Executive Summary
Summary | |
---|---|
Title | Hardware debug exception documentation may result in unexpected behavior |
Informations | |||
---|---|---|---|
Name | VU#631579 | First vendor Publication | 2018-05-08 |
Vendor | VU-CERT | Last vendor Modification | 2018-06-06 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#631579Hardware debug exception documentation may result in unexpected behaviorOverviewIn some circumstances, some operating systems or hypervisors may not expect or properly handle an Intel architecture hardware debug exception. The error appears to be due to developer interpretation of existing documentation for certain Intel architecture interrupt/exception instructions, namely MOV SS and POP SS. Description
Impact
Solution
Vendor Information (Learn More)
CVSS Metrics (Learn More)
References
CreditMicrosoft and Intel credit Nick Peterson of Everdox Tech, LLC, for responsibly reporting this vulnerability and working with the group on coordinated disclosure. Andy Lutomirski is also credited for assistance in documenting the vulnerability for Linux. This document was written by Garret Wassermann. Other Information
FeedbackIf you have feedback, comments, or additional information about this vulnerability, please send us email. |
Original Source
Url : http://www.kb.cert.org/vuls/id/631579 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-362 | Race Condition |
CPE : Common Platform Enumeration
Snort® IPS/IDS
Date | Description |
---|---|
2018-07-10 | Microsoft Windows Interrupt Service Routine stack rollback attempt RuleID : 46910 - Revision : 2 - Type : INDICATOR-COMPROMISE |
2018-07-10 | Microsoft Windows Interrupt Service Routine stack rollback attempt RuleID : 46909 - Revision : 2 - Type : INDICATOR-COMPROMISE |
2018-07-10 | Microsoft Windows processor modification return to user-mode attempt RuleID : 46908 - Revision : 2 - Type : INDICATOR-COMPROMISE |
2018-07-10 | Microsoft Windows processor modification return to user-mode attempt RuleID : 46907 - Revision : 2 - Type : INDICATOR-COMPROMISE |
2018-07-10 | Microsoft Windows malicious CONTEXT structure creation attempt RuleID : 46906 - Revision : 2 - Type : INDICATOR-COMPROMISE |
2018-07-10 | Microsoft Windows malicious CONTEXT structure creation attempt RuleID : 46905 - Revision : 2 - Type : INDICATOR-COMPROMISE |
2018-07-10 | Microsoft Windows SYSTEM token stealing attempt RuleID : 46904 - Revision : 2 - Type : INDICATOR-COMPROMISE |
2018-07-10 | Microsoft Windows SYSTEM token stealing attempt RuleID : 46903 - Revision : 2 - Type : INDICATOR-COMPROMISE |
2018-07-03 | Microsoft Windows kernel privilege escalation attempt RuleID : 46835 - Revision : 1 - Type : OS-WINDOWS |
2018-07-03 | Microsoft Windows kernel privilege escalation attempt RuleID : 46834 - Revision : 1 - Type : OS-WINDOWS |
2018-07-03 | Microsoft Windows ROP gadget locate attempt RuleID : 46833 - Revision : 1 - Type : OS-WINDOWS |
2018-07-03 | Microsoft Windows ROP gadget locate attempt RuleID : 46832 - Revision : 1 - Type : OS-WINDOWS |
2018-07-03 | Microsoft Windows kernel privilege escalation attempt RuleID : 46831 - Revision : 1 - Type : OS-WINDOWS |
2018-07-03 | Microsoft Windows kernel privilege escalation attempt RuleID : 46830 - Revision : 1 - Type : OS-WINDOWS |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2019-01-03 | Name : The remote Fedora host is missing a security update. File : fedora_2018-a7ac26523d.nasl - Type : ACT_GATHER_INFO |
2018-11-13 | Name : The remote Debian host is missing a security update. File : debian_DLA-1577.nasl - Type : ACT_GATHER_INFO |
2018-11-02 | Name : The remote device is missing a vendor-supplied security patch. File : f5_bigip_SOL17403481.nasl - Type : ACT_GATHER_INFO |
2018-09-18 | Name : The remote EulerOS Virtualization host is missing multiple security updates. File : EulerOS_SA-2018-1270.nasl - Type : ACT_GATHER_INFO |
2018-09-18 | Name : The remote EulerOS Virtualization host is missing multiple security updates. File : EulerOS_SA-2018-1263.nasl - Type : ACT_GATHER_INFO |
2018-08-17 | Name : The remote PhotonOS host is missing multiple security updates. File : PhotonOS_PHSA-2018-1_0-0132-a.nasl - Type : ACT_GATHER_INFO |
2018-07-24 | Name : The remote PhotonOS host is missing multiple security updates. File : PhotonOS_PHSA-2018-2_0-0037-a.nasl - Type : ACT_GATHER_INFO |
2018-07-18 | Name : The remote Virtuozzo host is missing multiple security updates. File : Virtuozzo_VZA-2018-048.nasl - Type : ACT_GATHER_INFO |
2018-07-16 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2018-2164.nasl - Type : ACT_GATHER_INFO |
2018-06-05 | Name : The remote host is missing a macOS or Mac OS X security update that fixes mul... File : macosx_SecUpd2018-003.nasl - Type : ACT_GATHER_INFO |
2018-06-05 | Name : The remote host is missing a macOS update that fixes multiple security vulner... File : macos_10_13_5.nasl - Type : ACT_GATHER_INFO |
2018-06-05 | Name : The remote Debian host is missing a security update. File : debian_DLA-1392.nasl - Type : ACT_GATHER_INFO |
2018-05-31 | Name : The remote Virtuozzo host is missing multiple security updates. File : Virtuozzo_VZA-2018-037.nasl - Type : ACT_GATHER_INFO |
2018-05-31 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2018-1318.nasl - Type : ACT_GATHER_INFO |
2018-05-30 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2018-1023.nasl - Type : ACT_GATHER_INFO |
2018-05-30 | Name : The remote Amazon Linux 2 host is missing a security update. File : al2_ALAS-2018-1023.nasl - Type : ACT_GATHER_INFO |
2018-05-29 | Name : The remote Fedora host is missing a security update. File : fedora_2018-7cd077ddd3.nasl - Type : ACT_GATHER_INFO |
2018-05-29 | Name : The remote Debian host is missing a security update. File : debian_DLA-1383.nasl - Type : ACT_GATHER_INFO |
2018-05-17 | Name : The remote Fedora host is missing a security update. File : fedora_2018-98684f429b.nasl - Type : ACT_GATHER_INFO |
2018-05-16 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-4201.nasl - Type : ACT_GATHER_INFO |
2018-05-16 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2018-1121.nasl - Type : ACT_GATHER_INFO |
2018-05-15 | Name : The remote Virtuozzo host is missing multiple security updates. File : Virtuozzo_VZA-2018-029.nasl - Type : ACT_GATHER_INFO |
2018-05-11 | Name : A server virtualization platform installed on the remote host is affected by ... File : citrix_xenserver_CTX234679.nasl - Type : ACT_GATHER_INFO |
2018-05-10 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-4196.nasl - Type : ACT_GATHER_INFO |
2018-05-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2018-1319.nasl - Type : ACT_GATHER_INFO |
2018-05-09 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2018-1119.nasl - Type : ACT_GATHER_INFO |
2018-05-09 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_521ce80452fd11e89123a4badb2f4699.nasl - Type : ACT_GATHER_INFO |
2018-05-09 | Name : The remote EulerOS host is missing multiple security updates. File : EulerOS_SA-2018-1120.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2018-06-20 17:21:12 |
|
2018-06-06 21:18:50 |
|
2018-05-31 00:18:42 |
|
2018-05-21 21:19:01 |
|
2018-05-11 00:18:30 |
|
2018-05-09 21:18:57 |
|
2018-05-09 17:18:37 |
|
2018-05-09 05:17:17 |
|
2018-05-09 00:21:08 |
|
2018-05-09 00:18:23 |
|
2018-05-08 21:18:41 |
|