leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
a5cd335165
linux/include
History
Xi Wang a5cd335165 drm: integer overflow in drm_mode_dirtyfb_ioctl() 
There is a potential integer overflow in drm_mode_dirtyfb_ioctl()
if userspace passes in a large num_clips.  The call to kmalloc would
allocate a small buffer, and the call to fb->funcs->dirty may result
in a memory corruption.

Reported-by: Haogang Chen <haogangchen@gmail.com>
Signed-off-by: Xi Wang <xi.wang@gmail.com>
Cc: stable@kernel.org
Signed-off-by: Dave Airlie <airlied@redhat.com>
2011-11-23 08:59:28 +00:00
..
acpi Merge branch 'release' of git://git.kernel.org/pub/scm/linux/kernel/git/lenb/linux 2011-11-07 10:13:52 -08:00
asm-generic Merge Qualcom Hexagon architecture 2011-11-01 07:48:13 -07:00
crypto crypto: Add a report function pointer to crypto_type 2011-10-21 14:24:03 +02:00
drm drm: integer overflow in drm_mode_dirtyfb_ioctl() 2011-11-23 08:59:28 +00:00
keys
linux Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2011-11-07 10:55:33 -08:00
math-emu
media Merge branch 'modsplit-Oct31_2011' of git://git.kernel.org/pub/scm/linux/kernel/git/paulg/linux 2011-11-06 19:44:47 -08:00
misc [media] altera-stapl: it is time to move out from staging 2011-09-23 15:00:57 -03:00
mtd
net Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2011-11-07 10:55:33 -08:00
pcmcia
rdma Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/roland/infiniband 2011-11-01 10:51:38 -07:00
rxrpc
scsi Merge git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi-misc-2.6 2011-10-28 16:44:18 -07:00
sound Merge branch 'modsplit-Oct31_2011' of git://git.kernel.org/pub/scm/linux/kernel/git/paulg/linux 2011-11-06 19:44:47 -08:00
target Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending 2011-11-06 19:00:42 -08:00
trace Merge branch 'modsplit-Oct31_2011' of git://git.kernel.org/pub/scm/linux/kernel/git/paulg/linux 2011-11-06 19:44:47 -08:00
video Merge branch 'for-florian' of git://gitorious.org/linux-omap-dss2/linux into fbdev-next 2011-10-15 00:19:52 +00:00
xen Merge branch 'upstream/xen-settime' of git://git.kernel.org/pub/scm/linux/kernel/git/jeremy/xen 2011-11-06 20:15:05 -08:00
Kbuild