The 4.5.7-202 kernel update contains a number of important security fixes.

Reboot Required
After installing this update it is required that you reboot your system to ensure the changes supplied by this update are applied properly.

How to install

sudo dnf upgrade --advisory=FEDORA-2016-73a733f4d9

This update has been submitted for testing by jforbes.

4 years ago

This update has been pushed to testing.

4 years ago
User Icon naphan commented & provided feedback 4 years ago

Works good on x86_64. Memory consumption has increased by 200 MB against 4.4.9.

User Icon dimitrisk commented & provided feedback 4 years ago
karma

WFM, Thinkpad X250 i7 (Broadwell, Intel graphics)

User Icon hreindl commented & provided feedback 4 years ago
karma

works for me

This update has been submitted for stable by bodhi.

4 years ago
User Icon naphan commented & provided feedback 4 years ago
karma

Works for me x86_64.

User Icon gateisred commented & provided feedback 4 years ago

Please note that this kernel version (4.5.7) is EOL

This update has been pushed to stable.

4 years ago
User Icon h4xr commented & provided feedback 4 years ago
karma

Works for me x86_64 VM. No stability issues encountered till now.

User Icon grover commented & provided feedback 4 years ago

doesn't boot on Samsung Notebook 9 (skylake, intel gfx) whereas -200 does. No kernel output even after removing 'rhgb quiet' from kernel commandline.

User Icon anonymous commented & provided feedback 4 years ago
[root@f23 vboxdrv]# make
make KBUILD_VERBOSE=1 SUBDIRS=/tmp/vboxhost/vboxdrv SRCROOT=/tmp/vboxhost/vboxdrv CONFIG_MODULE_SIG= -C /lib/modules/4.6.3-200.fc23.x86_64/build modules
make[1]: Entering directory '/usr/src/kernels/4.6.3-200.fc23.x86_64'
test -e include/generated/autoconf.h -a -e include/config/auto.conf || (                \
echo >&2;                                                       \
echo >&2 "  ERROR: Kernel configuration is invalid.";           \
echo >&2 "         include/generated/autoconf.h or include/config/auto.conf are missing.";\
echo >&2 "         Run 'make oldconfig && make prepare' on kernel src to fix it.";      \
echo >&2 ;                                                      \
/bin/false)
mkdir -p /tmp/vboxhost/vboxdrv/.tmp_versions ; rm -f /tmp/vboxhost/vboxdrv/.tmp_versions/*
make -f ./scripts/Makefile.build obj=/tmp/vboxhost/vboxdrv
make[2]: *** No rule to make target '/tmp/vboxhost/vboxdrv/linux/SUPDrv-linux.o', needed by '/tmp/vboxhost/vboxdrv/vboxdrv.o'.  Stop.
Makefile:1433: recipe for target '_module_/tmp/vboxhost/vboxdrv' failed
make[1]: *** [_module_/tmp/vboxhost/vboxdrv] Error 2
make[1]: Leaving directory '/usr/src/kernels/4.6.3-200.fc23.x86_64'
Makefile:298: recipe for target 'vboxdrv' failed
make: *** [vboxdrv] Error 2
[root@f23 vboxdrv]#

CONFIG_HAVE_STACK_VALIDATION=y and no objtool?

User Icon anonymous commented & provided feedback 4 years ago
[root@f23 vboxdrv]# make
make KBUILD_VERBOSE=1 SUBDIRS=/tmp/vboxhost/vboxdrv SRCROOT=/tmp/vboxhost/vboxdrv CONFIG_MODULE_SIG= -C /lib/modules/4.6.3-200.fc23.x86_64/build modules
make[1]: Entering directory '/usr/src/kernels/4.6.3-200.fc23.x86_64'
test -e include/generated/autoconf.h -a -e include/config/auto.conf || (                \
echo >&2;                                                       \
echo >&2 "  ERROR: Kernel configuration is invalid.";           \
echo >&2 "         include/generated/autoconf.h or include/config/auto.conf are missing.";\
echo >&2 "         Run 'make oldconfig && make prepare' on kernel src to fix it.";      \
echo >&2 ;                                                      \
/bin/false)
mkdir -p /tmp/vboxhost/vboxdrv/.tmp_versions ; rm -f /tmp/vboxhost/vboxdrv/.tmp_versions/*
make -f ./scripts/Makefile.build obj=/tmp/vboxhost/vboxdrv
make[2]: *** No rule to make target '/tmp/vboxhost/vboxdrv/linux/SUPDrv-linux.o', needed by '/tmp/vboxhost/vboxdrv/vboxdrv.o'.  Stop.
Makefile:1433: recipe for target '_module_/tmp/vboxhost/vboxdrv' failed
make[1]: *** [_module_/tmp/vboxhost/vboxdrv] Error 2
make[1]: Leaving directory '/usr/src/kernels/4.6.3-200.fc23.x86_64'
Makefile:298: recipe for target 'vboxdrv' failed
make: *** [vboxdrv] Error 2
[root@f23 vboxdrv]#

CONFIG_HAVE_STACK_VALIDATION=y and no objtool?

User Icon anonymous commented & provided feedback 4 years ago

Sorry, This is for kernel version is 4.6.3-200.fc23.x86_64.

User Icon hreindl commented & provided feedback 4 years ago

@anonymous: for the sake of god type "dnf install fedora-easy-karma" so you can't comment the wrong builds and if you are at it realize that vbox is out of scope for Fedora and so you MUST NOT give negative karma (i am also not happy that with 4.6.3 currently vmware modules don't build and the workarounds found are not working but that NOT JUSTIFIES a negative karma for the fedora-kernel)

User Icon anonymous commented & provided feedback 4 years ago

@hreindl: I was was clicking the wrong kernel version link, OK? That happens when you do several things at once (develop software when the deadline is approaching fast, argue with QA team, submit bug reports, etc.) :-( Not my intention to give negative karma to a perfectly stable kernel. Since I cannot edit/delete my post - there is nothing else I can do but say I'm really, really sorry.

User Icon hreindl commented & provided feedback 4 years ago

and HENCE use fedora-easy-karma because it only asks for packages which are INSTALLED and in update-testing so you can't overlook anything, especially in cases where a -37 or so build fixes a specific bug and may introduce a regeression not present in the next and previous builds


Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
4
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
4 years ago
in testing
4 years ago
in stable
4 years ago
BZ#1338025 rfkill is hard blocked on pre-2009 HP laptops
0
0
BZ#1341716 CVE-2016-4470 kernel: Uninitialized variable in request_key handling causes kernel crash in error handling path
0
0
BZ#1344721 CVE-2016-1583 kernel: Stack overflow via ecryptfs and /proc/$pid/environ
0
0
BZ#1344722 CVE-2016-1583 kernel: Stack overflow via ecryptfs and /proc/$pid/environ [fedora-all]
0
0
BZ#1346626 CVE-2016-4470 kernel: Uninitialized variable in request_key handling causes kernel crash in error handling path [fedora-all]
0
0
BZ#1349886 CVE-2016-4998 kernel: out of bounds reads when processing IPT_SO_SET_REPLACE setsockopt
0
0
BZ#1350316 CVE-2016-4998 kernel: kernel : out of bounds reads when processing IPT_SO_SET_REPLACE setsockopt [fedora-all]
0
0
BZ#1350509 CVE-2016-5829 kernel: Heap buffer overflow in hiddev driver
0
0
BZ#1350513 CVE-2016-5829 kernel: Heap buffer overflow in hiddev driver [fedora-all]
0
0
BZ#1350811 CVE-2016-5728 kernel: Race condition vulnerability in VOP driver
0
0
BZ#1350812 CVE-2016-5728 kernel: Race condition vulnerability in VOP driver [fedora-all]
0
0
BZ#1350845 CVE-2016-1237 kernel: Missing check for permissions when setting ACL
0
0
BZ#1350847 CVE-2016-1237 kernel: Missing check for permissions when setting ACL [fedora-all]
0
0

Automated Test Results

Test Cases

0 0 Test Case kernel regression