[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-MGASA-2014-0045":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":24,"duplicates":25,"related":26,"reserved_at":9,"published_at":32,"modified_at":33,"state":9,"summary":34,"references_raw":36,"kevs":65,"epss":9,"epss_history":66,"metrics":67,"affected":68},"MGASA-2014-0045","Updated kernel-tmb packages fix multiple vulnerabilities\n\nThis kernel update provides an update to the 3.10 longterm branch,\ncurrently 3.10.28 and fixes the following security issues:\n\nThe ath9k_htc_set_bssid_mask function in \ndrivers/net/wireless/ath/ath9k/htc_drv_main.c in the Linux kernel through\n3.12 uses a BSSID masking approach to determine the set of MAC addresses\non which a Wi-Fi device is listening, which allows remote attackers to\ndiscover the original MAC address after spoofing by sending a series of\npackets to MAC addresses with certain bit manipulations. (CVE-2013-4579)\n\nPageexec reported a bug in the Linux kernel's recvmmsg syscall when called\nfrom code using the x32 ABI. An unprivileged local user could exploit this\nflaw to cause a denial of service (system crash) or gain administrator\nprivileges (CVE-2014-0038)\n\nFaults during task-switch due to unhandled FPU-exceptions allow to\nkill processes at random on all affected kernels, resulting in local\nDOS in the end. One some architectures, privilege escalation under\nnon-common circumstances is possible. (CVE-2014-1438)\n\nThe hamradio yam_ioctl() code fails to initialise the cmd field of the\nstruct yamdrv_ioctl_cfg leading to a 4-byte info leak. (CVE-2014-1446)\n\nLinux kernel built with the NetFilter Connection Tracking(NF_CONNTRACK)\nsupport for IRC protocol(NF_NAT_IRC), is vulnerable to an information\nleakage flaw. It could occur when communicating over direct\nclient-to-client IRC connection(/dcc) via a NAT-ed network. Kernel\nattempts to mangle IRC TCP packet's content, wherein an uninitialised\n'buffer' object is copied to a socket buffer and sent over to the other\nend of a connection. (CVE-2014-1690)\n\nFor other changes, see the referenced changelogs:\n",null,[],[],[],[14,16,18,20,22],{"_key":15},"CVE-2013-4579",{"_key":17},"CVE-2014-0038",{"_key":19},"CVE-2014-1438",{"_key":21},"CVE-2014-1446",{"_key":23},"CVE-2014-1690",[],[],[27,28,29,30,31],{"_key":15},{"_key":17},{"_key":19},{"_key":21},{"_key":23},"2014-02-10T20:09:03Z","2026-04-16T06:26:21.215125599Z",{"cisa_kev":35,"cisa_ransomware":35,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[37,43,49,53,57,61],{"url":38,"sources":39,"tags":41},"https://advisories.mageia.org/MGASA-2014-0045.html",[40],"osv_mageia",[42],"Advisory",{"url":44,"sources":45,"tags":46},"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.25",[40],[47,48],"REPORT","WEB",{"url":50,"sources":51,"tags":52},"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.26",[40],[47,48],{"url":54,"sources":55,"tags":56},"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.27",[40],[47,48],{"url":58,"sources":59,"tags":60},"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.28",[40],[47,48],{"url":62,"sources":63,"tags":64},"https://bugs.mageia.org/show_bug.cgi?id=12520",[40],[47],[],[],[],[69],{"ecosystem":70,"name":71,"vendor":72,"product":71,"cpe_part":9,"purl_type":73,"purl_namespace":72,"purl_name":71,"source":9,"versions":74},"Mageia","kernel-tmb","mageia","rpm",[75],{"version":76,"is_range":77,"range_type":78,"version_start":9,"version_start_type":9,"version_end":79,"version_end_type":80,"fixed_in":9},"lt3_10_28_1_mga3",true,"ecosystem","3.10.28-1.mga3","excluding"]