MNBSD-2008-8: amd64 swapgs mishandling on General Protection Fault mixes kernel and userland state

Severity: Unknown

Affected Package: kernel

Summary: amd64 swapgs mishandling on General Protection Fault mixes kernel and userland state

Description

On amd64/EM64T systems, if a General Protection Fault occurred while returning from an interrupt, trap, or system call, the swapgs CPU instruction could be executed one extra time, mixing userland and kernel state and allowing local privilege escalation. The patch was released after 0.2.1-RELEASE; users were advised to update to RELENG_0_2 or CURRENT. This corresponds to FreeBSD-SA-08:07.amd64.

Affected Versions

kernel

Recommendations

No specific recommendations provided.

References

Additional Information

Aliases: CVE-2008-3890

Published: September 04, 2008
Last Modified: September 04, 2008