[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-MGASA-2013-0345":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":48,"duplicates":49,"related":50,"reserved_at":9,"published_at":68,"modified_at":69,"state":9,"summary":70,"references_raw":72,"kevs":153,"epss":9,"epss_history":154,"metrics":155,"affected":156},"MGASA-2013-0345","Updated kernel-rt package fixes security vulnerabilites.\n\nThis kernel-rt update provides the upstream 3.4.69 kernel and fixes the\nfollowing security issues:\n\nThe ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel before\n3.7.3 does not properly handle orphan-list entries for non-journal\nfilesystems, which allows physically proximate attackers to cause a denial\nof service (system hang) via a crafted filesystem on removable media, as\ndemonstrated by the e2fsprogs tests/f_orphan_extents_inode/image.gz test\n(CVE-2013-2015).\n\nMultiple array index errors in drivers/hid/hid-core.c in the Human\nInterface Device (HID) subsystem in the Linux kernel through 3.11 allow\nphysically proximate attackers to execute arbitrary code or cause a\ndenial of service (heap memory corruption) via a crafted device that\nprovides an invalid Report ID (CVE-2013-2888).\n\ndrivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem\nin the Linux kernel through 3.11, when CONFIG_HID_ZEROPLUS is enabled,\nallows physically proximate attackers to cause a denial of service\n(heap-based out-of-bounds write) via a crafted device (CVE-2013-2889).\n\ndrivers/hid/hid-pl.c in the Human Interface Device (HID) subsystem in\nthe Linux kernel through 3.11, when CONFIG_HID_PANTHERLORD is enabled,\nallows physically proximate attackers to cause a denial of service\n(heap-based out-of-bounds write) via a crafted device (CVE-2013-2892).\n\nThe Human Interface Device (HID) subsystem in the Linux kernel\nthrough 3.11, when CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or\nCONFIG_LOGIWHEELS_FF is enabled, allows physically proximate\nattackers to cause a denial of service (heap-based out-of-bounds\nwrite) via a crafted device, related to (1) drivers/hid/hid-lgff.c,\n(2) drivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c\n(CVE-2013-2893).\n\ndrivers/hid/hid-logitech-dj.c in the Human Interface Device (HID)\nsubsystem in the Linux kernel through 3.11, when CONFIG_HID_LOGITECH_DJ\nis enabled, allows physically proximate attackers to cause a denial\nof service (NULL pointer dereference and OOPS) or obtain sensitive\ninformation from kernel memory via a crafted device (CVE-2013-2895).\n\ndrivers/hid/hid-ntrig.c in the Human Interface Device (HID)\nsubsystem in the Linux kernel through 3.11, when CONFIG_HID_NTRIG\nis enabled, allows physically proximate attackers to cause a denial\nof service (NULL pointer dereference and OOPS) via a crafted device\n(CVE-2013-2896).\n\nMultiple array index errors in drivers/hid/hid-multitouch.c in the\nHuman Interface Device (HID) subsystem in the Linux kernel through\n3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate\nattackers to cause a denial of service (heap memory corruption, or NULL\npointer dereference and OOPS) via a crafted device (CVE-2013-2897).\n\ndrivers/hid/hid-picolcd_core.c in the Human Interface Device (HID)\nsubsystem in the Linux kernel through 3.11, when CONFIG_HID_PICOLCD\nis enabled, allows physically proximate attackers to cause a denial\nof service (NULL pointer dereference and OOPS) via a crafted device\n(CVE-2013-2899).\n\nThe udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6\nimplementation in the Linux kernel through 3.10.3 makes an incorrect\nfunction call for pending data, which allows local users to cause a\ndenial of service (BUG and system crash) via a crafted application that\nuses the UDP_CORK option in a setsockopt system call (CVE-2013-4162).\n\nThe ip6_append_data_mtu function in net/ipv6/ip6_output.c in the IPv6\nimplementation in the Linux kernel through 3.10.3 does not properly\nmaintain information about whether the IPV6_MTU setsockopt option\nhad been specified, which allows local users to cause a denial of\nservice (BUG and system crash) via a crafted application that uses\nthe UDP_CORK option in a setsockopt system call (CVE-2013-4163).\n\nThe validate_event function in arch/arm/kernel/perf_event.c in the\nLinux kernel before 3.10.8 on the ARM platform allows local users to\ngain privileges or cause a denial of service (NULL pointer dereference\nand system crash) by adding a hardware event to an event group led\nby a software event (CVE-2013-4254)\n\nThe skb_flow_dissect function in net/core/flow_dissector.c in the\nLinux kernel through 3.12 allows remote attackers to cause a denial\nof service (infinite loop) via a small value in the IHL field of a\npacket with IPIP encapsulation (CVE-2013-4348).\n\nThe IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel\nthrough 3.11.1 uses data structures and function calls that do not\ntrigger an intended configuration of IPsec encryption, which allows\nremote attackers to obtain sensitive information by sniffing the\nnetwork (CVE-2013-4350).\n\nnet/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not\nproperly determine the need for UDP Fragmentation Offload (UFO)\nprocessing of small packets after the UFO queueing of a large packet,\nwhich allows remote attackers to cause a denial of service (memory\ncorruption and system crash) or possibly have unspecified other\nimpact via network traffic that triggers a large response packet\n(CVE-2013-4387).\n\nThe Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is\nenabled, does not properly initialize certain data structures, which\nallows local users to cause a denial of service (memory corruption and\nsystem crash) or possibly gain privileges via a crafted application\nthat uses the UDP_CORK option in a setsockopt system call and\nsends both short and long packets, related to the ip_ufo_append_data\nfunction in net/ipv4/ip_output.c and the ip6_ufo_append_data function\nin net/ipv6/ip6_output.c (CVE-2013-4470).\n\nThe ipc_rcu_putref function in ipc/util.c in the Linux kernel before\n3.10 does not properly manage a reference count, which allows local\nusers to cause a denial of service (memory consumption or system crash)\nvia a crafted application (CVE-2013-4483).\n\nThe -rt patch has been updated to -rt83\n\nFor other -stable fixes, read the referenced changelogs.\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46],{"_key":15},"CVE-2013-2015",{"_key":17},"CVE-2013-2888",{"_key":19},"CVE-2013-2889",{"_key":21},"CVE-2013-2892",{"_key":23},"CVE-2013-2893",{"_key":25},"CVE-2013-2895",{"_key":27},"CVE-2013-2896",{"_key":29},"CVE-2013-2897",{"_key":31},"CVE-2013-2899",{"_key":33},"CVE-2013-4162",{"_key":35},"CVE-2013-4163",{"_key":37},"CVE-2013-4254",{"_key":39},"CVE-2013-4348",{"_key":41},"CVE-2013-4350",{"_key":43},"CVE-2013-4387",{"_key":45},"CVE-2013-4470",{"_key":47},"CVE-2013-4483",[],[],[51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},{"_key":25},{"_key":27},{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},{"_key":43},{"_key":45},{"_key":47},"2013-11-22T19:04:02Z","2026-04-16T06:24:14.831766788Z",{"cisa_kev":71,"cisa_ransomware":71,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[73,79,84,89,93,97,101,105,109,113,117,121,125,129,133,137,141,145,149],{"url":74,"sources":75,"tags":77},"https://advisories.mageia.org/MGASA-2013-0345.html",[76],"osv_mageia",[78],"Advisory",{"url":80,"sources":81,"tags":82},"https://bugs.mageia.org/show_bug.cgi?id=11468",[76],[83],"REPORT",{"url":85,"sources":86,"tags":87},"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.53",[76],[83,88],"WEB",{"url":90,"sources":91,"tags":92},"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.54",[76],[83,88],{"url":94,"sources":95,"tags":96},"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.55",[76],[83,88],{"url":98,"sources":99,"tags":100},"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.56",[76],[83,88],{"url":102,"sources":103,"tags":104},"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.57",[76],[83,88],{"url":106,"sources":107,"tags":108},"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.58",[76],[83,88],{"url":110,"sources":111,"tags":112},"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.59",[76],[83,88],{"url":114,"sources":115,"tags":116},"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.60",[76],[83,88],{"url":118,"sources":119,"tags":120},"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.61",[76],[83,88],{"url":122,"sources":123,"tags":124},"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.62",[76],[83,88],{"url":126,"sources":127,"tags":128},"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.63",[76],[83,88],{"url":130,"sources":131,"tags":132},"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.64",[76],[83,88],{"url":134,"sources":135,"tags":136},"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.65",[76],[83,88],{"url":138,"sources":139,"tags":140},"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.66",[76],[83,88],{"url":142,"sources":143,"tags":144},"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.67",[76],[83,88],{"url":146,"sources":147,"tags":148},"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.68",[76],[83,88],{"url":150,"sources":151,"tags":152},"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.69",[76],[83,88],[],[],[],[157],{"ecosystem":158,"name":159,"vendor":160,"product":159,"cpe_part":9,"purl_type":161,"purl_namespace":160,"purl_name":159,"source":9,"versions":162},"Mageia","kernel-rt","mageia","rpm",[163],{"version":164,"is_range":165,"range_type":166,"version_start":9,"version_start_type":9,"version_end":167,"version_end_type":168,"fixed_in":9},"lt3_4_69_0_rt83_1_mga2",true,"ecosystem","3.4.69-0.rt83.1.mga2","excluding"]