US-CERT Discloses Security Flaw In 64-Bit Intel Chips

[chessmaster]

"The U.S. Computer Emergency Readiness Team (US-CERT) has disclosed a flaw in Intel chips that could allow hackers to gain control of Windows and other operating systems, security experts say. The flaw was disclosed the vulnerability in a security advisory released this week. Hackers could exploit the flaw to execute malicious code with kernel privileges, said a report in the Bitdefender blog. 'Some 64-bit operating systems and virtualization software running on Intel CPU hardware are vulnerable to a local privilege escalation attack,' the US-CERT advisory says. 'The vulnerability may be exploited for local privilege escalation or a guest-to-host virtual machine escape.'" According to the article, exposed OSes include "Windows 7, Windows Server 2008 R2, 64-bit versions of FreeBSD and NetBSD, as well as systems that include the Xen hypervisor."

 

[kpa]

Already patched in FreeBSD:

http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc

 

[chessmaster]

Already patched in FreeBSD:

http://security.freebsd.org/advisories/FreeBSD-SA-12:04.sysret.asc

Knew that was going to be fast. Thanks for passing the information. Looks like OpenBSD is on a roll

 

[chlita]

Is this the best place/forum to ask some technical questions related to the patch to trap.c?
Questions related to the long signed vs. unsigned comparison in the patch and the execution of the syscall before deciding to terminate the process.

Thank you in advance,
Chris

 

[DutchDaemon]

The freebsd-hackers mailing list is probably a better environment. This is primarily an end-user forum with relatively few developers.