Rapid7 Vulnerability & Exploit Database

ELSA-2012-2001 Important: Oracle Linux Unbreakable Enterprise kernel security and bug fix update

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

ELSA-2012-2001 Important: Oracle Linux Unbreakable Enterprise kernel security and bug fix update

Severity

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

11/26/2010

Created

07/25/2018

Added

02/03/2012

Modified

04/11/2019

Description

drivers/gpu/drm/i915/i915_gem.c in the Graphics Execution Manager (GEM) in the Intel i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows local users to write to arbitrary kernel memory locations, and consequently gain privileges, via crafted use of the ioctl interface, related to (1) pwrite and (2) pread operations.

Solution(s)

oracle-linux-upgrade-kernel-uek
oracle-linux-upgrade-kernel-uek-debug
oracle-linux-upgrade-kernel-uek-debug-devel
oracle-linux-upgrade-kernel-uek-devel
oracle-linux-upgrade-kernel-uek-doc
oracle-linux-upgrade-kernel-uek-firmware
oracle-linux-upgrade-kernel-uek-headers
oracle-linux-upgrade-mlnx_en
oracle-linux-upgrade-ofa

References

https://attackerkb.com/topics/cve-2010-2962
44067
51625
470151
CVE - 2010-2962
CVE - 2012-0056
RHSA-2010:0842
RHSA-2010:0958
RHSA-2012:0052
RHSA-2012:0061
SUSE-SA:2010:050
SUSE-SA:2010:051
SUSE-SA:2011:007
http://oss.oracle.com/pipermail/el-errata/2012-January/002572.html
http://oss.oracle.com/pipermail/el-errata/2012-January/002573.html

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;