CVE-2010-2962

drivers/gpu/drm/i915/i915_gem.c in the Graphics Execution Manager (GEM) in the Intel i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via crafted use of the ioctl interface, related to (1) pwrite and (2) pread operations.

Published: Nov 26, 2010
Updated: Apr 13, 2023
CVE: CVE-2010-2962
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
linux / linux_kernel	-	2.6.36
fedoraproject / fedora	13	13.x
suse / linux_enterprise_desktop	11-sp1	11-sp1.x
suse / linux_enterprise_server	11-sp1	11-sp1.x
opensuse / opensuse	11.3	11.3.x
suse / linux_enterprise_real_time_extension	11-sp1	11-sp1.x
canonical / ubuntu_linux	10.10	10.10.x
canonical / ubuntu_linux	9.10	9.10.x
canonical / ubuntu_linux	10.04	10.04.x

Vulnerability Database

289,689

CVE-2010-2962