Podatność CVE-2011-5174


Publikacja: 2012-09-15

Opis:
Buffer overflow in Intel Trusted Execution Technology (TXT) SINIT Authenticated Code Modules (ACM) in Intel Q67 Express, C202, C204, C206 Chipsets, and Mobile Intel QM67, and QS67 Chipset before 2nd_gen_i5_i7_SINIT_51.BIN Express; Intel Q57, 3450 Chipsets and Mobile Intel QM57 and QS57 Express Chipset before i5_i7_DUAL_SINIT_51.BIN and i7_QUAD_SINIT_51.BIN; Mobile Intel GM45, GS45, and PM45 Express Chipset before GM45_GS45_PM45_SINIT_51.BIN; Intel Q35 Express Chipsets before Q35_SINIT_51.BIN; and Intel 5520, 5500, X58, and 7500 Chipsets before SINIT ACM 1.1 allows local users to bypass the Trusted Execution Technology protection mechanism and perform other unspecified SINIT ACM functions via unspecified vectors.

Typ:

CWE-119

(Improper Restriction of Operations within the Bounds of a Memory Buffer)

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

Ogólna skala CVSS
Znaczenie
Łatwość wykorzystania
7.2/10
10/10
3.9/10
Wymagany dostęp
Złożoność ataku
Autoryzacja
Lokalny
Niska
Nie wymagana
Wpływ na poufność
Wpływ na integralność
Wpływ na dostępność
Pełny
Pełny
Pełny
Affected software
Intel -> 3450 chipset 
Intel -> Q57 chipset 
Intel -> 5500 chipset 
Intel -> Q67 express chipset 
Intel -> 5520 chipset 
Intel -> X58 chipset 
Intel -> 7500 chipset 
Intel -> Sinit authenticated code module 
Intel -> C202 chipset 
Intel -> C204 chipset 
Intel -> C206 chipset 
Intel -> Mobile intel gm45 chipset 
Intel -> Mobile intel gs45 chipset 
Intel -> Mobile intel pm45 express chipset 
Intel -> Mobile intel qm57 chipset 
Intel -> Mobile intel qm67 chipset 
Intel -> Mobile intel qs57 chipset 
Intel -> Mobile intel qs57 express chipset 
Intel -> Mobile intel qs67 chipset 
Intel -> Q35 express chipset 

 Referencje:
http://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00030&languageid=en-fr
http://theinvisiblethings.blogspot.com/2011/12/exploring-new-lands-on-intel-cpus-sinit.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/71625

Copyright 2020, cxsecurity.com

 

Back to Top