CVE-2008-3496

EUVD-2008-3482
Buffer overflow in format descriptor parsing in the uvc_parse_format function in drivers/media/video/uvc/uvc_driver.c in uvcvideo in the video4linux (V4L) implementation in the Linux kernel before 2.6.26.1 has unknown impact and attack vectors.
Classic Buffer Overflow
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 78%
Affected Products (NVD)
VendorProductVersion
linuxlinux_kernel
𝑥
< 2.6.26.1
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
dapper
dne
feisty
dne
gutsy
dne
hardy
not-affected
linux-source-2.6.15
dapper
not-affected
feisty
dne
gutsy
dne
hardy
dne
linux-source-2.6.20
dapper
dne
feisty
not-affected
gutsy
dne
hardy
dne
linux-source-2.6.22
dapper
dne
feisty
dne
gutsy
not-affected
hardy
dne
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
http://lkml.org/lkml/2008/7/30/655
http://secunia.com/advisories/31982
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.1
http://www.mandriva.com/security/advisories?name=MDVSA-2008:223
http://www.securityfocus.com/bid/30514
https://exchange.xforce.ibmcloud.com/vulnerabilities/44184
http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html
http://lkml.org/lkml/2008/7/30/655
http://secunia.com/advisories/31982
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.1
http://www.mandriva.com/security/advisories?name=MDVSA-2008:223
http://www.securityfocus.com/bid/30514
https://exchange.xforce.ibmcloud.com/vulnerabilities/44184