Oracle Solaris Third-Party Patch Update : libdrm (cve_2013_0913_numeric_errors)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote Solaris system is missing a security patch for third-party
software.

Description :

The remote Solaris system is missing necessary patches to address
security updates :

- Integer overflow in
drivers/gpu/drm/i915/i915_gem_execbuffer.c in the i915
driver in the Direct Rendering Manager (DRM) subsystem
in the Linux kernel through 3.8.3, as used in Google
Chrome OS before 25.0.1364.173 and other products,
allows local users to cause a denial of service
(heap-based buffer overflow) or possibly have
unspecified other impact via a crafted application that
triggers many relocation copies, and potentially leads
to a race condition. (CVE-2013-0913)

See also :

http://www.nessus.org/u?b5f8def1
http://www.nessus.org/u?9d674117

Solution :

Upgrade to Solaris 11.2.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)

Family: Solaris Local Security Checks

Nessus Plugin ID: 80667 ()

Bugtraq ID:

CVE ID: CVE-2013-0913

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now