CVE-2011-1070
Publication date 14 November 2019
Last updated 24 July 2024
Ubuntu priority
Cvss 3 Severity Score
v86d before 0.1.10 do not verify if received netlink messages are sent by the kernel. This could allow unprivileged users to manipulate the video mode and potentially other consequences.
Status
Package | Ubuntu Release | Status |
---|---|---|
v86d | 13.10 saucy |
Not affected
|
13.04 raring |
Not affected
|
|
12.10 quantal |
Not affected
|
|
12.04 LTS precise |
Not affected
|
|
11.10 oneiric |
Not affected
|
|
11.04 natty | Ignored end of life | |
10.10 maverick | Ignored end of life | |
10.04 LTS lucid | Ignored end of life | |
8.04 LTS hardy | Not in release |
Severity score breakdown
Parameter | Value |
---|---|
Base score |
|
Attack vector | Local |
Attack complexity | Low |
Privileges required | Low |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |