188589 – Linux Kernel < 2.6.22.2 Insecure Batch Buffers Privilege Escalation (CVE-2007-3851)

Bug 188589 - Linux Kernel < 2.6.22.2 Insecure Batch Buffers Privilege Escalation (CVE-2007-3851)

Summary: Linux Kernel < 2.6.22.2 Insecure Batch Buffers Privilege Escalation (CVE-2007...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Kernel (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	http://secunia.com/advisories/26389/
Whiteboard:	[linux < 2.6.22.2][gp < 2.6.22-4]
Keywords:

Depends on:
Blocks:

Reported:	2007-08-12 14:35 UTC by Matt Fleming (RETIRED)
Modified:	2013-09-03 03:46 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Matt Fleming (RETIRED) gentoo-dev

2007-08-12 14:35:20 UTC

A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to gain escalated privileges.

The vulnerability is caused due to an error within the driver for i965G chipsets and above, which can be exploited to e.g. gain escalated privileges by modifying physical memory.

Successful exploitation requires that the attacker is logged in to an X server and has access to the DRM.

This has been fixed in 2.6.22.2

Comment 1 Mike Pagano gentoo-dev

2008-03-21 11:33:06 UTC

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=21f16289270447673a7263ccc0b22d562fb01ecb