VDB

GCVE-110-MAGEIA-2014-103

GCVE-110-MAGEIA-2014-103
Advisory Published
Vulnetix · Advisory published February 26, 2014
This kernel update provides an update to the upstream stable 3.12.13 maintenance release and fixes the following security issues: A flaw was found in the way cifs handled iovecs with bogus pointers userland passed down via writev() during uncached writes. An unprivileged local user with access to cifs share could use this flaw to crash the system or leak kernel memory. Privilege escalation cannot be ruled out (since memory corruption is involved), but is unlikely. (CVE-2014-0069) Linux kernel build with the NFS file system(CONFIG_NFS_FS) along with the support for NFSv4 protocol(CONFIG_NFS_V4) is vulnerable to an information leakage flaw. It could occur while writing to a file wherein NFS server has offered write delegation to the client. Such delegation allows NFS client to perform the said operation locally without instant interaction with the server. A user/program could use this flaw to at least leak kernel memory bytes. (CVE-2014-2038) This update also enables MEMCG on server kernels (mga#12629) For other changes, see the referenced changelogs.

Affected Products

VendorProductVersionsPlatforms
Mageiakmod-xtables-addons0 (affected), 2.3-43.mga4 (unaffected), 0 (affected), 2.3-43.mga4 (unaffected)
Mageiagzip1.6-3.1.mga4 (unaffected), 0 (affected)
Mageiakmod-vboxadditions0 (affected), 4.3.6-11.mga4 (unaffected), 0 (affected), 4.3.6-11.mga4 (unaffected)
Mageiakernel-userspace-headers0 (affected), 3.12.13-2.mga4 (unaffected), 3.12.13-2.mga4 (unaffected), 0 (affected)
Mageiakmod-nvidia1730 (affected), 173.14.39-13.mga4.nonfree (unaffected), 0 (affected), 173.14.39-13.mga4.nonfree (unaffected)
Mageiakmod-virtualbox0 (affected), 4.3.6-11.mga4 (unaffected), 0 (affected), 4.3.6-11.mga4 (unaffected)
Mageiakmod-nvidia3040 (affected), 304.119-5.mga4.nonfree (unaffected), 0 (affected), 304.119-5.mga4.nonfree (unaffected)
Mageiakernel0 (affected), 3.12.13-2.mga4 (unaffected), 0 (affected), 3.12.13-2.mga4 (unaffected)
Mageiakmod-fglrx0 (affected), 13.251-12.mga4.nonfree (unaffected), 0 (affected), 13.251-12.mga4.nonfree (unaffected)
Mageiakmod-broadcom-wl6.30.223.141-27.mga4.nonfree (unaffected), 0 (affected), 0 (affected), 6.30.223.141-27.mga4.nonfree (unaffected)

Browse GCVE Records

73,161 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›