Integer overflow in Linux Linux_kernel

CVE-2011-1745

Integer overflow in the agp_generic_insert_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_BIND agp_io…

Vulnerability class: Integer Overflow

EPSS: 0.000 (13.6th percentile) — read the EPSS interpretation.

Affected products

Linux Linux_kernel
Redhat Enterprise_linux — versions 5.0
Redhat Enterprise_linux_aus — versions 5.6
Redhat Enterprise_linux_desktop — versions 5.0
Redhat Enterprise_linux_eus — versions 5.6
Redhat Enterprise_linux_server — versions 5.0
Redhat Enterprise_linux_workstation — versions 5.0
N/a — versions n/a

Weakness classification (CWE)

CWE-190 — Integer Overflow or Wraparound

References

RHSA-2011:0927 (x_refsource_REDHAT, vendor-advisory, Third Party Advisory)
[oss-security] 20110421 CVE request: kernel: buffer overflow and DoS issues in agp (mailing-list, x_refsource_MLIST, Patch, Mailing List)
secalert@redhat.com (x_refsource_CONFIRM, Patch, Third Party Advisory, Issue Tracking)
secalert@redhat.com (x_refsource_CONFIRM)
[linux-kernel] 20110414 [PATCH] char: agp: fix arbitrary kernel memory writes (mailing-list, x_refsource_MLIST, Patch, Third Party Advisory)
[oss-security] 20110422 Re: CVE request: kernel: buffer overflow and DoS issues in agp (mailing-list, x_refsource_MLIST, Patch, Mailing List, Third Party Advisory)
secalert@redhat.com (x_refsource_CONFIRM, Release Notes, Vendor Advisory)
47534 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)