Advisory to come... SRPMS: kernel-linus-3.10.58-1.mga3.src.rpm i586: kernel-linus-3.10.58-1.mga3-1-1.mga3.i586.rpm kernel-linus-devel-3.10.58-1.mga3-1-1.mga3.i586.rpm kernel-linus-devel-latest-3.10.58-1.mga3.i586.rpm kernel-linus-doc-3.10.58-1.mga3.noarch.rpm kernel-linus-latest-3.10.58-1.mga3.i586.rpm kernel-linus-source-3.10.58-1.mga3-1-1.mga3.noarch.rpm kernel-linus-source-latest-3.10.58-1.mga3.noarch.rpm x86_64: kernel-linus-3.10.58-1.mga3-1-1.mga3.x86_64.rpm kernel-linus-devel-3.10.58-1.mga3-1-1.mga3.x86_64.rpm kernel-linus-devel-latest-3.10.58-1.mga3.x86_64.rpm kernel-linus-doc-3.10.58-1.mga3.noarch.rpm kernel-linus-latest-3.10.58-1.mga3.x86_64.rpm kernel-linus-source-3.10.58-1.mga3-1-1.mga3.noarch.rpm kernel-linus-source-latest-3.10.58-1.mga3.noarch.rpm Reproducible: Steps to Reproduce:
On real hardware, M3, KDE, 32-bit Package(s) under test: kernel-linus-latest default install of: kernel-linus-latest [root@localhost wilcal]# uname -a Linux localhost 3.10.51-1.mga3 #1 SMP Tue Aug 5 15:30:38 UTC 2014 i686 i686 i686 GNU/Linux [root@localhost wilcal]# urpmi kernel-linus-latest Package kernel-linus-latest-3.10.51-1.mga3.i586 is already installed System boots to a working desktop. Common apps work. Screen sizes are correct. install: kernel-linus-latest from updates_testing [root@localhost wilcal]# uname -a Linux localhost 3.10.58-1.mga3 #1 SMP Thu Oct 16 12:34:43 UTC 2014 i686 i686 i686 GNU/Linux [root@localhost wilcal]# urpmi kernel-linus-latest Package kernel-linus-latest-3.10.58-1.mga3.i586 is already installed System boots to a working desktop. Common apps work. Screen sizes are correct. Test platform: Intel, P4 530J 3.0 GHz, 800MHz FSB, 1MB L2, LGA 775 GigaByte GA-81915G Pro F4 i915G LGA 775 MoBo Marvel Yukon 88E8001 Gigabit LAN Intel High Def Audio, Azalia (C-Media 9880) (snd-hda-intel) Intel Graphics Media Accelerator 900 (Intel 82915G) Kingston 4GB (2 x 2GB) DDR400 PC-3200 250GB Seagate Kingwin KF-91-BK SATA Mobile Rack Kingwin KF-91-T-BK SATA Mobile Rack Tray Sony CD/DVD-RW DWQ120AB2
CC: (none) => wilcal.int
On real hardware, M3, KDE, 64-bit Package(s) under test: kernel-linus-latest default install of: kernel-linus-latest [root@localhost wilcal]# uname -a Linux localhost 3.10.51-1.mga3 #1 SMP Tue Aug 5 15:43:07 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux [root@localhost wilcal]# urpmi kernel-linus-latest Package kernel-linus-latest-3.10.51-1.mga3.x86_64 is already installed System boots to a working desktop. Common apps work. Screen sizes are correct. install: kernel-linus-latest from updates_testing [root@localhost wilcal]# uname -a Linux localhost 3.10.58-1.mga3 #1 SMP Thu Oct 16 12:31:38 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux [root@localhost wilcal]# urpmi kernel-linus-latest Package kernel-linus-latest-3.10.58-1.mga3.x86_64 is already installed System boots to a working desktop. Common apps work. Screen sizes are correct. Test platform: Intel Core i7-2600K Sandy Bridge 3.4GHz GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB RTL8111/8168B PCI Express 1Gbit Ethernet DRAM 16GB (4 x 4GB) Mageia 4 64-bit, Nvidia driver virtualbox-4.3.10-1.1.mga4.x86_64 virtualbox-guest-additions-4.3.10-1.1.mga4.x86_64
Advisory: This kernel-linus update is based on upstream -longterm 3.10.58 and fixes the following security issues: The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux kernel through 3.16.1 miscalculates the number of pages during the handling of a mapping failure, which allows guest OS users to (1) cause a denial of service (host OS memory corruption) or possibly have unspecified other impact by triggering a large gfn value or (2) cause a denial of service (host OS memory consumption) by triggering a small gfn value that leads to permanently pinned pages (CVE-2014-3601). The assoc_array_gc function in the associative-array implementation in lib/assoc_array.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via multiple "keyctl newring" operations followed by a "keyctl timeout" operation (CVE-2014-3631). The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in both arguments to the pivot_root system call (CVE-2014-7970). The do_umount function in fs/namespace.c in the Linux kernel through 3.17 does not require the CAP_SYS_ADMIN capability for do_remount_sb calls that change the root filesystem to read-only, which allows local users to cause a denial of service (loss of writability) by making certain unshare system calls, clearing the / MNT_LOCKED flag, and making an MNT_FORCE umount system call (CVE-2014-7975). For other fixes included in this update, read the referenced changelogs. References: https://bugs.mageia.org/show_bug.cgi?id=14307 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.52 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.53 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.54 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.55 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.56 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.57 https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.58
Booted kernel-linus just fine in a Mageia 3 64bit VM. Advisory uploaded.
CC: (none) => remiWhiteboard: (none) => MGA3-64-OK advisory
Validating. Sysadmins, please push this to updates. Thank you.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
Whiteboard: MGA3-64-OK advisory => MGA3-64-OK MGA3-32-OK advisory
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2014-0456.html
Status: NEW => RESOLVEDResolution: (none) => FIXED