Vulnerability Details CVE-2019-1010066
Lawrence Livermore National Laboratory msr-safe v1.1.0 is affected by: Incorrect Access Control. The impact is: An attacker could modify model specific registers. The component is: ioctl handling. The attack vector is: An attacker could exploit a bug in ioctl interface whitelist checking, in order to write to model specific registers, normally a function reserved for the root user. The fixed version is: v1.2.0.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.2%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2019-1010066
-
cpe:2.3:a:llnl:model_specific_registers-safe:1.1.0