QwikSec

Security Database

CVE

CWE

Training

CVE-2010-5329

Published: Apr 24, 2017

Modified: Aug 7, 2024

PUBLISHED

Description

The video_usercopy function in drivers/media/video/v4l2-ioctl.c in the Linux kernel before 2.6.39 relies on the count value of a v4l2_ext_controls data structure to determine a kmalloc size, which might allow local users to cause a denial of service (memory consumption) via a large value.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fc0a80798576f80ca10b3f6c9c7097f12fd1d64e

x_refsource_MISC

vdb-entry

x_refsource_BID

https://github.com/torvalds/linux/commit/fc0a80798576f80ca10b3f6c9c7097f12fd1d64e

x_refsource_MISC

[oss-security] 20150208 Re: kernel: v4l: videobuf: hotfix a bug on multiple calls to mmap() - Linux kernel

mailing-list

x_refsource_MLIST

http://linuxtv.org/irc/v4l/index.php?date=2010-07-29

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.