Integer overflow in the i915_gem_execbuffer2 function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted ioctl call.
Vector
LOCAL
Complexity
LOW
Authentication
NONE
Confidentiality
NONE
Integrity
NONE
Availability
COMPLETE
Linux Kernel 3.3 release candidate 3
Linux Kernel 3.3.1
Linux Kernel 3.3 release candidate 2
Linux Kernel 3.3 release candidate 7
Linux Kernel 3.3 release candidate 4
Linux Kernel 3.3 release candidate 1
Linux Kernel 3.3 release candidate 6
Linux Kernel 3.3.2
Linux Kernel 3.3.3
Linux Kernel 3.3 release candidate 5
Linux Kernel 3.3.4
Linux Kernel 3.3