int __hidden wmi_supported()
{
if (access(wmi_char, F_OK) != -1)
return 1;
return 0;
}
I believe this indicates a security flaw, If an attacker can change anything along the path between the call access() and the files actually used, attacker may exploit the race condition or a time-of-check, time-of-use race condition, request team to please have a look and validate.
Team,
File: libsmbios/blob/master/src/libsmbios_c/smi/smi_linux.c#L307
I believe this indicates a security flaw, If an attacker can change anything along the path between the call
access()
and the files actually used, attacker may exploit the race condition or a time-of-check, time-of-use race condition, request team to please have a look and validate.Reference: https://linux.die.net/man/2/access