CVE-2011-2022

Priority
Description
The agp_generic_remove_memory function in drivers/char/agp/generic.c in the
Linux kernel before 2.6.38.5 does not validate a certain start parameter,
which allows local users to gain privileges or cause a denial of service
(system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a
different vulnerability than CVE-2011-1745.
Ubuntu-Description
Vasiliy Kulikov discovered that the AGP driver did not check certain ioctl
values. A local attacker with access to the video subsystem could exploit
this to crash the system, leading to a denial of service, or possibly gain
root privileges.
Package
Upstream:released (2.6.39~rc5)
Package
Upstream:released (2.6.39~rc5)
Package
Upstream:released (2.6.39~rc5)
Package
Upstream:released (2.6.39~rc5)
Package
Upstream:released (2.6.39~rc5)
Package
Upstream:released (2.6.39~rc5)
Package
Upstream:released (2.6.39~rc5)
More Information

Updated: 2019-01-14 21:57:38 UTC (commit 51f9b73af244ba86b9321e46e526586c25a8e060)