Vulnerability Details CVE-2011-1070
v86d before 0.1.10 do not verify if received netlink messages are sent by the kernel. This could allow unprivileged users to manipulate the video mode and potentially other consequences.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.2%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
- https://access.redhat.com/security/cve/cve-2011-1070
- https://seclists.org/oss-sec/2011/q1/315
- https://security-tracker.debian.org/tracker/CVE-2011-1070
- https://access.redhat.com/security/cve/cve-2011-1070
- https://seclists.org/oss-sec/2011/q1/315
- https://security-tracker.debian.org/tracker/CVE-2011-1070
Products affected by CVE-2011-1070
-
cpe:2.3:a:v86d_project:v86d:0.1.1
-
cpe:2.3:a:v86d_project:v86d:0.1.2
-
cpe:2.3:a:v86d_project:v86d:0.1.3
-
cpe:2.3:a:v86d_project:v86d:0.1.7
-
cpe:2.3:a:v86d_project:v86d:0.1.8
-
cpe:2.3:a:v86d_project:v86d:0.1.9
-
cpe:2.3:o:debian:debian_linux:10.0
-
cpe:2.3:o:debian:debian_linux:8.0
-
cpe:2.3:o:debian:debian_linux:9.0