The manufacturers have issued BIOS updates to address the issues, but researchers warn DMA attacks are likely possible against a range of laptops and desktops.
Vulnerabilities in Dell and HP laptops could allow an attacker to access information and gain kernel privileges via the devices’ Direct Memory Access (DMA) capability.
DMA is a processing-efficiency approach for peripherals (such as PCI cards or network interface cards) that, as the name suggests, offers direct high-speed access to a system’s memory.
“For example, a network adapter or Firewire device may need to read and write information quickly,” according to an Eclypsium report, issued Thursday. “Passing this traffic up to the OS and back down again is slow and inefficient. Instead, DMA allows devices to directly communicate with the system’s memory without passing through the operating system [or main CPU].”
For More Details : https://threatpost.com/dell-hp-memory-access-bugskernel-privileges/152369/