Bug#827340: linux: CVE-2010-5321 memory leak in videobuf on multiple calls to mmap()
Control: forwarded -1 https://bugzilla.kernel.org/show_bug.cgi?id=120571
I got some more information on the #v4l IRC channel and decided to
report the issue upstream while I was at it.
<pinchartl> which driver are you using ?
<pere> I guess uvcvideo based on the lsmod output.
<pinchartl> uvcvideo uses videobuf2
<pinchartl> I quickly looked at the videobuf code and the bug seems to
still be present
<pere> easy to fix?
<pinchartl> that I can't tell without a deeper analysis of the code
<pinchartl> it would need to be fixed in four places, as there are four
memory allocator backends for videobuf
<pinchartl> moving drivers to videobuf2 would be much better
<pinchartl> especially the bttv driver
<pinchartl> and if Debian decides to disable the above 11 drivers by
default until they get fixed, I won't complain
<pinchartl> although users might
<pere> what is the upstream location for v4l bugs? I guess it should be
reported somewhere else than in redhat and debian?
<pere> perhaps it already is reported and I can't find it.
<pinchartl> there's a bugzilla instance on kernel.org
<pinchartl> https://bugzilla.kernel.org/
<pinchartl> bugs are usually reported on the linux-media mailing list
<pere> hm,
<URL:
http://www.gossamer-threads.com/lists/linux/kernel/852719?page=last >
seem related
<pere> reported upstream as
<URL: https://bugzilla.kernel.org/show_bug.cgi?id=120571 >
--
Happy hacking
Petter Reinholdtsen
Reply to: