[conspire] Buggy ATI Driver (and others) Leaves Vista Open to Attack
Ryan Russell
ryan at thievco.com
Sat Aug 18 09:47:30 PDT 2007
Don Marti wrote:
> begin Adrien Lamothe quotation of Fri, Aug 17, 2007 at 09:12:19PM -0700:
>
>> This is fun; check it out:
>>
>> http://www.eweek.com/article2/0,1895,2170804,00.asp
>
> Nvidia and ATI supposedly share code between their
> Linux and Microsoft Windows drivers -- so the bug may
> be there in another form for people running "ATIux" or
> "NVidiux", the weird, not-really-supported derivatives
> of Linux you get when you install the proprietary
> graphics drivers.
There may bugs in their driver which could allow an attacker to execute
code in the Linux kernel from a non-privileged account.
But the Vista problem is slightly different. On Vista 64-bit, you aren't
supposed to be allowed kernel access even if you're administrator. You
are only allowed to add signed drivers. When one of those signed drivers
has bugs, then an administrator (and maybe user) can execute code in the
kernel. Since Linux (AFAIK) doesn't attempt to keep root out of the
kernel, it doesn't have this class of problem.
Ryan
More information about the conspire
mailing list