[Code-Crunchers] Fwd: [funsec] Description of the Intel CPU bugs

Gadi Evron ge at linuxbox.org
Thu Jun 28 11:05:22 CDT 2007 

On 2007-06-28 17:54+0200, Sebastian Krahmer wrote:
>On Thu, 28 Jun 2007, Gadi Evron wrote:
>
>Fun indeed :-) #AI88 is what all the honeypots should
>fear ;-)

These patches in most cases would be work-arounds for
stability/replacement functionality. They can be bypassed. This is a
real patch, band-aid like. Or am I wrong?


>
>l8er,
>S.
>
>> ----- Forwarded message from "Richard M. Smith" <rms at computerbytesman.com> -----
>> 
>> From: "Richard M. Smith" <rms at computerbytesman.com>
>> To: funsec at linuxbox.org
>> Date: Thu, 28 Jun 2007 09:33:09 -0400
>> Subject: [funsec] Description of the Intel CPU bugs
>> 
>> http://marc.info/?l=openbsd-misc
>> <http://marc.info/?l=openbsd-misc&m=118296441702631> &m=118296441702631
>>  
>> List:        <http://marc.info/?l=openbsd-misc&r=1&w=2> openbsd-misc
>> Subject:     <http://marc.info/?t=118296457100003&r=1&w=2> Intel Core 2
>> From:        <http://marc.info/?a=90366097200024&r=1&w=2> Theo de Raadt
>> <deraadt () cvs ! openbsd ! org>
>> Date:        <http://marc.info/?l=openbsd-misc&r=1&w=2&b=200706> 2007-06-27
>> 17:08:16
>> Message-ID:
>> <http://marc.info/?i=200706271708.l5RH8GkK024621%20()%20cvs%20!%20openbsd%20
>> !%20org> 200706271708.l5RH8GkK024621 () cvs ! openbsd ! org
>> [ <http://marc.info/?l=openbsd-misc&m=118296441702631&q=raw> Download
>> message RAW]
>> 
>> Various developers are busy implimenting workarounds for serious bugs
>> in Intel's Core 2 cpu.
>> 
>> These processors are buggy as hell, and some of these bugs don't just
>> cause development/debugging problems, but will *ASSUREDLY* be
>> exploitable from userland code.
>> 
>> As is typical, BIOS vendors will be very late providing workarounds /
>> fixes for these processors bugs.  Some bugs are unfixable and cannot
>> be worked around.  Intel only provides detailed fixes to BIOS vendors
>> and large operating system groups.  Open Source operating systems are
>> largely left in the cold.
>> 
>> ...
>> 
>>  
>> 
>> _______________________________________________
>> Fun and Misc security discussion for OT posts.
>> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
>> Note: funsec is a public and open mailing list.
>> 
>> ----- End forwarded message -----
>> 
>> 
>
>-- 
>~
>~ perl self.pl
>~ $_='print"\$_=\47$_\47;eval"';eval
>~ krahmer at suse.de - SuSE Security Team
>~ SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)

-- 
--
"beepbeep it, i leave work, stop reading sec lists and im still hearing
gadi"
- HD Moore to Gadi Evron on IM, on Gadi's interview on npr, March 2007.

More information about the Code-Crunchers mailing list