Mageia release 5 (Official) for x86_64
4.4.92-desktop-1.mga5
Intel(R) Core(TM) i7-4790K CPU @ 4.00GHz
NVIDIA Corporation GK104 [GeForce GTX 770]
nvidia 384.59
Mobo: Gigabyte model: G1.Sniper Z97 v: x.x
Bios: American Megatrends v: F6 date: 05/30/2014

Updates:
- kernel-linus-4.4.92-1.mga5-1-1.mga5.x86_64
- kernel-linus-devel-4.4.92-1.mga5-1-1.mga5.x86_64
- kernel-linus-devel-latest-4.4.92-1.mga5.x86_64
- kernel-linus-doc-4.4.92-1.mga5.noarch
- kernel-linus-latest-4.4.92-1.mga5.x86_64
- kernel-linus-source-4.4.92-1.mga5-1-1.mga5.noarch
- kernel-linus-source-latest-4.4.92-1.mga5.noarch
modules built:
nvidia-current (384.59-1.mga5.nonfree)
virtualbox (5.1.26-1.mga5)

# drakboot --boot

Rebooted to Mate desktop.
$ uname -r
4.4.92-1.mga5
Network shares mounted OK.  Remote login on LAN.  X working fine over the network.  
Looked at some desktop applications and tried out vlc for video and TV.  HD TV and bluetooth sound worked well with kaffeine also.  Added a wifi printer under
HPLIP and printed a testpage from CUPS in firefox.
virtualbox working fine.  Ran up all four VDIs in succession and logged in to each.
Logged out to try GNOME, then GNOME Classic.  They worked fine.  GNOME Wayland came straight back to the login prompt.

Generally speaking this kernel appears to be OK.

CC: (none) => tarazed25

On real hardware, M5.1, Plasma, 64-bit

Testing: kernel-linus-latest

[root@localhost wilcal]# uname -a
Linux localhost 4.4.92-1.mga5 #1 SMP Thu Oct 12 22:06:32 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
[root@localhost wilcal]# urpmi kernel-linus-latest
Package kernel-linus-latest-4.4.92-1.mga5.x86_64 is already installed

Boots to a working desktop. Screen resolution is correct. Common apps work.

CC: (none) => wilcal.int

Advisory (also added to svn)


This kernel update is based on upstream 4.4.92 and fixes atleast the
following security issues:

A security flaw was discovered in nl80211_set_rekey_data() function in the
Linux kernel since v3.1-rc1 through v4.13. This function does not check
whether the required attributes are present in a netlink request. This
request can be issued by a user with CAP_NET_ADMIN privilege and may result
in NULL dereference and a system crash (CVE-2017-12153).

Linux kernel built with the KVM visualization support (CONFIG_KVM), with
nested visualization (nVMX) feature enabled (nested=1), is vulnerable to a
crash due to disabled external interrupts. As L2 guest could acce s (r/w)
hardware CR8 register of the host(L0). In a nested visualization setup,
L2 guest user could use this flaw to potentially crash the host(L0)
resulting in DoS (CVE-2017-12154).

The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before
4.12 allows local users to cause a denial of service (__tcp_select_window
divide-by-zero error and system crash) by triggering a disconnect within a
certain tcp_recvmsg code path (CVE-2017-14106).

The atyfb_ioctl function in drivers/video/fbdev/aty/atyfb_base.c in the
Linux kernel through 4.12.10 does not initialize a certain data structure,
which allows local users to obtain sensitive information from kernel stack
memory by reading locations associated with padding bytes (CVE-2017-14156).

It was found that the iscsi_if_rx() function in scsi_transport_iscsi.c in
the Linux kernel since v2.6.24-rc1 through 4.13.2 allows local users to
cause a denial of service (a system panic) by making a number of certain
syscalls by leveraging incorrect length validation in the kernel code
(CVE-2017-14489).

The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4
allows local users to obtain sensitive information from uninitialized kernel
heap-memory locations via an SG_GET_REQUEST_TABLE ioctl call for /dev/sg0
(CVE-2017-14991).

A reachable assertion failure flaw was found in the Linux kernel built with
KVM virtualisation(CONFIG_KVM) support with Virtual Function I/O feature
(CONFIG_VFIO) enabled. This failure could occur if a malicious guest device
sent a virtual interrupt (guest IRQ) with a larger (>1024) index value
(CVE-2017-1000252).

Keywords: (none) => advisory

Host: markab Kernel: 4.4.92-tmb-desktop-1.mga5 x86_64
Mobo: GIGABYTE model: X5
Quad core Intel Core i7-5700HQ (-HT-MCP-) clocked at 2700 MHz
Card-1: NVIDIA GM204M [GeForce GTX 965M]
Card-2: NVIDIA GM204M [GeForce GTX 965M]
GLX Renderer: GeForce GTX 965M/PCIe/SSE2
GLX Version: 4.5.0 NVIDIA 384.59
RAM: 1094.9/15980.6MB

Installed:
- kernel-linus-4.4.92-1.mga5-1-1.mga5.x86_64
- kernel-linus-devel-4.4.92-1.mga5-1-1.mga5.x86_64
- kernel-linus-devel-latest-4.4.92-1.mga5.x86_64
- kernel-linus-doc-4.4.92-1.mga5.noarch
- kernel-linus-latest-4.4.92-1.mga5.x86_64
- kernel-linus-source-4.4.92-1.mga5-1-1.mga5.noarch
- kernel-linus-source-latest-4.4.92-1.mga5.noarch

# drakboot --boot

Rebooted to Mate desktop 
$ uname -r
4.4.92-1.mga5

stress tests, glxsphere64 and glmark2 ran fine.
Sound and video working, image viewers, urpmi, mcc, common desktop applications, all OK.

In a Vbox client, M5.1, KDE, 32-bit

Testing: kernel-linus-latest

[root@localhost wilcal]# uname -a
Linux localhost 4.4.92-1.mga5 #1 SMP Thu Oct 12 21:42:19 UTC 2017 i686 i686 i686 GNU/Linux
[root@localhost wilcal]# urpmi kernel-linus-latest
Package kernel-linus-latest-4.4.92-1.mga5.i586 is already installed

Boots to a working desktop. Screen resolution is correct. Common apps work.

Correction to Comment 2

Line "On real hardware, M5.1, Plasma, 64-bit"

Should read "On real hardware, M5.1, KDE, 64-bit"

This update works fine.
Testing complete for MGA6, 32-bit & 64-bit
Validating the update.
Could someone from the sysadmin team push to updates.
Thanks

Keywords: (none) => validated_update
Whiteboard: MGA5-64-OK => MGA5-32-OK MGA5-64-OK
CC: (none) => sysadmin-bugs

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2017-0387.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED