The dvb_ca_ioctl function in drivers/media/dvb/ttpci/av7110_ca.c in the Linux kernel prior to 2.6.38-rc2 does not check the sign of a certain integer field, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a negative value.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
linux linux kernel 2.6.38 |
||
linux linux kernel |