Bug 19794 - Update Request: kernel-linus-4.4.32-1.mga5
Summary: Update Request: kernel-linus-4.4.32-1.mga5
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 5
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: advisory mga5-32-ok mga5-64-ok
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2016-11-15 21:04 CET by Thomas Backlund
Modified: 2016-12-07 12:49 CET (History)
8 users (show)

See Also:
Source RPM: kernel-linus
CVE: CVE-2016-7039, CVE-2016-7042, CVE-2016-7425, CVE-2016-8630, CVE-2016-8633
Status comment:


Attachments

Description Thomas Backlund 2016-11-15 21:04:35 CET
Advisory:
This update is based on upstream 4.4.32 and fixes alteast the following
security issues:

Vladimir Bene discovered an unbounded recursion in the VLAN and TEB
Generic Receive Offload (GRO) processing implementations in the Linux
kernel, A remote attacker could use this to cause a stack corruption,
leading to a denial of service (system crash). (CVE-2016-7039)

The proc_keys_show function in security/keys/proc.c in the Linux kernel
through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is
enabled, uses an incorrect buffer size for certain timeout data, which
allows local users to cause a denial of service (stack memory corruption
and panic) by reading the /proc/keys file (CVE-2016-7042).

The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c
in the Linux kernel through 4.8.2 does not restrict a certain length field,
which allows local users to gain privileges or cause a denial of service
(heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control
code (CVE-2016-7425).
 
Null pointer dereference in kvm/emulate.c (CVE-2016-8630).

A buffer overflow vulnerability due to a lack of input filtering of incoming
fragmented datagrams was found in the IP-over-1394 driver [firewire-net] in
a fragment handling code in the Linux kernel. A maliciously formed fragment
with a respectively large datagram offset would cause a memcpy() past the
datagram buffer, which would cause a system panic or possible arbitrary
code execution. The flaw requires [firewire-net] module to be loaded and is
remotely exploitable from connected firewire devices, but not over a local
network (CVE-2016-8633).

For other fixes in this update, see the referenced changelogs.

References:
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.27
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.28
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.29
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.30
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.31
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.32



SRPM:
kernel-linus-4.4.32-1.mga5.src.rpm


i586:
kernel-linus-4.4.32-1.mga5-1-1.mga5.i586.rpm
kernel-linus-devel-4.4.32-1.mga5-1-1.mga5.i586.rpm
kernel-linus-devel-latest-4.4.32-1.mga5.i586.rpm
kernel-linus-doc-4.4.32-1.mga5.noarch.rpm
kernel-linus-latest-4.4.32-1.mga5.i586.rpm
kernel-linus-source-4.4.32-1.mga5-1-1.mga5.noarch.rpm
kernel-linus-source-latest-4.4.32-1.mga5.noarch.rpm


x86_64:
kernel-linus-4.4.32-1.mga5-1-1.mga5.x86_64.rpm
kernel-linus-devel-4.4.32-1.mga5-1-1.mga5.x86_64.rpm
kernel-linus-devel-latest-4.4.32-1.mga5.x86_64.rpm
kernel-linus-doc-4.4.32-1.mga5.noarch.rpm
kernel-linus-latest-4.4.32-1.mga5.x86_64.rpm
kernel-linus-source-4.4.32-1.mga5-1-1.mga5.noarch.rpm
kernel-linus-source-latest-4.4.32-1.mga5.noarch.rpm
Comment 1 Len Lawrence 2016-11-17 22:10:08 CET
x86_64 hardware, nvidia GTX770, Intel Core i7-4790K, Gigabyte motherboard
Installed:
 kernel-linus-4.4.32-1.mga5-1-1.mga5
 kernel-linus-devel-4.4.32-1.mga5-1-1.mga5
 kernel-linus-devel-latest-4.4.32-1.mga5
 kernel-linus-doc-4.4.32-1.mga5.noarch
 kernel-linus-latest-4.4.32-1.mga5
 kernel-linus-source-4.4.32-1.mga5-1-1.mga5.noarch
 kernel-linus-source-latest-4.4.32-1.mga5.noarch
 kernel-linus-userspace-headers

Rebooted to the Mate desktop.  All was as it was left.  Firefox 45.5.0 OK.
Virtualbox 5.1.8 came up after a systemd update.  Captured an external USB3.0 storage drive.  It mounted immediately.  Released it back to the host using the devices menu.
Leaving this running until the next reboot.

CC: (none) => tarazed25

Dave Hodgins 2016-11-17 22:20:01 CET

CC: (none) => davidwhodgins
Whiteboard: (none) => advisory

Comment 2 Herman Viaene 2016-11-19 14:11:55 CET
MGA5-32 on AcerD620 Xfce
No installation issues
Rebooted after installation, no apparent problems (network, libreoffice, PDF, MCC all OK).

CC: (none) => herman.viaene

Comment 3 Herman Viaene 2016-11-19 14:28:17 CET
A bit too optimistic: after some time clicking back and forth in MCC, the graphics control (Radeon Express 1200) got confused, and fields (small windows in its own) got covered by a red field, up to a point where everything became all but unusable. After reboot all seems normal again, wait and see......
Comment 4 Herman Viaene 2016-11-19 14:43:58 CET
It happened again, so this is a no-go on this machine.
Comment 5 youpburden 2016-11-27 09:44:33 CET
MGA5-64 on HP Pavilion dv7 KDE and Virtualbox-64

I just installed these packages :

 kernel-linus-4.4.32-1.mga5-1-1.mga5
 kernel-linus-devel-4.4.32-1.mga5-1-1.mga5
 kernel-linus-devel-latest-4.4.32-1.mga5
 kernel-linus-doc-4.4.32-1.mga5.noarch
 kernel-linus-latest-4.4.32-1.mga5
 kernel-linus-source-4.4.32-1.mga5-1-1.mga5.noarch
 kernel-linus-source-latest-4.4.32-1.mga5.noarch
 kernel-linus-userspace-headers

Everything is working fine for now, no graphic issues like said on comment#4

I'm using the free AMD drivers.

I've been using Gimp, Libreoffice, Firefox, MCC ... No problems.

CC: (none) => youpburden

Comment 6 William Kenney 2016-12-03 19:37:57 CET
In VirtualBox, M5, KDE, 32-bit

Package(s) under test:
kernel-linus-latest

default install of kernel-desktop-latest

[wilcal@localhost ~]$ uname -a
Linux localhost 4.4.32-desktop-1.mga5 #1 SMP Tue Nov 15 10:10:27 UTC 2016 i686 i686 i686 GNU/Linux
[root@localhost wilcal]# urpmi kernel-desktop-latest
Package kernel-desktop-latest-4.4.32-1.mga5.i586 is already installed

System boots to a working desktop. Common apps work. Screen dimensions are correct.

install kernel-linus-latest from updates_testing

[root@localhost wilcal]# uname -a
Linux localhost 4.4.32-desktop-1.mga5 #1 SMP Tue Nov 15 10:10:27 UTC 2016 i686 i686 i686 GNU/Linux
[root@localhost wilcal]# urpmi kernel-linus-latest
Package kernel-linus-latest-4.4.32-1.mga5.i586 is already installed

System boots to a working desktop. Common apps work. Screen dimensions are correct.
How do I actually know that the system is booting with kernel-linus-latest?
The version numbers seem to be the same as kernel-desktop-latest.

CC: (none) => wilcal.int

Comment 7 William Kenney 2016-12-03 19:38:19 CET
In VirtualBox, M5, KDE, 64-bit

Package(s) under test:
kernel-linus-latest

default install of kernel-desktop-latest

[root@localhost wilcal]# uname -a
Linux localhost.localdomain 4.4.32-desktop-1.mga5 #1 SMP Tue Nov 15 09:08:15 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost wilcal]# urpmi kernel-desktop-latest
Package kernel-desktop-latest-4.4.32-1.mga5.x86_64 is already installed

System boots to a working desktop. Common apps work. Screen dimensions are correct.

install kernel-linus-latest from updates_testing

[root@localhost wilcal]# uname -a
Linux localhost.localdomain 4.4.32-desktop-1.mga5 #1 SMP Tue Nov 15 09:08:15 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost wilcal]# urpmi kernel-linus-latest
Package kernel-linus-latest-4.4.32-1.mga5.x86_64 is already installed

System boots to a working desktop. Common apps work. Screen dimensions are correct.
How do I actually know that the system is booting with kernel-linus-latest?
The version numbers seem to be the same as kernel-desktop-latest.
Comment 8 James Kerr 2016-12-03 21:15:39 CET
(In reply to William Kenney from comment #7)
> In VirtualBox, M5, KDE, 64-bit
> 
> Package(s) under test:
> kernel-linus-latest
> 

> How do I actually know that the system is booting with kernel-linus-latest?
> The version numbers seem to be the same as kernel-desktop-latest.

in linus uname returns only the kernel version, for example:
$ uname -r
4.4.32-1.mga5

in desktop, tmb and server the kernel flavour is also returned, for example
$ uname -r
4.4.32-desktop-1.mga5

CC: (none) => jim

Comment 9 Dave Hodgins 2016-12-04 00:36:26 CET
(In reply to William Kenney from comment #7)
> [root@localhost wilcal]# uname -a
> Linux localhost.localdomain 4.4.32-desktop-1.mga5 #1 SMP Tue Nov 15 09:08:15
> UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

Still running the desktop kernel, not the linus kernel.

> [root@localhost wilcal]# urpmi kernel-linus-latest
> Package kernel-linus-latest-4.4.32-1.mga5.x86_64 is already installed

> How do I actually know that the system is booting with kernel-linus-latest?
> The version numbers seem to be the same as kernel-desktop-latest.

During boot, there should be a new entry for the linus kernel, to select.
The default linux entry should boot to the latest kernel installed, using
the symlinks in /boot for vmlinux and initrd.img
Comment 10 William Kenney 2016-12-04 01:11:02 CET
Per my testing in Comments 6 & 7 would it not be true if I started
with the default kernel-desktop-latest: 4.4.32-desktop-1.mga5
then enabling the update_testing repo, install kernel-linus-latest
then on the next reboot the linus kernel should be the kernel selected.
That should happen automatically, correct?
Comment 11 Thomas Backlund 2016-12-04 01:30:35 CET
(In reply to William Kenney from comment #10)
> Per my testing in Comments 6 & 7 would it not be true if I started
> with the default kernel-desktop-latest: 4.4.32-desktop-1.mga5
> then enabling the update_testing repo, install kernel-linus-latest
> then on the next reboot the linus kernel should be the kernel selected.
> That should happen automatically, correct?

No.

as per design, the "extra" kernels (linus, tmb), does not replace default
kernel symlinks. Those are reserved for core kernel.

So you must explicitly select the "extra" kernel you want to boot during testing of them.
Comment 12 William Kenney 2016-12-04 01:33:19 CET
> (In reply to William Kenney from comment #10)
> No.
> 
> as per design, the "extra" kernels (linus, tmb), does not replace default
> kernel symlinks. Those are reserved for core kernel.
> 
> So you must explicitly select the "extra" kernel you want to boot during
> testing of them.

Ahhhhh...back to this tomorrow to try again.

Thanks.
Comment 13 James Kerr 2016-12-04 12:00:14 CET
On mga5-32

Package installed: kernel-linus-4.4.32-1.mga5-1-1.mga5.i586 

Package installed cleanly

System re-booted normally
$ uname -r
4.4.32-1.mga5

No regressions noted

OK for mga5-32 on this system:

Machine:   Mobo: ECS model: GeForce7050M-M v: 1.0
CPU:       Quad core AMD Phenom 9500
Graphics:  Card: NVIDIA GF108 [GeForce GT 630]
	   drivers: v4l,nouveau
Comment 14 James Kerr 2016-12-04 15:36:03 CET
On mga5-64

Package installed: - kernel-linus-4.4.32-1.mga5-1-1.mga5.x86_64

Package installed cleanly

System re-booted normally
$ uname -r
4.4.32-1.mga5

No regressions noted

OK for mga5-64 on this system:

mobo: ECS model: GeForce7050M-M v: 1.0
CPU:  Quad core AMD Phenom 9500 (-MCP-)
Graphics:  Card: NVIDIA GF108 [GeForce GT 630]
           Display Server: X.Org 1.16.4 drivers: v4l,nouveau 
Boot: legacy BIOS
Disk: GPT partitions
Comment 15 William Kenney 2016-12-04 18:14:15 CET
In VirtualBox, M5, KDE, 32-bit

Package(s) under test:
kernel-linus-latest

default install of kernel-desktop-latest

[root@localhost wilcal]# uname -a
Linux localhost 4.4.32-desktop-1.mga5 #1 SMP Tue Nov 15 10:10:27 UTC 2016 i686 i686 i686 GNU/Linux
[root@localhost wilcal]# urpmi kernel-desktop-latest
Package kernel-desktop-latest-4.4.32-1.mga5.i586 is already installed

System boots to a working desktop. Common apps work. Screen dimensions are correct.

install kernel-linus-latest from updates_testing

[root@localhost wilcal]# uname -a
Linux localhost 4.4.32-1.mga5 #1 SMP Tue Nov 15 19:50:58 UTC 2016 i686 i686 i686 GNU/Linux
[root@localhost wilcal]# urpmi kernel-linus-latest
Package kernel-linus-latest-4.4.32-1.mga5.i586 is already installed

Got it. Thanks tmb.
System boots to a working desktop. Common apps work. Screen dimensions are correct.
Comment 16 William Kenney 2016-12-04 18:14:31 CET
In VirtualBox, M5, KDE, 64-bit

Package(s) under test:
kernel-linus-latest

default install of kernel-desktop-latest

[root@localhost wilcal]# uname -a
Linux localhost.localdomain 4.4.32-desktop-1.mga5 #1 SMP Tue Nov 15 09:08:15 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost wilcal]# urpmi kernel-desktop-latest
Package kernel-desktop-latest-4.4.32-1.mga5.x86_64 is already installed

System boots to a working desktop. Common apps work. Screen dimensions are correct.

install kernel-linus-latest from updates_testing

[root@localhost wilcal]# uname -a
Linux localhost.localdomain 4.4.32-1.mga5 #1 SMP Tue Nov 15 20:17:11 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost wilcal]# urpmi kernel-linus-latest
Package kernel-linus-latest-4.4.32-1.mga5.x86_64 is already installed

Got it. Thanks tmb.
System boots to a working desktop. Common apps work. Screen dimensions are correct.
youpburden 2016-12-07 10:10:51 CET

CVE: (none) => CVE-2016-7039, CVE-2016-7042, CVE-2016-7425, CVE-2016-8630, CVE-2016-8633
Whiteboard: advisory => advisory mga5-32-ok mga5-64-ok

Comment 17 Lewis Smith 2016-12-07 10:55:55 CET
Thanks to James & Bill for testing this. Am validating it; Advisory already in place.

Keywords: (none) => validated_update
CC: (none) => lewyssmith, sysadmin-bugs

Comment 18 Mageia Robot 2016-12-07 12:49:18 CET
An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2016-0411.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.