CVE-2008-3831 - The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux an

CVE-2008-3831

Summary

The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows local users to cause a denial of service (memory corruption) via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration.

References

Vulnerable Configurations

cpe:2.3:o:linux:linux_kernel:2.6.24:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:2.6.24:*:*:*:*:*:*:*
cpe:2.3:o:debian:linux:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:linux:*:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:linux:*:*:*:*:*:*:*:*
cpe:2.3:o:openbsd:linux:*:*:*:*:*:*:*:*

CVSS

Base:	4.7 (as of 13-02-2023 - 02:19)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:L/AC:M/Au:N/C:N/I:N/A:C

oval via4

accepted

2013-04-29T04:14:38.618-04:00

class

vulnerability

contributors

name Aharon Chernin
organization SCAP.com, LLC
name Dragos Prisaca
organization G2, Inc.

definition_extensions

comment The operating system installed on the system is Red Hat Enterprise Linux 5
oval oval:org.mitre.oval:def:11414
comment The operating system installed on the system is CentOS Linux 5.x
oval oval:org.mitre.oval:def:15802
comment Oracle Linux 5.x
oval oval:org.mitre.oval:def:15459

description

family

unix

oval:org.mitre.oval:def:11542

status

accepted

submitted

2010-07-09T03:56:16-04:00

title

version

redhat via4

advisories

rhsa
id RHSA-2008:1017
rhsa
id RHSA-2009:0009

rpms

kernel-0:2.6.18-92.1.22.el5
kernel-PAE-0:2.6.18-92.1.22.el5
kernel-PAE-debuginfo-0:2.6.18-92.1.22.el5
kernel-PAE-devel-0:2.6.18-92.1.22.el5
kernel-debug-0:2.6.18-92.1.22.el5
kernel-debug-debuginfo-0:2.6.18-92.1.22.el5
kernel-debug-devel-0:2.6.18-92.1.22.el5
kernel-debuginfo-0:2.6.18-92.1.22.el5
kernel-debuginfo-common-0:2.6.18-92.1.22.el5
kernel-devel-0:2.6.18-92.1.22.el5
kernel-doc-0:2.6.18-92.1.22.el5
kernel-headers-0:2.6.18-92.1.22.el5
kernel-kdump-0:2.6.18-92.1.22.el5
kernel-kdump-debuginfo-0:2.6.18-92.1.22.el5
kernel-kdump-devel-0:2.6.18-92.1.22.el5
kernel-xen-0:2.6.18-92.1.22.el5
kernel-xen-debuginfo-0:2.6.18-92.1.22.el5
kernel-xen-devel-0:2.6.18-92.1.22.el5
kernel-rt-0:2.6.24.7-93.el5rt
kernel-rt-debug-0:2.6.24.7-93.el5rt
kernel-rt-debug-debuginfo-0:2.6.24.7-93.el5rt
kernel-rt-debug-devel-0:2.6.24.7-93.el5rt
kernel-rt-debuginfo-0:2.6.24.7-93.el5rt
kernel-rt-debuginfo-common-0:2.6.24.7-93.el5rt
kernel-rt-devel-0:2.6.24.7-93.el5rt
kernel-rt-doc-0:2.6.24.7-93.el5rt
kernel-rt-trace-0:2.6.24.7-93.el5rt
kernel-rt-trace-debuginfo-0:2.6.24.7-93.el5rt
kernel-rt-trace-devel-0:2.6.24.7-93.el5rt
kernel-rt-vanilla-0:2.6.24.7-93.el5rt
kernel-rt-vanilla-debuginfo-0:2.6.24.7-93.el5rt
kernel-rt-vanilla-devel-0:2.6.24.7-93.el5rt

refmap via4

bid	31792
bugtraq	20081112 rPSA-2008-0316-1 kernel
confirm	http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.6.diff.gz http://wiki.rpath.com/Advisories:rPSA-2008-0316 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0316 http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/i915_drv.c http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/i915_drv.c.diff?r1=1.7;r2=1.8
debian	DSA-1655
fedora	FEDORA-2008-8929 FEDORA-2008-8980
mandriva	MDVSA-2008:224
mlist	[source-changes] 20081017 CVS: cvs.openbsd.org: src
sectrack	1021065
secunia	32315 32386 32709 32918 33182 33586
sunalert	245846
ubuntu	USN-659-1 USN-679-1

Last major update

13-02-2023 - 02:19

Published

20-10-2008 - 17:59

Last modified

13-02-2023 - 02:19