CVE-2012-0217 - Intel SYSRET FreeBSD Privilege Escalation Exploit Released

2012-07-2420:06:00

The Hacker News

thehackernews.com

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

21.6%

JSON

The Vulnerability reported on 06/12/2012, dubbed as “CVE-2012-0217” - according to that Some 64-bit operating systems and virtualization software running on Intel CPU hardware are vulnerable to a local privilege escalation attack. The vulnerability may be exploited for local privilege escalation or a guest-to-host virtual machine escape.

FreeBSD/amd64 runs on CPUs from different vendors. Due to varying behaviour of CPUs in 64 bit mode a sanity check of the kernel may be insufficient when returning from a system call. Successful exploitation of the problem can lead to local kernel privilege escalation, kernel data corruption and/or crash.

Inj3ct0r team today released related private exploit on their website, which allow normal FreeBSD users to Privilege Escalation. All systems running 64 bit Xen hypervisor running 64 bit PV guests onIntel CPUs are vulnerable to this issue.

However FreeBSD/amd64 running on AMD CPUs is not vulnerable to thisparticular problem.Systems with 64 bit capable CPUs, but running the 32 bit FreeBSD/i386kernel are not vulnerable, nor are systems running on differentprocessor architectures.

Download the relevant patch from the location below: