Novell Home

CVE-2012-0044

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-0044 at MITRE

Description

Integer overflow in the drm_mode_dirtyfb_ioctl function in drivers/gpu/drm/drm_crtc.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.1.5 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted ioctl call.

NVD CVSS v2 Base Score: 7.2 (AV:L/AC:L/Au:N/C:C/I:C/A:C)

Novell/SUSE information

Note from the SUSE Security Team

This vulnerability was introduced in 2.6.33-rc2 and was not backported to older products. So SUSE Linux Enterprise 10 and older products are not affected by this problem.,This vulnerability was introduced in 2.6.39-rc6 and was not backported to older products. So SUSE Linux Enterprise Server 11 SP1, SUSE Linux Enterprise 10 and older products are not affected by this problem.

Novell Bugzilla entry: 740745

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Real Time 11 SP1
  • brocade-bna-kmp-rt >= 2.1.0.0_2.6.33.20_rt31_0.5-0.2.52
  • cluster-network-kmp-rt >= 1.4_2.6.33.20_rt31_0.5-2.5.62
  • cluster-network-kmp-rt_trace >= 1.4_2.6.33.20_rt31_0.5-2.5.62
  • drbd-kmp-rt >= 8.3.11_2.6.33.20_rt31_0.5-0.3.62
  • drbd-kmp-rt_trace >= 8.3.11_2.6.33.20_rt31_0.5-0.3.62
  • iscsitarget-kmp-rt >= 1.4.19_2.6.33.20_rt31_0.5-0.9.11.38
  • kernel-rt >= 2.6.33.20-0.5.1
  • kernel-rt-base >= 2.6.33.20-0.5.1
  • kernel-rt-devel >= 2.6.33.20-0.5.1
  • kernel-rt_trace >= 2.6.33.20-0.5.1
  • kernel-rt_trace-base >= 2.6.33.20-0.5.1
  • kernel-rt_trace-devel >= 2.6.33.20-0.5.1
  • kernel-source-rt >= 2.6.33.20-0.5.1
  • kernel-syms-rt >= 2.6.33.20-0.5.1
  • ocfs2-kmp-rt >= 1.6_2.6.33.20_rt31_0.5-0.4.2.62
  • ocfs2-kmp-rt_trace >= 1.6_2.6.33.20_rt31_0.5-0.4.2.62
  • ofed-kmp-rt >= 1.5.2_2.6.33.20_rt31_0.5-0.9.13.49
 slert11-sp1.x86-64
SAT Patch Nr: 6677

© 2013 Novell