I think we are off on the wrong track. This is fundamentally a CVE against Insyde Software BIOS and possibly other vendors. Any attacker with kernel mode access could do the same thing, regardless of Linux install. I am not sure, but it is possible someone with admin access to Windows could create a driver to do the same thing. Any brave pentesters out there want to give it a try and write it up?
If Paul Sladen in #173 is correct, this is definitely a CVE against the BIOS. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1734147 Title: Ubuntu 17.10 corrupting BIOS - many LENOVO laptops models To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1734147/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
