Red Hat Bugzilla – Full Text Bug Listing |
Summary: | CVE-2012-0044 kernel: drm: integer overflow in drm_mode_dirtyfb_ioctl() | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Eugene Teo (Security Response) <eteo> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | agordeev, anton, arozansk, bhu, davej, dhoward, fhrbata, gansalmon, itamar, jforbes, jkacur, jonathan, jwboyer, kernel-maint, kernel-mgr, lgoncalv, lwang, madhu.chinakonda, mjc, plougher, pmatouse, rt-maint, sforsber, thomas.koppe, vgoyal, williams |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | impact=important,public=20111123,reported=20120110,source=lkml,cvss2=6.9/AV:L/AC:M/Au:N/C:C/I:C/A:C,rhel-4/kernel=notaffected,rhel-5/kernel=notaffected,rhel-6/kernel=affected,rhel-6.1.z/kernel=affected,mrg-2/realtime-kernel=affected,fedora-all/kernel=affected,mrg-2.0/realtime-kernel=affected,fedora-15/kernel=affected,cwe=CWE-190[auto] | ||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2013-04-24 03:39:56 EDT | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | ||
Bug Depends On: | 773249, 773250, 773251, 773252, 782683, 827514 | ||
Bug Blocks: | 772889 |
Description
Eugene Teo (Security Response)
2012-01-10 04:18:12 EST
Statement: This issue did not affect the versions of Linux kernel as shipped with Red Hat Enterprise Linux 4 and 5 as they did not backport commit 884840aa that introduced this issue. Created kernel tracking bugs for this issue Affects: fedora-all [bug 782683] To exploit this, the user has to log in under X or otherwise has r/w access to the dri path (group "video"). This issue has been addressed in following products: MRG for RHEL-6 v.2 Via RHSA-2012:0333 https://rhn.redhat.com/errata/RHSA-2012-0333.html This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2012:0743 https://rhn.redhat.com/errata/RHSA-2012-0743.html Is it possible to fix this bug without the new kernel from RedHat? (In reply to comment #11) > Is it possible to fix this bug without the new kernel from RedHat? Sure. You can use upstream kernel that has this problem fixed (includes a5cd335165e31db9dbab636fd29895d41da55dd2 commit). You can even use recent Fedora kernels, they include the fix now as well. This issue has been addressed in following products: Red Hat Enterprise Linux 6.1 EUS - Server Only Via RHSA-2012:1042 https://rhn.redhat.com/errata/RHSA-2012-1042.html |