Bug 28917 - Update request: kernel-linus-5.10.37-1.mga8/7
Summary: Update request: kernel-linus-5.10.37-1.mga8/7
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 8
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA7TOO, MGA7-64-OK, MGA8-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2021-05-14 13:37 CEST by Thomas Backlund
Modified: 2021-05-19 21:32 CEST (History)
4 users (show)

See Also:
Source RPM: kernel-linus
CVE:
Status comment:


Attachments

Description Thomas Backlund 2021-05-14 13:37:21 CEST
security and bugfixes, advisory will follow....

SRPM:
kernel-linus-5.10.37-1.mga8.src.rpm


i586:
kernel-linus-5.10.37-1.mga8-1-1.mga8.i586.rpm
kernel-linus-devel-5.10.37-1.mga8-1-1.mga8.i586.rpm
kernel-linus-devel-latest-5.10.37-1.mga8.i586.rpm
kernel-linus-doc-5.10.37-1.mga8.noarch.rpm
kernel-linus-latest-5.10.37-1.mga8.i586.rpm
kernel-linus-source-5.10.37-1.mga8-1-1.mga8.noarch.rpm
kernel-linus-source-latest-5.10.37-1.mga8.noarch.rpm


x86_64:
kernel-linus-5.10.37-1.mga8-1-1.mga8.x86_64.rpm
kernel-linus-devel-5.10.37-1.mga8-1-1.mga8.x86_64.rpm
kernel-linus-devel-latest-5.10.37-1.mga8.x86_64.rpm
kernel-linus-doc-5.10.37-1.mga8.noarch.rpm
kernel-linus-latest-5.10.37-1.mga8.x86_64.rpm
kernel-linus-source-5.10.37-1.mga8-1-1.mga8.noarch.rpm
kernel-linus-source-latest-5.10.37-1.mga8.noarch.rpm
Comment 1 Thomas Backlund 2021-05-14 13:37:52 CEST
Mga 7 rpms:

SRPM:
kernel-linus-5.10.37-1.mga7.src.rpm


i586:
kernel-linus-5.10.37-1.mga7-1-1.mga7.i586.rpm
kernel-linus-devel-5.10.37-1.mga7-1-1.mga7.i586.rpm
kernel-linus-devel-latest-5.10.37-1.mga7.i586.rpm
kernel-linus-doc-5.10.37-1.mga7.noarch.rpm
kernel-linus-latest-5.10.37-1.mga7.i586.rpm
kernel-linus-source-5.10.37-1.mga7-1-1.mga7.noarch.rpm
kernel-linus-source-latest-5.10.37-1.mga7.noarch.rpm


x86_64:
kernel-linus-5.10.37-1.mga7-1-1.mga7.x86_64.rpm
kernel-linus-devel-5.10.37-1.mga7-1-1.mga7.x86_64.rpm
kernel-linus-devel-latest-5.10.37-1.mga7.x86_64.rpm
kernel-linus-doc-5.10.37-1.mga7.noarch.rpm
kernel-linus-latest-5.10.37-1.mga7.x86_64.rpm
kernel-linus-source-5.10.37-1.mga7-1-1.mga7.noarch.rpm
kernel-linus-source-latest-5.10.37-1.mga7.noarch.rpm

Whiteboard: (none) => MGA7TOO
Summary: Update request: kernel-linus-5.10.37-1.mga8 => Update request: kernel-linus-5.10.37-1.mga8/7

Comment 2 Len Lawrence 2021-05-14 22:29:04 CEST
Moved to another system on the machine referenced in #28908 comment 9.
Kernel: 5.10.37-1.mga8 x86_64
Quad Core Intel Core i7-4790 [MT MCP]
NVIDIA GM204 [GeForce GTX 970] driver: nvidia v: 460.73.01

Installed the linus kernel alongside desktop-latest.
Booted linus.  nvidia driver built during boot.
Stress tests OK.
Sound and video and various desktop applications all working.

CC: (none) => tarazed25

Comment 3 Aurelien Oudelet 2021-05-16 18:40:32 CEST
(In reply to Len Lawrence from comment #2)
> Moved to another system on the machine referenced in #28908 comment 9.
> Kernel: 5.10.37-1.mga8 x86_64
> Quad Core Intel Core i7-4790 [MT MCP]
> NVIDIA GM204 [GeForce GTX 970] driver: nvidia v: 460.73.01
> 
> Installed the linus kernel alongside desktop-latest.
> Booted linus.  nvidia driver built during boot.
> Stress tests OK.
> Sound and video and various desktop applications all working.

Works also ok on MGA7 and MGA8. Both with current nvidia and 460.80 from Bug 28906

CC: (none) => ouaurelien

Comment 4 Thomas Backlund 2021-05-17 16:02:46 CEST
Sigh,

turns out there is some iommu regressions in 5.10.37 causing some systems to hang on boot... so more fixes are needed...

Keywords: (none) => feedback

Comment 5 Thomas Backlund 2021-05-18 09:37:28 CEST
as the iommu change does not affect everyone, and this is a reference kernel I will release it anyway for the security fixes it contains

Keywords: feedback => (none)

Comment 6 Thomas Backlund 2021-05-18 12:44:15 CEST
Advisory, added to svn:

type: security
subject: Updated kernel-linus packages fix security vulnerabilities
CVE:
 - CVE-2021-3491
 - CVE-2021-3506
 - CVE-2021-23133
 - CVE-2021-31440
 - CVE-2021-31829
 - CVE-2021-32399
 - CVE-2021-33034
src:
  8:
   core:
     - kernel-linus-5.10.37-1.mga8
  7:
   core:
     - kernel-linus-5.10.37-1.mga7
description: |
  This kernel-linus update is based on upstream 5.10.37 and fixes atleast the
  following security issues:

  It was discovered that the io_uring implementation of the Linux kernel did
  not properly enforce the MAX_RW_COUNT limit in some situations. A local
  attacker could use this to cause a denial of service (system crash) or
  execute arbitrary code (CVE-2021-3491).

  An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in
  the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds
  check failure allows a local attacker to gain access to out-of-bounds
  memory leading to a system crash or a leak of internal kernel information
  (CVE-2021-3506).

  A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before
  5.12-rc8 can lead to kernel privilege escalation from the context of a
  network service or an unprivileged process. If sctp_destroy_sock is called
  without sock_net(sk)->sctp.addr_wq_lock then an element is removed from
  the auto_asconf_splist list without any proper locking. This can be
  exploited by an attacker with network service privileges to escalate to
  root or from the context of an unprivileged user directly if a
  BPF_CGROUP_INET_SOCK_CREATE is attached which denies creation of some
  SCTP socket.
  NOTE! This already had a fix in kernel-5.10.33, but that fix caused some
  systems to deadlock, so this is now fixed in a better way (CVE-2021-23133).

  bpf: Fix propagation of 32 bit unsigned bounds from 64 bit bounds
  (CVE-2021-31440).

  kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable
  speculative loads, leading to disclosure of stack content via side-channel
  attacks. The specific concern is not protecting the BPF stack area against
  speculative loads. Also, the BPF stack can contain uninitialized data that
  might represent sensitive information previously operated on by the kernel
  (CVE-2021-31829).

  net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race
  condition for removal of the HCI controller (CVE-2021-32399).

  In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a
  use-after-free when destroying an hci_chan. This leads to writing an
  arbitrary value. (CVE-2021-33034).

  For other upstream fixes, see the referenced changelogs.
references:
 - https://bugs.mageia.org/show_bug.cgi?id=28917
 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.34
 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.35
 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.36
 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.37

Keywords: (none) => advisory

Comment 7 Brian Rockwell 2021-05-18 16:19:42 CEST
Phys Hardware - MGA8 - Gnome - Laptop AMD A6, R4 graphics

- cpupower-5.10.37-2.mga8.x86_64
- kernel-desktop-5.10.37-2.mga8-1-1.mga8.x86_64
- kernel-desktop-latest-5.10.37-2.mga8.x86_64

-- rebooted and confirmed 37-2

sleep works.  wifi working, etc.

works for me on AMD graphics platform.

CC: (none) => brtians1

Thomas Backlund 2021-05-19 20:19:39 CEST

Whiteboard: MGA7TOO => MGA7TOO, MGA7-64-OK, MGA8-64-OK
Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 8 Mageia Robot 2021-05-19 21:32:35 CEST
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2021-0215.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED


Note You need to log in before you can comment on or make changes to this bug.