Security and bugfixes... advisory will follow SRPM: kernel-linus-5.10.75-1.mga8.src.rpm i586: kernel-linus-5.10.75-1.mga8-1-1.mga8.i586.rpm kernel-linus-devel-5.10.75-1.mga8-1-1.mga8.i586.rpm kernel-linus-devel-latest-5.10.75-1.mga8.i586.rpm kernel-linus-doc-5.10.75-1.mga8.noarch.rpm kernel-linus-latest-5.10.75-1.mga8.i586.rpm kernel-linus-source-5.10.75-1.mga8-1-1.mga8.noarch.rpm kernel-linus-source-latest-5.10.75-1.mga8.noarch.rpm x86_64: kernel-linus-5.10.75-1.mga8-1-1.mga8.x86_64.rpm kernel-linus-devel-5.10.75-1.mga8-1-1.mga8.x86_64.rpm kernel-linus-devel-latest-5.10.75-1.mga8.x86_64.rpm kernel-linus-doc-5.10.75-1.mga8.noarch.rpm kernel-linus-latest-5.10.75-1.mga8.x86_64.rpm kernel-linus-source-5.10.75-1.mga8-1-1.mga8.noarch.rpm kernel-linus-source-latest-5.10.75-1.mga8.noarch.rpm
Advisory, added to svn: type: security subject: Updated kernel-linus packages fix security vulnerabilities CVE: - CVE-2021-3744 - CVE-2021-3764 - CVE-2021-20321 - CVE-2021-41864 src: 8: core: - kernel-linus-5.10.75-1.mga8 description: | This kernel-linus update is based on upstream 5.10.75 and fixes atleast the following security issues: A memory leak in the ccp_run_aes_gcm_cmd() function in drivers/crypto/ ccp/ccp-ops.c in the Linux kernel allows malicious users to cause a denial of service (memory consumption) (CVE-2021-3744). A memory leak flaw was found in the Linux kernel's ccp_run_aes_gcm_cmd() function that allows an malicious user to cause a denial of service (CVE-2021-3764). A race condition accessing file object in the Linux kernel OverlayFS subsystem was found in the way users do rename in specific way with OverlayFS. A local user could use this flaw to crash the system (CVE-2021-20321). prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write (CVE-2021-41864). For other upstream fixes, see the referenced changelogs. references: - https://bugs.mageia.org/show_bug.cgi?id=29572 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.71 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.72 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.73 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.74 - https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.75
Keywords: (none) => advisory
Installed the linus kernel but could not find it in the list. Removed a large number of older kenels and ran `drakboot --boot`. Rebooted smoothly, building nvidia graphics and virtualbox driver on the fly. Kernel: 5.10.75-1.mga8 x86_64 Quad Core Intel Core i7-4790 NVIDIA GM204 [GeForce GTX 970] driver: nvidia v: 470.74 Mate desktop functioning. Had a job getting bluetooth going again - working fine now. Sound and video OK. Stellarium and OpenCPN started up. networking and NFS shares OK. stress tests for cpu loading, memory, i/o and disk exchanges. The disk test got stuck - hit it with ^C after about 10 minutes. Pulled the plug on a USB drive. Connection reestablished on plugging in. A long unmaintained 64-bit Mageia 7 guest booted fine in virtualbox. vdi sits on an external drive. mga7 i686 booted in virtualbox also.
CC: (none) => tarazed25
Keywords: (none) => validated_updateWhiteboard: (none) => MGA8-64-OKCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2021-0490.html
Status: NEW => RESOLVEDResolution: (none) => FIXED