Thursday, January 4, 2007

4.0 Errata 007_apg

OpenBSDThe OpenBSD team released a new Errata update for 4.0 (and 3.9): 007_apg: Insufficient validation in vga(4) may allow an attacker to gain root privileges if the kernel is compiled with option PCIAGP and the actual device is not an AGP device. The PCIAGP option is present by default on i386 kernels only.

This is a rare combination (VGA device in AGP mode, if I read it right).

As always, I have a binpatch available which includes bsd and kernels.