Description: i915 DRM heap overflow
References:
 https://lkml.org/lkml/2013/3/11/677
 http://www.openwall.com/lists/oss-security/2013/03/11/6
Notes:
 dannf> This looks like a regression, introduced in 2.6.37-rc1 by 2549d6c,
        with a partial fix applied in d1d7883, and completely addressed in
        3118a4f. The check in 2.6.32 looks equivalent to that in 3118a4f.
Bugs:
upstream: released (3.9-rc4) [3118a4f652c7b12c752f3222af0447008f9b2368]
2.6.32-upstream-stable: N/A "see notes"
sid: released (3.2.41-2) [bugfix/x86/drm-i915-bounds-check-execbuffer-relocation-count.patch]
2.6.32-squeeze-security: N/A "see notes"
3.2-upstream-stable: released (3.2.42) [drm-i915-bounds-check-execbuffer-relocation-count.patch]