Unrated severityNVD Advisory· Published Jul 27, 2019· Updated Aug 6, 2024
CVE-2015-9289
CVE-2015-9289
Description
In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allows larger values such as 23.
Affected products
10- Linux/Linux kerneldescription
- osv-coords9 versionspkg:rpm/suse/kernel-bigmem&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-pae&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-ppc64&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-trace&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
< 3.0.101-108.101.1+ 8 more
- (no CPE)range: < 3.0.101-108.101.1
- (no CPE)range: < 3.0.101-108.101.1
- (no CPE)range: < 3.0.101-108.101.1
- (no CPE)range: < 3.0.101-108.101.1
- (no CPE)range: < 3.0.101-108.101.1
- (no CPE)range: < 3.0.101-108.101.1
- (no CPE)range: < 3.0.101-108.101.1
- (no CPE)range: < 3.0.101-108.101.1
- (no CPE)range: < 3.0.101-108.101.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/mitrex_refsource_MISC
- github.com/torvalds/linux/commit/1fa2337a315a2448c5434f41e00d56b01a22283cmitrex_refsource_MISC
- mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.4mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.