kernel-packages team mailing list archive

Thread
Date
[Bug 1402551] Re: High memory usage of Xorg and kwin after Xorg security updates [nvidia]

To: kernel-packages@xxxxxxxxxxxxxxxxxxx
From: Bernhard <1402551@xxxxxxxxxxxxxxxxxx>
Date: Mon, 15 Dec 2014 14:19:09 -0000
Reply-to: Bug 1402551 <1402551@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
Unfortunately the same problem occurs with kernel 3.2.0-73.108.

Which log files shall I provide?

Sorry, I do not want to grant access/link the pc with launchpad.

** No longer affects: linux (Ubuntu)

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1402551

Title:
  High memory usage of Xorg and kwin after Xorg security updates
  [nvidia]

Status in nvidia-graphics-drivers-304-updates package in Ubuntu:
  Confirmed
Status in nvidia-graphics-drivers-331-updates package in Ubuntu:
  Confirmed
Status in xorg-server package in Ubuntu:
  Confirmed
Status in xorg-server-lts-trusty package in Ubuntu:
  Confirmed

Bug description:
  Hello,

  since the Xorg/nvidia security updates last week, I encounter a problem with growing Xorg and kwin memory usage.
  In one hour the memory consumption is at Xorg ~ 270 MiB and at kwin: 300 MB , so the system responds slowly and scrolling is very slow in in dolphin, kwrite, firefox, etc.
  After several hours the system is so slow, that only a restart helps, and then the growing of memory starts again.

  *** My Tests;

  I tried several nvidia drivers, but without success (from:
  https://launchpad.net/~xorg-
  edgers/+archive/ubuntu/ppa/+index?field.series_filter=precise)

  304.125-0ubuntu0.0.1~xedgers12.04.1 
  331.113-0ubuntu0.0.1~xedgers12.04.1 
  346.22-0ubuntu1~xedgers12.04.1
  (With purging each nvidia driver and fresh installing it)

  *** My configuration;

  Two Kubuntu 12.04.5 PCs with a nvidia card; 
  nvidia driver 331.113-0ubuntu0.0.0.3 and 304.125-0ubuntu0.0.0.1
  One pc with the Trusty Xstack (HWE) with Trusty kernel (3.13.0-43.72~precise1) and the other one with the stock kernel (3.2.0-74-generic #109) and stock xstack.

  
  I use one pc in my office, so it disturbs my work because of the slowness and restarts.

  Thank you for your help!

  Best regards, Bernhard

  
  *** Problematic packages and other Xorg deps

  nvidia-graphics-drivers-331 (331.113-0ubuntu0.0.0.3) precise-security;
  urgency=medium

    [ Alberto Milone ]
    * debian/substvars:
      - Add support for video ABIs up to 19.
    * debian/templates/dkms_nvidia.conf.in:
      - Drop all the patches.
    * SECURITY UPDATE:
      - CVE-2014-8091, CVE-2014-8098, CVE-2014-8298 (LP: #1400673).
   -- Alberto Milone <email address hidden> Tue, 09 Dec 2014 12:10:46 +0100

  CVE-2014-8298 	RESERVED
  CVE-2014-8098 	out of bounds access in GLX extension
  CVE-2014-8091 	denial of service due to unchecked malloc in client authentication

  nvidia-graphics-drivers-304-updates (304.125-0ubuntu0.0.0.1) 
    
  xorg-server-lts-trusty (2:1.15.1-0ubuntu2~precise4) precise-security; urgency=medium

    * SECURITY UPDATE: Dec 2014 security issues - additional fixes
      - debian/patches/CVE-2014-8xxx/003[4567]*.patch: add additional
        fixes not included in original pre-advisory bundle.
   -- Marc Deslauriers <email address hidden> Tue, 09 Dec 2014 17:25:15 -0500
   
  xorg-server-lts-trusty (2:1.15.1-0ubuntu2~precise3) precise-security; urgency=medium

    * SECURITY UPDATE: Dec 2014 protocol handling security issues
      - debian/patches/CVE-2014-8xxx/*.patch: patches from upstream to fix
        a multitude of security issues, including a couple of pre-requisite
        fixes from git.
      - CVE-2014-8091
      - CVE-2014-8092
      - CVE-2014-8093
      - CVE-2014-8094
      - CVE-2014-8095
      - CVE-2014-8096
      - CVE-2014-8097
      - CVE-2014-8098
      - CVE-2014-8099
      - CVE-2014-8100
      - CVE-2014-8101
      - CVE-2014-8102
      - CVE-2014-8103
   -- Marc Deslauriers <email address hidden> Sat, 06 Dec 2014 10:28:55 -0500

  CVE-2014-8091 	denial of service due to unchecked malloc in client authentication
  CVE-2014-8092 	intger overflows in X11 core protocol requests
  CVE-2014-8093 	integer overflows in GLX extension
  CVE-2014-8094 	integer overflows in DRI2 extensions
  CVE-2014-8095 	out of bounds access in XInput extensions
  CVE-2014-8096 	out of bounds access in XC-MISC extension
  CVE-2014-8097 	out of bounds access in DBE extension
  CVE-2014-8098 	out of bounds access in GLX extension
  CVE-2014-8099 	out of bounds access in XVideo extension
  CVE-2014-8100 	out of bounds access in Render extension
  CVE-2014-8101 	out of bounds access in RandR extension
  CVE-2014-8102 	out of bounds access in XFixes extension
  CVE-2014-8103 	out of bounds access in DRI3 & Present extensions
   
  and other Xorg deps

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nvidia-graphics-drivers-304-updates/+bug/1402551/+subscriptions
References

[Bug 1402551] [NEW] High memory usage of Xorg and kwin after Xorg security updates [nvidia]
From: Bernhard, 2014-12-15