Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Possible VT-x enabled Intel CPU Crash Vulnerability
From: unknown user <mac68k () gmail com>
Date: Wed, 31 Mar 2010 01:24:49 +0900

Title:
Possible VT-x enabled Intel CPU Crash Vulnerability

Author:
Kil13r - http://www.kil13r.info/

Local / Remote:
Local (Confirmed)

Time line:
2009/03/08 - Discover
2009/07/25 - Vendor notification
2010/03/30 - Release

Affected version:
Maybe all VT-x enabled Intel CPU
(Tested under Intel Core 2 Duo T7400 Stepping B1 (VT-x enabled), Intel
Core 2 Duo T7500 Stepping G0 (VT-x enabled))

Not affected version:
All VT-x disabled Intel CPU

Description:
VT-x enabled Intel CPU have possible crash(hang or reboot) vulnerability.
Vulnerability can triggered by coLinux 0.7.4 and VirtualBox 3.0.2.

Proof of Concept code:
None

Proof of Concept example:

1. Case 1
1) Install and run any Windows(Windows 7 recommended) x86(32bit) host OS.
2) Install any VT-x enable VM(Windows Virtual PC Beta recommended)
3) Install any VT-x enable VM guest.
4) Install coLinux.
5) Install any coLinux guest.
6) Run both.

2. Case 2
1) Install and run any(Windows or Linux recommended) x86(32bit) host OS.
2) Install and run VirtualBox.
3) Install and run any x64(64bit) guest OS on VirtualBox.

Proof of Concept screen shot:
None

References:
1) Sun xVM VirtualBox 3.0.2 User Manual [64-bit guest on some 32-bit
host systems with VT-x, p.213] -
http://download.virtualbox.org/virtualbox/3.0.2/UserManual.pdf
2) Problems with 32bit ubuntu host and 64bit RH5.3 guest -
http://www.virtualbox.org/ticket/3558
3) slackware64 (64bit) guest hangs slackware (32bit) host during
installation - http://www.virtualbox.org/ticket/4074
4) Snapshot 20090520 of version 0.8.0 with kernel 2.6.22.18, compiled
with gcc 4.2.1 Detects other virtualization that is running in VMX
mode (Virtual Box and Virtual PC). - http://colinux.org/snapshots/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
  • Possible VT-x enabled Intel CPU Crash Vulnerability unknown user (Mar 31)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]