PublicDateAtUSN: 2011-05-09
Candidate: CVE-2011-1747
PublicDate: 2011-05-09 19:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1747
Description:
 The agp subsystem in the Linux kernel 2.6.38.5 and earlier does not
 properly restrict memory allocation by the (1) AGPIOC_RESERVE and (2)
 AGPIOC_ALLOCATE ioctls, which allows local users to cause a denial of
 service (memory consumption) by making many calls to these ioctls.
Ubuntu-Description:
 Vasiliy Kulikov discovered that the AGP driver did not check the size of
 certain memory allocations. A local attacker with access to the video
 subsystem could exploit this to run the system out of memory, leading to a
 denial of service.
Notes:
 kees> no upstream fix yet
 apw> below is a partial fix, complete fix still remains
 apw> break-fix: - b522f02184b413955f3bc952e3776ce41edc6355
 mdeslaur> CAP_SYS_RAWIO is needed to exploit this, so is not security
 mdeslaur> relevant. Ignoring.
Bugs:
 https://launchpad.net/bugs/788700
Priority: low
Discovered-by: Vasiliy Kulikov
Assigned-to:
CVSS: 

Patches_linux:
upstream_linux: deferred (referred to security)
dapper_linux: DNE
hardy_linux: ignored
lucid_linux: ignored
maverick_linux: ignored
natty_linux: ignored
oneiric_linux: ignored
precise_linux: ignored
quantal_linux: ignored
devel_linux: ignored

Patches_linux-ec2:
upstream_linux-ec2: deferred (referred to security)
dapper_linux-ec2: DNE
hardy_linux-ec2: DNE
lucid_linux-ec2: ignored
maverick_linux-ec2: ignored (binary supplied by "linux" now)
natty_linux-ec2: DNE
oneiric_linux-ec2: DNE
precise_linux-ec2: DNE
quantal_linux-ec2: DNE
devel_linux-ec2: DNE

Patches_linux-mvl-dove:
upstream_linux-mvl-dove: deferred (referred to security)
dapper_linux-mvl-dove: DNE
hardy_linux-mvl-dove: DNE
lucid_linux-mvl-dove: not-affected (no AGP on ARM)
maverick_linux-mvl-dove: not-affected (no AGP on ARM)
natty_linux-mvl-dove: DNE
oneiric_linux-mvl-dove: DNE
precise_linux-mvl-dove: DNE
quantal_linux-mvl-dove: DNE
devel_linux-mvl-dove: DNE

Patches_linux-ti-omap4:
upstream_linux-ti-omap4: deferred (referred to security)
dapper_linux-ti-omap4: DNE
hardy_linux-ti-omap4: DNE
lucid_linux-ti-omap4: DNE
maverick_linux-ti-omap4: not-affected (no AGP on ARM)
natty_linux-ti-omap4: not-affected (no AGP on ARM)
oneiric_linux-ti-omap4: not-affected (no AGP on ARM)
precise_linux-ti-omap4: not-affected (no AGP on ARM)
quantal_linux-ti-omap4: not-affected (no AGP on ARM)
devel_linux-ti-omap4: not-affected (no AGP on ARM)

Patches_linux-lts-backport-maverick:
upstream_linux-lts-backport-maverick: deferred (referred to security)
dapper_linux-lts-backport-maverick: DNE
hardy_linux-lts-backport-maverick: DNE
lucid_linux-lts-backport-maverick: ignored
maverick_linux-lts-backport-maverick: DNE
natty_linux-lts-backport-maverick: DNE
oneiric_linux-lts-backport-maverick: DNE
precise_linux-lts-backport-maverick: DNE
quantal_linux-lts-backport-maverick: DNE
devel_linux-lts-backport-maverick: DNE

Patches_linux-fsl-imx51:
upstream_linux-fsl-imx51: deferred (referred to security)
dapper_linux-fsl-imx51: DNE
hardy_linux-fsl-imx51: DNE
lucid_linux-fsl-imx51: not-affected (no AGP on ARM)
maverick_linux-fsl-imx51: DNE
natty_linux-fsl-imx51: DNE
oneiric_linux-fsl-imx51: DNE
precise_linux-fsl-imx51: DNE
quantal_linux-fsl-imx51: DNE
devel_linux-fsl-imx51: DNE

Patches_linux-lts-backport-natty:
upstream_linux-lts-backport-natty: deferred (referred to security)
hardy_linux-lts-backport-natty: DNE
lucid_linux-lts-backport-natty: ignored
maverick_linux-lts-backport-natty: DNE
natty_linux-lts-backport-natty: DNE
oneiric_linux-lts-backport-natty: DNE
precise_linux-lts-backport-natty: DNE
quantal_linux-lts-backport-natty: DNE
devel_linux-lts-backport-natty: DNE

Patches_linux-lts-backport-oneiric:
upstream_linux-lts-backport-oneiric: deferred (referred to security)
hardy_linux-lts-backport-oneiric: DNE
lucid_linux-lts-backport-oneiric: ignored
maverick_linux-lts-backport-oneiric: DNE
natty_linux-lts-backport-oneiric: DNE
oneiric_linux-lts-backport-oneiric: DNE
precise_linux-lts-backport-oneiric: DNE
quantal_linux-lts-backport-oneiric: DNE
devel_linux-lts-backport-oneiric: DNE

Patches_linux-armadaxp:
upstream_linux-armadaxp: needs-triage
hardy_linux-armadaxp: DNE
lucid_linux-armadaxp: DNE
natty_linux-armadaxp: DNE
oneiric_linux-armadaxp: DNE
precise_linux-armadaxp: not-affected
quantal_linux-armadaxp: not-affected
devel_linux-armadaxp: not-affected

Patches_linux-lts-quantal:
upstream_linux-lts-quantal: DNE
hardy_linux-lts-quantal: DNE
lucid_linux-lts-quantal: DNE
oneiric_linux-lts-quantal: DNE
precise_linux-lts-quantal: ignored
quantal_linux-lts-quantal: DNE
devel_linux-lts-quantal: DNE