[SECURITY] [DLA 2246-1] xawtv security update

2020-06-1212:59:32

lists.debian.org

3.6 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:P/A:N

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

4.5 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Package : xawtv
Version : 3.103-3+deb8u1
CVE ID : CVE-2020-13696
Debian Bug : 962221

An issue was discovered in LinuxTV xawtv before 3.107. The function
dev_open() in v4l-conf.c does not perform sufficient checks to
prevent an unprivileged caller of the program from opening unintended
filesystem paths. This allows a local attacker with access to the
v4l-conf setuid-root program to test for the existence of arbitrary
files and to trigger an open on arbitrary files with mode O_RDWR.
To achieve this, relative path components need to be added to the
device path, as demonstrated by a
v4l-conf -c /dev/…/root/.bash_history command.

For Debian 8 "Jessie", this problem has been fixed in version
3.103-3+deb8u1.

We recommend that you upgrade your xawtv packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Best,
Utkarsh

OSVersionArchitecturePackageVersionFilename
Debian8i386xawtv-plugins< 3.103-3+deb8u1xawtv-plugins_3.103-3+deb8u1_i386.deb
Debian8i386radio< 3.103-3+deb8u1radio_3.103-3+deb8u1_i386.deb
Debian8armhffbtv< 3.103-3+deb8u1fbtv_3.103-3+deb8u1_armhf.deb
Debian8armhfxawtv-plugins< 3.103-3+deb8u1xawtv-plugins_3.103-3+deb8u1_armhf.deb
Debian8amd64alevtd< 3.103-3+deb8u1alevtd_3.103-3+deb8u1_amd64.deb
Debian8armelstreamer< 3.103-3+deb8u1streamer_3.103-3+deb8u1_armel.deb
Debian8i386pia< 3.103-3+deb8u1pia_3.103-3+deb8u1_i386.deb
Debian8i386ttv< 3.103-3+deb8u1ttv_3.103-3+deb8u1_i386.deb
Debian8amd64xawtv-dbg< 3.103-3+deb8u1xawtv-dbg_3.103-3+deb8u1_amd64.deb
Debian8armhfxawtv-dbg< 3.103-3+deb8u1xawtv-dbg_3.103-3+deb8u1_armhf.deb

OS	Version	Architecture	Package	Version	Filename
Debian	8	i386	xawtv-plugins	< 3.103-3+deb8u1	xawtv-plugins_3.103-3+deb8u1_i386.deb
Debian	8	i386	radio	< 3.103-3+deb8u1	radio_3.103-3+deb8u1_i386.deb
Debian	8	armhf	fbtv	< 3.103-3+deb8u1	fbtv_3.103-3+deb8u1_armhf.deb
Debian	8	armhf	xawtv-plugins	< 3.103-3+deb8u1	xawtv-plugins_3.103-3+deb8u1_armhf.deb
Debian	8	amd64	alevtd	< 3.103-3+deb8u1	alevtd_3.103-3+deb8u1_amd64.deb
Debian	8	armel	streamer	< 3.103-3+deb8u1	streamer_3.103-3+deb8u1_armel.deb
Debian	8	i386	pia	< 3.103-3+deb8u1	pia_3.103-3+deb8u1_i386.deb
Debian	8	i386	ttv	< 3.103-3+deb8u1	ttv_3.103-3+deb8u1_i386.deb
Debian	8	amd64	xawtv-dbg	< 3.103-3+deb8u1	xawtv-dbg_3.103-3+deb8u1_amd64.deb
Debian	8	armhf	xawtv-dbg	< 3.103-3+deb8u1	xawtv-dbg_3.103-3+deb8u1_armhf.deb