116 matches found
SUSE CVE-2013-1928
The dovideosetspupalette function in fs/compatioctl.c in the Linux kernel before 3.6.5 on unspecified architectures lacks a certain error check, which might allow local users to obtain sensitive information from kernel stack memory via a crafted VIDEOSETSPUPALETTE ioctl call on a /dev/dvb device...
SUSE CVE-2019-18675
The Linux kernel through 5.3.13 has a startoffset+size Integer Overflow in cpia2remapbuffer in drivers/media/usb/cpia2/cpia2core.c because cpia2 has its own mmap implementation. This allows local users with /dev/video0 access to obtain read and write permissions on kernel physical pages, which ca...
SUSE CVE-2019-18683
An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during...
GSD-2022-1003222 video: fbdev: pxa3xx-gcu: release the resources correctly in pxa3xx_gcu_probe/remove()
video: fbdev: pxa3xx-gcu: release the resources correctly in pxa3xxgcuprobe/remove This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.47 by...
CVE-2022-30563
When an attacker uses a man-in-the-middle attack to sniff the request packets with success logging in through ONVIF, he can log in to the device by replaying the user's login packet...
Castel NextGen DVR Cross-Site Request Forgery Vulnerability
Castel NextGen DVR is a network video device. A cross-site request forgery vulnerability exists in Castel NextGen DVR v1.0.0. The vulnerability stems from a WEB application that does not adequately validate that a request is coming from a trusted user. An attacker could use this vulnerability to...
Castel NextGen DVR Management Feature Elevation of Privilege Vulnerability
Castel NextGen DVR is a network video device. A security vulnerability exists in the Castel NextGen DVR management feature that allows a remote attacker can exploit the vulnerability to submit a special request that can elevate privileges and gain administrator privileges...
DEBIAN-CVE-2019-18675
The Linux kernel through 5.3.13 has a startoffset+size Integer Overflow in cpia2remapbuffer in drivers/media/usb/cpia2/cpia2core.c because cpia2 has its own mmap implementation. This allows local users with /dev/video0 access to obtain read and write permissions on kernel physical pages, which ca...
UBUNTU-CVE-2019-18675
The Linux kernel through 5.3.13 has a startoffset+size Integer Overflow in cpia2remapbuffer in drivers/media/usb/cpia2/cpia2core.c because cpia2 has its own mmap implementation. This allows local users with /dev/video0 access to obtain read and write permissions on kernel physical pages, which ca...
DEBIAN-CVE-2019-18683
An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during...
UBUNTU-CVE-2019-18683
An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. There are multiple race conditions during...
DEBIAN-CVE-2010-5321
Memory leak in drivers/media/video/videobuf-core.c in the videobuf subsystem in the Linux kernel 2.6.x through 4.x allows local users to cause a denial of service memory consumption by leveraging /dev/video access for a series of mmap calls that require new allocations, a different vulnerability...
PT-2017-4905 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions 2.6.x through 4.x Description: The issue is a memory leak in the videobuf subsystem, specifically in the drivers/media/video/videobuf-core.c file. This allows local users to cause a denial of service by consuming memory...
Remote Command Execution Vulnerability in the $format Parameter of the Video Device System of Clearstream Xun (Beijing) Technology Co.
StreamOcean, Inc. is the world's leading high-technology company dedicated to delivering high-definition interactive video over the Internet, with its fully independent intellectual property rights in the StreamOcean Video Delivery Network SOVDN, which provides the infrastructure for full video...
UBUNTU-CVE-2016-4568
drivers/media/v4l2-core/videobuf2-v4l2.c in the Linux kernel before 4.5.3 allows local users to cause a denial of service kernel memory write operation or possibly have unspecified other impact via a crafted number of planes in a VIDIOCDQBUF ioctl call...
Kernel: information leak in fs/compat_ioctl.c VIDEO_SET_SPU_PALETTE
The dovideosetspupalette function in fs/compatioctl.c in the Linux kernel before 3.6.5 on unspecified architectures lacks a certain error check, which might allow local users to obtain sensitive information from kernel stack memory via a crafted VIDEOSETSPUPALETTE ioctl call on a /dev/dvb device...