{"id":"MGASA-2014-0103","summary":"Updated kernel fixes security vulnerabilities","details":"This kernel update provides an update to the upstream stable 3.12.13\nmaintenance release and fixes the following security issues:\n\nA flaw was found in the way cifs handled iovecs with bogus pointers\nuserland passed down via writev() during uncached writes.\nAn unprivileged local user with access to cifs share could use this flaw\nto crash the system or leak kernel memory. Privilege escalation cannot\nbe ruled out (since memory corruption is involved), but is unlikely.\n(CVE-2014-0069)\n\nLinux kernel build with the NFS file system(CONFIG_NFS_FS) along with the\nsupport for NFSv4 protocol(CONFIG_NFS_V4) is vulnerable to an information\nleakage flaw. It could occur while writing to a file wherein NFS server\nhas offered write delegation to the client. Such delegation allows NFS\nclient to perform the said operation locally without instant interaction\nwith the server.\nA user/program could use this flaw to at least leak kernel memory bytes.\n(CVE-2014-2038)\n\nThis update also enables MEMCG on server kernels (mga#12629)\n\nFor other changes, see the referenced changelogs.\n","modified":"2026-02-02T09:42:35.094401Z","published":"2014-02-26T18:37:33Z","related":["CVE-2014-0069","CVE-2014-2038"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0103.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=12629"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=12850"},{"type":"REPORT","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.10"},{"type":"REPORT","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.11"},{"type":"REPORT","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.12"},{"type":"REPORT","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.13"}],"affected":[{"package":{"name":"kernel","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kernel?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.12.13-2.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0103.json"}},{"package":{"name":"kernel-userspace-headers","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kernel-userspace-headers?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.12.13-2.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0103.json"}},{"package":{"name":"kmod-vboxadditions","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-vboxadditions?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.3.6-11.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0103.json"}},{"package":{"name":"kmod-virtualbox","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-virtualbox?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.3.6-11.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0103.json"}},{"package":{"name":"kmod-xtables-addons","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-xtables-addons?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.3-43.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0103.json"}},{"package":{"name":"kmod-broadcom-wl","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-broadcom-wl?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.30.223.141-27.mga4.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0103.json"}},{"package":{"name":"kmod-fglrx","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-fglrx?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"13.251-12.mga4.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0103.json"}},{"package":{"name":"kmod-nvidia173","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-nvidia173?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"173.14.39-13.mga4.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0103.json"}},{"package":{"name":"kmod-nvidia304","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/kmod-nvidia304?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"304.119-5.mga4.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0103.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}