The Dispatch_Write function in proxy/dispatcher/idirectfbsurface_dispatcher.c in DirectFB 1.4.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the Voodoo interface, which triggers an out-of-bounds write.
2014-06-11T14:55:07.550
2025-04-12T10:46:40.837
Deferred
CVSSv2: 10.0 (HIGH)
AV:N/AC:L/Au:N/C:C/I:C/A:C
10.0
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | directfb | directfb | 1.4.4 | Yes |
| Operating System | opensuse | opensuse | 13.1 | Yes |
| Operating System | opensuse | opensuse | 13.2 | Yes |
| Operating System | suse | linux_enterprise_desktop | 12 | Yes |
| Operating System | suse | linux_enterprise_software_development_kit | 12 | Yes |
| Operating System | suse | linux_enterprise_workstation_extension | 12 | Yes |
| Operating System | suse | suse_linux_enterprise_server | 12 | Yes |