QwikSec

Security Database

CVE

CWE

Training

CVE-2011-2022

Published: May 9, 2011

Modified: Aug 6, 2024

PUBLISHED

Description

The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_REDHAT

[oss-security] 20110421 CVE request: kernel: buffer overflow and DoS issues in agp

mailing-list

x_refsource_MLIST

https://bugzilla.redhat.com/show_bug.cgi?id=698996

x_refsource_CONFIRM

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=194b3da873fd334ef183806db751473512af29ce

x_refsource_CONFIRM

[linux-kernel] 20110414 [PATCH] char: agp: fix arbitrary kernel memory writes

mailing-list

x_refsource_MLIST

[oss-security] 20110422 Re: CVE request: kernel: buffer overflow and DoS issues in agp

mailing-list

x_refsource_MLIST

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.5

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.