The sunxi-debug driver in Allwinner 3.4 legacy kernel for H3, A83T and H8 devices allows local users to gain root privileges by sending "rootmydevice" to /proc/sunxi_debug/sunxi_debug.
CVSS 3.x
| Source | Score | Severity | Vector | Exploitability | Impact |
|---|---|---|---|---|---|
| nvd@nist.gov | 7.8 | HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 1.8 | 5.9 |
CVSS 2.0
Severity: HIGH
Problem Type: CWE-264,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| allwinner | linux-3.4-sunxi | - |
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern Intel processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| intel | core_i7-3632qm | - |
| intel | atom_c2750 | - |
| samsung | exynos_5800 | - |
| intel | xeon_e5-2658_v2 | - |
| amd | athlon_ii_640_x4 | - |
| amd | e-350 | - |
| nvidia | tegra_k1_cd570m-a1 | - |
| intel | core_i5_m480 | - |
| amd | fx-8120_8-core | - |
| intel | core_i7-2620qm | - |
| intel | core_i7_920 | - |
| intel | core_i7-6700k | - |
| nvidia | tegra_k1_cd580m-a1 | - |
| intel | xeon_e3-1240_v5 | - |
| intel | celeron_n2840 | - |
| allwinner | a64 | - |
| amd | fx-8320_8-core | - |
| intel | core_i7-4500u | - |
| amd | fx-8350_8-core | - |
| amd | phenom_9550_4-core | - |
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern AMD processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| intel | core_i7-3632qm | - |
| intel | atom_c2750 | - |
| samsung | exynos_5800 | - |
| intel | xeon_e5-2658_v2 | - |
| amd | athlon_ii_640_x4 | - |
| amd | e-350 | - |
| nvidia | tegra_k1_cd570m-a1 | - |
| intel | core_i5_m480 | - |
| amd | fx-8120_8-core | - |
| intel | core_i7-2620qm | - |
| intel | core_i7_920 | - |
| intel | core_i7-6700k | - |
| nvidia | tegra_k1_cd580m-a1 | - |
| intel | xeon_e3-1240_v5 | - |
| intel | celeron_n2840 | - |
| allwinner | a64 | - |
| amd | fx-8320_8-core | - |
| intel | core_i7-4500u | - |
| amd | fx-8350_8-core | - |
| amd | phenom_9550_4-core | - |
Page table walks conducted by the MMU during virtual to physical address translation leave a trace in the last level cache of modern ARM processors. By performing a side-channel attack on the MMU operations, it is possible to leak data and code pointers from JavaScript, breaking ASLR.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-200,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| intel | core_i7-3632qm | - |
| intel | atom_c2750 | - |
| samsung | exynos_5800 | - |
| intel | xeon_e5-2658_v2 | - |
| amd | athlon_ii_640_x4 | - |
| amd | e-350 | - |
| nvidia | tegra_k1_cd570m-a1 | - |
| intel | core_i5_m480 | - |
| amd | fx-8120_8-core | - |
| intel | core_i7-2620qm | - |
| intel | core_i7_920 | - |
| intel | core_i7-6700k | - |
| nvidia | tegra_k1_cd580m-a1 | - |
| intel | xeon_e3-1240_v5 | - |
| intel | celeron_n2840 | - |
| allwinner | a64 | - |
| amd | fx-8320_8-core | - |
| intel | core_i7-4500u | - |
| amd | fx-8350_8-core | - |
| amd | phenom_9550_4-core | - |