Lucene search

K
nvd[email protected]NVD:CVE-2008-3831
HistoryOct 20, 2008 - 5:59 p.m.

CVE-2008-3831

2008-10-2017:59:26
CWE-399
web.nvd.nist.gov
6

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

AI Score

4.9

Confidence

High

EPSS

0

Percentile

10.1%

The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows local users to cause a denial of service (memory corruption) via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl’s configuration.

Affected configurations

Nvd
Node
linuxlinux_kernelMatch2.6.24
AND
debianlinux
OR
openbsdlinux
VendorProductVersionCPE
linuxlinux_kernel2.6.24cpe:2.3:o:linux:linux_kernel:2.6.24:*:*:*:*:*:*:*
debianlinux*cpe:2.3:o:debian:linux:*:*:*:*:*:*:*:*
openbsdlinux*cpe:2.3:o:openbsd:linux:*:*:*:*:*:*:*:*

References

CVSS2

4.7

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:N/I:N/A:C

AI Score

4.9

Confidence

High

EPSS

0

Percentile

10.1%