Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 243042 (CVE-2008-3831)

Summary: Kernel: <=2.6.24 drivers/char/drm/i915_dma.c DOS (CVE-2008-3831)
Product: Gentoo Security Reporter: Stefan Behte (RETIRED) <craig>
Component: KernelAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: kernel
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3831
Whiteboard: [linux <2.6.25.19] [linux >=2.6.26 <2.6.26.7] [linux >=2.6.27 <2.6.27.3]
Package list:
Runtime testing required: ---

Description Stefan Behte (RETIRED) gentoo-dev Security 2008-10-21 12:38:21 UTC
CVE-2008-3831 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3831):
  The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux
  kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c
  in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the
  Direct Rendering Manager (DRM) master, which allows local users to
  cause a denial of service (memory corruption) via a crafted ioctl
  call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in
  the ioctl's configuration.
Comment 3 Gordon Malm (RETIRED) gentoo-dev 2008-10-21 20:28:44 UTC
Patch is currently in the review cycle for 2.6.25.19, 2.6.26.7 and 2.6.27.3
Comment 4 kfm 2009-07-20 22:27:49 UTC
Further to Gordon's remark, the patch was indeed included in the referenced. stable patches. hardened-kernel unaffected at present time. Removing alias.

PS: genpatches-2.6.26-4 added 2.6.26.7. genpatches-2.6.27-3 added 2.6.27.3. =genpatches-2.6.25* remains vulnerable. However, hardened-sources-2.6.25-r13 does not because we independently folded in the newer stable patches.