cve-2008-3831
Vulnerability from cvelistv5
Published
2008-10-20 17:00
Modified
2024-08-07 09:53
Severity ?
Summary
The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows local users to cause a denial of service (memory corruption) via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl's configuration.
References
secalert@redhat.comhttp://archives.neohapsis.com/archives/openbsd/cvs/2008-10/0365.html
secalert@redhat.comhttp://secunia.com/advisories/32315
secalert@redhat.comhttp://secunia.com/advisories/32386Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/32709
secalert@redhat.comhttp://secunia.com/advisories/32918
secalert@redhat.comhttp://secunia.com/advisories/33182
secalert@redhat.comhttp://secunia.com/advisories/33586
secalert@redhat.comhttp://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.6.diff.gz
secalert@redhat.comhttp://securitytracker.com/id?1021065
secalert@redhat.comhttp://sunsolve.sun.com/search/document.do?assetkey=1-26-245846-1
secalert@redhat.comhttp://wiki.rpath.com/Advisories:rPSA-2008-0316
secalert@redhat.comhttp://wiki.rpath.com/wiki/Advisories:rPSA-2008-0316
secalert@redhat.comhttp://www.debian.org/security/2008/dsa-1655
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2008:224
secalert@redhat.comhttp://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/i915_drv.cPatch
secalert@redhat.comhttp://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/i915_drv.c.diff?r1=1.7%3Br2=1.8
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2008-1017.html
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2009-0009.html
secalert@redhat.comhttp://www.securityfocus.com/archive/1/498285/100/0/threaded
secalert@redhat.comhttp://www.securityfocus.com/bid/31792Patch
secalert@redhat.comhttp://www.ubuntu.com/usn/usn-659-1
secalert@redhat.comhttp://www.ubuntu.com/usn/usn-679-1
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11542
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-October/msg00689.html
secalert@redhat.comhttps://www.redhat.com/archives/fedora-package-announce/2008-October/msg00693.html
Impacted products
n/an/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:53:00.385Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "245846",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-245846-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.6.diff.gz"
          },
          {
            "name": "DSA-1655",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1655"
          },
          {
            "name": "MDVSA-2008:224",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:224"
          },
          {
            "name": "USN-659-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-659-1"
          },
          {
            "name": "RHSA-2009:0009",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2009-0009.html"
          },
          {
            "name": "1021065",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021065"
          },
          {
            "name": "FEDORA-2008-8929",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00693.html"
          },
          {
            "name": "33586",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33586"
          },
          {
            "name": "32709",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32709"
          },
          {
            "name": "32918",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32918"
          },
          {
            "name": "USN-679-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-679-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0316"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0316"
          },
          {
            "name": "oval:org.mitre.oval:def:11542",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11542"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/i915_drv.c.diff?r1=1.7%3Br2=1.8"
          },
          {
            "name": "RHSA-2008:1017",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-1017.html"
          },
          {
            "name": "[source-changes] 20081017 CVS: cvs.openbsd.org: src",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/openbsd/cvs/2008-10/0365.html"
          },
          {
            "name": "32386",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32386"
          },
          {
            "name": "31792",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/31792"
          },
          {
            "name": "FEDORA-2008-8980",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00689.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/i915_drv.c"
          },
          {
            "name": "33182",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33182"
          },
          {
            "name": "20081112 rPSA-2008-0316-1 kernel",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/498285/100/0/threaded"
          },
          {
            "name": "32315",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/32315"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-10-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows local users to cause a denial of service (memory corruption) via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl\u0027s configuration."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "245846",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-245846-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.6.diff.gz"
        },
        {
          "name": "DSA-1655",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1655"
        },
        {
          "name": "MDVSA-2008:224",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:224"
        },
        {
          "name": "USN-659-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-659-1"
        },
        {
          "name": "RHSA-2009:0009",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2009-0009.html"
        },
        {
          "name": "1021065",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021065"
        },
        {
          "name": "FEDORA-2008-8929",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00693.html"
        },
        {
          "name": "33586",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33586"
        },
        {
          "name": "32709",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32709"
        },
        {
          "name": "32918",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32918"
        },
        {
          "name": "USN-679-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/usn-679-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0316"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0316"
        },
        {
          "name": "oval:org.mitre.oval:def:11542",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11542"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/i915_drv.c.diff?r1=1.7%3Br2=1.8"
        },
        {
          "name": "RHSA-2008:1017",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-1017.html"
        },
        {
          "name": "[source-changes] 20081017 CVS: cvs.openbsd.org: src",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://archives.neohapsis.com/archives/openbsd/cvs/2008-10/0365.html"
        },
        {
          "name": "32386",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32386"
        },
        {
          "name": "31792",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/31792"
        },
        {
          "name": "FEDORA-2008-8980",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00689.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/i915_drv.c"
        },
        {
          "name": "33182",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33182"
        },
        {
          "name": "20081112 rPSA-2008-0316-1 kernel",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/498285/100/0/threaded"
        },
        {
          "name": "32315",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/32315"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2008-3831",
    "datePublished": "2008-10-20T17:00:00",
    "dateReserved": "2008-08-27T00:00:00",
    "dateUpdated": "2024-08-07T09:53:00.385Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-3831\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2008-10-20T17:59:26.117\",\"lastModified\":\"2023-02-13T02:19:27.733\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM) master, which allows local users to cause a denial of service (memory corruption) via a crafted ioctl call, related to absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl\u0027s configuration.\"},{\"lang\":\"es\",\"value\":\"El driver i915 en (1) drivers/char/drm/i915_dma.c en el kernel v2.6.24 de Linux en Debian GNU/Linux y (2) sys/dev/pci/drm/i915_drv.c en OpenBSD no restringe el DRM_I915_HWS_ADDR ioctl al Direct Rendering Manager (DRM) master, lo cual permite a usuarios locales provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria) mediante una llamada ioctl manipulada, relacionado con la ausencia de los indicadores DRM_MASTER y DRM_ROOT_ONLY en la configuraci\u00f3n de los ioctl.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:N/I:N/A:C\",\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\",\"baseScore\":4.7},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"13673DF5-09B1-40C8-AC54-A447DE8AB01E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:debian:linux:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7B30CD4-008C-4452-843C-EB5DB15FA7A2\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:openbsd:linux:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C124BAFB-1DFF-4553-AF03-F758769FDDC6\"}]}]}],\"references\":[{\"url\":\"http://archives.neohapsis.com/archives/openbsd/cvs/2008-10/0365.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/32315\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/32386\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/32709\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/32918\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/33182\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://secunia.com/advisories/33586\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://security.debian.org/pool/updates/main/l/linux-2.6.24/linux-2.6.24_2.6.24-6~etchnhalf.6.diff.gz\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://securitytracker.com/id?1021065\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-26-245846-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://wiki.rpath.com/Advisories:rPSA-2008-0316\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0316\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2008/dsa-1655\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2008:224\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/i915_drv.c\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/pci/drm/i915_drv.c.diff?r1=1.7%3Br2=1.8\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2008-1017.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2009-0009.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/archive/1/498285/100/0/threaded\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.securityfocus.com/bid/31792\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.ubuntu.com/usn/usn-659-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/usn-679-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11542\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00689.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2008-October/msg00693.html\",\"source\":\"secalert@redhat.com\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.