FKIE_CVE-2013-0913

Vulnerability from fkie_nvd - Published: 2013-03-18 15:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition.
References
chrome-cve-admin@google.comhttp://git.chromium.org/gitweb/?p=chromiumos/third_party/kernel.git%3Ba=commit%3Bh=c79efdf2b7f68f985922a8272d64269ecd490477Third Party Advisory
chrome-cve-admin@google.comhttp://googlechromereleases.blogspot.com/2013/03/stable-channel-update-for-chrome-os_15.htmlThird Party Advisory
chrome-cve-admin@google.comhttp://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.htmlThird Party Advisory, VDB Entry
chrome-cve-admin@google.comhttp://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.htmlThird Party Advisory, VDB Entry
chrome-cve-admin@google.comhttp://openwall.com/lists/oss-security/2013/03/11/6Mailing List
chrome-cve-admin@google.comhttp://openwall.com/lists/oss-security/2013/03/13/9Mailing List
chrome-cve-admin@google.comhttp://openwall.com/lists/oss-security/2013/03/14/22Mailing List
chrome-cve-admin@google.comhttp://rhn.redhat.com/errata/RHSA-2013-0744.htmlThird Party Advisory, VDB Entry
chrome-cve-admin@google.comhttp://www.ubuntu.com/usn/USN-1809-1Third Party Advisory, VDB Entry
chrome-cve-admin@google.comhttp://www.ubuntu.com/usn/USN-1811-1Third Party Advisory, VDB Entry
chrome-cve-admin@google.comhttp://www.ubuntu.com/usn/USN-1812-1Third Party Advisory, VDB Entry
chrome-cve-admin@google.comhttp://www.ubuntu.com/usn/USN-1813-1Third Party Advisory, VDB Entry
chrome-cve-admin@google.comhttp://www.ubuntu.com/usn/USN-1814-1Third Party Advisory, VDB Entry
chrome-cve-admin@google.comhttps://bugzilla.redhat.com/show_bug.cgi?id=920471Issue Tracking
chrome-cve-admin@google.comhttps://code.google.com/p/chromium-os/issues/detail?id=39733Third Party Advisory
chrome-cve-admin@google.comhttps://gerrit.chromium.org/gerrit/45118Third Party Advisory
chrome-cve-admin@google.comhttps://lkml.org/lkml/2013/3/11/501Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://git.chromium.org/gitweb/?p=chromiumos/third_party/kernel.git%3Ba=commit%3Bh=c79efdf2b7f68f985922a8272d64269ecd490477Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://googlechromereleases.blogspot.com/2013/03/stable-channel-update-for-chrome-os_15.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2013/03/11/6Mailing List
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2013/03/13/9Mailing List
af854a3a-2127-422b-91ae-364da2661108http://openwall.com/lists/oss-security/2013/03/14/22Mailing List
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2013-0744.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-1809-1Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-1811-1Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-1812-1Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-1813-1Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-1814-1Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=920471Issue Tracking
af854a3a-2127-422b-91ae-364da2661108https://code.google.com/p/chromium-os/issues/detail?id=39733Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://gerrit.chromium.org/gerrit/45118Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lkml.org/lkml/2013/3/11/501Patch, Third Party Advisory
Impacted products
Vendor Product Version
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
opensuse opensuse 11.4
opensuse opensuse 12.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "71106252-6C58-47E8-A376-64CF42D00818",
              "versionEndExcluding": "3.0.71",
              "versionStartIncluding": "2.6.37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D342038-9418-4E89-9E40-04102FBE0C46",
              "versionEndExcluding": "3.2.42",
              "versionStartIncluding": "3.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F429F327-9AE4-48C0-8734-AC98DEB7B6DE",
              "versionEndExcluding": "3.4.38",
              "versionStartIncluding": "3.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE32FDE7-349E-44FA-B1CA-DAEDB9F79126",
              "versionEndExcluding": "3.8.5",
              "versionStartIncluding": "3.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBB2C482-D2A4-48B3-ACE7-E1DFDCC409B5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en drivers/gpu/drm/i915/i915_gem_execbuffer.c en el driver i915 en el subsistema Direct Rendering Manager (DRM) en el kernel de Linux hasta v3.8.3, como se usaba en Google Chrome OS anterior a v25.0.1364.173  y otros productos, permite a usuarios locales causar una denegaci\u00f3n de servicio (desbordamiento de b\u00fafer basado en memoria din\u00e1mica) o posiblemente tener otro impacto no especificado mediante una aplicaci\u00f3n que lanza muchas copias de relocalizaci\u00f3n, y potencialmente da lugar a una condici\u00f3n de carrera."
    }
  ],
  "id": "CVE-2013-0913",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-03-18T15:55:01.027",
  "references": [
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://git.chromium.org/gitweb/?p=chromiumos/third_party/kernel.git%3Ba=commit%3Bh=c79efdf2b7f68f985922a8272d64269ecd490477"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://googlechromereleases.blogspot.com/2013/03/stable-channel-update-for-chrome-os_15.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://openwall.com/lists/oss-security/2013/03/11/6"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://openwall.com/lists/oss-security/2013/03/13/9"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://openwall.com/lists/oss-security/2013/03/14/22"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0744.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1809-1"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1811-1"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1812-1"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1813-1"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1814-1"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920471"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://code.google.com/p/chromium-os/issues/detail?id=39733"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://gerrit.chromium.org/gerrit/45118"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://lkml.org/lkml/2013/3/11/501"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://git.chromium.org/gitweb/?p=chromiumos/third_party/kernel.git%3Ba=commit%3Bh=c79efdf2b7f68f985922a8272d64269ecd490477"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://googlechromereleases.blogspot.com/2013/03/stable-channel-update-for-chrome-os_15.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://openwall.com/lists/oss-security/2013/03/11/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://openwall.com/lists/oss-security/2013/03/13/9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://openwall.com/lists/oss-security/2013/03/14/22"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0744.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1809-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1811-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1812-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1813-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1814-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920471"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://code.google.com/p/chromium-os/issues/detail?id=39733"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://gerrit.chromium.org/gerrit/45118"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://lkml.org/lkml/2013/3/11/501"
    }
  ],
  "sourceIdentifier": "chrome-cve-admin@google.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.