{"id":"MGASA-2013-0371","summary":"Updated kernel and related packages fix security vulnerabilities","details":"This kernel update provides an update to the 3.10 longterm branch,\ncurrently 3.10.24 and fixes the following security issues:\n\nThe ipv6_create_tempaddr function in net/ipv6/addrconf.c in the Linux\nkernel through 3.10 does not properly handle problems with the generation\nof IPv6 temporary addresses, which allows remote attackers to cause a\ndenial of service (excessive retries and address-generation outage), and\nconsequently obtain sensitive information, via ICMPv6 Router Advertisement\n(RA) messages. (CVE-2013-0343)\n\nnet/ceph/auth_none.c in the Linux kernel through 3.10 allows remote\nattackers to cause a denial of service (NULL pointer dereference and\nsystem crash) or possibly have unspecified other impact via an auth_reply\nmessage that triggers an attempted build_request operation.\n(CVE-2013-1059)\n\nThe dispatch_discard_io function in drivers/block/xen-blkback/blkback.c in\nthe Xen blkback implementation in the Linux kernel before 3.10.5 allows\nguest OS users to cause a denial of service (data loss) via filesystem\nwrite operations on a read-only disk that supports the (1) \nBLKIF_OP_DISCARD (aka discard or TRIM) or (2) SCSI UNMAP feature.\n(CVE-2013-2140)\n\nThe HP Smart Array controller disk-array driver and Compaq SMART2\ncontroller disk-array driver in the Linux kernel through 3.9.4 do not\ninitialize certain data structures, which allows local users to obtain\nsensitive information from kernel memory via (1) a crafted IDAGETPCIINFO\ncommand for a /dev/ida device, related to the ida_locked_ioctl function in\ndrivers/block/cpqarray.c or (2) a crafted CCISS_PASSTHRU32 command for a\n/dev/cciss device, related to the cciss_ioctl32_passthru function in\ndrivers/block/cciss.c. (CVE-2013-2147)\n\nFormat string vulnerability in the register_disk function in block/genhd.c\nin the Linux kernel through 3.9.4 allows local users to gain privileges by\nleveraging root access and writing format string specifiers to\n/sys/module/md_mod/parameters/new_array in order to create a crafted\n/dev/md device name. (CVE-2013-2851)\n\nMultiple array index errors in drivers/hid/hid-core.c in the Human\nInterface Device (HID) subsystem in the Linux kernel through 3.11\nallow physically proximate attackers to execute arbitrary code or\ncause a denial of service (heap memory corruption) via a crafted\ndevice that provides an invalid Report ID (CVE-2013-2888).\n\ndrivers/hid/hid-zpff.c in the Human Interface Device (HID) subsystem\nin the Linux kernel through 3.11, when CONFIG_HID_ZEROPLUS is enabled,\nallows physically proximate attackers to cause a denial of service\n(heap-based out-of-bounds write) via a crafted device (CVE-2013-2889).\n\ndrivers/hid/hid-steelseries.c in the Human Interface Device (HID)\nsubsystem in the Linux kernel through 3.11, when CONFIG_HID_STEELSERIES is\nenabled, allows physically proximate attackers to cause a denial of\nservice (heap-based out-of-bounds write) via a crafted device.\n(CVE-2013-2891)\n\ndrivers/hid/hid-pl.c in the Human Interface Device (HID) subsystem in\nthe Linux kernel through 3.11, when CONFIG_HID_PANTHERLORD is enabled,\nallows physically proximate attackers to cause a denial of service\n(heap-based out-of-bounds write) via a crafted device (CVE-2013-2892).\n\nThe Human Interface Device (HID) subsystem in the Linux kernel\nthrough 3.11, when CONFIG_LOGITECH_FF, CONFIG_LOGIG940_FF, or\nCONFIG_LOGIWHEELS_FF is enabled, allows physically proximate\nattackers to cause a denial of service (heap-based out-of-bounds\nwrite) via a crafted device, related to (1) drivers/hid/hid-lgff.c,\n(2) drivers/hid/hid-lg3ff.c, and (3) drivers/hid/hid-lg4ff.c\n(CVE-2013-2893).\n\ndrivers/hid/hid-lenovo-tpkbd.c in the Human Interface Device (HID)\nsubsystem in the Linux kernel through 3.11, when CONFIG_HID_LENOVO_TPKBD\nis enabled, allows physically proximate attackers to cause a denial of\nservice (heap-based out-of-bounds write) via a crafted device.\n(CVE-2013-2894)\n\ndrivers/hid/hid-logitech-dj.c in the Human Interface Device (HID)\nsubsystem in the Linux kernel through 3.11, when CONFIG_HID_LOGITECH_DJ\nis enabled, allows physically proximate attackers to cause a denial\nof service (NULL pointer dereference and OOPS) or obtain sensitive\ninformation from kernel memory via a crafted device (CVE-2013-2895).\n\ndrivers/hid/hid-ntrig.c in the Human Interface Device (HID)\nsubsystem in the Linux kernel through 3.11, when CONFIG_HID_NTRIG\nis enabled, allows physically proximate attackers to cause a denial\nof service (NULL pointer dereference and OOPS) via a crafted device\n(CVE-2013-2896).\n\nMultiple array index errors in drivers/hid/hid-multitouch.c in the\nHuman Interface Device (HID) subsystem in the Linux kernel through\n3.11, when CONFIG_HID_MULTITOUCH is enabled, allow physically proximate\nattackers to cause a denial of service (heap memory corruption, or NULL\npointer dereference and OOPS) via a crafted device (CVE-2013-2897).\n\ndrivers/hid/hid-sensor-hub.c in the Human Interface Device (HID) subsystem\nin the Linux kernel through 3.11, when CONFIG_HID_SENSOR_HUB is enabled,\nallows physically proximate attackers to obtain sensitive information from\nkernel memory via a crafted device. (CVE-2013-2898)\n\ndrivers/hid/hid-picolcd_core.c in the Human Interface Device (HID)\nsubsystem in the Linux kernel through 3.11, when CONFIG_HID_PICOLCD\nis enabled, allows physically proximate attackers to cause a denial\nof service (NULL pointer dereference and OOPS) via a crafted device\n(CVE-2013-2899).\n\nThe Linux kernel before 3.12.2 does not properly use the get_dumpable\nfunction, which allows local users to bypass intended ptrace restrictions\nor obtain sensitive information from IA64 scratch registers via a crafted\napplication, related to kernel/ptrace.c and arch/ia64/include/asm/processor.h\n(CVE-2013-2929)\n\nThe perf_trace_event_perm function in kernel/trace/trace_event_perf.c in the\nLinux kernel before 3.12.2 does not properly restrict access to the perf\nsubsystem, which allows local users to enable function tracing via a crafted\napplication. (CVE-2013-2930)\n\nThe udp_v6_push_pending_frames function in net/ipv6/udp.c in the IPv6\nimplementation in the Linux kernel through 3.10.3 makes an incorrect\nfunction call for pending data, which allows local users to cause a\ndenial of service (BUG and system crash) via a crafted application that\nuses the UDP_CORK option in a setsockopt system call (CVE-2013-4162).\n\nThe ip6_append_data_mtu function in net/ipv6/ip6_output.c in the IPv6\nimplementation in the Linux kernel through 3.10.3 does not properly\nmaintain information about whether the IPV6_MTU setsockopt option\nhad been specified, which allows local users to cause a denial of\nservice (BUG and system crash) via a crafted application that uses\nthe UDP_CORK option in a setsockopt system call (CVE-2013-4163).\n\nThe validate_event function in arch/arm/kernel/perf_event.c in the\nLinux kernel before 3.10.8 on the ARM platform allows local users to\ngain privileges or cause a denial of service (NULL pointer dereference\nand system crash) by adding a hardware event to an event group led\nby a software event (CVE-2013-4254)\n\nInterpretation conflict in drivers/md/dm-snap-persistent.c in the Linux\nkernel through 3.11.6 allows remote authenticated users to obtain\nsensitive information or modify data via a crafted mapping to a snapshot\nblock device. (CVE-2013-4299)\n\nThe skb_flow_dissect function in net/core/flow_dissector.c in the\nLinux kernel through 3.12 allows remote attackers to cause a denial\nof service (infinite loop) via a small value in the IHL field of a\npacket with IPIP encapsulation (CVE-2013-4348).\n\nThe IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel\nthrough 3.11.1 uses data structures and function calls that do not\ntrigger an intended configuration of IPsec encryption, which allows\nremote attackers to obtain sensitive information by sniffing the\nnetwork (CVE-2013-4350).\n\nnet/ipv6/ip6_output.c in the Linux kernel through 3.11.4 does not\nproperly determine the need for UDP Fragmentation Offload (UFO)\nprocessing of small packets after the UFO queueing of a large packet,\nwhich allows remote attackers to cause a denial of service (memory\ncorruption and system crash) or possibly have unspecified other\nimpact via network traffic that triggers a large response packet\n(CVE-2013-4387).\n\nThe Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is\nenabled, does not properly initialize certain data structures, which\nallows local users to cause a denial of service (memory corruption and\nsystem crash) or possibly gain privileges via a crafted application\nthat uses the UDP_CORK option in a setsockopt system call and\nsends both short and long packets, related to the ip_ufo_append_data\nfunction in net/ipv4/ip_output.c and the ip6_ufo_append_data function\nin net/ipv6/ip6_output.c (CVE-2013-4470).\n\nBuffer overflow in the oz_cdev_write function in\ndrivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows\nlocal users to cause a denial of service or possibly have unspecified\nother impact via a crafted write operation. (CVE-2013-4513)\n\nArray index error in the kvm_vm_ioctl_create_vcpu function in \nvirt/kvm/kvm_main.c in the KVM subsystem in the Linux kernel through\n3.12.5 allows local users to gain privileges via a large id value\n(CVE-2013-4587)\n\nThe apic_get_tmcct function in arch/x86/kvm/lapic.c in the KVM subsystem\nin the Linux kernel through 3.12.5 allows guest OS users to cause a denial\nof service (divide-by-zero error and host OS crash) via crafted\nmodifications of the TMICT value. (CVE-2013-6367)\n\nThe KVM subsystem in the Linux kernel through 3.12.5 allows local users to\ngain privileges or cause a denial of service (system crash) via a VAPIC\nsynchronization operation involving a page-end address.  (CVE-2013-6368)\n\nThe recalculate_apic_map function in arch/x86/kvm/lapic.c in the KVM\nsubsystem  in the Linux kernel through 3.12.5 allows guest OS users to\ncause a denial of service (host OS crash) via a crafted ICR write\noperation in x2apic mode. (CVE-2013-6376)\n\nThe lbs_debugfs_write function in drivers/net/wireless/libertas/debugfs.c\nin the Linux kernel through 3.12.1 allows local users to cause a denial of\nservice (OOPS) by leveraging root privileges for a zero-length write\noperation. (CVE-2013-6378)\n\nThe aac_send_raw_srb function in drivers/scsi/aacraid/commctrl.c in the\nLinux kernel through 3.12.1 does not properly validate a certain size\nvalue, which allows local users to cause a denial of service (invalid\npointer dereference) or possibly have unspecified other impact via an\nFSACTL_SEND_RAW_SRB ioctl call that triggers a crafted SRB command.\n(CVE-2013-6380)\n\nBuffer overflow in the qeth_snmp_command function in \ndrivers/s390/net/qeth_core_main.c in the Linux kernel through 3.12.1\nallows local users to cause a denial of service or possibly have\nunspecified other impact via an  SNMP ioctl call with a length value that\nis incompatible with the command-buffer size. (CVE-2013-6381)\n\nMultiple buffer underflows in the XFS implementation in the Linux kernel\nthrough 3.12.1 allow local users to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact by leveraging the\nCAP_SYS_ADMIN capability for a (1) XFS_IOC_ATTRLIST_BY_HANDLE or (2)\nXFS_IOC_ATTRLIST_BY_HANDLE_32 ioctl call with a crafted length value,\nrelated to the xfs_attrlist_by_handle function in fs/xfs/xfs_ioctl.c\nand the xfs_compat_attrlist_by_handle function in fs/xfs/xfs_ioctl32.c.\n(CVE-2013-6382)\n\nThe aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux\nkernel before 3.11.8 does not require the CAP_SYS_RAWIO capability, which\nallows local users to bypass intended access restrictions via a crafted\nioctl call. (CVE-2013-6383)\n\nOther fixes:\n- xfs: add capability check to free eofblocks ioctl (CVE pending)\n- cpufreq: ondemand: Change the calculation of target frequency\n- ndiswrapper is updated to 1.59\n\nAlso with this update we provide updated graphical drivers,\nfirmwares, tools and apps to provide better support for the\nnew kernel (see the  referenced srpms list for all packages)\n\nFor other -stable fixes, read the referenced changelogs.\n","modified":"2026-04-16T06:26:30.787378048Z","published":"2013-12-17T22:38:56Z","upstream":["CVE-2013-0343","CVE-2013-1059","CVE-2013-2140","CVE-2013-2147","CVE-2013-2851","CVE-2013-2888","CVE-2013-2889","CVE-2013-2891","CVE-2013-2892","CVE-2013-2893","CVE-2013-2894","CVE-2013-2895","CVE-2013-2896","CVE-2013-2897","CVE-2013-2898","CVE-2013-2899","CVE-2013-2929","CVE-2013-2930","CVE-2013-4162","CVE-2013-4163","CVE-2013-4254","CVE-2013-4299","CVE-2013-4348","CVE-2013-4350","CVE-2013-4387","CVE-2013-4470","CVE-2013-4513","CVE-2013-4587","CVE-2013-6367","CVE-2013-6368","CVE-2013-6376","CVE-2013-6378","CVE-2013-6380","CVE-2013-6381","CVE-2013-6382","CVE-2013-6383"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2013-0371.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=11463"},{"type":"WEB","url":"http://kernelnewbies.org/Linux_3.9"},{"type":"WEB","url":"http://kernelnewbies.org/Linux_3.10"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.1"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.2"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.3"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.4"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.5"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.6"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.7"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.8"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.9"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.10"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.11"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.12"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.13"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.14"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.15"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.16"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.17"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.18"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.19"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.20"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.21"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.22"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.23"},{"type":"WEB","url":"https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.24"}],"affected":[{"package":{"name":"btrfs-progs","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/btrfs-progs?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.20-0.rc1.20130705.2.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"drakxtools","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/drakxtools?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"15.54.1-3.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"kernel","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/kernel?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.10.24-2.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"kernel-firmware","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/kernel-firmware?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"20130624-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"kernel-userspace-headers","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/kernel-userspace-headers?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.10.24-2.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"kmod-vboxadditions","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/kmod-vboxadditions?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.2.16-4.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"kmod-virtualbox","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/kmod-virtualbox?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.2.16-4.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"kmod-xtables-addons","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/kmod-xtables-addons?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.3-8.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"ldetect-lst","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/ldetect-lst?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.1.330-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"libdrm","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/libdrm?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4.46-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"mesa","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/mesa?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.1.7-1.1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"x11-driver-video-ati","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/x11-driver-video-ati?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"7.2.0-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"x11-driver-video-intel","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/x11-driver-video-intel?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.21.15-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"x11-driver-video-nouveau","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/x11-driver-video-nouveau?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.0.9-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"xtables-addons","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/xtables-addons?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.3-2.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"broadcom-wl","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/broadcom-wl?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.30.223.141-1.mga3.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"fglrx","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/fglrx?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"13.250.18-0.1.mga3.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"kernel-firmware-nonfree","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/kernel-firmware-nonfree?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"20130624-1.mga3.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"kmod-broadcom-wl","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/kmod-broadcom-wl?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"6.30.223.141-7.mga3.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"kmod-fglrx","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/kmod-fglrx?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"13.250.18-5.mga3.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"kmod-nvidia173","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/kmod-nvidia173?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"173.14.38-24.mga3.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"kmod-nvidia304","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/kmod-nvidia304?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"304.108-9.mga3.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"kmod-nvidia-current","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/kmod-nvidia-current?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"319.60-8.mga3.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"nvidia173","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/nvidia173?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"173.14.38-1.mga3.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"nvidia304","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/nvidia304?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"304.108-2.mga3.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"nvidia-current","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/nvidia-current?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"319.60-1.mga3.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"radeon-firmware","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/radeon-firmware?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"20130626-2.mga3.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}},{"package":{"name":"mesa","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/mesa?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.1.7-1.1.mga3.tainted"}]}],"ecosystem_specific":{"section":"tainted"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0371.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}