On 06/13/2012 02:54 PM, "Tóth Attila" wrote:
Possible local privilege escalation or guest-to-host VM escape.
http://www.kb.cert.org/vuls/id/649219
OpenBSD is not affected.
http://marc.info/?l=openbsd-misc&m=133957486127897&w=2
I wonder what will be the case with Gentoo and - especially - Hardened
kernels?
This has been removed from the CERT's page:
http://hup.hu/cikkek/20120613/sysret_64_bites_opereracios_rendszer_privilege_escalation_sebezhetoseg_intel_cpu-s_hardveren#comment-1469883
Regards:
Dw.
Looks to me like:
1) you have to be running xen
2) you have to have a paravirt 64-bit guest
3) you have to have a 64-bit host
4) a guest running a ring3 (userland privileges) process can gain ring 0
on the host (kernel priveleges)
I'm not sure that hardened + xen hypervisor even work on a host. I
remember flirting with it in the early days when I wanted to bring some
light to the whole hardened + virtualization world, but I didn't get
very far with xen and kvm worked so much better.
--
Anthony G. Basile, Ph.D.
Gentoo Linux Developer [Hardened]
E-Mail : [email protected]
GnuPG FP : 8040 5A4D 8709 21B1 1A88 33CE 979C AF40 D045 5535
GnuPG ID : D0455535
