Integer overflow in the i915_gem_do_execbuffer function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Linux_kernel | Linux | * | 3.3.4 (including) |
| Linux_kernel | Linux | 3.3 (including) | 3.3 (including) |
| Linux_kernel | Linux | 3.3-rc1 (including) | 3.3-rc1 (including) |
| Linux_kernel | Linux | 3.3-rc2 (including) | 3.3-rc2 (including) |
| Linux_kernel | Linux | 3.3-rc3 (including) | 3.3-rc3 (including) |
| Linux_kernel | Linux | 3.3-rc4 (including) | 3.3-rc4 (including) |
| Linux_kernel | Linux | 3.3-rc5 (including) | 3.3-rc5 (including) |
| Linux_kernel | Linux | 3.3-rc6 (including) | 3.3-rc6 (including) |
| Linux_kernel | Linux | 3.3-rc7 (including) | 3.3-rc7 (including) |
| Linux_kernel | Linux | 3.3.1 (including) | 3.3.1 (including) |
| Linux_kernel | Linux | 3.3.2 (including) | 3.3.2 (including) |
| Linux_kernel | Linux | 3.3.3 (including) | 3.3.3 (including) |