Mga7 rpms:

SRPMS:
kernel-linus-5.10.33-1.mga7-1-1.mga7.src.rpm

i586:
kernel-linus-5.10.33-1.mga7-1-1.mga7.i586.rpm
kernel-linus-devel-5.10.33-1.mga7-1-1.mga7.i586.rpm
kernel-linus-devel-latest-5.10.33-1.mga7.i586.rpm
kernel-linus-doc-5.10.33-1.mga7.noarch.rpm
kernel-linus-latest-5.10.33-1.mga7.i586.rpm
kernel-linus-source-5.10.33-1.mga7-1-1.mga7.noarch.rpm
kernel-linus-source-latest-5.10.33-1.mga7.noarch.rpm

x86_64:
kernel-linus-5.10.33-1.mga7-1-1.mga7.x86_64.rpm
kernel-linus-devel-5.10.33-1.mga7-1-1.mga7.x86_64.rpm
kernel-linus-devel-latest-5.10.33-1.mga7.x86_64.rpm
kernel-linus-doc-5.10.33-1.mga7.noarch.rpm
kernel-linus-latest-5.10.33-1.mga7.x86_64.rpm
kernel-linus-source-5.10.33-1.mga7-1-1.mga7.noarch.rpm
kernel-linus-source-latest-5.10.33-1.mga7.noarch.rpm

Summary: Update request: kernel-linus-5.10.33-1.mga8 => Update request: kernel-linus-5.10.33-1.mga8/7
Whiteboard: (none) => MGA7TOO

Advisory, added to svn:

type: security
subject: Updated kernel-linus packages fix security vulnerabilities
CVE:
 - CVE-2021-23133
 - CVE-2021-29155
src:
  8:
   core:
     - kernel-linus-5.10.33-1.mga8
  7:
   core:
     - kernel-linus-5.10.33-1.mga7
description: |
  This kernel-linus update is based on upstream 5.10.33 and fixes atleast the
  following security issues:

  A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before
  5.12-rc8 can lead to kernel privilege escalation from the context of a
  network service or an unprivileged process. If sctp_destroy_sock is called
  without sock_net(sk)->sctp.addr_wq_lock then an element is removed from
  the auto_asconf_splist list without any proper locking. This can be
  exploited by an attacker with network service privileges to escalate to
  root or from the context of an unprivileged user directly if a
  BPF_CGROUP_INET_SOCK_CREATE is attached which denies creation of some
  SCTP socket (CVE-2021-23133).

  An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/
  verifier.c performs undesirable out-of-bounds speculation on pointer
  arithmetic, leading to side-channel attacks that defeat Spectre mitigations
  and obtain sensitive information from kernel memory. Specifically, for
  sequences of pointer arithmetic operations, the pointer modification
  performed by the first operation is not correctly accounted for when
  restricting subsequent operations (CVE-2021-29155).

  For other upstream fixes, see the referenced changelogs.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=28858
 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.31
 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.32
 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.33

Keywords: (none) => advisory

Updated without source packages.  Removed a slew of mga7 kernel packages left over from the recent mga7->mga8 upgrade and ran `drakboot --boot` before rebooting.

Kernel: 5.10.33-1.mga8 x86_64
Mobo: MSI model: Z97-G43 (MS-7816)
Quad Core Intel Core i7-4790 [MT MCP]
NVIDIA GM204 [GeForce GTX 970] driver: nvidia v: 460.73.01

NFS shares mounted from fstab.  Virtualbox launches Mageia 32-bit and 64-bit clients - working desktops.

Common desktop applications work. vlc with pulseaudio plays videos.
Logged in to another workstation on the LAN with ssh.  Ran stress tests, glmark2,  teapot, glxspheres.  Installed and launched qgis.  Ran stellarium, opened GIMP on an image and manipulated it.  Played kmahjongg.

Leaving this to run.

CC: (none) => tarazed25

System:
  Host: mageia.local Kernel: 5.10.33-1.mga8 x86_64 bits: 64 
  Desktop: KDE Plasma 5.20.4 Distro: Mageia 8 mga8

Installing:
kernel-linus-latest-5.10.33-1.mga8.x86_64
kernel-linus-devel-latest-5.10.33-1.mga8.x86_64
kernel-linus-5.10.33-1.mga8-1-1.mga8.x86_64
kernel-linus-devel-5.10.33-1.mga8-1-1.mga8.x86_64

Rebooting with Grub2 making sure it loads kernel-linus
(no mention to -desktop or -server in the version name)

Graphics:  Device-1: NVIDIA TU116 [GeForce GTX 1660 Ti] driver: nvidia v: 460.73.01 
           Display: x11 server: Mageia X.org 1.20.11 driver: nvidia,v4l resolution: 1: 1920x1080~60Hz 2: 1920x1080 
           OpenGL: renderer: GeForce GTX 1660 Ti/PCIe/SSE2 v: 4.6.0 NVIDIA 460.73.01 
Audio:     Device-1: Intel 100 Series/C230 Series Family HD Audio driver: snd_hda_intel 
           Device-2: NVIDIA TU116 High Definition Audio driver: snd_hda_intel 
           Device-3: Logitech HD Pro Webcam C920 type: USB driver: snd-usb-audio,uvcvideo 
           Sound Server: ALSA v: k5.10.33-1.mga8 
Network:   Device-1: Intel Ethernet I219-V driver: e1000e 
           Device-2: Intel Wi-Fi 6 AX200 driver: iwlwifi

All working OK.
Note dkms drivers for nvidia was rebuilt before with 5.10.33-desktop.

CC: (none) => ouaurelien

System:
  Host: mageia2.local Kernel: 5.10.33-1.mga7 x86_64 bits: 64 
  Desktop: KDE Plasma 5.15 Distro: Mageia 7 mga7
 
Installing:
kernel-linus-latest-5.10.33-1.mga7.x86_64
kernel-linus-devel-latest-5.10.33-1.mga7.x86_64
kernel-linus-5.10.33-1.mga7-1-1.mga7.x86_64
kernel-linus-devel-5.10.33-1.mga7-1-1.mga7.x86_64

Rebooting with Grub2 making sure it loads kernel-linus
(no mention to -desktop or -server in the version name)

All working OK (WiFi, Bluetooth, Nvidia Geforce GTX 670).
Note dkms drivers for nvidia was rebuilt before with 5.10.33-desktop.

MGA7-64-OK

MGA8-64-OK for comment 4.

Validating.

Whiteboard: MGA7TOO => MGA7TOO MGA7-64-OK MGA8-64-OK
Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2021-0205.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED