Unvalidated Start Parameter in agp_generic_remove_memory Function in Linux Kernel

Unvalidated Start Parameter in agp_generic_remove_memory Function in Linux Kernel

CVE-2011-2022 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745.

Learn more about our Cis Benchmark Audit For Bind.