kernel: v4l2: disabled memory access protection mechanism allowing privilege escalation

🗓️ 10 Apr 2018 09:01:12Reported by RedHatType

redhat

redhat🔗 access.redhat.com👁 6 Views

Kernel v4l2 ioctl bug disables memory protection, enabling userspace to overwrite kernel memory.

Reporter	Title	Published	Views	Family All 358
IBM Security Bulletins	Security Bulletin: IBM QRadar Network Security is affected by Linux kernel vulnerabilities	25 Jul 201814:35	–	ibm
Android Security Bulletins	Pixel&hairsp;/&hairsp;Nexus Security Bulletin—December 2017Stay organized with collectionsSave and categorize content based on your preferences.	4 Dec 201700:00	–	androidsecurity
Tenable Nessus	CentOS 7 : kernel (CESA-2018:1062)	27 Apr 201800:00	–	nessus
Tenable Nessus	CentOS 6 : kernel (CESA-2018:1319) (Meltdown)	10 May 201800:00	–	nessus
Tenable Nessus	Debian DLA-1369-1 : linux security update (Spectre)	3 May 201800:00	–	nessus
Tenable Nessus	Debian DSA-4120-1 : linux - security update (Meltdown) (Spectre)	23 Feb 201800:00	–	nessus
Tenable Nessus	Debian DSA-4187-1 : linux - security update (Spectre)	2 May 201800:00	–	nessus
Tenable Nessus	EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1514)	13 May 201900:00	–	nessus
Tenable Nessus	EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1539)	14 May 201900:00	–	nessus
Tenable Nessus	MiracleLinux 4 : kernel-2.6.32-696.28.1.el6 (AXSA:2018-3099:04)	16 Jan 202600:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Red Hat Enterprise Linux	7	x86_64	kernel-rt	0:3.10.0-862.rt56.804.el7	kernel-rt-0:3.10.0-862.rt56.804.el7.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	kernel-rt-debug	0:3.10.0-862.rt56.804.el7	kernel-rt-debug-0:3.10.0-862.rt56.804.el7.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	kernel-rt-debug-debuginfo	0:3.10.0-862.rt56.804.el7	kernel-rt-debug-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	kernel-rt-debug-devel	0:3.10.0-862.rt56.804.el7	kernel-rt-debug-devel-0:3.10.0-862.rt56.804.el7.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	kernel-rt-debug-kvm	0:3.10.0-862.rt56.804.el7	kernel-rt-debug-kvm-0:3.10.0-862.rt56.804.el7.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	kernel-rt-debug-kvm-debuginfo	0:3.10.0-862.rt56.804.el7	kernel-rt-debug-kvm-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	kernel-rt-debuginfo	0:3.10.0-862.rt56.804.el7	kernel-rt-debuginfo-0:3.10.0-862.rt56.804.el7.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	kernel-rt-debuginfo-common-x86_64	0:3.10.0-862.rt56.804.el7	kernel-rt-debuginfo-common-x86_64-0:3.10.0-862.rt56.804.el7.x86_64.rpm
Red Hat Enterprise Linux	7	x86_64	kernel-rt-devel	0:3.10.0-862.rt56.804.el7	kernel-rt-devel-0:3.10.0-862.rt56.804.el7.x86_64.rpm
Red Hat Enterprise Linux	7	any	kernel-rt-doc	0:3.10.0-862.rt56.804.el7.noarch	kernel-rt-doc-0:3.10.0-862.rt56.804.el7.noarch.noarch.rpm

Source	Link
access	www.access.redhat.com/security/cve/CVE-2017-13166
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
nvd	www.nvd.nist.gov/vuln/detail/CVE-2017-13166
cve	www.cve.org/CVERecord

28 Jun 2026 12:31Current

7High risk

Vulners AI Score7

CVSS 24.6

CVSS 37.8

EPSS0.00357

kernel memory v4l2 driver ioctl bug memory protection unprivileged user privilege escalation linux kernel