LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 03-19-2009, 02:07 PM   #1
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Rep: Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266
Intel CPU Privilege Escalation Exploit


A very interesting security concern quoted as being: "This is the scariest, stealthiest, and most dangerous exploit I've seen come around since the legendary Blue Pill!"

http://it.slashdot.org/article.pl?sid=09/03/19/179228

http://www.networkworld.com/community/node/39825

http://theinvisiblethings.blogspot.c...intel-cpu.html

http://blogs.techrepublic.com.com/security/?p=1130

This seems to be related to the system firmware / BIOS code so the exploit will work on all systems. However, it needs root privileges to be possible.

Yet another reason to have FLOSS firmware / BIOS ... and not normally run a system as root.

Last edited by H_TeXMeX_H; 03-20-2009 at 08:38 AM. Reason: BIOS + root privileges
 
Old 03-20-2009, 08:03 AM   #2
Linux.tar.gz
Senior Member
 
Registered: Dec 2003
Location: Paris
Distribution: Slackware forever.
Posts: 2,223

Rep: Reputation: 86
Interesting information !
I use AMD since Athlon 1. And i wait for ARM notebooks. Any danger about these, related to Intel flaw ?
 
Old 03-20-2009, 08:08 AM   #3
wsduvall
Member
 
Registered: Aug 2006
Posts: 92

Rep: Reputation: 16
Anybody know if this is all intel CPU's or just certain ones (newer perhaps?). I don't suppose theres any fix to this kind of error.
 
Old 03-20-2009, 08:36 AM   #4
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Original Poster
Rep: Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266
Well it says:

Quote:
The attack presented in the paper has been fixed on some systems according to Intel. We have however found out that even the relatively new boards, like e.g. Intel DQ35 are still vulnerable (the very recent Intel DQ45 doesn't seem to be vulnerable though). The exploit attached is for DQ35 board — the offsets would have to be changed to work on other boards (please do not ask how to do this).
Also see:
http://news.softpedia.com/news/Intel...ds-92554.shtml

So basically, a BIOS upgrade may fix it.

I don't know exactly the nature of the exploit as they don't do their best to use layman's terms or put it in ways normal people can understand. I fixed the original post as it seems this is a BIOS exploit.

Also, you need root privileges in order for such an attack to be possible ... so don't run as root.
 
Old 04-22-2009, 03:57 PM   #5
H_TeXMeX_H
Guru
 
Registered: Oct 2005
Location: $RANDOM
Distribution: slackware64
Posts: 12,928
Blog Entries: 2

Original Poster
Rep: Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266Reputation: 1266
Here's more recent article on it:
http://it.slashdot.org/article.pl?sid=09/04/22/1815226

Supposedly it's easier to implement on Linux, because mtrr can be easily accessed as root. Thus, the exploit requires root privileges. And it requires a vulnerable mobo.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: CPU Rings, Privilege, and Protection LXer Syndicated Linux News 0 08-26-2008 11:00 PM
CVE-2008-0009/0010/0600 (Linux Privilege Escalation Vulnerabilities) jayjwa Linux - Security 14 02-21-2008 06:50 AM
What AMD CPU is comparable to P4 intel cpu? ngjunkie0011 Linux - Hardware 8 08-29-2007 12:47 AM
Linux Privilege Escalation The.Hammer.911 Linux - Security 1 05-10-2007 06:07 PM
LXer: Postgresql Privilege Escalation and Denial of Service ... LXer Syndicated Linux News 0 02-16-2006 02:01 AM


All times are GMT -5. The time now is 04:57 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration