Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2015-5200

The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors.

Related bugs and status

CVE-2015-5200 (Candidate) is related to these bugs:

Bug #1490826: [CVE] NVIDIA's VDPAU Library Exposed To Security Issue

Summary				In	Importance	Status
	1490826	[CVE] NVIDIA's VDPAU Library Exposed To Security Issue		libvdpau (Ubuntu)	Undecided	Fix Released

Bug #1512274: Sync libvdpau 1.1.1-3 (main) from Debian sid (main)

Summary				In	Importance	Status
	1512274	Sync libvdpau 1.1.1-3 (main) from Debian sid (main)		libvdpau (Ubuntu)	Wishlist	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.securityfoc...
MISC: http://www.debian.org/...
MISC: http://lists.fedorapro...
MISC: http://lists.fedorapro...
MISC: http://lists.fedorapro...
MISC: http://www.ubuntu.com/...
MISC: http://lists.x.org/arc...
MISC: https://bugzilla.redha...
MISC: http://lists.opensuse....