CVE-2011-1016
Published: 28 February 2011
The Radeon GPU drivers in the Linux kernel before 2.6.38-rc5 do not properly validate data related to the AA resolve registers, which allows local users to write to arbitrary memory locations associated with (1) Video RAM (aka VRAM) or (2) the Graphics Translation Table (GTT) via crafted values.
From the Ubuntu Security Team
Marek Olšák discovered that the Radeon GPU drivers did not correctly validate certain registers. On systems with specific hardware, a local attacker could exploit this to write to arbitrary video memory.
Priority
Status
Package | Release | Status |
---|---|---|
linux Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Not vulnerable
|
|
karmic |
Not vulnerable
|
|
lucid |
Released
(2.6.32-32.62)
|
|
maverick |
Released
(2.6.35-29.51)
|
|
natty |
Released
(2.6.38-6.33)
|
|
upstream |
Released
(2.6.38~rc7)
|
|
Patches: upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fff1ce4dc6113b6fdc4e3a815ca5fd229408f8ef upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=45e4039c3aea597ede44a264cea322908cdedfe9 |
||
linux-ec2 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Does not exist
|
|
karmic |
Ignored
(end of life)
|
|
lucid |
Released
(2.6.32-316.30)
|
|
maverick |
Ignored
(end of life)
|
|
natty |
Does not exist
|
|
upstream |
Released
(2.6.38~rc7)
|
|
linux-fsl-imx51 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Does not exist
|
|
karmic |
Ignored
(end of life)
|
|
lucid |
Not vulnerable
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
upstream |
Released
(2.6.38~rc7)
|
|
linux-lts-backport-maverick Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Does not exist
|
|
karmic |
Does not exist
|
|
lucid |
Released
(2.6.35-30.54~lucid1)
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
upstream |
Released
(2.6.38~rc7)
|
|
linux-lts-backport-natty Launchpad, Ubuntu, Debian |
hardy |
Does not exist
|
lucid |
Not vulnerable
(2.6.38-7.35~lucid1)
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
upstream |
Released
(2.6.38~rc7)
|
|
linux-mvl-dove Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Does not exist
|
|
karmic |
Ignored
(end of life)
|
|
lucid |
Released
(2.6.32-217.34)
|
|
maverick |
Released
(2.6.32-417.34)
|
|
natty |
Does not exist
|
|
upstream |
Released
(2.6.38~rc7)
|
|
linux-source-2.6.15 Launchpad, Ubuntu, Debian |
dapper |
Not vulnerable
|
hardy |
Does not exist
|
|
karmic |
Does not exist
|
|
lucid |
Does not exist
|
|
maverick |
Does not exist
|
|
natty |
Does not exist
|
|
upstream |
Released
(2.6.38~rc7)
|
|
linux-ti-omap4 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
hardy |
Does not exist
|
|
karmic |
Does not exist
|
|
lucid |
Does not exist
|
|
maverick |
Released
(2.6.35-903.23)
|
|
natty |
Released
(2.6.38-1204.5)
|
|
upstream |
Released
(2.6.38~rc7)
|
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1016
- https://ubuntu.com/security/notices/USN-1141-1
- https://ubuntu.com/security/notices/USN-1160-1
- https://ubuntu.com/security/notices/USN-1162-1
- https://ubuntu.com/security/notices/USN-1167-1
- https://ubuntu.com/security/notices/USN-1159-1
- https://ubuntu.com/security/notices/USN-1187-1
- https://ubuntu.com/security/notices/USN-1202-1
- NVD
- Launchpad
- Debian