FEDORA-2018-2bce10900e

security update in Fedora 27 for kernel

Status: stable 8 months ago

The 4.15.8 update contains a number of important fixes across the tree.

Reboot Required

After installing this update it is required that you reboot your system to ensure the changes supplied by this update are applied properly.

Comments 26

This update has been submitted for testing by labbott.

Works for me.. Regression tests pass OK.
x86_64 work station, Plasma DE, X-server, nVidia card GTX 650 (GK107) /nouveau

karma: +1 critpath: +1

works for me

karma: +1

works for me on x86_64 Intel i5-3550

karma: +1 critpath: +1

What would be best way of pulling packages before they hit testing repo?

This update has been pushed to testing.

No regressions here.

karma: +1

no regressions noted, kernel-tests pass

karma: +1

the F26 build (https://koji.fedoraproject.org/koji/buildinfo?buildID=1056297) failed and upstream has already https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.15.9 - since all production servers are running F26 how to proceed - currently running 4.15.5-200.fc26.x86_64 and i hoped to get 4.15.8 out over the last weekend

works fine for me. regression test cases passed. Intel(R) Core(TM) i7-5820K

karma: +1 critpath: +1

WFM, Thinkpad X250

karma: +1 critpath: +1

Anybody tried with docking? ;)

X250 is on a dock, both laptop and external displays work. I haven't tried undock/redock though.

On Lenovo H50-55 with AMD A10-7800 processor the regression tests all pass with the exception of the paxtest:

Starting test ./default/paxtest Main executable randomisation (PIE) randomness is less than 28 bits (25)

karma: +1 critpath: +1

works for me (x86_64)

karma: +1 critpath: +1

Yeah 4.15.9 failed for F26 due to a build hiccup and I decided not to rebuilt because I knew 4.15.9 was coming out. Since this update does have the karma I'm going to go ahead and push it.

This update has been submitted for batched by labbott.

This update has been submitted for stable by labbott.

karma: +1 critpath: +1

Still not booting on docking station with Lenovo X260

https://bugzilla.redhat.com/show_bug.cgi?id=1549042

forgot karma :)

karma: -1 critpath: -1

works fine, macbook pro late 2011, intel cpu/graphics

karma: +1 critpath: +1

This update has been pushed to stable.

Same problem as before with lenovo T470 in docking station. Does not boot.

karma: -1 critpath: -1

Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

Does the system's basic functionality continue to work after this update?
#1535110 CVE-2018-5703 kernel: net/ipv6/tcp_ipv6.c:tcp_v6_syn_recv_sock function allows attackers to cause a denial of service
#1535111 CVE-2018-5703 kernel: net/ipv6/tcp_ipv6.c:tcp_v6_syn_recv_sock function allows attackers to cause a denial of service [fedora-all]
#1547824 CVE-2018-1065 kernel: netfilter: xtables NULL pointer dereference in ip6_tables.c:ip6t_do_table() leading to a crash
#1547831 CVE-2018-1065 kernel: netfilter: xtables NULL pointer dereference in ip6_tables.c:ip6t_do_table() leading to a crash [fedora-all]
#1549316 System freezes after OOPS during booting
#1551051 CVE-2018-5803 kernel: Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp_make_chunk() function allows denial of service
#1551053 CVE-2018-5803 kernel: Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp_make_chunk() function allows denial of service [fedora-all]
#1553361 CVE-2018-7757 kernel: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c
#1553363 CVE-2018-7757 kernel: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c [fedora-all]
Test Case kernel regression
Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
+10
stable threshold: 1
unstable threshold: -3
Autopush
Disabled
Dates
submitted 8 months ago
in testing 8 months ago
in stable 8 months ago

Related Bugs 9

00 #1535110 CVE-2018-5703 kernel: net/ipv6/tcp_ipv6.c:tcp_v6_syn_recv_sock function allows attackers to cause a denial of service
00 #1535111 CVE-2018-5703 kernel: net/ipv6/tcp_ipv6.c:tcp_v6_syn_recv_sock function allows attackers to cause a denial of service [fedora-all]
00 #1547824 CVE-2018-1065 kernel: netfilter: xtables NULL pointer dereference in ip6_tables.c:ip6t_do_table() leading to a crash
00 #1547831 CVE-2018-1065 kernel: netfilter: xtables NULL pointer dereference in ip6_tables.c:ip6t_do_table() leading to a crash [fedora-all]
00 #1549316 System freezes after OOPS during booting
00 #1551051 CVE-2018-5803 kernel: Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp_make_chunk() function allows denial of service
00 #1551053 CVE-2018-5803 kernel: Missing length check of payload in net/sctp/sm_make_chunk.c:_sctp_make_chunk() function allows denial of service [fedora-all]
00 #1553361 CVE-2018-7757 kernel: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c
00 #1553363 CVE-2018-7757 kernel: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c [fedora-all]

Automated Test Results

Test Cases

00 Test Case kernel regression