blob: e381b53669d1233234992022366c354da08c8884 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
Description: i915 DRM heap overflow
References:
https://lkml.org/lkml/2013/3/11/677
http://www.openwall.com/lists/oss-security/2013/03/11/6
Notes:
dannf> This looks like a regression, introduced in 2.6.37-rc1 by 2549d6c,
with a partial fix applied in d1d7883, and completely addressed in
3118a4f. The check in 2.6.32 looks equivalent to that in 3118a4f.
Bugs:
upstream: released (3.9-rc4) [3118a4f652c7b12c752f3222af0447008f9b2368]
2.6.32-upstream-stable: N/A "see notes"
sid: released (3.2.41-2) [bugfix/x86/drm-i915-bounds-check-execbuffer-relocation-count.patch]
2.6.32-squeeze-security: N/A "see notes"
3.2-upstream-stable: released (3.2.42) [drm-i915-bounds-check-execbuffer-relocation-count.patch]
|