Bug 21522 - Update request: kernel-tmb-4.4.82-1.mga5
Summary: Update request: kernel-tmb-4.4.82-1.mga5
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 5
Hardware: All Linux
Priority: Normal critical
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
Whiteboard: mga5-32-ok mga5-64-ok advisory
Keywords: validated_update
Depends on:
Reported: 2017-08-13 23:53 CEST by Thomas Backlund
Modified: 2017-08-20 10:49 CEST (History)
6 users (show)

See Also:
Source RPM: kernel-tmb
Status comment:


Description Thomas Backlund 2017-08-13 23:53:47 CEST
New kernels to test, contains security fixes for atleast a local root exploit, advisory will follow...



Comment 1 Len Lawrence 2017-08-14 12:32:59 CEST
Mageia release 5 (Official) for x86_64
4.4.79-desktop-1.mga5 : nvidia 375.66
Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Intel Corporation Xeon E3-1200 v3/4th Gen 
NVIDIA Corporation GK104 [GeForce GTX 770] 
RAM 15.35 GB
UEFI boot

Clean install.  kernel-firmware-nonfree-20160914-1 had to be removed.
# drakboot --boot
Rebooted to Mate - nvidia module rebuilt on the fly.  Desktop functioning normally.
$ uname -r
Ran a series of hardware stress tests - all OK.

CC: (none) => tarazed25

Comment 2 claire robinson 2017-08-14 18:47:40 CEST
(In reply to Len Lawrence from comment #1)
> kernel-firmware-nonfree-20160914-1 had to be removed.

Sounds odd Len.
Comment 3 Len Lawrence 2017-08-14 21:06:50 CEST
@Claire: comment 2
It was actually replaced by a 2017 package, which I forgot to note.
Comment 4 Len Lawrence 2017-08-14 21:17:44 CEST
Mageia release 6 (Cauldron) for x86_64
Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
NVIDIA Corporation GK107M [GeForce GT 650M] 
RAM  7.75 GB
Legacy boot

Replaced microcode-0.20170707-1.mga6.nonfree.noarch and installed
- kernel-tmb-desktop-4.9.43-1.mga6-1-1.mga6.x86_64
- kernel-tmb-desktop-devel-4.9.43-1.mga6-1-1.mga6.x86_64
- kernel-tmb-desktop-devel-latest-4.9.43-1.mga6.x86_64
- kernel-tmb-desktop-latest-4.9.43-1.mga6.x86_64
- kernel-tmb-source-4.9.43-1.mga6-1-1.mga6.noarch
- kernel-tmb-source-latest-4.9.43-1.mga6.noarch
# drakboot --boot
Rebooted to Mate.
$ uname -r
Desktop in working order.  Ran a few stress tests.  Sound and vision OK with vlc.  Networking and NFS shares OK for reading.  There is a strange problem with writing to the shared directory.  The folder is mounted rw but it cannot be written to on this machine.  First time this problem has occurred.

[lcl@juza ~]$ cat /etc/mtab | grep belexeuli
belexeuli:/home/lcl/pad /home/lcl/pad nfs4 rw,nosuid,relatime,vers=4.2,rsize=8192,wsize=8192,namlen=255,soft,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=<juza>,local_lock=none,addr=<belexeuli> 0 0
This is the same on any satellite machine.

Duh!  Found it.  The cause is mismatched uid:gid which happens when you compare CMS and EFI installations, 500 versus 1000.  Changing things at this stage gets you into all sorts of trouble like not being able to log in.  Looks like I shall have to abandon NFS on MBR machines except for copy-from operations.

Anyway, nothing to do with the kernel.  Have to remember in future to set the user parameters at system installation time.
Comment 5 James Kerr 2017-08-15 16:03:41 CEST
On mga5-64

Packages installed cleanly:
- kernel-tmb-desktop-4.4.82-1.mga5-1-1.mga5.x86_64
- kernel-tmb-desktop-devel-4.4.82-1.mga5-1-1.mga5.x86_64
- kernel-tmb-desktop-devel-latest-4.4.82-1.mga5.x86_64
- kernel-tmb-desktop-latest-4.4.82-1.mga5.x86_64

The system booted normally from the advanced option in the boot menu
$ uname -r

No problems in normal use

Virtualbox and client launched normally

OK for mga5-64 on this system:

Dell product: Precision Tower 3620
Mobo: Dell model: 09WH54 
Card: Intel HD Graphics 530
CPU: Quad core Intel Core i7-6700 (-HT-MCP-)
PC-BIOS boot
GPT partitions

CC: (none) => jim

Comment 6 James Kerr 2017-08-15 16:11:01 CEST
On mga5-32 in a vbox VM

Packages installed cleanly:
- kernel-tmb-desktop-4.4.82-1.mga5-1-1.mga5.i586
- kernel-tmb-desktop-devel-4.4.82-1.mga5-1-1.mga5.i586
- kernel-tmb-desktop-devel-latest-4.4.82-1.mga5.i586
- kernel-tmb-desktop-latest-4.4.82-1.mga5.i586

VM booted normally from the advanced option in the boot menu

No problems in normal use

OK for mga5-32 in a vbox VM
Comment 7 Brian Rockwell 2017-08-18 15:24:59 CEST
Installed kernel-tmb-desktop-4.4.82-1 on physical hardware

Processor: Pentium(R) Dual-Core  CPU      E5800  @ 3.20GHz
Video: 4 Series Chipset Integrated Graphics Controller

$ uname -a
Linux localhost 4.4.82-tmb-desktop-1.mga5 #1 SMP PREEMPT Sun Aug 13 19:58:40 UTC 2017 i686 i686 i686 GNU/Linux

- firefox works.
- pluma works
- hexchat works
- libreoffice is working
- gimp opens

appears to be working as designed on physical hardware to me.

Whiteboard: (none) => mga5-32-ok
CC: (none) => brtians1

Comment 8 Thomas Backlund 2017-08-18 18:47:33 CEST

  This kernel update is based on upstream 4.4.82 and fixes atleast the
  following security issues:

  The curseg->segno call in f2fs driver can be malformed so that it will have
  a value that triggers an out of boundary write that could cause memory
  corruption on the affected devices, leading to code execution in the kernel
  context. This would allow for more data to be accessed and controlled by
  the malware (CVE-2017-10663).

  The UDP Fragmentation Offload (UFO) feature is vulnerable to out-of-bounds
  writes causing exploitable memory corruption. If unprivileged user
  namespaces are available, this bug can be exploited to gain root privileges

  For other upstream fixes in this update, read the referenced changelogs.

Whiteboard: mga5-32-ok => mga5-32-ok advisory

Comment 9 William Kenney 2017-08-19 22:27:47 CEST
In a Vbox client, M5.1, KDE, 64-bit

Testing: kernel-tmb-desktop-latest

[root@localhost wilcal]# uname -a
Linux localhost 4.4.82-tmb-desktop-1.mga5 #1 SMP PREEMPT Sun Aug 13 20:00:41 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost wilcal]# urpmi kernel-tmb-desktop-latest
Package kernel-tmb-desktop-latest-4.4.82-1.mga5.x86_64 is already installed

Boots to a working desktop. Screen resolution is correct. Common apps work.

CC: (none) => wilcal.int

Comment 10 William Kenney 2017-08-19 22:28:07 CEST
In a Vbox client, M5.1, KDE, 32-bit

Testing: kernel-tmb-desktop-latest

[root@localhost wilcal]# uname -a
Linux localhost 4.4.82-tmb-desktop-1.mga5 #1 SMP PREEMPT Sun Aug 13 19:58:40 UTC 2017 i686 i686 i686 GNU/Linux
[root@localhost wilcal]# urpmi kernel-tmb-desktop-latest
Package kernel-tmb-desktop-latest-4.4.82-1.mga5.i586 is already installed

Boots to a working desktop. Screen resolution is correct. Common apps work.
William Kenney 2017-08-19 22:28:34 CEST

Whiteboard: mga5-32-ok advisory => mga5-32-ok mga5-64-ok advisory

Comment 11 William Kenney 2017-08-19 22:30:41 CEST
This looks good. Shall we push it on?
Lewis Smith 2017-08-20 09:57:54 CEST

Keywords: (none) => validated_update
CC: (none) => lewyssmith, sysadmin-bugs

Comment 12 Mageia Robot 2017-08-20 10:49:23 CEST
An update for this issue has been pushed to the Mageia Updates repository.


Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.