Rapid7 Vulnerability & Exploit Database

Google Chrome Vulnerability: CVE-2013-0913 Time-of-Check/Time-of-Use and counting overflows in i915 driver

Back to Search

Google Chrome Vulnerability: CVE-2013-0913 Time-of-Check/Time-of-Use and counting overflows in i915 driver

Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
03/18/2013
Created
09/09/2022
Added
09/09/2022
Modified
09/09/2022

Description

Integer overflow in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel through 3.8.3, as used in Google Chrome OS before 25.0.1364.173 and other products, allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted application that triggers many relocation copies, and potentially leads to a race condition.

Solution(s)

  • google-chrome-upgrade-latest

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;