There is now a new kernel-rt to validate... Advisory: --------- This kernel-rt update provides upstream 3.4.32 kernel and resolves the following security issues: The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 and other versions, when running a 32-bit PVOPS guest, allows local users to cause a denial of service (guest crash) by triggering an iret fault, leading to use of an incorrect stack pointer and stack corruption. (CVE-2013-0190 / XSA-40) Linux kernel when returning from an iret assumes that %ds segment is safe and uses it to reference various per-cpu related fields. Unfortunately the user can modify the LDT and provide a NULL one. Whenever an iret is called we end up in xen_iret and try to use the %ds segment and cause an general protection fault. Malicious or buggy unprivileged user space can cause the guest kernel to crash, or permit a privilege escalation within the guest, or operate erroneously. (CVE-2013-0228 / XSA-42) A flaw was found in the way __skb_recv_datagram() processed skbs with no payload when MSG_PEEK was requested. An unprivileged local user could use this flaw to cause local denial of service. (CVE-2013-0290) A race conditon in ptrace can lead to kernel stack corruption and arbitrary kernel-mode code execution. (CVE-2013-0871) A flaw was found in how printk manages buffers when calling log_prefix function from call_console_drivers creating a buffer overflow. An unprivileged local user could use this flaw to cause local denial of service. (CVE pending) Other fixes in this release: - fixes HP Compaq 6715s freezing on 3.4 series kernels (mga #9079) - adds Intel Lynx Point-LP, Haswell and Wellsburg support to ata/ahci, smbus, watchdog and sound. - adds sound support for Creative SoundCore3D - updates to -rt43 patchlevel References: ----------- http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0228 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0290 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0871 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.25 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.26 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.27 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.28 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.29 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.30 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.31 http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.32 https://bugs.mageia.org/show_bug.cgi?id=9079 SRPMS: ------ kernel-rt-3.4.32-0.rt43.2.mga2.src.rpm i586: ----- kernel-rt-3.4.32-0.rt43.2.mga2-1-1.mga2.i586.rpm kernel-rt-devel-3.4.32-0.rt43.2.mga2-1-1.mga2.i586.rpm kernel-rt-devel-latest-3.4.32-0.rt43.2.mga2.i586.rpm kernel-rt-doc-3.4.32-0.rt43.2.mga2.noarch.rpm kernel-rt-latest-3.4.32-0.rt43.2.mga2.i586.rpm kernel-rt-source-3.4.32-0.rt43.2.mga2-1-1.mga2.noarch.rpm kernel-rt-source-latest-3.4.32-0.rt43.2.mga2.noarch.rpm x86_64: ------- kernel-rt-3.4.32-0.rt43.2.mga2-1-1.mga2.x86_64.rpm kernel-rt-devel-3.4.32-0.rt43.2.mga2-1-1.mga2.x86_64.rpm kernel-rt-devel-latest-3.4.32-0.rt43.2.mga2.x86_64.rpm kernel-rt-doc-3.4.32-0.rt43.2.mga2.noarch.rpm kernel-rt-latest-3.4.32-0.rt43.2.mga2.x86_64.rpm kernel-rt-source-3.4.32-0.rt43.2.mga2-1-1.mga2.noarch.rpm kernel-rt-source-latest-3.4.32-0.rt43.2.mga2.noarch.rpm
Priority: Normal => HighCC: (none) => tmb
Hi Thomas MGA2 32bits ASUS M2N SLI mainboard Nvidia Geforce 210 graphic card two internal SATA harddisks (using sata_nv module) one internal IDE harddisk (using pata_amd module) one external usb harddisk one external firewire harddisk one internal IDE DVD writer (using pata_amd module) one internal IDE DVD reader (using pata_amd module) same problem for me as in bug 8515 (kernel-rt-3.4.24-0.rt36.2.mga2) during install the nvidia module is built, using dkms-nvidia-current-295.71-1.mga2.nonfree.i586 Boot begins well But it freezes half the way when starting X : black screen no possibility to use Alt+Ctl+Del need to Alt+sysRq+r Alt+sysRq+s Alt+sysRq+e Alt+sysRq+i Alt+sysRq+u Alt+sysRq+b But this is not a regression, as none of the Mageia2 kernel-rt could work for me I can only say it doesn't bring a solution for me, and I can't test it further... though I can test and validate the kernel-server Need an other bug report for the x problem ?
CC: (none) => philippedidier
Validating the update. Please push to updates.
Keywords: (none) => validated_updateCC: (none) => davidwhodgins, sysadmin-bugsWhiteboard: (none) => MGA2-64-OK MGA2-32-OK
Update pushed: https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0068
Status: NEW => RESOLVEDResolution: (none) => FIXED