USN-4518-1] xawtv vulnerability

Avital Ostromich avital.ostromich at
Thu Sep 17 21:05:42 UTC 2020

Ubuntu Security Notice USN-4518-1
September 17, 2020

xawtv vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS


xawtv could be made to expose sensitive information and escalate
user privileges if it received specially crafted input.

Software Description:
- xawtv: X11 program for watching TV


Matthias Gerstner discovered that xawtv incorrectly handled opening files.
A local attacker could possibly use this issue to open and write to
arbitrary files and escalate privileges. (CVE-2020-13696)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
  alevtd                          3.103-3+deb8u1build0.16.04.1
  fbtv                            3.103-3+deb8u1build0.16.04.1
  pia                             3.103-3+deb8u1build0.16.04.1
  radio                           3.103-3+deb8u1build0.16.04.1
  scantv                          3.103-3+deb8u1build0.16.04.1
  streamer                        3.103-3+deb8u1build0.16.04.1
  ttv                             3.103-3+deb8u1build0.16.04.1
  v4l-conf                        3.103-3+deb8u1build0.16.04.1
  webcam                          3.103-3+deb8u1build0.16.04.1
  xawtv                           3.103-3+deb8u1build0.16.04.1
  xawtv-plugin-qt                 3.103-3+deb8u1build0.16.04.1
  xawtv-plugins                   3.103-3+deb8u1build0.16.04.1
  xawtv-tools                     3.103-3+deb8u1build0.16.04.1

In general, a standard system update will make all the necessary changes.


Package Information:

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the ubuntu-security-announce mailing list