[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

96174

 
 

909

 
 

78077

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2011-1016

Date: (C)2011-02-28   (M)2017-08-18
 
CVSS Score: 6.9Access Vector: LOCAL
Exploitability Subscore: 3.4Access Complexity: MEDIUM
Impact Subscore: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE











The Radeon GPU drivers in the Linux kernel before 2.6.38-rc5 do not properly validate data related to the AA resolve registers, which allows local users to write to arbitrary memory locations associated with (1) Video RAM (aka VRAM) or (2) the Graphics Translation Table (GTT) via crafted values.

Reference:
BID-46557
http://openwall.com/lists/oss-security/2011/02/24/3
http://openwall.com/lists/oss-security/2011/02/24/11
http://openwall.com/lists/oss-security/2011/02/25/4
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fff1ce4dc6113b6fdc4e3a815ca5fd229408f8ef
http://www.kernel.org/pub/linux/kernel/v2.6/testing/ChangeLog-2.6.38-rc5
https://bugzilla.redhat.com/show_bug.cgi?id=680000
kernel-atiradeon-sec-bypass(65691)

CPE    449
cpe:/o:linux:linux_kernel:2.6.33:rc7
cpe:/o:linux:linux_kernel:2.6.33:rc4
cpe:/o:linux:linux_kernel:2.6.33:rc3
cpe:/o:linux:linux_kernel:2.6.33:rc6
...
CWE    1
CWE-20
OVAL    10
oval:org.secpod.oval:def:700550
oval:org.secpod.oval:def:700549
oval:org.secpod.oval:def:700544
oval:org.secpod.oval:def:700519
...

© 2013 SecPod Technologies