This update only contains this 2 fixes compared to the 4.1.15-1 released in MGASA-2016-0005 so testing is fast...just ensure it installs and boots Advisory (also added to svn) Perception Point Research Team found a reference leak in keyring in join_session_keyring() that can be exploited to successfully escalate privileges from a local user to root (CVE-2016-0728). Other fixes in this kernel update: - netfilter: nf_nat_redirect: add missing NULL pointer check SRPMS: kernel-4.1.15-2.mga5.src.rpm kernel-userspace-headers-4.1.15-2.mga5.src.rpm kmod-vboxadditions-5.0.12-2.mga5.src.rpm kmod-virtualbox-5.0.12-2.mga5.src.rpm kmod-xtables-addons-2.7-8.mga5.src.rpm kmod-broadcom-wl-6.30.223.271-5.mga5.nonfree.src.rpm kmod-fglrx-15.200.1046-9.mga5.nonfree.src.rpm kmod-nvidia304-304.128-5.mga5.nonfree.src.rpm kmod-nvidia340-340.93-5.mga5.nonfree.src.rpm kmod-nvidia-current-346.96-5.mga5.nonfree.src.rpm i586: cpupower-4.1.15-2.mga5.i586.rpm cpupower-devel-4.1.15-2.mga5.i586.rpm kernel-desktop-4.1.15-2.mga5-1-1.mga5.i586.rpm kernel-desktop586-4.1.15-2.mga5-1-1.mga5.i586.rpm kernel-desktop586-devel-4.1.15-2.mga5-1-1.mga5.i586.rpm kernel-desktop586-devel-latest-4.1.15-2.mga5.i586.rpm kernel-desktop586-latest-4.1.15-2.mga5.i586.rpm kernel-desktop-devel-4.1.15-2.mga5-1-1.mga5.i586.rpm kernel-desktop-devel-latest-4.1.15-2.mga5.i586.rpm kernel-desktop-latest-4.1.15-2.mga5.i586.rpm kernel-doc-4.1.15-2.mga5.noarch.rpm kernel-server-4.1.15-2.mga5-1-1.mga5.i586.rpm kernel-server-devel-4.1.15-2.mga5-1-1.mga5.i586.rpm kernel-server-devel-latest-4.1.15-2.mga5.i586.rpm kernel-server-latest-4.1.15-2.mga5.i586.rpm kernel-source-4.1.15-2.mga5-1-1.mga5.noarch.rpm kernel-source-latest-4.1.15-2.mga5.noarch.rpm kernel-userspace-headers-4.1.15-2.mga5.i586.rpm perf-4.1.15-2.mga5.i586.rpm vboxadditions-kernel-4.1.15-desktop-2.mga5-5.0.12-2.mga5.i586.rpm vboxadditions-kernel-4.1.15-desktop586-2.mga5-5.0.12-2.mga5.i586.rpm vboxadditions-kernel-4.1.15-server-2.mga5-5.0.12-2.mga5.i586.rpm vboxadditions-kernel-desktop586-latest-5.0.12-2.mga5.i586.rpm vboxadditions-kernel-desktop-latest-5.0.12-2.mga5.i586.rpm vboxadditions-kernel-server-latest-5.0.12-2.mga5.i586.rpm virtualbox-kernel-4.1.15-desktop-2.mga5-5.0.12-2.mga5.i586.rpm virtualbox-kernel-4.1.15-desktop586-2.mga5-5.0.12-2.mga5.i586.rpm virtualbox-kernel-4.1.15-server-2.mga5-5.0.12-2.mga5.i586.rpm virtualbox-kernel-desktop586-latest-5.0.12-2.mga5.i586.rpm virtualbox-kernel-desktop-latest-5.0.12-2.mga5.i586.rpm virtualbox-kernel-server-latest-5.0.12-2.mga5.i586.rpm xtables-addons-kernel-4.1.15-desktop-2.mga5-2.7-8.mga5.i586.rpm xtables-addons-kernel-4.1.15-desktop586-2.mga5-2.7-8.mga5.i586.rpm xtables-addons-kernel-4.1.15-server-2.mga5-2.7-8.mga5.i586.rpm xtables-addons-kernel-desktop586-latest-2.7-8.mga5.i586.rpm xtables-addons-kernel-desktop-latest-2.7-8.mga5.i586.rpm xtables-addons-kernel-server-latest-2.7-8.mga5.i586.rpm broadcom-wl-kernel-4.1.15-desktop-2.mga5-6.30.223.271-5.mga5.nonfree.i586.rpm broadcom-wl-kernel-4.1.15-desktop586-2.mga5-6.30.223.271-5.mga5.nonfree.i586.rpm broadcom-wl-kernel-4.1.15-server-2.mga5-6.30.223.271-5.mga5.nonfree.i586.rpm broadcom-wl-kernel-desktop586-latest-6.30.223.271-5.mga5.nonfree.i586.rpm broadcom-wl-kernel-desktop-latest-6.30.223.271-5.mga5.nonfree.i586.rpm broadcom-wl-kernel-server-latest-6.30.223.271-5.mga5.nonfree.i586.rpm fglrx-kernel-4.1.15-desktop-2.mga5-15.200.1046-9.mga5.nonfree.i586.rpm fglrx-kernel-4.1.15-desktop586-2.mga5-15.200.1046-9.mga5.nonfree.i586.rpm fglrx-kernel-4.1.15-server-2.mga5-15.200.1046-9.mga5.nonfree.i586.rpm fglrx-kernel-desktop586-latest-15.200.1046-9.mga5.nonfree.i586.rpm fglrx-kernel-desktop-latest-15.200.1046-9.mga5.nonfree.i586.rpm fglrx-kernel-server-latest-15.200.1046-9.mga5.nonfree.i586.rpm nvidia304-kernel-4.1.15-desktop-2.mga5-304.128-5.mga5.nonfree.i586.rpm nvidia304-kernel-4.1.15-desktop586-2.mga5-304.128-5.mga5.nonfree.i586.rpm nvidia304-kernel-4.1.15-server-2.mga5-304.128-5.mga5.nonfree.i586.rpm nvidia304-kernel-desktop586-latest-304.128-5.mga5.nonfree.i586.rpm nvidia304-kernel-desktop-latest-304.128-5.mga5.nonfree.i586.rpm nvidia304-kernel-server-latest-304.128-5.mga5.nonfree.i586.rpm nvidia340-kernel-4.1.15-desktop-2.mga5-340.93-5.mga5.nonfree.i586.rpm nvidia340-kernel-4.1.15-desktop586-2.mga5-340.93-5.mga5.nonfree.i586.rpm nvidia340-kernel-4.1.15-server-2.mga5-340.93-5.mga5.nonfree.i586.rpm nvidia340-kernel-desktop586-latest-340.93-5.mga5.nonfree.i586.rpm nvidia340-kernel-desktop-latest-340.93-5.mga5.nonfree.i586.rpm nvidia340-kernel-server-latest-340.93-5.mga5.nonfree.i586.rpm nvidia-current-kernel-4.1.15-desktop-2.mga5-346.96-5.mga5.nonfree.i586.rpm nvidia-current-kernel-4.1.15-desktop586-2.mga5-346.96-5.mga5.nonfree.i586.rpm nvidia-current-kernel-4.1.15-server-2.mga5-346.96-5.mga5.nonfree.i586.rpm nvidia-current-kernel-desktop586-latest-346.96-5.mga5.nonfree.i586.rpm nvidia-current-kernel-desktop-latest-346.96-5.mga5.nonfree.i586.rpm nvidia-current-kernel-server-latest-346.96-5.mga5.nonfree.i586.rpm x86_64: cpupower-4.1.15-2.mga5.x86_64.rpm cpupower-devel-4.1.15-2.mga5.x86_64.rpm kernel-desktop-4.1.15-2.mga5-1-1.mga5.x86_64.rpm kernel-desktop-devel-4.1.15-2.mga5-1-1.mga5.x86_64.rpm kernel-desktop-devel-latest-4.1.15-2.mga5.x86_64.rpm kernel-desktop-latest-4.1.15-2.mga5.x86_64.rpm kernel-doc-4.1.15-2.mga5.noarch.rpm kernel-server-4.1.15-2.mga5-1-1.mga5.x86_64.rpm kernel-server-devel-4.1.15-2.mga5-1-1.mga5.x86_64.rpm kernel-server-devel-latest-4.1.15-2.mga5.x86_64.rpm kernel-server-latest-4.1.15-2.mga5.x86_64.rpm kernel-source-4.1.15-2.mga5-1-1.mga5.noarch.rpm kernel-source-latest-4.1.15-2.mga5.noarch.rpm kernel-userspace-headers-4.1.15-2.mga5.x86_64.rpm perf-4.1.15-2.mga5.x86_64.rpm vboxadditions-kernel-4.1.15-desktop-2.mga5-5.0.12-2.mga5.x86_64.rpm vboxadditions-kernel-4.1.15-server-2.mga5-5.0.12-2.mga5.x86_64.rpm vboxadditions-kernel-desktop-latest-5.0.12-2.mga5.x86_64.rpm vboxadditions-kernel-server-latest-5.0.12-2.mga5.x86_64.rpm virtualbox-kernel-4.1.15-desktop-2.mga5-5.0.12-2.mga5.x86_64.rpm virtualbox-kernel-4.1.15-server-2.mga5-5.0.12-2.mga5.x86_64.rpm virtualbox-kernel-desktop-latest-5.0.12-2.mga5.x86_64.rpm virtualbox-kernel-server-latest-5.0.12-2.mga5.x86_64.rpm xtables-addons-kernel-4.1.15-desktop-2.mga5-2.7-8.mga5.x86_64.rpm xtables-addons-kernel-4.1.15-server-2.mga5-2.7-8.mga5.x86_64.rpm xtables-addons-kernel-desktop-latest-2.7-8.mga5.x86_64.rpm xtables-addons-kernel-server-latest-2.7-8.mga5.x86_64.rpm broadcom-wl-kernel-4.1.15-desktop-2.mga5-6.30.223.271-5.mga5.nonfree.x86_64.rpm broadcom-wl-kernel-4.1.15-server-2.mga5-6.30.223.271-5.mga5.nonfree.x86_64.rpm broadcom-wl-kernel-desktop-latest-6.30.223.271-5.mga5.nonfree.x86_64.rpm broadcom-wl-kernel-server-latest-6.30.223.271-5.mga5.nonfree.x86_64.rpm fglrx-kernel-4.1.15-desktop-2.mga5-15.200.1046-9.mga5.nonfree.x86_64.rpm fglrx-kernel-4.1.15-server-2.mga5-15.200.1046-9.mga5.nonfree.x86_64.rpm fglrx-kernel-desktop-latest-15.200.1046-9.mga5.nonfree.x86_64.rpm fglrx-kernel-server-latest-15.200.1046-9.mga5.nonfree.x86_64.rpm nvidia304-kernel-4.1.15-desktop-2.mga5-304.128-5.mga5.nonfree.x86_64.rpm nvidia304-kernel-4.1.15-server-2.mga5-304.128-5.mga5.nonfree.x86_64.rpm nvidia304-kernel-desktop-latest-304.128-5.mga5.nonfree.x86_64.rpm nvidia304-kernel-server-latest-304.128-5.mga5.nonfree.x86_64.rpm nvidia340-kernel-4.1.15-desktop-2.mga5-340.93-5.mga5.nonfree.x86_64.rpm nvidia340-kernel-4.1.15-server-2.mga5-340.93-5.mga5.nonfree.x86_64.rpm nvidia340-kernel-desktop-latest-340.93-5.mga5.nonfree.x86_64.rpm nvidia340-kernel-server-latest-340.93-5.mga5.nonfree.x86_64.rpm nvidia-current-kernel-4.1.15-desktop-2.mga5-346.96-5.mga5.nonfree.x86_64.rpm nvidia-current-kernel-4.1.15-server-2.mga5-346.96-5.mga5.nonfree.x86_64.rpm nvidia-current-kernel-desktop-latest-346.96-5.mga5.nonfree.x86_64.rpm nvidia-current-kernel-server-latest-346.96-5.mga5.nonfree.x86_64.rpm Reproducible: Steps to Reproduce:
Priority: Normal => HighWhiteboard: (none) => advisory
Testing both 32-bit and 64-bit versions on a Dell Dimension E310. P4 processor, Intel graphics. Packages installed: - cpupower-4.1.15-2.mga5.x86_64 - kernel-desktop-4.1.15-2.mga5-1-1.mga5.x86_64 - kernel-desktop-latest-4.1.15-2.mga5.x86_64 and the equivalent 32-bit packages. After reboot, no problems apparent.
CC: (none) => andrewsfarm
Testing MGA5 guest in 64-bit MGA5 64-bit host, before updating the host kernel or VirtualBox. Packages installed: - cpupower-4.1.15-2.mga5.i586 - kernel-desktop-4.1.15-2.mga5-1-1.mga5.i586 - kernel-desktop-latest-4.1.15-2.mga5.i586 - vboxadditions-kernel-4.1.15-desktop-2.mga5-5.0.12-2.mga5.i586 - vboxadditions-kernel-desktop-latest-5.0.12-2.mga5.i586 No problems apparent after reboot.
Testing 64-bit version on real hardware: ASRock AM2+ motherboard, Athlon X2 7750 processor, 8GB RAM, nVidia 9800GT video card. Packages installed: - cpupower-4.1.15-2.mga5.x86_64 - kernel-server-4.1.15-2.mga5-1-1.mga5.x86_64 - kernel-server-devel-4.1.15-2.mga5-1-1.mga5.x86_64 - kernel-server-devel-latest-4.1.15-2.mga5.x86_64 - kernel-server-latest-4.1.15-2.mga5.x86_64 - kernel-userspace-headers-4.1.15-2.mga5.x86_64 - nvidia340-kernel-4.1.15-server-2.mga5-340.93-5.mga5.nonfree.x86_64 - nvidia340-kernel-server-latest-340.93-5.mga5.nonfree.x86_64 - virtualbox-kernel-4.1.15-server-2.mga5-5.0.12-2.mga5.x86_64 - virtualbox-kernel-server-latest-5.0.12-2.mga5.x86_64 No problems noted after reboot. Tried MGA5 guest in VirtualBox, with no problems.
In VirtualBox, M5, KDE, 32-bit Package(s) under test: kernel-desktop586-latest vboxadditions-kernel-desktop586-latest default install of kernel-desktop586-latest [root@localhost wilcal]# uname -a Linux localhost 4.1.15-desktop586-1.mga5 #1 SMP Thu Dec 24 21:51:44 UTC 2015 i686 i686 i686 GNU/Linux [root@localhost wilcal]# urpmi kernel-desktop586-latest Package kernel-desktop586-latest-4.1.15-1.mga5.i586 is already installed [root@localhost wilcal]# urpmi vboxadditions-kernel-desktop586-latest Package vboxadditions-kernel-desktop586-latest-5.0.12-1.mga5.i586 is already installed System boots to a working desktop. Common apps work. Screen dimensions are correct. install kernel-desktop-latest from updates_testing [root@localhost wilcal]# uname -a Linux localhost 4.1.15-desktop586-2.mga5 #1 SMP Wed Jan 20 17:06:34 UTC 2016 i686 i686 i686 GNU/Linux [root@localhost wilcal]# urpmi kernel-desktop586-latest Package kernel-desktop586-latest-4.1.15-2.mga5.i586 is already installed [root@localhost wilcal]# urpmi vboxadditions-kernel-desktop586-latest Package vboxadditions-kernel-desktop586-latest-5.0.12-2.mga5.i586 is already installed System boots to a working desktop. Common apps work. Screen dimensions are correct.
CC: (none) => wilcal.int
Mageia 5 i586. Tested kernel-desktop on laptop hardware and kernel-server on workstation and server hardware. All OK. Tested leak PoC, which showed the leaked keyring before the update and not after the update. Tested the cve PoC which ran for a long time and did spawn a shell, but as the current user and not root, so the exploit wasn't working, which is comforting. Validating now based on TJ and my tests.
Keywords: (none) => validated_updateWhiteboard: advisory => advisory MGA5-64-OK MGA5-32-OKCC: (none) => sysadmin-bugs
In VirtualBox, M5, KDE, 64-bit Package(s) under test: kernel-desktop-latest vboxadditions-kernel-desktop-latest default install of kernel-desktop-latest [root@localhost wilcal]# uname -a Linux localhost 4.1.15-desktop-1.mga5 #1 SMP Thu Dec 24 22:04:24 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux [root@localhost wilcal]# urpmi kernel-desktop-latest Package kernel-desktop-latest-4.1.15-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi vboxadditions-kernel-desktop-latest Package vboxadditions-kernel-desktop-latest-5.0.12-1.mga5.x86_64 is already installed System boots to a working desktop. Common apps work. Screen dimensions are correct. install kernel-desktop-latest from updates_testing [root@localhost wilcal]# uname -a Linux localhost 4.1.15-desktop-2.mga5 #1 SMP Wed Jan 20 17:05:51 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux [root@localhost wilcal]# urpmi kernel-desktop-latest Package kernel-desktop-latest-4.1.15-2.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi vboxadditions-kernel-desktop-latest Package vboxadditions-kernel-desktop-latest-5.0.12-2.mga5.x86_64 is already installed System boots to a working desktop. Common apps work. Screen dimensions are correct.
Testing MGA5, 32-bit. ASRock AM2+ motherboard, Athlon X2 7750 processor, 8GB RAM,nVidia 9800GT video card. Packages installed: - cpupower-4.1.15-2.mga5.i586 - kernel-server-4.1.15-2.mga5-1-1.mga5.i586 - kernel-server-devel-4.1.15-2.mga5-1-1.mga5.i586 - kernel-server-devel-latest-4.1.15-2.mga5.i586 - kernel-server-latest-4.1.15-2.mga5.i586 - kernel-userspace-headers-4.1.15-2.mga5.i586 - nvidia340-kernel-4.1.15-server-2.mga5-340.93-5.mga5.nonfree.i586 - nvidia340-kernel-server-latest-340.93-5.mga5.nonfree.i586 - virtualbox-kernel-4.1.15-server-2.mga5-5.0.12-2.mga5.i586 - virtualbox-kernel-server-latest-5.0.12-2.mga5.i586 Everything looks good after reboot. 3GB+ MGA5 VirtualBox guest functions as expected, indicating the server kernel's ability to access extra RAM is functioning correctly.
On real hardware, M5, KDE, 64-bit Package(s) under test: kernel-desktop-latest virtualbox vboxadditions-kernel-desktop-latest dkms-virtualbox virtualbox-guest-additions virtualbox-kernel-desktop-latest x11-driver-video-vboxvideo nvidia-current-kernel-desktop-latest default install of: kernel-desktop-latest virtualbox vboxadditions-kernel-desktop-latest dkms-virtualbox virtualbox-guest-additions virtualbox-kernel-desktop-latest x11-driver-video-vboxvideo nvidia-current-kernel-desktop-latest [root@localhost wilcal]# uname -a Linux localhost 4.1.15-desktop-1.mga5 #1 SMP Thu Dec 24 22:04:24 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux [root@localhost wilcal]# urpmi kernel-desktop-latest Package kernel-desktop-latest-4.1.15-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi virtualbox Package virtualbox-5.0.12-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi vboxadditions-kernel-desktop-latest Package vboxadditions-kernel-desktop-latest-5.0.12-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi dkms-virtualbox Package dkms-virtualbox-5.0.12-1.mga5.noarch is already installed [root@localhost wilcal]# urpmi virtualbox-guest-additions Package virtualbox-guest-additions-5.0.12-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi virtualbox-kernel-desktop-latest Package virtualbox-kernel-desktop-latest-5.0.12-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi x11-driver-video-vboxvideo Package x11-driver-video-vboxvideo-5.0.12-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi nvidia-current-kernel-desktop-latest Package nvidia-current-kernel-desktop-latest-346.96-4.mga5.nonfree.x86_64 is already installed [root@localhost wilcal]# lspci -k 01:00.0 VGA compatible controller: NVIDIA Corporation GF108 [GeForce GT 440] (rev a1) Subsystem: Gigabyte Technology Co., Ltd Device 3518 Kernel driver in use: nvidia Kernel modules: nvidiafb, nouveau, nvidia_current System boots to a working desktop. Common apps work. M5 i586 Gnome Live-CD runs as a Vbox client. M5 i586 KDE Live-CD installs, updates and runs as a Vbox client. Screen sizes of the host and client are correct. install: kernel-desktop-latest virtualbox vboxadditions-kernel-desktop-latest dkms-virtualbox virtualbox-guest-additions virtualbox-kernel-desktop-latest x11-driver-video-vboxvideo nvidia-current-kernel-desktop-latest from updates_testing [root@localhost wilcal]# uname -a Linux localhost 4.1.15-desktop-2.mga5 #1 SMP Wed Jan 20 17:05:51 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux [root@localhost wilcal]# urpmi kernel-desktop-latest Package kernel-desktop-latest-4.1.15-2.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi virtualbox Package virtualbox-5.0.12-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi vboxadditions-kernel-desktop-latest Package vboxadditions-kernel-desktop-latest-5.0.12-2.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi dkms-virtualbox Package dkms-virtualbox-5.0.12-1.mga5.noarch is already installed [root@localhost wilcal]# urpmi virtualbox-guest-additions Package virtualbox-guest-additions-5.0.12-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi virtualbox-kernel-desktop-latest Package virtualbox-kernel-desktop-latest-5.0.12-2.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi x11-driver-video-vboxvideo Package x11-driver-video-vboxvideo-5.0.12-1.mga5.x86_64 is already installed [root@localhost wilcal]# urpmi nvidia-current-kernel-desktop-latest Package nvidia-current-kernel-desktop-latest-346.96-5.mga5.nonfree.x86_64 is already installed [wilcal@localhost ~]$ lspci -k 01:00.0 VGA compatible controller: NVIDIA Corporation GF108 [GeForce GT 440] (rev a1) Subsystem: Gigabyte Technology Co., Ltd Device 3518 Kernel driver in use: nvidia Kernel modules: nvidiafb, nouveau, nvidia_current System boots to a working desktop. Common apps work. Previously created M5 i586 Gnome Live-CD runs as a Vbox client. Previously installed M5 KDE i586 Live-CD runs as a Vbox client. M5 i586 Gnome Live-DVD runs as a Vbox client. M5 x86_64 Gnome Live-DVD installs, updates and runs as a Vbox client. Screen sizes of the host and all clients are correct. Test platform: Intel Core i7-2600K Sandy Bridge 3.4GHz GIGABYTE GA-Z68X-UD3-B3 LGA 1155 MoBo GIGABYTE GV-N440D3-1GI Nvidia GeForce GT 440 (Fermi) 1GB RTL8111/8168B PCI Express 1Gbit Ethernet DRAM 16GB (4 x 4GB)
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0033.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
Loaded the update. Works fine on nvidia304-kernel-desktopi586
CC: (none) => brtians1