MGASA-2014-0265

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2014-0265.html

Import Source

https://advisories.mageia.org/MGASA-2014-0265.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2014-0265

Related

Published

2014-06-18T20:50:01Z

Modified

2014-06-18T20:49:35Z

Summary

Updated kernel packages fixes security vulnerabilities.

Details

Updated kernel packages fixes security vulnerabilities.

The kernel has been updated to the upstream 3.12.21 longterm kernel, and fixes the following security issues:

media-device: fix infoleak in ioctl mediaenumentities() (CVE-2014-1739)

The futexrequeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEXREQUEUE command that facilitates unsafe waiter modification. (CVE-2014-3153)

kernel/auditsc.c in the Linux kernel through 3.14.5, when CONFIGAUDITSYSCALL is enabled with certain syscall rules, allows local users to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS) via a large value of a syscall number. To avoid this and other issues CONFIGAUDITSYSCALL has been disabled. (CVE-2014-3917)

Other changes: iwlwifi: mvm: disable beacon filtering ALSA: hda - Fix onboard audio on Intel H97/Z97 chipsets

For other upstream changes, see the referenced changelog.

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:4 / kmod-broadcom-wl

Package

Name: kmod-broadcom-wl
Purl: pkg:rpm/mageia/kmod-broadcom-wl?distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.30.223.141-32.mga4.nonfree

Ecosystem specific

{
    "section": "nonfree"
}

Mageia:4 / kmod-nvidia173

Package

Name: kmod-nvidia173
Purl: pkg:rpm/mageia/kmod-nvidia173?distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

173.14.39-17.mga4.nonfree

Ecosystem specific

{
    "section": "nonfree"
}

Mageia:4 / kmod-nvidia304

Package

Name: kmod-nvidia304
Purl: pkg:rpm/mageia/kmod-nvidia304?distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

304.119-12.mga4.nonfree

Ecosystem specific

{
    "section": "nonfree"
}

Mageia:4 / kernel

Package

Name: kernel
Purl: pkg:rpm/mageia/kernel?distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.12.21-2.mga4

Ecosystem specific

{
    "section": "core"
}

Mageia:4 / kernel-userspace-headers

Package

Name: kernel-userspace-headers
Purl: pkg:rpm/mageia/kernel-userspace-headers?distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.12.21-2.mga4

Ecosystem specific

{
    "section": "core"
}

Mageia:4 / kmod-vboxadditions

Package

Name: kmod-vboxadditions
Purl: pkg:rpm/mageia/kmod-vboxadditions?distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.3.10-7.mga4

Ecosystem specific

{
    "section": "core"
}

Mageia:4 / kmod-virtualbox

Package

Name: kmod-virtualbox
Purl: pkg:rpm/mageia/kmod-virtualbox?distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.3.10-7.mga4

Ecosystem specific

{
    "section": "core"
}

Mageia:4 / kmod-xtables-addons

Package

Name: kmod-xtables-addons
Purl: pkg:rpm/mageia/kmod-xtables-addons?distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.3-47.mga4

Ecosystem specific

{
    "section": "core"
}