Updated busybox packages fix CVE-2014-9645
Publication date: 27 Jan 2015Modification date: 27 Jan 2015
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-9645
Description
Updated busybox packages fix security vulnerability: The modprobe command in busybox before 1.23.0 uses the basename of the module argument as the module to load, allowing arbitrary modules, even when some kernel subsystems try to prevent this (CVE-2014-9645).
References
SRPMS
4/core
- busybox-1.21.1-3.2.mga4