6.3 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:N/I:C/A:C
0.0004 Low
EPSS
Percentile
5.3%
Package : libvdpau
Version : 0.4.1-2+deb6u1
CVE ID : CVE-2015-5198 CVE-2015-5199 CVE-2015-5200
Debian Bug : 797895
Florian Weimer of Red Hat Product Security discovered that libvdpau, the
VDPAU wrapper library, did not properly validate environment variables,
allowing local attackers to gain additional privileges.
For Debian 6 "Squeeze", these problems have been fixed in libvdpau
version 0.4.1-2+deb6u1. See DSA 3355-1 for information on other Debian
releases.
We recommend that you upgrade your libvdpau packages.
Learn more about the Debian Long Term Support (LTS) Project and how to
apply these updates at: https://wiki.debian.org/LTS/
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 8 | amd64 | libvdpau1-dbg | < 0.8-3+deb8u1 | libvdpau1-dbg_0.8-3+deb8u1_amd64.deb |
Debian | 8 | armel | libvdpau-dev | < 0.8-3+deb8u1 | libvdpau-dev_0.8-3+deb8u1_armel.deb |
Debian | 8 | armel | libvdpau1-dbg | < 0.8-3+deb8u1 | libvdpau1-dbg_0.8-3+deb8u1_armel.deb |
Debian | 8 | i386 | libvdpau1-dbg | < 0.8-3+deb8u1 | libvdpau1-dbg_0.8-3+deb8u1_i386.deb |
Debian | 8 | kfreebsd-amd64 | libvdpau1-dbg | < 0.8-3+deb8u1 | libvdpau1-dbg_0.8-3+deb8u1_kfreebsd-amd64.deb |
Debian | 8 | ppc64el | libvdpau-dev | < 0.8-3+deb8u1 | libvdpau-dev_0.8-3+deb8u1_ppc64el.deb |
Debian | 6 | i386 | libvdpau1 | < 0.4.1-2+deb6u1 | libvdpau1_0.4.1-2+deb6u1_i386.deb |
Debian | 8 | amd64 | libvdpau1 | < 0.8-3+deb8u1 | libvdpau1_0.8-3+deb8u1_amd64.deb |
Debian | 8 | arm64 | libvdpau-dev | < 0.8-3+deb8u1 | libvdpau-dev_0.8-3+deb8u1_arm64.deb |
Debian | 7 | mipsel | libvdpau-dev | < 0.4.1-7+deb7u1 | libvdpau-dev_0.4.1-7+deb7u1_mipsel.deb |