Bug 13265 - Update request: kernel-linus-3.12.18-1.mga4
Summary: Update request: kernel-linus-3.12.18-1.mga4
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 4
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: advisory mga4-32-ok mga4-64-ok
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2014-04-24 20:18 CEST by Thomas Backlund
Modified: 2014-05-09 00:03 CEST (History)
2 users (show)

See Also:
Source RPM: kernel-linus-3.12.18-1.mga4.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Thomas Backlund 2014-04-24 20:18:34 CEST 
SRPMS:
kernel-linus-3.12.18-1.mga4.src.rpm


i586:
kernel-linus-3.12.18-1.mga4-1-1.mga4.i586.rpm
kernel-linus-devel-3.12.18-1.mga4-1-1.mga4.i586.rpm
kernel-linus-devel-latest-3.12.18-1.mga4.i586.rpm
kernel-linus-doc-3.12.18-1.mga4.noarch.rpm
kernel-linus-latest-3.12.18-1.mga4.i586.rpm
kernel-linus-source-3.12.18-1.mga4-1-1.mga4.noarch.rpm
kernel-linus-source-latest-3.12.18-1.mga4.noarch.rpm


x86_64:
kernel-linus-3.12.18-1.mga4-1-1.mga4.x86_64.rpm
kernel-linus-devel-3.12.18-1.mga4-1-1.mga4.x86_64.rpm
kernel-linus-devel-latest-3.12.18-1.mga4.x86_64.rpm
kernel-linus-doc-3.12.18-1.mga4.noarch.rpm
kernel-linus-latest-3.12.18-1.mga4.x86_64.rpm
kernel-linus-source-3.12.18-1.mga4-1-1.mga4.noarch.rpm
kernel-linus-source-latest-3.12.18-1.mga4.noarch.rpm


Reproducible: 

Steps to Reproduce:
Comment 1 Thomas Backlund 2014-04-24 20:41:19 CEST 
Advisory:
Updated kernel-linus provides upstream 3.12.18 kernel and fixes the following
security issues:

Buffer overflow in the complete_emulated_mmio function in arch/x86/kvm/
x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute
arbitrary code on the host OS by leveraging a loop that triggers an
invalid memory copy affecting certain cancel_work_item data. 
(CVE-2014-0049)

The get_rx_bufs function in drivers/vhost/net.c in the vhost-net subsystem
in the Linux kernel package before 2.6.32-431.11.2 on Red Hat Enterprise
Linux (RHEL) 6 does not properly handle vhost_get_vq_desc errors, which
allows guest OS users to cause a denial of service (host OS crash) via
unspecified vectors. (CVE-2014-0055)

The cifs_iovec_write function in fs/cifs/file.c in the Linux kernel through
3.13.5 does not properly handle uncached write operations that copy fewer
than the requested number of bytes, which allows local users to obtain
sensitive information from kernel memory, cause a denial of service
(memory corruption and system crash), or possibly gain privileges via a
writev system call with a crafted pointer. (CVE-2014-0069)

drivers/vhost/net.c in the Linux kernel before 3.13.10, when mergeable
buffers are disabled, does not properly validate packet lengths, which
allows guest OS users to cause a denial of service (memory corruption and
host OS crash) or possibly gain privileges on the host OS via crafted
packets, related to the handle_rx and get_rx_bufs functions. 
(CVE-2014-0077)

Oter fixes in this update:
- switch hugepages back to madvise to fix performance regression (mga#12994)
- enable Intel P-state driver (mga#13080)
- fix r8169 suspend/resume issue (mga#13255)

For upstream merged fixes, read the referenced changelogs:

References:
https://bugs.mageia.org/show_bug.cgi?id=12994
https://bugs.mageia.org/show_bug.cgi?id=13080
https://bugs.mageia.org/show_bug.cgi?id=13255
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.18
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.17
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.16
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.15
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.14
Comment 2 William Kenney 2014-04-27 20:03:47 CEST 
On real hardware, M4, KDE, 32-bit

Package(s) under test:
kernel-linus

install kernel-linus from updates_testing

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.18-1.mga4 #1 SMP Thu Apr 24 12:20:23 UTC 2014 i686 i686 i686 GNU/Linux

kernel-linus boots to a working desktop and applications work fine

Test platform:
Intel, P4 530J 3.0 GHz, 800MHz FSB, 1MB L2, LGA 775
GigaByte  GA-81915G Pro F4  i915G  LGA 775  MoBo
 Marvel Yukon 88E8001 Gigabit LAN
 Intel High Def Audio, Azalia (C-Media 9880) (snd-hda-intel)
 Intel Graphics Media Accelerator 900 (Intel 82915G)
Kingston 4GB (2 x 2GB) DDR400 PC-3200
250GB Seagate
Kingwin KF-91-BK SATA Mobile Rack
Kingwin KF-91-T-BK SATA Mobile Rack Tray
Sony CD/DVD-RW DWQ120AB2

CC: (none) => wilcal.int

Comment 3 claire robinson 2014-05-07 19:43:59 CEST 
All ok 32bit, working dkms modules all build ok.

It'll need testing 64bit before we can validate, if anyone can do so please..

Whiteboard: (none) => mga4-32-ok

Comment 4 claire robinson 2014-05-08 14:48:25 CEST 
Testing complete mga4 64.

Whiteboard: mga4-32-ok => mga4-32-ok mga6-64-ok

claire robinson 2014-05-08 14:48:36 CEST

Whiteboard: mga4-32-ok mga6-64-ok => mga4-32-ok mga4-64-ok

Comment 5 claire robinson 2014-05-08 17:41:34 CEST 
Validating. Advisory uploaded.

There is no mention of CVE-2014-2851 in the advisory for this one. It might need adding.

Could sysadmin please push to 4 updates

Thanks

Keywords: (none) => validated_update
Whiteboard: mga4-32-ok mga4-64-ok => advisory mga4-32-ok mga4-64-ok
CC: (none) => sysadmin-bugs

Comment 6 Thomas Backlund 2014-05-09 00:03:45 CEST 
Update pushed:
http://advisories.mageia.org/MGASA-2014-0207.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED
Note You need to log in before you can comment on or make changes to this bug.