CVE-2013-7445

Published Oct 16, 2015

Last updated 9 years ago

CVSS info 7.8

Overview

Description: The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.
Source: cret@cert.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "101169D3-5114-4964-A85A-80333B0F48AB",
            "versionEndIncluding": "4.0.0"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "16A2670E-195E-4454-8E1C-22D04AAA3E99"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F2331B3-45AF-4406-9641-A78F949C85D7"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F2FAD591-2AE8-4A14-91D8-79946C9D2244"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D5411C41-0F80-4633-9778-6BA7A20EED0E"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "17A43AA1-FF07-46AA-8A22-B73639876929"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3F7AB076-B553-4E1D-A604-4DFD976FC155"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BF9F02C5-128B-4E30-BA0E-7FD771F8AA72"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A449E564-051A-4C33-888D-DD84D15C1C01"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D7321A21-F4FC-4C05-8362-47BA25933FA6"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "849F1B99-46F5-4BCA-9A0D-0A45CD78AF89"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4BBA308E-F27E-4915-B7DF-C6DCE56ABA1C"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5398D9C4-9161-4C8E-AE72-A449A8546C47"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "42D448D6-CCC0-4FF1-B2EA-7A99C3A467B0"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.1.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AE654C62-FB2D-4F0C-858E-DBF15637A5EC"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.1.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EA5C6932-4C99-4271-BBE4-710B7C6984F2"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.1.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "809E15BD-4613-4D53-91DE-EE115A7A6D48"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.1.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5FBC32B-82C6-4DE2-9E94-3E1765B7234D"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.1.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AB50C500-289B-43CA-9AF5-69564A452213"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.1.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C51F0A1C-1359-4C88-820C-3A721F64A1E1"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.2.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C65BF8B8-071F-42CB-B710-8E6FFC49B1A1"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E5C5B538-158C-4F4A-9452-DAD2D0EF5A7E"
          },
          {
            "criteria": "cpe:2.3:o:linux:linux_kernel:4.2.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC507686-B52C-4ABE-9734-147071FC7C08"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References