CVE-2011-1746

Priority
Description
Multiple integer overflows in the (1) agp_allocate_memory and (2)
agp_create_user_memory functions in drivers/char/agp/generic.c in the Linux
kernel before 2.6.38.5 allow local users to trigger buffer overflows, and
consequently cause a denial of service (system crash) or possibly have
unspecified other impact, via vectors related to calls that specify a large
number of memory pages.
Ubuntu-Description
Vasiliy Kulikov discovered that the AGP driver did not check the size of
certain memory allocations. A local attacker with access to the video
subsystem could exploit this to run the system out of memory, leading to a
denial of service.
Notes
Package
Upstream:released (2.6.39~rc5)
Package
Upstream:released (2.6.39~rc5)
Package
Upstream:released (2.6.39~rc5)
Package
Upstream:released (2.6.39~rc5)
Package
Upstream:released (2.6.39~rc5)
Package
Upstream:released (2.6.39~rc5)
Package
Upstream:released (2.6.39~rc5)
More Information

Updated: 2019-12-05 20:57:02 UTC (commit 0aa5e7c87c8b55d2ec5c7f4ca1179cf75de91961)