CVE-2010-2963

2010-11-26T19:00:00
ID CVE-2010-2963
Type cve
Reporter cve@mitre.org
Modified 2012-03-19T04:00:00

Description

drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via a VIDIOCSTUNER ioctl call on a /dev/video device, followed by a VIDIOCSMICROCODE ioctl call on this device.