CVE-2012-0217 Intel's sysret Kernel Privilege Escalation and
FreeBSD 6.2/6.3
Bill Crisp
bcrisp at crispernetworks.com
Mon Aug 6 13:08:37 UTC 2012
Thanks for the patch!
I gave it a try on a few servers, and saw a big increase in load on the
servers, most of the load comes from apache under normal circumstances and
it that load did go up a lot. I had to roll back the patched kernel and
the load went back to what it normally is. Did you experience anything
similar on any servers? On a server where the load was ~1 it went up with
what seemed to be the same number of requests to something like ~6 or so on
a single core servers. Ones that had higher load already also went up
considerably. Any ideas on what I might be able to do?
Let me know if you have a chance.
On Wed, Jul 18, 2012 at 4:59 PM, James <james at hicag.org> wrote:
> On Wed, Jul 18, 2012 at 3:26 PM, Bill Crisp <bcrisp at crispernetworks.com>
> wrote:
> >
> > Unfortunately I tried to put the code from the patch in place but there
> > seems to be some missing functions in the header file and too many
> > arguments to a function and some other errors below:
>
> Hi Bill. Yes, the patch for >= FreeBSD 7 won't apply directly to
> 6. ksi and the refined SIGBUS traps don't exist yet. Here's how I
> fixed it at work. Using this on multiple releng_6* branches.
>
> HTH!
>
> --
> James.
>
More information about the freebsd-hackers
mailing list