oss-security - Re: CVE request: kernel: perf, x86: fix Intel fixed counters base initialization

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [day] [month] [year] [list]

Date: Wed, 06 Jul 2011 11:58:01 +0530
From: Huzaifa Sidhpurwala <huzaifas@...hat.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE request: kernel: perf, x86: fix Intel fixed
 counters base initialization

On 07/06/2011 11:54 AM, Eugene Teo wrote:
> The following patch solves the problems introduced by Robert's commit
> 41bf498 and reported by Arun Sharma. This commit gets rid of the base +
> index notation for reading and writing PMU msrs.
> 
> The problem is that for fixed counters, the new calculation for the base
> did not take into account the fixed counter indexes, thus all fixed
> counters were read/written from fixed counter 0.  Although all fixed
> counters share the same config MSR, they each have their own counter
> register.
> 
> This can cause a local denial of service.
> 
> Upstream commit:
> http://git.kernel.org/linus/fc66c5210ec2539e800e87d7b3a985323c7be96e
> 
> Introduced in:
> http://git.kernel.org/linus/41bf498949a263fa0b2d32524b89d696ac330e94
> 
> Reference:
> https://bugzilla.redhat.com/show_bug.cgi?id=719228
> 
> Thanks, Eugene

Please use CVE-2011-2521

-- 
Huzaifa Sidhpurwala / Red Hat Security Response Team

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.