|Summary:||Kernel: <=2.6.24 drivers/char/drm/i915_dma.c DOS (CVE-2008-3831)|
|Product:||Gentoo Security||Reporter:||Stefan Behte (RETIRED) <craig>|
|Component:||Kernel||Assignee:||Gentoo Security <security>|
|Whiteboard:||[linux <18.104.22.168] [linux >=2.6.26 <22.214.171.124] [linux >=2.6.27 <126.96.36.199]|
|Package list:||Runtime testing required:||---|
Description Stefan Behte (RETIRED) 2008-10-21 12:38:21 UTC
CVE-2008-3831 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3831): The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows local users to cause a denial of service (memory corruption) via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration.
Comment 1 Stefan Behte (RETIRED) 2008-10-21 12:40:14 UTC
Comment 2 Gordon Malm (RETIRED) 2008-10-21 20:21:47 UTC
Comment 3 Gordon Malm (RETIRED) 2008-10-21 20:28:44 UTC
Patch is currently in the review cycle for 188.8.131.52, 184.108.40.206 and 220.127.116.11
Comment 4 into-the-trash-it-goes 2009-07-20 22:27:49 UTC
Further to Gordon's remark, the patch was indeed included in the referenced. stable patches. hardened-kernel unaffected at present time. Removing alias. PS: genpatches-2.6.26-4 added 18.104.22.168. genpatches-2.6.27-3 added 22.214.171.124. =genpatches-2.6.25* remains vulnerable. However, hardened-sources-2.6.25-r13 does not because we independently folded in the newer stable patches.