security update in Fedora 27 for kernel

Status: stable a year ago

The 4.14.18 stable update contains a number of important fixes across the tree, including some additional spectre mitigation.

The 4.14.17 stable kernel update contains a number of important fixes across the tree.

Reboot Required

After installing this update it is required that you reboot your system to ensure the changes supplied by this update are applied properly.

How to install

sudo dnf upgrade --advisory=FEDORA-2018-de3f3f670b

Comments 30

This update has been submitted for testing by jforbes.

This update has obsoleted kernel-4.14.17-300.fc27, and has inherited its bugs and notes.

Works for me on x86_64

karma: +1 critpath: +1

This update has been pushed to testing.

works for me - first kernel with spectre-v1-migitation - /sys/devices/system/cpu/vulnerabilities/meltdown: Mitigation: PTI, /sys/devices/system/cpu/vulnerabilities/spectre_v1: Mitigation: __user pointer sanitization, /sys/devices/system/cpu/vulnerabilities/spectre_v2: Mitigation: Full generic retpoline

karma: +1
karma: +1 critpath: +1
karma: +1 critpath: +1

Works fine - spectre v1,v2 and meltdown mitigated.

karma: +1 critpath: +1

works fine on x86_64 Intel i5-3550

karma: +1 critpath: +1

Works fine for me. x86_64 on i7-4770k.

/sys/devices/system/cpu/vulnerabilities/meltdown:Mitigation: PTI
/sys/devices/system/cpu/vulnerabilities/spectre_v1:Mitigation: __user pointer sanitization
/sys/devices/system/cpu/vulnerabilities/spectre_v2:Mitigation: Full generic retpoline
karma: +1 critpath: +1

Works fine on a E7470 I5-6300U

karma: +1 critpath: +1

Works for me.. Regression tests pass OK.
x86_64 work station, Plasma DE, X-server, nVidia card GTX 650 (GK107) /nouveau

karma: +1 critpath: +1

This update has been submitted for batched by jforbes.

wfm: desktop 16GB Intel i7-3770 CPU, laptop 16GB Intel i7-3610QM CPU, laptop 8GB Intel i5-2520M CPU Lenovo T420 - all using the Mate Desktop Environment ( kernel progression passed on all 3 - performance test took too a very long time for the T420, roughly 2 hours)

karma: +1 critpath: +1

works fine

karma: +1
karma: +1 critpath: +1

@jforbes: Did you intentionally submit this for batched instead of stable?

I did, there has been a bit of talk in FESCo and on the lists lately about utilizing batch more, so I figured I would give it a try. While there are improvements to Spectre mitigations here, they are not huge over what we had (we were carrying older v1 patches before that didn't report under the new structure, but were there). I suppose with the rebase timing though, it is best to get this one out.

This update has been submitted for stable by jforbes.


karma: +1 critpath: +1
karma: +1 critpath: +1

(Belatedly), no regressions noted on x86_64 and i686+PAE.

karma: +1 critpath: +1
karma: +1 critpath: +1

This update has been pushed to stable.

4.14.18-300 freezes on resume from suspend on a Lenovo X1 Carbon 3rd gen. 4.14.16-300 works.

karma: -1 critpath: -1

The backtrace does not contain enough meaningful function frames to be reported. It is annoying but it does not necessary signalize a problem with your computer. ABRT will not allow you to create a report in a bug tracking system but you can contact kernel maintainers via e-mail.

WARNING: CPU: 1 PID: 68 at net/mac80211/driver-ops.c:175 drv_conf_tx+0x18f/0x1a0 [mac80211]BOOT_IMAGE=/vmlinuz-4.14.18-300.fc27.x86_64 root=/dev/mapper/fedoran-root ro rd.lvm.lv=fedoran/root rd.lvm.lv=fedoran/swap rhgb quiet LANG=en_US.UTF-8


karma: -1 critpath: -1

It doesn't boot on a dell XPS 9560.

karma: -1 critpath: -1

It doesn't boot on a dell inspiron 7537

karma: -1 critpath: -1

Not good. This kernel really has a problem with Thunderbolt networking. It really screws up ssh and also other networking functionality, test case on a Precision 5520 with TB16 and other thunderbolt based NICs. See bugzilla https://bugzilla.redhat.com/show_bug.cgi?id=1537597

karma: -1 critpath: -1

Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

Does the system's basic functionality continue to work after this update?
Test Case kernel regression
Content Type
Test Gating
Submitted by
Update Type
Update Severity
stable threshold: 3
unstable threshold: -3
submitted a year ago
in testing a year ago
in stable a year ago

Automated Test Results

Test Cases

00 Test Case kernel regression