CVE-2009-4419
Last modified
CVE-2009-4419 is a vulnerability of currently unknown severity. Intel Q35, GM45, PM45 Express, Q45, and Q43 Express chipsets in the SINIT Authenticated Code Module (ACM), which allows local users to bypass the Trusted Execution Technology protection mechanism and gain privileges by modifying the MCHBAR register to point to an attacker-controlled region, which prevents the SENTER instruction from properly applying VT-d protection while an MLE is being loaded.. EPSS estimates a 0.43% chance of exploitation in the next 30 days.
Description
Intel Q35, GM45, PM45 Express, Q45, and Q43 Express chipsets in the SINIT Authenticated Code Module (ACM), which allows local users to bypass the Trusted Execution Technology protection mechanism and gain privileges by modifying the MCHBAR register to point to an attacker-controlled region, which prevents the SENTER instruction from properly applying VT-d protection while an MLE is being loaded.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Intel | Gm45 Chipset | All versions |
| Intel | Pm45 Express Chipset | All versions |
| Intel | Q35 Chipset | All versions |
| Intel | Q43 Express Chipset | All versions |
| Intel | Q45 Chipset | All versions |
References
- http://secunia.com/advisories/37900Vendor Advisory
- http://www.vupen.com/english/advisories/2009/3618Vendor Advisory
- http://secunia.com/advisories/37900Vendor Advisory
- http://www.vupen.com/english/advisories/2009/3618Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2009-4419?
How severe is CVE-2009-4419?
How do I fix CVE-2009-4419?
Are you affected by CVE-2009-4419?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST