Last week, the U.S. Computer Emergency Readiness Team (US-CERT) reported a vulnerability, on Intel CPU hardware, that could lead to a privilege escalation attack on some 64-bit operating systems and virtualization softwares running on Intel CPU hardware.
In these years many security flaws have affected different virtualization platforms but this episode is remarkable because, originated at the CPU level, affects many different systems and not just a single vendor.
Two days ago US-CERT updated the list of the affected systems, that includes Windows 7, Windows Server 2008 R2, FreeBSD and NetBSD as well as Xen hypervisor, that we report in a “per Vendor” grouping:
- Citrix Affected
- FreeBSD Project Affected
- Intel Corporation Affected
- Joyent Affected
- Microsoft Corporation Affected
- NetBSD Affected
- Oracle Corporation Affected
- Red Hat, Inc. Affected
- SUSE Linux Affected
- Xen Affected
- AMD Not Affected
- Apple Inc. Not Affected
- VMware Not Affected
- Debian GNU/Linux Unknown
- Fedora Project Unknown
- Gentoo Linux Unknown
- Hewlett-Packard Company Unknown
- IBM Corporation Unknown
- Parallels Holdings Ltd Unknown
- Slackware Linux Inc. Unknown
- Ubuntu Unknown
Intel claims that this vulnerability is a software implementation issue, as their processors are functioning as per their documented specifications. However, software that does not take the unsafe SYSRET behavior specific to Intel processors into account may be vulnerable.
Wrote US-CERT in its security advisory, fortunately, VMware vSphere, which is still the most common hypervisor in the companies, does not seem to be affected from this problem.