From owner-freebsd-hackers@FreeBSD.ORG Thu Jul 12 16:36:08 2012 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 200D2106566C for ; Thu, 12 Jul 2012 16:36:08 +0000 (UTC) (envelope-from bcrisp@crispernetworks.com) Received: from mail-vc0-f182.google.com (mail-vc0-f182.google.com [209.85.220.182]) by mx1.freebsd.org (Postfix) with ESMTP id C72BE8FC14 for ; Thu, 12 Jul 2012 16:36:07 +0000 (UTC) Received: by vcbf1 with SMTP id f1so1942785vcb.13 for ; Thu, 12 Jul 2012 09:36:07 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type :x-gm-message-state; bh=3d3FTxIiz3laFgUmzT9chtPi169n0nZUiK0ZuapXDgA=; b=ZrI8LEjXpS6f32Vm5Yn6ETpIEOCYQM0ThiB+34k7yFVi0FLAWjZ0uCkMtxN/d22xMf 4tekuFATfJtnEdKG9Nt6ouUH5tt8fswmLTOQnkuTvYPAyA8qlHmKh/k56MRqvf9PgPZX FONZsTdPuiL5J528+Gao2LtxMJ6RPvzn60Nl9zfy1XmnKX7ux/49FcsSqEAmocq74xpj uiKlUyPA/Dg5CGcO/BsuZMzWVvJFCas0p8APWr8luoCSd4BkeBh7SDzxl0A1/VbFfoVX hM1vUe6mGIM0ljPHFpmjlWcJksxMooICufJx6ef6UQG+6B+mwWDATInh2GxRA/QWJqYu L8cA== MIME-Version: 1.0 Received: by 10.52.92.70 with SMTP id ck6mr22270442vdb.16.1342110967202; Thu, 12 Jul 2012 09:36:07 -0700 (PDT) Received: by 10.58.216.6 with HTTP; Thu, 12 Jul 2012 09:36:07 -0700 (PDT) Date: Thu, 12 Jul 2012 12:36:07 -0400 Message-ID: From: Bill Crisp To: freebsd-hackers@freebsd.org X-Gm-Message-State: ALoCoQnMbHO8ZZLnqLSqDQobbznZAufVFHMhYQzoDA7k91Y/erVB4Cxfskf/BkPfNSSm/f8AawiK Content-Type: text/plain; charset=ISO-8859-1 X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: CVE-2012-0217 Intel's sysret Kernel Privilege Escalation and FreeBSD 6.2/6.3 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Jul 2012 16:36:08 -0000 Good Morning! This was also posted to the FreeBSD forums: I have been researching CVE-2012-0217 and while I have patched the kernels on servers with 7.3/8.2 that I have, I would like to see if anyone knows for sure if 6.2/6.3 are also vulnerable? I am aware that those kernels are out of support from looking at the documentation. I have looked at the code in trap.c to see if the current patch would work with 6.3 source but it won't based on what I saw. I am also aware of upgrading as an option to resolve this unfortunately in some cases I have this is not possible right now. Any help would be greatly appreciated, and I can of course test anything that might need it. Thanks!