[CVE-2011-2022] agp: fix arbitrary kernel memory writes

Tim Gardner tim.gardner at canonical.com
Thu May 26 16:04:14 UTC 2011


On 05/26/2011 09:50 AM, Andy Whitcroft wrote:
> CVE-2011-2022
>
> 	The agp_generic_remove_memory function in
> 	drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does
> 	not validate a certain start parameter, which allows local users
> 	to gain privileges or cause a denial of service (system crash)
> 	via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different
> 	vulnerability than CVE-2011-1745.
>
> This is already fixed and released in Oneiric, Natty, and Lucid arriving
> via mainline and stable.  Following this email is a patch applicable to
> both Maverick and Hardy.
>
> Proposing for Maverick and Hardy.
>
> -apw
>

Acked-by: Tim Gardner <tim.gardner at canonical.com>

-- 
Tim Gardner tim.gardner at canonical.com




More information about the kernel-team mailing list