Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2011-2022

Опубликовано: 14 апр. 2011
Источник: redhat
CVSS2: 6.6
EPSS Низкий

Описание

The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745.

Отчет

This issue affects the versions of Linux kernel as shipped with Red Hat Enterprise 4, 5, 6, and Red Hat Enterprise MRG. This has been addressed in Red Hat Enterprise Linux 5, 6, and Red Hat Enterprise MRG via https://rhn.redhat.com/errata/RHSA-2011-0927.html, https://rhn.redhat.com/errata/RHSA-2011-1350.html, and https://rhn.redhat.com/errata/RHSA-2011-1253.html. Red Hat Enterprise Linux 4 is now in Production 3 of the maintenance life-cycle, https://access.redhat.com/support/policy/updates/errata/, therefore the fix for this issue is not currently planned to be included in the future updates.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 4kernelAffected
Red Hat Enterprise MRG 1realtime-kernelAffected
Red Hat Enterprise Linux 5kernelFixedRHSA-2011:092715.07.2011
Red Hat Enterprise Linux 6kernelFixedRHSA-2011:135005.10.2011
Red Hat Enterprise MRG 2kernel-rtFixedRHSA-2011:125312.09.2011

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important
https://bugzilla.redhat.com/show_bug.cgi?id=698996kernel: agp: insufficient pg_start parameter checking in AGPIOC_BIND and AGPIOC_UNBIND ioctls

EPSS

Процентиль: 13%
0.00043
Низкий

6.6 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2011-2022

ubuntu
около 14 лет назад

The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745.

nvd логотип

CVE-2011-2022

nvd
около 14 лет назад

The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745.

debian логотип

CVE-2011-2022

debian
около 14 лет назад

The agp_generic_remove_memory function in drivers/char/agp/generic.c i ...

github логотип

GHSA-7768-324v-qm6c

github
около 3 лет назад

The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745.

oracle-oval логотип

ELSA-2011-1350

oracle-oval
больше 13 лет назад

ELSA-2011-1350: kernel security, bug fix, and enhancement update (IMPORTANT)

EPSS

Процентиль: 13%
0.00043
Низкий

6.6 Medium

CVSS2