All critical CVE fixes in as in core kernel in MGASA-2017-0136 + More CVE fixes, including remote NFSD exploits, advisory will follow...
x86_64, nvidia GTX770, Haswell i7-4790K, 16GB RAM (DIMM)
Gigabyte Sniper.Z97 motherboard
Clean install. nvidia and virtualbox modules rebuilt during boot sequence.
Mate, Mate terminal, emacs
Sound and video working fine, vlc, mplayer, TV card PCTV 290e
Package installation, gem, ruby, tk, rsync
MCC, LibreOffice writer, Firefox, MageiaWelcome
eom, gqview, ImageMagick, gwenview, gimp
All working fine.
Intel(R) Core(TM) i7-5700HQ CPU @ 2.70GHz
twin nvidia GTX 965M - running on one
Installed from Updates Testing and rebooted. Mate Desktop functioning.
pulseaudio up and running.
Tried terminals, emacs, networking, libreoffice, the gimp, mcc, urpmi, firefox
Installed ntp, enabled and started it.
image viewers: eom, gwenview, display
audio/video OK in gmplayer and vlc
All working - that should be enough for now.
Re comment 2 - that was x86_64
$ sudo nvidia-xconfig --sli=ON
Logged out and in. xorg.conf screen section records "SLI" "ON"
nvidia-settings lists DFP-1 against GPU 0 only.
The system continues to work normally.
x86_64 Ivy Bridge
Intel(R) Core(TM) i7-3630QM
nvidia GT 650M (nvidia 375.26 driver)
Installed the packages from Core Updates Testing - no problems.
Rebooted to working Mate desktop.
Common applications work:
terminal, emacs, vi, ssh, ruby, tk, vlc, mplayer, libreoffice, imagemagick,
eom, gqview, gwenview, firefox, sound and video.....
Installed stellarium and celestia and both worked fine.
Advisory (also added to svn):
This kernel-tmb update is based on upstream 4.4.68 and fixes atleast
the following security issues:
fs/namespace.c in the Linux kernel before 4.9 does not restrict how many
mounts may exist in a mount namespace, which allows local users to cause
a denial of service (memory consumption and deadlock) via MS_BIND mount
system calls, as demonstrated by a loop that triggers exponential growth
in the number of mounts (CVE-2016-6213).
The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in
the Linux kernel before 4.6 allows local users to gain privileges or cause
a denial of service (use-after-free) via vectors involving omission of the
firmware name from a certain data structure (CVE-2016-7913).
The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux
kernel before 4.5 does not check whether a batch message's length field is
large enough, which allows local users to obtain sensitive information from
kernel memory or cause a denial of service (infinite loop or out-of-bounds
read) by leveraging the CAP_NET_ADMIN capability (CVE-2016-7917).
The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through
4.8.11 does not validate the relationship between the minimum fragment
length and the maximum packet size, which allows local users to gain
privileges or cause a denial of service (heap-based buffer overflow) by
leveraging the CAP_NET_ADMIN capability (CVE-2016-8632).
drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local
users to bypass integer overflow checks, and cause a denial of service
(memory corruption) or have unspecified other impact, by leveraging access
to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a
"state machine confusion bug" (CVE-2016-9083).
drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11
misuses the kzalloc function, which allows local users to cause a denial
of service (integer overflow) or have unspecified other impact by
leveraging access to a vfio PCI device file (CVE-2016-9084).
It was discovered that root can gain direct access to an internal keyring,
such as '.builtin_trusted_keys' upstream, by joining it as its session
keyring. This allows root to bypass module signature verification by adding
a new public key of its own devising to the keyring (CVE-2016-9604).
The ping_unhash function in net/ipv4/ping.c in the Linux kernel through
4.10.8 is too late in obtaining a certain lock and consequently cannot
ensure that disconnect function calls are safe, which allows local users
to cause a denial of service (panic) by leveraging access to the protocol
value of IPPROTO_ICMP in a socket system call (CVE-2017-2671).
Race condition in kernel/events/core.c in the Linux kernel before 4.9.7
allows local users to gain privileges via a crafted application that makes
concurrent perf_event_open system calls for moving a software group into a
hardware context. NOTE: this vulnerability exists because of an incomplete
fix for CVE-2016-6786 (CVE-2017-6001).
The keyring_search_aux function in security/keys/keyring.c in the Linux
kernel through 3.14.79 allows local users to cause a denial of service
(NULL pointer dereference and OOPS) via a request_key system call for the
"dead" type (CVE-2017-6951).
The packet_set_ring function in net/packet/af_packet.c in the Linux kernel
through 4.10.6 does not properly validate certain block-size data, which
allows local users to cause a denial of service (overflow) or possibly have
unspecified other impact via crafted system calls (CVE-2017-7308).
A vulnerability was found in the Linux kernel. It was found that
keyctl_set_reqkey_keyring() function leaks thread keyring which allows
unprivileged local user to exhaust kernel memory (CVE-2017-7472).
The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through
4.10.11 allows remote attackers to cause a denial of service (system crash)
via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and
The NFSv2 and NFSv3 server implementations in the Linux kernel through
4.10.13 lack certain checks for the end of a buffer, which allows remote
attackers to trigger pointer-arithmetic errors or possibly have unspecified
other impact via crafted requests, related to fs/nfsd/nfs3xdr.c and
For other upstream fixes in this update, see the referenced changelogs.
Testing of all kernels complete on real hardware and under vb.
An update for this issue has been pushed to the Mageia Updates repository.