Privilege escalation vulnerability on Intel CPU hardware
Overview
Some 64-bit operating systems and virtualization software running on Intel CPU hardware are vulnerable to a local privilege escalation attack. The vulnerability may be exploited for local privilege escalation or a guest-to-host virtual machine escape.
Intel claims that this vulnerability is a software implementation issue, as their processors are functioning as per their documented specifications. However, software that fails to take the Intel-specific SYSRET behavior into account may be vulnerable.
منبع و اطلاعات بیشتر !
پاسخ : Privilege escalation vulnerability on Intel CPU hardware
میشه یکی از اساتید این رو برسی کند و یک توضیح اجمالی بده تشکر
پاسخ : Privilege escalation vulnerability on Intel CPU hardware
نقل قول:
نوشته اصلی توسط
smartieuser
Overview
Some 64-bit operating systems and virtualization software running on Intel CPU hardware are vulnerable to a local privilege escalation attack. The vulnerability may be exploited for local privilege escalation or a guest-to-host virtual machine escape.
Intel claims that this vulnerability is a software implementation issue, as their processors are functioning as per their documented specifications. However, software that fails to take the Intel-specific SYSRET behavior into account may be vulnerable.
منبع و اطلاعات بیشتر !
بابت اطلاع رسانی ممنون!
اما اونجوری که گفته vmware esxi از این مشکل تاثیر پذیری نداره و کاربران xen و محصولات مایکروسافت مشکل دارند که باید بر اساس دستورالعمل شرکت سازنده نرم افزار اقدام کنند
پاسخ : Privilege escalation vulnerability on Intel CPU hardware
Dear User,
During the night of 30.06.2012 to 01.07.2012 our internal
monitoring systems registered an increase in the level of
IT power usage by approximately one megawatt.
The reason for this huge surge is the additional switched
leap second which can lead to permanent CPU load on Linux
servers.
According to heise.de, various Linux distributions are
affected by this. Further information can be found at:
Leap second: Linux can freeze - The H Open: News and Features
In order to reduce CPU load to a normal level again, a
restart of the whole system is necessary in many cases.
First, a soft reboot via the command line should be
attempted. Failing that, you have the option of performing
a hardware reset via the Robot administration interface.
For this, select menu item "Server" and the "Reset" tab
for the respective server in the administration interface.
Please do not hesitate to contact us, should you have any
queries.
Kind regards,
Hetzner Online AG
هه هه
