security fixes atleast for KVM CVE-2020-2732, a fix for broken radeon on 32bit (mga#26237), broken iwlwifi for some (mga#26248), a bugfix for pipe optimization backported in the 5.5.4 update, and various upstream fixes... SRPMS: kernel-5.5.6-2.mga7.src.rpm kmod-xtables-addons-3.8-4.mga7.src.rpm i586: bpftool-5.5.6-2.mga7.i586.rpm cpupower-5.5.6-2.mga7.i586.rpm cpupower-devel-5.5.6-2.mga7.i586.rpm kernel-desktop-5.5.6-2.mga7-1-1.mga7.i586.rpm kernel-desktop586-5.5.6-2.mga7-1-1.mga7.i586.rpm kernel-desktop586-devel-5.5.6-2.mga7-1-1.mga7.i586.rpm kernel-desktop586-devel-latest-5.5.6-2.mga7.i586.rpm kernel-desktop586-latest-5.5.6-2.mga7.i586.rpm kernel-desktop-devel-5.5.6-2.mga7-1-1.mga7.i586.rpm kernel-desktop-devel-latest-5.5.6-2.mga7.i586.rpm kernel-desktop-latest-5.5.6-2.mga7.i586.rpm kernel-doc-5.5.6-2.mga7.noarch.rpm kernel-server-5.5.6-2.mga7-1-1.mga7.i586.rpm kernel-server-devel-5.5.6-2.mga7-1-1.mga7.i586.rpm kernel-server-devel-latest-5.5.6-2.mga7.i586.rpm kernel-server-latest-5.5.6-2.mga7.i586.rpm kernel-source-5.5.6-2.mga7-1-1.mga7.noarch.rpm kernel-source-latest-5.5.6-2.mga7.noarch.rpm kernel-userspace-headers-5.5.6-2.mga7.i586.rpm libbpf0-5.5.6-2.mga7.i586.rpm libbpf-devel-5.5.6-2.mga7.i586.rpm perf-5.5.6-2.mga7.i586.rpm xtables-addons-kernel-5.5.6-desktop-2.mga7-3.8-4.mga7.i586.rpm xtables-addons-kernel-5.5.6-desktop586-2.mga7-3.8-4.mga7.i586.rpm xtables-addons-kernel-5.5.6-server-2.mga7-3.8-4.mga7.i586.rpm xtables-addons-kernel-desktop586-latest-3.8-4.mga7.i586.rpm xtables-addons-kernel-desktop-latest-3.8-4.mga7.i586.rpm xtables-addons-kernel-server-latest-3.8-4.mga7.i586.rpm x86_64: bpftool-5.5.6-2.mga7.x86_64.rpm cpupower-5.5.6-2.mga7.x86_64.rpm cpupower-devel-5.5.6-2.mga7.x86_64.rpm kernel-desktop-5.5.6-2.mga7-1-1.mga7.x86_64.rpm kernel-desktop-devel-5.5.6-2.mga7-1-1.mga7.x86_64.rpm kernel-desktop-devel-latest-5.5.6-2.mga7.x86_64.rpm kernel-desktop-latest-5.5.6-2.mga7.x86_64.rpm kernel-doc-5.5.6-2.mga7.noarch.rpm kernel-server-5.5.6-2.mga7-1-1.mga7.x86_64.rpm kernel-server-devel-5.5.6-2.mga7-1-1.mga7.x86_64.rpm kernel-server-devel-latest-5.5.6-2.mga7.x86_64.rpm kernel-server-latest-5.5.6-2.mga7.x86_64.rpm kernel-source-5.5.6-2.mga7-1-1.mga7.noarch.rpm kernel-source-latest-5.5.6-2.mga7.noarch.rpm kernel-userspace-headers-5.5.6-2.mga7.x86_64.rpm lib64bpf0-5.5.6-2.mga7.x86_64.rpm lib64bpf-devel-5.5.6-2.mga7.x86_64.rpm perf-5.5.6-2.mga7.x86_64.rpm xtables-addons-kernel-5.5.6-desktop-2.mga7-3.8-4.mga7.x86_64.rpm xtables-addons-kernel-5.5.6-server-2.mga7-3.8-4.mga7.x86_64.rpm xtables-addons-kernel-desktop-latest-3.8-4.mga7.x86_64.rpm xtables-addons-kernel-server-latest-3.8-4.mga7.x86_64.rpm
virtualbox kmods will be built after the 6.0.18 update in bug 26238 is validated and pushed
Depends on: (none) => 26238
virtualbox kmods: SRPM: kmod-virtualbox-6.0.18-4.mga7.src.rpm i586: virtualbox-kernel-5.5.6-desktop-2.mga7-6.0.18-4.mga7.i586.rpm virtualbox-kernel-5.5.6-desktop586-2.mga7-6.0.18-4.mga7.i586.rpm virtualbox-kernel-5.5.6-server-2.mga7-6.0.18-4.mga7.i586.rpm virtualbox-kernel-desktop586-latest-6.0.18-4.mga7.i586.rpm virtualbox-kernel-desktop-latest-6.0.18-4.mga7.i586.rpm virtualbox-kernel-server-latest-6.0.18-4.mga7.i586.rpm x86_64: virtualbox-kernel-5.5.6-desktop-2.mga7-6.0.18-4.mga7.x86_64.rpm virtualbox-kernel-5.5.6-server-2.mga7-6.0.18-4.mga7.x86_64.rpm virtualbox-kernel-desktop-latest-6.0.18-4.mga7.x86_64.rpm virtualbox-kernel-server-latest-6.0.18-4.mga7.x86_64.rpm
Component: RPM Packages => SecurityQA Contact: (none) => security
Still working on my Dell Inspiron with the old Radeon graphics. Using it to report this now.
CC: (none) => andrewsfarm
@Thomas A, from qa-discuss i presume that is your 32 bit P4 and RV200 GPU ? --- OK 64 bit: Installed - cpupower-5.5.6-2.mga7.x86_64 - kernel-desktop-5.5.6-2.mga7-1-1.mga7.x86_64 - kernel-desktop-devel-5.5.6-2.mga7-1-1.mga7.x86_64 - kernel-desktop-devel-latest-5.5.6-2.mga7.x86_64 - kernel-desktop-latest-5.5.6-2.mga7.x86_64 - kernel-userspace-headers-5.5.6-2.mga7.x86_64 - virtualbox-kernel-5.5.6-desktop-2.mga7-6.0.18-4.mga7.x86_64 - virtualbox-kernel-desktop-latest-6.0.18-4.mga7.x86_64 And rebooted. My machine "svarten": Mainboard: Sabertooth P67, CPU: i7-3770, RAM 16G, Nvidia GTX760 (GK104) using nvidia-current; GeForce 635 series and later Disk&Filesystem: SSD with EFI and ext 4 /boot, then an encrypted partition for LVM, containing swap and ext4 /home & / Plasma desktop. Thunderbird, LibreOffice, FreeCad, Ktorrent, Syncthing, Nextcloud client... Video with sound in Firefox CUDA and OpenCL detected by BOINC, and used OK. Stress test: BOINC use all cores to 100%, videos do not stutter. Will keep using it. __Virtualbox: (-6.0.18-1.mga7) (Minor glitch once: when windows guest stared booting it immediately in its window stopped dead showing "FATAL: Keyboard error:995" But restarting the guest, it boots OK. And subsequent boots also OK. Weird) This is the same windows guest as used in Bug 26238 Tests OK: Dynamically resizing guest window by mouse Shared clipboard, bidirectional Shared folders bidirectional copying USB2: flash stick Sound, Internet, performance: playing video in Firefox while host is heavily loaded.
CC: (none) => fri
(In reply to Morgan Leijström from comment #4) > @Thomas A, from qa-discuss i presume that is your 32 bit P4 and RV200 GPU ? > > --- That's the one. I should have been more specific. TMB had me try a preliminary version of this kernel to see if his fix had done the job, and I was just confirming to him that it's still OK on this version.
i5-2500, 16GB RAM, Integrated Intel graphics, wired Internet connection, 64-bit Plasma system. All packages installed cleanly. Rebooted to a working desktop. Tried several apps, including a Windows XP guest in VirtualBox. No issues noted. Looks OK on this hardware.
Amd Phenom II X4 910, 8GB RAM, Radeon HD 8490 graphics, Atheros wifi, 64-bit Plasma system. All packags installed cleanly. Rebooted to a working desktop. Performed the same tests as in Cmment 6, with no issues noted. Looks OK on this hardware.
Installed 14 packages and rebooted. Mate desktop restored, running nvidia-current. Kernel: 5.5.6-desktop-2.mga7 x86_64 MSI model: Z97-G43 (MS-7816) Intel Core i7-4790 type: MT MCP NVIDIA GM204 [GeForce GTX 970] driver: nvidia v: 430.64 No issues so far.
CC: (none) => tarazed25
on mga7-64 kernel-desktop plasma Packages installed cleanly: - cpupower-5.5.6-2.mga7.x86_64 - kernel-desktop-5.5.6-2.mga7-1-1.mga7.x86_64 - kernel-desktop-devel-5.5.6-2.mga7-1-1.mga7.x86_64 - kernel-desktop-devel-latest-5.5.6-2.mga7.x86_64 - kernel-desktop-latest-5.5.6-2.mga7.x86_64 - kernel-userspace-headers-5.5.6-2.mga7.x86_64 - virtualbox-kernel-5.5.6-desktop-2.mga7-6.0.18-4.mga7.x86_64 - virtualbox-kernel-desktop-latest-6.0.18-4.mga7.x86_64 system re-booted normally: uname-r 5.5.6-desktop-2.mga7 # dkms status virtualbox, 6.0.18-1.mga7, 5.5.4-desktop-1.mga7, x86_64: installed virtualbox, 6.0.18-1.mga7, 5.5.6-desktop-2.mga7, x86_64: installed virtualbox, 6.0.18-1.mga7, 5.5.4-desktop-1.mga7, x86_64: installed-binary from 5.5.4-desktop-1.mga7 virtualbox, 6.0.18-1.mga7, 5.5.6-desktop-2.mga7, x86_64: installed-binary from 5.5.6-desktop-2.mga7 vbox and client launched normally no regressions observed looks OK for mga7-64 on this system: Mobo: Dell model: 09WH54 v: UEFI [Legacy]: Dell v: 2.13.1 CPU: Intel Core i7-6700 Graphics: Intel HD Graphics 530 (Skylake GT2)
CC: (none) => jim
on mga7-32 in a vbox VM kernel-desktop586 plasma packages installed cleanly: - cpupower-5.5.6-2.mga7.i586 - kernel-desktop586-5.5.6-2.mga7-1-1.mga7.i586 - kernel-desktop586-devel-5.5.6-2.mga7-1-1.mga7.i586 - kernel-desktop586-devel-latest-5.5.6-2.mga7.i586 - kernel-desktop586-latest-5.5.6-2.mga7.i586 - kernel-userspace-headers-5.5.6-2.mga7.i586 VM re-booted normally: $ uname -r 5.5.6-desktop586-2.mga7 # dkms status vboxadditions, 6.0.18-1.mga7: added No regressions noted OK for mga7-32 in a vbox VM
Working fine for Skylake and nvidia GTX 1080Ti. nvidia kmod built during boot process. Warm reboot now works after a BIOS update. Ran stress tests - all OK. glmark2 fails - usually does these days. $ sudo dkms status nvidia-current, 430.64-4.mga7.nonfree, 5.5.6-desktop-2.mga7, x86_64: installed nvidia-current, 430.64-4.mga7.nonfree, 5.5.4-desktop-1.mga7, x86_64: installed xtables-addons, 3.8-1.mga7, 5.5.6-desktop-2.mga7, x86_64: installed-binary from 5.5.6-desktop-2.mga7
Desktop kernel running fine on Alienware X51. Kernel: 5.5.6-desktop-2.mga7 x86_64 Intel Core i7-2600 type: MT MCP GeForce GTX 555/PCIe/SSE2 v: 4.6.0 NVIDIA 390.132 glmark2 runs, glxspheres, teapot. CPU cores fully occupied running stress tests as well.
Successful installation and reboot on Lenovo Ideapad Y500. Kernel: 5.5.6-desktop-2.mga7 x86_64 Intel Core i7-3630QM type: MT MCP NVIDIA GK107M [GeForce GT 650M] driver: nvidia v: 430.64 Desktop working; glmark2 and stress tests. Session resumes immediately on closing and opening lid. wifi, NFS shares....
MGA7-64 Plasma on Lenovo B50 No installation issues Deskop, wifi, glmark2, internet, documents, video, pictures, access to NFS shares all OK.
CC: (none) => herman.viaene
Dell Dimension e520, Core 2 Quad, 4GB RAM, Radeon HD 8490 graphics, Realtek usb wifi dongle, 64-bit Plasma system. All packages installed cleanly. Rebooted to a working desktop, no issues noted. Looks OK on this hardware.
AMD x3, Nvidia 730gt (390 driver),GNOME - hardware install $ uname -a Linux linux.local 5.5.6-desktop-2.mga7 #1 SMP Tue Feb 25 11:54:56 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux I've been using it a few hours, so far no issues.
CC: (none) => brtians1
Advisory, added to svn: type: security subject: Updated kernel packages fix security vulnerability CVE: - CVE-2019-XXXX src: 7: core: - kernel-5.5.6-2.mga7 - kmod-virtualbox-6.0.18-4.mga7 - kmod-xtables-addons-3.8-4.mga7 description: | This update is based on upstream 5.5.6 and fixes atleast the following security vulnerability: A flaw was found in the way KVM hypervisor handled instruction emulation for the L2 guest when nested(=1) virtualization is enabled. In the instruction emulation, the L2 guest could trick the L0 hypervisor into accessing sensitive bits of the L1 hypervisor. An L2 guest could use this flaw to potentially access information of the L1 hypervisor (CVE-2020-2732). Other additional fixes in this update: - a fix for broken radeon on 32bit (mga#26237) - broken iwlwifi for some (mga#26248) - a bugfix for pipe optimization backported in the 5.5.4 update For other upstream fixes in this update, see the referenced changelogs. references: - https://bugs.mageia.org/show_bug.cgi?id=26258 - https://bugs.mageia.org/show_bug.cgi?id=26237 - https://bugs.mageia.org/show_bug.cgi?id=26248 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.5.5 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.5.6
Keywords: (none) => advisory, validated_updateWhiteboard: (none) => MGA7-64-OK, MGA7-32-OKCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2020-0110.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED