VDB
GCVE-110-MAGEIA-2014-175
GCVE-110-MAGEIA-2014-175
Advisory Published
Updated json-c packages fix security vulnerabilities:
Florian Weimer reported that the printbuf APIs used in the json-c library used
ints for counting buffer lengths, which is inappropriate for 32bit
architectures. These functions need to be changed to using size_t if possible
for sizes, or to be hardened against negative values if not. This could be
used to cause a denial of service in an application linked to the json-c
library (CVE-2013-6370).
Florian Weimer reported that the hash function in the json-c library was weak,
and that parsing smallish JSON strings showed quadratic timing behaviour.
This could cause an application linked to the json-c library, and that
processes some specially-crafted JSON data, to use excessive amounts of CPU
(CVE-2013-6371).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | kmod-xtables-addons | 0 (affected), 2.5-3.mga4 (unaffected) | — |
| Mageia | radeon-firmware | 0 (affected), 20140828-1.mga4.nonfree (unaffected) | — |
| Mageia | nvidia304 | 0 (affected), 304.121-1.mga4.nonfree (unaffected) | — |
| Mageia | json-c | 0 (affected), 0.11-3.1.mga4 (unaffected), 0 (affected), 0.11-3.1.mga4 (unaffected) | — |
| Mageia | kernel-userspace-headers | 0 (affected), 3.14.18-3.mga4 (unaffected) | — |
| Mageia | kmod-nvidia173 | 0 (affected), 173.14.39-23.mga4.nonfree (unaffected) | — |
| Mageia | nvidia173 | 173.14.39-2.mga4.nonfree (unaffected), 0 (affected) | — |
| Mageia | kernel-firmware-nonfree | 0 (affected), 20140828-1.mga4.nonfree (unaffected) | — |
| Mageia | json-c | 0 (affected), 0.11-1.mga3 (unaffected), 0 (affected), 0.11-1.mga3 (unaffected) | — |
| Mageia | kmod-nvidia-current | 0 (affected), 331.79-8.mga4.nonfree (unaffected) | — |
| Mageia | xtables-addons | 0 (affected), 2.5-1.mga4 (unaffected) | — |
| Mageia | kmod-nvidia304 | 0 (affected), 304.121-3.mga4.nonfree (unaffected) | — |
| Mageia | kernel | 0 (affected), 3.14.18-3.mga4 (unaffected) | — |
| Mageia | iproute2 | 0 (affected), 3.14.0-1.mga4 (unaffected) | — |
| Mageia | kmod-fglrx | 0 (affected), 14.010.1006-8.mga4.nonfree (unaffected) | — |
| Mageia | btrfs-progs | 0 (affected), 3.14.2-1.mga4 (unaffected) | — |
| Mageia | kmod-broadcom-wl | 6.30.223.141-38.mga4.nonfree (unaffected), 0 (affected) | — |
References
Browse GCVE Records
73,161 records in the GCVE database · Updated July 16, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.