Lucene search

K
cveRedhatCVE-2008-3831
HistoryOct 20, 2008 - 5:59 p.m.

CVE-2008-3831

2008-10-2017:59:26
CWE-399
redhat
web.nvd.nist.gov
50
cve-2008-3831
i915 driver
linux kernel 2.6.24
denial of service
memory corruption
nvd

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

AI Score

4.8

Confidence

High

EPSS

0

Percentile

10.1%

The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows local users to cause a denial of service (memory corruption) via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl’s configuration.

Affected configurations

Nvd
Node
linuxlinux_kernelMatch2.6.24
AND
debianlinux
OR
openbsdlinux
VendorProductVersionCPE
linuxlinux_kernel2.6.24cpe:2.3:o:linux:linux_kernel:2.6.24:*:*:*:*:*:*:*
debianlinux*cpe:2.3:o:debian:linux:*:*:*:*:*:*:*:*
openbsdlinux*cpe:2.3:o:openbsd:linux:*:*:*:*:*:*:*:*

References

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

AI Score

4.8

Confidence

High

EPSS

0

Percentile

10.1%