Intel Trusted Execution Technology SINIT Authenticated Code Modules Buffer Overflow Vulnerability

Bugtraq ID:	50905
Class:	Unknown
CVE:
Remote:	No
Local:	Yes
Published:	Dec 05 2011 12:00AM
Updated:	Dec 05 2011 12:00AM
Credit:	Rafal Wojtczuk and Joanna Rutkowska from Invisible Things Lab
Vulnerable:	Intel SINIT ACM 1.0 Intel Q35_SINIT_18 0 Intel i7_QUAD_SINIT_20 0 Intel i5_i7_DUAL_SINIT_18 0 Intel GM45_GS45_PM45_SINIT_21 0 Intel 2nd_gen_i5_i7_SINIT_1.9 0
Not Vulnerable:	Intel SINIT ACM 1.1 Intel Q35_SINIT_51 0 Intel i7_QUAD_SINIT_51 0 Intel i5_i7_DUAL_SINIT_51 0 Intel GM45_GS45_PM45_SINIT_51 0 Intel 2nd_gen_i5_i7_SINIT_51 0

Intel Trusted Execution Technology SINIT Authenticated Code Modules Buffer Overflow Vulnerability

Intel Trusted Execution Technology SINIT Authenticated Code Modules are prone to a buffer-overflow vulnerability.

Successful exploits will allow local processes to gain elevated privileges. This may facilitate a complete compromise of affected computers.

Currently, limited technical details are available. We will update this BID as more information emerges.

Intel Trusted Execution Technology SINIT Authenticated Code Modules Buffer Overflow Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Intel Trusted Execution Technology SINIT Authenticated Code Modules Buffer Overflow Vulnerability

Solution:
Vendor updates are available. Please see the references for more information.

Intel Trusted Execution Technology SINIT Authenticated Code Modules Buffer Overflow Vulnerability

References:

• Intel Homepage (Intel)
  
• SINIT Buffer Overflow Vulnerability (Intel)