Security update for xawtv SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2020:1712-1 Final 1 1 2020-06-23T08:33:48Z current 2020-06-23T08:33:48Z 2020-06-23T08:33:48Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for xawtv This update for xawtv fixes the following issues: - CVE-2020-13696: Fixed an issue in setuid-root program that which could have allowed arbitrary file existence tests and open() with O_RDWR (bsc#1171655). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2020-1712,SUSE-SLE-WE-12-SP4-2020-1712,SUSE-SLE-WE-12-SP5-2020-1712 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2020/suse-su-20201712-1/ Link for SUSE-SU-2020:1712-1 https://lists.suse.com/pipermail/sle-security-updates/2020-June/007006.html E-Mail link for SUSE-SU-2020:1712-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1171655 SUSE Bug 1171655 https://www.suse.com/security/cve/CVE-2020-13696/ SUSE CVE CVE-2020-13696 page SUSE Linux Enterprise Workstation Extension 12 SP4 SUSE Linux Enterprise Workstation Extension 12 SP5 alevtd-3.103-6.3.1 motv-3.103-6.3.1 pia-3.103-6.3.1 tv-common-3.103-6.3.1 v4l-conf-3.103-6.3.1 v4l-tools-3.103-6.3.1 xawtv-3.103-6.3.1 tv-common-3.103-6.3.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP4 v4l-conf-3.103-6.3.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP4 v4l-tools-3.103-6.3.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP4 tv-common-3.103-6.3.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP5 v4l-conf-3.103-6.3.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP5 v4l-tools-3.103-6.3.1 as a component of SUSE Linux Enterprise Workstation Extension 12 SP5 An issue was discovered in LinuxTV xawtv before 3.107. The function dev_open() in v4l-conf.c does not perform sufficient checks to prevent an unprivileged caller of the program from opening unintended filesystem paths. This allows a local attacker with access to the v4l-conf setuid-root program to test for the existence of arbitrary files and to trigger an open on arbitrary files with mode O_RDWR. To achieve this, relative path components need to be added to the device path, as demonstrated by a v4l-conf -c /dev/../root/.bash_history command. CVE-2020-13696 SUSE Linux Enterprise Workstation Extension 12 SP4:tv-common-3.103-6.3.1 SUSE Linux Enterprise Workstation Extension 12 SP4:v4l-conf-3.103-6.3.1 SUSE Linux Enterprise Workstation Extension 12 SP4:v4l-tools-3.103-6.3.1 SUSE Linux Enterprise Workstation Extension 12 SP5:tv-common-3.103-6.3.1 SUSE Linux Enterprise Workstation Extension 12 SP5:v4l-conf-3.103-6.3.1 SUSE Linux Enterprise Workstation Extension 12 SP5:v4l-tools-3.103-6.3.1 moderate 3.6 AV:L/AC:L/Au:N/C:P/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20201712-1/ https://www.suse.com/security/cve/CVE-2020-13696.html CVE-2020-13696 https://bugzilla.suse.com/1171655 SUSE Bug 1171655