From Mageia wiki
Revision as of 00:23, 18 January 2013 by Tmb (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

MGASA-2013-0010

Date: January 18th, 2013
Affected releases: 2


Description:
This kernel update provides an upgrade to upstream 3.4-longterm branch.

This allows us to benefit from extra tests and maintenance from upstream
developers and testers, providing a very good base for Mageia users.

It also fixes the following security issues:
Calling uname() with the UNAME26 personality set allows a leak of
kernel stack contents. (CVE-2012-0957)

NFC: Fix multiple remotely-exploitable stack-based buffer overflows due
to the NCI code pulling length fields directly from incoming frames and
copying too much data into statically-sized arrays. (CVE-2012-3364)

A use-after-free flaw has been found in madvise_remove() function in
the Linux kernel. madvise_remove() can race with munmap (causing a
use-after-free of the vma) or with close (causing a use-after-free of
the struct file). An unprivileged local user can use this flaw to crash
the system. (CVE-2012-3510)

Pablo Neira Ayuso discovered that avahi and potentially NetworkManager
accept spoofed Netlink messages because of a kernel bug. The kernel
passes all-zero SCM_CREDENTIALS ancillary data to the receiver if the
sender did not provide such data, instead of not including any such
data at all or including the correct data from the peer (as it is the
case with AF_UNIX). (CVE-2012-3520)

As Tetsuo Handa pointed out, request_module() can stress the system
while the oom-killed caller sleeps in TASK_UNINTERRUPTIBLE.
The task T uses "almost all" memory, then it does something which
triggers request_module(). Say, it can simply call sys_socket().
This in turn needs more memory and leads to OOM. oom-killer correctly
chooses T and kills it, but this can't help because it sleeps in
TASK_UNINTERRUPTIBLE and after that oom-killer becomes "disabled" by
the TIF_MEMDIE task T.A local unprivileged user can make the system
unusable. (CVE-2012-4398)

A flaw has been found in the way Linux kernel's KVM subsystem handled
vcpu->arch.cr4 X86_CR4_OSXSAVE bit set upon guest enter. On hosts
without the XSAVE feature and using qemu userspace an unprivileged
local user could use this flaw to crash the system. (CVE-2012-4461)

Commit 644595f89620 ("compat: Handle COMPAT_USE_64BIT_TIME in
net/socket.c") introduced a bug where the helper functions to take
either a 64-bit or compat time[spec|val] got the arguments in the
wrong order, passing the kernel stack pointer off as a user pointer
(and vice versa).
Because of the user address range check, that in turn then causes an
EFAULT due to the user pointer range checking failing for the kernel
address. Incorrectly resuling in a failed system call for 32-bit
processes with a 64-bit kernel.
On odder architectures like HP-PA (with separate user/kernel address
spaces), it can be used read kernel memory. (CVE-2012-4467)

A race condition flaw has been found in the way asynchronous I/O and
fallocate interacted which can lead to exposure of stale data -- that
is, an extent which should have had the "uninitialized" bit set
indicating that its blocks have not yet been written and thus contain
data from a deleted file. An unprivileged local user could use this
flaw to cause an information leak. (CVE-2012-4508)

Reading TCP stats when using TCP Illinois congestion control algorithm
can cause a divide by zero kernel oops.An unprivileged local user could
use this flaw to crash the system. (CVE-2012-4565)


Other fixes in this release:
module: fix symbol waiting when module fails before init, wait when
loading a module which is currently initializing. (mga #7375)

backport Wacom Intuos 5 support: (#7659)

add support for Atheros AR8161/8165 Atheros PCI-E Gigabit Ethernet
Controller (mga #7853)

conflict dkms packages not supporting 3.4 series kernels

kernel-source does not add build & source symlinks anymore as
they mess with dkms builds.

switch server kernel image compression back to GZIP so it works
with Amazon EC2 and other older XEN setups.

For other changes in 3.4 series kernel, see the kernelnewbies link,
and the referenced stable changelogs.


Prebuilt modules have also been fixed and rebuilt to match this kernel.


Updated Packages:
i586:
cpupower-3.4.24-3.mga2.i586.rpm
cpupower-devel-3.4.24-3.mga2.i586.rpm
kernel-desktop-3.4.24-3.mga2-1-1.mga2.i586.rpm
kernel-desktop586-3.4.24-3.mga2-1-1.mga2.i586.rpm
kernel-desktop586-devel-3.4.24-3.mga2-1-1.mga2.i586.rpm
kernel-desktop586-devel-latest-3.4.24-3.mga2.i586.rpm
kernel-desktop586-latest-3.4.24-3.mga2.i586.rpm
kernel-desktop-devel-3.4.24-3.mga2-1-1.mga2.i586.rpm
kernel-desktop-devel-latest-3.4.24-3.mga2.i586.rpm
kernel-desktop-latest-3.4.24-3.mga2.i586.rpm
kernel-doc-3.4.24-3.mga2.noarch.rpm
kernel-netbook-3.4.24-3.mga2-1-1.mga2.i586.rpm
kernel-netbook-devel-3.4.24-3.mga2-1-1.mga2.i586.rpm
kernel-netbook-devel-latest-3.4.24-3.mga2.i586.rpm
kernel-netbook-latest-3.4.24-3.mga2.i586.rpm
kernel-server-3.4.24-3.mga2-1-1.mga2.i586.rpm
kernel-server-devel-3.4.24-3.mga2-1-1.mga2.i586.rpm
kernel-server-devel-latest-3.4.24-3.mga2.i586.rpm
kernel-server-latest-3.4.24-3.mga2.i586.rpm
kernel-source-3.4.24-3.mga2-1-1.mga2.noarch.rpm
kernel-source-latest-3.4.24-3.mga2.noarch.rpm
kernel-userspace-headers-3.4.24-3.mga2.i586.rpm
perf-3.4.24-3.mga2.i586.rpm
xtables-addons-kernel-3.4.24-desktop-3.mga2-1.41-19.mga2.i586.rpm
xtables-addons-kernel-3.4.24-desktop586-3.mga2-1.41-19.mga2.i586.rpm
xtables-addons-kernel-3.4.24-netbook-3.mga2-1.41-19.mga2.i586.rpm
xtables-addons-kernel-3.4.24-server-3.mga2-1.41-19.mga2.i586.rpm
xtables-addons-kernel-desktop586-latest-1.41-19.mga2.i586.rpm
xtables-addons-kernel-desktop-latest-1.41-19.mga2.i586.rpm
xtables-addons-kernel-netbook-latest-1.41-19.mga2.i586.rpm
xtables-addons-kernel-server-latest-1.41-19.mga2.i586.rpm
broadcom-wl-kernel-3.4.24-desktop-3.mga2-5.100.82.112-38.mga2.nonfree.i586.rpm
broadcom-wl-kernel-3.4.24-desktop586-3.mga2-5.100.82.112-38.mga2.nonfree.i586.rpm
broadcom-wl-kernel-3.4.24-netbook-3.mga2-5.100.82.112-38.mga2.nonfree.i586.rpm
broadcom-wl-kernel-3.4.24-server-3.mga2-5.100.82.112-38.mga2.nonfree.i586.rpm
broadcom-wl-kernel-desktop586-latest-5.100.82.112-38.mga2.nonfree.i586.rpm
broadcom-wl-kernel-desktop-latest-5.100.82.112-38.mga2.nonfree.i586.rpm
broadcom-wl-kernel-netbook-latest-5.100.82.112-38.mga2.nonfree.i586.rpm
broadcom-wl-kernel-server-latest-5.100.82.112-38.mga2.nonfree.i586.rpm
dkms-broadcom-wl-5.100.82.112-6.mga2.nonfree.i586.rpm
dkms-fglrx-8.961-2.mga2.nonfree.i586.rpm
fglrx-control-center-8.961-2.mga2.nonfree.i586.rpm
fglrx-devel-8.961-2.mga2.nonfree.i586.rpm
fglrx-kernel-3.4.24-desktop-3.mga2-8.961-15.mga2.nonfree.i586.rpm
fglrx-kernel-3.4.24-desktop586-3.mga2-8.961-15.mga2.nonfree.i586.rpm
fglrx-kernel-3.4.24-netbook-3.mga2-8.961-15.mga2.nonfree.i586.rpm
fglrx-kernel-3.4.24-server-3.mga2-8.961-15.mga2.nonfree.i586.rpm
fglrx-kernel-desktop586-latest-8.961-15.mga2.nonfree.i586.rpm
fglrx-kernel-desktop-latest-8.961-15.mga2.nonfree.i586.rpm
fglrx-kernel-netbook-latest-8.961-15.mga2.nonfree.i586.rpm
fglrx-kernel-server-latest-8.961-15.mga2.nonfree.i586.rpm
fglrx-opencl-8.961-2.mga2.nonfree.i586.rpm
x11-driver-video-fglrx-8.961-2.mga2.nonfree.i586.rpm
nvidia-current-kernel-3.4.24-desktop-3.mga2-295.71-10.mga2.nonfree.i586.rpm
nvidia-current-kernel-3.4.24-desktop586-3.mga2-295.71-10.mga2.nonfree.i586.rpm
nvidia-current-kernel-3.4.24-netbook-3.mga2-295.71-10.mga2.nonfree.i586.rpm
nvidia-current-kernel-3.4.24-server-3.mga2-295.71-10.mga2.nonfree.i586.rpm
nvidia-current-kernel-desktop586-latest-295.71-10.mga2.nonfree.i586.rpm
nvidia-current-kernel-desktop-latest-295.71-10.mga2.nonfree.i586.rpm
nvidia-current-kernel-netbook-latest-295.71-10.mga2.nonfree.i586.rpm
nvidia-current-kernel-server-latest-295.71-10.mga2.nonfree.i586.rpm

x86_64:
cpupower-3.4.24-3.mga2.x86_64.rpm
cpupower-devel-3.4.24-3.mga2.x86_64.rpm
kernel-desktop-3.4.24-3.mga2-1-1.mga2.x86_64.rpm
kernel-desktop-devel-3.4.24-3.mga2-1-1.mga2.x86_64.rpm
kernel-desktop-devel-latest-3.4.24-3.mga2.x86_64.rpm
kernel-desktop-latest-3.4.24-3.mga2.x86_64.rpm
kernel-doc-3.4.24-3.mga2.noarch.rpm
kernel-netbook-3.4.24-3.mga2-1-1.mga2.x86_64.rpm
kernel-netbook-devel-3.4.24-3.mga2-1-1.mga2.x86_64.rpm
kernel-netbook-devel-latest-3.4.24-3.mga2.x86_64.rpm
kernel-netbook-latest-3.4.24-3.mga2.x86_64.rpm
kernel-server-3.4.24-3.mga2-1-1.mga2.x86_64.rpm
kernel-server-devel-3.4.24-3.mga2-1-1.mga2.x86_64.rpm
kernel-server-devel-latest-3.4.24-3.mga2.x86_64.rpm
kernel-server-latest-3.4.24-3.mga2.x86_64.rpm
kernel-source-3.4.24-3.mga2-1-1.mga2.noarch.rpm
kernel-source-latest-3.4.24-3.mga2.noarch.rpm
kernel-userspace-headers-3.4.24-3.mga2.x86_64.rpm
perf-3.4.24-3.mga2.x86_64.rpm
xtables-addons-kernel-3.4.24-desktop-3.mga2-1.41-19.mga2.x86_64.rpm
xtables-addons-kernel-3.4.24-netbook-3.mga2-1.41-19.mga2.x86_64.rpm
xtables-addons-kernel-3.4.24-server-3.mga2-1.41-19.mga2.x86_64.rpm
xtables-addons-kernel-desktop-latest-1.41-19.mga2.x86_64.rpm
xtables-addons-kernel-netbook-latest-1.41-19.mga2.x86_64.rpm
xtables-addons-kernel-server-latest-1.41-19.mga2.x86_64.rpm
broadcom-wl-kernel-3.4.24-desktop-3.mga2-5.100.82.112-38.mga2.nonfree.x86_64.rpm
broadcom-wl-kernel-3.4.24-netbook-3.mga2-5.100.82.112-38.mga2.nonfree.x86_64.rpm
broadcom-wl-kernel-3.4.24-server-3.mga2-5.100.82.112-38.mga2.nonfree.x86_64.rpm
broadcom-wl-kernel-desktop-latest-5.100.82.112-38.mga2.nonfree.x86_64.rpm
broadcom-wl-kernel-netbook-latest-5.100.82.112-38.mga2.nonfree.x86_64.rpm
broadcom-wl-kernel-server-latest-5.100.82.112-38.mga2.nonfree.x86_64.rpm
dkms-broadcom-wl-5.100.82.112-6.mga2.nonfree.x86_64.rpm
dkms-fglrx-8.961-2.mga2.nonfree.x86_64.rpm
fglrx-control-center-8.961-2.mga2.nonfree.x86_64.rpm
fglrx-devel-8.961-2.mga2.nonfree.x86_64.rpm
fglrx-kernel-3.4.24-desktop-3.mga2-8.961-15.mga2.nonfree.x86_64.rpm
fglrx-kernel-3.4.24-netbook-3.mga2-8.961-15.mga2.nonfree.x86_64.rpm
fglrx-kernel-3.4.24-server-3.mga2-8.961-15.mga2.nonfree.x86_64.rpm
fglrx-kernel-desktop-latest-8.961-15.mga2.nonfree.x86_64.rpm
fglrx-kernel-netbook-latest-8.961-15.mga2.nonfree.x86_64.rpm
fglrx-kernel-server-latest-8.961-15.mga2.nonfree.x86_64.rpm
fglrx-opencl-8.961-2.mga2.nonfree.x86_64.rpm
x11-driver-video-fglrx-8.961-2.mga2.nonfree.x86_64.rpm
nvidia-current-kernel-3.4.24-desktop-3.mga2-295.71-10.mga2.nonfree.x86_64.rpm
nvidia-current-kernel-3.4.24-netbook-3.mga2-295.71-10.mga2.nonfree.x86_64.rpm
nvidia-current-kernel-3.4.24-server-3.mga2-295.71-10.mga2.nonfree.x86_64.rpm
nvidia-current-kernel-desktop-latest-295.71-10.mga2.nonfree.x86_64.rpm
nvidia-current-kernel-netbook-latest-295.71-10.mga2.nonfree.x86_64.rpm
nvidia-current-kernel-server-latest-295.71-10.mga2.nonfree.x86_64.rpm

SRPMS:
kernel-3.4.24-3.mga2.src.rpm
kernel-userspace-headers-3.4.24-3.mga2.src.rpm
kmod-xtables-addons-1.41-19.mga2.src.rpm
broadcom-wl-5.100.82.112-6.mga2.nonfree.src.rpm
kmod-broadcom-wl-5.100.82.112-38.mga2.nonfree.src.rpm
fglrx-8.961-2.mga2.nonfree.src.rpm
kmod-fglrx-8.961-15.mga2.nonfree.src.rpm
kmod-nvidia-current-295.71-10.mga2.nonfree.src.rpm


References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0957
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3364
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3510
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3520
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4398
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4461
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4508
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4565
http://kernelnewbies.org/Linux_3.4
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.1
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.2
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.3
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.4
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.5
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.6
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.7
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.8
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.9
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.10
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.11
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.12
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.13
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.14
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.15
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.16
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.17
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.18
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.19
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.20
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.21
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.22
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.23
http://www.kernel.org/pub/linux/kernel/v3.0/ChangeLog-3.4.24
https://bugs.mageia.org/show_bug.cgi?id=7375
https://bugs.mageia.org/show_bug.cgi?id=7659
https://bugs.mageia.org/show_bug.cgi?id=7853
https://bugs.mageia.org/show_bug.cgi?id=8068