Bug 21389 - Update request: kernel-tmb-4.9.40-1.mga6
Summary: Update request: kernel-tmb-4.9.40-1.mga6
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 6
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: advisory MGA6-64-OK MGA6-32-OK
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2017-07-28 18:56 CEST by Thomas Backlund
Modified: 2017-08-13 15:18 CEST (History)
5 users (show)

See Also:
Source RPM: kernel-tmb
CVE:
Status comment:


Attachments

Description Thomas Backlund 2017-07-28 18:56:04 CEST
New kernels to test, an advisory will follow...

SRPMS:
kernel-tmb-4.9.40-1.mga6.src.rpm



i586:
kernel-tmb-desktop-4.9.40-1.mga6-1-1.mga6.i586.rpm
kernel-tmb-desktop-devel-4.9.40-1.mga6-1-1.mga6.i586.rpm
kernel-tmb-desktop-devel-latest-4.9.40-1.mga6.i586.rpm
kernel-tmb-desktop-latest-4.9.40-1.mga6.i586.rpm
kernel-tmb-source-4.9.40-1.mga6-1-1.mga6.noarch.rpm
kernel-tmb-source-latest-4.9.40-1.mga6.noarch.rpm



x86_64:
kernel-tmb-desktop-4.9.40-1.mga6-1-1.mga6.x86_64.rpm
kernel-tmb-desktop-devel-4.9.40-1.mga6-1-1.mga6.x86_64.rpm
kernel-tmb-desktop-devel-latest-4.9.40-1.mga6.x86_64.rpm
kernel-tmb-desktop-latest-4.9.40-1.mga6.x86_64.rpm
kernel-tmb-source-4.9.40-1.mga6-1-1.mga6.noarch.rpm
kernel-tmb-source-latest-4.9.40-1.mga6.noarch.rpm
Comment 1 Len Lawrence 2017-07-30 19:17:49 CEST
Aorus X5 laptop
mga6  x86_64  EFI boot on multiboot system
ASUS motherboard
16 GB RAM
Intel(R) Core(TM) i7-5700HQ CPU @ 2.70GHz
2 x nvidia GeForce GTX 965M

Installed the 3 packages and ran drakboot.
nvidia-current rebuilt during reboot.
Ran the usual battery of tests.
During stress tests the temperature went dangerously high - 92°C, because firefox was misbehaving again, as it does on every installation now.  It settled down and the machine seems to be OK.  Mate is running fine.

CC: (none) => tarazed25

Comment 2 Thomas Backlund 2017-07-30 20:52:26 CEST
subject: Updated kernel-tmb packages fixes security and other bugs
CVE:
 - CVE-2017-10810
src:
  6:
   core:
     - kernel-tmb-4.9.40-1.mga6
description: |
  This kernel-tmb update is based on upstream 4.9.40 and fixes atleast the
  following security issues:

  Linux kernel built with the VirtIO GPU driver(CONFIG_DRM_VIRTIO_GPU) support
  is vulnerable to a memory leakage issue. It could occur while creating a
  virtio gpu object in virtio_gpu_object_create(). A user/process could use
  this flaw to leak host kernel memory potentially resulting in Dos
  (CVE-2017-10810).

  It also contains followup fixes to the Stack Clash (CVE-2017-1000370,
  CVE-2017-1000371) security issues resolved in kernels released at end
  of June, 2017.

  Other Mageia kernel specific fixes in this updates:
  - enable support for NFS4_1 and NFS4_2 (mga#21182)
  - ALSA: hda/realtek - New codecs support for ALC215/ALC285/ALC289
  - ALSA: hda/realtek - New codec device ID for ALC1220
  - platform/x86: asus-nb-wmi: Add wapf4 quirk for the X302UA (mga#18756)

  For other upstream fixes in this update, read the referenced changelogs.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=21389
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.36
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.37
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.38
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.39
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.40

Whiteboard: (none) => advisory

Comment 3 Herman Viaene 2017-07-31 18:35:11 CEST
MGA6-32 on Asus A6000VM MATE with propietary nvidia
No installtion issues.
After reboot all usual suspects are OK: Office documents, video playing, access to NFS shares and wifi printer. OK fro me

CC: (none) => herman.viaene

Comment 4 nathan giovannini 2017-08-01 09:16:12 CEST
Acer Aspire ES 11 MGA 6 64 After installation I have not noticed regressions
OK for me

CC: (none) => nathan95

Comment 5 Thomas Backlund 2017-08-13 12:33:43 CEST
It's tested enough to validate... 

I need theese out of the way as I need to start releasing new kernels for test as there is a new root exploit on the way...
Comment 6 James Kerr 2017-08-13 12:49:32 CEST
Added OK's and validated

Keywords: (none) => validated_update
CC: (none) => jim, sysadmin-bugs
Whiteboard: advisory => advisory MGA6-64-OK MGA6-32-OK

Comment 7 Mageia Robot 2017-08-13 15:18:32 CEST
An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2017-0259.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.