oss-sec mailing list archives
Re: X.Org intel driver dev snapshots, backlight helper issue
From: cve-assign () mitre org
Date: Fri, 11 Jul 2014 03:46:14 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
http://lists.x.org/archives/xorg-commit/2014-July/036840.html
xf86_video_intel_backlight_helper will be installed setuid
(only beta versions have it)
Use CVE-2014-4910 for the
- don't allow '/' in the interface name to avoid escaping the /sys
hierarchy
issue.
At present, there is no CVE ID for the
- check snprintf() return value for overflow.
issue. We are not sure whether this has any impact beyond triggering
an attempt to use an unintended filename under /sys/class/backlight/.
- --
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (SunOS)
iQEcBAEBAgAGBQJTv5WIAAoJEKllVAevmvms4YUH/3LASmq6IpPVfcmHgFwVliaF
V3IAD2OrD5G+7YjkC0qCFAoazleHJfTJziP8Qkz1OpZe9GIKhCLhyEyicwwIzgpQ
pcETqlPBuV4xPD3l0aSJLuYQC36sAWCACS+GIPZm26ZozWs7z2WTDzDcP9eyzFe1
mvOuRo28leuR+3qhyoNotjxgB+JbMr8jw8stx2qgbeIdJ9Dw+X2sfq9QG5UAF4ZM
Ob5NeBHfynXT1LpL0ZM1kYdY6BzJGdhcsKtNyMPkf/6RmmfKDLxgHXUHd6y6gtr1
GjpQn1gcKjAhCr+3e57aHsTZa8oUxDSAW0FKeHMJeOPZx5omg4Yg6CZvGA3xOYw=
=IXgK
-----END PGP SIGNATURE-----
Current thread:
- X.Org intel driver dev snapshots, backlight helper issue Matthieu Herrb (Jul 04)
- Re: X.Org intel driver dev snapshots, backlight helper issue cve-assign (Jul 11)
