FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Kernel Team
Reload this Page APPLIED: drm clip overflow

 
 
LinkBack Thread Tools
 
Old 01-18-2012, 02:24 PM
Tim Gardner
 
Default APPLIED: drm clip overflow
On 01/18/2012 05:54 AM, Andy Whitcroft wrote:

CVE-2012-0044
There is a potential integer overflow in
drm_mode_dirtyfb_ioctl() if userspace passes in a large
num_clips. The call to kmalloc would allocate a small
buffer, and the call to fb->funcs->dirty may result in a
memory corruption.

This problem was introduced in maverick, and fixes for it have hit
oneiric and later via mainline and stable. Following this email is a
patch for maverick, maverick/ti-omap4, natty and natty/ti-omap4. This
is a simple cherry-pick from mainline.

Proposing for maverick, maverick/ti-omap4, natty and natty/ti-omap4.

-apw




--
Tim Gardner tim.gardner@canonical.com

--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 

Thread Tools




All times are GMT. The time now is 08:58 PM.

VBulletin, Copyright ©2000 - 2013, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org

Contact Us - Linux Archive - Archive - Top -