CVE-2020-13696MEDIUMCVSS 4.4fixed in 3.1072020-06-08
CVE-2020-13696 [MEDIUM] CWE-863 CVE-2020-13696: An issue was discovered in LinuxTV xawtv before 3.107. The function dev_open() in v4l-conf.c does no
An issue was discovered in LinuxTV xawtv before 3.107. The function dev_open() in v4l-conf.c does not perform sufficient checks to prevent an unprivileged caller of the program from opening unintended filesystem paths. This allows a local attacker with access to the v4l-conf setuid-root program to test for the existence of arbitrary files and to tri
nvd