New kernels to test, contains security fixes for atleast a local root exploit, advisory will follow... SRPMS: kernel-tmb-4.4.82-1.mga5.src.rpm i586: kernel-tmb-desktop-4.4.82-1.mga5-1-1.mga5.i586.rpm kernel-tmb-desktop-devel-4.4.82-1.mga5-1-1.mga5.i586.rpm kernel-tmb-desktop-devel-latest-4.4.82-1.mga5.i586.rpm kernel-tmb-desktop-latest-4.4.82-1.mga5.i586.rpm kernel-tmb-source-4.4.82-1.mga5-1-1.mga5.noarch.rpm kernel-tmb-source-latest-4.4.82-1.mga5.noarch.rpm x86_64: kernel-tmb-desktop-4.4.82-1.mga5-1-1.mga5.x86_64.rpm kernel-tmb-desktop-devel-4.4.82-1.mga5-1-1.mga5.x86_64.rpm kernel-tmb-desktop-devel-latest-4.4.82-1.mga5.x86_64.rpm kernel-tmb-desktop-latest-4.4.82-1.mga5.x86_64.rpm kernel-tmb-source-4.4.82-1.mga5-1-1.mga5.noarch.rpm kernel-tmb-source-latest-4.4.82-1.mga5.noarch.rpm
Mageia release 5 (Official) for x86_64 4.4.79-desktop-1.mga5 : nvidia 375.66 Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz Intel Corporation Xeon E3-1200 v3/4th Gen NVIDIA Corporation GK104 [GeForce GTX 770] RAM 15.35 GB UEFI boot Clean install. kernel-firmware-nonfree-20160914-1 had to be removed. # drakboot --boot Rebooted to Mate - nvidia module rebuilt on the fly. Desktop functioning normally. $ uname -r 4.4.82-tmb-desktop-1.mga5 Ran a series of hardware stress tests - all OK.
CC: (none) => tarazed25
(In reply to Len Lawrence from comment #1) > kernel-firmware-nonfree-20160914-1 had to be removed. Sounds odd Len.
@Claire: comment 2 It was actually replaced by a 2017 package, which I forgot to note.
Mageia release 6 (Cauldron) for x86_64 4.9.34-desktop-3.mga6 Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz NVIDIA Corporation GK107M [GeForce GT 650M] RAM 7.75 GB Legacy boot Replaced microcode-0.20170707-1.mga6.nonfree.noarch and installed - kernel-tmb-desktop-4.9.43-1.mga6-1-1.mga6.x86_64 - kernel-tmb-desktop-devel-4.9.43-1.mga6-1-1.mga6.x86_64 - kernel-tmb-desktop-devel-latest-4.9.43-1.mga6.x86_64 - kernel-tmb-desktop-latest-4.9.43-1.mga6.x86_64 - kernel-tmb-source-4.9.43-1.mga6-1-1.mga6.noarch - kernel-tmb-source-latest-4.9.43-1.mga6.noarch # drakboot --boot Rebooted to Mate. $ uname -r 4.9.43-tmb-desktop-1.mga6 Desktop in working order. Ran a few stress tests. Sound and vision OK with vlc. Networking and NFS shares OK for reading. There is a strange problem with writing to the shared directory. The folder is mounted rw but it cannot be written to on this machine. First time this problem has occurred. [lcl@juza ~]$ cat /etc/mtab | grep belexeuli belexeuli:/home/lcl/pad /home/lcl/pad nfs4 rw,nosuid,relatime,vers=4.2,rsize=8192,wsize=8192,namlen=255,soft,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=<juza>,local_lock=none,addr=<belexeuli> 0 0 This is the same on any satellite machine. Duh! Found it. The cause is mismatched uid:gid which happens when you compare CMS and EFI installations, 500 versus 1000. Changing things at this stage gets you into all sorts of trouble like not being able to log in. Looks like I shall have to abandon NFS on MBR machines except for copy-from operations. Anyway, nothing to do with the kernel. Have to remember in future to set the user parameters at system installation time.
On mga5-64 Packages installed cleanly: - kernel-tmb-desktop-4.4.82-1.mga5-1-1.mga5.x86_64 - kernel-tmb-desktop-devel-4.4.82-1.mga5-1-1.mga5.x86_64 - kernel-tmb-desktop-devel-latest-4.4.82-1.mga5.x86_64 - kernel-tmb-desktop-latest-4.4.82-1.mga5.x86_64 The system booted normally from the advanced option in the boot menu $ uname -r 4.4.82-tmb-desktop-1.mga5 No problems in normal use Virtualbox and client launched normally OK for mga5-64 on this system: Dell product: Precision Tower 3620 Mobo: Dell model: 09WH54 Card: Intel HD Graphics 530 CPU: Quad core Intel Core i7-6700 (-HT-MCP-) PC-BIOS boot GPT partitions
CC: (none) => jim
On mga5-32 in a vbox VM Packages installed cleanly: - kernel-tmb-desktop-4.4.82-1.mga5-1-1.mga5.i586 - kernel-tmb-desktop-devel-4.4.82-1.mga5-1-1.mga5.i586 - kernel-tmb-desktop-devel-latest-4.4.82-1.mga5.i586 - kernel-tmb-desktop-latest-4.4.82-1.mga5.i586 VM booted normally from the advanced option in the boot menu No problems in normal use OK for mga5-32 in a vbox VM
mga5-32 Installed kernel-tmb-desktop-4.4.82-1 on physical hardware Processor: Pentium(R) Dual-Core CPU E5800 @ 3.20GHz Video: 4 Series Chipset Integrated Graphics Controller $ uname -a Linux localhost 4.4.82-tmb-desktop-1.mga5 #1 SMP PREEMPT Sun Aug 13 19:58:40 UTC 2017 i686 i686 i686 GNU/Linux - firefox works. - pluma works - hexchat works - libreoffice is working - gimp opens appears to be working as designed on physical hardware to me.
Whiteboard: (none) => mga5-32-okCC: (none) => brtians1
Advisory: This kernel update is based on upstream 4.4.82 and fixes atleast the following security issues: The curseg->segno call in f2fs driver can be malformed so that it will have a value that triggers an out of boundary write that could cause memory corruption on the affected devices, leading to code execution in the kernel context. This would allow for more data to be accessed and controlled by the malware (CVE-2017-10663). The UDP Fragmentation Offload (UFO) feature is vulnerable to out-of-bounds writes causing exploitable memory corruption. If unprivileged user namespaces are available, this bug can be exploited to gain root privileges (CVE-2017-1000112). For other upstream fixes in this update, read the referenced changelogs.
Whiteboard: mga5-32-ok => mga5-32-ok advisory
In a Vbox client, M5.1, KDE, 64-bit Testing: kernel-tmb-desktop-latest [root@localhost wilcal]# uname -a Linux localhost 4.4.82-tmb-desktop-1.mga5 #1 SMP PREEMPT Sun Aug 13 20:00:41 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux [root@localhost wilcal]# urpmi kernel-tmb-desktop-latest Package kernel-tmb-desktop-latest-4.4.82-1.mga5.x86_64 is already installed Boots to a working desktop. Screen resolution is correct. Common apps work.
CC: (none) => wilcal.int
In a Vbox client, M5.1, KDE, 32-bit Testing: kernel-tmb-desktop-latest [root@localhost wilcal]# uname -a Linux localhost 4.4.82-tmb-desktop-1.mga5 #1 SMP PREEMPT Sun Aug 13 19:58:40 UTC 2017 i686 i686 i686 GNU/Linux [root@localhost wilcal]# urpmi kernel-tmb-desktop-latest Package kernel-tmb-desktop-latest-4.4.82-1.mga5.i586 is already installed Boots to a working desktop. Screen resolution is correct. Common apps work.
Whiteboard: mga5-32-ok advisory => mga5-32-ok mga5-64-ok advisory
This looks good. Shall we push it on?
Keywords: (none) => validated_updateCC: (none) => lewyssmith, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2017-0288.html
Status: NEW => RESOLVEDResolution: (none) => FIXED