Installed tmb desktop kernel.
nvidia current module and virtualbox kmod built.
$ drakboot --boot
Rebooted to Mate desktop.

System:    Host: difda Kernel: 4.14.16-desktop-1.mga6 x86_64
CPU:       Quad core Intel Core i7-4790 (-HT-MCP-) speed/max: 3810/4000 MHz
Machine:   Device: desktop Mobo: MSI model: Z97-G43 (MS-7816) v: 3.0
Network:   Card: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller
           driver: r8169
Graphics:  Card: NVIDIA GM204 [GeForce GTX 970]
           GLX Version: 4.5.0 NVIDIA 384.111
RAM:       31.37 GB

Successful runs of stress tests and glmark2.  NFS shares mounted.
Desktop running fine.  vlc playing videos via NFS share.

CC: (none) => tarazed25

Not sure which partition that last install referred to.
Have redone it on another partition.

nvidia kmod rebuilt at boot.

System:    Host: difda Kernel: 4.14.18-tmb-desktop-1.mga6 x86_64
CPU:       Quad core Intel Core i7-4790 (-HT-MCP-) speed/max: 3921/4000 MHz
Machine:   Device: desktop Mobo: MSI model: Z97-G43 (MS-7816) v: 3.0
Graphics:  Card: NVIDIA GM204 [GeForce GTX 970]
           GLX Version: 4.5.0 NVIDIA 384.111
RAM:       31.32 GB
Network:   Card: Realtek RTL8111/8168/8411 PCI Express Gigabit Ethernet Controller
           driver: r8169

Everything is running smoothly.  Hardware tests completed.
virtualbox, sound and video, scheduled updates, networking and network shares. 
No regressions.

Advisory, added to svn:

type: security
subject: Updated kernel-tmb packages fix security vulnerabilities
CVE:
 - CVE-2017-5715
 - CVE-2017-5753
 - CVE-2017-8824
 - CVE-2017-1000410
src:
  6:
   core:
     - kernel-tmb-4.14.18-1.mga6
description: |
  This kernel-tmb update is based on the upstream 4.14.18 and and adds some
  support for mitigating  Spectre, variant 1 (CVE-2017-5753) and as it is
  built with the retpoline-aware gcc-5.5.0-1.mga6, it now provides full
  retpoline mitigation for Spectre, variant 2 (CVE-2017-5715).

  The BPF interpreter has been used as part of the spectre 2 attack
  CVE-2017-5715. To make attacker job harder introduce BPF_JIT_ALWAYS_ON
  config option that removes interpreter from the kernel in favor of JIT-only
  mode. This is now enabled by default in Mageia kernels.

  Other security fixes in this update:

  Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies
  in the processing of incoming L2CAP commands - ConfigRequest, and
  ConfigResponse messages. This info leak is a result of uninitialized stack
  variables that may be returned to an attacker in their uninitialized state.
  By manipulating the code flows that precede the handling of these
  configuration messages, an attacker can also gain some control over which
  data will be held in the uninitialized stack variables. This can allow him
  to bypass KASLR, and stack canaries protection - as both pointers and stack
  canaries may be leaked in this manner (CVE-2017-1000410).

  The dccp_disconnect function in net/dccp/proto.c in the Linux kernel through
  4.14.3 allows local users to gain privileges or cause a denial of service
  (use-after-free) via an AF_UNSPEC connect system call during the DCCP_LISTEN
  state (CVE-2017-8824).

  WireGuard has been updated to 0.0.20180202

  This update also fixes the rtl8812au driver that got broken/missing in
  the upgrade to 4.14 series kernels (mga#22524).

  For other fixes in this update, read the referenced changelogs.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=22543
 - https://bugs.mageia.org/show_bug.cgi?id=22524
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.14
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.15
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.16
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.17
 - https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.18

Keywords: (none) => advisory

On mga6-64 plasma

packages installed cleanly:
- kernel-tmb-desktop-4.14.18-1.mga6-1-1.mga6.x86_64
- kernel-tmb-desktop-latest-4.14.18-1.mga6.x86_64

system rebooted normally:
$ uname -r
4.14.18-tmb-desktop-1.mga6

Tested several commonly used applications

No regressions noted

OK for mga6-64 on this system:

Machine:   Device: desktop System: Hewlett-Packard product: CQ2925EA
           Mobo: PEGATRON model: 2AE2 v: 1.02 UEFI: AMI v: 8.08
CPU:       Dual core Intel Pentium G645T (-MCP-) cache: 3072 KB 
Graphics:  Card: Intel 2nd Generation Core Processor Family
           Display Server: Mageia X.org 119.5 drivers: v4l,intel

CC: (none) => jim

on mga6-32 XFCE

packages installed cleanly:
- kernel-tmb-desktop-4.14.18-1.mga6-1-1.mga6.i586
- kernel-tmb-desktop-devel-4.14.18-1.mga6-1-1.mga6.i586
- kernel-tmb-desktop-devel-latest-4.14.18-1.mga6.i586
- kernel-tmb-desktop-latest-4.14.18-1.mga6.i586

system re-booted normally
$ uname -r
4.14.18-tmb-desktop-1.mga6

tested several commonly used applications

looks OK for mga6-32 on this system:

Machine:   Device: desktop Mobo: ECS model: GeForce7050M-M 
CPU:       Quad core AMD Phenom 9500 (-MCP-)
Graphics:  Card: NVIDIA C68 [GeForce 7050 PV / nForce 630a]
           Display Server: Mageia X.org 119.5 drivers: nvidia,v4l
           GLX Version: 2.1.2 NVIDIA 304.137

Testing mga6 64

Nothing unusual to report.

Kaby Lake laptop.
model name : Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz

Validating as its tested om both arches

Whiteboard: (none) => MGA6-64-OK, MGA6-32-OK
Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2018-0126.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED