Bug 19796 - Update Request: kernel-tmb-4.4.32-1.mga5
Summary: Update Request: kernel-tmb-4.4.32-1.mga5
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 5
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: advisory mga5-32-ok mga5-64-ok
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2016-11-15 22:01 CET by Thomas Backlund
Modified: 2016-12-07 12:49 CET (History)
9 users (show)

See Also:
Source RPM: kernel-tmb
CVE: CVE-2016-7042, CVE-2016-8630
Status comment:


Attachments

Description Thomas Backlund 2016-11-15 22:01:10 CET
Advisory:
This update is based on upstream 4.4.32 and fixes alteast the following
security issues:

The proc_keys_show function in security/keys/proc.c in the Linux kernel
through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is
enabled, uses an incorrect buffer size for certain timeout data, which
allows local users to cause a denial of service (stack memory corruption
and panic) by reading the /proc/keys file (CVE-2016-7042).

The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c
in the Linux kernel through 4.8.2 does not restrict a certain length field,
which allows local users to gain privileges or cause a denial of service
(heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control
code (CVE-2016-7425).
 
Null pointer dereference in kvm/emulate.c (CVE-2016-8630).

A buffer overflow vulnerability due to a lack of input filtering of incoming
fragmented datagrams was found in the IP-over-1394 driver [firewire-net] in
a fragment handling code in the Linux kernel. A maliciously formed fragment
with a respectively large datagram offset would cause a memcpy() past the
datagram buffer, which would cause a system panic or possible arbitrary
code execution. The flaw requires [firewire-net] module to be loaded and is
remotely exploitable from connected firewire devices, but not over a local
network (CVE-2016-8633).

For other fixes in this update, see the referenced changelogs.

References:
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.27
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.28
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.29
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.30
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.31
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.32



SRPM:
kernel-tmb-4.4.32-1.mga5.src.rpm


i586:
kernel-tmb-4.4.32-1.mga5-1-1.mga5.i586.rpm
kernel-tmb-devel-4.4.32-1.mga5-1-1.mga5.i586.rpm
kernel-tmb-devel-latest-4.4.32-1.mga5.i586.rpm
kernel-tmb-doc-4.4.32-1.mga5.noarch.rpm
kernel-tmb-latest-4.4.32-1.mga5.i586.rpm
kernel-tmb-source-4.4.32-1.mga5-1-1.mga5.noarch.rpm
kernel-tmb-source-latest-4.4.32-1.mga5.noarch.rpm


x86_64:
kernel-tmb-4.4.32-1.mga5-1-1.mga5.x86_64.rpm
kernel-tmb-devel-4.4.32-1.mga5-1-1.mga5.x86_64.rpm
kernel-tmb-devel-latest-4.4.32-1.mga5.x86_64.rpm
kernel-tmb-doc-4.4.32-1.mga5.noarch.rpm
kernel-tmb-latest-4.4.32-1.mga5.x86_64.rpm
kernel-tmb-source-4.4.32-1.mga5-1-1.mga5.noarch.rpm
kernel-tmb-source-latest-4.4.32-1.mga5.noarch.rpm
Comment 1 Len Lawrence 2016-11-17 00:37:03 CET
Upgrading from 4.4.26-tmb-desktop-1.mga5 on x86_64 hardware with nvidia GTX770.

Installed:
  kernel-tmb-desktop-latest
  kernel-tmb-desktop-4.4.32-1.mga5-1-1.mga5
  cpupower-4.4.32-1.mga5
  cpupower-devel-4.4.32-1.mga5
  kernel-tmb-desktop-devel-latest
  kernel-tmb-desktop-devel-4.4.32-1.mga5-1-1.mga5

CC: (none) => tarazed25

Comment 2 Len Lawrence 2016-11-17 01:10:18 CET
Rebooting went smoothly.  Rebuilt nvidia module.  Mate desktop up and running.
Firefox 45.5.0.  Rebooted a 32-bit virtual machine, Mate, Firefox 45.4.0, kernel 4.4.30-desktop586-2.mga5
Back to the host:
Bluetooth and pulseaudio working well together.  Played a downloaded Renee Fleming Youtube video using mplayer then watched live HD TV courtesy of vlc.
Comment 3 Len Lawrence 2016-11-17 02:03:18 CET
Ran glmark2 which returned a respectable score of 17965.  Loaded stellarium to see the local night sky.  Ran celestia for a quick tour of the solar system, the constellations and the galaxy.  Logged in to another machine via ssh and invoked a couple of graphical applications.  No problems.  Cut and paste in a terminal worked remotely.  Invoked googleearth but it was very slow to load so I killed it, but it was working.

All the signs are that the kernel is fine for 64-bits.
Dave Hodgins 2016-11-17 22:27:56 CET

CC: (none) => davidwhodgins
Whiteboard: (none) => advisory

Comment 4 Herman Viaene 2016-11-19 15:31:47 CET
MGA-32 on AcerD620 Xfce
No installation issues.
Same problem as kernel-linus update: afer a few minutes the graphics get garbled with red color fields making any application all bur unusable.

CC: (none) => herman.viaene

Comment 5 Brian Rockwell 2016-12-02 00:07:23 CET
Video: C51 [GeForce 6150 LE]
âAMD Athlon(tm) 64 X2 Dual Core Processor 3800+
Sound: MCP51 High Definition Audio
HDrive: Maxtor 6L080J4



The following 15 packages are going to be installed:

- gcc-4.9.2-4.1.mga5.i586
- gcc-cpp-4.9.2-4.1.mga5.i586
- glibc-devel-2.20-23.mga5.i586
- kernel-tmb-desktop-4.4.32-1.mga5-1-1.mga5.i586
- kernel-tmb-desktop-devel-4.4.32-1.mga5-1-1.mga5.i586
- kernel-tmb-desktop-devel-latest-4.4.32-1.mga5.i586
- kernel-tmb-desktop-latest-4.4.32-1.mga5.i586
- kernel-tmb-source-4.4.32-1.mga5-1-1.mga5.noarch
- kernel-tmb-source-latest-4.4.32-1.mga5.noarch
- kernel-userspace-headers-4.4.35-2.mga5.i586
- libmpc3-1.0.2-4.mga5.i586
- libncurses-devel-5.9-21.mga5.i586
- libstdc++5-3.3.6-11.mga5.i586
- libstdc++5-devel-3.3.6-11.mga5.i586
- make-4.0-6.mga5.i586

659MB of additional disk space will be used.

152MB of packages will be retrieved.

Is it ok to continue?


[brian@localhost ~]$ uname -a
Linux localhost.localdomain 4.4.32-tmb-desktop-1.mga5 #1 SMP PREEMPT Tue Nov 15 20:09:22 UTC 2016 i686 i686 i686 GNU/Linux

-- 
Drive access actually sounds different (old drive with grinding bearings and noisy servos).  

Plugging in USB works.  browser works.  Sounds is working.  Open to open files.

Works for me.

CC: (none) => brtians1
Whiteboard: advisory => advisory mga5-32-ok

Comment 6 James Kerr 2016-12-04 13:47:36 CET
On mga5-32

Package installed: - kernel-tmb-desktop-4.4.32-1.mga5-1-1.mga5.i586

Package installed cleanly

System re-booted normally.
$ uname -r
4.4.32-tmb-desktop-1.mga5

No regressions noted.

OK for mga5-32 on this system:

Machine:   Mobo: ECS model: GeForce7050M-M v: 1.0
CPU:       Quad core AMD Phenom 9500
Graphics:  Card: NVIDIA GF108 [GeForce GT 630]
	   drivers: v4l,nouveau

CC: (none) => jim

Comment 7 James Kerr 2016-12-04 16:46:19 CET
On mga5-64

Package installed: - kernel-tmb-desktop-4.4.32-1.mga5-1-1.mga5.x86_64

Package installed cleanly

System re-booted normally
$ uname -r
4.4.32-tmb-desktop-1.mga5

No regressions noted
OK for mga5-64 on this system:


mobo: ECS model: GeForce7050M-M v: 1.0
CPU:  Quad core AMD Phenom 9500 (-MCP-)
Graphics:  Card: NVIDIA GF108 [GeForce GT 630]
           Display Server: X.Org 1.16.4 drivers: v4l,nouveau 
Boot: legacy BIOS
Disk: GPT partitions
Comment 8 William Kenney 2016-12-04 19:53:53 CET
In VirtualBox, M5, KDE, 32-bit

Package(s) under test:
kernel-tmb-desktop-latest

default install of kernel-desktop-latest

[root@localhost wilcal]# uname -a
Linux localhost 4.4.32-desktop-1.mga5 #1 SMP Tue Nov 15 10:10:27 UTC 2016 i686 i686 i686 GNU/Linux
[root@localhost wilcal]# urpmi kernel-desktop-latest
Package kernel-desktop-latest-4.4.32-1.mga5.i586 is already installed

System boots to a working desktop. Common apps work. Screen dimensions are correct.

install kernel-tmb-desktop-latest from updates_testing
Power off client
Set Vbox Manager -> System -> Processor -> Enable PAE/NX
boot Vbox client

[root@localhost wilcal]# uname -a
Linux localhost 4.4.32-tmb-desktop-1.mga5 #1 SMP PREEMPT Tue Nov 15 20:09:22 UTC 2016 i686 i686 i686 GNU/Linux
[root@localhost wilcal]# urpmi kernel-tmb-desktop-latest
Package kernel-tmb-desktop-latest-4.4.32-1.mga5.i586 is already installed

System boots to a working desktop. Common apps work. Screen dimensions are correct.

CC: (none) => wilcal.int

Comment 9 William Kenney 2016-12-04 19:54:08 CET
In VirtualBox, M5, KDE, 64-bit

Package(s) under test:
kernel-tmb-desktop-latest

default install of kernel-desktop-latest

root@localhost wilcal]# uname -a
Linux localhost.localdomain 4.4.32-desktop-1.mga5 #1 SMP Tue Nov 15 09:08:15 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost wilcal]# urpmi kernel-desktop-latest
Package kernel-desktop-latest-4.4.32-1.mga5.x86_64 is already installed

System boots to a working desktop. Common apps work. Screen dimensions are correct.

install kernel-tmb-desktop-latest from updates_testing
Power off client
Set Vbox Manager -> System -> Processor -> Enable PAE/NX
boot Vbox client

[root@localhost wilcal]# uname -a
Linux localhost.localdomain 4.4.32-tmb-desktop-1.mga5 #1 SMP PREEMPT Tue Nov 15 20:13:55 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost wilcal]# urpmi kernel-tmb-desktop-latest
Package kernel-tmb-desktop-latest-4.4.32-1.mga5.x86_64 is already installed

System boots to a working desktop. Common apps work. Screen dimensions are correct.
youpburden 2016-12-07 10:08:29 CET

CC: (none) => youpburden
CVE: (none) => CVE-2016-7042, CVE-2016-8630
Whiteboard: advisory mga5-32-ok => advisory mga5-32-ok mga5-64-ok

Comment 10 Lewis Smith 2016-12-07 10:57:42 CET
Thanks to the various testers. Validating this, Advisory already uploaded.

Keywords: (none) => validated_update
CC: (none) => lewyssmith, sysadmin-bugs

Comment 11 Mageia Robot 2016-12-07 12:49:42 CET
An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2016-0412.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.