9118 – Update request: kernel-3.4.32-2.mga2

Bug 9118 - Update request: kernel-3.4.32-2.mga2

Summary: Update request: kernel-3.4.32-2.mga2

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	2
Hardware:	All Linux

Priority:	High Severity: critical
Target Milestone:	---
Assignee:	QA Team
QA Contact:

URL:
Whiteboard:	MGA2-64-OK MGA2-32-OK
Keywords:	validated_update

Depends on:
Blocks:	9079
	Show dependency tree / graph

Reported:	2013-02-19 10:16 CET by Thomas Backlund
Modified:	2013-02-22 00:41 CET (History)
CC List:	6 users (show)

See Also:
Source RPM:	kernel-3.4.32-2.mga2.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Thomas Backlund 2013-02-19 10:16:56 CET

There is now a new kernel to validate...

Advisory:
---------
This kernel update provides upstream 3.4.32 kernel and resolves the
following security issues:

The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 and
other versions, when running a 32-bit PVOPS guest, allows local users to
cause a denial of service (guest crash) by triggering an iret fault,
leading to use of an incorrect stack pointer and stack corruption.
(CVE-2013-0190 / XSA-40)

Linux kernel when returning from an iret assumes that %ds segment is safe
and uses it to reference various per-cpu related fields. Unfortunately
the user can modify the LDT and provide a NULL one. Whenever an iret is
called we end up in xen_iret and try to use the %ds segment and cause an
general protection fault.
Malicious or buggy unprivileged user space can cause the guest kernel to
crash, or permit a privilege escalation within the guest, or operate
erroneously. (CVE-2013-0228 / XSA-42)

A flaw was found in the way __skb_recv_datagram() processed skbs with no
payload when MSG_PEEK was requested. An unprivileged local user could use
this flaw to cause local denial of service. (CVE-2013-0290)

A race conditon in ptrace can lead to kernel stack corruption and arbitrary
kernel-mode code execution. (CVE-2013-0871)

A flaw was found in how printk manages buffers when calling log_prefix
function from  call_console_drivers creating a buffer overflow.
An unprivileged local user could use this flaw to cause local denial of service. (CVE pending)


Other fixes in this release:
- fixes HP Compaq 6715s freezing on 3.4 series kernels (mga #9079)
- adds Intel Lynx Point-LP, Haswell and Wellsburg support to ata/ahci,
  smbus, watchdog and sound.
- adds sound support for Creative SoundCore3D


References:
-----------
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0190
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0228
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0290
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0871
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.25
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.26
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.27
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.28
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.29
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.30
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.31
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.32
https://bugs.mageia.org/show_bug.cgi?id=9079



SRPMS:
------
kernel-3.4.32-2.mga2.src.rpm
kernel-userspace-headers-3.4.32-2.mga2.src.rpm
kmod-vboxadditions-4.1.24-4.mga2.src.rpm
kmod-virtualbox-4.1.24-3.mga2.src.rpm
kmod-xtables-addons-1.41-21.mga2.src.rpm

broadcom-wl-5.100.82.112-7.mga2.nonfree.src.rpm
kmod-broadcom-wl-5.100.82.112-41.mga2.nonfree.src.rpm
kmod-fglrx-8.961-17.mga2.nonfree.src.rpm
kmod-nvidia-current-295.71-12.mga2.nonfree.src.rpm


i586:
-----
cpupower-3.4.32-2.mga2.i586.rpm
cpupower-devel-3.4.32-2.mga2.i586.rpm
kernel-desktop-3.4.32-2.mga2-1-1.mga2.i586.rpm
kernel-desktop586-3.4.32-2.mga2-1-1.mga2.i586.rpm
kernel-desktop586-devel-3.4.32-2.mga2-1-1.mga2.i586.rpm
kernel-desktop586-devel-latest-3.4.32-2.mga2.i586.rpm
kernel-desktop586-latest-3.4.32-2.mga2.i586.rpm
kernel-desktop-devel-3.4.32-2.mga2-1-1.mga2.i586.rpm
kernel-desktop-devel-latest-3.4.32-2.mga2.i586.rpm
kernel-desktop-latest-3.4.32-2.mga2.i586.rpm
kernel-doc-3.4.32-2.mga2.noarch.rpm
kernel-netbook-3.4.32-2.mga2-1-1.mga2.i586.rpm
kernel-netbook-devel-3.4.32-2.mga2-1-1.mga2.i586.rpm
kernel-netbook-devel-latest-3.4.32-2.mga2.i586.rpm
kernel-netbook-latest-3.4.32-2.mga2.i586.rpm
kernel-server-3.4.32-2.mga2-1-1.mga2.i586.rpm
kernel-server-devel-3.4.32-2.mga2-1-1.mga2.i586.rpm
kernel-server-devel-latest-3.4.32-2.mga2.i586.rpm
kernel-server-latest-3.4.32-2.mga2.i586.rpm
kernel-source-3.4.32-2.mga2-1-1.mga2.noarch.rpm
kernel-source-latest-3.4.32-2.mga2.noarch.rpm
kernel-userspace-headers-3.4.32-2.mga2.i586.rpm
perf-3.4.32-2.mga2.i586.rpm

vboxadditions-kernel-3.4.32-desktop-2.mga2-4.1.24-4.mga2.i586.rpm
vboxadditions-kernel-3.4.32-desktop586-2.mga2-4.1.24-4.mga2.i586.rpm
vboxadditions-kernel-3.4.32-netbook-2.mga2-4.1.24-4.mga2.i586.rpm
vboxadditions-kernel-3.4.32-server-2.mga2-4.1.24-4.mga2.i586.rpm
vboxadditions-kernel-desktop586-latest-4.1.24-4.mga2.i586.rpm
vboxadditions-kernel-desktop-latest-4.1.24-4.mga2.i586.rpm
vboxadditions-kernel-netbook-latest-4.1.24-4.mga2.i586.rpm
vboxadditions-kernel-server-latest-4.1.24-4.mga2.i586.rpm

virtualbox-kernel-3.4.32-desktop-2.mga2-4.1.24-3.mga2.i586.rpm
virtualbox-kernel-3.4.32-desktop586-2.mga2-4.1.24-3.mga2.i586.rpm
virtualbox-kernel-3.4.32-netbook-2.mga2-4.1.24-3.mga2.i586.rpm
virtualbox-kernel-3.4.32-server-2.mga2-4.1.24-3.mga2.i586.rpm
virtualbox-kernel-desktop586-latest-4.1.24-3.mga2.i586.rpm
virtualbox-kernel-desktop-latest-4.1.24-3.mga2.i586.rpm
virtualbox-kernel-netbook-latest-4.1.24-3.mga2.i586.rpm
virtualbox-kernel-server-latest-4.1.24-3.mga2.i586.rpm

xtables-addons-kernel-3.4.32-desktop-2.mga2-1.41-21.mga2.i586.rpm
xtables-addons-kernel-3.4.32-desktop586-2.mga2-1.41-21.mga2.i586.rpm
xtables-addons-kernel-3.4.32-netbook-2.mga2-1.41-21.mga2.i586.rpm
xtables-addons-kernel-3.4.32-server-2.mga2-1.41-21.mga2.i586.rpm
xtables-addons-kernel-desktop586-latest-1.41-21.mga2.i586.rpm
xtables-addons-kernel-desktop-latest-1.41-21.mga2.i586.rpm
xtables-addons-kernel-netbook-latest-1.41-21.mga2.i586.rpm
xtables-addons-kernel-server-latest-1.41-21.mga2.i586.rpm

broadcom-wl-common-5.100.82.112-7.mga2.nonfree.i586.rpm
broadcom-wl-kernel-3.4.24-desktop-3.mga2-5.100.82.112-39.mga2.nonfree.i586.rpm
broadcom-wl-kernel-3.4.24-desktop586-3.mga2-5.100.82.112-39.mga2.nonfree.i586.rpm
broadcom-wl-kernel-3.4.24-netbook-3.mga2-5.100.82.112-39.mga2.nonfree.i586.rpm
broadcom-wl-kernel-3.4.24-server-3.mga2-5.100.82.112-39.mga2.nonfree.i586.rpm
broadcom-wl-kernel-3.4.32-desktop-2.mga2-5.100.82.112-41.mga2.nonfree.i586.rpm
broadcom-wl-kernel-3.4.32-desktop586-2.mga2-5.100.82.112-41.mga2.nonfree.i586.rpm
broadcom-wl-kernel-3.4.32-netbook-2.mga2-5.100.82.112-41.mga2.nonfree.i586.rpm
broadcom-wl-kernel-3.4.32-server-2.mga2-5.100.82.112-41.mga2.nonfree.i586.rpm
broadcom-wl-kernel-desktop586-latest-5.100.82.112-41.mga2.nonfree.i586.rpm
broadcom-wl-kernel-desktop-latest-5.100.82.112-41.mga2.nonfree.i586.rpm
broadcom-wl-kernel-netbook-latest-5.100.82.112-41.mga2.nonfree.i586.rpm
broadcom-wl-kernel-server-latest-5.100.82.112-41.mga2.nonfree.i586.rpm
dkms-broadcom-wl-5.100.82.112-7.mga2.nonfree.i586.rpm

fglrx-kernel-3.4.32-desktop-2.mga2-8.961-17.mga2.nonfree.i586.rpm
fglrx-kernel-3.4.32-desktop586-2.mga2-8.961-17.mga2.nonfree.i586.rpm
fglrx-kernel-3.4.32-netbook-2.mga2-8.961-17.mga2.nonfree.i586.rpm
fglrx-kernel-3.4.32-server-2.mga2-8.961-17.mga2.nonfree.i586.rpm
fglrx-kernel-desktop586-latest-8.961-17.mga2.nonfree.i586.rpm
fglrx-kernel-desktop-latest-8.961-17.mga2.nonfree.i586.rpm
fglrx-kernel-netbook-latest-8.961-17.mga2.nonfree.i586.rpm
fglrx-kernel-server-latest-8.961-17.mga2.nonfree.i586.rpm

nvidia-current-kernel-3.4.32-desktop-2.mga2-295.71-12.mga2.nonfree.i586.rpm
nvidia-current-kernel-3.4.32-desktop586-2.mga2-295.71-12.mga2.nonfree.i586.rpm
nvidia-current-kernel-3.4.32-netbook-2.mga2-295.71-12.mga2.nonfree.i586.rpm
nvidia-current-kernel-3.4.32-server-2.mga2-295.71-12.mga2.nonfree.i586.rpm
nvidia-current-kernel-desktop586-latest-295.71-12.mga2.nonfree.i586.rpm
nvidia-current-kernel-desktop-latest-295.71-12.mga2.nonfree.i586.rpm
nvidia-current-kernel-netbook-latest-295.71-12.mga2.nonfree.i586.rpm
nvidia-current-kernel-server-latest-295.71-12.mga2.nonfree.i586.rpm


x86_64:
-------
cpupower-3.4.32-2.mga2.x86_64.rpm
cpupower-devel-3.4.32-2.mga2.x86_64.rpm
kernel-desktop-3.4.32-2.mga2-1-1.mga2.x86_64.rpm
kernel-desktop-devel-3.4.32-2.mga2-1-1.mga2.x86_64.rpm
kernel-desktop-devel-latest-3.4.32-2.mga2.x86_64.rpm
kernel-desktop-latest-3.4.32-2.mga2.x86_64.rpm
kernel-doc-3.4.32-2.mga2.noarch.rpm
kernel-netbook-3.4.32-2.mga2-1-1.mga2.x86_64.rpm
kernel-netbook-devel-3.4.32-2.mga2-1-1.mga2.x86_64.rpm
kernel-netbook-devel-latest-3.4.32-2.mga2.x86_64.rpm
kernel-netbook-latest-3.4.32-2.mga2.x86_64.rpm
kernel-server-3.4.32-2.mga2-1-1.mga2.x86_64.rpm
kernel-server-devel-3.4.32-2.mga2-1-1.mga2.x86_64.rpm
kernel-server-devel-latest-3.4.32-2.mga2.x86_64.rpm
kernel-server-latest-3.4.32-2.mga2.x86_64.rpm
kernel-source-3.4.32-2.mga2-1-1.mga2.noarch.rpm
kernel-source-latest-3.4.32-2.mga2.noarch.rpm
kernel-userspace-headers-3.4.32-2.mga2.x86_64.rpm
perf-3.4.32-2.mga2.x86_64.rpm

vboxadditions-kernel-3.4.32-desktop-2.mga2-4.1.24-4.mga2.x86_64.rpm
vboxadditions-kernel-3.4.32-netbook-2.mga2-4.1.24-4.mga2.x86_64.rpm
vboxadditions-kernel-3.4.32-server-2.mga2-4.1.24-4.mga2.x86_64.rpm
vboxadditions-kernel-desktop-latest-4.1.24-4.mga2.x86_64.rpm
vboxadditions-kernel-netbook-latest-4.1.24-4.mga2.x86_64.rpm
vboxadditions-kernel-server-latest-4.1.24-4.mga2.x86_64.rpm

virtualbox-kernel-3.4.32-desktop-2.mga2-4.1.24-3.mga2.x86_64.rpm
virtualbox-kernel-3.4.32-netbook-2.mga2-4.1.24-3.mga2.x86_64.rpm
virtualbox-kernel-3.4.32-server-2.mga2-4.1.24-3.mga2.x86_64.rpm
virtualbox-kernel-desktop-latest-4.1.24-3.mga2.x86_64.rpm
virtualbox-kernel-netbook-latest-4.1.24-3.mga2.x86_64.rpm
virtualbox-kernel-server-latest-4.1.24-3.mga2.x86_64.rpm

xtables-addons-kernel-3.4.32-desktop-2.mga2-1.41-21.mga2.x86_64.rpm
xtables-addons-kernel-3.4.32-netbook-2.mga2-1.41-21.mga2.x86_64.rpm
xtables-addons-kernel-3.4.32-server-2.mga2-1.41-21.mga2.x86_64.rpm
xtables-addons-kernel-desktop-latest-1.41-21.mga2.x86_64.rpm
xtables-addons-kernel-netbook-latest-1.41-21.mga2.x86_64.rpm
xtables-addons-kernel-server-latest-1.41-21.mga2.x86_64.rpm

broadcom-wl-common-5.100.82.112-7.mga2.nonfree.x86_64.rpm
broadcom-wl-kernel-3.4.24-desktop-3.mga2-5.100.82.112-39.mga2.nonfree.x86_64.rpm
broadcom-wl-kernel-3.4.24-netbook-3.mga2-5.100.82.112-39.mga2.nonfree.x86_64.rpm
broadcom-wl-kernel-3.4.24-server-3.mga2-5.100.82.112-39.mga2.nonfree.x86_64.rpm
broadcom-wl-kernel-3.4.32-desktop-2.mga2-5.100.82.112-41.mga2.nonfree.x86_64.rpm
broadcom-wl-kernel-3.4.32-netbook-2.mga2-5.100.82.112-41.mga2.nonfree.x86_64.rpm
broadcom-wl-kernel-3.4.32-server-2.mga2-5.100.82.112-41.mga2.nonfree.x86_64.rpm
broadcom-wl-kernel-desktop-latest-5.100.82.112-41.mga2.nonfree.x86_64.rpm
broadcom-wl-kernel-netbook-latest-5.100.82.112-41.mga2.nonfree.x86_64.rpm
broadcom-wl-kernel-server-latest-5.100.82.112-41.mga2.nonfree.x86_64.rpm
dkms-broadcom-wl-5.100.82.112-7.mga2.nonfree.x86_64.rpm

fglrx-kernel-3.4.32-desktop-2.mga2-8.961-17.mga2.nonfree.x86_64.rpm
fglrx-kernel-3.4.32-netbook-2.mga2-8.961-17.mga2.nonfree.x86_64.rpm
fglrx-kernel-3.4.32-server-2.mga2-8.961-17.mga2.nonfree.x86_64.rpm
fglrx-kernel-desktop-latest-8.961-17.mga2.nonfree.x86_64.rpm
fglrx-kernel-netbook-latest-8.961-17.mga2.nonfree.x86_64.rpm
fglrx-kernel-server-latest-8.961-17.mga2.nonfree.x86_64.rpm

nvidia-current-kernel-3.4.32-desktop-2.mga2-295.71-12.mga2.nonfree.x86_64.rpm
nvidia-current-kernel-3.4.32-netbook-2.mga2-295.71-12.mga2.nonfree.x86_64.rpm
nvidia-current-kernel-3.4.32-server-2.mga2-295.71-12.mga2.nonfree.x86_64.rpm
nvidia-current-kernel-desktop-latest-295.71-12.mga2.nonfree.x86_64.rpm
nvidia-current-kernel-netbook-latest-295.71-12.mga2.nonfree.x86_64.rpm
nvidia-current-kernel-server-latest-295.71-12.mga2.nonfree.x86_64.rpm

Thomas Backlund 2013-02-19 10:17:25 CET

Priority: Normal => High
CC: (none) => tmb

Thomas Backlund 2013-02-19 10:17:54 CET

Blocks: (none) => 9079

Comment 1 Samuel Verschelde 2013-02-19 10:57:15 CET

installed, reboot ok, no noticeable difference. kernel-desktop-3.4.32-desktop-2.mga2 + nvidia-current + virtualbox-kernel, mga2 64

Comment 2 Rémi Verschelde 2013-02-19 11:14:31 CET

Installed kernel-desktop-3.4.32-2.mga2-1-1.mga2.i586 on Mga2 32bit. Reboot went fine and up to now I didn't notice any difference. Will report so if I do notice something.

CC: (none) => remi

Rémi Verschelde 2013-02-19 11:14:59 CET

CC: remi => (none)

Comment 3 Dave Hodgins 2013-02-19 21:00:09 CET

I'll be repeating my standard kernel testing on
both arches later today, where I install all
of the kernels, with the fglrx and virtualbox
dkms modules, ensure they are working, then
install the updates, and ensure they are working.

CC: (none) => davidwhodgins

Comment 4 Philippe Didier 2013-02-19 23:26:31 CET

Hi Thomas

tested :
kernel-server-3.4.32-2.mga2-1-1.mga2.i586.rpm
kernel-server-devel-3.4.32-2.mga2-1-1.mga2.i586.rpm


MGA2 32bits

ASUS M2N SLI mainboard
Nvidia Geforce 210 graphic card
two internal SATA harddisks    (using sata_nv module)
one internal IDE harddisk      (using pata_amd module)
one external usb harddisk 
one external firewire harddisk
one internal IDE DVD writer    (using pata_amd module)
one internal IDE DVD reader    (using pata_amd module)
wacom Intuos3
one CRT display
one TV full HD connected with HDMI

Easy update :
the dkms nvidia module is built during the install

correct links are created inside /boot/ (vmlinuz initrd.img config System.map)

At start boot automatically with the new kernel 
no problem 
no regression

CC: (none) => philippedidier

Comment 5 Bill Wilkinson 2013-02-20 14:57:16 CET

kernel desktop x86_64 tested on laptop.
dkms modules for nvidia and virtualbox built at install

one internal sata disk
usb mouse
Compaq presario  v6000 laptop

CC: (none) => wrw105

Comment 6 David GEIGER 2013-02-21 18:33:31 CET

Testing complete for kernel-desktop-3.4.32-2 on Mageia release 2 (Official) for x86_64, for me it's Ok nothing to report and works fine.


kernel-userspace-headers-3.4.32-2.mga2
kernel-desktop-3.4.32-2.mga2-1-1.mga2
kernel-desktop-devel-latest-3.4.32-2.mga2
kernel-desktop-devel-3.4.32-2.mga2-1-1.mga2
kernel-doc-3.4.32-2.mga2
kernel-desktop-latest-3.4.32-2.mga2


Laptop ASUS K73S, Core i3-2350M,2.3GHz_ 8GB RAM
Optimus Technologie, Nvidia GeForce 610M + Intel HD.

CC: (none) => geiger.david68210

Comment 7 Dave Hodgins 2013-02-21 22:49:56 CET

Validating the update. Please push to updates.

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs
Whiteboard: (none) => MGA2-64-OK MGA2-32-OK

Comment 8 Thomas Backlund 2013-02-22 00:39:49 CET

Update pushed:
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0065

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Comment 9 Thomas Backlund 2013-02-22 00:41:29 CET

OOps, wrong advisory linked...

correct one for this is:
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0066

Note You need to log in before you can comment on or make changes to this bug.