Bug 9120 - Update request: kernel-rt-3.4.32-0.rt43.2.mga2
Summary: Update request: kernel-rt-3.4.32-0.rt43.2.mga2
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 2
Hardware: All Linux
Priority: High critical
Target Milestone: ---
Assignee: QA Team
QA Contact:
URL:
Whiteboard: MGA2-64-OK MGA2-32-OK
Keywords: validated_update
Depends on:
Blocks:
 
Reported: 2013-02-19 10:29 CET by Thomas Backlund
Modified: 2013-02-22 00:52 CET (History)
4 users (show)

See Also:
Source RPM: kernel-rt-3.4.32-0.rt43.2.mga2.src.rpm
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Thomas Backlund 2013-02-19 10:29:40 CET 
There is now a new kernel-rt to validate...

Advisory:
---------
This kernel-rt update provides upstream 3.4.32 kernel and resolves the
following security issues:

The xen_failsafe_callback function in Xen for the Linux kernel 2.6.23 and
other versions, when running a 32-bit PVOPS guest, allows local users to
cause a denial of service (guest crash) by triggering an iret fault,
leading to use of an incorrect stack pointer and stack corruption.
(CVE-2013-0190 / XSA-40)

Linux kernel when returning from an iret assumes that %ds segment is safe
and uses it to reference various per-cpu related fields. Unfortunately
the user can modify the LDT and provide a NULL one. Whenever an iret is
called we end up in xen_iret and try to use the %ds segment and cause an
general protection fault.
Malicious or buggy unprivileged user space can cause the guest kernel to
crash, or permit a privilege escalation within the guest, or operate
erroneously. (CVE-2013-0228 / XSA-42)

A flaw was found in the way __skb_recv_datagram() processed skbs with no
payload when MSG_PEEK was requested. An unprivileged local user could use
this flaw to cause local denial of service. (CVE-2013-0290)

A race conditon in ptrace can lead to kernel stack corruption and arbitrary
kernel-mode code execution. (CVE-2013-0871)

A flaw was found in how printk manages buffers when calling log_prefix
function from  call_console_drivers creating a buffer overflow.
An unprivileged local user could use this flaw to cause local denial of
service. (CVE pending)


Other fixes in this release:
- fixes HP Compaq 6715s freezing on 3.4 series kernels (mga #9079)
- adds Intel Lynx Point-LP, Haswell and Wellsburg support to ata/ahci,
  smbus, watchdog and sound.
- adds sound support for Creative SoundCore3D
- updates to -rt43 patchlevel


References:
-----------
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0190
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0228
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0290
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0871
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.25
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.26
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.27
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.28
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.29
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.30
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.31
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.32
https://bugs.mageia.org/show_bug.cgi?id=9079



SRPMS:
------
kernel-rt-3.4.32-0.rt43.2.mga2.src.rpm


i586:
-----
kernel-rt-3.4.32-0.rt43.2.mga2-1-1.mga2.i586.rpm
kernel-rt-devel-3.4.32-0.rt43.2.mga2-1-1.mga2.i586.rpm
kernel-rt-devel-latest-3.4.32-0.rt43.2.mga2.i586.rpm
kernel-rt-doc-3.4.32-0.rt43.2.mga2.noarch.rpm
kernel-rt-latest-3.4.32-0.rt43.2.mga2.i586.rpm
kernel-rt-source-3.4.32-0.rt43.2.mga2-1-1.mga2.noarch.rpm
kernel-rt-source-latest-3.4.32-0.rt43.2.mga2.noarch.rpm


x86_64:
-------
kernel-rt-3.4.32-0.rt43.2.mga2-1-1.mga2.x86_64.rpm
kernel-rt-devel-3.4.32-0.rt43.2.mga2-1-1.mga2.x86_64.rpm
kernel-rt-devel-latest-3.4.32-0.rt43.2.mga2.x86_64.rpm
kernel-rt-doc-3.4.32-0.rt43.2.mga2.noarch.rpm
kernel-rt-latest-3.4.32-0.rt43.2.mga2.x86_64.rpm
kernel-rt-source-3.4.32-0.rt43.2.mga2-1-1.mga2.noarch.rpm
kernel-rt-source-latest-3.4.32-0.rt43.2.mga2.noarch.rpm
Thomas Backlund 2013-02-19 10:30:13 CET

Priority: Normal => High
CC: (none) => tmb

Comment 1 Philippe Didier 2013-02-19 22:52:16 CET 
Hi Thomas

MGA2 32bits

ASUS M2N SLI mainboard
Nvidia Geforce 210 graphic card
two internal SATA harddisks    (using sata_nv module)
one internal IDE harddisk      (using pata_amd module)
one external usb harddisk 
one external firewire harddisk
one internal IDE DVD writer    (using pata_amd module)
one internal IDE DVD reader    (using pata_amd module)

same problem for me as in bug 8515 (kernel-rt-3.4.24-0.rt36.2.mga2)


during install the nvidia module is built, using
dkms-nvidia-current-295.71-1.mga2.nonfree.i586 


Boot begins well 

But it freezes half the way when starting X :
black screen 
no possibility to use Alt+Ctl+Del 
need to Alt+sysRq+r
        Alt+sysRq+s
        Alt+sysRq+e
        Alt+sysRq+i
        Alt+sysRq+u
        Alt+sysRq+b


But this is not a regression, as none of the Mageia2 kernel-rt could work for me 
I can only say it doesn't bring a solution for me, and I can't test it further... though I can test and validate the kernel-server

Need an other bug report for the x problem ?

CC: (none) => philippedidier

Comment 2 Dave Hodgins 2013-02-21 22:52:14 CET 
Validating the update.  Please push to updates.

Keywords: (none) => validated_update
CC: (none) => davidwhodgins, sysadmin-bugs
Whiteboard: (none) => MGA2-64-OK MGA2-32-OK

Comment 3 Thomas Backlund 2013-02-22 00:52:21 CET 
Update pushed:
https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0068

Status: NEW => RESOLVED
Resolution: (none) => FIXED
Note You need to log in before you can comment on or make changes to this bug.