Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.
No PoCs from references.
- https://github.com/bygregonline/devsec-fastapi-report
- https://github.com/robertsirc/sle-bci-demo
- https://github.com/shakyaraj9569/Documentation
- https://github.com/sjourdan/clair-lab