QwikSec

Security Database

CVE

CWE

Training

CVE-2020-13696

Published: Jun 8, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

An issue was discovered in LinuxTV xawtv before 3.107. The function dev_open() in v4l-conf.c does not perform sufficient checks to prevent an unprivileged caller of the program from opening unintended filesystem paths. This allows a local attacker with access to the v4l-conf setuid-root program to test for the existence of arbitrary files and to trigger an open on arbitrary files with mode O_RDWR. To achieve this, relative path components need to be added to the device path, as demonstrated by a v4l-conf -c /dev/../root/.bash_history command.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://git.linuxtv.org/xawtv3.git/commit/?id=31f31f9cbaee7be806cba38e0ff5431bd44b20a3

x_refsource_MISC

https://git.linuxtv.org/xawtv3.git/commit/?id=36dc44e68e5886339b4a0fbe3f404fb1a4fd2292

x_refsource_MISC

https://git.linuxtv.org/xawtv3.git/commit/?id=8e3feea862db68d3ca0886f46cd99fab45d2db7c

x_refsource_MISC

https://bugzilla.suse.com/show_bug.cgi?id=CVE-2020-13696

x_refsource_MISC

http://www.openwall.com/lists/oss-security/2020/06/04/6

x_refsource_CONFIRM

openSUSE-SU-2020:0784

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2020:0787

vendor-advisory

x_refsource_SUSE

[debian-lts-announce] 20200612 [SECURITY] [DLA 2246-1] xawtv security update

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_UBUNTU

FEDORA-2020-cd5ad916e4

vendor-advisory

x_refsource_FEDORA

FEDORA-2020-93db553bb7

vendor-advisory

x_refsource_FEDORA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.