Bug 13863 - Update request: kernel-linus-3.12.26-1.mga4
Summary: Update request: kernel-linus-3.12.26-1.mga4
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 4
Hardware: All Linux
Priority: Normal critical
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA4-32-OK MGA4-64-OK advisory
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2014-08-05 18:44 CEST by Thomas Backlund
Modified: 2014-08-18 11:15 CEST (History)
3 users (show)

See Also:
Source RPM: kernel-linus-3.12.26-1.mga4
CVE:
Status comment:


Attachments
specs. of the machine: lspcidrake-v (3.04 KB, text/plain)
2014-08-06 20:51 CEST, Dick Gevers
Details

Description Thomas Backlund 2014-08-05 18:44:33 CEST
Updated kernel-linus provides upstream 3.12.26 kernel and fixes the
following security issues:

Array index error in the aio_read_events_ring function in fs/aio.c in
the Linux kernel through 3.15.1 allows local users to obtain sensitive
information from kernel memory via a large head value (CVE-2014-0206).

media-device: fix infoleak in ioctl media_enum_entities()
(CVE-2014-1739)

The futex_requeue function in kernel/futex.c in the Linux kernel through
3.14.5 does not ensure that calls have two different futex addresses,
which allows local users to gain privileges via a crafted FUTEX_REQUEUE
command that facilitates unsafe waiter modification. (CVE-2014-3153)

kernel/auditsc.c in the Linux kernel through 3.14.5, when 
CONFIG_AUDITSYSCALL is enabled with certain syscall rules, allows local
users to obtain potentially sensitive single-bit values from kernel memory
or cause a denial of service (OOPS) via a large value of a syscall number.
To avoid this and other issues CONFIG_AUDITSYSCALL has been disabled.
(CVE-2014-3917)

The capabilities implementation in the Linux kernel before 3.14.8 does
not properly consider that namespaces are inapplicable to inodes, which
allows local users to bypass intended chmod restrictions by first creating
a user namespace, as demonstrated by setting the setgid bit on a file with
group ownership of root (CVE-2014-4014)

mm/shmem.c in the Linux kernel through 3.15.1 does not properly implement
the interaction between range notification and hole punching, which allows
local users to cause a denial of service (i_mutex hold) by using the mmap
system call to access a hole, as demonstrated by interfering with intended
shmem activity by blocking completion of (1) an MADV_REMOVE madvise call
or (2) an FALLOC_FL_PUNCH_HOLE fallocate call (CVE-2014-4171).

arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit
x86 platforms, when syscall auditing is enabled and the sep CPU feature
flag is set, allows local users to cause a denial of service (OOPS and
system crash) via an invalid syscall number, as demonstrated by number
1000 (CVE-2014-4508). 

A flaw was found in the way reference counting was handled in the Linux
kernels VFS subsystem when unmount on symlink was performed. An unprivileged
local user could use this flaw to cause OOM conditions leading to denial
of service or, potentially, trigger use-after-free error (CVE-2014-5045).

Linux kernel built with the support for Stream Control Transmission Protocol
(CONFIG_IP_SCTP) is vulnerable to a NULL pointer dereference flaw. It could
occur when simultaneous new connections are initiated between the same pair
of hosts. A remote user/program could use this flaw to crash the system
kernel resulting in DoS (CVE.2014-5077).

For other fixes, see the referenced changelogs.

References:
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.26
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.25
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.24
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.23
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.22
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.21



SRPM:
kernel-linus-3.12.26-1.mga4.src.rpm


i586:
kernel-linus-3.12.26-1.mga4-1-1.mga4.i586.rpm
kernel-linus-devel-3.12.26-1.mga4-1-1.mga4.i586.rpm
kernel-linus-devel-latest-3.12.26-1.mga4.i586.rpm
kernel-linus-doc-3.12.26-1.mga4.noarch.rpm
kernel-linus-latest-3.12.26-1.mga4.i586.rpm
kernel-linus-source-3.12.26-1.mga4-1-1.mga4.noarch.rpm
kernel-linus-source-latest-3.12.26-1.mga4.noarch.rpm


x86_64:
kernel-linus-3.12.26-1.mga4-1-1.mga4.x86_64.rpm
kernel-linus-devel-3.12.26-1.mga4-1-1.mga4.x86_64.rpm
kernel-linus-devel-latest-3.12.26-1.mga4.x86_64.rpm
kernel-linus-doc-3.12.26-1.mga4.noarch.rpm
kernel-linus-latest-3.12.26-1.mga4.x86_64.rpm
kernel-linus-source-3.12.26-1.mga4-1-1.mga4.noarch.rpm
kernel-linus-source-latest-3.12.26-1.mga4.noarch.rpm


Reproducible: 

Steps to Reproduce:
Comment 1 William Kenney 2014-08-06 02:13:53 CEST
In VirtualBox, M4, KDE, 32-bit

Package(s) under test:
kernel-linus-latest

default install of kernel-linus-latest

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.20-1.mga4 #1 SMP Fri May 16 14:39:41 UTC 2014 i686 i686 i686 GNU/Linux

kernel-linus-latest boots to a working desktop and
applications work fine, 1600x1200 screen resolution

install package from updates_testing

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.26-1.mga4 #1 SMP Tue Aug 5 15:33:04 UTC 2014 i686 i686 i686 GNU/Linux

kernel-linus-latest boots to a working desktop and
applications work fine, 1600x1200 screen resolution

Test platform:
Intel Core i7-2600K Sandy Bridge 3.4GHz
GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo
GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB
RTL8111/8168B PCI Express 1Gbit Ethernet
DRAM 16GB (4 x 4GB)
Mageia 4 64-bit, Nvidia driver
virtualbox-4.3.10-1.1.mga4.x86_64
virtualbox-guest-additions-4.3.10-1.1.mga4.x86_64

CC: (none) => wilcal.int

Comment 2 William Kenney 2014-08-06 02:33:54 CEST
In VirtualBox, M4, KDE, 64-bit

Package(s) under test:
kernel-linus-latest

default install of kernel-linus-latest

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.20-1.mga4 #1 SMP Fri May 16 14:33:26 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

kernel-linus-latest boots to a working desktop and
applications work fine, 1600x1200 screen resolution

install package from updates_testing

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.26-1.mga4 #1 SMP Tue Aug 5 15:22:04 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

kernel-linus-latest boots to a working desktop and
applications work fine, 1600x1200 screen resolution

Test platform:
Intel Core i7-2600K Sandy Bridge 3.4GHz
GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo
GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB
RTL8111/8168B PCI Express 1Gbit Ethernet
DRAM 16GB (4 x 4GB)
Mageia 4 64-bit, Nvidia driver
virtualbox-4.3.10-1.1.mga4.x86_64
virtualbox-guest-additions-4.3.10-1.1.mga4.x86_64
Comment 3 William Kenney 2014-08-06 20:20:56 CEST
On real hardware, M4, KDE, 32-bit

Package(s) under test:
kernel-linus-latest

default install of kernel-linus-latest

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.20-1.mga4 #1 SMP Fri May 16 14:39:41 UTC 2014 i686 i686 i686 GNU/Linux

kernel-linus-latest boots to a working desktop and
applications work fine, 1920x1200 screen resolution

install kernel-linus-latest from updates_testing

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.26-1.mga4 #1 SMP Tue Aug 5 15:33:04 UTC 2014 i686 i686 i686 GNU/Linux

kernel-linus-latest boots to a working desktop and
applications work fine, 1920x1200 screen resolution

Test platform:
Intel, P4 530J 3.0 GHz, 800MHz FSB, 1MB L2, LGA 775
GigaByte  GA-81915G Pro F4  i915G  LGA 775  MoBo
 Marvel Yukon 88E8001 Gigabit LAN
 Intel High Def Audio, Azalia (C-Media 9880) (snd-hda-intel)
 Intel Graphics Media Accelerator 900 (Intel 82915G)
Kingston 4GB (2 x 2GB) DDR400 PC-3200
250GB Seagate
Kingwin KF-91-BK SATA Mobile Rack
Kingwin KF-91-T-BK SATA Mobile Rack Tray
Sony CD/DVD-RW DWQ120AB2
Comment 4 Dick Gevers 2014-08-06 20:51:20 CEST
Created attachment 5324 [details]
specs. of the machine: lspcidrake-v

Installed subject kernel (32 bits desktop) on a real hardware mga4 machine and compared 'free' output under above-average workload (1) for kernels desktop 3.12.*

21-2
25-3 and
26-1

and noticed no difference, no deceleration of operation, in fact the memory used was being released after a while when it was no longer needed, i.e. the numbers for 'free' went up slightly with progress of time.

(1) Each kernel was loaded with 2x Eterm, gkrellm, sylpheed, one instance of Firefox and LibreOffice writer plus BOINC running setiathome.

CC: (none) => dvgevers

Comment 5 William Kenney 2014-08-07 03:14:15 CEST
On real hardware, M4, KDE, 64-bit

Package(s) under test:
kernel-linus-latest

default install of kernel-linus-latest

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.20-1.mga4 #1 SMP Fri May 16 14:33:26 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

kernel-linus-latest boots to a working desktop and
applications work fine, 1920x1200 screen resolution
VGA driver goes over to nouveau

install kernel-linus-latest from updates_testing

[wilcal@localhost ~]$ uname -a
Linux localhost 3.12.26-1.mga4 #1 SMP Tue Aug 5 15:22:04 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

kernel-linus-latest boots to a working desktop and
applications work fine, 1920x1200 screen resolution
VGA driver remains nouveau

Test platform:
Intel Core i7-2600K Sandy Bridge 3.4GHz
GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo
GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB
RTL8111/8168B PCI Express 1Gbit Ethernet
DRAM 16GB (4 x 4GB)
Mageia 4 64-bit, Nvidia driver
virtualbox-4.3.10-1.1.mga4.x86_64
virtualbox-guest-additions-4.3.10-1.1.mga4.x86_64
Comment 6 William Kenney 2014-08-12 17:24:21 CEST
For me this update works fine.
Testing complete for mga4 32-bit & 64-bit
Can we push this one?
Comment 7 William Kenney 2014-08-14 22:18:18 CEST
Validating the update.
Could someone from the sysadmin team push this to updates.
Thanks

Keywords: (none) => validated_update
Whiteboard: (none) => MGA4-32-OK MGA4-64-OK
CC: (none) => sysadmin-bugs

Comment 8 Rémi Verschelde 2014-08-17 23:50:13 CEST
Advisory uploaded.

Whiteboard: MGA4-32-OK MGA4-64-OK => MGA4-32-OK MGA4-64-OK advisory

Comment 9 Mageia Robot 2014-08-18 11:15:57 CEST
An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGASA-2014-0336.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.