Vulnerability-Lookup

CVE-2013-0913 (GCVE-0-2013-0913)

Vulnerability from cvelistv5 – Published: 2013-03-18 15:00 – Updated: 2024-08-06 14:41

Summary

Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition.

Severity ?

No CVSS data available.

CWE

Assigner

Chrome

References

URL

Tags

	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	https://bugzilla.redhat.com/show_bug.cgi?id=920471	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-1812-1	vendor-advisoryx_refsource_UBUNTU
	http://openwall.com/lists/oss-security/2013/03/11/6	mailing-listx_refsource_MLIST
	http://www.ubuntu.com/usn/USN-1809-1	vendor-advisoryx_refsource_UBUNTU
	http://openwall.com/lists/oss-security/2013/03/14/22	mailing-listx_refsource_MLIST
	http://www.ubuntu.com/usn/USN-1814-1	vendor-advisoryx_refsource_UBUNTU
	http://openwall.com/lists/oss-security/2013/03/13/9	mailing-listx_refsource_MLIST
	https://gerrit.chromium.org/gerrit/45118	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2013-0744.html	vendor-advisoryx_refsource_REDHAT
	http://googlechromereleases.blogspot.com/2013/03/…	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-1813-1	vendor-advisoryx_refsource_UBUNTU
	https://lkml.org/lkml/2013/3/11/501	mailing-listx_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://git.chromium.org/gitweb/?p=chromiumos/thir…	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-1811-1	vendor-advisoryx_refsource_UBUNTU
	https://code.google.com/p/chromium-os/issues/deta…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T14:41:48.345Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "openSUSE-SU-2013:0847",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920471"
          },
          {
            "name": "USN-1812-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1812-1"
          },
          {
            "name": "[oss-security] 20130311 CVE-2013-0913 Linux kernel i915 integer overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2013/03/11/6"
          },
          {
            "name": "USN-1809-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1809-1"
          },
          {
            "name": "[oss-security] 20130314 Re: CVE-2013-0913 Linux kernel i915 integer overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2013/03/14/22"
          },
          {
            "name": "USN-1814-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1814-1"
          },
          {
            "name": "[oss-security] 20130313 Re: CVE-2013-0913 Linux kernel i915 integer overflow",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2013/03/13/9"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://gerrit.chromium.org/gerrit/45118"
          },
          {
            "name": "RHSA-2013:0744",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0744.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://googlechromereleases.blogspot.com/2013/03/stable-channel-update-for-chrome-os_15.html"
          },
          {
            "name": "USN-1813-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1813-1"
          },
          {
            "name": "[linux-kernel] 20130311 [PATCH] drm/i915: bounds check execbuffer relocations",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lkml.org/lkml/2013/3/11/501"
          },
          {
            "name": "openSUSE-SU-2013:0925",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.chromium.org/gitweb/?p=chromiumos/third_party/kernel.git%3Ba=commit%3Bh=c79efdf2b7f68f985922a8272d64269ecd490477"
          },
          {
            "name": "USN-1811-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1811-1"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://code.google.com/p/chromium-os/issues/detail?id=39733"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-03-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-06-05T09:00:00.000Z",
        "orgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
        "shortName": "Chrome"
      },
      "references": [
        {
          "name": "openSUSE-SU-2013:0847",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920471"
        },
        {
          "name": "USN-1812-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1812-1"
        },
        {
          "name": "[oss-security] 20130311 CVE-2013-0913 Linux kernel i915 integer overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2013/03/11/6"
        },
        {
          "name": "USN-1809-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1809-1"
        },
        {
          "name": "[oss-security] 20130314 Re: CVE-2013-0913 Linux kernel i915 integer overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2013/03/14/22"
        },
        {
          "name": "USN-1814-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1814-1"
        },
        {
          "name": "[oss-security] 20130313 Re: CVE-2013-0913 Linux kernel i915 integer overflow",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2013/03/13/9"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://gerrit.chromium.org/gerrit/45118"
        },
        {
          "name": "RHSA-2013:0744",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0744.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://googlechromereleases.blogspot.com/2013/03/stable-channel-update-for-chrome-os_15.html"
        },
        {
          "name": "USN-1813-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1813-1"
        },
        {
          "name": "[linux-kernel] 20130311 [PATCH] drm/i915: bounds check execbuffer relocations",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lkml.org/lkml/2013/3/11/501"
        },
        {
          "name": "openSUSE-SU-2013:0925",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.chromium.org/gitweb/?p=chromiumos/third_party/kernel.git%3Ba=commit%3Bh=c79efdf2b7f68f985922a8272d64269ecd490477"
        },
        {
          "name": "USN-1811-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1811-1"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://code.google.com/p/chromium-os/issues/detail?id=39733"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@google.com",
          "ID": "CVE-2013-0913",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "openSUSE-SU-2013:0847",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=920471",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920471"
            },
            {
              "name": "USN-1812-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1812-1"
            },
            {
              "name": "[oss-security] 20130311 CVE-2013-0913 Linux kernel i915 integer overflow",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2013/03/11/6"
            },
            {
              "name": "USN-1809-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1809-1"
            },
            {
              "name": "[oss-security] 20130314 Re: CVE-2013-0913 Linux kernel i915 integer overflow",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2013/03/14/22"
            },
            {
              "name": "USN-1814-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1814-1"
            },
            {
              "name": "[oss-security] 20130313 Re: CVE-2013-0913 Linux kernel i915 integer overflow",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2013/03/13/9"
            },
            {
              "name": "https://gerrit.chromium.org/gerrit/45118",
              "refsource": "CONFIRM",
              "url": "https://gerrit.chromium.org/gerrit/45118"
            },
            {
              "name": "RHSA-2013:0744",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0744.html"
            },
            {
              "name": "http://googlechromereleases.blogspot.com/2013/03/stable-channel-update-for-chrome-os_15.html",
              "refsource": "CONFIRM",
              "url": "http://googlechromereleases.blogspot.com/2013/03/stable-channel-update-for-chrome-os_15.html"
            },
            {
              "name": "USN-1813-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1813-1"
            },
            {
              "name": "[linux-kernel] 20130311 [PATCH] drm/i915: bounds check execbuffer relocations",
              "refsource": "MLIST",
              "url": "https://lkml.org/lkml/2013/3/11/501"
            },
            {
              "name": "openSUSE-SU-2013:0925",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
            },
            {
              "name": "http://git.chromium.org/gitweb/?p=chromiumos/third_party/kernel.git;a=commit;h=c79efdf2b7f68f985922a8272d64269ecd490477",
              "refsource": "CONFIRM",
              "url": "http://git.chromium.org/gitweb/?p=chromiumos/third_party/kernel.git;a=commit;h=c79efdf2b7f68f985922a8272d64269ecd490477"
            },
            {
              "name": "USN-1811-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1811-1"
            },
            {
              "name": "https://code.google.com/p/chromium-os/issues/detail?id=39733",
              "refsource": "CONFIRM",
              "url": "https://code.google.com/p/chromium-os/issues/detail?id=39733"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ebfee0ef-53dd-4cf3-9e2a-08a5bd7a7e28",
    "assignerShortName": "Chrome",
    "cveId": "CVE-2013-0913",
    "datePublished": "2013-03-18T15:00:00.000Z",
    "dateReserved": "2013-01-07T00:00:00.000Z",
    "dateUpdated": "2024-08-06T14:41:48.345Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CERTA-2013-AVI-323

Vulnerability from certfr_avis - Published: 2013-05-22 - Updated: 2013-05-22

De multiples vulnérabilités ont été corrigées dans le noyau Linux de Red Hat. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Red Hat Enterprise Linux version 6

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Red Hat RHSA-2013-0829 du 20 mai 2013

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eRed Hat Enterprise Linux version 6\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2013-2546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2546"
    },
    {
      "name": "CVE-2013-3076",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3076"
    },
    {
      "name": "CVE-2013-1979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1979"
    },
    {
      "name": "CVE-2013-3225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3225"
    },
    {
      "name": "CVE-2013-1819",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1819"
    },
    {
      "name": "CVE-2013-0914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0914"
    },
    {
      "name": "CVE-2013-1929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1929"
    },
    {
      "name": "CVE-2013-1860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1860"
    },
    {
      "name": "CVE-2013-2635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2635"
    },
    {
      "name": "CVE-2013-2548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2548"
    },
    {
      "name": "CVE-2013-2634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2634"
    },
    {
      "name": "CVE-2013-1774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1774"
    },
    {
      "name": "CVE-2013-3222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3222"
    },
    {
      "name": "CVE-2013-2094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2094"
    },
    {
      "name": "CVE-2013-1767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1767"
    },
    {
      "name": "CVE-2013-0913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0913"
    },
    {
      "name": "CVE-2013-3231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3231"
    },
    {
      "name": "CVE-2013-1792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1792"
    },
    {
      "name": "CVE-2013-2547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2547"
    },
    {
      "name": "CVE-2013-3224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3224"
    },
    {
      "name": "CVE-2013-1848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1848"
    }
  ],
  "initial_release_date": "2013-05-22T00:00:00",
  "last_revision_date": "2013-05-22T00:00:00",
  "links": [],
  "reference": "CERTA-2013-AVI-323",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2013-05-22T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux de\n\u003cspan class=\"textit\"\u003eRed Hat\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de\nservice et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Red Hat",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2013-0829 du 20 mai 2013",
      "url": "https://rhn.redhat.com/errata/RHSA-2013-0829.html"
    }
  ]
}

CERTA-2013-AVI-269

Vulnerability from certfr_avis - Published: 2013-04-24 - Updated: 2013-04-24

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Red Hat	Red Hat Enterprise Linux Server	Red Hat Enterprise Linux Server EUS version 6.4.z
Red Hat	Red Hat Enterprise Linux	Red Hat Enterprise Linux Workstation version 6
Red Hat	Red Hat Enterprise Linux	Red Hat Enterprise Linux HPC Node version 6
Red Hat	Red Hat Enterprise Linux Server	Red Hat Enterprise Linux Server AUS version 6.4
Red Hat	Red Hat Enterprise Linux Server	Red Hat Enterprise Linux Server version 6
Red Hat	Red Hat Enterprise Linux	Red Hat Enterprise Linux Desktop version 6

References

Title

Publication Time

Tags

Bulletin de sécurité Red Hat RHSA-2013-0744 du 23 avril 2013	None	vendor-advisory
Bulletin de sécurité Red Hat RHSA-2013-0744 du 23 avril 2013	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Red Hat Enterprise Linux Server EUS version 6.4.z",
      "product": {
        "name": "Red Hat Enterprise Linux Server",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux Workstation version 6",
      "product": {
        "name": "Red Hat Enterprise Linux",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux HPC Node version 6",
      "product": {
        "name": "Red Hat Enterprise Linux",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux Server AUS version 6.4",
      "product": {
        "name": "Red Hat Enterprise Linux Server",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux Server version 6",
      "product": {
        "name": "Red Hat Enterprise Linux Server",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux Desktop version 6",
      "product": {
        "name": "Red Hat Enterprise Linux",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2012-6537",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6537"
    },
    {
      "name": "CVE-2013-1826",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1826"
    },
    {
      "name": "CVE-2013-1798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1798"
    },
    {
      "name": "CVE-2013-0349",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0349"
    },
    {
      "name": "CVE-2013-1774",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1774"
    },
    {
      "name": "CVE-2013-1767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1767"
    },
    {
      "name": "CVE-2012-6546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6546"
    },
    {
      "name": "CVE-2013-0913",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0913"
    },
    {
      "name": "CVE-2013-1797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1797"
    },
    {
      "name": "CVE-2013-1773",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1773"
    },
    {
      "name": "CVE-2013-1792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1792"
    },
    {
      "name": "CVE-2013-1827",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1827"
    },
    {
      "name": "CVE-2013-1796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1796"
    },
    {
      "name": "CVE-2012-6547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6547"
    }
  ],
  "initial_release_date": "2013-04-24T00:00:00",
  "last_revision_date": "2013-04-24T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2013-0744 du 23 avril    2013",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0744.html"
    }
  ],
  "reference": "CERTA-2013-AVI-269",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2013-04-24T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux de\n\u003cspan class=\"textit\"\u003eRed Hat\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de\nservice et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Red Hat",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2013-0744 du 23 avril 2013",
      "url": null
    }
  ]
}

GSD-2013-0913

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2013-0913

Aliases

CVE-2013-0913

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-0913",
    "description": "Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition.",
    "id": "GSD-2013-0913",
    "references": [
      "https://www.suse.com/security/cve/CVE-2013-0913.html",
      "https://access.redhat.com/errata/RHSA-2013:0829",
      "https://access.redhat.com/errata/RHSA-2013:0744",
      "https://linux.oracle.com/cve/CVE-2013-0913.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-0913"
      ],
      "details": "Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition.",
      "id": "GSD-2013-0913",
      "modified": "2023-12-13T01:22:14.807365Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "security@google.com",
        "ID": "CVE-2013-0913",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "openSUSE-SU-2013:0847",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=920471",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920471"
          },
          {
            "name": "USN-1812-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-1812-1"
          },
          {
            "name": "[oss-security] 20130311 CVE-2013-0913 Linux kernel i915 integer overflow",
            "refsource": "MLIST",
            "url": "http://openwall.com/lists/oss-security/2013/03/11/6"
          },
          {
            "name": "USN-1809-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-1809-1"
          },
          {
            "name": "[oss-security] 20130314 Re: CVE-2013-0913 Linux kernel i915 integer overflow",
            "refsource": "MLIST",
            "url": "http://openwall.com/lists/oss-security/2013/03/14/22"
          },
          {
            "name": "USN-1814-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-1814-1"
          },
          {
            "name": "[oss-security] 20130313 Re: CVE-2013-0913 Linux kernel i915 integer overflow",
            "refsource": "MLIST",
            "url": "http://openwall.com/lists/oss-security/2013/03/13/9"
          },
          {
            "name": "https://gerrit.chromium.org/gerrit/45118",
            "refsource": "CONFIRM",
            "url": "https://gerrit.chromium.org/gerrit/45118"
          },
          {
            "name": "RHSA-2013:0744",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0744.html"
          },
          {
            "name": "http://googlechromereleases.blogspot.com/2013/03/stable-channel-update-for-chrome-os_15.html",
            "refsource": "CONFIRM",
            "url": "http://googlechromereleases.blogspot.com/2013/03/stable-channel-update-for-chrome-os_15.html"
          },
          {
            "name": "USN-1813-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-1813-1"
          },
          {
            "name": "[linux-kernel] 20130311 [PATCH] drm/i915: bounds check execbuffer relocations",
            "refsource": "MLIST",
            "url": "https://lkml.org/lkml/2013/3/11/501"
          },
          {
            "name": "openSUSE-SU-2013:0925",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
          },
          {
            "name": "http://git.chromium.org/gitweb/?p=chromiumos/third_party/kernel.git;a=commit;h=c79efdf2b7f68f985922a8272d64269ecd490477",
            "refsource": "CONFIRM",
            "url": "http://git.chromium.org/gitweb/?p=chromiumos/third_party/kernel.git;a=commit;h=c79efdf2b7f68f985922a8272d64269ecd490477"
          },
          {
            "name": "USN-1811-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-1811-1"
          },
          {
            "name": "https://code.google.com/p/chromium-os/issues/detail?id=39733",
            "refsource": "CONFIRM",
            "url": "https://code.google.com/p/chromium-os/issues/detail?id=39733"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "71106252-6C58-47E8-A376-64CF42D00818",
                    "versionEndExcluding": "3.0.71",
                    "versionStartIncluding": "2.6.37",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "2D342038-9418-4E89-9E40-04102FBE0C46",
                    "versionEndExcluding": "3.2.42",
                    "versionStartIncluding": "3.1",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "F429F327-9AE4-48C0-8734-AC98DEB7B6DE",
                    "versionEndExcluding": "3.4.38",
                    "versionStartIncluding": "3.3",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                    "matchCriteriaId": "BE32FDE7-349E-44FA-B1CA-DAEDB9F79126",
                    "versionEndExcluding": "3.8.5",
                    "versionStartIncluding": "3.5",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          },
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
                    "matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*",
                    "matchCriteriaId": "EBB2C482-D2A4-48B3-ACE7-E1DFDCC409B5",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition."
          },
          {
            "lang": "es",
            "value": "Desbordamiento de entero en drivers/gpu/drm/i915/i915_gem_execbuffer.c en el driver i915 en el subsistema Direct Rendering Manager (DRM) en el kernel de Linux hasta v3.8.3, como se usaba en Google Chrome OS anterior a v25.0.1364.173  y otros productos, permite a usuarios locales causar una denegaci\u00f3n de servicio (desbordamiento de b\u00fafer basado en memoria din\u00e1mica) o posiblemente tener otro impacto no especificado mediante una aplicaci\u00f3n que lanza muchas copias de relocalizaci\u00f3n, y potencialmente da lugar a una condici\u00f3n de carrera."
          }
        ],
        "id": "CVE-2013-0913",
        "lastModified": "2024-02-05T19:48:31.867",
        "metrics": {
          "cvssMetricV2": [
            {
              "acInsufInfo": false,
              "baseSeverity": "HIGH",
              "cvssData": {
                "accessComplexity": "LOW",
                "accessVector": "LOCAL",
                "authentication": "NONE",
                "availabilityImpact": "COMPLETE",
                "baseScore": 7.2,
                "confidentialityImpact": "COMPLETE",
                "integrityImpact": "COMPLETE",
                "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 10.0,
              "obtainAllPrivilege": false,
              "obtainOtherPrivilege": false,
              "obtainUserPrivilege": false,
              "source": "nvd@nist.gov",
              "type": "Primary",
              "userInteractionRequired": false
            }
          ]
        },
        "published": "2013-03-18T15:55:01.027",
        "references": [
          {
            "source": "chrome-cve-admin@google.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://git.chromium.org/gitweb/?p=chromiumos/third_party/kernel.git%3Ba=commit%3Bh=c79efdf2b7f68f985922a8272d64269ecd490477"
          },
          {
            "source": "chrome-cve-admin@google.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "http://googlechromereleases.blogspot.com/2013/03/stable-channel-update-for-chrome-os_15.html"
          },
          {
            "source": "chrome-cve-admin@google.com",
            "tags": [
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html"
          },
          {
            "source": "chrome-cve-admin@google.com",
            "tags": [
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
          },
          {
            "source": "chrome-cve-admin@google.com",
            "tags": [
              "Mailing List"
            ],
            "url": "http://openwall.com/lists/oss-security/2013/03/11/6"
          },
          {
            "source": "chrome-cve-admin@google.com",
            "tags": [
              "Mailing List"
            ],
            "url": "http://openwall.com/lists/oss-security/2013/03/13/9"
          },
          {
            "source": "chrome-cve-admin@google.com",
            "tags": [
              "Mailing List"
            ],
            "url": "http://openwall.com/lists/oss-security/2013/03/14/22"
          },
          {
            "source": "chrome-cve-admin@google.com",
            "tags": [
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0744.html"
          },
          {
            "source": "chrome-cve-admin@google.com",
            "tags": [
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1809-1"
          },
          {
            "source": "chrome-cve-admin@google.com",
            "tags": [
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1811-1"
          },
          {
            "source": "chrome-cve-admin@google.com",
            "tags": [
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1812-1"
          },
          {
            "source": "chrome-cve-admin@google.com",
            "tags": [
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1813-1"
          },
          {
            "source": "chrome-cve-admin@google.com",
            "tags": [
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1814-1"
          },
          {
            "source": "chrome-cve-admin@google.com",
            "tags": [
              "Issue Tracking"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920471"
          },
          {
            "source": "chrome-cve-admin@google.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://code.google.com/p/chromium-os/issues/detail?id=39733"
          },
          {
            "source": "chrome-cve-admin@google.com",
            "tags": [
              "Third Party Advisory"
            ],
            "url": "https://gerrit.chromium.org/gerrit/45118"
          },
          {
            "source": "chrome-cve-admin@google.com",
            "tags": [
              "Patch",
              "Third Party Advisory"
            ],
            "url": "https://lkml.org/lkml/2013/3/11/501"
          }
        ],
        "sourceIdentifier": "chrome-cve-admin@google.com",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-189"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

GHSA-VXJ5-2742-4Q53

Vulnerability from github – Published: 2022-05-17 05:08 – Updated: 2022-05-17 05:08

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-0913"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-03-18T15:55:00Z",
    "severity": "HIGH"
  },
  "details": "Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition.",
  "id": "GHSA-vxj5-2742-4q53",
  "modified": "2022-05-17T05:08:28Z",
  "published": "2022-05-17T05:08:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0913"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920471"
    },
    {
      "type": "WEB",
      "url": "https://code.google.com/p/chromium-os/issues/detail?id=39733"
    },
    {
      "type": "WEB",
      "url": "https://gerrit.chromium.org/gerrit/45118"
    },
    {
      "type": "WEB",
      "url": "https://lkml.org/lkml/2013/3/11/501"
    },
    {
      "type": "WEB",
      "url": "http://git.chromium.org/gitweb/?p=chromiumos/third_party/kernel.git%3Ba=commit%3Bh=c79efdf2b7f68f985922a8272d64269ecd490477"
    },
    {
      "type": "WEB",
      "url": "http://git.chromium.org/gitweb/?p=chromiumos/third_party/kernel.git;a=commit;h=c79efdf2b7f68f985922a8272d64269ecd490477"
    },
    {
      "type": "WEB",
      "url": "http://googlechromereleases.blogspot.com/2013/03/stable-channel-update-for-chrome-os_15.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2013/03/11/6"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2013/03/13/9"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2013/03/14/22"
    },
    {
      "type": "WEB",
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0744.html"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1809-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1811-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1812-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1813-1"
    },
    {
      "type": "WEB",
      "url": "http://www.ubuntu.com/usn/USN-1814-1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2013-0913

Vulnerability from fkie_nvd - Published: 2013-03-18 15:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
chrome-cve-admin@google.com	http://git.chromium.org/gitweb/?p=chromiumos/third_party/kernel.git%3Ba=commit%3Bh=c79efdf2b7f68f985922a8272d64269ecd490477	Third Party Advisory
chrome-cve-admin@google.com	http://googlechromereleases.blogspot.com/2013/03/stable-channel-update-for-chrome-os_15.html	Third Party Advisory
chrome-cve-admin@google.com	http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html	Third Party Advisory, VDB Entry
chrome-cve-admin@google.com	http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html	Third Party Advisory, VDB Entry
chrome-cve-admin@google.com	http://openwall.com/lists/oss-security/2013/03/11/6	Mailing List
chrome-cve-admin@google.com	http://openwall.com/lists/oss-security/2013/03/13/9	Mailing List
chrome-cve-admin@google.com	http://openwall.com/lists/oss-security/2013/03/14/22	Mailing List
chrome-cve-admin@google.com	http://rhn.redhat.com/errata/RHSA-2013-0744.html	Third Party Advisory, VDB Entry
chrome-cve-admin@google.com	http://www.ubuntu.com/usn/USN-1809-1	Third Party Advisory, VDB Entry
chrome-cve-admin@google.com	http://www.ubuntu.com/usn/USN-1811-1	Third Party Advisory, VDB Entry
chrome-cve-admin@google.com	http://www.ubuntu.com/usn/USN-1812-1	Third Party Advisory, VDB Entry
chrome-cve-admin@google.com	http://www.ubuntu.com/usn/USN-1813-1	Third Party Advisory, VDB Entry
chrome-cve-admin@google.com	http://www.ubuntu.com/usn/USN-1814-1	Third Party Advisory, VDB Entry
chrome-cve-admin@google.com	https://bugzilla.redhat.com/show_bug.cgi?id=920471	Issue Tracking
chrome-cve-admin@google.com	https://code.google.com/p/chromium-os/issues/detail?id=39733	Third Party Advisory
chrome-cve-admin@google.com	https://gerrit.chromium.org/gerrit/45118	Third Party Advisory
chrome-cve-admin@google.com	https://lkml.org/lkml/2013/3/11/501	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://git.chromium.org/gitweb/?p=chromiumos/third_party/kernel.git%3Ba=commit%3Bh=c79efdf2b7f68f985922a8272d64269ecd490477	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://googlechromereleases.blogspot.com/2013/03/stable-channel-update-for-chrome-os_15.html	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://openwall.com/lists/oss-security/2013/03/11/6	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://openwall.com/lists/oss-security/2013/03/13/9	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://openwall.com/lists/oss-security/2013/03/14/22	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2013-0744.html	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-1809-1	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-1811-1	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-1812-1	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-1813-1	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-1814-1	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=920471	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://code.google.com/p/chromium-os/issues/detail?id=39733	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://gerrit.chromium.org/gerrit/45118	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lkml.org/lkml/2013/3/11/501	Patch, Third Party Advisory

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
linux	linux_kernel	*
opensuse	opensuse	11.4
opensuse	opensuse	12.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "71106252-6C58-47E8-A376-64CF42D00818",
              "versionEndExcluding": "3.0.71",
              "versionStartIncluding": "2.6.37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D342038-9418-4E89-9E40-04102FBE0C46",
              "versionEndExcluding": "3.2.42",
              "versionStartIncluding": "3.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F429F327-9AE4-48C0-8734-AC98DEB7B6DE",
              "versionEndExcluding": "3.4.38",
              "versionStartIncluding": "3.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE32FDE7-349E-44FA-B1CA-DAEDB9F79126",
              "versionEndExcluding": "3.8.5",
              "versionStartIncluding": "3.5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBB2C482-D2A4-48B3-ACE7-E1DFDCC409B5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en drivers/gpu/drm/i915/i915_gem_execbuffer.c en el driver i915 en el subsistema Direct Rendering Manager (DRM) en el kernel de Linux hasta v3.8.3, como se usaba en Google Chrome OS anterior a v25.0.1364.173  y otros productos, permite a usuarios locales causar una denegaci\u00f3n de servicio (desbordamiento de b\u00fafer basado en memoria din\u00e1mica) o posiblemente tener otro impacto no especificado mediante una aplicaci\u00f3n que lanza muchas copias de relocalizaci\u00f3n, y potencialmente da lugar a una condici\u00f3n de carrera."
    }
  ],
  "id": "CVE-2013-0913",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-03-18T15:55:01.027",
  "references": [
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://git.chromium.org/gitweb/?p=chromiumos/third_party/kernel.git%3Ba=commit%3Bh=c79efdf2b7f68f985922a8272d64269ecd490477"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://googlechromereleases.blogspot.com/2013/03/stable-channel-update-for-chrome-os_15.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://openwall.com/lists/oss-security/2013/03/11/6"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://openwall.com/lists/oss-security/2013/03/13/9"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://openwall.com/lists/oss-security/2013/03/14/22"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0744.html"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1809-1"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1811-1"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1812-1"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1813-1"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1814-1"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920471"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://code.google.com/p/chromium-os/issues/detail?id=39733"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://gerrit.chromium.org/gerrit/45118"
    },
    {
      "source": "chrome-cve-admin@google.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://lkml.org/lkml/2013/3/11/501"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://git.chromium.org/gitweb/?p=chromiumos/third_party/kernel.git%3Ba=commit%3Bh=c79efdf2b7f68f985922a8272d64269ecd490477"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://googlechromereleases.blogspot.com/2013/03/stable-channel-update-for-chrome-os_15.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00018.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-06/msg00005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://openwall.com/lists/oss-security/2013/03/11/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://openwall.com/lists/oss-security/2013/03/13/9"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://openwall.com/lists/oss-security/2013/03/14/22"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2013-0744.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1809-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1811-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1812-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1813-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.ubuntu.com/usn/USN-1814-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=920471"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://code.google.com/p/chromium-os/issues/detail?id=39733"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://gerrit.chromium.org/gerrit/45118"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://lkml.org/lkml/2013/3/11/501"
    }
  ],
  "sourceIdentifier": "chrome-cve-admin@google.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2013-0913 (GCVE-0-2013-0913)

CERTA-2013-AVI-323

Solution

CERTA-2013-AVI-269

Solution

GSD-2013-0913

GHSA-VXJ5-2742-4Q53

FKIE_CVE-2013-0913

Tags

Sightings

Nomenclature