CVE-2013-0913

Vulnerability Description

Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition.

CVSS Score

Affected Products

Related Weaknesses (CWE)

References

• http://git.chromium.org/gitweb/?p=chromiumos/third_party/kernel.git%3Ba=commit%3Third Party Advisory
• http://googlechromereleases.blogspot.com/2013/03/stable-channel-update-for-chromThird Party Advisory
• http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.htmlThird Party AdvisoryVDB Entry
• http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.htmlThird Party AdvisoryVDB Entry
• http://openwall.com/lists/oss-security/2013/03/11/6Mailing List
• http://openwall.com/lists/oss-security/2013/03/13/9Mailing List
• http://openwall.com/lists/oss-security/2013/03/14/22Mailing List
• http://rhn.redhat.com/errata/RHSA-2013-0744.htmlThird Party AdvisoryVDB Entry
• http://www.ubuntu.com/usn/USN-1809-1Third Party AdvisoryVDB Entry
• http://www.ubuntu.com/usn/USN-1811-1Third Party AdvisoryVDB Entry
• http://www.ubuntu.com/usn/USN-1812-1Third Party AdvisoryVDB Entry
• http://www.ubuntu.com/usn/USN-1813-1Third Party AdvisoryVDB Entry
• http://www.ubuntu.com/usn/USN-1814-1Third Party AdvisoryVDB Entry
• https://bugzilla.redhat.com/show_bug.cgi?id=920471Issue Tracking
• https://code.google.com/p/chromium-os/issues/detail?id=39733Third Party Advisory