First published: Tue Dec 26 2006(Updated: )
OpenBSD and NetBSD permit usermode code to kill the display server and write to the X.Org /dev/xf86 device, which allows local users with root privileges to reduce securelevel by replacing the System Management Mode (SMM) handler via a write to an SMRAM address within /dev/xf86 (aka the video card memory-mapped I/O range), and then launching the new handler via a System Management Interrupt (SMI), as demonstrated by a write to Programmed I/O port 0xB2.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
NetBSD NetBSD | =2.0.4 | |
Openbsd Openbsd |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.