← Back to team overview

desktop-packages team mailing list archive

[Bug 1402551] [NEW] High memory usage of Xorg and kwin after Xorg security updates [nvidia]

 

Public bug reported:

Hello,

since the Xorg/nvidia security updates last week, I encounter a problem with growing Xorg and kwin memory usage.
In one hour the memory consumption is at Xorg ~ 270 MiB and at kwin: 300 MB , so the system responds slowly and scrolling is very slow in in dolphin, kwrite, firefox, etc.
After several hours the system is so slow, that only a restart helps, and then the growing of memory starts again.

*** My Tests;

I tried several nvidia drivers, but without success (from:
https://launchpad.net/~xorg-
edgers/+archive/ubuntu/ppa/+index?field.series_filter=precise)

304.125-0ubuntu0.0.1~xedgers12.04.1 
331.113-0ubuntu0.0.1~xedgers12.04.1 
346.22-0ubuntu1~xedgers12.04.1
(With purging each nvidia driver and fresh installing it)

*** My configuration;

Two Kubuntu 12.04.5 PCs with a nvidia card; 
nvidia driver 331.113-0ubuntu0.0.0.3 and 304.125-0ubuntu0.0.0.1
One pc with the Trusty Xstack (HWE) with Trusty kernel (3.13.0-43.72~precise1) and the other one with the stock kernel (3.2.0-74-generic #109) and stock xstack.


I use one pc in my office, so it disturbs my work because of the slowness and restarts.

Thank you for your help!

Best regards, Bernhard


*** Problematic packages and other Xorg deps

nvidia-graphics-drivers-331 (331.113-0ubuntu0.0.0.3) precise-security;
urgency=medium

  [ Alberto Milone ]
  * debian/substvars:
    - Add support for video ABIs up to 19.
  * debian/templates/dkms_nvidia.conf.in:
    - Drop all the patches.
  * SECURITY UPDATE:
    - CVE-2014-8091, CVE-2014-8098, CVE-2014-8298 (LP: #1400673).
 -- Alberto Milone <email address hidden> Tue, 09 Dec 2014 12:10:46 +0100

CVE-2014-8298 	RESERVED
CVE-2014-8098 	out of bounds access in GLX extension
CVE-2014-8091 	denial of service due to unchecked malloc in client authentication

nvidia-graphics-drivers-304-updates (304.125-0ubuntu0.0.0.1) 
  
xorg-server-lts-trusty (2:1.15.1-0ubuntu2~precise4) precise-security; urgency=medium

  * SECURITY UPDATE: Dec 2014 security issues - additional fixes
    - debian/patches/CVE-2014-8xxx/003[4567]*.patch: add additional
      fixes not included in original pre-advisory bundle.
 -- Marc Deslauriers <email address hidden> Tue, 09 Dec 2014 17:25:15 -0500
 
xorg-server-lts-trusty (2:1.15.1-0ubuntu2~precise3) precise-security; urgency=medium

  * SECURITY UPDATE: Dec 2014 protocol handling security issues
    - debian/patches/CVE-2014-8xxx/*.patch: patches from upstream to fix
      a multitude of security issues, including a couple of pre-requisite
      fixes from git.
    - CVE-2014-8091
    - CVE-2014-8092
    - CVE-2014-8093
    - CVE-2014-8094
    - CVE-2014-8095
    - CVE-2014-8096
    - CVE-2014-8097
    - CVE-2014-8098
    - CVE-2014-8099
    - CVE-2014-8100
    - CVE-2014-8101
    - CVE-2014-8102
    - CVE-2014-8103
 -- Marc Deslauriers <email address hidden> Sat, 06 Dec 2014 10:28:55 -0500

CVE-2014-8091 	denial of service due to unchecked malloc in client authentication
CVE-2014-8092 	intger overflows in X11 core protocol requests
CVE-2014-8093 	integer overflows in GLX extension
CVE-2014-8094 	integer overflows in DRI2 extensions
CVE-2014-8095 	out of bounds access in XInput extensions
CVE-2014-8096 	out of bounds access in XC-MISC extension
CVE-2014-8097 	out of bounds access in DBE extension
CVE-2014-8098 	out of bounds access in GLX extension
CVE-2014-8099 	out of bounds access in XVideo extension
CVE-2014-8100 	out of bounds access in Render extension
CVE-2014-8101 	out of bounds access in RandR extension
CVE-2014-8102 	out of bounds access in XFixes extension
CVE-2014-8103 	out of bounds access in DRI3 & Present extensions
 
and other Xorg deps

** Affects: nvidia-graphics-drivers-304-updates (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: nvidia-graphics-drivers-331-updates (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: xorg-server (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: xorg-server-lts-trusty (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: high kde kwin memory nvidia usage xorg

** Also affects: nvidia-graphics-drivers-331-updates (Ubuntu)
   Importance: Undecided
       Status: New

** Package changed: linux-firmware (Ubuntu) => xorg-server-lts-trusty
(Ubuntu)

** Also affects: nvidia-graphics-drivers-304-updates (Ubuntu)
   Importance: Undecided
       Status: New

** Also affects: xorg-server (Ubuntu)
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to nvidia-graphics-drivers-331-updates in
Ubuntu.
https://bugs.launchpad.net/bugs/1402551

Title:
  High memory usage of Xorg and kwin after Xorg security updates
  [nvidia]

Status in nvidia-graphics-drivers-304-updates package in Ubuntu:
  New
Status in nvidia-graphics-drivers-331-updates package in Ubuntu:
  New
Status in xorg-server package in Ubuntu:
  New
Status in xorg-server-lts-trusty package in Ubuntu:
  New

Bug description:
  Hello,

  since the Xorg/nvidia security updates last week, I encounter a problem with growing Xorg and kwin memory usage.
  In one hour the memory consumption is at Xorg ~ 270 MiB and at kwin: 300 MB , so the system responds slowly and scrolling is very slow in in dolphin, kwrite, firefox, etc.
  After several hours the system is so slow, that only a restart helps, and then the growing of memory starts again.

  *** My Tests;

  I tried several nvidia drivers, but without success (from:
  https://launchpad.net/~xorg-
  edgers/+archive/ubuntu/ppa/+index?field.series_filter=precise)

  304.125-0ubuntu0.0.1~xedgers12.04.1 
  331.113-0ubuntu0.0.1~xedgers12.04.1 
  346.22-0ubuntu1~xedgers12.04.1
  (With purging each nvidia driver and fresh installing it)

  *** My configuration;

  Two Kubuntu 12.04.5 PCs with a nvidia card; 
  nvidia driver 331.113-0ubuntu0.0.0.3 and 304.125-0ubuntu0.0.0.1
  One pc with the Trusty Xstack (HWE) with Trusty kernel (3.13.0-43.72~precise1) and the other one with the stock kernel (3.2.0-74-generic #109) and stock xstack.

  
  I use one pc in my office, so it disturbs my work because of the slowness and restarts.

  Thank you for your help!

  Best regards, Bernhard

  
  *** Problematic packages and other Xorg deps

  nvidia-graphics-drivers-331 (331.113-0ubuntu0.0.0.3) precise-security;
  urgency=medium

    [ Alberto Milone ]
    * debian/substvars:
      - Add support for video ABIs up to 19.
    * debian/templates/dkms_nvidia.conf.in:
      - Drop all the patches.
    * SECURITY UPDATE:
      - CVE-2014-8091, CVE-2014-8098, CVE-2014-8298 (LP: #1400673).
   -- Alberto Milone <email address hidden> Tue, 09 Dec 2014 12:10:46 +0100

  CVE-2014-8298 	RESERVED
  CVE-2014-8098 	out of bounds access in GLX extension
  CVE-2014-8091 	denial of service due to unchecked malloc in client authentication

  nvidia-graphics-drivers-304-updates (304.125-0ubuntu0.0.0.1) 
    
  xorg-server-lts-trusty (2:1.15.1-0ubuntu2~precise4) precise-security; urgency=medium

    * SECURITY UPDATE: Dec 2014 security issues - additional fixes
      - debian/patches/CVE-2014-8xxx/003[4567]*.patch: add additional
        fixes not included in original pre-advisory bundle.
   -- Marc Deslauriers <email address hidden> Tue, 09 Dec 2014 17:25:15 -0500
   
  xorg-server-lts-trusty (2:1.15.1-0ubuntu2~precise3) precise-security; urgency=medium

    * SECURITY UPDATE: Dec 2014 protocol handling security issues
      - debian/patches/CVE-2014-8xxx/*.patch: patches from upstream to fix
        a multitude of security issues, including a couple of pre-requisite
        fixes from git.
      - CVE-2014-8091
      - CVE-2014-8092
      - CVE-2014-8093
      - CVE-2014-8094
      - CVE-2014-8095
      - CVE-2014-8096
      - CVE-2014-8097
      - CVE-2014-8098
      - CVE-2014-8099
      - CVE-2014-8100
      - CVE-2014-8101
      - CVE-2014-8102
      - CVE-2014-8103
   -- Marc Deslauriers <email address hidden> Sat, 06 Dec 2014 10:28:55 -0500

  CVE-2014-8091 	denial of service due to unchecked malloc in client authentication
  CVE-2014-8092 	intger overflows in X11 core protocol requests
  CVE-2014-8093 	integer overflows in GLX extension
  CVE-2014-8094 	integer overflows in DRI2 extensions
  CVE-2014-8095 	out of bounds access in XInput extensions
  CVE-2014-8096 	out of bounds access in XC-MISC extension
  CVE-2014-8097 	out of bounds access in DBE extension
  CVE-2014-8098 	out of bounds access in GLX extension
  CVE-2014-8099 	out of bounds access in XVideo extension
  CVE-2014-8100 	out of bounds access in Render extension
  CVE-2014-8101 	out of bounds access in RandR extension
  CVE-2014-8102 	out of bounds access in XFixes extension
  CVE-2014-8103 	out of bounds access in DRI3 & Present extensions
   
  and other Xorg deps

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nvidia-graphics-drivers-304-updates/+bug/1402551/+subscriptions


Follow ups

References