable information disclosure
via local access (CVE-2022-21123).
Incomplete cleanup of microarchitectural fill buffers on some Intel
Processors may allow an authenticated user to potentially enable information
disclosure via local access (CVE-2022-21125).
Incomplete cleanup in specific special register read operations for some
Intel Processors may allow an authenticated user to potentially enable
information disclosure via local access (CVE-2022-21127, CVE-2022-21166).
For other upstream fixes, see the referenced changelogs.
references:
- https://bugs.mageia.org/show_bug.cgi?id=30564
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.47
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.48
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.htmlKeywords:
(none) =>
advisory putting on hold for another needed fix Whiteboard:
(none) =>
feedback new sets of kernels... SRPM: kernel-linus-5.15.50-1.mga8.src.rpm i586: kernel-linus-5.15.50-1.mga8-1-1.mga8.i586.rpm kernel-linus-devel-5.15.50-1.mga8-1-1.mga8.i586.rpm kernel-linus-devel-latest-5.15.50-1.mga8.i586.rpm kernel-linus-doc-5.15.50-1.mga8.noarch.rpm kernel-linus-latest-5.15.50-1.mga8.i586.rpm kernel-linus-source-5.15.50-1.mga8-1-1.mga8.noarch.rpm kernel-linus-source-latest-5.15.50-1.mga8.noarch.rpm x86_64: kernel-linus-5.15.50-1.mga8-1-1.mga8.x86_64.rpm kernel-linus-devel-5.15.50-1.mga8-1-1.mga8.x86_64.rpm kernel-linus-devel-latest-5.15.50-1.mga8.x86_64.rpm kernel-linus-doc-5.15.50-1.mga8.noarch.rpm kernel-linus-latest-5.15.50-1.mga8.x86_64.rpm kernel-linus-source-5.15.50-1.mga8-1-1.mga8.noarch.rpm kernel-linus-source-latest-5.15.50-1.mga8.noarch.rpm Summary:
Update request: kernel-linus-5.15.48-1.mga8 =>
Update request: kernel-linus-5.15.50-1.mga8 Kernel: 5.15.50-1.mga8 x86_64 MATE Quad Core Intel Core i7-4790 Linus kernel working fine. bluetooth audio works out of the box. virtualbox-6.1.34-1.8.mga8 32-bit and 64-bit mga7, and mga8 clients launched and ran. nvidia graphics working also for vlc, stellarium and image viewers. Ran some stress tests successfully. NFS shares and NAS available. Letting this run for at least a day.
Thomas Backlund
2022-06-29 17:28:36 CEST
Whiteboard:
(none) =>
MGA8-64-OK An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0243.html Resolution:
(none) =>
FIXED |