Device driver vulnerabilities AMI, ASRock, ASUS, ATI..et al

[belham2]

https://www.securityweek.com/vulnerabil ... nt-malware

".......Privilege escalation flaws were previously found in drivers from Huawei, ASUS, ASRock, Gigabyte and others, and some sophisticated threats, such as the Slingshot campaign and some Fancy Bear attacks, exploited these types of weaknesses to deploy rootkits.

Eclypsium wanted to find out just how common device driver vulnerabilities are and its researchers analyzed software from AMI, ASRock, ASUS, ATI, Biostar, EVGA, Getac, Gigabyte, Huawei, Insyde, Intel, MSI, NVIDIA, Phoenix Technologies, Realtek, SuperMicro, Toshiba, and other vendors who have not been named due to their work in highly regulated environments.

According to Eclypsium, the security holes found by its employees in these drivers can be exploited to escalate privileges from user mode to kernel mode, which gives a piece of malware...."

[nosystemdthanks]

According to Eclypsium, the security holes found by its employees in these drivers can be exploited to escalate privileges from user mode to kernel mode, which gives a piece of malware[/i]...."

i consider this relevant, but as far as i know this wont affect puppy users who are already running everything with full privileges-- or so im routinely told when stories like this come up.

perhaps, given that the browser is not run as root, it is a problem there, theoretically, though i dont know how the browser would directly affect these drivers. and root usermode isnt the same as kernel afaik, but root can certainly bridge that gap. root can load and unload kernel modules, etc.