Description
drivers/gpu/drm/i915/i915_gem.c in the Graphics Execution Manager (GEM) in the Intel i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via crafted use of the ioctl interface, related to (1) pwrite and (2) pread operations.
References (16)
Core 16
Core References
Patch x_refsource_confirm
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=ce9d419dbecc292cc3e06e8b1d6d123d3fa813a4
Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052513.html
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=637688
Third Party Advisory vendor-advisory
x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1041-1
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/3321
Third Party Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0842.html
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0298
Third Party Advisory vendor-advisory
x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0958.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html
Mailing List, Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00004.html
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/42758
Broken Link x_refsource_confirm
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.36
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/44067
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/42745
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0070
Scores
EPSS
0.0011
EPSS Percentile
29.4%
Details
CWE
CWE-20
Status
published
Products (9)
canonical/ubuntu_linux
9.10
canonical/ubuntu_linux
10.04
canonical/ubuntu_linux
10.10
fedoraproject/fedora
13
linux/linux_kernel
< 2.6.36
opensuse/opensuse
11.3
suse/linux_enterprise_desktop
11 sp1
suse/linux_enterprise_real_time_extension
11 sp1
suse/linux_enterprise_server
11 sp1
Published
Nov 26, 2010
Tracked Since
Feb 18, 2026