CVE-2006-6730
Last modified
CVE-2006-6730 is a vulnerability of currently unknown severity. OpenBSD and NetBSD permit usermode code to kill the display server and write to the X.Org /dev/xf86 device, which allows local users with root privileges to reduce securelevel by replacing the System Management Mode (SMM) handler via a write to an SMRAM address within /dev/xf86 (aka the video card memory-mapped I/O range), and then launching the new handler via a System Management Interrupt (SMI), as demonstrated by a write to Programmed I/O port 0xB2.. EPSS estimates a 0.25% chance of exploitation in the next 30 days.
Description
OpenBSD and NetBSD permit usermode code to kill the display server and write to the X.Org /dev/xf86 device, which allows local users with root privileges to reduce securelevel by replacing the System Management Mode (SMM) handler via a write to an SMRAM address within /dev/xf86 (aka the video card memory-mapped I/O range), and then launching the new handler via a System Management Interrupt (SMI), as demonstrated by a write to Programmed I/O port 0xB2.
Metrics
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Netbsd | Netbsd | 2.0.4 |
| Openbsd | Openbsd | All versions |
References
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2006-6730?
How severe is CVE-2006-6730?
How do I fix CVE-2006-6730?
Are you affected by CVE-2006-6730?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST