Mageia release 5 (Official) for x86_64
4.4.79-desktop-1.mga5 : nvidia 375.66
Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
Intel Corporation Xeon E3-1200 v3/4th Gen 
NVIDIA Corporation GK104 [GeForce GTX 770] 
RAM 15.35 GB
UEFI boot

Clean install.  kernel-firmware-nonfree-20160914-1 had to be removed.
# drakboot --boot
Rebooted to Mate - nvidia module rebuilt on the fly.  Desktop functioning normally.
$ uname -r
4.4.82-tmb-desktop-1.mga5
Ran a series of hardware stress tests - all OK.

CC: (none) => tarazed25

(In reply to Len Lawrence from comment #1)
> kernel-firmware-nonfree-20160914-1 had to be removed.

Sounds odd Len.

@Claire: comment 2
It was actually replaced by a 2017 package, which I forgot to note.

Mageia release 6 (Cauldron) for x86_64
4.9.34-desktop-3.mga6
Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz
NVIDIA Corporation GK107M [GeForce GT 650M] 
RAM  7.75 GB
Legacy boot

Replaced microcode-0.20170707-1.mga6.nonfree.noarch and installed
- kernel-tmb-desktop-4.9.43-1.mga6-1-1.mga6.x86_64
- kernel-tmb-desktop-devel-4.9.43-1.mga6-1-1.mga6.x86_64
- kernel-tmb-desktop-devel-latest-4.9.43-1.mga6.x86_64
- kernel-tmb-desktop-latest-4.9.43-1.mga6.x86_64
- kernel-tmb-source-4.9.43-1.mga6-1-1.mga6.noarch
- kernel-tmb-source-latest-4.9.43-1.mga6.noarch
# drakboot --boot
Rebooted to Mate.
$ uname -r
4.9.43-tmb-desktop-1.mga6
Desktop in working order.  Ran a few stress tests.  Sound and vision OK with vlc.  Networking and NFS shares OK for reading.  There is a strange problem with writing to the shared directory.  The folder is mounted rw but it cannot be written to on this machine.  First time this problem has occurred.

[lcl@juza ~]$ cat /etc/mtab | grep belexeuli
belexeuli:/home/lcl/pad /home/lcl/pad nfs4 rw,nosuid,relatime,vers=4.2,rsize=8192,wsize=8192,namlen=255,soft,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=<juza>,local_lock=none,addr=<belexeuli> 0 0
This is the same on any satellite machine.

Duh!  Found it.  The cause is mismatched uid:gid which happens when you compare CMS and EFI installations, 500 versus 1000.  Changing things at this stage gets you into all sorts of trouble like not being able to log in.  Looks like I shall have to abandon NFS on MBR machines except for copy-from operations.

Anyway, nothing to do with the kernel.  Have to remember in future to set the user parameters at system installation time.

On mga5-64

Packages installed cleanly:
- kernel-tmb-desktop-4.4.82-1.mga5-1-1.mga5.x86_64
- kernel-tmb-desktop-devel-4.4.82-1.mga5-1-1.mga5.x86_64
- kernel-tmb-desktop-devel-latest-4.4.82-1.mga5.x86_64
- kernel-tmb-desktop-latest-4.4.82-1.mga5.x86_64

The system booted normally from the advanced option in the boot menu
$ uname -r
4.4.82-tmb-desktop-1.mga5

No problems in normal use

Virtualbox and client launched normally

OK for mga5-64 on this system:

Dell product: Precision Tower 3620
Mobo: Dell model: 09WH54 
Card: Intel HD Graphics 530
CPU: Quad core Intel Core i7-6700 (-HT-MCP-)
PC-BIOS boot
GPT partitions

CC: (none) => jim

On mga5-32 in a vbox VM

Packages installed cleanly:
- kernel-tmb-desktop-4.4.82-1.mga5-1-1.mga5.i586
- kernel-tmb-desktop-devel-4.4.82-1.mga5-1-1.mga5.i586
- kernel-tmb-desktop-devel-latest-4.4.82-1.mga5.i586
- kernel-tmb-desktop-latest-4.4.82-1.mga5.i586

VM booted normally from the advanced option in the boot menu

No problems in normal use

OK for mga5-32 in a vbox VM

mga5-32
Installed kernel-tmb-desktop-4.4.82-1 on physical hardware

Processor: Pentium(R) Dual-Core  CPU      E5800  @ 3.20GHz
Video: 4 Series Chipset Integrated Graphics Controller


$ uname -a
Linux localhost 4.4.82-tmb-desktop-1.mga5 #1 SMP PREEMPT Sun Aug 13 19:58:40 UTC 2017 i686 i686 i686 GNU/Linux

- firefox works.
- pluma works
- hexchat works
- libreoffice is working
- gimp opens

appears to be working as designed on physical hardware to me.

Whiteboard: (none) => mga5-32-ok
CC: (none) => brtians1

Advisory:

  This kernel update is based on upstream 4.4.82 and fixes atleast the
  following security issues:

  The curseg->segno call in f2fs driver can be malformed so that it will have
  a value that triggers an out of boundary write that could cause memory
  corruption on the affected devices, leading to code execution in the kernel
  context. This would allow for more data to be accessed and controlled by
  the malware (CVE-2017-10663).

  The UDP Fragmentation Offload (UFO) feature is vulnerable to out-of-bounds
  writes causing exploitable memory corruption. If unprivileged user
  namespaces are available, this bug can be exploited to gain root privileges
  (CVE-2017-1000112).

  For other upstream fixes in this update, read the referenced changelogs.

Whiteboard: mga5-32-ok => mga5-32-ok advisory

In a Vbox client, M5.1, KDE, 64-bit

Testing: kernel-tmb-desktop-latest

[root@localhost wilcal]# uname -a
Linux localhost 4.4.82-tmb-desktop-1.mga5 #1 SMP PREEMPT Sun Aug 13 20:00:41 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost wilcal]# urpmi kernel-tmb-desktop-latest
Package kernel-tmb-desktop-latest-4.4.82-1.mga5.x86_64 is already installed

Boots to a working desktop. Screen resolution is correct. Common apps work.

CC: (none) => wilcal.int

In a Vbox client, M5.1, KDE, 32-bit

Testing: kernel-tmb-desktop-latest

[root@localhost wilcal]# uname -a
Linux localhost 4.4.82-tmb-desktop-1.mga5 #1 SMP PREEMPT Sun Aug 13 19:58:40 UTC 2017 i686 i686 i686 GNU/Linux
[root@localhost wilcal]# urpmi kernel-tmb-desktop-latest
Package kernel-tmb-desktop-latest-4.4.82-1.mga5.i586 is already installed

Boots to a working desktop. Screen resolution is correct. Common apps work.

This looks good. Shall we push it on?

An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2017-0288.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED