Updated the 64-bit 340 driver at the same time as the server kernel update.

Everything seems to be working as it should.

CC: (none) => andrewsfarm

Advisory:
This proprietary nvidia340 and nvidia304 driver update fixes the folliwing
security issues:

NVIDIA GPU Display Driver contains a vulnerability in the kernel mode
layer (nvidia.ko) handler where a missing permissions check may allow
users to gain access to arbitrary physical memory, leading to an
escalation of privileges (CVE-2016-7382).

NVIDIA GPU Display Driver on Linux contains a vulnerability in the kernel
mode layer (nvidia.ko) handler for mmap() where improper input validation
may allow users to gain access to arbitrary physical memory, leading to
an escalation of privileges (CVE-2016-7389).


NVIDIA GPU Display Driver contains a vulnerability in the kernel mode
layer (nvidia.ko) where a user can cause a GPU interrupt storm, leading
to a denial of service (CVE-2016-8826).

References:
http://nvidia.custhelp.com/app/answers/detail/a_id/4246
http://nvidia.custhelp.com/app/answers/detail/a_id/4278

Updated the 32-bit nvidia304 driver at the same time as the update to the 4.4.39 32-bit server kernel.

Tried several apps, and everything looks good.

I would add OKs to the whiteboard, but I am not set up to try the 32-bit 340 driver or the 64-bit 304 driver, so I can't confirm that they are indeed OK.

Been using the nvidia340 driver in a x86_64 system for a few days. Used Plasma, 3D games, vdpau, firefox, flash, and many other programs without issues.

$ lspcidrake | grep VGA
Card:NVIDIA GeForce 8100 to GeForce 415: NVIDIA Corporation|GT218 [GeForce 210] [DISPLAY_VGA] (rev: a2)
$ cat /proc/driver/nvidia/version 
NVRM version: NVIDIA UNIX x86_64 Kernel Module  340.101  Thu Dec  1 15:52:31 PST 2016
GCC version:  gcc version 4.9.2 (GCC) 
$ uname -a
Linux marte 4.4.39-desktop-1.mga5 #1 SMP Fri Dec 16 18:43:46 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
$ rpm -qa | grep nvidia | sort
dkms-nvidia340-340.101-1.mga5.nonfree
nvidia340-cuda-opencl-340.101-1.mga5.nonfree
nvidia340-devel-340.101-1.mga5.nonfree
nvidia340-kernel-desktop-latest-340.96-6.mga5.nonfree
x11-driver-video-nvidia340-340.101-1.mga5.nonfree

CC: (none) => mageia

Updated nvidia340 to 340.101 on a Dell XPS laptop with MBR boot,  GeForce 8700M GT, kernel 4.4.39, x86_64.

Rebooted OK and X works fine but Firefox freezes up after 20 seconds use.

CC: (none) => tarazed25

firefox 45.6.0.  Had to restart it six times just to send the last message.

No problems here with Firefox that I would put to the 340 driver. Seeing some slowness on some sites, but I believe that's being caused by my ISP.

Geforce 9800 GT in a home-built desktop, ASRock A790GXH/128M motherboard, Athlon X2 7750 processor, 8GB RAM.

No issues with firefox-45.6.0-1.mga5 and Firefox 51.0b10 (upstream), including video and webgl stuff. No (more than usual) slowness either.

This issue with Firefox has happened before on other machines.  It recovers from the freeze if left for about a minute, during which time alternate cores go into overdrive, i.e. 100% usage.  Currently 45.6.0 is completely stable on my other machines, all running the advanced nvidia driver.  My suspicion fell on the kernels, which were being updated frequently but I have no real evidence to back that up.  For instance firefox is stable on the machine on which this is being composed (45.6.0 with 4.4.39-desktop-1.mga5).  Anyway the problem went away on the other machines but has come back to haunt me on the laptop with a fresh installation of mga5.1.  Not enough information to make it worthwhile raising a bug.

This is actually off-topic.  The journal showed that it is samba which is causing the problem.  For some reason it is (periodically?) trying to launch or maybe access CUPS via localhost:631.  Does not make sense to me but after stopping smbd the firefox freezes seem to have stopped.  I always thought that samba had something to do with Windows networking but it is needed apparently by GNOME and vlc at least.  Stopping it does not prevent vlc working normally.

On i586 Athlon XP 32 bit

nvidia304-304.131-1 works for new with kernel-desktop-4.4.39-1.

CC: (none) => cae

MGA6 - not 5 - 

Video:  C51 [GeForce 6150 LE]

$ uname -a
Linux localhost.localdomain 4.9.0-desktop-4.mga6 #1 SMP Wed Jan 4 22:10:29 UTC 2017 i686 i686 i686 GNU/Linux

running dkms-nvidia304.134.2 - working as designed.

CC: (none) => brtians1

MGA5-32 on GNOME

Video:  C51 [GeForce 6150 LE]
Athlon x2-3800


$ uname -a
Linux localhost.localdomain 4.4.39-desktop586-1.mga5 #1 SMP Fri Dec 16 18:34:16 UTC 2016 i686 i686 i686 GNU/Linux


Installed
dkms-nvidia304-304.134-1.mga5.nonfree.i586.rpm
x11-driver-video-nvidia304-304.134-1.mga5.nonfree.i586.rpm

which pulled in the nvidia kernel.

Using firefox browser.  I'm seeing some of the best response I've seen out of this machine, especially on gnome.

working as designed.

Whiteboard: (none) => mga5-32-ok

Advisory from comments 2 & 0.

CC: (none) => lewyssmith
Whiteboard: mga5-32-ok => mga5-32-ok advisory

Tested nvidia 304 mga5-64 under general use, nothing particularly taxing.  Web use, youtube videos, (firefox), view pictures, all OK.

I'll leave open in case anyone else is using it more extensively than I am, or I'll add the OK and validate tomorrow AM (US east coast time).

CC: (none) => wrw105

Installed from Testing:

  dkms-nvidia340-340.101-1.mga5.nonfree.x86_64.rpm               
  x11-driver-video-nvidia340-340.101-1.mga5.nonfree.x86_64.rpm   

After reboot, 'nVidia settings' confirms 340.101 installed.

No problems noticed, e,g, Firefox, Google-Earth, Gwenview, Skype, You Tube.

CC: (none) => maurice

An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2017-0013.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED