> Affected version: v1.37 prior versions might also be affected. > Tested platforms: FreeBSD, NetBSD, OpenBSD and Linux. > > A buffer overflow vulnerability exists in the snes9x emulator. The > problem is that rom names given as an argument upon execution of > the program are not processed correctly and can be used to trigger > a buffer overflow. > > On many systems the snes9x has been installed setuid root (also > recommended by the developers in the readme. This so it can access > /dev/mem which is required to run the program in full screen mode. > The setuid root bit gives the program the ability to perform actions > with the privileges of root with other words: exploiting this issue > can lead to root access. > > [ ** Exploit information ** ] [snip] SuSE distributions 6.3 and up contain the snes9x emulator package. We determined that a setuid-root bit is too risky, so none of the packages contain a file that is installed setuid root. SuSE Linux distributions are therefore not vulnerable to the problem. > [ ** Fix information ** ] > > Upgrade your snes9x package to the latest version if you want to use > it setuid root: http://www.snes9x.com > zillion Thanks, Roman Drahtmüller, SuSE Security. -- - - | Roman Drahtmüller <draht@suse.de> // "You don't need eyes to see, | SuSE GmbH - Security Phone: // you need vision!" | Nürnberg, Germany +49-911-740530 // Maxi Jazz, Faithless | - -
