← Back to team overview

kernel-packages team mailing list archive

[Bug 1402551] Re: High memory usage of Xorg and kwin after Xorg security updates [nvidia]

 

I'm currently testing kernel 3.2.0-73.108 (latest kernel: 3.2.0-74.109). 
So far no problems after two hours, maybe the kernel is the culprit.

*** Changes
linux (3.2.0-74.109) precise; urgency=low

  [ Luis Henriques ]

  * Release Tracking Bug
    - LP: #1400709

  [ Upstream Kernel Changes ]

  * x86_64, traps: Stop using IST for #SS
    - LP: #1398795
    - CVE-2014-9090
  * x86_64, traps: Fix the espfix64 #DF fixup and rewrite it in C
    - LP: #1398795
    - CVE-2014-9090
  * x86_64, traps: Rework bad_iret
    - LP: #1398795
    - CVE-2014-9090
  * x86, kvm: Clear paravirt_enabled on KVM guests for espfix32's benefit
    - LP: #1400314
    - CVE-2014-8134

 -- Luis Henriques <luis.henriques@xxxxxxxxxxxxx>  Tue, 09 Dec 2014
13:55:21 +0000

linux-lts-trusty (3.13.0-43.72~precise1) precise; urgency=low

  [ Luis Henriques ]

  * Release Tracking Bug
    - LP: #1399807

  [ Upstream Kernel Changes ]

  * x86_64, traps: Fix the espfix64 #DF fixup and rewrite it in C
    - LP: #1398795
    - CVE-2014-9090
  * x86_64, traps: Rework bad_iret
    - LP: #1398795
    - CVE-2014-9090
  * x86, kvm: Clear paravirt_enabled on KVM guests for espfix32's benefit
    - LP: #1400314
    - CVE-2014-8134

 -- Luis Henriques <luis.henriques@xxxxxxxxxxxxx>  Tue, 09 Dec 2014
11:09:22 +0000

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-8134

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9090

** Also affects: linux (Ubuntu)
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1402551

Title:
  High memory usage of Xorg and kwin after Xorg security updates
  [nvidia]

Status in linux package in Ubuntu:
  New
Status in nvidia-graphics-drivers-304-updates package in Ubuntu:
  Confirmed
Status in nvidia-graphics-drivers-331-updates package in Ubuntu:
  Confirmed
Status in xorg-server package in Ubuntu:
  Confirmed
Status in xorg-server-lts-trusty package in Ubuntu:
  Confirmed

Bug description:
  Hello,

  since the Xorg/nvidia security updates last week, I encounter a problem with growing Xorg and kwin memory usage.
  In one hour the memory consumption is at Xorg ~ 270 MiB and at kwin: 300 MB , so the system responds slowly and scrolling is very slow in in dolphin, kwrite, firefox, etc.
  After several hours the system is so slow, that only a restart helps, and then the growing of memory starts again.

  *** My Tests;

  I tried several nvidia drivers, but without success (from:
  https://launchpad.net/~xorg-
  edgers/+archive/ubuntu/ppa/+index?field.series_filter=precise)

  304.125-0ubuntu0.0.1~xedgers12.04.1 
  331.113-0ubuntu0.0.1~xedgers12.04.1 
  346.22-0ubuntu1~xedgers12.04.1
  (With purging each nvidia driver and fresh installing it)

  *** My configuration;

  Two Kubuntu 12.04.5 PCs with a nvidia card; 
  nvidia driver 331.113-0ubuntu0.0.0.3 and 304.125-0ubuntu0.0.0.1
  One pc with the Trusty Xstack (HWE) with Trusty kernel (3.13.0-43.72~precise1) and the other one with the stock kernel (3.2.0-74-generic #109) and stock xstack.

  
  I use one pc in my office, so it disturbs my work because of the slowness and restarts.

  Thank you for your help!

  Best regards, Bernhard

  
  *** Problematic packages and other Xorg deps

  nvidia-graphics-drivers-331 (331.113-0ubuntu0.0.0.3) precise-security;
  urgency=medium

    [ Alberto Milone ]
    * debian/substvars:
      - Add support for video ABIs up to 19.
    * debian/templates/dkms_nvidia.conf.in:
      - Drop all the patches.
    * SECURITY UPDATE:
      - CVE-2014-8091, CVE-2014-8098, CVE-2014-8298 (LP: #1400673).
   -- Alberto Milone <email address hidden> Tue, 09 Dec 2014 12:10:46 +0100

  CVE-2014-8298 	RESERVED
  CVE-2014-8098 	out of bounds access in GLX extension
  CVE-2014-8091 	denial of service due to unchecked malloc in client authentication

  nvidia-graphics-drivers-304-updates (304.125-0ubuntu0.0.0.1) 
    
  xorg-server-lts-trusty (2:1.15.1-0ubuntu2~precise4) precise-security; urgency=medium

    * SECURITY UPDATE: Dec 2014 security issues - additional fixes
      - debian/patches/CVE-2014-8xxx/003[4567]*.patch: add additional
        fixes not included in original pre-advisory bundle.
   -- Marc Deslauriers <email address hidden> Tue, 09 Dec 2014 17:25:15 -0500
   
  xorg-server-lts-trusty (2:1.15.1-0ubuntu2~precise3) precise-security; urgency=medium

    * SECURITY UPDATE: Dec 2014 protocol handling security issues
      - debian/patches/CVE-2014-8xxx/*.patch: patches from upstream to fix
        a multitude of security issues, including a couple of pre-requisite
        fixes from git.
      - CVE-2014-8091
      - CVE-2014-8092
      - CVE-2014-8093
      - CVE-2014-8094
      - CVE-2014-8095
      - CVE-2014-8096
      - CVE-2014-8097
      - CVE-2014-8098
      - CVE-2014-8099
      - CVE-2014-8100
      - CVE-2014-8101
      - CVE-2014-8102
      - CVE-2014-8103
   -- Marc Deslauriers <email address hidden> Sat, 06 Dec 2014 10:28:55 -0500

  CVE-2014-8091 	denial of service due to unchecked malloc in client authentication
  CVE-2014-8092 	intger overflows in X11 core protocol requests
  CVE-2014-8093 	integer overflows in GLX extension
  CVE-2014-8094 	integer overflows in DRI2 extensions
  CVE-2014-8095 	out of bounds access in XInput extensions
  CVE-2014-8096 	out of bounds access in XC-MISC extension
  CVE-2014-8097 	out of bounds access in DBE extension
  CVE-2014-8098 	out of bounds access in GLX extension
  CVE-2014-8099 	out of bounds access in XVideo extension
  CVE-2014-8100 	out of bounds access in Render extension
  CVE-2014-8101 	out of bounds access in RandR extension
  CVE-2014-8102 	out of bounds access in XFixes extension
  CVE-2014-8103 	out of bounds access in DRI3 & Present extensions
   
  and other Xorg deps

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1402551/+subscriptions


References