[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [Bug 1813201] [NEW] QEMU TCG i386 / x86_64 system emula
From: |
halfdog |
Subject: |
Re: [Qemu-devel] [Bug 1813201] [NEW] QEMU TCG i386 / x86_64 system emulation crash when executing int instruction |
Date: |
Wed, 30 Jan 2019 18:06:12 +0000 |
Alberto Ortega writes:
> Public bug reported:
>
> QEMU version:
> -------------
>
> qemu from git, master branch commit
> d058a37a6e8daa8d71a6f2b613eb415b69363755
>
> Release versions are also affected.
>
> Summary:
> --------
>
> QEMU i386 and x86_64 system emulation crash when executing the following
> "int" instruction:
>
> cd08 int 8
>
> This generates a kernel NULL pointer dereference error in Linux, and a
> BSOD error in Windows.
>
> No special permissions are required to execute the instruction, any
> unprivileged user can execute it.
> ...
Funny. Does Qemu share code with VirtualBox? If so, a similar
missing CPL==0 check was fixed in Virtualbox 7 years ago.
https://www.halfdog.net/Security/2012/VirtualBoxSoftwareInterrupt0x8GuestCrash/