Lucene search

[email protected]CVE-2011-1016

HistoryFeb 28, 2011 - 4:00 p.m.

CVE-2011-1016

2011-02-2816:00:00

CWE-20

[email protected]

web.nvd.nist.gov

radeon gpu

linux kernel

data validation

aa resolve registers

memory locations

vram

gtt

security vulnerability

cve-2011-1016

nvd

6.8 Medium

AI Score

Confidence

Low

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

The Radeon GPU drivers in the Linux kernel before 2.6.38-rc5 do not properly validate data related to the AA resolve registers, which allows local users to write to arbitrary memory locations associated with (1) Video RAM (aka VRAM) or (2) the Graphics Translation Table (GTT) via crafted values.

CPENameOperatorVersion
linux:linux_kernellinux linux kerneleq2.6.38

CPE	Name	Operator	Version
linux:linux_kernel	linux linux kernel	eq	2.6.38

References

git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fff1ce4dc6113b6fdc4e3a815ca5fd229408f8ef

openwall.com/lists/oss-security/2011/02/24/11

openwall.com/lists/oss-security/2011/02/24/3

openwall.com/lists/oss-security/2011/02/25/4

www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.38-rc5

www.securityfocus.com/bid/46557

bugzilla.redhat.com/show_bug.cgi?id=680000

exchange.xforce.ibmcloud.com/vulnerabilities/65691

6.8 Medium

AI Score

Confidence

Low

1.9 Low

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:M/Au:N/C:N/I:P/A:N

0.0004 Low

EPSS

Percentile

5.3%

JSON

Related for CVE-2011-1016

prion1 veracode1 ubuntucve1 oraclelinux3 openvas18 nessus19 redhat1 suse5 securityvulns3 osv1 debian1 ubuntu6 packetstorm1