CVE-2019-1010066

Name of the Vulnerable Software and Affected Versions: Lawrence Livermore National Laboratory msr-safe version 1.1.0

Description: The issue is related to incorrect access control, allowing an attacker to modify model specific registers. This is due to a bug in the ioctl interface whitelist checking, which can be exploited to write to these registers, a function normally reserved for the root user. The component affected is ioctl handling.

Recommendations: For version 1.1.0, update to version 1.2.0 to resolve the issue. As a temporary workaround, consider restricting access to the ioctl interface to minimize the risk of exploitation.