agp_ioctl() vulnerability fix

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

agp_ioctl() vulnerability fix

Miod Vallat
Insufficient validation in vga(4) may allow an attacker to gain root
privileges if the kernel is compiled with option PCIAGP and the actual
device is not an AGP device. The PCIAGP option is present by default on
i386 kernels only. This vulnerability has been discovered by Ilja van
Sprundel.

A patch addressing this problem is available in the -STABLE branches for
OpenBSD 3.9 and OpenBSD 4.0. Standalone patch files are also available:

- for OpenBSD 4.0:
  ftp://ftp.OpenBSD.org/pub/OpenBSD/patches/4.0/i386/007_agp.patch

- for OpenBSD 3.9:
  ftp://ftp.OpenBSD.org/pub/OpenBSD/patches/3.9/i386/017_agp.patch

For more information about OpenBSD errata and how to apply them, please
refer to FAQ 10.15: http://www.OpenBSD.org/faq/faq10.html#Patches

Loading...