CVE-2011-1013
7.1 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.3%
Integer signedness error in the drm_modeset_ctl function in (1) drivers/gpu/drm/drm_irq.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.38 and (2) sys/dev/pci/drm/drm_irq.c in the kernel in OpenBSD before 4.9 allows local users to trigger out-of-bounds write operations, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via a crafted num_crtcs (aka vb_num) structure member in an ioctl argument.
| CPE | Name | Operator | Version |
|---|---|---|---|
| linux:linux_kernel | linux linux kernel | lt | 2.6.38 |
| openbsd:openbsd | openbsd | le | 4.8 |
References
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=1922756124ddd53846877416d92ba4a802bc658f
www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38
www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/drm_irq.c
www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/drm_irq.c.diff?r1=1.41%3Br2=1.42%3Bf=h
www.securityfocus.com/bid/47639
bugzilla.redhat.com/show_bug.cgi?id=679925
exchange.xforce.ibmcloud.com/vulnerabilities/67199
Social References
More
Related
7.1 High
AI Score
Confidence
High
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
5.3%