In a Vbox client, M5.1, KDE, 32-bit

Testing: kernel-linus-latest

[root@localhost wilcal]# uname -a
Linux localhost 4.4.79-1.mga5 #1 SMP Fri Jul 28 05:50:57 UTC 2017 i686 i686 i686 GNU/Linux
[root@localhost wilcal]# urpmi kernel-linus-latest
Package kernel-linus-latest-4.4.79-1.mga5.i586 is already installed

Boots to a working desktop. Screen resolution is correct. Common apps work.

CC: (none) => wilcal.int

In a Vbox client, M5.1, KDE, 64-bit

Testing: kernel-linus-latest

[root@localhost wilcal]# uname -a
Linux localhost 4.4.79-1.mga5 #1 SMP Fri Jul 28 05:50:40 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost wilcal]# urpmi kernel-linus-latest
Package kernel-linus-latest-4.4.79-1.mga5.x86_64 is already installed

Boots to a working desktop. Screen resolution is correct. Common apps work.

subject: Updated kernel-linus packages fixes security and other bugs
CVE:
 - CVE-2017-10810
src:
  5:
   core:
     - kernel-linus-4.4.79-1.mga5
description: |
  This kernel-linus update is based on upstream 4.4.79 and fixes atleast the
  following security issues:

  Linux kernel built with the VirtIO GPU driver(CONFIG_DRM_VIRTIO_GPU) support
  is vulnerable to a memory leakage issue. It could occur while creating a
  virtio gpu object in virtio_gpu_object_create(). A user/process could use
  this flaw to leak host kernel memory potentially resulting in Dos
  (CVE-2017-10810).

  It also contains followup fixes to the Stack Clash (CVE-2017-1000370,
  CVE-2017-1000371) security issues resolved in kernels released at end
  of June, 2017.

  For other upstream fixes in this update, read the referenced changelogs.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=21391
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.75
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.76
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.77
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.78
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.79

Whiteboard: (none) => advisory

Only vbox tests so far, would benefit from HW testing but up to you Thomas?

OK Claire - I can do a couple of hardware tests - today hopefully.

CC: (none) => tarazed25

Mageia release 5 (Official) for x86_64
4.4.74-desktop-1.mga5
Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Intel Corporation Xeon E3-1200 v3/4th Gen 
NVIDIA Corporation GK104 [GeForce GTX 770] 
RAM 15.35 GB

The packages installed cleanly, ran drakboot, rebooted.
And hereby hangs a tale - no sign of the new entry in the boot menu.
Tried rebooting again, to no avail; still running the desktop kernel.

Moved to another machine and followed the same procedure.
No sign of the bare kernel there either.
Removed some of the old kernels via urpme.
Ran update-grub2 which clearly identified the linus kernel, but also the deleted kernels.  On reboot the old kernels were still listed but linus was not (looking for kernel 4.4.79).

So what is going on here?  It has been installed and booted successfully on mga6.
Trying a laptop next.

On mga5-64

Packages installed cleanly:

kernel-linus-latest-4.4.79-1.mga5.x86_64
kernel-linus-4.4.79-1.mga5-1-1.mga5.x86_64

Ran drakboot
System re-booted normally - kernel-linus was booted by the default Mageia entry in the boot menu
$ uname -r
4.4.79-1.mga5

OK for mga5-64 on this system

PC-BIOS (legacy) boot
GPT partitions
Dell product: Precision Tower 3620
Mobo: Dell model: 09WH54 
Card: Intel HD Graphics 530
CPU: Quad core Intel Core i7-6700 (-HT-MCP-)

CC: (none) => jim

mga5  x86_64
Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
NVIDIA Corporation GM204 [GeForce GTX 970] 
RAM 31.38 GB

Referring to comment 6.
Final option was to reinstall the bootloader via mcc->boot.
That worked and the linus kernel booted and rebuilt the nvidia  module.
The Mate desktop is running fine.
$ uname -r
4.4.79-1.mga5
CPU stress test ran OK.
This looks all right.

Mageia release 5 (Official) for x86_64
4.4.74-desktop-1.mga5
Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Intel Corporation Xeon E3-1200 v3/4th Gen 
NVIDIA Corporation GK104 [GeForce GTX 770] 
RAM 15.35 GB

Ran the update; everything installed cleanly
Reinstalled the bootloader via mcc->boot
nvidia-current rebuilt during boot
Rebooted to Mate OK.  Desktop operations working properly.
$ uname -r
4.4.79-1.mga5

CPU stress test (square root calculations) run on 5 cores.  OK.
Stellarium runs fine - fullscreen mode.

Mageia release 5 (Official) for x86_64
Legacy boot on GPT disk
4.4.74-desktop-1.mga5
Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
NVIDIA Corporation GK107M [GeForce GT 650M] 
RAM  7.75 GB

Installed updates and reinstalled the bootloader.
Rebooted and rebuilt nvidia kmod
Mate up and running.
$ uname -r
4.4.79-1.mga5
$ stress -c 4 -t 30
completed.

(In reply to Len Lawrence from comment #8)

> Final option was to reinstall the bootloader via mcc->boot.

That's what I always do. In Mageia 5, one must use 'drakboot --boot' in order to launch the boot configuration from the CLI. 'drakboot' without the '--boot' launches drakdm. That anomaly has been fixed in Mageia 6. Sorry for not making that clear.

(In reply to James Kerr from comment #11)
'drakboot' without the boot' launches drakdm. 

Should read 'drakboot' without the boot' launches drakautologin

Thanks James for the useful information.  I guess it would pay to read the documentation.

It's tested enough to validate... 

I need theese out of the way as I need to start releasing new kernels for test as there is a new root exploit on the way...

Added OK for mga5-32 and validated

CC: (none) => sysadmin-bugs
Whiteboard: advisory MGA5-64-OK => advisory MGA5-64-OK MGA5-32-OK
Keywords: (none) => validated_update

An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2017-0260.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED