CVE-2010-5321

Memory leak in drivers/media/video/videobuf-core.c in the videobuf subsystem in the Linux kernel 2.6.x through 4.x allows local users to cause a denial of service (memory consumption) by leveraging /dev/video access for a series of mmap calls that require new allocations, a different vulnerability than CVE-2007-6761.  NOTE: as of 2016-06-18, this affects only 11 drivers that have not been updated to use videobuf2 instead of videobuf.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 MEDIUM
PHYSICAL
LOW
LOW
CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 6%
VendorProductVersion
linuxlinux_kernel
2.6.0 ≤
𝑥
≤ 4.20.15
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
unimportant
bullseye (security)
unimportant
bookworm
unimportant
bookworm (security)
unimportant
trixie
unimportant
sid
unimportant
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
wily
ignored
vivid
ignored
utopic
ignored
trusty
ignored
precise
ignored
lucid
ignored
linux-armadaxp
wily
dne
vivid
dne
utopic
dne
trusty
dne
precise
ignored
lucid
dne
linux-ec2
wily
dne
vivid
dne
utopic
dne
trusty
dne
precise
dne
lucid
ignored
linux-flo
wily
ignored
vivid
ignored
utopic
ignored
trusty
dne
precise
dne
lucid
dne
linux-fsl-imx51
wily
dne
vivid
dne
utopic
dne
trusty
dne
precise
dne
lucid
ignored
linux-goldfish
wily
ignored
vivid
ignored
utopic
ignored
trusty
dne
precise
dne
lucid
dne
linux-grouper
wily
dne
vivid
dne
utopic
ignored
trusty
dne
precise
dne
lucid
dne
linux-linaro-omap
wily
dne
vivid
dne
utopic
dne
trusty
dne
precise
ignored
lucid
dne
linux-linaro-shared
wily
dne
vivid
dne
utopic
dne
trusty
dne
precise
ignored
lucid
dne
linux-linaro-vexpress
wily
dne
vivid
dne
utopic
dne
trusty
dne
precise
ignored
lucid
dne
linux-lts-quantal
wily
dne
vivid
dne
utopic
dne
trusty
dne
precise
ignored
lucid
dne
linux-lts-raring
wily
dne
vivid
dne
utopic
dne
trusty
dne
precise
ignored
lucid
dne
linux-lts-saucy
wily
dne
vivid
dne
utopic
dne
trusty
dne
precise
ignored
lucid
dne
linux-lts-trusty
wily
dne
vivid
dne
utopic
dne
trusty
dne
precise
ignored
lucid
dne
linux-lts-utopic
wily
dne
vivid
dne
utopic
dne
trusty
dne
precise
dne
lucid
dne
linux-lts-vivid
wily
dne
vivid
dne
utopic
dne
trusty
dne
precise
dne
lucid
dne
linux-lts-wily
wily
dne
vivid
dne
trusty
dne
precise
dne
linux-lts-xenial
wily
dne
vivid
dne
trusty
ignored
precise
dne
linux-maguro
wily
dne
vivid
dne
utopic
dne
trusty
dne
precise
dne
lucid
dne
linux-mako
wily
ignored
vivid
ignored
utopic
ignored
trusty
dne
precise
dne
lucid
dne
linux-manta
wily
ignored
vivid
ignored
utopic
ignored
trusty
dne
precise
dne
lucid
dne
linux-mvl-dove
wily
dne
vivid
dne
utopic
dne
trusty
dne
precise
dne
lucid
ignored
linux-qcm-msm
wily
dne
vivid
dne
utopic
dne
trusty
dne
precise
ignored
lucid
ignored
linux-raspi2
wily
ignored
vivid
dne
trusty
dne
precise
dne
linux-ti-omap4
wily
dne
vivid
dne
utopic
dne
trusty
dne
precise
ignored
lucid
dne
Common Weakness Enumeration
References
http://linuxtv.org/irc/v4l/index.php?date=2010-07-29
http://www.openwall.com/lists/oss-security/2015/02/08/4
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827340
https://bugzilla.kernel.org/show_bug.cgi?id=120571
https://bugzilla.redhat.com/show_bug.cgi?id=620629
http://linuxtv.org/irc/v4l/index.php?date=2010-07-29
http://www.openwall.com/lists/oss-security/2015/02/08/4
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=827340
https://bugzilla.kernel.org/show_bug.cgi?id=120571
https://bugzilla.redhat.com/show_bug.cgi?id=620629