6.6 Medium
AI Score
Confidence
Low
1.9 Low
CVSS2
Access Vector
LOCAL
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:M/Au:N/C:N/I:P/A:N
0.0004 Low
EPSS
Percentile
5.4%
The Radeon GPU drivers in the Linux kernel before 2.6.38-rc5 do not properly validate data related to the AA resolve registers, which allows local users to write to arbitrary memory locations associated with (1) Video RAM (aka VRAM) or (2) the Graphics Translation Table (GTT) via crafted values.
CPE | Name | Operator | Version |
---|---|---|---|
linux_kernel | eq | 2.6.38 rc4 | |
linux_kernel | eq | 2.6.38 rc3 | |
linux_kernel | eq | 2.6.38 rc2 | |
linux_kernel | eq | 2.6.38 rc1 | |
linux_kernel | lt | 2.6.38 | |
linux_kernel | eq | 2.6.38 |
git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fff1ce4dc6113b6fdc4e3a815ca5fd229408f8ef
openwall.com/lists/oss-security/2011/02/24/11
openwall.com/lists/oss-security/2011/02/24/3
openwall.com/lists/oss-security/2011/02/25/4
www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.38-rc5
www.securityfocus.com/bid/46557
bugzilla.redhat.com/show_bug.cgi?id=680000
exchange.xforce.ibmcloud.com/vulnerabilities/65691