Linked by Thom Holwerda on Thu 11th May 2006 15:50 UTC, submitted by anonymous
A feature called System Management Mode included in modern x86 cpus opens the way to the land of kernel space and the quest for ring zero. Federico Biancuzzi interviews French researcher Loïc Duflot to learn about the System Management Mode attack, how to mitigate it, what hardware is vulnerable, and why we should be concerned with recent X Server bugs.
Thread beginning with comment 123560
To view parent comment, click here.
To read all comments associated with this story, please click here.
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:
2005-07-10
You need to read the article again.
If OS doesn't allow PIO access to user mode code, this exploit is not possible.
However, the article doesn't clearly say if you can carry out this exploit without root privilege or not. If this requires root privilege, then to me it is not a bug. Once you are root, you can exploit the system in whatever way you want. You can easily install a driver to get to kernel mode and do whatever the hell you want.
If on the other hand, a non-root process can do this, then it is definitely a serious bug in *nixes.