CVE-2008-3831

Priority
Medium
Description
The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel
2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD
does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering
Manager (DRM) master, which allows local users to cause a denial of service
(memory corruption) via a crafted ioctl call, related to absence of the
DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration.
Ubuntu-Description
It was discovered the the i915 video driver did not correctly validate
memory addresses. A local attacker could exploit this to remap memory
that could cause a system crash, leading to a denial of service.
This issue did not affect Ubuntu 6.06 and was previous fixed for Ubuntu
7.10 and 8.04 in USN-659-1. Ubuntu 8.10 has now been corrected as well.
References
Assigned-to
smb
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Upstream:not-affected (code not present)
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Upstream:needs-triage
Ubuntu 8.04 LTS (Hardy Heron):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (2.6.27.3)
Ubuntu 8.04 LTS (Hardy Heron):released (2.6.24-21.43)
More Information

Valid XHTML 1.0 Strict

Updated: 2012-06-01 15:19:01 UTC (commit 5347)