Fixed
Created: Jul 28, 2019
Updated: Oct 18, 2019
Resolved Date: Oct 18, 2019
Found In Version: 7.0.0.2
Severity: Standard
Applicable for: Wind River Linux 7
Component/s: Kernel
In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size for a DiSEqC command is 6, according to the userspace API. However, the code allows larger values such as 23.
CREATE(Triage): {Link=https://nvd.nist.gov/vuln/detail/CVE-2015-9289 User=admin}