CVE-2011-2022
published 2011-05-09CVE-2011-2022: The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which…
medium6.9CVSS 3.1
AVLACMAuNCCICAC
The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745.
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chrome_chrome | — | — | |
| linux | linux_kernel | < 2.6.38.5 | 2.6.38.5 |
| msrc | microsoft_edge | — | — |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux_aus | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_eus | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_workstation | — | — |
CVSS provenance
nvd6.9MEDIUMAV:L/AC:M/Au:N/C:C/I:C/A:C
cisa9.8CRITICAL