PT-2011-2814 · Openbsd+2 · Openbsd Kernel+2
Publicado
2011-05-09
·
Atualizado
2023-02-13
·
CVE-2011-1013
CVSS v2.0
7.2
Alta
| Vetor | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 2.6.38
OpenBSD kernel versions prior to 4.9
Description
The issue is caused by an integer signedness error in the drm modeset ctl function, allowing local users to trigger out-of-bounds write operations. This can lead to a denial of service (system crash) or possibly have other unspecified impacts. The error occurs when a crafted num crtcs (also known as vb num) structure member is passed in an ioctl argument.
Recommendations
For Linux kernel versions prior to 2.6.38, update to version 2.6.38 or later to resolve the issue.
For OpenBSD kernel versions prior to 4.9, update to version 4.9 or later to resolve the issue.
Correção
DoS
Memory Corruption
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Linux Kernel
Openbsd Kernel
Red Hat