[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250770

 
 

909

 
 

196157

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2008-3831Date: (C)2008-10-20   (M)2024-02-22


The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows local users to cause a denial of service (memory corruption) via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.7
Exploit Score: 3.4
Impact Score: 6.9
 
CVSS V2 Metrics:
Access Vector: LOCAL
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: COMPLETE
  
Reference:
SECTRACK-1021065
http://www.securityfocus.com/archive/1/498285/100/0/threaded
SUNALERT-245846
BID-31792
SECUNIA-32315
SECUNIA-32386
SECUNIA-32709
SECUNIA-32918
SECUNIA-33182
SECUNIA-33586
DSA-1655
FEDORA-2008-8929
FEDORA-2008-8980
MDVSA-2008:224
RHSA-2008:1017
RHSA-2009:0009
USN-659-1
USN-679-1
http://archives.neohapsis.com/archives/openbsd/cvs/2008-10/0365.html
http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.6.diff.gz
http://wiki.rpath.com/Advisories:rPSA-2008-0316
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0316
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/i915_drv.c
http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/i915_drv.c.diff?r1=1.7%3Br2=1.8
oval:org.mitre.oval:def:11542

CWE    1
CWE-399
OVAL    7
oval:org.secpod.oval:def:400099
oval:org.secpod.oval:def:301550
oval:org.secpod.oval:def:301281
oval:org.secpod.oval:def:101739
...

© SecPod Technologies