Security and bugfixes, advisory will follow... SRPM: kernel-linus-5.10.24-1.mga8.src.rpm i586: kernel-linus-5.10.24-1.mga8-1-1.mga8.i586.rpm kernel-linus-devel-5.10.24-1.mga8-1-1.mga8.i586.rpm kernel-linus-devel-latest-5.10.24-1.mga8.i586.rpm kernel-linus-doc-5.10.24-1.mga8.noarch.rpm kernel-linus-latest-5.10.24-1.mga8.i586.rpm kernel-linus-source-5.10.24-1.mga8-1-1.mga8.noarch.rpm kernel-linus-source-latest-5.10.24-1.mga8.noarch.rpm x86_64: kernel-linus-5.10.24-1.mga8-1-1.mga8.x86_64.rpm kernel-linus-devel-5.10.24-1.mga8-1-1.mga8.x86_64.rpm kernel-linus-devel-latest-5.10.24-1.mga8.x86_64.rpm kernel-linus-doc-5.10.24-1.mga8.noarch.rpm kernel-linus-latest-5.10.24-1.mga8.x86_64.rpm kernel-linus-source-5.10.24-1.mga8-1-1.mga8.noarch.rpm kernel-linus-source-latest-5.10.24-1.mga8.noarch.rpm
Mga7 rpmms: SRPM: kernel-linus-5.10.24-1.mga7.src.rpm i586: kernel-linus-5.10.24-1.mga7-1-1.mga7.i586.rpm kernel-linus-devel-5.10.24-1.mga7-1-1.mga7.i586.rpm kernel-linus-devel-latest-5.10.24-1.mga7.i586.rpm kernel-linus-doc-5.10.24-1.mga7.noarch.rpm kernel-linus-latest-5.10.24-1.mga7.i586.rpm kernel-linus-source-5.10.24-1.mga7-1-1.mga7.noarch.rpm kernel-linus-source-latest-5.10.24-1.mga7.noarch.rpm x86_64: kernel-linus-5.10.24-1.mga7-1-1.mga7.x86_64.rpm kernel-linus-devel-5.10.24-1.mga7-1-1.mga7.x86_64.rpm kernel-linus-devel-latest-5.10.24-1.mga7.x86_64.rpm kernel-linus-doc-5.10.24-1.mga7.noarch.rpm kernel-linus-latest-5.10.24-1.mga7.x86_64.rpm kernel-linus-source-5.10.24-1.mga7-1-1.mga7.noarch.rpm kernel-linus-source-latest-5.10.24-1.mga7.noarch.rpm
Summary: Update reqest: kernel-linus-5.10.24-1,mga8 => Update reqest: kernel-linus-5.10.24-1,mga8/7Whiteboard: (none) => MGA7TOO
Kernel: 5.10.24-1.mga8 x86_64 Quad Core Intel Core i7-4790 NVIDIA GM204 [GeForce GTX 970] nvidia 460.56 Needed `drakboot --boot` to allow the Linus kernel to be selected, otherwise plain sailing. Mate desktop working fine.
CC: (none) => tarazed25
Advisory, added to svn: type: security subject: Updated kernel-linus packages fix security issues CVE: - CVE-2020-25639 - CVE-2021-27363 - CVE-2021-27364 - CVE-2021-27365 - CVE-2021-28038 - CVE-2021-28039 - CVE-2021-28375 src: 8: core: - kernel-linus-5.10.24-1.mga8 7: core: - kernel-linus-5.10.24-1.mga7 description: | This kernel-linus update is based on upstream 5.10.24 and fixes atleast the following security issues: A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system. (CVE-2020-25639). An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via the sysfs file system, at /sys/class/iscsi_transport/$TRANSPORT_NAME/handle. When read, the show_transport_handle function (in drivers/scsi/scsi_transport_iscsi.c) is called, which leaks the handle. This handle is actually the pointer to an iscsi_transport struct in the kernel module's global variables (CVE-2021-27363). An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/ scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages (CVE-2021-27364). An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message (CVE-2021-27365). An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a result of changes to the handling of grant mapping errors). A host OS denial of service may occur during misbehavior of a networking frontend driver. NOTE: this issue exists because of an incomplete fix for CVE-2021-26931. (CVE-2021-28038 / XSA-367) An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0 or driver domain via a large amount of I/O activity. The issue relates to misuse of guest physical addresses when a configuration has CONFIG_XEN_UNPOPULATED_ALLOC but not CONFIG_XEN_BALLOON_MEMORY_HOTPLUG. (CVE-2021-28039 / XSA-369) An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages (CVE-2021-28375). It also adds a critical fix for filesystem level corruption: - on setups with swapfiles on filesystems sitting on top of brd, zram, btt or pmem, then when the system starts to swap out pages, at which point it corrupts filesystem blocks that don't belong to the swapfile. It also adds the following fixes: - arm(64): enable W1_MASTER_GPIO (mga#28596) For other upstream fixes, see the referenced changelogs. references: - https://bugs.mageia.org/show_bug.cgi?id=28611 - https://bugs.mageia.org/show_bug.cgi?id=28596 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.20 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.21 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.22 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.23 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.24
Keywords: (none) => advisory
putting this on hold for respinning on top of 5.10.25 with more security fixes for speculatively out-of-bound bypassing
Keywords: advisory => feedback
Addendum to advisory for 5.10.25, added to svn: Unprivileged BPF programs running on affected systems can bypass the protection and execute speculatively out-of-bounds loads from any location within the kernel memory. This can be abused to extract contents of kernel memory via side-channel (CVE-2020-27170). Unprivileged BPF programs running on affected 64-bit systems can exploit this to execute speculatively out-of-bounds loads from 4GB window within the kernel memory. This can be abused to extract contents of kernel memory via side-channel (CVE-2020-27171). Mga8 rpms: SRPM: kernel-linus-5.10.25-1.mga8.src.rpm i586: kernel-linus-5.10.25-1.mga8-1-1.mga8.i586.rpm kernel-linus-devel-5.10.25-1.mga8-1-1.mga8.i586.rpm kernel-linus-devel-latest-5.10.25-1.mga8.i586.rpm kernel-linus-doc-5.10.25-1.mga8.noarch.rpm kernel-linus-latest-5.10.25-1.mga8.i586.rpm kernel-linus-source-5.10.25-1.mga8-1-1.mga8.noarch.rpm kernel-linus-source-latest-5.10.25-1.mga8.noarch.rpm x86_64: kernel-linus-5.10.25-1.mga8-1-1.mga8.x86_64.rpm kernel-linus-devel-5.10.25-1.mga8-1-1.mga8.x86_64.rpm kernel-linus-devel-latest-5.10.25-1.mga8.x86_64.rpm kernel-linus-doc-5.10.25-1.mga8.noarch.rpm kernel-linus-latest-5.10.25-1.mga8.x86_64.rpm kernel-linus-source-5.10.25-1.mga8-1-1.mga8.noarch.rpm kernel-linus-source-latest-5.10.25-1.mga8.noarch.rpm Mga7 rpms: SRPM: kernel-linus-5.10.25-1.mga7.src.rpm i586: kernel-linus-5.10.25-1.mga7-1-1.mga7.i586.rpm kernel-linus-devel-5.10.25-1.mga7-1-1.mga7.i586.rpm kernel-linus-devel-latest-5.10.25-1.mga7.i586.rpm kernel-linus-doc-5.10.25-1.mga7.noarch.rpm kernel-linus-latest-5.10.25-1.mga7.i586.rpm kernel-linus-source-5.10.25-1.mga7-1-1.mga7.noarch.rpm kernel-linus-source-latest-5.10.25-1.mga7.noarch.rpm x86_64: kernel-linus-5.10.25-1.mga7-1-1.mga7.x86_64.rpm kernel-linus-devel-5.10.25-1.mga7-1-1.mga7.x86_64.rpm kernel-linus-devel-latest-5.10.25-1.mga7.x86_64.rpm kernel-linus-doc-5.10.25-1.mga7.noarch.rpm kernel-linus-latest-5.10.25-1.mga7.x86_64.rpm kernel-linus-source-5.10.25-1.mga7-1-1.mga7.noarch.rpm kernel-linus-source-latest-5.10.25-1.mga7.noarch.rpm
Keywords: feedback => advisorySummary: Update reqest: kernel-linus-5.10.24-1,mga8/7 => Update reqest: kernel-linus-5.10.25-1,mga8/7
Works OK both system MGA7 and MGA8, real hardware. Using nouveau driver to drive GTX 670 and using Intel output for Mageia 8.
Keywords: (none) => validated_updateWhiteboard: MGA7TOO => MGA7TOO MGA7-64-OK MGA8-64-OKCC: (none) => ouaurelien, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2021-0152.html
Status: NEW => RESOLVEDResolution: (none) => FIXED