Bug 22179 - Update request: kernel-tmb 4.4.105
Summary: Update request: kernel-tmb 4.4.105
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 5
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA5-64-OK MGA5-32-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2017-12-12 09:30 CET by Thomas Backlund
Modified: 2017-12-24 15:35 CET (History)
5 users (show)

See Also:
Source RPM: kernel-tmb
CVE:
Status comment:


Attachments

Description Thomas Backlund 2017-12-12 09:30:46 CET
New security issues fixed.

Advisory will follow...

SRPMS:
kernel-tmb-4.4.105-1.mga5.src.rpm


i586:
kernel-tmb-desktop-4.4.105-1.mga5-1-1.mga5.i586.rpm
kernel-tmb-desktop-devel-4.4.105-1.mga5-1-1.mga5.i586.rpm
kernel-tmb-desktop-devel-latest-4.4.105-1.mga5.i586.rpm
kernel-tmb-desktop-latest-4.4.105-1.mga5.i586.rpm
kernel-tmb-source-4.4.105-1.mga5-1-1.mga5.noarch.rpm
kernel-tmb-source-latest-4.4.105-1.mga5.noarch.rpm


x86_64:
kernel-tmb-desktop-4.4.105-1.mga5-1-1.mga5.x86_64.rpm
kernel-tmb-desktop-devel-4.4.105-1.mga5-1-1.mga5.x86_64.rpm
kernel-tmb-desktop-devel-latest-4.4.105-1.mga5.x86_64.rpm
kernel-tmb-desktop-latest-4.4.105-1.mga5.x86_64.rpm
kernel-tmb-source-4.4.105-1.mga5-1-1.mga5.noarch.rpm
kernel-tmb-source-latest-4.4.105-1.mga5.noarch.rpm
Comment 1 Lewis Smith 2017-12-16 10:14:01 CET
Wanting to test M5/64
I updated all my M5 kernels from updates_testing, but after re-boot I find myself with:
 $ uname -r
 4.4.103-tmb-desktop-1.mga5
and re-trying updating them shows me no more kernels in updates_testing.
If it helps, this kernel is not showing any problems.

CC: (none) => lewyssmith

Comment 2 Len Lawrence 2017-12-16 10:46:24 CET
@lewis
The distrib.coffee problem might have something to do with this.  I saw something similar with kernel 4.14.5.1.  I noticed later on one machine that what had been installed was 4.14.4.1.

CC: (none) => tarazed25

Comment 3 James Kerr 2017-12-16 11:44:35 CET
It's a good idea to check your mirror's status before installing from testing:

http://mirrors.mageia.org/status

CC: (none) => jim

Comment 4 Len Lawrence 2017-12-16 22:14:09 CET
Mageia 5 :: x86_64
kernel 4.4.92-desktop-1.mga5

Updated to kernel linus.
$ sudo drakboot --boot
Rebooted to working Mate desktop.
System:    Host: vega Kernel: 4.4.105-1.mga5 x86_64 (64 bit) Desktop: N/A 
           Distro: Mageia 5 thornicroft 
Machine:   Mobo: Gigabyte model: G1.Sniper Z97 v: x.x
           Bios: American Megatrends v: F6 date: 05/30/2014
Network:   Card-1: Qualcomm Atheros Killer E220x Gigabit Ethernet Controller
           driver: alx
           Card-2: Ralink RT3090 Wireless 802.11n 1T/1R PCIe driver: rt2800pci
Graphics:  Card-1: Intel Xeon E3-1200 v3/4th Gen Core Processor Integrated Graphics Controller
           Card-2: NVIDIA GK104 [GeForce GTX 770]
           Display Server: X.Org 1.16.4 drivers: nvidia,v4l,intel
           Resolution: 2560x1440, 1024x768
           GLX Renderer: GeForce GTX 770/PCIe/SSE2
           GLX Version: 4.5.0 NVIDIA 384.98
RAM:       15.35 GB

Passed all four stress tests, cpu, vm, io and hdd.
glmark2 ran fine.  pulseaudio sound and video OK.  Common desktop applications OK. 
Viewing digital TV in vlc with Freeview input from an antenna.  Bluetooth (blueman) paired immediately with audio device.  NFS shared directories mounted automatically.  Remote logins and file copying works.
Comment 5 Len Lawrence 2017-12-16 22:15:06 CET
Darn.  Wrong bug again.
Comment 6 Len Lawrence 2017-12-17 13:03:44 CET
Mageia 5 :: x86_64

Changed mirror to ftp://ftp.klid.dk/mageia/distrib/5/x86_64/media/core/updates_testing/kernel-tmb-source-latest-4.4.105-1.mga5.noarch.rpm
and installed all six packages.
# rpm -qa | grep kernel-tmb
kernel-tmb-desktop-devel-4.4.105-1.mga5-1-1.mga5
kernel-tmb-desktop-4.4.105-1.mga5-1-1.mga5
kernel-tmb-source-latest-4.4.105-1.mga5
kernel-tmb-desktop-devel-latest-4.4.105-1.mga5
kernel-tmb-source-4.4.105-1.mga5-1-1.mga5
kernel-tmb-desktop-latest-4.4.105-1.mga5

$ drakboot --boot
$ reboot
nvidia-current, vboxadditions and virtualbox kmods rebuilt during boot.
Working desktop.  MageiaWelcome recognizes Mate.
System:    Host: vega Kernel: 4.4.105-tmb-desktop-1.mga5 x86_64 (64 bit) 
           Desktop: N/A Distro: Mageia 5 thornicroft 
CPU:       Quad core Intel Core i7-4790K (-HT-MCP-) clocked at 4400 MHz
Machine:   Mobo: Gigabyte model: G1.Sniper Z97 v: x.x
           Bios: American Megatrends v: F6 date: 05/30/2014
Graphics:  Card-1: Intel Xeon E3-1200 v3/4th Gen Core Processor Integrated Graphics Controller
           Card-2: NVIDIA GK104 [GeForce GTX 770]
           Display Server: X.Org 1.16.4 drivers: nvidia,v4l,intel
           Resolution: 2560x1440, 1024x768
           GLX Renderer: GeForce GTX 770/PCIe/SSE2
           GLX Version: 4.5.0 NVIDIA 384.98
RAM:       15.33 GB

c, i, m, d stress tests and glmark2 ran to completion.
TV reception and bluetooth audio working together.  Networking, thunderbird, caja all working.

OK for x86_64 on Mageia 5.
Comment 7 Len Lawrence 2017-12-17 21:50:47 CET
Updated to tmb kernel on Aorus X5 laptop.
System:    Host: markab Kernel: 4.4.105-tmb-desktop-1.mga5 x86_64 (64 bit) 
           Desktop: MATE 1.8.1  Distro: Mageia 5 thornicroft 
Machine:   Mobo: GIGABYTE model: X5
           Bios: American Megatrends v: FD05 date: 07/29/2015
Network:   Card-1: Qualcomm Atheros Killer E220x Gigabit Ethernet Controller
           driver: alx
           Card-2: Intel Wireless 7265 driver: iwlwifi
RAM:       15.61 GB
Graphics:  Card-1: NVIDIA GM204M [GeForce GTX 965M]
           Card-2: NVIDIA GM204M [GeForce GTX 965M]
           Display Server: X.Org 1.16.4 drivers: nvidia,v4l
           Resolution: 2880x1620@59.96hz
           GLX Renderer: GeForce GTX 965M/PCIe/SSE2
           GLX Version: 4.5.0 NVIDIA 384.98

stress tests and glmark2 ran fine.  No problems.  bluetooth audio is good.

OK for 64 bits on Mageia 5.
Comment 8 Len Lawrence 2017-12-18 11:16:26 CET
Mageia 5 on x86_64
Updated from kernel-linus 4.4.105-1.mga5
nvidia module rebuilt during reboot.

System:    Host: juza Kernel: 4.4.105-tmb-desktop-1.mga5 x86_64
Machine:   System: LENOVO product: 9541 v: Lenovo IdeaPad Y500
           Mobo: LENOVO model: INVALID v: 31900003WIN8 STD MLT
           Bios: LENOVO v: 6BCN34WW(V1.05) date: 11/29/2012
CPU:       Quad core Intel Core i7-3630QM (-HT-MCP-)
Graphics:  Card: NVIDIA GK107M [GeForce GT 650M]
           GLX Version: 4.5.0 NVIDIA 384.98
Network:   Card-2: Intel Centrino Wireless-N 2230 driver: iwlwifi
RAM:       7.74 GB

Ran stress tests and glmark2.
Desktop operations working normally.
Comment 9 Lewis Smith 2017-12-18 15:59:44 CET
Also testing M5/64, real hardware, Radeon/ATI video

 $ uname -r
 4.4.105-tmb-desktop-1.mga5

A small varity of tasks in testing bug 22183, plus sound & video ex DVD test, a few other applications briefly. No problems noted, looks OK.
In the light of all Len's more extensive tests, OKing this for 64-bit.

Whiteboard: (none) => MGA5-64-OK

Comment 10 Thomas Backlund 2017-12-21 22:52:52 CET
Advisory, added to svn:

  This kernel-tmb update is based on upstream 4.4.105 and fixes atleast the
  following security issues:

  An elevation of privilege vulnerability in the Broadcom wi-fi driver
  (CVE-2017-0786).

  Linux kernel built with the Kernel-based Virtual Machine(CONFIG_KVM)
  support is vulnerable to an incorrect debug exception(#DB) error. It
  could occur while emulating a syscall instruction. A user/process
  inside guest could use this flaw to potentially escalate their
  privileges inside guest. Linux guests are not affected.(CVE-2017-7518).

  The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the
  Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O
  vector has small consecutive buffers belonging to the same page. The
  bio_add_pc_page function merges them into one, but the page reference
  is never dropped. This causes a memory leak and possible system lockup
  (exploitable against the host OS by a guest OS user, if a SCSI disk is
  passed through to a virtual machine) due to an out-of-memory condition
  (CVE-2017-12190).

  The assoc_array_insert_into_terminal_node function in lib/assoc_array.c
  in the Linux kernel before 4.13.11 mishandles node splitting, which allows
  local users to cause a denial of service (NULL pointer dereference and
  panic) via a crafted application, as demonstrated by the keyring key type,
  and key addition and link creation operations (CVE-2017-12193).

  Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group
  Temporal Key (GTK) during the group key handshake, allowing an attacker
  within radio range to replay frames from access points to clients
  (CVE-2017-13080).

  The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel
  before 4.14 does not check whether the intended netns is used in a
  peel-off action, which allows local users to cause a denial of
  service (use-after-free and system crash) or possibly have unspecified
  other impact via crafted system calls (CVE-2017-15115).

  Race condition in the ALSA subsystem in the Linux kernel before 4.13.8
  allows local users to cause a denial of service (use-after-free) or
  possibly have unspecified other impact via crafted /dev/snd/seq ioctl
  calls, related to sound/core/seq/seq_clientmgr.c and 
  sound/core/seq/seq_ports.c (CVE-2017-15265)

  The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of
  add_key for a key that already exists but is uninstantiated, which allows
  local users to cause a denial of service (NULL pointer dereference and
  system crash) or possibly have unspecified other impact via a crafted
  system call (CVE-2017-15299).

  The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux
  kernel before 4.13.11 allows local users to gain privileges or cause a
  denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt
  system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages
  (CVE-2017-16939).

  The walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel
  before 4.14.2 mishandles holes in hugetlb ranges, which allows local
  users to obtain sensitive information from uninitialized kernel memory
  via crafted use of the mincore() system call. (CVE-2017-16994).

Keywords: (none) => advisory

Comment 11 Dave Hodgins 2017-12-22 08:18:29 CET
i586 version ok on x86_64 hardward. Validating the update.

Keywords: (none) => validated_update
Whiteboard: MGA5-64-OK => MGA5-64-OK MGA5-32-OK
CC: (none) => davidwhodgins, sysadmin-bugs

Comment 12 Mageia Robot 2017-12-22 11:32:01 CET
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2017-0466.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Comment 13 Mageia Robot 2017-12-24 15:35:02 CET
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2017-0466.html

Note You need to log in before you can comment on or make changes to this bug.