oss-sec mailing list archives
Re: Linux kernel: missing CPU-state sanitation during task-switch causes DOS / privilege escalation
From: cve-assign () mitre org
Date: Tue, 14 Jan 2014 00:00:19 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
local DOS in the end. One some architectures, privilege escalation under non-common circumstances is possible,
http://www.halfdog.net/Security/2013/Vm86SyscallTaskSwitchKernelPanic/ A closer analysis of the initial vm86-syscall problem showed, that root cause was missing handling of FPU exceptions during task switch at emms instruction. That was confirmed by Borislav Petkov. According to discussion on LKML, the problem should affect only AMD CPUs, both in i386 and amd64-mode ...
https://lkml.org/lkml/2014/1/9/637 From: Linus Torvalds Date: Fri, 10 Jan 2014 08:42:33 +0800 Looking at this, I think this is just a bug in our restore_fpu_checking() hackery for X86_FEATURE_FXSAVE_LEAK..
Use CVE-2014-1438. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJS1MN0AAoJEKllVAevmvmslFMH/3VQp0k8Qf3dZJqgH2ASeCeA HKVq+L15eIcLelHyspEc6Tp4Iv5Yj3+f6Ca5b1qLNuC7unNRtdvR7VffvrwzfG2S bSR6GyTCn4p44x8aTOX49mh7Zf51TgHi+Gd9bVI2u8ed5+Kq1dKPL6RxADlC/31V 6vqovoce7rvHFPU+2oJKbCNfAyscmk/twtWGE6chI3L5LRX5j9A2Egk1putRIB5m QEQB8xqnt9UuZ237m7wiKemxX6FwbO3LN6UEGxrJA8VhFmr45wQimCY95w62Bw8Q k2X6UQoQqZ6RjfdL7uWtWZCJa0Wnsr8C0IoJgmMhj0UpyDo7KCsoQ4aAiup3ip0= =/mKV -----END PGP SIGNATURE-----
Current thread:
- Linux kernel: missing CPU-state sanitation during task-switch causes DOS / privilege escalation halfdog (Jan 12)
- Re: Linux kernel: missing CPU-state sanitation during task-switch causes DOS / privilege escalation cve-assign (Jan 13)