"Mad COW" fixing kernels + other fixes SRPM: kernel-tmb-4.4.26-1.mga5.src.rpm i586: kernel-tmb-desktop-4.4.26-1.mga5-1-1.mga5.i586.rpm kernel-tmb-desktop-devel-4.4.26-1.mga5-1-1.mga5.i586.rpm kernel-tmb-desktop-devel-latest-4.4.26-1.mga5.i586.rpm kernel-tmb-desktop-latest-4.4.26-1.mga5.i586.rpm kernel-tmb-source-4.4.26-1.mga5-1-1.mga5.noarch.rpm kernel-tmb-source-latest-4.4.26-1.mga5.noarch.rpm x86_64: kernel-tmb-desktop-4.4.26-1.mga5-1-1.mga5.x86_64.rpm kernel-tmb-desktop-devel-4.4.26-1.mga5-1-1.mga5.x86_64.rpm kernel-tmb-desktop-devel-latest-4.4.26-1.mga5.x86_64.rpm kernel-tmb-desktop-latest-4.4.26-1.mga5.x86_64.rpm kernel-tmb-source-4.4.26-1.mga5-1-1.mga5.noarch.rpm kernel-tmb-source-latest-4.4.26-1.mga5.noarch.rpm Advisory: This update is based on the upstream 4.4.26 kernel and fixes atleast theese security issues: sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions (CVE-2016-4578). A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system. This could be abused by an attacker to modify existing setuid files with instructions to elevate privileges. An exploit using this technique has been found in the wild (CVE-2016-5195). The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message (CVE-2016-5243). The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message (CVE-2016-5244). Memory leak in the airspy_probe function in drivers/media/usb/airspy/airspy.c in the airspy USB driver in the Linux kernel before 4.7 allows local users to cause a denial of service (memory consumption) via a crafted USB device that emulates many VFL_TYPE_SDR or VFL_TYPE_SUBDEV devices and performs many connect and disconnect operations (CVE-2016-5400). Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/ commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a "double fetch" vulnerability (CVE-2016-6480). Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-6828) Vladimir Bene discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload (GRO) processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service (system crash). (CVE-2016-7039) This update also changes the following: - enables STRICT_DEVMEM as a security hardening - disables FW_LOADER_USER_HELPER_FALLBACK again (un-intentionally enabled in 4.4 series upgrade) that slows down boot or even makes wireless connection fail with drivers with multiple possible firmwares (mga#19390). For other fixes in this update, see the referenced changelogs. References: https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.17 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.18 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.19 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.20 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.21 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.22 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.23 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.24 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.25 https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.26
Priority: Normal => High
Tested on an x86-64 vbox installation of Mageia 5 x86-64 . The kernel boots fine and loads Xfce, but the viewport's resolution is very small and does not get resized. Seems like there's a problem with the VirtualBox's guest additions.
CC: (none) => shlomif
Tested on real x86_64 hardware, Athlon X2 7750 processor, 8GB RAM, nvidia 9800GT video card. Tested x86_64 versions of kernel-tmb and kernel-tmb-development, and the associated "latest" packages, all installed directly from the repositories. (not updated from previous versions) Installation went smoothly. After reboot, everything looks fine. Common apps work, including Firefox, vlc, kpat, and VirtualBox 5.1.8.
CC: (none) => andrewsfarm
Tested on real x86_64 hardware, Intel i3 processor, 4GB RAM, Intel graphics. Results are the same as reported in comment 2.
Installed on x86_64 real hardware after the unsuccessful linus install. This one boots fine. The kernel can be easily identified in the boot menu. Booting is very barebones, no information displayed. Just have to wait for the login screen to appear. Leaving this in place for a day ot two. /boot]$ ls -l vmlinuz* lrwxrwxrwx 1 root root 29 Oct 20 23:33 vmlinuz -> vmlinuz-4.4.26-desktop-1.mga5 -rw-r--r-- 1 root root 4428592 Oct 28 2015 vmlinuz-4.1.12-1.mga5 -rw-r--r-- 1 root root 4421616 Nov 11 2015 vmlinuz-4.1.13-desktop-2.mga5 -rw-r--r-- 1 root root 4437552 Dec 24 2015 vmlinuz-4.1.15-1.mga5 -rw-r--r-- 1 root root 4433392 Jan 20 2016 vmlinuz-4.1.15-desktop-2.mga5 -rw-r--r-- 1 root root 4466352 Jun 10 13:19 vmlinuz-4.4.13-desktop-1.mga5 -rw-r--r-- 1 root root 4467184 Jul 26 10:29 vmlinuz-4.4.16-desktop-1.mga5 -rw-r--r-- 1 root root 4469232 Sep 24 21:26 vmlinuz-4.4.22-desktop-1.mga5 -rw-r--r-- 1 root root 4464416 Oct 20 10:35 vmlinuz-4.4.26-desktop-1.mga5 -rw-r--r-- 1 root root 3617792 Oct 22 21:00 vmlinuz-4.4.26-tmb-desktop-1.mga5 -rw-r--r-- 1 root root 4462240 May 3 21:45 vmlinuz-4.4.9-desktop-1.mga5 lrwxrwxrwx 1 root root 29 Oct 20 23:33 vmlinuz-desktop -> vmlinuz-4.4.26-desktop-1.mga5 lrwxrwxrwx 1 root root 33 Oct 29 14:50 vmlinuz-tmb-desktop -> vmlinuz-4.4.26-tmb-desktop-1.mga5
CC: (none) => tarazed25
M5 x64 real hardware AMD/ATI/Radeon video. This is identified as 'tmb' in the Grub Advanced options sub-menu, and seems to work without problems. OK for me.
CC: (none) => lewyssmith
And now virtualbox no longer works. It comes up with vboxdrv missing. What needs to be installed to provide xboxdrv?
s/xboxdrv/vboxdrv/ Tried removing dkms-virtualbox and reinstalling it. That did not do it. virtualbox-5.1.8-2 is installed and was running fine with kernel-desktop-4.4.26.
I am going to assumee that it is not possible because virtualbox has not been built against the tmb kernel. No problems noted with this kernel so far so it is time to go back to the original desktop kernel.
How did others get virtualbox to work?
(In reply to Len Lawrence from comment #9) > How did others get virtualbox to work? Did you install the kernel-tmb-desktop-devel and kernel-tmb-desktop-devel-latest packages? The dkms packages, including dkms-virtualbox, need them to build new kernel modules.
@tj : Yes, those were installed but it seems that the install scripts did not function. I removed this kernel and reinstalled it and saw the installation report this time and all was well. I have a serious problem with nvidia now. There seems to be a corrupt libguile package which results in any attempt to reinstall nvidia failing. Everything goes well, all installed, and then the installation script hits this corrupted library and immediately uninstalls all the packages. So no nvidia. I am stuck in the middle of the ##!?* night trying to understand what is going on. Thinking of taking a couple of years furlough.
Back to this one after the stock kernel. Used the reset buuton. This time the nvidia module built during the bootup process and is up and running. openafs does not start though. $ systemctl status openafs-client.service â openafs-client.service - OpenAFS Client Service Loaded: loaded (/usr/lib/systemd/system/openafs-client.service; enabled) Active: failed (Result: exit-code) since Sun 2016-10-30 08:15:53 GMT; 2min 20s ago Process: 22414 ExecStart=/sbin/afsd $AFSD_ARGS (code=exited, status=1/FAILURE) Process: 22390 ExecStartPre=/sbin/modprobe libafs (code=exited, status=0/SUCCESS) Process: 22383 ExecStartPre=/bin/chmod 0644 /etc/openafs/CellServDB (code=exited, status=0/SUCCESS) Process: 22331 ExecStartPre=/bin/sed -n w/etc/openafs/CellServDB /etc/openafs/CellServDB.local /etc/openafs/CellServDB.dist (code=exited, status=0/SUCCESS) It seems we can live without it.
So far no obvious problems. Virtualbox runs a 32-bit guest OK under kernel 4.4.26. USB3.0 works in vbox. An external drive can be attached and released easily enough. Stellarium works in vbox and tmb host. host <==> guest communication works under OpenSSH. Sound and video OK. OK for x86_64.
this update works fine. Testing complete for MGA5, 32-bit & 64-bit Validating the update. Could someone from the sysadmin team push to updates. Thanks
Keywords: (none) => validated_updateWhiteboard: (none) => MGA5-32-OK MGA5-64-OKCC: (none) => wilcal.int, sysadmin-bugs
Hi, please upload the advisory
CC: (none) => mageia
(In reply to Nicolas Lécureuil from comment #15) > please upload the advisory Done.
Whiteboard: MGA5-32-OK MGA5-64-OK => MGA5-32-OK MGA5-64-OK advisory
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0364.html
Status: NEW => RESOLVEDResolution: (none) => FIXED