[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE request: v86d: Failure to validate netlink
From:       Josh Bressers <bressers () redhat ! com>
Date:       2011-02-28 20:53:44
Message-ID: 1926483466.299316.1298926424618.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]

Please use CVE-2011-1070

Thanks.

-- 
    JB


----- Original Message -----
> Versions of the v86d userspace helper for the Linux uvesafb driver
> before 0.1.10 did not verify that received netlink messages were sent
> by the kernel, allowing unprivileged users to manipulate the video
> mode and potentially other consequences.
> 
> v86d executes video BIOS code with access to /dev/mem in response to
> netlink messages, using either vm86 mode or an x86 emulator, depending
> on configuration. I an unclear on whether it is possible to e.g. crash
> the machine or escalate privileges by spoofing requests, or only to
> mess with the video card.
> 
> References:
> http://repo.or.cz/w/v86d.git/commit/f9abfd412639286c3143e93e8ba2c9598dfba640
[prev in list] [next in list] [prev in thread] [next in thread]