[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#827340: linux: CVE-2010-5321 memory leak in videobuf on multiple calls to mmap()

Package: src:linux
Version: 3.2.78-1
Severity: minor
Tags: security

In 2010 an issue with the linux kernel implementation of v4l was
discovered and reported to RedHat as
<URL: https://bugzilla.redhat.com/show_bug.cgi?id=620629 >.  It was
assigned a CVE last year in
<URL: http://www.openwall.com/lists/oss-security/2015/02/08/4 > and is
still unsolved as far as I can tell.

If I understand the issue correctly, a user with access to /dev/video
can cause the kernel to leak memory and eventually run out of memory by
doing repeated calls to mmap().  In other words, users with video group
membership can bring down the machine.

According to
<URL: https://security-tracker.debian.org/tracker/CVE-2010-5321 > the
issue is present in Wheezy and onwards.  It is probably present in
earlier versions too.  I picked the kernel version number used in wheezy
for this report.

I noticed this issue, as it is the oldest non-fixed CVE number reported
by debsecan on my laptop, and decided it was time to track its progress
in a bug report.

-- 
Happy hacking
Petter Reinholdtsen
Reply to: