dmidocode.c directly accesses memory and assumes it's an x86 without any checking that the arch is x86.. Randomly scanning arbitrary hunks of memory on non-x86 as root will lead to all sorts of woe:
memory_scan:
if (!(opt.flags & FLAG_QUIET)) printf("Scanning %s for entry point.\n", opt.devmem);
/* Fallback to memory scan (x86, x86_64) */
if ((buf = mem_chunk(0xF0000, 0x10000, opt.devmem)) == NULL)
{
ret = 1; goto exit_free;
}
Anyhow, I don't think this is a kernel specific issue. I can trigger this with various kernels - we just don't protect users with CAP_SYS_ADMIN rights doing crazy probing on /dev/mem.
dmidocode.c directly accesses memory and assumes it's an x86 without any checking that the arch is x86.. Randomly scanning arbitrary hunks of memory on non-x86 as root will lead to all sorts of woe:
memory_scan:
printf( "Scanning %s for entry point.\n", opt.devmem);
goto exit_free;
if (!(opt.flags & FLAG_QUIET))
/* Fallback to memory scan (x86, x86_64) */
if ((buf = mem_chunk(0xF0000, 0x10000, opt.devmem)) == NULL)
{
ret = 1;
}
It probably needs wrapping with:
#if defined(__x86_64__) || defined(__x86_64) || \ __i386_ _) || defined(__i386)
defined(
...
#endif
Anyhow, I don't think this is a kernel specific issue. I can trigger this with various kernels - we just don't protect users with CAP_SYS_ADMIN rights doing crazy probing on /dev/mem.