The Vulnerability reported on 06/12/2012, dubbed as "CVE-2012-0217"
- according to that Some 64-bit operating systems and virtualization
software running on Intel CPU hardware are vulnerable to a local
privilege escalation attack. The vulnerability may be exploited for
local privilege escalation or a guest-to-host virtual machine escape.
FreeBSD/amd64 runs on CPUs from
different vendors. Due to varying behaviour of CPUs in 64 bit mode a
sanity check of the kernel may be insufficient when returning from a
system call. Successful exploitation of the problem can lead to local
kernel privilege escalation, kernel data corruption and/or crash.
Download the relevant patch from the location below:
# fetch http://security.FreeBSD.org/patches/SA-12:04/sysret.patch
# fetch http://security.FreeBSD.org/patches/SA-12:04/sysret.patch.asc
# fetch http://security.FreeBSD.org/patches/SA-12:04/sysret-81.patch
# fetch http://security.FreeBSD.org/patches/SA-12:04/sysret-81.patch.asc
[8.1 if original sysret.patch has been applied]
# fetch http://security.FreeBSD.org/patches/SA-12:04/sysret-81-correction.patch
# fetch http://security.FreeBSD.org/patches/SA-12:04/sysret-81-correction.patch.asc
How to Apply the patch ?
# cd /usr/src
# patch < /path/to/patch
After Recompile your kernel as described and reboot the system and update system
# freebsd-update fetch
# freebsd-update install
Inj3ct0r team today released related private exploit on their website, which
allow normal FreeBSD users to Privilege Escalation. All systems running
64 bit Xen hypervisor running 64 bit PV guests onIntel CPUs are
vulnerable to this issue.
However FreeBSD/amd64 running on
AMD CPUs is not vulnerable to thisparticular problem.Systems with 64
bit capable CPUs, but running the 32 bit FreeBSD/i386kernel are not
vulnerable, nor are systems running on differentprocessor architectures.
Download the relevant patch from the location below:
# fetch http://security.FreeBSD.org/patches/SA-12:04/sysret.patch
# fetch http://security.FreeBSD.org/patches/SA-12:04/sysret.patch.asc
# fetch http://security.FreeBSD.org/patches/SA-12:04/sysret-81.patch
# fetch http://security.FreeBSD.org/patches/SA-12:04/sysret-81.patch.asc
[8.1 if original sysret.patch has been applied]
# fetch http://security.FreeBSD.org/patches/SA-12:04/sysret-81-correction.patch
# fetch http://security.FreeBSD.org/patches/SA-12:04/sysret-81-correction.patch.asc
How to Apply the patch ?
# cd /usr/src
# patch < /path/to/patch
After Recompile your kernel as described and reboot the system and update system
# freebsd-update fetch
# freebsd-update install
No comments:
Post a Comment
Please Stop Spamming , Swearing And Abusing.