{ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2008-3496", "STATE" : "PUBLIC" }, "affects" : { "vendor" : { "vendor_data" : [ { "product" : { "product_data" : [ { "product_name" : "n/a", "version" : { "version_data" : [ { "version_value" : "n/a" } ] } } ] }, "vendor_name" : "n/a" } ] } }, "data_format" : "MITRE", "data_type" : "CVE", "data_version" : "4.0", "description" : { "description_data" : [ { "lang" : "eng", "value" : "Buffer overflow in format descriptor parsing in the uvc_parse_format function in drivers/media/video/uvc/uvc_driver.c in uvcvideo in the video4linux (V4L) implementation in the Linux kernel before 2.6.26.1 has unknown impact and attack vectors." } ] }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "eng", "value" : "n/a" } ] } ] }, "references" : { "reference_data" : [ { "name" : "[linux-kernel] 20080730 [patch 40/62] V4L: uvcvideo: Fix a buffer overflow in format descriptor parsing", "refsource" : "MLIST", "url" : "http://lkml.org/lkml/2008/7/30/655" }, { "name" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.1", "refsource" : "CONFIRM", "url" : "http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.26.1" }, { "name" : "MDVSA-2008:223", "refsource" : "MANDRIVA", "url" : "http://www.mandriva.com/security/advisories?name=MDVSA-2008:223" }, { "name" : "SUSE-SR:2008:018", "refsource" : "SUSE", "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-09/msg00004.html" }, { "name" : "30514", "refsource" : "BID", "url" : "http://www.securityfocus.com/bid/30514" }, { "name" : "31982", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/31982" }, { "name" : "linux-kernel-uvcparseformat-bo(44184)", "refsource" : "XF", "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/44184" } ] } }