[15:18] <hallyn> hm, https://ubuntu.com/security/CVE-2022-21216 - "may allow a privileged user to potentially enable escalation of privilege via adjacent network access" - what kind of gibberish is this?
[15:18] -ubottu:#ubuntu-security- Insufficient granularity of access control in out-of-band management in some Intel(R) Atom and Intel Xeon Scalable Processors may allow a privileged user to potentially enable escalation of privilege via adjacent network access. <https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21216>
[15:18] <hallyn> do they have to be privileged on my machine to begin with or not?
[15:19] <hallyn> if root on a box sitting on the switch next to mine can ... "escalate privs" on my box, that's very different.
[15:19] <hallyn> given that it's a firmware update, i wouldn't be surprised, but...
[19:23] <teward> hallyn: my understanding of 'adjacent network access' means privileged access in OOB Management in one system could spill over to adjacent systems running the same firmware/API/etc on its OOB management mechanisms regardless of privileged access on the adjacent machine
[19:23] <teward> so in theory: VULNERABLEMACHINE privileged user could enable OTHERMACHINE privileged access via adjacent network connection/access
[19:23] <teward> but that's specifically due to Out Of Band management tools
[19:24] <teward> (so IPMI, etc. possibly?)
[19:24] <teward> i wouldn't call that "gibberish" but "complicated, hard to understand terminology use"
[19:37] <hallyn> thanks.  "network adjacent' could mean different things to people working at different levels, and for something where everyone has to make a decision on priority, i expected to see a bit more detail by the time i'd clicked 5 'for more information' links :)
[19:38] <hallyn> (just explaining what i meant by "gibberish" - not asking you for more info - thank you again :)
[19:42] <tomreyn> this vulnerability in intel hardware/firmware was identified by intel staff - pretty surely you won't see technical details discussed openly. and, like most of the time when vulnerabilities are identified 'internally', at least by some enterprise like intel, you don't even get a clear description.
[20:07] <teward> what tomreyn said
[20:07] <teward> so it's up to interpretation basically on what that means
[20:08] <teward> hallyn: ^
[20:10] <hallyn> :)