7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.7%
When used in a setuid or setgid application, libvdpau/lib32-libvdpau allows
local users to gain privileges via unspecified vectors, related to the
VDPAU_DRIVER_PATH environment variable.
Directory traversal vulnerability in dlopen in libvdpau/lib32/libvdpau allows
local users to gain privileges via the VDPAU_DRIVER environment variable.
The trace functionality in libvdpau/lib32-libvdpau, when used in a setuid or
setgid application, allows local users to write to arbitrary files via
unspecified vectors.
cgit.freedesktop.org/~aplattner/libvdpau/commit/?id=d1f9c16b1a8187110e501c9116d21ffee25c0ba4
lists.x.org/archives/xorg-announce/2015-August/002630.html
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5198
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5199
web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5200