User: Password:
Subscribe / Log in / New account

kernel: syscall instruction induces guest panic

Package(s):kernel CVE #(s):CVE-2012-0045
Created:January 16, 2012 Updated:January 18, 2012
Description: From the Red Hat bugzilla:

32bit guests will crash (and 64bit guests may behave in a wrong way) for example by simply executing following nasm-demo-application:

    [bits 32]
    global _start
    SECTION .text
    _start: syscall
The reason seems a missing "invalid opcode"-trap (int6) for the syscall opcode "0f05", which is not available on Intel CPUs within non-longmodes, as also on some AMD CPUs within legacy-mode. (depending on CPU vendor, MSR_EFER and cpuid)

Because previous mentioned OSs may not engage corresponding syscall target-registers (STAR, LSTAR, CSTAR), they remain NULL and (non trapping) syscalls are leading to multiple faults and finally crashes.

Oracle ELSA-2013-1645 kernel 2013-11-26
openSUSE openSUSE-SU-2013:0927-1 kernel 2013-06-10
Oracle ELSA-2012-0862 kernel 2012-07-02
SUSE SUSE-SU-2012:0616-1 Linux kernel 2012-05-14
Ubuntu USN-1440-1 linux-lts-backport-natty 2012-05-08
Ubuntu USN-1433-1 linux-lts-backport-oneiric 2012-04-30
Ubuntu USN-1431-1 linux 2012-04-30
Ubuntu USN-1426-1 linux-ec2 2012-04-24
Ubuntu USN-1425-1 linux 2012-04-24
Ubuntu USN-1422-1 linux 2012-04-12
Ubuntu USN-1421-1 linux-lts-backport-maverick 2012-04-12
Debian DSA-2443-1 linux-2.6 2012-03-26
Ubuntu USN-1405-1 linux 2012-03-27
Ubuntu USN-1406-1 linux 2012-03-27
Ubuntu USN-1407-1 linux 2012-03-27
Oracle ELSA-2012-0350 kernel 2012-03-12
Oracle ELSA-2012-2003 kernel-uek 2012-03-12
Oracle ELSA-2012-2003 kernel-uek 2012-03-12
Scientific Linux SL-kern-20120308 kernel 2012-03-08
CentOS CESA-2012:0350 kernel 2012-03-07
Red Hat RHSA-2012:0350-01 kernel 2012-03-06
Fedora FEDORA-2012-0492 kernel 2012-01-14
Fedora FEDORA-2012-0480 kernel 2012-01-14

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds