[elrepo] fglrx CVE-2015-7724
Manuel Wolfshant
wolfy at nobugconsulting.ro
Mon Apr 4 02:44:56 EDT 2016
On 04/02/2016 06:51 PM, Stephen Isard wrote:
> Wolfy,
>
> I have dropped my fglrx driver and kernel module back to 14.12-1 in
> order to get a working version of X. 14.12-1 is vulnerable to the
> attack described in CVE-2015-7724, but if I'm interpreting the cve
> correctly, it looks as if an attacker needs to get into the machine in
> order to exploit the vulnerability. This is a single user machine,
> and if an attacker has got to the point of being able to install
> files, I am already in trouble. So it seems as if the added risk from
> running the out of date drivers is not very great. Do you think that
> that is a correct assessment? Obviously it would be better to use a
> driver without the vulnerability, but I don't seem to have that choice
> at the moment.
>
Based on
https://www.portcullis-security.com/security-research-and-downloads/security-advisories/cve-2015-7724/
, it does indeed look like the attacker needs to have access ( so as to
create the symlinks needed for the exploit to work ). If there are other
means of taking advantage of the security bug.. I do not know.
> By the way, this machine has two monitors attached. Can you see any
> way in which that might be relevant to my problem with 15.12-1?
AFAIK it should not matter. To me, your issue looks like a genuine
regression in the fglrx code.
More information about the elrepo
mailing list