Hacker News new | past | comments | ask | show | jobs | submit login

First, check your CPU for vPro: https://ark.intel.com/Search/FeatureFilter?productType=proce...

Then look for the MEI controller: # lspci | grep "MEI"

I have a CPU without vPro, but a chipset that supports MEI.

But then, I bought the best CPU available without vPro.

The Linux kernel modules are mei_me and mei. To check: modprobe -nr mei_me mei #dry run modprobe -r mei_me mei #to unload the module This will not persist across reboots.

There is also a lms package.

I don't know whether any of this is required for a remote exploit, or if it's only needed for local escallation.


Both "# modprobe -nr mei" and "# modprobe -nr mei_me" report that the module isn't found.

From my understanding, this exploit can work regardless of the operating system. I mean, if this Intel hardware can get network packets without the operating system being aware, then not having those modules loaded won't help.

Correct. This is only to close the local exploit route.

Right. And in my case, also no vPro on the CPU.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact