User Privilege Escalation Vulnerability in OpenBSD and NetBSD X.Org Systems
CVE-2006-6730

Currently unrated

Key Information:

Vendor: Netbsd
Status: Netbsd; OpenBSD
Vendor: CVE Published:; 26 December 2006

What is CVE-2006-6730?

The vulnerability allows local users with root privileges on OpenBSD and NetBSD to manipulate the display server by writing to the X.Org /dev/xf86 device. This exploitation can lead to a reduction in securelevel by replacing the System Management Mode (SMM) handler. Specifically, it can facilitate a write to a System Management RAM (SMRAM) address within /dev/xf86. By initiating a System Management Interrupt (SMI), these users can execute a new handler, creating significant security risks for affected systems.

References

http://www.securityfocus.com/archive/1/454510/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://lists.freedesktop.org/archives/xorg/2004-June/0009...

mailing-listx_refsource_MLIST

http://www.securityfocus.com/archive/1/454706/100/0/threaded

mailing-listx_refsource_BUGTRAQ

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 26, 2006
Vulnerability Reserved
Dec 26, 2006

CVE-2006-6730 Data

JSON

Netbsd

What is CVE-2006-6730?

References

Timeline