VDB

GCVE-110-MAGEIA-2014-187

GCVE-110-MAGEIA-2014-187
Advisory Published
Vulnetix · Advisory published April 23, 2014
Updated openssl packages fix security vulnerability: A read buffer can be freed even when it still contains data that is used later on, leading to a use-after-free. Given a race condition in a multi-threaded application it may permit an attacker to inject data from one connection into another or cause denial of service (CVE-2010-5298). Also fixed in this update is a potential security issue with detection of the "critical" flag for the TSA extended key usage under certain cases.

Affected Products

VendorProductVersionsPlatforms
Mageiaisodumper0 (affected), 0.25-1.mga4 (unaffected)
Mageiaopenssl1.0.1e-8.4.mga4 (unaffected), 0 (affected), 0 (affected), 1.0.1e-8.4.mga4 (unaffected)
Mageiaopenssl1.0.1e-1.7.mga3 (unaffected), 0 (affected), 0 (affected), 1.0.1e-1.7.mga3 (unaffected)

Browse GCVE Records

73,053 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›