Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce: Linux kernel, denial of service via KVM and BIOS 80

May 2009 by Vigil@nce


An attacker in a KVM environment can write to the BIOS port 0x80
in order to stop the system.

Severity: 1/4

Consequences: denial of service of computer

Provenance: user shell

Means of attack: no proof of concept, no attack

Ability of attacker: expert (4/4)

Confidence: confirmed by the editor (5/5)

Diffusion of the vulnerable configuration: medium (2/3)

Creation date: 19/05/2009

IMPACTED PRODUCTS

 Linux kernel

DESCRIPTION OF THE VULNERABILITY

The BIOS can be accessed via input/output ports:

 0x20, 21, A0, A1 : PIC (Programmable Interrupt Controller) to
parameter IRQ
 0x60, 64 : keyboard data and control
 0x80 : last POST (Power-On Self Test) code, which indicates the
error code of the last action:
+ 0x28 : testing memory
+ 0x95 : keyboard self test
+ etc.
+ 0x00 : ready to boot
- etc.

The port 0x80 can only be read. However, some computers are
bugged, and stop when user writes to the port 0x80.

The standard Linux kernel does not allow a user to write to the
port 0x80. However, KVM (Kernel Virtual Machine) allows it.

An attacker located in a guest KVM can thus stop the host system.

CHARACTERISTICS

Identifiers: BID-35000, VIGILANCE-VUL-8721
http://vigilance.fr/vulnerability/Linux-kernel-denial-of-service-via-KVM-and-BIOS-80-8721


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts