frederik
/
xserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
xserver/hw/xfree86/dri2
History
Alan Coopersmith 6692670fde dri2: integer overflow in ProcDRI2GetBuffers() [CVE-2014-8094] 
ProcDRI2GetBuffers() tries to validate a length field (count).
There is an integer overflow in the validation. This can cause
out of bound reads and memory corruption later on.

Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
Reviewed-by: Julien Cristau <jcristau@debian.org>
 		2014-12-08 18:09:47 -08:00
..
pci_ids dri2: Distribute new pci_ids headers 2014-10-28 21:30:23 -07:00
Makefile.am dri2: Distribute new pci_ids headers 2014-10-28 21:30:23 -07:00
dri2.c dri2: Automatically fill in the driver name if the DDX doesn't provide it. 2014-10-27 13:16:23 -07:00
dri2.h dri2: Add DRI2CreateDrawable2. 2012-07-12 15:08:37 -07:00
dri2ext.c dri2: integer overflow in ProcDRI2GetBuffers() [CVE-2014-8094] 2014-12-08 18:09:47 -08:00
dri2int.h Move DRI2 from external module to built-in 2012-07-10 00:31:01 -07:00