CVE-2011-1746

Published: May 9, 2011Modified: Apr 29, 2026

6.9

Vector

AV:L/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 3.4 / Impact: 10.0

Source: NVD

Description

Multiple integer overflows in the (1) agp_allocate_memory and (2) agp_create_user_memory functions in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 allow local users to trigger buffer overflows, and consequently cause a denial of service (system crash) or possibly have unspecified other impact, via vectors related to calls that specify a large number of memory pages.

Affected (7)

Products: Linux: Linux Kernel · Redhat: Enterprise Linux, Enterprise Linux Aus, Enterprise Linux Desktop, Enterprise Linux Eus, Enterprise Linux Server, Enterprise Linux Workstation

1 product

6 products

Enterprise Linux

Enterprise Linux Aus

Enterprise Linux Desktop

Enterprise Linux Eus

Enterprise Linux Server

Enterprise Linux Workstation

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Before 2.6.38.5

Configuration B

6 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 5.0
Redhat Enterprise Linux Aus	Version 5.6
Redhat Enterprise Linux Desktop	Version 5.0
Redhat Enterprise Linux Eus	Version 5.6
Redhat Enterprise Linux Server	Version 5.0
Redhat Enterprise Linux Workstation	Version 5.0

Related CWEs

References (18)

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b522f02184b413955f3bc952e3776ce41edc6355

Source: secalert@redhat.com

http://openwall.com/lists/oss-security/2011/04/21/4

Source: secalert@redhat.com

Mailing ListPatchThird Party Advisory

http://openwall.com/lists/oss-security/2011/04/22/7

Source: secalert@redhat.com

Mailing ListPatchThird Party Advisory

http://rhn.redhat.com/errata/RHSA-2011-0927.html

Source: secalert@redhat.com

Third Party Advisory

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.5

Source: secalert@redhat.com

Release NotesVendor Advisory

http://www.securityfocus.com/bid/47535

Source: secalert@redhat.com

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=698998

Source: secalert@redhat.com

Issue TrackingPatchThird Party Advisory

https://lkml.org/lkml/2011/4/14/294

Source: secalert@redhat.com

PatchThird Party Advisory

https://lkml.org/lkml/2011/4/19/400

Source: secalert@redhat.com

Third Party Advisory

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b522f02184b413955f3bc952e3776ce41edc6355

Source: af854a3a-2127-422b-91ae-364da2661108

http://openwall.com/lists/oss-security/2011/04/21/4

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatchThird Party Advisory

http://openwall.com/lists/oss-security/2011/04/22/7

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListPatchThird Party Advisory

http://rhn.redhat.com/errata/RHSA-2011-0927.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.5

Source: af854a3a-2127-422b-91ae-364da2661108

Release NotesVendor Advisory

http://www.securityfocus.com/bid/47535

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://bugzilla.redhat.com/show_bug.cgi?id=698998

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchThird Party Advisory

https://lkml.org/lkml/2011/4/14/294

Source: af854a3a-2127-422b-91ae-364da2661108

PatchThird Party Advisory

https://lkml.org/lkml/2011/4/19/400

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.