The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Linux_kernel | Linux | * | 4.0.0 (including) |
Linux_kernel | Linux | 4.0.1 (including) | 4.0.1 (including) |
Linux_kernel | Linux | 4.0.2 (including) | 4.0.2 (including) |
Linux_kernel | Linux | 4.0.3 (including) | 4.0.3 (including) |
Linux_kernel | Linux | 4.0.4 (including) | 4.0.4 (including) |
Linux_kernel | Linux | 4.0.5 (including) | 4.0.5 (including) |
Linux_kernel | Linux | 4.0.6 (including) | 4.0.6 (including) |
Linux_kernel | Linux | 4.0.7 (including) | 4.0.7 (including) |
Linux_kernel | Linux | 4.0.8 (including) | 4.0.8 (including) |
Linux_kernel | Linux | 4.0.9 (including) | 4.0.9 (including) |
Linux_kernel | Linux | 4.1.1 (including) | 4.1.1 (including) |
Linux_kernel | Linux | 4.1.2 (including) | 4.1.2 (including) |
Linux_kernel | Linux | 4.1.3 (including) | 4.1.3 (including) |
Linux_kernel | Linux | 4.1.4 (including) | 4.1.4 (including) |
Linux_kernel | Linux | 4.1.5 (including) | 4.1.5 (including) |
Linux_kernel | Linux | 4.1.6 (including) | 4.1.6 (including) |
Linux_kernel | Linux | 4.1.7 (including) | 4.1.7 (including) |
Linux_kernel | Linux | 4.1.8 (including) | 4.1.8 (including) |
Linux_kernel | Linux | 4.1.9 (including) | 4.1.9 (including) |
Linux_kernel | Linux | 4.1.10 (including) | 4.1.10 (including) |
Linux_kernel | Linux | 4.2.1 (including) | 4.2.1 (including) |
Linux_kernel | Linux | 4.2.2 (including) | 4.2.2 (including) |
Linux_kernel | Linux | 4.2.3 (including) | 4.2.3 (including) |