Upgrade to 4.14 branch and fixes several security issues: SRPMS: kernel-tmb-4.14.9-1.mga6.src.rpm i586: kernel-tmb-desktop-4.14.9-1.mga6-1-1.mga6.i586.rpm kernel-tmb-desktop-devel-4.14.9-1.mga6-1-1.mga6.i586.rpm kernel-tmb-desktop-devel-latest-4.14.9-1.mga6.i586.rpm kernel-tmb-desktop-latest-4.14.9-1.mga6.i586.rpm kernel-tmb-source-4.14.9-1.mga6-1-1.mga6.noarch.rpm kernel-tmb-source-latest-4.14.9-1.mga6.noarch.rpm x86_64: kernel-tmb-desktop-4.14.9-1.mga6-1-1.mga6.x86_64.rpm kernel-tmb-desktop-devel-4.14.9-1.mga6-1-1.mga6.x86_64.rpm kernel-tmb-desktop-devel-latest-4.14.9-1.mga6.x86_64.rpm kernel-tmb-desktop-latest-4.14.9-1.mga6.x86_64.rpm kernel-tmb-source-4.14.9-1.mga6-1-1.mga6.noarch.rpm kernel-tmb-source-latest-4.14.9-1.mga6.noarch.rpm
advisory, added to svn: type: security subject: kernel-tmb update provides 4.14 series and fixes security vulnerabilities CVE: - CVE-2017-0786 - CVE-2017-0861 - CVE-2017-7518 - CVE-2017-12188 - CVE-2017-12190 - CVE-2017-12193 - CVE-2017-13080 - CVE-2017-15115 - CVE-2017-15265 - CVE-2017-15299 - CVE-2017-16939 - CVE-2017-16994 - CVE-2017-16995 - CVE-2017-16996 - CVE-2017-17741 - CVE-2017-17852 - CVE-2017-17853 - CVE-2017-17854 - CVE-2017-17855 - CVE-2017-17856 - CVE-2017-17857 - CVE-2017-17862 - CVE-2017-17863 - CVE-2017-17864 - CVE-2017-1000407 src: 6: core: - kernel-tmb-4.14.9-1.mga6 description: | This kernel-tmb update provides an upgrade to the 4.14 longterm branch, currently based on 4.14.9. It also fixes atleast the following security issues: An elevation of privilege vulnerability in the Broadcom wi-fi driver (CVE-2017-0786). Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors (CVE-2017-0861). Linux kernel built with the Kernel-based Virtual Machine(CONFIG_KVM) support is vulnerable to an incorrect debug exception(#DB) error. It could occur while emulating a syscall instruction. A user/process inside guest could use this flaw to potentially escalate their privileges inside guest. Linux guests are not affected.(CVE-2017-7518). arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest OS users to execute arbitrary code on the host OS or cause a denial of service (incorrect index during page walking, and host OS crash), aka an "MMU potential stack buffer overrun" (CVE-2017-12188). The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference is never dropped. This causes a memory leak and possible system lockup (exploitable against the host OS by a guest OS user, if a SCSI disk is passed through to a virtual machine) due to an out-of-memory condition (CVE-2017-12190). The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service (NULL pointer dereference and panic) via a crafted application, as demonstrated by the keyring key type, and key addition and link creation operations (CVE-2017-12193). Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients (CVE-2017-13080). The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls (CVE-2017-15115). Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c (CVE-2017-15265) The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of add_key for a key that already exists but is uninstantiated, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted system call (CVE-2017-15299). The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted SO_RCVBUF setsockopt system call in conjunction with XFRM_MSG_GETPOLICY Netlink messages (CVE-2017-16939). The walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obtain sensitive information from uninitialized kernel memory via crafted use of the mincore() system call (CVE-2017-16994). The check_alu_op function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect sign extension (CVE-2017-16995). kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging register truncation mishandling (CVE-2017-16996). The KVM implementation in the Linux kernel through 4.14.7 allows attackers to obtain potentially sensitive information from kernel memory, aka a write_mmio stack-based out-of-bounds read, related to arch/x86/kvm/x86.c and include/trace/events/kvm.h (CVE-2017-17741). kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of 32-bit ALU ops (CVE-2017-17852). kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect BPF_RSH signed bounds calculations (CVE-2017-17853). kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (integer overflow and memory corruption) or possibly have unspecified other impact by leveraging unrestricted integer values for pointer arithmetic (CVE-2017-17854). kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging improper use of pointers in place of scalars (CVE-2017-17855). kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the lack of stack-pointer alignment enforcement (CVE-2017-17856). The check_stack_boundary function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of invalid variable stack read operations (CVE-2017-17857). kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service (CVE-2017-17862). kernel/bpf/verifier.c in the Linux kernel 4.9.x through 4.9.71 does not check the relationship between pointer values and the BPF stack, which allows local users to cause a denial of service (integer overflow or invalid memory access) or possibly have unspecified other impact (CVE-2017-17863). kernel/bpf/verifier.c in the Linux kernel before 4.14 mishandles states_equal comparisons between the pointer data type and the UNKNOWN_VALUE data type, which allows local users to obtain potentially sensitive address information, aka a "pointer leak" (CVE-2017-17864). The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic (CVE-2017-1000407). This update also adds support for WireGuard VPN. For other changes in this update, read the referenced changelogs. references: - https://bugs.mageia.org/show_bug.cgi?id=22268 - https://kernelnewbies.org/Linux_4.10 - https://kernelnewbies.org/Linux_4.11 - https://kernelnewbies.org/Linux_4.12 - https://kernelnewbies.org/Linux_4.13 - https://kernelnewbies.org/Linux_4.14 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.1 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.2 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.3 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.4 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.5 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.6 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.7 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.8 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.9 - https://www.wireguard.com/
Keywords: (none) => advisory
Depends on: (none) => 22100, 22148, 22149, 22150, 22256, 22147, 22152, 22164
The tmb kernel packages installed cleanly. Ran 'drakboot --boot' and rebooted to the Mate desktop. System: Host: vega Kernel: 4.14.9-tmb-desktop-1.mga6 x86_64 (64 bit) CPU: Quad core Intel Core i7-4790K (-HT-MCP-) speed/max: 4000/4400 MHz Machine: Device: desktop Mobo: Gigabyte model: G1.Sniper Z97 v: x.x UEFI: American Megatrends v: F6 date: 05/30/2014 Graphics: Card-1: Intel Xeon E3-1200 v3/4th Gen Core Processor Integrated Graphics Controller Card-2: NVIDIA GK104 [GeForce GTX 770] GLX Version: 4.5.0 NVIDIA 384.98 Ran the usual tests, stress and glmark2, and checked various applications. vlc for video, bluetooth for sound. NFS shares. Wired networking. 32-bit and 64-bit virtualbox guests booted in separate windows. Everything running smoothly.
CC: (none) => tarazed25
Updated to 4.14.10 for some needed fixes, advisory updated in svn. new rpms: SRPMS: kernel-tmb-4.14.10-1.mga6.src.rpm i586: kernel-tmb-desktop-4.14.10-1.mga6-1-1.mga6.i586.rpm kernel-tmb-desktop-devel-4.14.10-1.mga6-1-1.mga6.i586.rpm kernel-tmb-desktop-devel-latest-4.14.10-1.mga6.i586.rpm kernel-tmb-desktop-latest-4.14.10-1.mga6.i586.rpm kernel-tmb-source-4.14.10-1.mga6-1-1.mga6.noarch.rpm kernel-tmb-source-latest-4.14.10-1.mga6.noarch.rpm x86_64: kernel-tmb-desktop-4.14.10-1.mga6-1-1.mga6.x86_64.rpm kernel-tmb-desktop-devel-4.14.10-1.mga6-1-1.mga6.x86_64.rpm kernel-tmb-desktop-devel-latest-4.14.10-1.mga6.x86_64.rpm kernel-tmb-desktop-latest-4.14.10-1.mga6.x86_64.rpm kernel-tmb-source-4.14.10-1.mga6-1-1.mga6.noarch.rpm kernel-tmb-source-latest-4.14.10-1.mga6.noarch.rpm
Summary: Update request: kernel-tmb-4.14.9-1.mga6 => Update request: kernel-tmb-4.14.10-1.mga6
video: Core Processor Integrated Graphics Controller Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz wifi: RTL8191SEvB Wireless LAN Controller Installed kernel-tmb-desktop-4.14.10-1 kernel-tmb-desktop-latest-4.14.10-1 $ uname -a Linux localhost.localdomain 4.14.10-tmb-desktop-1.mga6 #1 SMP PREEMPT Sat Dec 30 03:01:11 UTC 2017 i686 i686 i686 GNU/Linux Will live with a few hours, but so far no regressions.
CC: (none) => brtians1
Only issues I've run across on the laptop with kernel-tmb is an error from akamai server during shutdown, not sure why, it doesn't do that on the other kernel-4 versions. fyi - this happened before on an earlier kernel-tmb version (4.9.56 I think) as well.
Installed the tmb kernel on this hardware: System: Host: difda Kernel: 4.14.10-tmb-desktop-1.mga6 x86_64 Desktop: MATE 1.18.0 Distro: Mageia 6 mga6 CPU: Quad core Intel Core i7-4790 (-HT-MCP-) speed/max: 3599/4000 MHz Machine: Device: desktop Mobo: MSI model: Z97-G43 (MS-7816) v: 3.0 UEFI: American Megatrends v: V17.8 date: 12/24/2014 Graphics: Card: NVIDIA GM204 [GeForce GTX 970] Resolution: 3840x2160@60.00hz on DisplayPort GLX Renderer: GeForce GTX 970/PCIe/SSE2 GLX Version: 4.5.0 NVIDIA 384.98 RAM: 31.33 GB Stress tests and glmark2 ran fine. Everything else running as normal. Good for 64 bits.
All kernels ok on my system, both under vb and on real hardware.
CC: (none) => davidwhodgins
Hardware: ASRock motherboard, Athlon X2 7750 processor, 8GB RAM, Geforce 9800GT graphics (nvidia340), Atheros wifi. Two systems, one 64-bit, one 32-bit, both running Plasma on server kernel 4.14.10. Installed kernel-tmb 4.14.10 on each system as if it were a new kernel install, not an update to an existing tmb kernel. No problems on either system. Looks OK on this hardware.
CC: (none) => andrewsfarm
Keywords: (none) => validated_updateWhiteboard: (none) => MGA6-64-OK, MGA6-32-OKCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2018-0063.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED