VDB

GCVE-110-MAGEIA-2014-175

GCVE-110-MAGEIA-2014-175
Advisory Published
Vulnetix · Advisory published April 16, 2014
Updated json-c packages fix security vulnerabilities: Florian Weimer reported that the printbuf APIs used in the json-c library used ints for counting buffer lengths, which is inappropriate for 32bit architectures. These functions need to be changed to using size_t if possible for sizes, or to be hardened against negative values if not. This could be used to cause a denial of service in an application linked to the json-c library (CVE-2013-6370). Florian Weimer reported that the hash function in the json-c library was weak, and that parsing smallish JSON strings showed quadratic timing behaviour. This could cause an application linked to the json-c library, and that processes some specially-crafted JSON data, to use excessive amounts of CPU (CVE-2013-6371).

Affected Products

VendorProductVersionsPlatforms
Mageiakmod-xtables-addons0 (affected), 2.5-3.mga4 (unaffected)
Mageiaradeon-firmware0 (affected), 20140828-1.mga4.nonfree (unaffected)
Mageianvidia3040 (affected), 304.121-1.mga4.nonfree (unaffected)
Mageiajson-c0 (affected), 0.11-3.1.mga4 (unaffected), 0 (affected), 0.11-3.1.mga4 (unaffected)
Mageiakernel-userspace-headers0 (affected), 3.14.18-3.mga4 (unaffected)
Mageiakmod-nvidia1730 (affected), 173.14.39-23.mga4.nonfree (unaffected)
Mageianvidia173173.14.39-2.mga4.nonfree (unaffected), 0 (affected)
Mageiakernel-firmware-nonfree0 (affected), 20140828-1.mga4.nonfree (unaffected)
Mageiajson-c0 (affected), 0.11-1.mga3 (unaffected), 0 (affected), 0.11-1.mga3 (unaffected)
Mageiakmod-nvidia-current0 (affected), 331.79-8.mga4.nonfree (unaffected)
Mageiaxtables-addons0 (affected), 2.5-1.mga4 (unaffected)
Mageiakmod-nvidia3040 (affected), 304.121-3.mga4.nonfree (unaffected)
Mageiakernel0 (affected), 3.14.18-3.mga4 (unaffected)
Mageiaiproute20 (affected), 3.14.0-1.mga4 (unaffected)
Mageiakmod-fglrx0 (affected), 14.010.1006-8.mga4.nonfree (unaffected)
Mageiabtrfs-progs0 (affected), 3.14.2-1.mga4 (unaffected)
Mageiakmod-broadcom-wl6.30.223.141-38.mga4.nonfree (unaffected), 0 (affected)

References

Browse GCVE Records

73,161 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›