[CVE-2011-1746] agp: fix OOM and buffer overflow
Tim Gardner
tim.gardner at canonical.com
Thu Jun 2 15:03:57 UTC 2011
On 06/02/2011 09:38 AM, Andy Whitcroft wrote:
> CVE-2011-1746
> Multiple integer overflows in the (1) agp_allocate_memory and (2)
> agp_create_user_memory functions in drivers/char/agp/generic.c
> in the Linux kernel before 2.6.38.5 allow local users to trigger
> buffer overflows, and consequently cause a denial of service
> (system crash) or possibly have unspecified other impact, via
> vectors related to calls that specify a large number of memory
> pages.
>
> This fix was applied to Oneiric, Natty, and Lucid via mainline and
> stable updates. Following this email is a patch which applies to both
> Hardy and Maverick, this is a simple cherry-pick from mainline.
>
> Proposing for Hardy and Maverick.
>
> -apw
>
Thought you did this one already?
Acked-by: Tim Gardner <tim.gardner at canonical.com>
--
Tim Gardner tim.gardner at canonical.com
More information about the kernel-team
mailing list