{"id":"MGASA-2014-0064","summary":"Updated kernel-vserver packages fix security vulnerability","details":"This kernel update provides an update to the 3.10 longterm branch,\ncurrently 3.10.28 and fixes the following security issues:\n\nThe ath9k_htc_set_bssid_mask function in \ndrivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through\n3.12 uses a BSSID masking approach to determine the set of MAC addresses\non which a Wi-Fi device is listening, which allows remote attackers to\ndiscover the original MAC address after spoofing by sending a series of\npackets to MAC addresses with certain bit manipulations. (CVE-2013-4579)\n\nPageexec reported a bug in the Linux kernel's recvmmsg syscall when called\nfrom code using the x32 ABI. An unprivileged local user could exploit this\nflaw to cause a denial of service (system crash) or gain administrator\nprivileges (CVE-2014-0038)\n\nFaults during task-switch due to unhandled FPU-exceptions allow to\nkill processes at random on all affected kernels, resulting in local\nDOS in the end. One some architectures, privilege escalation under\nnon-common circumstances is possible. (CVE-2014-1438)\n\nThe hamradio yam_ioctl() code fails to initialise the cmd field of the\nstruct yamdrv_ioctl_cfg leading to a 4-byte info leak. (CVE-2014-1446)\n\nLinux kernel built with the NetFilter Connection Tracking(NF_CONNTRACK)\nsupport for IRC protocol(NF_NAT_IRC), is vulnerable to an information\nleakage flaw. It could occur when communicating over direct\nclient-to-client IRC connection(/dcc) via a NAT-ed network. Kernel\nattempts to mangle IRC TCP packet's content, wherein an uninitialised\n'buffer' object is copied to a socket buffer and sent over to the other\nend of a connection. (CVE-2014-1690)\n\nFor other changes, see the referenced changelogs\n","modified":"2026-04-16T01:48:49.456384667Z","published":"2014-02-12T22:53:19Z","upstream":["CVE-2013-4579","CVE-2014-0038","CVE-2014-1438","CVE-2014-1446","CVE-2014-1690"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0064.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=12526"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.25"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.26"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.27"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.28"}],"affected":[{"package":{"name":"kernel-vserver","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kernel-vserver?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.10.28-0.vs2.3.6.8.1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0064.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}