INFRA
INFRA
INFRA
Most operating systems add vulnerability based on ‘misunderstanding’
In an age when tech companies are obsessed with diversity, all operating system makers, nearly without fail, have delivered the ultimate equal-opportunity error.
In particular, they introduced a serious vulnerability that is being described by many as a “misunderstanding” of Intel Corp. and Advanced Micro Devices Inc. documentation.
The vulnerability, introduced by way of an update that so far applies to Windows, macOS, Linux in multiple distributions, FreeBSD and others, relates to a hardware debug mechanism that allows potential hackers to crash computers or to read sensitive data in memory.
In relation to Intel chips, CERT said in an advisory Tuesday that “in certain circumstances after the use of certain Intel x86-64 architecture instructions, a debug exception pointing to data in a lower ring (for most operating systems, the kernel Ring 0 level) is made available to operating system components running in Ring 3.”
According to IT News, the OS-level issue involves the ability of assembly code POP SS and MOV SS instructions to be executed by malicious actors, followed immediately by a software-generated interrupt or SYSCALL. That triggers a hardware debug exception running at the highest-level kernel privilege with full access to all parts of the computer.
Explaining the issue further, Red Hat Inc. noted that “generally, exceptions are raised at the instruction boundary; all instructions before the one causing the exception are allowed to complete and the one causing the exception is stalled, so that it can resume execution once the exception has been handled.”
The good news is that most operating system makers have issued patches to counter the issue — so far Apple, DragonFly BSD, FreeBSD, Microsoft, Red Hat, SUSE Linux, Ubuntu, VMware and Xen.
That a vulnerability could be introduced via an alleged “misunderstanding” of advice from Intel is another matter. The fact that Intel, AMD, CERT and operating system makers all coordinated to patch the vulnerability is the positive takeaway, but ultimately it should never have gotten to this point to begin with.
Image: U.S. Air Force
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
