Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2010-2963

Опубликовано: 19 окт. 2010
Источник: redhat
CVSS2: 6.2
EPSS Низкий

Описание

drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via a VIDIOCSTUNER ioctl call on a /dev/video device, followed by a VIDIOCSMICROCODE ioctl call on this device.

Отчет

This issue did not affect the versions of the Linux kernel as shipped with Red Hat Enterprise Linux 3 and 4 as they did not include the upstream commit eb4eeccc that introduced the problem. It did not affect Red Hat Enterprise Linux 5 and Red Hat Enterprise MRG as they did not provide support for the Stradis driver that uses the vulnerable compat code for VIDIOCSMICROCODE. As a preventive measure, we have removed the vulnerable code in Red Hat Enterprise Linux 5 via https://rhn.redhat.com/errata/RHSA-2010-0839.html. We plan to remove the vulnerable code in a future kernel update in Red Hat Enterprise MRG.

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=642465kernel: v4l: VIDIOCSMICROCODE arbitrary write

EPSS

Процентиль: 29%
0.00106
Низкий

6.2 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2010-2963

ubuntu
около 15 лет назад

drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via a VIDIOCSTUNER ioctl call on a /dev/video device, followed by a VIDIOCSMICROCODE ioctl call on this device.

nvd логотип

CVE-2010-2963

nvd
около 15 лет назад

drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via a VIDIOCSTUNER ioctl call on a /dev/video device, followed by a VIDIOCSMICROCODE ioctl call on this device.

debian логотип

CVE-2010-2963

debian
около 15 лет назад

drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) imp ...

github логотип

GHSA-7276-wmh7-g227

github
больше 3 лет назад

drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via a VIDIOCSTUNER ioctl call on a /dev/video device, followed by a VIDIOCSMICROCODE ioctl call on this device.

suse-cvrf логотип

SUSE-SU-2015:0652-1

suse-cvrf
больше 13 лет назад

Security update for Kernel

EPSS

Процентиль: 29%
0.00106
Низкий

6.2 Medium

CVSS2

Уязвимость CVE-2010-2963