CVE-2007-3851
i965 DRM allows insecure packets
Severity Score
6.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The drm/i915 component in the Linux kernel before 2.6.22.2, when used with i965G and later chipsets, allows local users with access to an X11 session and Direct Rendering Manager (DRM) to write to arbitrary memory locations and gain privileges via a crafted batchbuffer.
El componente drm/i915 en el núcleo Linux anterior a 2.6.22.2, cuando se usa con el conjunto de chips (chipset) i965G y posteriores, permite a usuarios locales con acceso a una sesión X11 y al Direct Rendering Manager (DRM) escribir a posiciones de memoria de su elección y obtener privilegios mediante un búfer de ejecución por lotes (batchbuffer) manipulado.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-07-18 CVE Reserved
- 2007-08-13 CVE Published
- 2024-08-07 CVE Updated
- 2024-10-08 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
CAPEC
References (21)
| URL | Tag | Source |
|---|---|---|
| http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22.2 | X_refsource_confirm | |
| http://secunia.com/advisories/26450 | Third Party Advisory | |
| http://secunia.com/advisories/26500 | Third Party Advisory | |
| http://secunia.com/advisories/26643 | Third Party Advisory | |
| http://secunia.com/advisories/26664 | Third Party Advisory | |
| http://secunia.com/advisories/26760 | Third Party Advisory | |
| http://secunia.com/advisories/27227 | Third Party Advisory | |
| http://www.securityfocus.com/bid/25263 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2007/2854 | Vdb Entry | |
| https://issues.rpath.com/browse/RPL-1620 | X_refsource_confirm | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11196 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/26389 | 2017-09-29 | |
| http://www.debian.org/security/2007/dsa-1356 | 2017-09-29 | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2008:105 | 2017-09-29 | |
| http://www.novell.com/linux/security/advisories/2007_51_kernel.html | 2017-09-29 | |
| http://www.novell.com/linux/security/advisories/2007_53_kernel.html | 2017-09-29 | |
| http://www.redhat.com/support/errata/RHSA-2007-0705.html | 2017-09-29 | |
| http://www.ubuntu.com/usn/usn-509-1 | 2017-09-29 | |
| http://www.ubuntu.com/usn/usn-510-1 | 2017-09-29 | |
| https://access.redhat.com/security/cve/CVE-2007-3851 | 2007-09-13 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=251185 | 2007-09-13 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | <= 2.6.22.1 Search vendor "Linux" for product "Linux Kernel" and version " <= 2.6.22.1" | - |
Affected
| in | Intel Search vendor "Intel" | I915 Chipset Search vendor "Intel" for product "I915 Chipset" | * | - |
Safe
|