VDB

GCVE-110-MAGEIA-2015-176

GCVE-110-MAGEIA-2015-176
Advisory Published
Vulnetix · Advisory published May 3, 2015
Updated directfb packages fix security vulnerabilities: Multiple integer signedness errors in the Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers a stack-based buffer overflow (CVE-2014-2977). The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers an out-of-bounds write (CVE-2014-2978).

Affected Products

VendorProductVersionsPlatforms
Mageiatask-obsolete0 (affected), 5-109.1.mga5 (unaffected), 0 (affected), 5-109.1.mga5.tainted (unaffected)
Mageiadirectfb0 (affected), 1.7.0-2.1.mga4 (unaffected), 0 (affected), 1.7.0-2.1.mga4 (unaffected)

Browse GCVE Records

73,442 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›