CVE-2009-4419

Name of the Vulnerable Software and Affected Versions Intel chipsets versions (including Q35, GM45, PM45 Express, Q45, and Q43 Express) in the SINIT Authenticated Code Module (ACM)

Description The issue allows local users to bypass the Trusted Execution Technology protection mechanism and gain privileges by modifying the MCHBAR register to point to an attacker-controlled region. This prevents the SENTER instruction from properly applying VT-d protection while an MLE is being loaded.

Recommendations For Intel Q35, GM45, PM45 Express, Q45, and Q43 Express chipsets, consider restricting access to the MCHBAR register to prevent modification and minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.