[conspire] Buggy ATI Driver (and others) Leaves Vista Open to Attack

Ryan Russell ryan at thievco.com
Sat Aug 18 09:47:30 PDT 2007

Don Marti wrote:
> begin Adrien Lamothe quotation of Fri, Aug 17, 2007 at 09:12:19PM -0700:
>> This is fun; check it out:
>> http://www.eweek.com/article2/0,1895,2170804,00.asp
> Nvidia and ATI supposedly share code between their
> Linux and Microsoft Windows drivers -- so the bug may
> be there in another form for people running "ATIux" or
> "NVidiux", the weird, not-really-supported derivatives
> of Linux you get when you install the proprietary
> graphics drivers.

There may bugs in their driver which could allow an attacker to execute
code in the Linux kernel from a non-privileged account.

But the Vista problem is slightly different. On Vista 64-bit, you aren't
supposed to be allowed kernel access even if you're administrator. You
are only allowed to add signed drivers. When one of those signed drivers
has bugs, then an administrator (and maybe user) can execute code in the
kernel. Since Linux (AFAIK) doesn't attempt to keep root out of the
kernel, it doesn't have this class of problem.


More information about the conspire mailing list