New kernel-linus to test SRPMS: kernel-linus-4.1.15-1.mga5.src.rpm i586: kernel-linus-4.1.15-1.mga5-1-1.mga5.i586.rpm kernel-linus-devel-4.1.15-1.mga5-1-1.mga5.i586.rpm kernel-linus-devel-latest-4.1.15-1.mga5.i586.rpm kernel-linus-doc-4.1.15-1.mga5.noarch.rpm kernel-linus-latest-4.1.15-1.mga5.i586.rpm kernel-linus-source-4.1.15-1.mga5-1-1.mga5.noarch.rpm kernel-linus-source-latest-4.1.15-1.mga5.noarch.rpm x86_64: kernel-linus-4.1.15-1.mga5-1-1.mga5.x86_64.rpm kernel-linus-devel-4.1.15-1.mga5-1-1.mga5.x86_64.rpm kernel-linus-devel-latest-4.1.15-1.mga5.x86_64.rpm kernel-linus-doc-4.1.15-1.mga5.noarch.rpm kernel-linus-latest-4.1.15-1.mga5.x86_64.rpm kernel-linus-source-4.1.15-1.mga5-1-1.mga5.noarch.rpm kernel-linus-source-latest-4.1.15-1.mga5.noarch.rpm Advisory will follow... Reproducible: Steps to Reproduce:
mga5 x86_64 Mate sudo urpmi kernel-linus-latest Package kernel-linus-latest-4.1.12-1.mga5.x86_64 is already installed Hardware: Gigabyte Sniper.Z97 16 GB RAM Killer E220x Gigabit Ethernet nvidia GeForce GTX 770/PCIe/SSE2 Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz graphics driver NVIDIA 346.96 Updated to kernel-linus-4.1.15-1.mga5-1-1 Built against virtualbox 5.0.10-1.mga5. nvidia-current and xtables-addons (2.7-1.mga5) modules built successfully. Back after reboot.
CC: (none) => tarazed25
Rebooted to the Mate desktop on a UEFI system. All normal functions OK, sound, graphics, video, bluetooth, TV, networking, web browsing, virtualbox, LibreOffice, command-line operations, printing, font control, etc. glmark2 returned the expected score. Leaving this running for the time being. Not in a position to test wireless networking yet. My LAN works for wired connections only.
mga5 x86_64 CSM Mate nVidia GeForce 8700M GT : driver 340.93 Intel Core2 Duo T9300 @ 2.5GHz 5G wifi on PRO/Wireless 3945ABG [Golan] Installed kernel-linus-latest and updated to 4.1.15-1.mga5-1-1 Rebooted cleanly. wi-fi enabled. Normal updates working. All desktop applications appear to be OK. On-board sound via SoX. vlc runs fine.
In VirtualBox, M5, KDE, 32-bit Package(s) under test: kernel-linus-latest default install of kernel-linus-latest [root@localhost wilcal]# uname -a Linux localhost 4.1.12-1.mga5 #1 SMP Wed Oct 28 06:50:47 UTC 2015 i686 i686 i686 GNU/Linux [root@localhost wilcal]# urpmi kernel-linus-latest Package kernel-linus-latest-4.1.12-1.mga5.i586 is already installed System boots to a working desktop. Common apps work. Screen dimensions are correct. install kernel-linus-latest from updates_testing [root@localhost wilcal]# uname -a Linux localhost 4.1.15-1.mga5 #1 SMP Thu Dec 24 17:34:43 UTC 2015 i686 i686 i686 GNU/Linux [root@localhost wilcal]# urpmi kernel-linus-latest Package kernel-linus-latest-4.1.15-1.mga5.i586 is already installed System boots to a working desktop. Common apps work. Screen dimensions can be set to 1920x1080.
CC: (none) => wilcal.int
In VirtualBox, M5, KDE, 64-bit Package(s) under test: kernel-linus-latest default install of kernel-linus-latest [root@localhost wilcal]# uname -a Linux localhost 4.1.12-desktop-1.mga5 #1 SMP Wed Oct 28 10:10:38 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux [root@localhost wilcal]# urpmi kernel-linus-latest Package kernel-linus-latest-4.1.12-1.mga5.x86_64 is already installed System boots to a working desktop. Common apps work. Screen dimensions are correct. install kernel-linus-latest from updates_testing [root@localhost wilcal]# uname -a Linux localhost 4.1.15-1.mga5 #1 SMP Thu Dec 24 17:44:01 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux [root@localhost wilcal]# urpmi kernel-linus-latest Package kernel-linus-latest-4.1.15-1.mga5.x86_64 is already installed System boots to a working desktop. Common apps work. Screen dimensions can be set to 1920x1080.
Advisory (also added to svn): This kernel-linus update is based on upstream 4.1.15 longterm kernel and fixes the following security issues: The virtnet_probe function in drivers/net/virtio_net.c in the Linux kernel before 4.2 attempts to support a FRAGLIST feature without proper memory allocation, which allows guest OS users to cause a denial of service (buffer overflow and memory corruption) via a crafted sequence of fragmented packets (CVE-2015-5156). The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c (CVE-2015-5307). The __rds_conn_create function in net/rds/connection.c in the Linux kernel through 4.2.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket that was not properly bound (CVE-2015-6937). The key_gc_unused_keys function in security/keys/gc.c in the Linux kernel through 4.2.6 allows local users to cause a denial of service (OOPS) via crafted keyctl commands (CVE-2015-7872). The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application (CVE-2015-7884). The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application (CVE-2015-7885). Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host (CVE-2015-8550 / XSA-155). Konrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service (NULL dereference) on the host (CVE-2015-8551 / XSA-157). Konrad Rzeszutek Wilk discovered the Xen PCI backend driver does not perform sanity checks on the device's state. An attacker could exploit this flaw to cause a denial of service by flooding the logging system with WARN() messages causing the initial domain to exhaust disk space (CVE-2015-8552 / XSA-157). The ovl_setattr function in fs/overlayfs/inode.c in the Linux kernel through 4.3.3 attempts to merge distinct setattr operations, which allows local users to bypass intended access restrictions and modify the attributes of arbitrary overlay files via a crafted application (CVE-2015-8660). For other fixes in this update, see the referenced changelogs. references: - https://bugs.mageia.org/show_bug.cgi?id=17396 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.13 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.14 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.15
Whiteboard: (none) => advisory
Whiteboard: advisory => advisory MGA5-64-OK MGA5-32-OKKeywords: (none) => validated_updateCC: (none) => davidwhodgins, sysadmin-bugs
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0014.html
Status: NEW => RESOLVEDResolution: (none) => FIXED