VDB
GCVE-110-MAGEIA-2014-453
GCVE-110-MAGEIA-2014-453
Advisory Published
This kernel update is based on upstream -longterm 3.14.23 and
fixes the following security issues:
The kvm_iommu_map_pages function in virt/kvm/iommu.c in the Linux
kernel through 3.16.1 miscalculates the number of pages during the
handling of a mapping failure, which allows guest OS users to (1)
cause a denial of service (host OS memory corruption) or possibly
have unspecified other impact by triggering a large gfn value or
(2) cause a denial of service (host OS memory consumption) by
triggering a small gfn value that leads to permanently pinned
pages (CVE-2014-3601).
The assoc_array_gc function in the associative-array implementation
in lib/assoc_array.c in the Linux kernel before 3.16.3 does not
properly implement garbage collection, which allows local users to
cause a denial of service (NULL pointer dereference and system
crash) or possibly have unspecified other impact via multiple
"keyctl newring" operations followed by a "keyctl timeout"
operation (CVE-2014-3631).
The pivot_root implementation in fs/namespace.c in the Linux kernel
through 3.17 does not properly interact with certain locations of
a chroot directory, which allows local users to cause a denial of
service (mount-tree loop) via . (dot) values in both arguments to
the pivot_root system call (CVE-2014-7970).
The do_umount function in fs/namespace.c in the Linux kernel
through 3.17 does not require the CAP_SYS_ADMIN capability for
do_remount_sb calls that change the root filesystem to read-only,
which allows local users to cause a denial of service (loss of
writability) by making certain unshare system calls, clearing the
/ MNT_LOCKED flag, and making an MNT_FORCE umount system call
(CVE-2014-7975).
Other fixes:
The X86_SYSFB config option has been disabled as it prevents
proper KMS setup on some systems (mga#13098)
The cpupower default governor has been switched from ondemand to
performance as the intel_pstate driver (used on newer Intel cpus)
does not support ondemand target.
For other fixes included in this update, read the referenced
changelogs.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | kmod-xtables-addons | 0 (affected), 2.5-6.mga4 (unaffected) | — |
| Mageia | rpm-mageia-setup | 0 (affected), 1.197-1.1.mga4 (unaffected) | — |
| Mageia | kernel-userspace-headers | 0 (affected), 3.14.23-1.mga4 (unaffected) | — |
| Mageia | kmod-nvidia173 | 0 (affected), 173.14.39-26.mga4.nonfree (unaffected) | — |
| Mageia | kmod-nvidia-current | 0 (affected), 331.79-11.mga4.nonfree (unaffected) | — |
| Mageia | kernel | 3.14.23-1.mga4 (unaffected), 0 (affected) | — |
| Mageia | kmod-fglrx | 0 (affected), 14.010.1006-11.mga4.nonfree (unaffected) | — |
| Mageia | kmod-broadcom-wl | 0 (affected), 6.30.223.141-41.mga4.nonfree (unaffected) | — |
References
Browse GCVE Records
72,148 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.