VDB
GCVE-110-MAGEIA-2014-43
GCVE-110-MAGEIA-2014-43
Advisory Published
This kernel update provides an update to the 3.10 longterm branch,
currently 3.10.28 and fixes the following security issues:
The ath9k_htc_set_bssid_mask function in
drivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through
3.12 uses a BSSID masking approach to determine the set of MAC addresses
on which a Wi-Fi device is listening, which allows remote attackers to
discover the original MAC address after spoofing by sending a series of
packets to MAC addresses with certain bit manipulations. (CVE-2013-4579)
Array index error in the kvm_vm_ioctl_create_vcpu function in
virt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through
3.12.5 allows local users to gain privileges via a large id value
(CVE-2013-4587)
The apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem
in the Linux kernel through 3.12.5 allows guest OS users to cause a denial
of service (divide-by-zero error and host OS crash) via crafted
modifications of the TMICT value. (CVE-2013-6367)
The KVM subsystem in the Linux kernel through 3.12.5 allows local users to
gain privileges or cause a denial of service (system crash) via a VAPIC
synchronization operation involving a page-end address. (CVE-2013-6368)
The recalculate_apic_map function in arch/x86/kvm/lapic.c in the KVM
subsystem in the Linux kernel through 3.12.5 allows guest OS users to
cause a denial of service (host OS crash) via a crafted ICR write
operation in x2apic mode. (CVE-2013-6376)
Multiple buffer underflows in the XFS implementation in the Linux kernel
through 3.12.1 allow local users to cause a denial of service (memory
corruption) or possibly have unspecified other impact by leveraging the
CAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2)
XFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value,
related to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c
and the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c.
(CVE-2013-6382)
Pageexec reported a bug in the Linux kernel's recvmmsg syscall when called
from code using the x32 ABI. An unprivileged local user could exploit this
flaw to cause a denial of service (system crash) or gain administrator
privileges (CVE-2014-0038)
Faults during task-switch due to unhandled FPU-exceptions allow to
kill processes at random on all affected kernels, resulting in local
DOS in the end. One some architectures, privilege escalation under
non-common circumstances is possible. (CVE-2014-1438)
The hamradio yam_ioctl() code fails to initialise the cmd field of the
struct yamdrv_ioctl_cfg leading to a 4-byte info leak. (CVE-2014-1446)
Linux kernel built with the NetFilter Connection Tracking(NF_CONNTRACK)
support for IRC protocol(NF_NAT_IRC), is vulnerable to an information
leakage flaw. It could occur when communicating over direct
client-to-client IRC connection(/dcc) via a NAT-ed network. Kernel
attempts to mangle IRC TCP packet's content, wherein an uninitialised
'buffer' object is copied to a socket buffer and sent over to the other
end of a connection. (CVE-2014-1690)
For other changes, see the referenced changelogs:
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | mate-session-manager | 1.6.1-6.1.mga4 (unaffected), 0 (affected) | — |
| Mageia | kernel-linus | 0 (affected), 3.10.28-1.mga3 (unaffected), 0 (affected), 3.10.28-1.mga3 (unaffected) | — |
References
Browse GCVE Records
72,409 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.