VDB
GCVE-110-MAGEIA-2019-278
GCVE-110-MAGEIA-2019-278
Advisory Published
Updated kconfig packages fix security vulnerability:
Dominik Penner discovered that KConfig supported a feature to define shell
command execution in .desktop files. If a user is provided with a malformed
.desktop file (e.g. if it's embedded into a downloaded archive and it gets
opened in a file browser) arbitrary commands could get executed
(CVE-2019-14744).
This update fixes the security issue by removing the shell command feature.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | kconfig | 0 (affected), 5.57.0-1.1.mga7 (unaffected) | — |
| Mageia | kconfig | 0 (affected), 5.42.0-1.1.mga6 (unaffected) | — |
Aliases
Browse GCVE Records
72,148 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.