CVE-2011-1016

Sažetak

The Radeon GPU drivers in the Linux kernel before 2.6.38-rc5 do not properly validate data related to the AA resolve registers, which allows local users to write to arbitrary memory locations associated with (1) Video RAM (aka VRAM) or (2) the Graphics Translation Table (GTT) via crafted values.

Reference

http://openwall.com/lists/oss-security/2011/02/24/3
http://www.securityfocus.com/bid/46557
http://openwall.com/lists/oss-security/2011/02/24/11
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.38-rc5
http://openwall.com/lists/oss-security/2011/02/25/4
https://bugzilla.redhat.com/show_bug.cgi?id=680000
https://exchange.xforce.ibmcloud.com/vulnerabilities/65691
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fff1ce4dc6113b6fdc4e3a815ca5fd229408f8ef

CVSS

Base:	1.9
Impact:	2.9
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:L/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

13-02-2023 - 01:18

Objavljeno

28-02-2011 - 16:00