xawtv could be made to expose sensitive information and escalate
user privileges if it received specially crafted input.
Software Description:
- xawtv: X11 program for watching TV
Details:
Matthias Gerstner discovered that xawtv incorrectly handled opening files.
A local attacker could possibly use this issue to open and write to
arbitrary files and escalate privileges. (CVE-2020-13696)
The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS: alevtd 3.103-3+deb8u1build0.16.04.1 fbtv 3.103-3+deb8u1build0.16.04.1 pia 3.103-3+deb8u1build0.16.04.1 radio 3.103-3+deb8u1build0.16.04.1 scantv 3.103-3+deb8u1build0.16.04.1 streamer 3.103-3+deb8u1build0.16.04.1 ttv 3.103-3+deb8u1build0.16.04.1 v4l-conf 3.103-3+deb8u1build0.16.04.1 webcam 3.103-3+deb8u1build0.16.04.1 xawtv 3.103-3+deb8u1build0.16.04.1 xawtv-plugin-qt 3.103-3+deb8u1build0.16.04.1 xawtv-plugins 3.103-3+deb8u1build0.16.04.1 xawtv-tools 3.103-3+deb8u1build0.16.04.1 In general, a standard system update will make all the necessary changes.
https://ubuntu.com/security/notices/USN-4518-1
CVE-2020-13696
Get the latest Linux and open source security news straight to your inbox.