{"id":"MGASA-2014-0273","summary":"Updated kernel packages fixes security vulnerabilities","details":"The kernel has been updated to the upstream 3.10.44 longterm kernel,\nand fixes the following security issues:\n\nThe Netlink implementation in the Linux kernel through 3.14.1 does not\nprovide a mechanism for authorizing socket operations based on the\nopener of a socket, which allows local users to bypass intended access\nrestrictions and modify network configurations by using a Netlink socket\nfor the (1) stdout or (2) stderr of a setuid program. (CVE-2014-0181)\n\nmedia-device: fix infoleak in ioctl media_enum_entities()\n(CVE-2014-1739)\n\nThe futex_requeue function in kernel/futex.c in the Linux kernel through\n3.14.5 does not ensure that calls have two different futex addresses,\nwhich allows local users to gain privileges via a crafted FUTEX_REQUEUE\ncommand that facilitates unsafe waiter modification. (CVE-2014-3153)\n\nkernel/auditsc.c in the Linux kernel through 3.14.5, when AUDITSYSCALL\nis enabled with certain syscall rules, allows local users to obtain\npotentially sensitive single-bit values from kernel memory or cause a\ndenial of service (OOPS) via a large value of a syscall number.\n(CVE-2014-3917)\n\nAndy Lutomirski has reported a vulnerability in Linux Kernel, which can\nbe exploited by malicious, local users to gain escalated privileges.\nThe vulnerability is caused due to an error related to checking Inode\ncapabilities, which can be exploited to conduct certain actions with\nescalated privileges.\nSuccessful exploitation requires a kernel built with user namespaces\n(USER_NS) enabled. (CVE-2014-4014)\n\nFor other changes, see the referenced changelogs.\n","modified":"2026-01-31T17:31:13.829830Z","published":"2014-06-22T21:13:23Z","related":["CVE-2014-0181","CVE-2014-1739","CVE-2014-3153","CVE-2014-3917","CVE-2014-4014"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0273.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=13487"},{"type":"REPORT","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.41"},{"type":"REPORT","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.42"},{"type":"REPORT","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.43"},{"type":"REPORT","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.44"}],"affected":[{"package":{"name":"kernel","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/kernel?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.10.44-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0273.json"}},{"package":{"name":"kernel-userspace-headers","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/kernel-userspace-headers?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.10.44-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0273.json"}},{"package":{"name":"kmod-vboxadditions","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/kmod-vboxadditions?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.3.10-7.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0273.json"}},{"package":{"name":"kmod-virtualbox","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/kmod-virtualbox?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.3.10-7.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0273.json"}},{"package":{"name":"kmod-xtables-addons","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/kmod-xtables-addons?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.3-17.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0273.json"}},{"package":{"name":"kmod-broadcom-wl","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/kmod-broadcom-wl?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.30.223.141-17.mga3.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0273.json"}},{"package":{"name":"kmod-fglrx","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/kmod-fglrx?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"13.251-7.mga3.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0273.json"}},{"package":{"name":"kmod-nvidia173","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/kmod-nvidia173?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"173.14.38-32.mga3.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0273.json"}},{"package":{"name":"kmod-nvidia304","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/kmod-nvidia304?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"304.108-17.mga3.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0273.json"}},{"package":{"name":"kmod-nvidia-current","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/kmod-nvidia-current?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"319.60-17.mga3.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0273.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}