QwikSec

Security Database

CVE

CWE

Training

CVE-2019-18675

Published: Nov 25, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

The Linux kernel through 5.3.13 has a start_offset+size Integer Overflow in cpia2_remap_buffer in drivers/media/usb/cpia2/cpia2_core.c because cpia2 has its own mmap implementation. This allows local users (with /dev/video0 access) to obtain read and write permissions on kernel physical pages, which can possibly result in a privilege escalation.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/log/drivers/media/usb/cpia2/cpia2_core.c

x_refsource_MISC

https://deshal3v.github.io/blog/kernel-research/mmap_exploitation

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20200103-0001/

x_refsource_CONFIRM

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=be83bbf806822b1b89e0a0f23cd87cddc409e429

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

CVE-2019-18675 - Security Vulnerability | QwikSec