New kernels to test, contains security fixes for atleast a local root exploit, advisory will follow... SRPMS: kernel-tmb-4.9.43-1.mga6.src.rpm i586: kernel-tmb-desktop-4.9.43-1.mga6-1-1.mga6.i586.rpm kernel-tmb-desktop-devel-4.9.43-1.mga6-1-1.mga6.i586.rpm kernel-tmb-desktop-devel-latest-4.9.43-1.mga6.i586.rpm kernel-tmb-desktop-latest-4.9.43-1.mga6.i586.rpm kernel-tmb-source-4.9.43-1.mga6-1-1.mga6.noarch.rpm kernel-tmb-source-latest-4.9.43-1.mga6.noarch.rpm x86_64: kernel-tmb-desktop-4.9.43-1.mga6-1-1.mga6.x86_64.rpm kernel-tmb-desktop-devel-4.9.43-1.mga6-1-1.mga6.x86_64.rpm kernel-tmb-desktop-devel-latest-4.9.43-1.mga6.x86_64.rpm kernel-tmb-desktop-latest-4.9.43-1.mga6.x86_64.rpm kernel-tmb-source-4.9.43-1.mga6-1-1.mga6.noarch.rpm kernel-tmb-source-latest-4.9.43-1.mga6.noarch.rpm
Mageia release 6 (Cauldron) for x86_64 4.9.34-desktop-3.mga6 Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz NVIDIA Corporation GK107M [GeForce GT 650M] RAM 7.75 GB Legacy boot Replaced microcode-0.20170707-1.mga6.nonfree.noarch and installed - kernel-tmb-desktop-4.9.43-1.mga6-1-1.mga6.x86_64 - kernel-tmb-desktop-devel-4.9.43-1.mga6-1-1.mga6.x86_64 - kernel-tmb-desktop-devel-latest-4.9.43-1.mga6.x86_64 - kernel-tmb-desktop-latest-4.9.43-1.mga6.x86_64 - kernel-tmb-source-4.9.43-1.mga6-1-1.mga6.noarch - kernel-tmb-source-latest-4.9.43-1.mga6.noarch # drakboot --boot Rebooted to Mate. $ uname -r 4.9.43-tmb-desktop-1.mga6 Desktop in working order. Ran a few stress tests. Sound and vision OK with vlc. Networking and NFS shares OK.
CC: (none) => tarazed25
On mga6-64 Packages installed cleanly: kernel-tmb-desktop-4.9.43-1.mga6-1-1.mga6 kernel-tmb-desktop-latest-4.9.43-1.mga6 kernel-tmb-desktop-devel-latest-4.9.43-1.mga6 kernel-tmb-desktop-devel-4.9.43-1.mga6-1-1.mga6 Executed drakboot System rebooted normally from the default entry in the boot menu No problems in normal use Virtualbox and client launched normally OK for mga6-64 on this system: Dell product: Precision Tower 3620 Mobo: Dell model: 09WH54 Card: Intel HD Graphics 530 CPU: Quad core Intel Core i7-6700 (-HT-MCP-) PC-BIOS (legacy) boot GPT partitions
CC: (none) => jim
On mga6-32 in a vbox VM Packages installed cleanly: - kernel-tmb-desktop-4.9.43-1.mga6-1-1.mga6.i586 - kernel-tmb-desktop-devel-4.9.43-1.mga6-1-1.mga6.i586 - kernel-tmb-desktop-devel-latest-4.9.43-1.mga6.i586 - kernel-tmb-desktop-latest-4.9.43-1.mga6.i586 I had to enable PAE in the VM in order to boot this kernel System booted normally from the default entry in the boot menu $ uname -r 4.9.43-tmb-desktop-1.mga6 No problems noted in normal use OK for mga6-32 in a vbox VM
Mageia release 6 (Official) for x86_64 4.9.38-desktop-1.mga6 Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz NVIDIA Corporation GM204 [GeForce GTX 970] RAM 31.37 GB Six packages installed. $ drakboot --boot Reinstalled bootloader Rebooted to Mate. Ran 30 second stress tests on RAM, CPU cores, IO, and HDD. Desktop running fine. $ uname -r 4.9.43-tmb-desktop-1.mga6
AMD Athlon X2-3800 with Nvidia integrated graphics. (physical hardware test on M6) $ uname -a Linux localhost.localdomain 4.9.43-tmb-desktop-1.mga6 #1 SMP PREEMPT Sun Aug 13 19:34:16 UTC 2017 i686 i686 i686 GNU/Linux - Desktop is fine - Libreoffice working - Firefox working - sound works able to play videos and music
CC: (none) => brtians1
Spent more hours running this kernel. Seems to be working as designed. A number of high I/O and video events, no issues to report.
Whiteboard: (none) => mga6-32-ok
Advisory: This kernel update is based on upstream 4.9.43 and fixes atleast the following security issues: The curseg->segno call in f2fs driver can be malformed so that it will have a value that triggers an out of boundary write that could cause memory corruption on the affected devices, leading to code execution in the kernel context. This would allow for more data to be accessed and controlled by the malware (CVE-2017-10663). The UDP Fragmentation Offload (UFO) feature is vulnerable to out-of-bounds writes causing exploitable memory corruption. If unprivileged user namespaces are available, this bug can be exploited to gain root privileges (CVE-2017-1000112). For other upstream fixes in this update, read the referenced changelogs.
Whiteboard: mga6-32-ok => mga6-32-ok advisory
Testing M6_64 real H/W with Radeon/ATI graphics kernel-tmb-desktop-latest-4.9.43-1.mga6 kernel-tmb-desktop-4.9.43-1.mga6-1-1.mga6 $ uname -r 4.9.43-tmb-desktop-1.mga6 Have been using this without problems. Giving it the 64-bit OK largely due to the several earlier & more serious good reports. Validating.
Whiteboard: mga6-32-ok advisory => mga6-32-ok advisory MGA6-64-OKKeywords: (none) => validated_updateCC: (none) => lewyssmith, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2017-0296.html
Status: NEW => RESOLVEDResolution: (none) => FIXED