mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-08 22:17:19 +00:00
1.1 KiB
1.1 KiB
CVE-2011-1013
Description
Integer signedness error in the drm_modeset_ctl function in (1) drivers/gpu/drm/drm_irq.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.38 and (2) sys/dev/pci/drm/drm_irq.c in the kernel in OpenBSD before 4.9 allows local users to trigger out-of-bounds write operations, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via a crafted num_crtcs (aka vb_num) structure member in an ioctl argument.
POC
Reference
No PoCs from references.