#2301 closed defect (fixed)
DF variable out of sync with RFLAGS after the SYSCALL instruction
| 回報者: | Jakub Jermar | 負責人: | |
|---|---|---|---|
| 元件: | other | 版本: | VirtualBox 2.0.2 |
| 關鍵字: | rflags, syscall | 副本: | |
| Guest type: | other | Host type: | other |
描述
Masking off the DF flag from the RFLAGS register during the SYSCALL instruction by specifying the DF bit in the SFMASK register doesn't work because the DF variable doesn't get updated. This bug allows a malicious userspace code to damage kernel memory on systems which rely on proper functionality of the SYSCALL instruction and the SFMASK register. Note that the same bug existed in qemu and was fixed in revision 4120:
http://svn.savannah.gnu.org/viewvc?view=rev&root=qemu&revision=4120
注意:
瀏覽 TracTickets
來幫助您使用待辦事項功能
Fixed. Note that it was quite unlikely to hit this bug in the first place in VirtualBox. Syscall would only in very rare cases be executed in the recompiler.
Thanks for reporting it.