Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2007-3851 | First vendor Publication | 2007-08-13 |
| Vendor | Cve | Last vendor Modification | 2017-09-29 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:L/AC:H/Au:S/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 6 | Attack Range | Local |
| Cvss Impact Score | 10 | Attack Complexity | High |
| Cvss Expoit Score | 1.5 | Authentication | Requires single instance |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The drm/i915 component in the Linux kernel before 2.6.22.2, when used with i965G and later chipsets, allows local users with access to an X11 session and Direct Rendering Manager (DRM) to write to arbitrary memory locations and gain privileges via a crafted batchbuffer. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3851 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-399 | Resource Management Errors |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:11196 | |||
| Oval ID: | oval:org.mitre.oval:def:11196 | ||
| Title: | The drm/i915 component in the Linux kernel before 2.6.22.2, when used with i965G and later chipsets, allows local users with access to an X11 session and Direct Rendering Manager (DRM) to write to arbitrary memory locations and gain privileges via a crafted batchbuffer. | ||
| Description: | The drm/i915 component in the Linux kernel before 2.6.22.2, when used with i965G and later chipsets, allows local users with access to an X11 session and Direct Rendering Manager (DRM) to write to arbitrary memory locations and gain privileges via a crafted batchbuffer. | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2007-3851 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:18865 | |||
| Oval ID: | oval:org.mitre.oval:def:18865 | ||
| Title: | DSA-1356-1 linux-2.6 - several vulnerabilities | ||
| Description: | Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. | ||
| Family: | unix | Class: | patch |
| Reference(s): | DSA-1356-1 CVE-2007-1353 CVE-2007-2172 CVE-2007-2453 CVE-2007-2525 CVE-2007-2876 CVE-2007-3513 CVE-2007-3642 CVE-2007-3848 CVE-2007-3851 | Version: | 7 |
| Platform(s): | Debian GNU/Linux 4.0 | Product(s): | linux-2.6 |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
| Date | Description |
|---|---|
| 2009-04-09 | Name : Mandriva Update for kernel MDVSA-2008:105 (kernel) File : nvt/gb_mandriva_MDVSA_2008_105.nasl |
| 2009-03-23 | Name : Ubuntu Update for linux-source-2.6.17 vulnerabilities USN-509-1 File : nvt/gb_ubuntu_USN_509_1.nasl |
| 2009-03-23 | Name : Ubuntu Update for linux-source-2.6.20 vulnerabilities USN-510-1 File : nvt/gb_ubuntu_USN_510_1.nasl |
| 2009-01-28 | Name : SuSE Update for kernel SUSE-SA:2007:051 File : nvt/gb_suse_2007_051.nasl |
| 2009-01-28 | Name : SuSE Update for kernel SUSE-SA:2007:053 File : nvt/gb_suse_2007_053.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 1356-1 (linux-2.6) File : nvt/deb_1356_1.nasl |
| 2008-01-17 | Name : Debian Security Advisory DSA 1363-1 (linux-2.6) File : nvt/deb_1363_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 37124 | Linux Kernel drm/i915 Component Crafted batchbuffer Local Privilege Escalation |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2007-0705.nasl - Type : ACT_GATHER_INFO |
| 2012-05-17 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-4186.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0705.nasl - Type : ACT_GATHER_INFO |
| 2009-04-23 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2008-105.nasl - Type : ACT_GATHER_INFO |
| 2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_kernel-4185.nasl - Type : ACT_GATHER_INFO |
| 2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-509-1.nasl - Type : ACT_GATHER_INFO |
| 2007-11-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-510-1.nasl - Type : ACT_GATHER_INFO |
| 2007-10-17 | Name : The remote SuSE system is missing the security patch kernel-4193. File : suse_kernel-4193.nasl - Type : ACT_GATHER_INFO |
| 2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_kernel-4487.nasl - Type : ACT_GATHER_INFO |
| 2007-09-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0705.nasl - Type : ACT_GATHER_INFO |
| 2007-09-03 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1363.nasl - Type : ACT_GATHER_INFO |
| 2007-08-21 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1356.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2024-02-02 01:06:58 |
|
| 2024-02-01 12:02:21 |
|
| 2023-09-05 12:06:30 |
|
| 2023-09-05 01:02:12 |
|
| 2023-09-02 12:06:37 |
|
| 2023-09-02 01:02:13 |
|
| 2023-08-12 12:07:40 |
|
| 2023-08-12 01:02:13 |
|
| 2023-08-11 12:06:40 |
|
| 2023-08-11 01:02:17 |
|
| 2023-08-06 12:06:21 |
|
| 2023-08-06 01:02:14 |
|
| 2023-08-04 12:06:27 |
|
| 2023-08-04 01:02:17 |
|
| 2023-07-14 12:06:25 |
|
| 2023-07-14 01:02:15 |
|
| 2023-03-29 01:07:09 |
|
| 2023-03-28 12:02:20 |
|
| 2022-10-11 12:05:42 |
|
| 2022-10-11 01:02:05 |
|
| 2022-03-11 01:04:55 |
|
| 2020-08-08 01:02:51 |
|
| 2020-07-30 01:02:59 |
|
| 2020-05-23 01:38:30 |
|
| 2020-05-23 00:20:08 |
|
| 2019-01-25 12:02:07 |
|
| 2018-10-30 12:02:16 |
|
| 2017-09-29 09:23:09 |
|
| 2016-07-21 12:02:07 |
|
| 2016-06-28 23:56:15 |
|
| 2016-06-28 16:45:37 |
|
| 2016-04-26 16:23:13 |
|
| 2014-02-17 10:40:57 |
|
| 2013-07-13 13:20:48 |
|
| 2013-05-11 10:31:50 |
|
