-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
It took me some time to build me the Debian Sid testing environment
for amd64 with the same quality, I have vor i386, but now it is ready.
And it seems, that amd64 is also affected, but lockup is immediately
(makes exploitation harder)
Here is the OOP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Borislav Petkov wrote:
> On Wed, Jan 08, 2014 at 09:42:40AM -0800, H. Peter Anvin wrote:
>> Adding Borislav.
>>
>> Boris, do you happen to know of any erratum on AMD E-350 which
>> may be in play here?
>
> Interesting. Well, nothing looks even remote
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Update to the issue:
* Although first observed with virtual-8086 mode, the bug is not
specific to virtual-8086 mode, it can be triggered with normal x86
userspace code also, even with better reproducibility.
* Ben Hutchings looked at the Debian bug r
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
H. Peter Anvin wrote:
> On 12/31/2013 11:21 AM, Konrad Rzeszutek Wilk wrote:
>>
>> So, I am wondering if this is related to " x86/fpu: CR0.TS should
>> be set before trap into PV guest's #NM exception handle" which
>> does have a similar pattern - you
H. Peter Anvin wrote:
> On 12/29/2013 12:44 PM, halfdog wrote:
>> H. Peter Anvin wrote:
>>> On 12/28/2013 02:02 PM, halfdog wrote:
>>>> It seems that missing CPU-state sanitation during task
>>>> switching triggers kernel-panic. This might be related to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
H. Peter Anvin wrote:
> On 12/28/2013 02:02 PM, halfdog wrote:
>> It seems that missing CPU-state sanitation during task switching
>> triggers kernel-panic. This might be related to unhandled
>> FPU-errors. See [1] for POC and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
It seems that missing CPU-state sanitation during task switching
triggers kernel-panic. This might be related to unhandled FPU-errors.
See [1] for POC and serial console log of OOPs. Due to missing real
32-bit x86-hardware it is not clear, if this issu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Kees Cook wrote:
> On Tue, Nov 6, 2012 at 12:10 AM, P J P wrote:
>>
>> Hello Kees, Al,
>>
>> +-- On Sat, 27 Oct 2012, Kees Cook wrote --+ | If we change
>> binfmt_script to not make a recursive call, then we still | need
>> to keep the interp change
Kees Cook wrote:
> On Thu, Oct 11, 2012 at 07:32:40PM -0700, Kees Cook wrote:
>> +/*
>> + * Since bprm is already modified, we cannot continue if the the
>> + * handlers for starting the new interpreter have failed.
>> + * Make sure that we do not return -ENOEXEC, as that would
>> +
PaX Team wrote:
> On 7 Oct 2012 at 9:43, Ard Biesheuvel wrote:
>
>> 2012/10/6 PaX Team :
>>> sadly, this is not true at all, for multiple reasons:
>>>
>> .. snip ...
>>>
>>> cheers,
>>> PaX Team
>>>
>>
>> So can I summarize your position as that there is no merit at all in
>> the ability to inhi
Randy Dunlap wrote:
> On 09/20/2012 09:05 AM, halfdog wrote:
>
>> halfdog wrote:
>>
>> Now this is the updated and also tested patch (vs. linux-3.5.4 kernel) to fix
>> https://bugzilla.kernel.org/show_bug.cgi?id=46841 . See also
>>
halfdog wrote:
> Kirill A. Shutemov wrote:
>> On Wed, Aug 22, 2012 at 09:49:35PM +, halfdog wrote:
>>> Got a hint via IRC, that I should not send patch idea for review
>>> to "generic" list, but to maintainers and last (or relevant)
>>> comit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
halfdog wrote:
> I have observed a strange guest kernel crash in virtualbox and are
> currently trying to understand it. Since I have no real 32-bit
> Intel platform any more, I cannot verify that this crash would
> happen on native 32
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Kirill A. Shutemov wrote:
> On Wed, Aug 22, 2012 at 09:49:35PM +0000, halfdog wrote:
>> Got a hint via IRC, that I should not send patch idea for review
>> to "generic" list, but to maintainers and last (or releva
st for the records
halfdog wrote:
> halfdog wrote:
>> I'm searching for a patch for linux kernel stack disclosure in
>> binfmt_script with crafted interpreter names when CONFIG_MODULES
>> is active (see [1]).
>
> Please disregard my previous proposal [2], since
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
halfdog wrote:
> I'm searching for a patch for linux kernel stack disclosure in
> binfmt_script with crafted interpreter names when CONFIG_MODULES
> is active (see [1]).
Please disregard my previous proposal [2], since it did not addre
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I'm searching for a patch for linux kernel stack disclosure in
binfmt_script with crafted interpreter names when CONFIG_MODULES is
active (see [1]).
The simplest solution would be to return an error in load_script (from
fs/binfmt_script.c). when maxim
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I have observed a strange guest kernel crash in virtualbox and are
currently trying to understand it. Since I have no real 32-bit Intel
platform any more, I cannot verify that this crash would happen on
native 32bit also, so perhaps someone could check
18 matches
Mail list logo
