Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sun 18 Aug 2019, 09:45
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Device driver vulnerabilities AMI, ASRock, ASUS, ATI..et al
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [2 Posts]  
Author Message
belham2

Joined: 15 Aug 2016
Posts: 1667

PostPosted: Sun 11 Aug 2019, 14:29    Post subject:  Device driver vulnerabilities AMI, ASRock, ASUS, ATI..et al  

https://www.securityweek.com/vulnerabilities-device-drivers-20-vendors-expose-pcs-persistent-malware

".......Privilege escalation flaws were previously found in drivers from Huawei, ASUS, ASRock, Gigabyte and others, and some sophisticated threats, such as the Slingshot campaign and some Fancy Bear attacks, exploited these types of weaknesses to deploy rootkits.

Eclypsium wanted to find out just how common device driver vulnerabilities are and its researchers analyzed software from AMI, ASRock, ASUS, ATI, Biostar, EVGA, Getac, Gigabyte, Huawei, Insyde, Intel, MSI, NVIDIA, Phoenix Technologies, Realtek, SuperMicro, Toshiba, and other vendors who have not been named due to their work in highly regulated environments.

According to Eclypsium, the security holes found by its employees in these drivers can be exploited to escalate privileges from user mode to kernel mode, which gives a piece of malware
...."
Back to top
View user's profile Send private message 
nosystemdthanks


Joined: 03 May 2018
Posts: 671

PostPosted: Tue 13 Aug 2019, 02:50    Post subject: Re: Device driver vulnerabilities AMI, ASRock, ASUS, ATI..et al  

belham2 wrote:
According to Eclypsium, the security holes found by its employees in these drivers can be exploited to escalate privileges from user mode to kernel mode, which gives a piece of malware[/i]...."


i consider this relevant, but as far as i know this wont affect puppy users who are already running everything with full privileges-- or so im routinely told when stories like this come up.

perhaps, given that the browser is not run as root, it is a problem there, theoretically, though i dont know how the browser would directly affect these drivers. and root usermode isnt the same as kernel afaik, but root can certainly bridge that gap. root can load and unload kernel modules, etc.

_________________
"microsoft is unique among proprietary software companies: they are the only ones who have actively tried to kill [floss]. it’s not often someone wants to be your friend after trying to kill you for ten years" -- bradley m. kuhn
Back to top
View user's profile Send private message Visit poster's website 
Display posts from previous:   Sort by:   
Page 1 of 1 [2 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0278s ][ Queries: 11 (0.0043s) ][ GZIP on ]