Memory corruption

2010-11-2619:00:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

Low

6.2 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:H/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via a VIDIOCSTUNER ioctl call on a /dev/video device, followed by a VIDIOCSMICROCODE ioctl call on this device.

CPENameOperatorVersion
ubuntu_linuxeq10.10
ubuntu_linuxeq9.04
ubuntu_linuxeq9.10
ubuntu_linuxeq8.04
ubuntu_linuxeq10.04
ubuntu_linuxeq6.06
debian_linuxeq5.0
fedoraeq13
linux_kernellt2.6.36
opensuseeq11.2

Name	Operator	Version
ubuntu_linux	eq	10.10
ubuntu_linux	eq	9.04
ubuntu_linux	eq	9.10
ubuntu_linux	eq	8.04
ubuntu_linux	eq	10.04
ubuntu_linux	eq	6.06
debian_linux	eq	5.0
fedora	eq	13
linux_kernel	lt	2.6.36
opensuse	eq	11.2