CVE-2010-2962

EPSS 0.12%
Veröffentlicht 26.11.2010 19:00:06
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle security@ubuntu.com
Teams Watchlist Login
Unerledigt Login

drivers/gpu/drm/i915/i915_gem.c in the Graphics Execution Manager (GEM) in the Intel i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via crafted use of the ioctl interface, related to (1) pwrite and (2) pread operations.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 19

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 2.6.36

Fedoraproject ≫ Fedora Version13

Opensuse ≫ Opensuse Version11.3

Suse ≫ Linux Enterprise Desktop Version11 Updatesp1

Suse ≫ Linux Enterprise Real Time Extension Version11 Updatesp1

Suse ≫ Linux Enterprise Server Version11 Updatesp1

Canonical ≫ Ubuntu Linux Version9.10

Canonical ≫ Ubuntu Linux Version10.04 SwEdition-

Canonical ≫ Ubuntu Linux Version10.10

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.12%	0.31

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://lists.opensuse.org/opensuse-security-announce/2011-02/msg00000.html

Third Party Advisory

Mailing List

http://www.vupen.com/english/advisories/2011/0298

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00003.html

Third Party Advisory

Mailing List

http://www.redhat.com/support/errata/RHSA-2010-0842.html

Third Party Advisory

http://secunia.com/advisories/42758

Third Party Advisory