NewsSecurity Vulnerabilities

Intel x86 Debug Exception Vulnerability [CVE-2018-8897]

Duncan 2135 Views 0 Comments 5 min read

The poor implementation of a statement in Intel’s x86 programming manual can cause privilege escalation or denial-of-service on all operating system (OS) kernels developed using the guide. This vulnerability is caused by mishandling specific CPU instructions detailed in Intel’s Software Developer’s Manual. This vulnerability is present in all systems that implement the Intel x86 architectures, including AMD.

When these instructions are followed by a similar or unexpected instruction it can cause unexpected OS behaviour. In some cases, it will cause the instructions to be executed in the kernel-space instead of the user-space, allowing an attacker to access sensitive kernel data. In others it will cause the kernel to hang whilst executing the instruction.

At the time of publication there are no known exploits of this vulnerability.

This issue is tracked as CVE-2018-8897 and is not remotely exploitable, and an attacker needs to have already infected a PC with malware or must have access to a logged-in account to run the malicious code that exploits this vulnerability.

Vendor Information

Further vendor information can be found here

Affected Software

  • Apple macOS 10.13.4
  • FreeBSD Freebsd 10.4
  • FreeBSD Freebsd 10.4-RELEASE-p3
  • FreeBSD Freebsd 10.4-RELEASE-p6
  • FreeBSD Freebsd 10.4-RELEASE-p8
  • FreeBSD Freebsd 11.1
  • FreeBSD Freebsd 11.1-RELEASE-p4
  • FreeBSD Freebsd 11.1-RELEASE-p7
  • FreeBSD Freebsd 11.1-RELEASE-p9
  • FreeBSD Freebsd 11.2
  • Linux kernel 3.16
  • Linux kernel 3.16.0-28
  • Linux kernel 3.16.1
  • Linux kernel 3.16.2
  • Linux kernel 3.16.36
  • Linux kernel 3.16.6
  • Linux kernel 3.16.7
  • Linux kernel 3.2.1
  • Linux kernel 3.2.12
  • Linux kernel 3.2.13
  • Linux kernel 3.2.2
  • Linux kernel 3.2.23
  • Linux kernel 3.2.24
  • Linux kernel 3.2.38
  • Linux kernel 3.2.42
  • Linux kernel 3.2.44
  • Linux kernel 3.2.50
  • Linux kernel 3.2.51
  • Linux kernel 3.2.52
  • Linux kernel 3.2.53
  • Linux kernel 3.2.54
  • Linux kernel 3.2.55
  • Linux kernel 3.2.56
  • Linux kernel 3.2.57
  • Linux kernel 3.2.60
  • Linux kernel 3.2.62
  • Linux kernel 3.2.63
  • Linux kernel 3.2.63-2
  • Linux kernel 3.2.64
  • Linux kernel 3.2.65
  • Linux kernel 3.2.72
  • Linux kernel 3.2.78
  • Linux kernel 3.2.81
  • Linux kernel 3.2.82
  • Linux kernel 3.2.9
  • Linux kernel 4.1
  • Linux kernel 4.1.1
  • Linux kernel 4.1.15
  • Linux kernel 4.1.4
  • Linux kernel 4.1.47
  • Linux kernel 4.10-rc1
  • Linux kernel 4.10-rc8
  • Linux kernel 4.10.0
  • Linux kernel 4.10.1
  • Linux kernel 4.10.10
  • Linux kernel 4.10.11
  • Linux kernel 4.10.12
  • Linux kernel 4.10.13
  • Linux kernel 4.10.15
  • Linux kernel 4.10.2
  • Linux kernel 4.10.3
  • Linux kernel 4.10.4
  • Linux kernel 4.10.5
  • Linux kernel 4.10.6
  • Linux kernel 4.10.7
  • Linux kernel 4.10.8
  • Linux kernel 4.10.9
  • Linux kernel 4.11
  • Linux kernel 4.11.0
  • Linux kernel 4.11.1
  • Linux kernel 4.11.2
  • Linux kernel 4.11.3
  • Linux kernel 4.11.4
  • Linux kernel 4.11.5
  • Linux kernel 4.11.7
  • Linux kernel 4.11.8
  • Linux kernel 4.11.9
  • Linux kernel 4.12
  • Linux kernel 4.12-rc1
  • Linux kernel 4.12.1
  • Linux kernel 4.12.10
  • Linux kernel 4.12.2
  • Linux kernel 4.12.3
  • Linux kernel 4.12.4
  • Linux kernel 4.12.9
  • Linux kernel 4.13
  • Linux kernel 4.13.1
  • Linux kernel 4.13.10
  • Linux kernel 4.13.11
  • Linux kernel 4.13.2
  • Linux kernel 4.13.3
  • Linux kernel 4.13.4
  • Linux kernel 4.13.5
  • Linux kernel 4.13.6
  • Linux kernel 4.13.7
  • Linux kernel 4.13.8
  • Linux kernel 4.13.9
  • Linux kernel 4.14
  • Linux kernel 4.14.1
  • Linux kernel 4.14.10
  • Linux kernel 4.14.11
  • Linux kernel 4.14.13
  • Linux kernel 4.14.14
  • Linux kernel 4.14.15
  • Linux kernel 4.14.2
  • Linux kernel 4.14.3
  • Linux kernel 4.14.4
  • Linux kernel 4.14.5
  • Linux kernel 4.14.6
  • Linux kernel 4.14.7
  • Linux kernel 4.14.8
  • Linux kernel 4.15
  • Linux kernel 4.15.11
  • Linux kernel 4.15.4
  • Linux kernel 4.15.7
  • Linux kernel 4.15.8
  • Linux kernel 4.15.9
  • Linux kernel 4.16.3
  • Linux kernel 4.4.1
  • Linux kernel 4.4.105
  • Linux kernel 4.4.14
  • Linux kernel 4.4.2
  • Linux kernel 4.4.22
  • Linux kernel 4.4.23
  • Linux kernel 4.4.24
  • Linux kernel 4.4.25
  • Linux kernel 4.4.26
  • Linux kernel 4.4.27
  • Linux kernel 4.4.28
  • Linux kernel 4.4.29
  • Linux kernel 4.4.30
  • Linux kernel 4.4.38
  • Linux kernel 4.4.7
  • Linux kernel 4.9.11
  • Linux kernel 4.9.13
  • Linux kernel 4.9.3
  • Linux kernel 4.9.36
  • Linux kernel 4.9.4
  • Linux kernel 4.9.68
  • Linux kernel 4.9.71
  • Linux kernel 4.9.74
  • Linux kernel 4.9.8
  • Linux kernel 4.9.9
  • Microsoft Windows 10 Version 1607 for 32-bit Systems
  • Microsoft Windows 10 Version 1607 for x64-based Systems
  • Microsoft Windows 10 Version 1803 for 32-bit Systems
  • Microsoft Windows 10 Version 1803 for x64-based Systems
  • Microsoft Windows 10 for 32-bit Systems
  • Microsoft Windows 10 for x64-based Systems
  • Microsoft Windows 10 version 1703 for 32-bit Systems
  • Microsoft Windows 10 version 1703 for x64-based Systems
  • Microsoft Windows 10 version 1709 for 32-bit Systems
  • Microsoft Windows 10 version 1709 for x64-based Systems
  • Microsoft Windows 7 for 32-bit Systems SP1
  • Microsoft Windows 7 for x64-based Systems SP1
  • Microsoft Windows 8.1 for 32-bit Systems
  • Microsoft Windows 8.1 for x64-based Systems
  • Microsoft Windows RT 8.1
  • Microsoft Windows Server 1709
  • Microsoft Windows Server 1803
  • Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1
  • Microsoft Windows Server 2008 R2 for x64-based Systems SP1
  • Microsoft Windows Server 2008 for 32-bit Systems SP2
  • Microsoft Windows Server 2008 for Itanium-based Systems SP2
  • Microsoft Windows Server 2008 for x64-based Systems SP2
  • Microsoft Windows Server 2012
  • Microsoft Windows Server 2012 R2
  • Microsoft Windows Server 2016
  • Redhat Enterprise Linux 6
  • Redhat Enterprise Linux 7
  • Redhat Enterprise Linux Extended Update Support 7.3
  • Redhat Enterprise Linux Long Life 5.9.server
  • Redhat Enterprise Linux Server – Extended Update Support 6.7
  • Redhat Enterprise Linux Server – Extended Update Support 7.4
  • Redhat Enterprise Linux Server TUS 6.6
  • Redhat Enterprise Linux Server TUS 7.2
  • Redhat Enterprise Linux for Real Time for NFV 7
  • Redhat MRG Realtime for RHEL 6 Server 2
  • Synology Dsm 6.0
  • Synology Dsm 6.1
  • Synology SkyNAS
  • Synology Virtual DSM
  • Ubuntu Ubuntu Linux 12.04 ESM
  • Ubuntu Ubuntu Linux 14.04 LTS
  • Ubuntu Ubuntu Linux 16.04 LTS
  • Ubuntu Ubuntu Linux 17.10
  • VMWare Identity Manager
  • VMWare vCenter Server 6.0
  • VMWare vCenter Server 6.5
  • VMWare vCenter Server 6.7
  • VMWare vRealize Automation 6.0
  • VMWare vRealize Automation 6.1
  • VMWare vRealize Automation 6.2
  • VMWare vRealize Automation 6.2.4
  • VMWare vRealize Automation 6.2.4.1
  • VMWare vRealize Automation 6.2.5
  • VMWare vRealize Automation 7.0
  • VMWare vRealize Automation 7.1
  • VMWare vRealize Automation 7.2.0
  • VMWare vRealize Automation 7.3.0
  • VMWare vRealize Automation 7.3.1
  • VMWare vRealize Automation 7.4.0
  • VMWare vSphere Data Protection
  • VMWare vSphere Integrated Containers 1.0
  • VMWare vSphere Integrated Containers 1.1
  • VMWare vSphere Integrated Containers 1.2
  • VMWare vSphere Integrated Containers 1.3
  • VMWare vSphere Integrated Containers 1.3.1

Affected Platforms

  • Microsoft Windows – All versions
  • Apple macOS – All versions
  • Linux – All distributions
  • Xen – All versions
  • FreeBSD





Duncan

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.