LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   Intel CPU Privilege Escalation Exploit (http://www.linuxquestions.org/questions/linux-security-4/intel-cpu-privilege-escalation-exploit-712903/)

H_TeXMeX_H 03-19-2009 02:07 PM

Intel CPU Privilege Escalation Exploit
 
A very interesting security concern quoted as being: "This is the scariest, stealthiest, and most dangerous exploit I've seen come around since the legendary Blue Pill!"

http://it.slashdot.org/article.pl?sid=09/03/19/179228

http://www.networkworld.com/community/node/39825

http://theinvisiblethings.blogspot.c...intel-cpu.html

http://blogs.techrepublic.com.com/security/?p=1130

This seems to be related to the system firmware / BIOS code so the exploit will work on all systems. However, it needs root privileges to be possible.

Yet another reason to have FLOSS firmware / BIOS ... and not normally run a system as root.

Linux.tar.gz 03-20-2009 08:03 AM

Interesting information !
I use AMD since Athlon 1. And i wait for ARM notebooks. Any danger about these, related to Intel flaw ?

wsduvall 03-20-2009 08:08 AM

Anybody know if this is all intel CPU's or just certain ones (newer perhaps?). I don't suppose theres any fix to this kind of error.

H_TeXMeX_H 03-20-2009 08:36 AM

Well it says:

Quote:

The attack presented in the paper has been fixed on some systems according to Intel. We have however found out that even the relatively new boards, like e.g. Intel DQ35 are still vulnerable (the very recent Intel DQ45 doesn't seem to be vulnerable though). The exploit attached is for DQ35 board — the offsets would have to be changed to work on other boards (please do not ask how to do this).
Also see:
http://news.softpedia.com/news/Intel...ds-92554.shtml

So basically, a BIOS upgrade may fix it.

I don't know exactly the nature of the exploit as they don't do their best to use layman's terms or put it in ways normal people can understand. I fixed the original post as it seems this is a BIOS exploit.

Also, you need root privileges in order for such an attack to be possible ... so don't run as root.

H_TeXMeX_H 04-22-2009 03:57 PM

Here's more recent article on it:
http://it.slashdot.org/article.pl?sid=09/04/22/1815226

Supposedly it's easier to implement on Linux, because mtrr can be easily accessed as root. Thus, the exploit requires root privileges. And it requires a vulnerable mobo.


All times are GMT -5. The time now is 01:39 AM.