#VU93736 Improper privilege management in Linux kernel
Vulnerability identifier: #VU93736
Vulnerability risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-269
Exploitation vector: Local
Exploit availability: No
Vulnerable software:
Linux kernel
Operating systems & Components /
Operating system
Vendor: Linux Foundation
Description
The vulnerability allows a local user to read and manipulate data.
The vulnerability exists due to improperly imposed permissions within the lirc_dev_exit() and rc_dev_get_from_fd() functions in drivers/media/rc/lirc_dev.c, within the lirc_prog_attach(), lirc_prog_detach() and lirc_prog_query() functions in drivers/media/rc/bpf-lirc.c. A local user can read and manipulate data.
Mitigation
Install update from vendor's website.
Vulnerable software versions
Linux kernel:
External links
http://git.kernel.org/stable/c/93d8109bf182510629bbefc8cd45296d2393987f
http://git.kernel.org/stable/c/d98210108e7b2ff64b332b0a3541c8ad6a0617b0
http://git.kernel.org/stable/c/9f6087851ec6dce5b15f694aeaf3e8ec8243224e
http://git.kernel.org/stable/c/93136132d1b5792bf44151e3494ae3691cd738e8
http://git.kernel.org/stable/c/caf2da1d4562de4e35eedec0be2b7f1ee25d83be
http://git.kernel.org/stable/c/6a9d552483d50953320b9d3b57abdee8d436f23f
http://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
