Description
The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
Related CPE's
Vulnerable
o
fedoraproject
fedora
3
Vulnerable
References
https://bugzilla.redhat.com/show_bug.cgi?id=1951739
Issue TrackingMitigationThird Party Advisory
https://www.oracle.com/security-alerts/cpujul2022.html
PatchThird Party Advisory
https://www.starwindsoftware.com/security/sw-20220804-0001/
Third Party Advisory
CVSS impact metrics
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Modified
Published
2021-10-20T07:15:09.140
3 years agoLast modified
2024-03-24T23:15:08.387
1 year ago