Security Advisory

CVE-2010-2963

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2010-11-26 18:23:00

Last updated 2024-08-07 02:55:45

Assigner canonical

State PUBLISHED

Description

drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via a VIDIOCSTUNER ioctl call on a /dev/video device, followed by a VIDIOCSMICROCODE ioctl call on this device.

← Browse all CVEs View on cve.org ↗