Vulnerability Description
v86d before 0.1.10 do not verify if received netlink messages are sent by the kernel. This could allow unprivileged users to manipulate the video mode and potentially other consequences.
CVSS Score
7.8
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| V86D Project | V86D | < 0.1.10 |
| Debian | Debian Linux | 8.0 |
Related Weaknesses (CWE)
References
- https://access.redhat.com/security/cve/cve-2011-1070Not ApplicableThird Party Advisory
- https://seclists.org/oss-sec/2011/q1/315Mailing ListThird Party Advisory
- https://security-tracker.debian.org/tracker/CVE-2011-1070Third Party Advisory
- https://access.redhat.com/security/cve/cve-2011-1070Not ApplicableThird Party Advisory
- https://seclists.org/oss-sec/2011/q1/315Mailing ListThird Party Advisory
- https://security-tracker.debian.org/tracker/CVE-2011-1070Third Party Advisory
FAQ
What is CVE-2011-1070?
CVE-2011-1070 is a vulnerability with a CVSS score of 7.8 (HIGH). v86d before 0.1.10 do not verify if received netlink messages are sent by the kernel. This could allow unprivileged users to manipulate the video mode and potentially other consequences.
How severe is CVE-2011-1070?
CVE-2011-1070 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-1070?
Check the references section above for vendor advisories and patch information. Affected products include: V86D Project V86D, Debian Debian Linux.