| Thread Tools |
10th May 2018, 19:23 | #1 |
[M] Reviewer Join Date: May 2010 Location: Romania
Posts: 148,902
| OS makers misinterpreted Intel CPU debug feature Intel's paperwork was not up to snuff Almost all major OS vendors released security patches yesterday after a researcher discovered that some OS makers have misinterpreted an Intel CPU debug feature. According to Bleeping Computer, the vulnerability is in how the OS vendors implemented hardware debug mechanism for Intel x86-64 architectures and can be found in the MOV SS and POP SS instructions. Nick Peterson of Everdox Tech and CERT/CC team which reported the bug said that in certain circumstances after the use of specific Intel x86-64 architecture instructions, a debug exception pointing to data in a lower ring (for most operating systems, the kernel Ring 0 level) is made available to operating system components running in Ring 3. This may allow an attacker to use operating system APIs to gain access to sensitive memory information or control low level operating system functions. OS vendors have coordinated and released patches at the same time. Fixing the bug and having synchronised patches out by yesterday was an industry-wide effort. Specific operating systems vulnerable were Apple, Microsoft, FreeBSD, Red Hat, Ubuntu, SUSE Linux, and other Linux distros based on the Linux Kernel —which is also affected. The issue also made it into virtualisation software like VMWare and Xen. CERT/CC has a page dedicated to the patch status of each affected vendor. Both Peterson and the CERT/CC team blamed the "unclear and perhaps even incomplete documentation" relating the use of the MOV SS and POP SS instructions, as the main reason why this bug made it into the kernels of so many different operating systems, practically in the same way. https://fudzilla.com/news/46264-os-m...-debug-feature |
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Notebook makers stuffed by Intel | Stefan Mileschin | WebNews | 0 | 23rd September 2015 09:00 |
Intel turns to Chinese tablet makers | Stefan Mileschin | WebNews | 0 | 16th April 2014 07:10 |
Mozilla wants to debug scientific code | Stefan Mileschin | WebNews | 0 | 26th September 2013 06:56 |
Xbox One retail consoles double as debug units | Stefan Mileschin | WebNews | 0 | 25th July 2013 07:41 |
Intel DZ77RE First and Only to Feature Thunderbolt from Intel's 7-series Board Stable | Stefan Mileschin | WebNews | 0 | 29th December 2011 10:04 |
Hidden Debug Mode Found In AMD Processors | jmke | WebNews | 1 | 13th November 2010 15:53 |
Motherboard makers not keen on Intel's G4x chipsets | jmke | WebNews | 0 | 13th October 2009 13:24 |
Mainboard Makers Complain Over Intel Chipset Shortage Again | jmke | WebNews | 0 | 22nd September 2005 21:59 |
Server makers get behind Intel's Xeon | Sidney | WebNews | 2 | 2nd August 2004 16:39 |
How to disable debug ? | AMD'er | Hardware/Software Problems, Bugs | 2 | 1st July 2003 11:25 |
Thread Tools | |
| |