CVE - CVE-2008-3831

CVE-ID
CVE-2008-3831	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows local users to cause a denial of service (memory corruption) via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:1021065 URL:http://securitytracker.com/id?1021065 MISC:20081112 rPSA-2008-0316-1 kernel URL:http://www.securityfocus.com/archive/1/498285/100/0/threaded MISC:245846 URL:~~http://sunsolve.sun.com/search/document.do?assetkey=1-26-245846-1~~ (Obsolete source) MISC:31792 URL:http://www.securityfocus.com/bid/31792 MISC:32315 URL:http://secunia.com/advisories/32315 MISC:32386 URL:http://secunia.com/advisories/32386 MISC:32709 URL:http://secunia.com/advisories/32709 MISC:32918 URL:http://secunia.com/advisories/32918 MISC:33182 URL:http://secunia.com/advisories/33182 MISC:33586 URL:http://secunia.com/advisories/33586 MISC:DSA-1655 URL:http://www.debian.org/security/2008/dsa-1655 MISC:FEDORA-2008-8929 URL:https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00693.html MISC:FEDORA-2008-8980 URL:https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00689.html MISC:MDVSA-2008:224 URL:~~http://www.mandriva.com/security/advisories?name=MDVSA-2008:224~~ (Obsolete source) MISC:RHSA-2008:1017 URL:http://www.redhat.com/support/errata/RHSA-2008-1017.html MISC:RHSA-2009:0009 URL:http://www.redhat.com/support/errata/RHSA-2009-0009.html MISC:USN-659-1 URL:http://www.ubuntu.com/usn/usn-659-1 MISC:USN-679-1 URL:http://www.ubuntu.com/usn/usn-679-1 MISC:[source-changes] 20081017 CVS: cvs.openbsd.org: src URL:http://archives.neohapsis.com/archives/openbsd/cvs/2008-10/0365.html MISC:http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.6.diff.gz URL:http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.6.diff.gz MISC:http://wiki.rpath.com/Advisories:rPSA-2008-0316 URL:http://wiki.rpath.com/Advisories:rPSA-2008-0316 MISC:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0316 URL:http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0316 MISC:http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/i915_drv.c URL:http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/i915_drv.c MISC:http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/i915_drv.c.diff?r1=1.7%3Br2=1.8 URL:http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/i915_drv.c.diff?r1=1.7%3Br2=1.8 MISC:oval:org.mitre.oval:def:11542 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11542
Assigning CNA
Red Hat, Inc.
Date Record Created
20080827	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20080827)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)