[FREEBSD:521CE804-52FD-11E8-9123-A4BADB2F4699] FreeBSD -- Mishandling of x86 debug exceptions
Severity
High
Affected Packages
1
CVEs
1
Problem Description:
The MOV SS and POP SS instructions inhibit debug exceptions
until the instruction boundary following the next instruction.
If that instruction is a system call or similar instruction
that transfers control to the operating system, the debug
exception will be handled in the kernel context instead of
the user context.
Impact:
An authenticated local attacker may be able to read
sensitive data in kernel memory, control low-level operating
system functions, or may panic the system.
Package | Affected Version |
---|---|
pkg:freebsd/FreeBSD-kernel | < 11.1_10 |
- ID
- FREEBSD:521CE804-52FD-11E8-9123-A4BADB2F4699
- Severity
- high
- Severity from
- CVE-2018-8897
- URL
- http://vuxml.freebsd.org/freebsd/521ce804-52fd-11e8-9123-a4badb2f4699.html
- Published
-
2018-05-08T00:00:00
(6 years ago) - Modified
-
2018-05-08T00:00:00
(6 years ago) - Rights
- FreeBSD VuXML Security Team
- Other Advisories
-
- ALAS-2018-1023
- ALAS2-2018-1023
- ALPINE:CVE-2018-8897
- DSA-4196-1
- DSA-4201-1
- ELSA-2018-1318
- ELSA-2018-1319
- ELSA-2018-4096
- ELSA-2018-4097
- ELSA-2018-4098
- ELSA-2018-4219
- FEDORA-2018-1a467757ce
- FEDORA-2018-5521156807
- FEDORA-2018-683dfde81a
- FEDORA-2018-73dd8de892
- FEDORA-2018-7cd077ddd3
- FEDORA-2018-915602df63
- FEDORA-2018-98684f429b
- FEDORA-2018-a7862a75f5
- FEDORA-2018-a7ac26523d
- FEDORA-2018-aec846c0ef
- FEDORA-2018-d3cb6f113c
- FEDORA-2018-f20a0cead5
- FEDORA-2018-fe24359b69
- FEDORA-2019-bce6498890
- MS:CVE-2018-8897
- RHSA-2018:1318
- RHSA-2018:1319
- RHSA-2018:1355
- SUSE-SU-2018:1171-1
- SUSE-SU-2018:1172-1
- SUSE-SU-2018:1173-1
- SUSE-SU-2018:1173-2
- SUSE-SU-2018:1177-1
- SUSE-SU-2018:1181-1
- SUSE-SU-2018:1184-1
- SUSE-SU-2018:1202-1
- SUSE-SU-2018:1203-1
- SUSE-SU-2018:1216-1
- SUSE-SU-2018:1220-1
- SUSE-SU-2018:1221-1
- SUSE-SU-2018:1505-1
- SUSE-SU-2018:1506-1
- SUSE-SU-2018:1509-1
- SUSE-SU-2018:1510-1
- SUSE-SU-2018:1511-1
- SUSE-SU-2018:1512-1
- SUSE-SU-2018:1513-1
- SUSE-SU-2018:1514-1
- SUSE-SU-2018:1516-1
- SUSE-SU-2018:1517-1
- SUSE-SU-2018:1518-1
- SUSE-SU-2018:1519-1
- SUSE-SU-2018:1520-1
- SUSE-SU-2018:1521-1
- SUSE-SU-2018:1522-1
- SUSE-SU-2018:1523-1
- SUSE-SU-2018:1524-1
- SUSE-SU-2018:1526-1
- SUSE-SU-2018:1528-1
- SUSE-SU-2018:1529-1
- SUSE-SU-2018:1530-1
- SUSE-SU-2018:1531-1
- SUSE-SU-2018:1532-1
- SUSE-SU-2018:1533-1
- SUSE-SU-2018:1534-1
- SUSE-SU-2018:1535-1
- SUSE-SU-2018:1536-1
- SUSE-SU-2018:1537-1
- SUSE-SU-2018:1538-1
- SUSE-SU-2018:1539-1
- SUSE-SU-2018:1540-1
- SUSE-SU-2018:1541-1
- SUSE-SU-2018:1543-1
- SUSE-SU-2018:1545-1
- SUSE-SU-2018:1546-1
- SUSE-SU-2018:1548-1
- SUSE-SU-2018:1549-1
- SUSE-SU-2018:1636-1
- SUSE-SU-2018:1637-1
- SUSE-SU-2018:1639-1
- SUSE-SU-2018:1640-1
- SUSE-SU-2018:1641-1
- SUSE-SU-2018:1642-1
- SUSE-SU-2018:1643-1
- SUSE-SU-2018:1644-1
- SUSE-SU-2018:1645-1
- SUSE-SU-2018:1648-1
- SUSE-SU-2018:3230-1
- USN-3641-1
- USN-3641-2
- VU:631579
- XSA-260
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:freebsd/FreeBSD-kernel | FreeBSD-kernel | < 11.1_10 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |