CVE-2011-1016
Published: 28 February 2011
The Radeon GPU drivers in the Linux kernel before 2.6.38-rc5 do not properly validate data related to the AA resolve registers, which allows local users to write to arbitrary memory locations associated with (1) Video RAM (aka VRAM) or (2) the Graphics Translation Table (GTT) via crafted values.
From the Ubuntu security team
Marek Olšák discovered that the Radeon GPU drivers did not correctly validate certain registers. On systems with specific hardware, a local attacker could exploit this to write to arbitrary video memory.
Priority
Medium
Status
| Package | Release | Status |
|---|---|---|
|
linux Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.38~rc7)
|
|
Patches: Upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fff1ce4dc6113b6fdc4e3a815ca5fd229408f8ef Upstream: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=45e4039c3aea597ede44a264cea322908cdedfe9 |
||
|
linux-ec2 Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.38~rc7)
|
|
linux-fsl-imx51 Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.38~rc7)
|
|
linux-lts-backport-maverick Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.38~rc7)
|
|
linux-lts-backport-natty Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.38~rc7)
|
|
linux-mvl-dove Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.38~rc7)
|
|
linux-source-2.6.15 Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.38~rc7)
|
|
linux-ti-omap4 Launchpad, Ubuntu, Debian |
Upstream |
Released
(2.6.38~rc7)
|
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1016
- https://usn.ubuntu.com/usn/usn-1141-1
- https://usn.ubuntu.com/usn/usn-1160-1
- https://usn.ubuntu.com/usn/usn-1162-1
- https://usn.ubuntu.com/usn/usn-1167-1
- https://usn.ubuntu.com/usn/usn-1159-1
- https://usn.ubuntu.com/usn/usn-1187-1
- https://usn.ubuntu.com/usn/usn-1202-1
- NVD
- Launchpad
- Debian