CVE-2011-2022

Name: CVE-2011-2022
Creator: NVD / NIST
Published: 2011-05-09T19:55:03.85+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.38%

Last modified Jun 16, 2026

CVE-2011-2022 is a vulnerability of currently unknown severity. The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745.. EPSS estimates a 0.38% chance of exploitation in the next 30 days.

Description

The agp_generic_remove_memory function in drivers/char/agp/generic.c in the Linux kernel before 2.6.38.5 does not validate a certain start parameter, which allows local users to gain privileges or cause a denial of service (system crash) via a crafted AGPIOC_UNBIND agp_ioctl ioctl call, a different vulnerability than CVE-2011-1745.

Metrics

EPSS Probability

0.38%

30.1th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-20

Affected Software

Vendor	Product	Versions
Linux	Linux Kernel	< 2.6.38.5
Redhat	Enterprise Linux	5.0
Redhat	Enterprise Linux Aus	5.6
Redhat	Enterprise Linux Desktop	5.0
Redhat	Enterprise Linux Eus	5.6
Redhat	Enterprise Linux Server	5.0
Redhat	Enterprise Linux Workstation	5.0

References

http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=194b3da873fd334ef183806db751473512af29ce
http://openwall.com/lists/oss-security/2011/04/21/4Mailing List, Patch, Third Party Advisory
http://openwall.com/lists/oss-security/2011/04/22/7Mailing List, Patch, Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2011-0927.htmlThird Party Advisory
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.5Release Notes, Vendor Advisory
http://www.securityfocus.com/bid/47843Third Party Advisory, VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=698996Issue Tracking, Patch, Third Party Advisory
https://lkml.org/lkml/2011/4/14/293Patch, Third Party Advisory
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=194b3da873fd334ef183806db751473512af29ce
http://openwall.com/lists/oss-security/2011/04/21/4Mailing List, Patch, Third Party Advisory
http://openwall.com/lists/oss-security/2011/04/22/7Mailing List, Patch, Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2011-0927.htmlThird Party Advisory
http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.38.5Release Notes, Vendor Advisory
http://www.securityfocus.com/bid/47843Third Party Advisory, VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=698996Issue Tracking, Patch, Third Party Advisory
https://lkml.org/lkml/2011/4/14/293Patch, Third Party Advisory

Timeline

Published: May 9, 2011
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2011-2022?

How severe is CVE-2011-2022?

Severity scoring for CVE-2011-2022 is pending analysis. The EPSS model estimates a 0.38% probability of exploitation in the next 30 days.

How do I fix CVE-2011-2022?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2011-2022?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST