VDB

GCVE-110-MAGEIA-2015-210

GCVE-110-MAGEIA-2015-210
Advisory Published
Vulnetix · Advisory published May 11, 2015
This kernel update is based on upstream -longterm 3.14.41 and fixes the following security issues: net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disallowed port numbers (CVE-2014-8160). The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering use of a 16-bit code segment for emulation of a SYSENTER instruction (CVE-2015-0239). It was found that the Linux kernel's ping socket implementation didn't properly handle socket unhashing during spurious disconnects which could lead to use-after-free flaw. On x86-64 architecture systems, a local user able to create ping sockets could use this flaw to crash the system. On non-x86-64 architecture systems, a local user able to create ping sockets could use this flaw to increase their privileges on the system. Note: By default ping sockets are disabled on the system (net.ipv4.ping_group_range = 1 0) and have to be explicitly enabled by the system administrator for specific user groups in order to exploit this issue (CVE-2015-3636). For other fixes in this update, see the referenced changelogs.

Affected Products

VendorProductVersionsPlatforms
Mageiakmod-xtables-addons0 (affected), 2.5-17.mga4 (unaffected), 0 (affected), 2.5-17.mga4 (unaffected)
Mageiaqjoypad0 (affected), 4.2.1-1.mga5 (unaffected)
Mageiakmod-vboxadditions0 (affected), 4.3.26-7.mga4 (unaffected), 0 (affected), 4.3.26-7.mga4 (unaffected)
Mageiakernel-userspace-headers0 (affected), 3.14.41-1.mga4 (unaffected), 0 (affected), 3.14.41-1.mga4 (unaffected)
Mageiakmod-nvidia1730 (affected), 173.14.39-37.mga4.nonfree (unaffected), 0 (affected), 173.14.39-37.mga4.nonfree (unaffected)
Mageiakmod-nvidia-current0 (affected), 331.113-7.mga4.nonfree (unaffected), 331.113-7.mga4.nonfree (unaffected), 0 (affected)
Mageiakmod-virtualbox0 (affected), 4.3.26-7.mga4 (unaffected), 0 (affected), 4.3.26-7.mga4 (unaffected)
Mageiakmod-nvidia3040 (affected), 304.125-7.mga4.nonfree (unaffected), 0 (affected), 304.125-7.mga4.nonfree (unaffected)
Mageiakernel3.14.41-1.mga4 (unaffected), 0 (affected), 0 (affected), 3.14.41-1.mga4 (unaffected)
Mageiakmod-fglrx0 (affected), 14.010.1006-22.mga4.nonfree (unaffected), 0 (affected), 14.010.1006-22.mga4.nonfree (unaffected)
Mageiakmod-broadcom-wl0 (affected), 0 (affected), 6.30.223.141-52.mga4.nonfree (unaffected), 6.30.223.141-52.mga4.nonfree (unaffected)

Browse GCVE Records

73,053 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›