Bug 1035720 – VUL-0: CVE-2007-6761: kernel-source: drivers/media/video/videobuf-vmalloc.c in the Linux kernel before 2.6.24 does not initialize videobuf_mapping data structures

Bug 1035720 - (CVE-2007-6761) VUL-0: CVE-2007-6761: kernel-source: drivers/media/video/videobuf-vmalloc.c in the Linux kernel before 2.6.24 does not initialize videobuf_mapping data structures

(CVE-2007-6761)
Summary:	VUL-0: CVE-2007-6761: kernel-source: drivers/media/video/videobuf-vmalloc.c i...

Status:	RESOLVED FIXED

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:
Whiteboard:	CVSSv2:SUSE:CVE-2007-6761:2.6:(AV:L/A...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2017-04-24 12:57 UTC by Mikhail Kasimov
Modified:	2017-10-24 14:40 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Mikhail Kasimov 2017-04-24 12:57:17 UTC

Ref: https://nvd.nist.gov/vuln/detail/CVE-2007-6761
====================================================
Description

drivers/media/video/videobuf-vmalloc.c in the Linux kernel before 2.6.24 does not initialize videobuf_mapping data structures, which allows local users to trigger an incorrect count value and videobuf leak via unspecified vectors, a different vulnerability than CVE-2010-5321.

Source:  MITRE      Last Modified:  04/24/2017
====================================================

Hyperlink:

[1] http://www.linuxgrill.com/anonymous/kernel/v2.6/ChangeLog-2.6.24

[2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827340

[3] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=0b29669c065f60501e7289e1950fa2a618962358

[4] https://github.com/torvalds/linux/commit/0b29669c065f60501e7289e1950fa2a618962358

Please, check, if it is actual for (open-)SUSE supported kernel-branches.

Comment 1 Takashi Iwai 2017-04-24 14:04:15 UTC

At most only SLE10-SP3/SP4.  SLE11 and newer already have the fix.

Comment 4 Swamp Workflow Management 2017-05-17 08:26:34 UTC

An update workflow for this issue was started.
This issue was rated as important.
Please submit fixed packages until 2017-05-24.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/63611

Comment 5 Marcus Meissner 2017-10-24 10:40:12 UTC

released