Bugtraq mailing list archives
Solaris x86 & ICEBP
From: solar () FALSE COM (Solar Designer)
Date: Sun, 16 Nov 1997 03:25:20 -0300
Hello, This Pentium bug workaround discussion reminded me of a minor Solaris x86 bug I found half a year ago (tested on Solaris 2.5). When a program executes the originally undocumented ICEBP instruction, the kernel reports an 'Unexpected INT 1', and the program continues running. With default syslogd configuration, this allows flooding the console, and no information about which process is doing this is reported. Here's the exploit (put in a .s file): .globl main main: .byte 0xf1 jmp main Signed, Solar Designer
Current thread:
- Solaris x86 & ICEBP Solar Designer (Nov 15)