Bug 16007 - Update request: kernel-linus-3.14.43-1.mga4
Summary: Update request: kernel-linus-3.14.43-1.mga4
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 4
Hardware: All Linux
Priority: High critical
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: advisory mga4-32-ok mga4-64-ok
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2015-05-22 08:28 CEST by Thomas Backlund
Modified: 2015-05-27 18:58 CEST (History)
3 users (show)

See Also:
Source RPM: kernel-linus-3.14.43-1.mga4.src.rpm
CVE:
Status comment:


Attachments

Description Thomas Backlund 2015-05-22 08:28:34 CEST
SRPM:
kernel-linus-3.14.43-1.mga4.src.rpm


Reproducible: 

Steps to Reproduce:
Comment 1 Thomas Backlund 2015-05-22 08:33:32 CEST
SRPM:
kernel-linus-3.14.43-1.mga4.src.rpm


i586:
kernel-linus-3.14.43-1.mga4-1-1.mga4.i586.rpm
kernel-linus-devel-3.14.43-1.mga4-1-1.mga4.i586.rpm
kernel-linus-devel-latest-3.14.43-1.mga4.i586.rpm
kernel-linus-doc-3.14.43-1.mga4.noarch.rpm
kernel-linus-latest-3.14.43-1.mga4.i586.rpm
kernel-linus-source-3.14.43-1.mga4-1-1.mga4.noarch.rpm
kernel-linus-source-latest-3.14.43-1.mga4.noarch.rpm


x86_64:
kernel-linus-3.14.43-1.mga4-1-1.mga4.x86_64.rpm
kernel-linus-devel-3.14.43-1.mga4-1-1.mga4.x86_64.rpm
kernel-linus-devel-latest-3.14.43-1.mga4.x86_64.rpm
kernel-linus-doc-3.14.43-1.mga4.noarch.rpm
kernel-linus-latest-3.14.43-1.mga4.x86_64.rpm
kernel-linus-source-3.14.43-1.mga4-1-1.mga4.noarch.rpm
kernel-linus-source-latest-3.14.43-1.mga4.noarch.rpm

Priority: Normal => High

Comment 2 Thomas Backlund 2015-05-22 08:38:33 CEST
This kernel carries 2 critical data loss fixes, one "ext4: fix data corruption caused by unwritten and delayed extents" , the other one is regarding using raid0 and trim on ssds, hence the critical status

Advisory will follow tonight
Thomas Backlund 2015-05-22 08:39:28 CEST

Summary: Update request: => Update request: kernel-linus-3.14.43-1.mga4

Comment 3 Thomas Backlund 2015-05-22 21:58:45 CEST
Advisory:

Updated kernel-linus fixes security, critical data corruption and pdata loss issues

This kernel-linus update is based on upstream -longterm 3.14.43 and fixes
a security issue, and critical data corruption and data loss issues:

drivers/vhost/scsi.c: potential memory corruption (CVE-2015-4036)

ext4 filesystem has a bug that make it possible to lose whole file system
block worth of data when we hit the specific interaction with unwritten
and delayed extents in status extent tree.

when using software raid 0 on SSDs along with trim/discard, any delete or
modification of files can lead to random destruction on the filesystem.
(this regression was introduced in upstream 3.14.41)

For other fixes in this update, see the referenced changelogs.

References:
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.42
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.43
claire robinson 2015-05-23 23:53:14 CEST

Whiteboard: (none) => mga4-32-ok

Comment 4 Shlomi Fish 2015-05-25 14:05:22 CEST
Everything is working fine with this kernel on my x86-64 Acer Laptop: X, KDE 4, Extreme Tux Racer, Firefox, HexChat, Pidgin, ssh , SMB, networking, YouTube, VLC, etc.

CC: (none) => shlomif

Comment 5 William Kenney 2015-05-26 17:33:54 CEST
In VirtualBox, M4, KDE, 64-bit

Package(s) under test:
kernel-linus-latest

default install of kernel-linus-latest

[root@localhost wilcal]# uname -a
Linux localhost 3.14.41-1.mga4 #1 SMP Thu May 7 06:56:24 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost wilcal]# urpmi kernel-linus-latest
Package kernel-linus-latest-3.14.41-1.mga4.x86_64 is already installed

System boots to a working desktop. Common apps work. Screen dimensions are correct.

install kernel-linus-latest from updates_testing

[root@localhost wilcal]# uname -a
Linux localhost 3.14.43-1.mga4 #1 SMP Thu May 21 22:08:45 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost wilcal]# urpmi kernel-linus-latest
Package kernel-linus-latest-3.14.43-1.mga4.x86_64 is already installed

System boots to a working desktop. Common apps work. Screen dimensions are correct.

Test platform:
Intel Core i7-2600K Sandy Bridge 3.4GHz
GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo
GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB
RTL8111/8168B PCI Express 1Gbit Ethernet
DRAM 16GB (4 x 4GB)
Mageia 4 64-bit, Nvidia driver
virtualbox-4.3.26-1.mga4.x86_64
virtualbox-guest-additions-4.3.26-1.mga4.x86_64

CC: (none) => wilcal.int

Comment 6 William Kenney 2015-05-26 17:34:53 CEST
This update works fine.
Testing complete for mga4 32-bit & 64-bit
Validating the update.
Could someone from the sysadmin team push this to updates.
Thanks

Keywords: (none) => validated_update
Whiteboard: mga4-32-ok => mga4-32-ok mga4-64-ok
CC: (none) => sysadmin-bugs

Comment 7 claire robinson 2015-05-27 11:37:01 CEST
Advisory uploaded.

Whiteboard: mga4-32-ok mga4-64-ok => advisory mga4-32-ok mga4-64-ok

Comment 8 Mageia Robot 2015-05-27 18:58:37 CEST
An update for this issue has been pushed to Mageia Updates repository.

http://advisories.mageia.org/MGASA-2015-0237.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.