github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-20 04:58:54 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
a5cd335165
linux/drivers/gpu
History
Xi Wang a5cd335165 drm: integer overflow in drm_mode_dirtyfb_ioctl() 
There is a potential integer overflow in drm_mode_dirtyfb_ioctl()
if userspace passes in a large num_clips.  The call to kmalloc would
allocate a small buffer, and the call to fb->funcs->dirty may result
in a memory corruption.

Reported-by: Haogang Chen <haogangchen@gmail.com>
Signed-off-by: Xi Wang <xi.wang@gmail.com>
Cc: stable@kernel.org
Signed-off-by: Dave Airlie <airlied@redhat.com>
2011-11-23 08:59:28 +00:00
..
drm drm: integer overflow in drm_mode_dirtyfb_ioctl() 2011-11-23 08:59:28 +00:00
stub i915: select VIDEO_OUTPUT_CONTROL for ACPI_VIDEO 2011-04-13 09:10:25 +10:00
vga drivers/gpu/vga/vgaarb.c: add missing kfree 2011-11-22 20:21:10 +00:00
Makefile gpu: Add Intel GMA500(Poulsbo) Stub Driver 2010-10-26 11:00:13 +10:00