1 results (0.002 seconds)
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2019-1010066
https://notcve.org/view.php?id=CVE-2019-1010066
18 Jul 2019 — Lawrence Livermore National Laboratory msr-safe v1.1.0 is affected by: Incorrect Access Control. The impact is: An attacker could modify model specific registers. The component is: ioctl handling. The attack vector is: An attacker could exploit a bug in ioctl interface whitelist checking, in order to write to model specific registers, normally a function reserved for the root user. The fixed version is: v1.2.0. • https://github.com/LLNL/msr-safe/compare/v1.1.0...v1.2.0 • CWE-269: Improper Privilege Management CWE-862: Missing Authorization •