[kernel-sec-discuss] r1330 - active
Moritz Muehlenhoff
jmm at alioth.debian.org
Tue Apr 7 12:02:07 UTC 2009
Author: jmm
Date: 2009-04-07 12:02:06 +0000 (Tue, 07 Apr 2009)
New Revision: 1330
Modified:
active/CVE-2008-3496
Log:
add details
Modified: active/CVE-2008-3496
===================================================================
--- active/CVE-2008-3496 2009-04-07 11:05:41 UTC (rev 1329)
+++ active/CVE-2008-3496 2009-04-07 12:02:06 UTC (rev 1330)
@@ -1,11 +1,15 @@
Candidate: CVE-2008-3496
-Description:
+Description:
+ Buffer overflow in format descriptor parsing in the uvc_parse_format
+ function in drivers/media/video/uvc/uvc_driver.c in uvcvideo in the
+ video4linux (V4L) implementation in the Linux kernel before 2.6.26.1
+ has unknown impact and attack vectors.
References:
Ubuntu-Description:
Notes:
Bugs:
-upstream:
-linux-2.6: released (2.6.26.1)
+upstream: released (2.6.26.1)
+linux-2.6: released (2.6.26-2)
2.6.18-etch-security: N/A
2.6.24-etch-security: N/A
2.6.26-lenny-security: released (2.6.26-2)
More information about the kernel-sec-discuss
mailing list