PT-2019-7248 · Linux+4 · Linux Kernel+4

Publicado

2015-08-12

Atualizado

2020-04-08

CVE-2015-9289

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.1.4

Description A buffer overflow occurs when checking userspace parameters in the drivers/media/dvb-frontends/cx24116.c file. The maximum size for a DiSEqC command is 6, according to the userspace API, but the code allows larger values, such as 23.

Recommendations For versions prior to 4.1.4, update to version 4.1.4 or later to resolve the issue. As a temporary workaround, consider restricting the size of DiSEqC commands to the maximum allowed value of 6 to minimize the risk of exploitation.

Correção

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

ALT-PU-2015-1678

ALT-PU-2015-1849

CESA-2020_1016

CVE-2015-9289

RHSA-2020:1016

RHSA-2020:1070

RHSA-2020_1016

RHSA-2020_1070

SUSE-SU-2019:14157-1

SUSE-SU-2019_14157-1

Produtos afetados

Alt Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2019-7248 · Linux+4 · Linux Kernel+4

CVE-2015-9289

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 39