CVE-2011-1070

Published: Nov 14, 2019Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

v86d before 0.1.10 do not verify if received netlink messages are sent by the kernel. This could allow unprivileged users to manipulate the video mode and potentially other consequences.

Affected (4)

Products: V86d Project: V86d · Debian: Debian Linux

1 product

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
V86d Project V86d	Before 0.1.10

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0
Debian Debian Linux	Version 8.0
Debian Debian Linux	Version 9.0

Related CWEs

CWE-863

Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

References (6)

https://access.redhat.com/security/cve/cve-2011-1070

Source: secalert@redhat.com

Not ApplicableThird Party Advisory

https://seclists.org/oss-sec/2011/q1/315

Source: secalert@redhat.com

Mailing ListThird Party Advisory

https://security-tracker.debian.org/tracker/CVE-2011-1070

Source: secalert@redhat.com

Third Party Advisory

https://access.redhat.com/security/cve/cve-2011-1070

Source: af854a3a-2127-422b-91ae-364da2661108

Not ApplicableThird Party Advisory

https://seclists.org/oss-sec/2011/q1/315

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://security-tracker.debian.org/tracker/CVE-2011-1070

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.