VDB

GCVE-110-MAGEIA-2014-38

GCVE-110-MAGEIA-2014-38
Advisory Published
Vulnetix · Advisory published February 8, 2014
This kernel update provides an update to the 3.10 longterm branch, currently 3.10.28 and fixes the following security issues: The ath9k_htc_set_bssid_mask function in drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through 3.12 uses a BSSID masking approach to determine the set of MAC addresses on which a Wi-Fi device is listening, which allows remote attackers to discover the original MAC address after spoofing by sending a series of packets to MAC addresses with certain bit manipulations. (CVE-2013-4579) Pageexec reported a bug in the Linux kernel's recvmmsg syscall when called from code using the x32 ABI. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or gain administrator privileges (CVE-2014-0038) Faults during task-switch due to unhandled FPU-exceptions allow to kill processes at random on all affected kernels, resulting in local DOS in the end. One some architectures, privilege escalation under non-common circumstances is possible. (CVE-2014-1438) The hamradio yam_ioctl() code fails to initialise the cmd field of the struct yamdrv_ioctl_cfg leading to a 4-byte info leak. (CVE-2014-1446) Linux kernel built with the NetFilter Connection Tracking(NF_CONNTRACK) support for IRC protocol(NF_NAT_IRC), is vulnerable to an information leakage flaw. It could occur when communicating over direct client-to-client IRC connection(/dcc) via a NAT-ed network. Kernel attempts to mangle IRC TCP packet's content, wherein an uninitialised 'buffer' object is copied to a socket buffer and sent over to the other end of a connection. (CVE-2014-1690) It also fixes an issue where some laptops are forced to use vesa driver & No ACPI (mga#6077) For other upstream fixes, see the referenced changelogs. The proprietary fglrx driver has also been updated from Catalyst 13.11-beta6 to Catalyst 13.12 official driver.

Affected Products

VendorProductVersionsPlatforms
Mageiakmod-nvidia1730 (affected), 173.14.38-27.mga3.nonfree (unaffected), 0 (affected), 173.14.38-27.mga3.nonfree (unaffected)
Mageiafglrx13.251-1.mga3.nonfree (unaffected), 0 (affected), 13.251-1.mga3.nonfree (unaffected), 0 (affected)
Mageiakernel0 (affected), 3.10.28-1.mga3 (unaffected), 0 (affected), 3.10.28-1.mga3 (unaffected)
Mageiakmod-fglrx0 (affected), 13.251-3.mga3.nonfree (unaffected), 0 (affected), 13.251-3.mga3.nonfree (unaffected)
Mageiakmod-xtables-addons0 (affected), 2.3-11.mga3 (unaffected), 0 (affected), 2.3-11.mga3 (unaffected)
Mageiakmod-vboxadditions0 (affected), 4.2.16-7.mga3 (unaffected), 0 (affected), 4.2.16-7.mga3 (unaffected)
Mageiakmod-nvidia3040 (affected), 304.108-12.mga3.nonfree (unaffected), 0 (affected), 304.108-12.mga3.nonfree (unaffected)
Mageiakmod-broadcom-wl0 (affected), 0 (affected), 6.30.223.141-10.mga3.nonfree (unaffected), 6.30.223.141-10.mga3.nonfree (unaffected)
Mageiakmod-nvidia-current0 (affected), 319.60-11.mga3.nonfree (unaffected), 0 (affected), 319.60-11.mga3.nonfree (unaffected)
Mageiakernel-userspace-headers0 (affected), 3.10.28-1.mga3 (unaffected), 0 (affected), 3.10.28-1.mga3 (unaffected)
Mageiakmod-virtualbox4.2.16-7.mga3 (unaffected), 0 (affected), 4.2.16-7.mga3 (unaffected), 0 (affected)
Mageiamate-menu-editor0 (affected), 1.6.1-1.mga4 (unaffected)

Browse GCVE Records

73,161 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›