Security and bugfixes, advisory will follow... SRPM: kernel-linus-5.15.23-1.mga8.src.rpm i586: kernel-linus-5.15.23-1.mga8-1-1.mga8.i586.rpm kernel-linus-devel-5.15.23-1.mga8-1-1.mga8.i586.rpm kernel-linus-devel-latest-5.15.23-1.mga8.i586.rpm kernel-linus-doc-5.15.23-1.mga8.noarch.rpm kernel-linus-latest-5.15.23-1.mga8.i586.rpm kernel-linus-source-5.15.23-1.mga8-1-1.mga8.noarch.rpm kernel-linus-source-latest-5.15.23-1.mga8.noarch.rpm x86_64: kernel-linus-5.15.23-1.mga8-1-1.mga8.x86_64.rpm kernel-linus-devel-5.15.23-1.mga8-1-1.mga8.x86_64.rpm kernel-linus-devel-latest-5.15.23-1.mga8.x86_64.rpm kernel-linus-doc-5.15.23-1.mga8.noarch.rpm kernel-linus-latest-5.15.23-1.mga8.x86_64.rpm kernel-linus-source-5.15.23-1.mga8-1-1.mga8.noarch.rpm kernel-linus-source-latest-5.15.23-1.mga8.noarch.rpm
x86_64. Quad Core Intel Core i7-4790 NVIDIA GM204 [GeForce GTX 970] - NVIDIA 470.74 Updated the linus kernel and dragged in 250 other updates. Looks like this partition has not been visited in a while. Rebooted OK - virtualbox driver rebuilt during boot. Mate desktop running fine but had a little trouble reconnecting to bluetooth audio. Had to remove the device and set it up again. NFS and NAS working on the LAN. VirtualBox works for the three vdis located on an external spinning rust drive connected over USB2.
CC: (none) => tarazed25
Thanks for the test, flushing out... Advisory, added to svn: type: security subject: Updated kernel-linus packages fix security vulnerabilities CVE: - CVE-2022-0435 - CVE-2022-0492 - CVE-2022-24122 - CVE-2022-24448 src: 8: core: - kernel-linus-5.15.23-1.mga8 description: | This kernel-linus update is based on upstream 5.15.23 and fixes atleast the following security issues: A stack overflow flaw was found in the Linux kernel TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network (CVE-2022-0435). A vulnerability was found in the Linux kernel cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly (CVE-2022-0492). kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace (CVE-2022-24122). An issue was discovered in fs/nfs/dir.c in the Linux kernel before 5.16.5. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should occur, but the server instead returns uninitialized data in the file descriptor (CVE-2022-24448). Other fixes in this update: - enable several missed MediaTek wifi drivers (mga#29965) For other upstream fixes, see the referenced changelogs. references: - https://bugs.mageia.org/show_bug.cgi?id=30031 - https://bugs.mageia.org/show_bug.cgi?id=29965
CC: (none) => sysadmin-bugsWhiteboard: (none) => MGA8-64-OKKeywords: (none) => advisory, validated_update
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0063.html
Status: NEW => RESOLVEDResolution: (none) => FIXED