• Henrique de Moraes Holschuh's avatar
    thinkpad-acpi: lock down video output state access · b525c06c
    Henrique de Moraes Holschuh authored
    Given the right combination of ThinkPad and X.org, just reading the
    video output control state is enough to hard-crash X.org.
    
    Until the day I somehow find out a model or BIOS cut date to not
    provide this feature to ThinkPads that can do video switching through
    X RandR, change permissions so that only processes with CAP_SYS_ADMIN
    can access any sort of video output control state.
    
    This bug could be considered a local DoS I suppose, as it allows any
    non-privledged local user to cause some versions of X.org to
    hard-crash some ThinkPads.
    Reported-by: default avatarJidanni <jidanni@jidanni.org>
    Signed-off-by: default avatarHenrique de Moraes Holschuh <hmh@hmh.eng.br>
    Cc: stable@kernel.org
    b525c06c
thinkpad-acpi.txt 56.9 KB