MNBSD-2016-10: atkbd(4) ioctl signedness error allows kernel memory overwrite

Severity: Unknown

Affected Package: atkbd

Summary: atkbd(4) ioctl signedness error allows kernel memory overwrite

Description

An incorrect signedness comparison in the atkbd(4) keyboard driver's ioctl(2) handler allowed a malicious local user to overwrite a portion of kernel memory. This could lead to a kernel crash, memory disclosure, or privilege escalation. Fixed in the 0.7.8 release.

Affected Versions

atkbd

Recommendations

No specific recommendations provided.

References

Additional Information

Aliases: CVE-2016-1886

Published: May 19, 2016
Last Modified: May 19, 2016